gitlab: fix sensitive information disclosure

Normo · Normo · commit 622cc4d2d37c · 2025-12-01T10:53:51.000+01:00
Signed-off-by: Norman Ziegner &lt;n.ziegner@hzdr.de&gt;
diff --git a/roles/gitlab/tasks/check.yml b/roles/gitlab/tasks/check.yml
@@ -23,6 +23,7 @@
     __gitlab_registry_config: "{{ item.registry }}"
   when: "item.registry is defined"
   loop: "{{ gitlab_additional_configurations }}"
+  no_log: "{{ gitlab_hide_sensitive_changes }}"
 
 - name: "Check if database key is defined in registry"
   ansible.builtin.set_fact:
diff --git a/roles/gitlab/tasks/configure.yml b/roles/gitlab/tasks/configure.yml
@@ -31,6 +31,7 @@
       ansible.builtin.set_fact:
         __gitaly_item: "{{ item.gitaly }}"
       with_items: "{{ gitlab_additional_configurations }}"
+      no_log: "{{ gitlab_hide_sensitive_changes }}"
 
     - name: "Check if gitaly['configuration'] is present"
       when:
@@ -39,6 +40,7 @@
       ansible.builtin.set_fact:
         __gitaly_configuration_exists: true
       with_items: "{{ __gitaly_item | default([]) }}"
+      no_log: "{{ gitlab_hide_sensitive_changes }}"
 
     - name: "Warn if gitaly['configuration'] is already present"
       when:
