TFLOG debug level logging prints out the personal access token used for the operation
Bug Report
As part of troubleshooting an issue, we typically ask users to provide us with a debug
level log of their apply or plan so that we can see what API calls are being made, and what data is being exchanged with GitLab. Naturally, such API calls require authorization, however we do not want to include that authorization information in the logs. Instead of asking people to redact their information before providing the logs, we should update the provider to mask that information automatically.
Relevant Log Output
-----------------------------------------------------: timestamp=2022-12-21T09:48:08.772-0500
2022-12-21T09:48:08.774-0500 [INFO] provider.terraform-provider-gitlab_v3.20.0: 2022/12/21 09:48:08 [DEBUG] GitLab API Request Details:
---[ REQUEST ]---------------------------------------
GET /api/v4/user HTTP/1.1
Host: gitlab.com
User-Agent: go-gitlab
Accept: application/json
Authorization: Bearer glpat-ASDFASDFASDFASDF
Accept-Encoding: gzip
In the above example, the glpat-*
(which is obviously made up) should be masked completely.