Backport of ansible-collections/community.network#223. (#73909)

changelogs/fragments/community.network-223-no_log-missing.yml

@@ -0,0 +1,4 @@
+security_fixes:
+- "avi_webhook - mark the ``verification_token`` parameter as ``no_log`` to prevent potential leaking of secret values (https://github.com/ansible-collections/community.network/pull/223)."
+- "avi_sslkeyandcertificate - mark the ``enckey_base64`` parameter as ``no_log`` to prevent potential leaking of secret values (https://github.com/ansible-collections/community.network/pull/223)."
+- "avi_cloudconnectoruser - mark the ``azure_userpass``, ``gcp_credentials``, ``oci_credentials``, and ``tencent_credentials`` parameters as ``no_log`` to prevent leaking of secret values (https://github.com/ansible-collections/community.network/pull/223)."

lib/ansible/modules/network/avi/avi_cloudconnectoruser.py

@@ -125,14 +125,14 @@ def main():
                                    choices=['put', 'patch']),
         avi_api_patch_op=dict(choices=['add', 'replace', 'delete']),
         azure_serviceprincipal=dict(type='dict',),
-        azure_userpass=dict(type='dict',),
-        gcp_credentials=dict(type='dict',),
+        azure_userpass=dict(type='dict', no_log=True),
+        gcp_credentials=dict(type='dict', no_log=True),
         name=dict(type='str', required=True),
-        oci_credentials=dict(type='dict',),
+        oci_credentials=dict(type='dict', no_log=True),
         private_key=dict(type='str', no_log=True,),
         public_key=dict(type='str',),
         tenant_ref=dict(type='str',),
-        tencent_credentials=dict(type='dict',),
+        tencent_credentials=dict(type='dict', no_log=True),
         url=dict(type='str',),
         uuid=dict(type='str',),
     )

lib/ansible/modules/network/avi/avi_sslkeyandcertificate.py

@@ -173,7 +173,7 @@ def main():
         certificate_management_profile_ref=dict(type='str',),
         created_by=dict(type='str',),
         dynamic_params=dict(type='list',),
-        enckey_base64=dict(type='str',),
+        enckey_base64=dict(type='str', no_log=True),
         enckey_name=dict(type='str',),
         format=dict(type='str',),
         hardwaresecuritymodulegroup_ref=dict(type='str',),

lib/ansible/modules/network/avi/avi_webhook.py

@@ -110,7 +110,7 @@ def main():
         tenant_ref=dict(type='str',),
         url=dict(type='str',),
         uuid=dict(type='str',),
-        verification_token=dict(type='str',),
+        verification_token=dict(type='str', no_log=True),
     )
     argument_specs.update(avi_common_argument_spec())
     module = AnsibleModule(