From 88ad9a7bbfccfd7ac3405df86ceaf37c696031cf Mon Sep 17 00:00:00 2001
From: Mahnoor Asghar <masghar@redhat.com>
Date: Wed, 24 Jul 2024 05:53:13 -0400
Subject: [PATCH] Log node UUID and not entire node instance to avoid logging
 its driver_info field

Change-Id: I07eed090920c777046fe29618d5d8be42618a0f6
---
 ironic/conductor/cleaning.py                               | 2 +-
 ...ve-node-object-from-log-statement-f1b92a8ca26686c2.yaml | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)
 create mode 100644 releasenotes/notes/remove-node-object-from-log-statement-f1b92a8ca26686c2.yaml

diff --git a/ironic/conductor/cleaning.py b/ironic/conductor/cleaning.py
index 7fea76263b..8f8f0020b2 100644
--- a/ironic/conductor/cleaning.py
+++ b/ironic/conductor/cleaning.py
@@ -54,7 +54,7 @@ def do_node_clean(task, clean_steps=None, disable_ramdisk=False):
         how = ('API' if node.automated_clean is False else 'configuration')
         LOG.info('Automated cleaning is disabled via %(how)s, node %(node)s '
                  'has been successfully moved to AVAILABLE state',
-                 {'how': how, 'node': node})
+                 {'how': how, 'node': node.uuid})
         return
 
     # NOTE(dtantsur): this is only reachable during automated cleaning,
diff --git a/releasenotes/notes/remove-node-object-from-log-statement-f1b92a8ca26686c2.yaml b/releasenotes/notes/remove-node-object-from-log-statement-f1b92a8ca26686c2.yaml
new file mode 100644
index 0000000000..93d091f68e
--- /dev/null
+++ b/releasenotes/notes/remove-node-object-from-log-statement-f1b92a8ca26686c2.yaml
@@ -0,0 +1,7 @@
+---
+security:
+  - |
+    Log the node UUID instead of the full node object in
+    ironic/conductor/cleaning.py, to avoid logging the node's driver_info
+    property (containing its BMC username and password).
+