When bootstrapping drone with the DRONE_ADMIN_USER and associated token, it is displayed in the log file of the container for Info and Debug logging. I’ve blanked out the login and token from these entries, but this is what they look like.
Should these perhaps be obfuscated in the logs?
{“admin”:true,“level”:“debug”,“login”:“",“machine”:false,“msg”:“bootstrap: create account”,“time”:“2022-06-11T20:01:07Z”,“token”:"”}
{“admin”:true,“level”:“info”,“login”:“",“machine”:false,“msg”:“bootstrap: account created”,“time”:“2022-06-11T20:01:07Z”,“token”:"”}