Comment 3 for bug 1628031

In the past we've said that secrets logged by default (and this goes to ERROR level, so it qualifies) are vulnerabilities. See https://bugs.launchpad.net/ossa/+bug/1543402 for at least one discussion of that. That example was made public, but I think it was only because the information was already out there.

As for the fix, should we use oslo_utils.strutils.mask_password? The patterns it's currently using wouldn't match this case today, but they could (and probably should?) be updated to match.