When running the deploy command with -l=debug or higher log levels, it appears that secrets manifets and sensitive values are being printed to the log output. This was not present in 0.12. Please advise on how to hide particular manifest files and sensitive values when running garden deploy.

so log.verbose() was added for manifests 5 months ago https://github.com/garden-io/garden/blame/9ecd87bec9c9175b81d39302a44bb3d28b364531/core/src/plugins/kubernetes/kubectl.ts#L114

Hi @many-pizza-75746, I've asked our devs to confirm if this is intended behavior or not.

Hey all This was indeed added to aid debugging and so that users could see the rendered manifest before being applied. I suppose we can just remove the log statement for now and consider re-introducing when we add proper facilities for masking secrets. Out of curiosity though, are these values present in env variables or in actual K8s secret objects?

@many-pizza-75746 @mammoth-flag-56137 The fix above is a quick fix, but in the medium term we also want to offer better facilities to mark values as secrets. feel free to share your thoughts on this feature request with us: https://github.com/garden-io/garden/issues/5666

We create some actual k8s secrets via manifests in garden which dutifully logs those manifests

For our use case they are actual K8S secret objects

@many-pizza-75746 We'll release 0.13.24 soon. If you want to get the updated behaviour already you can update to edge-bonsai