From e9a0fae22633fffc20134806b6eddc4427afc41e Mon Sep 17 00:00:00 2001
From: Edoardo Tenani <526307+endorama@users.noreply.github.com>
Date: Fri, 10 Jan 2025 09:43:24 +0100
Subject: [PATCH] benchmarks: clean up infra logs (#15198)

The response from curl could contain secrets for the test
ephimeral cluster. There is no need to display it unless
an error occurred, when we may need it for debugging purposes.

(cherry picked from commit 1261584b25b5279b1fcc1e6707dd07d31e708f38)
---
 .../modules/ec_deployment/scripts/enable_features.tftpl    | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/testing/infra/terraform/modules/ec_deployment/scripts/enable_features.tftpl b/testing/infra/terraform/modules/ec_deployment/scripts/enable_features.tftpl
index f3f3d58f0eb..50bc102c7cf 100644
--- a/testing/infra/terraform/modules/ec_deployment/scripts/enable_features.tftpl
+++ b/testing/infra/terraform/modules/ec_deployment/scripts/enable_features.tftpl
@@ -23,7 +23,10 @@ echo $${POLICY} | jq '.item' | \
     jq 'select(.inputs[].policy_template == "apmserver").inputs[].vars.tail_sampling_storage_limit = {"value":"${tail_sampling_storage_limit}","type":"text"}' |\
     jq 'select(.inputs[].policy_template == "apmserver").inputs[].vars.tail_sampling_enabled = {type: "bool", value: ${enable_tail_sampling}}' > policy.json
 
-# Update the policy
-curl -s -H 'content-type: application/json' -H 'kbn-xsrf: true' -X PUT -k -d@policy.json -u $${KIBANA_AUTH} $${KIBANA_ENDPOINT}
+# Update the policy, hide output to prevent secret leakage.
+if ! curl -s -o response.txt -H 'content-type: application/json' -H 'kbn-xsrf: true' -X PUT -k -d@policy.json -u $${KIBANA_AUTH} $${KIBANA_ENDPOINT}; then
+  # If command failed print output to aid troubleshooting.
+  cat response.txt
+fi
 
 rm -f policy.json