teststructure.SaveEc2KeyPair exposes the private key in the log output

[RothAndrew]

teststructure.SaveEc2KeyPair exposes the private key in the log output when it logs the marshaled JSON data. This creates a security risk to my project since it is open source and has its pipeline logs exposed publicly. Even though the key pair and the instance that it is attached to only exist for a few minutes it is still a risk.

Suggested Fixes:

• Implement a function such as logger.Use() that would let me switch to the logger.Discard logger while I run the function call, then switch back.
• Update the function definition to let the user specify which logger to use
• Just remove logger.Logf(t, "Marshalled JSON: %s", string(bytes)) from save_test_data.go::SaveTestData()

Visual aids (this is a key pair that has since been deleted)

[RothAndrew]

More possible suggestions:

• Implement different log levels such as DEBUG, TRACE, ERROR, WARNING, etc, and only log that data if the log level is set to debug+
• Modify the function definition to add a parameter discardLogs which switches to logger.Discard.Logf() if the value is true
• Add a new function that adds discardLogs param and deprecate the old one for backward compatibility

[RothAndrew]

Happy to submit a PR for this if any of these suggestions gains traction.

[denis256]

Hi,
can be a good improvement for logs printing, any PRs are welcome