fix that log sensitive infomation in cmd of script

[YLChen-007]

Description

This PR fixes that log sensitive infomation in cmd of cloud.utils.script.Script. #12005

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 4.03%. Comparing base (cd5bb09) to head (1988400).
⚠️ Report is 2 commits behind head on 4.20.

❗ There is a different number of reports uploaded between BASE (cd5bb09) and HEAD (1988400). Click for more details.

HEAD has 1 upload less than BASE

Flag	BASE (cd5bb09)	HEAD (1988400)
unittests	1	0

Additional details and impacted files

@@              Coverage Diff              @@
##               4.20   #12024       +/-   ##
=============================================
- Coverage     17.10%    4.03%   -13.07%     
=============================================
  Files          5255      402     -4853     
  Lines        466415    32713   -433702     
  Branches      54746     5831    -48915     
=============================================
- Hits          79763     1319    -78444     
+ Misses       377768    31239   -346529     
+ Partials       8884      155     -8729     

Flag	Coverage Δ
uitests	4.03% <ø> (?)
unittests	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[DaanHoogland]

@blueorangutan package

[blueorangutan]

@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 15701

[DaanHoogland]

@blueorangutan test

[blueorangutan]

@DaanHoogland a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

[blueorangutan]

[SF] Trillian test result (tid-14794)
Environment: kvm-ol8 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 48295 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12024-t14794-kvm-ol8.zip
Smoke tests completed. 140 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_create_pvlan_network	Error	0.09	test_pvlan.py

[Copilot]

Pull Request Overview

This PR addresses a security issue where sensitive information (such as passwords) was being logged in plain text within the Script class. The fix introduces a new addSensitive() method to mark specific command arguments as sensitive, ensuring they are masked with "******" in logs and command-line representations.

Key changes:

• Added sensitiveArgIndices Set to track which arguments contain sensitive data
• Implemented addSensitive() method for explicitly marking sensitive arguments
• Updated all logging statements throughout the execute() methods to conditionally log sanitized messages when sensitive arguments are present

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 13 comments.

File	Description
Script.java	Core implementation adding sensitive argument tracking and comprehensive logging changes to mask sensitive data
ScriptTest.java	Test cases validating that sensitive arguments are properly masked in command-line output
LibvirtUpdateHostPasswordCommandWrapper.java	Updated to use addSensitive() for password arguments
CitrixUpdateHostPasswordCommandWrapper.java	Updated logging to mask password in debug output

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull Request Overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[DaanHoogland]

@blueorangutan package

[blueorangutan]

@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[DaanHoogland]

@YLChen-007 ,

09:03:01 [ERROR] /jenkins/workspace/acs-centos8-pkg-builder/dist/rpmbuild/BUILD/cloudstack-4.20.3.0-SNAPSHOT/utils/src/main/java/com/cloud/utils/script/Script.java:47:8: Unused import - org.apache.cloudstack.utils.security.KeyStoreUtils. [UnusedImports]

[YLChen-007]

@YLChen-007 ,

09:03:01 [ERROR] /jenkins/workspace/acs-centos8-pkg-builder/dist/rpmbuild/BUILD/cloudstack-4.20.3.0-SNAPSHOT/utils/src/main/java/com/cloud/utils/script/Script.java:47:8: Unused import - org.apache.cloudstack.utils.security.KeyStoreUtils. [UnusedImports]

I will delete this import.

[github-actions]

This pull request has merge conflicts. Dear author, please fix the conflicts and sync your branch with the base branch.

[DaanHoogland]

@blueorangutan package

[blueorangutan]

@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✖️ el8 ✖️ el9 ✖️ debian ✖️ suse15. SL-JID 16497

[DaanHoogland]

@blueorangutan package

[blueorangutan]

@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 16501