clean_facts only show variable name (#76974) (#76985)

(cherry picked from commit 47faa6e206ccd697b4050062147a5d3242435597)

2 files changed, 3 insertions, 7 deletions

diff --git a/changelogs/fragments/clean_facts_values.yml b/changelogs/fragments/clean_facts_values.yml
new file mode 100644
index 0000000000..5b7fe04b75
--- /dev/null
+++ b/changelogs/fragments/clean_facts_values.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - cleaning facts will now only warn about the variable name and not post the content, which can be undesireable to disclose
diff --git a/lib/ansible/vars/clean.py b/lib/ansible/vars/clean.py
index 4b89b7b429..58ab645d74 100644
--- a/lib/ansible/vars/clean.py
+++ b/lib/ansible/vars/clean.py
@@ -152,13 +152,7 @@ def clean_facts(facts):
     # then we remove them (except for ssh host keys)
     for r_key in remove_keys:
         if not r_key.startswith('ansible_ssh_host_key_'):
-            try:
-                r_val = to_text(data[r_key])
-                if len(r_val) > 24:
-                    r_val = '%s ... %s' % (r_val[:13], r_val[-6:])
-            except Exception:
-                r_val = ' <failed to convert value to a string> '
-            display.warning("Removed restricted key from module data: %s = %s" % (r_key, r_val))
+            display.warning("Removed restricted key from module data: %s" % (r_key))
             del data[r_key]
 
     return strip_internal_keys(data)