Issue

Hello. We are testing semaphore as a solution for our team that will become the hub for launching Ansible playbooks.
One of the main problems is that we need to connect to the hosts using personal accounts.
Therefore, we cannot use keystore to set up authorization credentials, as it is common to all users of the project.
And we found only one way — to put the credentials in extra-vars and set them every time the user needs to run a task.
But all these extra-vars, including those mentioned as "secret", are visible in the process list on the semahore-host for any user, including non-root. And this is a serious security issue for us.
Is it possible to mask these secrets in processes or create a personal keystore for each user, which will be accessible only to the user and no one else, even the administrator? And add the option to select a keystore when starting a task.

Impact

Ansible (task execution)

Installation method

Binary

Database

BoltDB

Browser

No response

Semaphore Version

2.13.14

Ansible Version

2.15.10

Logs & errors

No response

Manual installation - system information

No response

Configuration

No response

Additional information

No response