Is there an existing issue for this?

• There is no existing issue for this feature

What are you currently unable to do

incus info outputs data that could be considered sensitive like:

• acme.provider.environment containing a secret token
• acme.email containing personal information
• user variables containing secrets
• environment.certificate containing public key (not a secret but fingerprintable)
• environment.certificate_fingerprint

This is only a feature request because the only people able to access that information are incus admins, but dumping incus info-like information might be useful in logs, especially on incus-os (no access to underlying system). And incus info is, helpfully, requested when submitting bug requests.

What do you think would need to be added

I think it would be nice if we could have:

1. an incus verb/flag to provide the same info, edited to remove sensitive keys.
2. Provide a user.secret (or similar) namespace that would be filtered out in the same way (or look for .secret as last element of the key or something along those lines).