--removekeywords flag doesn't remove data from the logs if the keyword fails


We are trying to solve a problem where we want to remove sensitive data, like user credentials, from the log file. We know the right answer is to have test accounts used for this purpose, but thats not an option for us.

We were able to solve this issue with the --removekeywords flag, although it fails to remove data from the log if the keyword fails. It’s a little interesting because if use “–removekeywords all”, all keyword data gets removed including failures. But when we use “–removekeywords name:*” and a keyword fails, we can see all of its data and calls to other keywords.

Is there any way to prevent Robot from writing keyword data to the log on failures?

Perhaps this library could be of use:
Snooz82/robotframework-crypto: Robot Framework Library to securely handle credentials. (github.com)

Instead of cleaning afterwards, prevent the sensitive data from being logged plain-text.

Thanks @robinmackaij!

This is a pretty nifty solution, but do you know if there’s a way for it to be run from inside a Python module? I used Builtin().run_keyword(“Get Decrypted Text”, encrypted_string) which was able to decrypt the password, but then it doesn’t get starred out (***) in the logs.