[FEATURE]: Ability to hide stdout & stderr from run actions

[WillDaSilva]

Feature Request

Background / Motivation

Currently I have a run action called render-vals that fetches secrets that'll be used during a Helm deploy action like so:

spec:
  values:
    $merge: ${yamlDecode(actions.run.render-vals.outputs.log)}

This works well, but unfortunately results in all of the secrets being printed to the terminal whenever we run garden deploy (or garden run render-vals). We could avoid this by writing the secrets to a file, but we'd rather avoid having them all saved to disk as that opens up more opportunities for something to go wrong.

What should the user be able to do?

Configure a run action such that stdout and stderr are not printed to the terminal or shown in the Garden dashboard.

Why do they want to do this? What problem does it solve?

It avoids having secret output shown on their screen.

Suggested Implementation(s)

Originally I was thinking that we could add two configuration options: redirect_stdout and redirect_stderr. Then to stdout it you could set redirect_stdout to /dev/null. Unfortunately that would probably prevent actions.run.<name>.outputs.log from working correctly, so maybe a better approach would be to avoid generalizing this feature, and just add boolean toggles: hide_stdout and hide_stderr. They'd be false by default, which would be the current behaviour. When true, the output to the respective stream would still be available via actions.run.<name>.outputs.log, but it would not be printed to the terminal.

How important is this feature for you/your team?

🌹 It’s a nice to have, but nice things are nice 🙂