Prevent the password of SYS and SYSTEM password leak

[nblxa]

Setting the tracing -x flag in Bash causes all interpolated shell commands to be printed into stdout including the randomly generated SYS and SYSTEM passwords. This may let readers of image build logs gain elevated access to databases provisioned by El Carro.

This PR temporarily disables the bash tracing for the duration of the CDB creation, then resumes tracing again.

[google-oss-prow]

Hi @nblxa. Thanks for your PR.

I'm waiting for a GoogleCloudPlatform member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[akinfermo]

/ok-to-test

[akinfermo]

Thanks for this improvement! LGTM!

[google-oss-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: akinfermo, nblxa

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [akinfermo]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[nblxa]

Thanks, @akinfermo! As I have no write access to the repo, I let you guys merge.