I created this ticket six months ago about the the inability to mask secrets that are step outputs (like from Terraform) and them subsequently leaking to logs, no action taken yet...

If anyone has influence to raise visibility of this (Twitter, GitHub, whatever) that would be appreciated :)

https://github.com/actions/runner/issues/475