disable config.yaml show_diff

To prevent the 'token` secret from leaking into the agent logs.

manifests/config.pp

@@ -3,11 +3,12 @@
   assert_private()
 
   file { '/etc/rancher/rke2/config.yaml':
-    ensure  => file,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0600',
-    content => stdlib::to_yaml($rke2::config),
+    ensure    => file,
+    owner     => 'root',
+    group     => 'root',
+    mode      => '0600',
+    show_diff => false,  # don't print 'token' into logs
+    content   => stdlib::to_yaml($rke2::config),
   }
 
   # The config.yaml.d directory is used by default. As we are using an all-in-one config