Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-23447

Sensitive build variables recorded in EnvInjectSavable and displayed in EnvInjectAction

    XMLWordPrintable

Details

    Description

      If you have a BuildWrapper which overrides makeSensitiveBuildVariables to specify that its additions are to be considered secret, then add an EnvInjectBuilder which adds some unrelated variables, injectedEnvVars.txt includes the sensitive variables (in plaintext) and /job/.../.../injectedEnvVars/ shows them as well.

      Attachments

        Issue Links

          Activity

            People

              ndeloof Nicolas De Loof
              jglick Jesse Glick
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: