-
Bug
-
Resolution: Unresolved
-
Minor
-
None
I tried to use masking plugin, but it's masking everything, not only the ones I used:
[JENKINS-26421] Password masking is masking even string fields
Marek Knappe
added a comment - I don't pretty new installation of jenkins, should I install that ?
That's my list of plugins in case of need:
Ant Plugin Credentials Plugin Crowd 2 Integration CVS Plug-in Docker plugin Durable Task Plugin Dynamic Parameter Plug-in Extended Choice Parameter Plug-In Extensible Choice Parameter plugin External Monitor Job Type Plugin GIT client plugin Git Parameter Plug-In GIT plugin Git server plugin Javadoc Plugin Jira Issue Updater JIRA plugin JUnit Plugin LDAP Plugin Mailer Plugin MapDB API Plugin Mask Passwords Plugin Matrix Authorization Strategy Plugin Matrix Project Plugin Maven Integration plugin OWASP Markup Formatter Plugin PAM Authentication plugin SCM API Plugin Scriptler SSH Credentials Plugin SSH Slaves plugin Subversion Plug-in Token Macro Plugin Translation Assistance plugin Windows Slaves Plugin
Marek Knappe
added a comment - I don't pretty new installation of jenkins, should I install that ?
That's my list of plugins in case of need:
Ant Plugin
Credentials Plugin
Crowd 2 Integration
CVS Plug-in
Docker plugin
Durable Task Plugin
Dynamic Parameter Plug-in
Extended Choice Parameter Plug-In
Extensible Choice Parameter plugin
External Monitor Job Type Plugin
GIT client plugin
Git Parameter Plug-In
GIT plugin
Git server plugin
Javadoc Plugin
Jira Issue Updater
JIRA plugin
JUnit Plugin
LDAP Plugin
Mailer Plugin
MapDB API Plugin
Mask Passwords Plugin
Matrix Authorization Strategy Plugin
Matrix Project Plugin
Maven Integration plugin
OWASP Markup Formatter Plugin
PAM Authentication plugin
SCM API Plugin
Scriptler
SSH Credentials Plugin
SSH Slaves plugin
Subversion Plug-in
Token Macro Plugin
Translation Assistance plugin
Windows Slaves Plugin
Marek Knappe
added a comment - Is there anything else that i can test or try ? This report is missing the version of Mask Passwords Plugin you're using.
Marek Knappe
added a comment - 2.7.2 Cannot reproduce with a simple job with two parameters (String parameter GIT_USER, value 'foo'; Password parameter GIT_PASSWORD, value 'bar'), and running the `env` command.
However, it seems that the plugin simply ignores the global settings for me. Even if I check the 'String parameter' in global config, GIT_USER=foo still gets shown.
I'm seeing this also. Jenkins 1.595, Mask Password plugin 2.7.2. It's masking string parameters, even simple numbers. See attachment. I've had to turn off password masking on all projects so I had a hope of reading the console logs. I can't disable the envinject plugin and get a build, so I can't tell you what the result is. I've also attached a screenshot of the result of disabling masking, which unfortunately also leaves passwords exposed.
I'm using Jenkins 2.58 with mask password plugin 2.10.1
In "Manage Jenkins"\"Configure System", setting a pair Name/Password in "Mask Passwords - Global name/password pairs" with string password john it happens that every recurrence of it in my job console output, the string is hidden (i.e. http://john-server.domain becomes http://********-server.domain)
Actually this behaviour can be useful. Since parameter "Sonar database password" injected as SONAR_JDBC_PASSWORD is in clear text, creating an equal pair as above, you can force it hidden.
leobq Works as designed, Mask Passwords has absolutely no way of knowing whether what's printed to the build log is a password, and what's not. You tell it "mask every occurrence of this string in output", and it does.
Use a "safe" password like tr0ub4dor&3 and it will never appear as anything but a password you want hidden.
Do you have the envinject plugin installed as well? What happens when you disable that?