-
New Feature
-
Resolution: Unresolved
-
Minor
In a pipeline script when a developer uses `withCredentials` credentials are hidden in logs to reduces the chance of accidental disclosure (see JENKINS-38181)
When using a password parameter in a job the same concept should be applied to it and it should be impossible to display its value in logs
A work-around is to use the MaskPasswordsBuildWrapper but it has to be manually done (and it's a bit crappy)
node { wrap([$class: 'MaskPasswordsBuildWrapper', varPasswordPairs: [[password: "${myPassword}", var: 'PASSWORD']]]) { println myPassword sh 'echo "Hello World ${myPassword}"' } }
.
- relates to
-
JENKINS-27392 API to decorate console output
-
- Resolved
-
-
JENKINS-57717 showRawYaml doesn't work inside podTemplate
-
- Resolved
-
-
JENKINS-36007 Way to mask arbitrary Secret (was: Password is clear on log with input parameter)
-
- Open
-
-
JENKINS-34101 Option for input parameters to be flattened to string
-
- Open
-
-
JENKINS-44779 Add @Symbol to MaskPasswordsBuildWrapper
-
- In Progress
-
[JENKINS-43814] Password parameters should be hidden in pipeline logs by default
Component/s | New: pipeline-model-definition-plugin [ 21706 ] | |
Component/s | Original: pipeline [ 21692 ] |
Link | New: This issue relates to JENKINS-44779 [ JENKINS-44779 ] |
Labels | New: cloudbees-internal-pipeline |
Link | New: This issue is duplicated by JENKINS-36007 [ JENKINS-36007 ] |
Link | Original: This issue is duplicated by JENKINS-36007 [ JENKINS-36007 ] |
Link | New: This issue relates to JENKINS-36007 [ JENKINS-36007 ] |
Component/s | New: mask-passwords-plugin [ 15761 ] | |
Component/s | Original: pipeline-model-definition-plugin [ 21706 ] |
Link |
New:
This issue relates to |
Link | New: This issue relates to HOSTING-679 [ HOSTING-679 ] |
Link |
New:
This issue relates to |