Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-71560

BlueOcean is exposing SonarQube token

XMLWordPrintable

      Hi,

      when providing withSonarQubeEnv with access token from Jenkins credentials, default Jenkins logs hide it:

      However, the same stage reveals it in BlueOcean by displaying the full command being executed:

      This should be hidden with asterisks in the same manner as in Jenkins logs.

      And please ensure it is done not just for Sonar but any other similar statements as withcredentials or sshagent (not sure if it is revealed for those too).

            Unassigned Unassigned
            teekwan Darko
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: