-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
COA displays git credentials in job failure message #231
Comments
gberche-orange
changed the title
COA displays git credentials in job failures message
COA displays git credentials in job failure message
Jan 16, 2019
an alternative is to remove user/password from url and migrates to dedicated properties provided by git-resource:
We will have something like:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected behavior
Gitlab credentials should not be displayed in concourse UI job logs, as this may result into credentials leak by operators when sharing diagnostic traces
Observed behavior
the job teams/main/pipelines/cloudflare-depls-tf-generated/jobs/terraform-apply/builds/10 was producing the following (redacted) output including login/password in the http url scheme
Root cause is that currently coes not support specifying git repo private keys supported by the git-resource private_key
cf-ops-automation/concourse/pipelines/template/tf-pipeline.yml.erb
Lines 19 to 23 in e577677
Suggested fix
Affected release
Reproduced on version 3.2.2
The text was updated successfully, but these errors were encountered: