Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Conceal global variables in logs

Global variables are printed to the logs when a build is ran, including tokens for other webhooks.  I would like to be able to conceal a global variable's value from the log output.  

2 answers

2 accepted

1 vote
Answer accepted

Oddly this is still not mentioned in the Bamboo variables documentation, but you can achieve this by adding a 'Password' suffix to sensitive variables (I think at least 'Secret' works too meanwhile, there may be a few more).

For example, if the variable key is "password", "awsAccessKeyPassword", or "awsSecretKeyPassword", the build log will show the substituted  variable value as "********".

I noticed that as well and considered changing it, but am unsure as to the number of webhooks that would be impacted if I changed the variable name.  Ideally I would keep the variable name the same, and just conceal the value in the log.

1 vote
Answer accepted

A super-hacky way to do it could be to create a second global variable.  So if the global variable you want to mask is:

APP_API_KEY

Then you could create another global variable named, say

APP_API_KEY_SECRET

and make its value the same as the value of the original.

Since Bamboo only really obscures the value of the variable in all cases where it finds it in log output, as long as the same string is the value of a variable that includes PASSWORD (or SECRET), then that works.

Incidentally, in a CI environment, we have a username/password combo for a local Oracle image set to oracle/oracle.  Which means any time the literal 'oracle' appears anywhere in the logs, it is obscured with a bunch of *******.  And if you have to use anything oracle related, and java related, well, you get a lot of ******** in the logs :)

jvelapol, 

 

Thank you!  my experience with Atlassian tools has resulted in lots of "super hackey" workarounds, and this is one for the books!  

 

Thank you again!

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bamboo

Bamboo 101 Video

G’day Community! As we gear up to introduce Bamboo Data Center to the world, we wanted to make sure that we shared a bit more about Bamboo, the product. Our team has put together an overview video ...

251 views 4 6
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you