Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Conceal global variables in logs

Tim Watts
Tim Watts November 27, 2019

Global variables are printed to the logs when a build is ran, including tokens for other webhooks.  I would like to be able to conceal a global variable's value from the log output.  

Answer
Watch
Like Steffen Opel _Utoolity_ likes this
763 views

2 answers

2 accepted

1 vote
Answer accepted
jvelapol
jvelapol December 11, 2019

A super-hacky way to do it could be to create a second global variable.  So if the global variable you want to mask is:

APP_API_KEY

Then you could create another global variable named, say

APP_API_KEY_SECRET

and make its value the same as the value of the original.

Since Bamboo only really obscures the value of the variable in all cases where it finds it in log output, as long as the same string is the value of a variable that includes PASSWORD (or SECRET), then that works.

Incidentally, in a CI environment, we have a username/password combo for a local Oracle image set to oracle/oracle.  Which means any time the literal 'oracle' appears anywhere in the logs, it is obscured with a bunch of *******.  And if you have to use anything oracle related, and java related, well, you get a lot of ******** in the logs :)

View More Comments
Tim Watts
Tim Watts December 12, 2019

jvelapol, 

 

Thank you!  my experience with Atlassian tools has resulted in lots of "super hackey" workarounds, and this is one for the books!  

 

Thank you again!

Like
Reply
1 vote
Answer accepted
Steffen Opel _Utoolity_
Steffen Opel _Utoolity_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
November 27, 2019

Oddly this is still not mentioned in the Bamboo variables documentation, but you can achieve this by adding a 'Password' suffix to sensitive variables (I think at least 'Secret' works too meanwhile, there may be a few more).

For example, if the variable key is "password", "awsAccessKeyPassword", or "awsSecretKeyPassword", the build log will show the substituted  variable value as "********".

View More Comments
Tim Watts
Tim Watts November 27, 2019

I noticed that as well and considered changing it, but am unsure as to the number of webhooks that would be impacted if I changed the variable name.  Ideally I would keep the variable name the same, and just conceal the value in the log.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bamboo
Bamboo
TAGS
AUG Leaders

Atlassian Community Events

    See all events