Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Conceal global variables in logs

Global variables are printed to the logs when a build is ran, including tokens for other webhooks.  I would like to be able to conceal a global variable's value from the log output.  

2 answers

2 accepted

1 vote
Answer accepted

A super-hacky way to do it could be to create a second global variable.  So if the global variable you want to mask is:


Then you could create another global variable named, say


and make its value the same as the value of the original.

Since Bamboo only really obscures the value of the variable in all cases where it finds it in log output, as long as the same string is the value of a variable that includes PASSWORD (or SECRET), then that works.

Incidentally, in a CI environment, we have a username/password combo for a local Oracle image set to oracle/oracle.  Which means any time the literal 'oracle' appears anywhere in the logs, it is obscured with a bunch of *******.  And if you have to use anything oracle related, and java related, well, you get a lot of ******** in the logs :)



Thank you!  my experience with Atlassian tools has resulted in lots of "super hackey" workarounds, and this is one for the books!  


Thank you again!

1 vote
Answer accepted

Oddly this is still not mentioned in the Bamboo variables documentation, but you can achieve this by adding a 'Password' suffix to sensitive variables (I think at least 'Secret' works too meanwhile, there may be a few more).

For example, if the variable key is "password", "awsAccessKeyPassword", or "awsSecretKeyPassword", the build log will show the substituted  variable value as "********".

I noticed that as well and considered changing it, but am unsure as to the number of webhooks that would be impacted if I changed the variable name.  Ideally I would keep the variable name the same, and just conceal the value in the log.

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events