Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Password pattern matchig in logs

How does the password log obviscation work, does this simply mask anything that uses the variable name, or does it mask anything that has the value of the password ?

2 answers

1 vote

The Bamboo password log obfuscation indeed masks anything that has the value of any password variable in the executing build/deployment context, which can have confusing effects for simple 'password' values that by chance occur elsewhere in the log as well, for example:

Say you have a global variable ${bamboo.defaultAdminPassword} with a value of 'admin' so that you can automate logging into Atlassian products started with the SDK's atlas-run-standalone command via the Bamboo Script task.

Using that password variable directly (e.g. for a REST API call) will properly yield a value masked with '********' in the log. However, if you also put an 'echo "Logging in as administrator ..."' command on top of the script, you will get a log output of "Logging in as ********istrator ...".

Put another way, anywhere the phrase 'admin' is contained in a log line, it will be masked as '********' because it happens to also be the value of a password variable.

 

From a technical perspective this is implemented via class PasswordMaskingLogMutator, which uses class PasswordMaskingUtils in turn. If you are curious and a licensee you can access the Bamboo source code to see exactly how this works.

0 votes

Hi! 

 

As I see yes,

https://jira.atlassian.com/browse/BAM-18142

https://jira.atlassian.com/browse/BAM-14876

 

In our instance we just set variable with name something.password

Hope it helps

 

Cheers,

Gonchik Tsymzhitov

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bamboo

Bamboo 101 Video

G’day Community! As we gear up to introduce Bamboo Data Center to the world, we wanted to make sure that we shared a bit more about Bamboo, the product. Our team has put together an overview video ...

190 views 4 6
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you