Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Environment variable name overrides script command.

We have a strange bug. 

Pipeline step includes next command:

npm i --save-dev @angular/cli@latest 

 

And the list of repository variables includes the next variable name with value:

name: or_develop_AWS_BUCKET_NAME

value: secured

 

The pipeline log shows next:

image.png

 

Could you please explain why it happening?

Thank you.

2 answers

0 votes

Hi @Pavel,

I can see in the screenshot that the "test" part of the command gets replaced with the variable name, and I believe this is happening because the value of this variable is "test" and it is a secured variable.

From our documentation:

Pipelines masks all occurrences of a secure variable's value in your log files, regardless of how that output was generated.

If you have secure variable value set to a common word, that word will be replaced with the variable name anywhere it appears in the log file. Secured variables are designed to be used for unique authentication tokens and passwords and so are unlikely to be also used in clear text.

You can check our doc for reference:

Please feel free to let me know if you have any questions.

Kind regards,
Theodora

Thank you for your reply.

I see what you talking about but i assume you confused a bit.

The only (at least should be) way to replace something in the pipeline (and to see it in log) i need to invoke the variable. For example the variable "test" has value "valueOfTestVar" and the script is: echo $test

In this case i will see the value of "test" variable like valueOfTestVar if this variable exists and has not secured value. If the value is secured i will see $test as the result.

But in my code i`m not invoking test variable and do not have any variable with the name test. And any variable in the script should not be searched by its Value and replaced by value Name.

Hi @Pavel,

The value of any secured variable is masked in the Pipelines log, regardless of how it was generated.

In your example, if "test" is a secured variable, with the value "valueOfTestVar", then any occurrence of "valueOfTestVar" in the output of the Pipelines log will be replaced with $test, regardless of whether the value appears because you invoked $test or because it was generated in the output in a different way.

I can open a feature request to change this behavior, but at the moment the output in the Pipelines log file is searched for the value of any secured variable, and if any is found, then it is replaced with the variable name.

Please feel free to let me know if you'd like me to open the feature request for our development team to consider changing this.

Kind regards,
Theodora

Changing variable to something else repeats an issue:

image.png

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Service Management

Security Advisory for Jira Service Management

On October 20, 2021, Atlassian published a security advisory for Jira Service Management. The full advisory is available at this link.  We've seen a number of questions already asking for...

76 views 0 1
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you