| Key: |
QB-1843
|
| Type: |
Bug
|
| Status: |
Resolved
|
| Resolution: |
Fixed
|
| Priority: |
Minor
|
| Assignee: |
Unassigned
|
| Reporter: |
David Stallard
|
| Votes: |
1
|
| Watchers: |
0
|
|
If you were logged in you would be able to see more operations.
|
|
|
QuickBuild
Created: 18/Nov/13 03:57 PM
Updated: 04/Dec/13 10:51 PM
|
|
| Component/s: |
None
|
| Affects Version/s: |
5.0.31
|
| Fix Version/s: |
5.1.1
|
|
|
Original Estimate:
|
Unknown
|
Remaining Estimate:
|
Unknown
|
Time Spent:
|
Unknown
|
|
|
When a clear-text variable references a secret variable, then anywhere that the clear-text variable gets referenced will show the secret value in clear text--for example, the Variables list for a build, the build log, etc. An example:
1) Define a secret variable, mySecretVar, and set it to "mysecret"
2) Define a clear text variable, myClearVar, and set it to "${vars.getValue("mySecretVar")}
3) After a build, myClearVar will show up in the Variables tab with its value in clear text, and possibly also in the build log depending on how it is used.
|
|
Description
|
When a clear-text variable references a secret variable, then anywhere that the clear-text variable gets referenced will show the secret value in clear text--for example, the Variables list for a build, the build log, etc. An example:
1) Define a secret variable, mySecretVar, and set it to "mysecret"
2) Define a clear text variable, myClearVar, and set it to "${vars.getValue("mySecretVar")}
3) After a build, myClearVar will show up in the Variables tab with its value in clear text, and possibly also in the build log depending on how it is used. |
Show » |
|
Secret variables can be referenced by clear-text variables, exposing the secret values