[#QB-3706] Seek recommendation on how to manage secrete variables at the root level

QuickBuild

Seek recommendation on how to manage secrete variables at the root level

Created: 20/Apr/21 09:12 PM Updated: 05/May/21 11:31 PM

Component/s:

None

Affects Version/s:

10.0.28

Fix Version/s:

None

Original Estimate:

Unknown

Remaining Estimate:

Unknown

Time Spent:

Unknown

Description

« Hide

We have system administrator which can edit settings at root level. Then we have project administrators that are allowed to the edit settings at respective project levels. The system administrator wants to create a secrete variable that the projects can use, but don't the project administrators to see its value. Can you recommend on how to do that in QuikcBuild?

Thanks,
Ptrinh

All

Comments

Work Log

Change History

Sort Order:

[ Permlink | « Hide ]

Robin Shen [20/Apr/21 11:42 PM]

Even if we hide secret value in the UI, user can always print value of the script to a file via a build step and check that file content later.

[ Permlink | « Hide ]

Phong Trinh [05/May/21 11:14 PM]

Thank you for your response. Then the question is that Is there any way that system admin can hide secrete value such password of SSL certificate from project administrators?

[ Permlink | « Hide ]

Robin Shen [05/May/21 11:22 PM]

There is no way to do this, as long as the password can be used by project in build.

[ Permlink | « Hide ]

Phong Trinh [05/May/21 11:31 PM]

QuickBuild's variable has an option called 'Inheritable' . It would be great if there is another option for inherit permission. So system admin can set this permission from root level whether project admins can view or can not review the secrete value.
Thanks,
ptrinh