[JIRA] (JENKINS-57717) podTemplate disclosing sensitive information via log

7 views
Skip to first unread message

oliver@nocon-online.de (JIRA)

unread,
May 28, 2019, 10:55:02 AM5/28/19
to jenkinsc...@googlegroups.com
Oliver Nocon created an issue
 
Jenkins / Bug JENKINS-57717
podTemplate disclosing sensitive information via log
Issue Type: Bug Bug
Assignee: Carlos Sanchez
Components: kubernetes-plugin
Created: 2019-05-28 14:54
Priority: Major Major
Reporter: Oliver Nocon

In our Jenkins pipeline script we pass sensitive environment variables into the pod which come out of the job parameters.

This sensitive information is unfortunately disclosed via the log.

#459 / JENKINS-57116 introduced the option showRawYaml but this does not seem to take effect within a Jenkins pipeline when using podTemplate(showRawYaml: false, ...)

Would be great to make this available.
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

jenkins-ci@carlossanchez.eu (JIRA)

unread,
May 28, 2019, 12:26:02 PM5/28/19
to jenkinsc...@googlegroups.com
Carlos Sanchez commented on Bug JENKINS-57717
 
Re: podTemplate disclosing sensitive information via log

showRawYaml is in 1.15.4, what version are you using?

oliver@nocon-online.de (JIRA)

unread,
May 28, 2019, 3:08:01 PM5/28/19
to jenkinsc...@googlegroups.com

Thank you for your feedback, we are exactly on this version.

I see the respective checkbox in Jenkins system configuration.

When calling via pipeline script I was not able to get it working. When looking into

https://github.com/jenkinsci/kubernetes-plugin/blob/master/src/main/java/org/csanchez/jenkins/plugins/kubernetes/pipeline/PodTemplateStep.java

I am not able to find the respective setter but maybe there is a misunderstanding on my side and there is something else I overlooked ...
Reply all
Reply to author
Forward
0 new messages