[JIRA] (JENKINS-57717) showRawYaml doesn't work inside podTemplate

15 views
Skip to first unread message

jenkins-ci@carlossanchez.eu (JIRA)

unread,
May 29, 2019, 4:21:03 AM5/29/19
to jenkinsc...@googlegroups.com
Carlos Sanchez updated an issue
 
Jenkins / Bug JENKINS-57717
showRawYaml doesn't work inside podTemplate
Change By: Carlos Sanchez
Summary: showRawYaml doesn't work inside podTemplate disclosing sensitive information via log
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

jenkins-ci@carlossanchez.eu (JIRA)

unread,
May 29, 2019, 4:22:01 AM5/29/19
to jenkinsc...@googlegroups.com
Carlos Sanchez commented on Bug JENKINS-57717
 
Re: showRawYaml doesn't work inside podTemplate

I see, it is implemented for global templates but not for Jenkinsfiles

oliver@nocon-online.de (JIRA)

unread,
Jun 25, 2019, 2:18:02 PM6/25/19
to jenkinsc...@googlegroups.com

jglick@cloudbees.com (JIRA)

unread,
Jul 8, 2019, 2:22:02 PM7/8/19
to jenkinsc...@googlegroups.com

What was addressed exactly?

To go back to the original description:

we pass sensitive environment variables into the pod which come out of the job parameters

Can you be more specific please? The credentials-binding and kubernetes plugins automatically mask secrets from the log coming from withCredentials and Kubernetes Secret mounts, respectively. Provide a complete, self-contained job definition which demonstrates your issue.

oliver@nocon-online.de (JIRA)

unread,
Jul 9, 2019, 4:24:02 PM7/9/19
to jenkinsc...@googlegroups.com

PR addressed the issue that showRawYaml: false did not take effect inside a Jenkinsfile.

It has been merged, thus the issue can be closed.

Issue was in a job with a password parameter. When passing this parameter as env variable to the pod: name and value (taken from the password parameter) were printed to the log. Now, using showRawYaml: false this can be prevented.

jglick@cloudbees.com (JIRA)

unread,
Jul 9, 2019, 6:11:02 PM7/9/19
to jenkinsc...@googlegroups.com

When passing this parameter as env variable to the pod: name and value (taken from the password parameter)

There is no supported way to do this currently: JENKINS-36007

jglick@cloudbees.com (JIRA)

unread,
Jul 9, 2019, 6:13:02 PM7/9/19
to jenkinsc...@googlegroups.com
Jesse Glick edited a comment on Bug JENKINS-57717
bq. When passing this parameter as env variable to the pod: name and value (taken from the password parameter)

There is no supported way to do this currently: JENKINS- 36007 43814

jglick@cloudbees.com (JIRA)

unread,
Jul 9, 2019, 6:13:03 PM7/9/19
to jenkinsc...@googlegroups.com
Jesse Glick resolved as Won't Do
 
Change By: Jesse Glick
Status: Open Resolved
Resolution: Won't Do
Reply all
Reply to author
Forward
0 new messages