Jenkins replaces all occurrences of my user name in the log with asterisks. How can I change that?

[Tim Jaacks]

While this makes sense for actual occurrences (i.e. where the asterisk'ed text REALLY is my user name), it is quite counterproductive in situations where the user name accidentally matches some other strings in the log.

For example, my user name I use in the credentials is "jenkins" (oh yeah, creative). Everywhere this name is used (e.g. in URLs like jen...@myserver.de/somepath) it is correctly masked (showing ****@myserver.de/somepath).

However, I have a script called "jenkins_patches.sh" which is called during the build. This gets logged as "****_patches.sh", which is quite ridicoulous, because the credentials are not actually used here.

Furthermore, my Jenkins instance is hosted under some URL like "http://mycompanyintranet/jenkins", resulting in "http://mycompanyintranet/****", which makes all URLs in my build log unusable. This is quite annoying.

Is there a solution to change this?

[Mark Waite]

The only solution that I am aware of is to not use the plugin that masks usernames and passwords.  If you use the Jenkins credentials plugin and provide all your credentials through the credentials plugin, you generally should not need to mask references to usernames and generally won't show passwords in the log files (or elsewhere). 

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/dc508f41-cd5b-449b-a0d4-11d9aa5c2668%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Thanks!

Mark Waite

[Tim Jaacks]

Thanks for your reply, Mark. I am using the credentials plugin to provide the stated credentials and I thought, that it is actually this plugin which performs the masking. If not, which plugin does this? I did not find any installed plugins in my instance which seem to do this.

[Mark Waite]

Based on https://issues.jenkins-ci.org/browse/JENKINS-44860 , it appears to be the credentials binding plugin.  Sorry for my misdirection.

--

You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/5c846913-65ef-41b2-a470-1f305ac27f75%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Thanks!

Mark Waite

[Tim Jaacks]

Thanks very much for the link. That is indeed exactly my issue.

Is there an alternative to using the credentials binding plugin? I need the credentials to be inserted into an URL within the test script. How can I do this without the credentials binding plugin?

[Mark Waite]

On Tue, May 21, 2019 at 7:26 AM Tim Jaacks <timj...@gmail.com> wrote:

Thanks very much for the link. That is indeed exactly my issue.

Is there an alternative to using the credentials binding plugin? I need the credentials to be inserted into an URL within the test script. How can I do this without the credentials binding plugin?

I don't know of a way to do that.

If it would work in your environment, you might consider switching to use a different account to run the Jenkins agent than the account that provides the credentials.  That's an ugly work around but may avoid many of the problems.

 

Am Dienstag, 21. Mai 2019 14:48:57 UTC+2 schrieb Mark Waite:

Based on https://issues.jenkins-ci.org/browse/JENKINS-44860 , it appears to be the credentials binding plugin.  Sorry for my misdirection.

--

You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/e9881260-2c05-41eb-bf22-b4e17d58e70f%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Thanks!

Mark Waite

[Baptiste Mathus]

The username being part of the credentials, I believe it being masked like the password is a correct behavior.

If you'd like it to behave differently, I think you want to use something else then a credz type. But don't tell anyone I'm telling you to put your username as a string parameter, I'm not, don't do it :).

I would recommend backpedaling and think about what you're trying to achieve. If you really need something like this, create a dedicated report or so IMO.

My 2 cents

--

You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-use...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/dc508f41-cd5b-449b-a0d4-11d9aa5c2668%40googlegroups.com.