-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mask Regexes and Global option #6
Mask Regexes and Global option #6
Conversation
…king of global passwords and regexes, regardless of job configuration
…ling isn't working
@@ -4,7 +4,7 @@ Copyright © 2010-2011, Manufacture Francaise des Pneumatiques Michelin, Rom | |||
|
|||
About this plugin | |||
----------------- | |||
The Mask Passwords plugin is meant to be used from [Hudson][1] or [Jenkins][2] to mask passwords which may appear from builds' console. Please take a look at [Jenkins' wiki][3] to get detailed information. | |||
The Mask Passwords plugin is meant to be used from [Hudson][1] or [Jenkins][2] to mask passwords or regulat expressions which may appear from builds' console. Please take a look at [Jenkins' wiki][3] to get detailed information. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typo
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oops. Apologies. Fix pushed up.
@@ -4,7 +4,7 @@ Copyright © 2010-2011, Manufacture Francaise des Pneumatiques Michelin, Rom | |||
|
|||
About this plugin | |||
----------------- | |||
The Mask Passwords plugin is meant to be used from [Hudson][1] or [Jenkins][2] to mask passwords which may appear from builds' console. Please take a look at [Jenkins' wiki][3] to get detailed information. | |||
The Mask Passwords plugin is meant to be used from [Hudson][1] or [Jenkins][2] to mask passwords or regular expressions which may appear from builds' console. Please take a look at [Jenkins' wiki][3] to get detailed information. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This version is not compatible with Hudson anymore. Unrelated to this PR btw
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, shall I remove the Hudson link, while I'm touching the README?
@oleg-nenashev thanks so much for looking at this! About to go into a meeting, but will have those comments addressed within the next few hours. |
[3]: http://wiki.jenkins-ci.org/display/JENKINS/Mask+Passwords+Plugin | ||
[4]: https://svn.jenkins-ci.org/trunk/hudson/plugins/mask-passwords/ | ||
[5]: https://github.com/jenkinsci/mask-passwords-plugin | ||
[1]: http://jenkins-ci.org/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
outdated link. Now it's https://jenkins.io. Not important btw
…ith Hudson retain old constructor signature for binary compatibility fix Jenkins link CheckForNull on VarMaskRegex equals method
c5fae04
to
dd9a0bd
Compare
@oleg-nenashev Thank you so much for your time on this. As is probably obvious, this is more Java than I've written in the last 10 years combined. Sorry if some of these issues should be relatively basic, but I really appreciate your time to help with this. |
@oleg-nenashev I'm sure you're very busy, but would it be possible to get some feedback on my updates? I'm trying to figure out if I should wait for movement on this PR, or figure out how to distribute and install my forked version internally... |
@jantman sorry about the delay |
@oleg-nenashev ok... any odds of getting some input on this? |
Is this still under review? |
It's somewhere in my TODO list, but I haven't have a chance to investigate this and other PRs in this plugin yet. I commonly do it in a burst (one plugin per weekend), but I have not reached this plugin yet |
This looks very useful ! I'm going to test this internally as a snapshot version because we need this feature. I have a slightly different requirement though, my problem is with output of passwords in mercurial URLs by the m2 release plugin, it displays in logs : hg push https://user:password@mercurial.my.org/repo, with password in cleartext. The only way I know to mask this one is to put the releaser's mercurial credentials in global masked passwords wich is really bad because they change often and a failure to update the global passwords results in a clear text password in logs. I'd like to use a regexp like this : |
FWI the snapshot version works like a charm for us, using regex and global activation, two great features ! Thanks a lot @jantman |
Thanks so much! |
This pull request adds two major features to the Mask Passwords plugin:
(?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=])
. The previous Mask Passwords implementation caused problems for jobs that use temporary credentials, or that generate their own credentials and echo them in the job's output.I've tested this manually to the best of my abilities using both Jenkins 1.609.1 (as set in
pom.xml
) as well as the official Docker images of 1.625.2 and 2.7.1.