You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The exposure of a global secret in build logs poses a significant security risk. When utilizing secrets within pre-build, post-build, or Docker steps that involve displaying the value, measures should be implemented to mask the secret and prevent its visibility in logs. UseCase : The secrets are visible if set -x is used in the script, and we echo $secret within a file.
🔄️ Alternative
No response
👀 Have you spent some time to check if this issue has been raised before?
🔖 Feature description
Masking of global secrets in build logs
🎤 Pitch / Usecases
The exposure of a global secret in build logs poses a significant security risk. When utilizing secrets within pre-build, post-build, or Docker steps that involve displaying the value, measures should be implemented to mask the secret and prevent its visibility in logs.
UseCase : The secrets are visible if
set -x
is used in the script, and we echo$secret
within a file.🔄️ Alternative
No response
👀 Have you spent some time to check if this issue has been raised before?
🏢 Have you read the Code of Conduct?
AB#9806
The text was updated successfully, but these errors were encountered: