Jesse, My concern isn't simply masking credentials. It's masking strings (in this case AWS secret keys) however they get into or appear in a build, period. i.e. if someone runs `cat ~/.aws/credentials` or for that matter makes an API call to generate credentials inside a job, we want it masked. We're also planning on transitioning to a service which will dynamically generate temporary credentials for builds; when we do, we still want them masked but won't have the literal string available before build time.
I'm working on a fork of the Mask Passwords plugin that supports masking user-defined regexes from the build output. Assuming I can get it working (my Java is really rusty), I'll open a pull request for it. Thanks, Jason On Tue, Jul 26, 2016 at 3:57 PM, Jesse Glick <[email protected]> wrote: > On Tue, Jul 26, 2016 at 10:14 AM, Jason Antman <[email protected]> > wrote: > > The closest thing I've been able to find is the Mask Passwords > > plugin, but that only handles specifically-defined strings (which are > > defined in the plugin config, which seems to be even *less* secure). > > The Credentials Binding plugin does automatic masking for Pipeline > builds. Analogous support for freestyle builds is in progress. > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Jenkins Developers" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/jenkinsci-dev/zJH7-UvAz6g/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr0%3D-qTGnsFZEgUBs42wPrBqK50vxb2%2Ba-k%2BhO4-0CNeHg%40mail.gmail.com > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAFt4V4kiX43g5Hs9aPTDdoFtLtv9YMHw0B_PF9TZggAQNmkzYA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
