[ https://issues.jenkins-ci.org/browse/JENKINS-12747?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=158968#comment-158968 ]
Rob Petti commented on JENKINS-12747: ------------------------------------- Have you tried unchecking "Expose P4PASSWD in environment"? > Perforce Passwords are exposed by the EnvInject plugin > ------------------------------------------------------ > > Key: JENKINS-12747 > URL: https://issues.jenkins-ci.org/browse/JENKINS-12747 > Project: Jenkins > Issue Type: Bug > Components: envinject, perforce > Environment: Windows 7 Enterprise SP1 (x64) > Jenkins 1.450 > EnvInject 1.20 > Perforce 1.3.7 > Mask Passwords 2.7.2 > Reporter: Mike Winters > Assignee: gbois > > Originally reported as part of JENKINS-12423, I am reopening this as a > separate defect at the author's request. My original defect report from that > issue is as follows: > With Jenkins 1.450, Perforce plugin 1.3.7, EnvInject 1.17, and Mask Passwords > 2.7.2, the Perforce passwords are being displayed in plain text on the > "Injected Environment Variables" page. I have tried setting the passwords to > be masked in the global Jenkins config as well as in the individual jobs, but > nothing I have tried is masking the passwords. > In the case of the Perforce passwords, the issue was happening before I > installed the Mask Passwords plugin (I only installed that in an attempt to > hide the passwords). It seems that perhaps the Perforce plugin (and plugins > for other source control systems?) are exposing the passwords in a way that > the EnvInject plugin doesn't know to look for. I'm not sure where the best > place to fix this is, or what the optimal fix should be, as I am not familiar > with the Jenkins codebase or the code for any of the relevant plugins. > However, the quicker a solution can be implemented, the happier I will be :). > Thanks! > After updating to EnvInject 1.20, the Perforce password is still being > exposed (P4PASSWD variable) on the "Injected Environment Variables" page > available on the left menu on each build. I suspect that this may require > changes to both the EnvInject plugin and the Perforce plugin. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira