Re: buildInfoxxxx.properties on /tmp directory on Jenkins server exposing the credentials

2017-02-13 Thread Makarand Jadhav 
Still not able to figure out a way if we can mask the credentials in the 
buildInfo.properties from the Jenkins Job.
Can anyone have this issue or provide any inputs? 


On Tuesday, February 7, 2017 at 12:58:24 PM UTC, Makarand Jadhav wrote:

> Hi,
>
> We have been using gradle build tool(Gradle Plugin) for compiling the 
> source code and then using the Artifactory plugin(Gradle-Artifactory 
> Integration) for publishing the artifacts to the Artifactory server from 
> the Jenkins server. 
> Our server administrator reported that there are lot of 
> buildInfo.properties on /tmp directory(where  is any arbitrary 
> number generated by build) on Jenkins server and its been observed that 
> contents of buildInfo.properties are exposing the credentials of some 
> of the resources accessed during the build & deploy process(e.g.: 
> credentials of Artifactory, DB, Shared drives etc.). The excerpt of 
> contents of buildInfo.properties(many lines deleted & masked) is as 
> below:
>
> --
> artifactory.publish.contextUrl=
> artifactory.publish.ivy.m2compatible=
> buildInfo.env.JenkinsScripts=
> buildInfo.env.APP_DB_USER=
> artifactory.publish.record.all.dependencies=
> buildInfo.env.JOB_NAME=
> artifactory.resolve.password=X
>
> -
>
> Since this is an delivery pipeline configured, we use "Environment 
> Injector" & the "Mask Passwords" plugin which masks the password in the 
> Jenkins UI console logs but not sure why the credentials are exposed and 
> readable in the buildInfo.properties file.
>
> So I have two questions:
>
>1. Is there any way that we can mask the information for credentials 
>in the buildInfo.properties file?
>2. Can the build automatically cleanup the buildInfo.properties 
>after the build completes as there are lots of files being leftover in the 
>/tmp directory filling up the disk space and are cleaned up through an 
>automated script?
>
>  Any suggestions/comments are greatly appreciated. Thanks!
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/1ffe83b6-5b37-4170-b446-718b4d1554f1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

buildInfoxxxx.properties on /tmp directory on Jenkins server exposing the credentials

2017-02-07 Thread Makarand Jadhav 
Hi,

We have been using gradle build tool(Gradle Plugin) for compiling the 
source code and then using the Artifactory plugin(Gradle-Artifactory 
Integration) for publishing the artifacts to the Artifactory server from 
the Jenkins server. 
Our server administrator reported that there are lot of 
buildInfo.properties on /tmp directory(where  is any arbitrary 
number generated by build) on Jenkins server and its been observed that 
contents of buildInfo.properties are exposing the credentials of some 
of the resources accessed during the build & deploy process(e.g.: 
credentials of Artifactory, DB, Shared drives etc.). The excerpt of 
contents of buildInfo.properties(many lines deleted & masked) is as 
below:
--
artifactory.publish.contextUrl=
artifactory.publish.ivy.m2compatible=
buildInfo.env.JenkinsScripts=
buildInfo.env.APP_DB_USER=
artifactory.publish.record.all.dependencies=
buildInfo.env.JOB_NAME=
artifactory.resolve.password=X
-

Since this is an delivery pipeline configured, we use "Environment 
Injector" & the "Mask Passwords" plugin which masks the password in the 
Jenkins UI console logs but not sure why the credentials are exposed and 
readable in the buildInfo.properties file.

So I have two questions:

   1. Is there any way that we can mask the information for credentials in 
   the buildInfo.properties file?
   2. Can the build automatically cleanup the buildInfo.properties 
   after the build completes as there are lots of files being leftover in the 
   /tmp directory filling up the disk space and are cleaned up through an 
   automated script?

 Any suggestions/comments are greatly appreciated. Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/ab3d82f1-354e-4d0b-b259-6dae847c0261%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.