-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encrypt/Remove kubeconfig secrets from build output #15
Comments
1.x is the same. Let's encode the kubecnfig file into Base64. Then it will be solved. See 5.1. Create an endopint on the README. :) |
Can I close this issue? |
I imagine there is a way to either:
|
Do you know which line is causing the output to get written?
…On Mon, Jun 12, 2017 at 9:09 AM, David Tesar ***@***.***> wrote:
I imagine there is a way to either:
1. Encrypt the contents of kube config since Base64 can easily be
decoded: http://www.hashemian.com/tools/base64-encode-decode.php -->
"Base64 decoding employs a reverse algorithm to yield the original content.
While Base64 encoding alters the original content, it is not suitable as an
encryption mechanism as it can be easily decoded to reveal the original
content."
or
2. Remove the output of the kube config from the build log.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#15 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ADQphdpjwCE4sG4yziroMzidOu2mFbipks5sDWKhgaJpZM4Npc9r>
.
--
Rakesh Kelkar
|
Not sure - somewhere here https://github.com/TsuyoshiUshio/KubernetesTask/blob/master/kubectl.ts I imagine with the kubeconfig. |
Yeah it's strange.. I think the agent framework is printing it.. I've
started a thread with them to figure it out.
…On Jun 13, 2017 12:50 PM, "David Tesar" ***@***.***> wrote:
Not sure - somewhere here https://github.com/TsuyoshiUshio/KubernetesTask/
blob/master/kubectl.ts I imagine with the kubeconfig.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#15 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ADQphRBX-ln9HaydDqxTlgIEso5n47pYks5sDugUgaJpZM4Npc9r>
.
|
I don't know why. But I realised that if you have multiple lines of the parameter, vsts prints from the second line. VSTS doesn't print the first line. I should report to the VSTS production team about it. The log is automatically out. |
@dtzar It seems automatically printout when I use this.
I can't avoid it. However, this line smells. I'll investigate it. https://github.com/Microsoft/vsts-task-lib/blob/master/node/task.ts#L364 |
When you use the general 2.x task it outputs the entire contents of the kubeconfig file to the build log/output in VSTS. We should not have this for security reasons.
The text was updated successfully, but these errors were encountered: