Open nfoxmttr opened 2 years ago
Even we are seeing this issue in our environment. We understand there is a simple fix to move out of double quotes to single quotes when invoking shell script in the pipeline. But we can't control our users to do that. It will be a good fix at plugin level.
Do let us know if some work is going on or some strategy to handle this secrets exposure.
Version report
Jenkins and plugins versions report:
Reproduction steps
Masking a secret with
wrap([$class: 'VaultBuildWrapper'...
fails on the Stage Viewsecret/thesecret
Key:thekey
Value:omgmysecrethere
This produces the following:
However, the same pipeline using
withVault
works fine.Results
Expected result:
For it to show up like the latter.
Actual result:
See above.