Closed jameshearttech closed 6 months ago
Can you instead pass the token via the GITSYNC_PASSWORD env var or the --password-file? That's going to be safer, for sure. That said, there are other logs that emit the value of --repo
, which need to redact, but it's not always clear that they need to (e.g. -v 5
emits all exec'ed commands).
If you run with -v 3
I think you'll see some.
Try that?
@thockin I removed the username and password (i.e., token) from the repo URL. I specified the username x-token-auth
using the --username
parameter. I specified the password using the GITSYNC_PASSWORD
env var. Thank you for the recommendation!
Successful sync logs show token as
REDACTED
.Error exposes token (main.go:784).