mjhugo
commented
11 years ago +1 a great idea!
On Fri, Mar 29, 2013 at 4:17 PM, Ronny Løvtangen notifications@github.comwrote:
All environment variables for the user performing the build is written to /WEB-INF/classes/application.properties. This can reveal more info about the user than he wants.
e.g.:
environment.LOGNAME=ronny environment.GRADLE_USER_HOME=/Users/ronny/.gradle environment.LC_CTYPE=en_US.UTF-8 environment.RUBY_VERSION=ruby-1.9.3-p125 environment.ANT_HOME=/Applications/java/ant environment.MAVEN_HOME=/Applications/java/maven ...
These environment variables are not displayed, except for a few Jenkins environment variables ('environment.BUILD_NUMBER', 'environment.BUILD_ID', 'environment.BUILD_TAG', 'environment.GIT_BRANCH', 'environment.GIT_COMMIT'), but they are packed in the final war.
Only environment variables that is to be displayed at /buildInfo should be written to file.
There are properties to add and exclude variables: buildInfo.properties.add and buildInfo.properties.exclude. These should be taken into account when deciding which variables to write to file.
— Reply to this email directly or view it on GitHubhttps://github.com/mjhugo/grails-build-info/issues/5 .
Mike Hugo Senior Software Engineer Entagen, LLC 612-669-8856 mike@entagen.com
All environment variables for the user performing the build is written to /WEB-INF/classes/application.properties. This can reveal more info about the user than he wants.
e.g.:
These environment variables are not displayed, except for a few Jenkins environment variables ('environment.BUILD_NUMBER', 'environment.BUILD_ID', 'environment.BUILD_TAG', 'environment.GIT_BRANCH', 'environment.GIT_COMMIT'), but they are packed in the final war.
Only environment variables that is to be displayed at /buildInfo should be written to file.
There are properties to add and exclude variables: buildInfo.properties.add and buildInfo.properties.exclude. These should be taken into account when deciding which variables to write to file.