Auth keys are printed to stdout

tailscale / github-action

A GitHub Action to connect your workflow to your Tailscale network.

BSD 3-Clause "New" or "Revised" License

532 stars 80 forks source link

Auth keys are printed to stdout #42

Closed uhthomas closed 2 years ago

uhthomas commented 2 years ago

It seems as if auth keys are printed plainly to stdout in some circumstances. I'm surprised GitHub isn't redacting this automatically, but I also don't think Tailscale should be printing auth keys like this.

backend error: invalid key: API key k6e7bE3CNTRL not valid

See: https://github.com/uhthomas/automata/runs/7373878755?check_suite_focus=true#step%3A3%3A36=

I understand the API key is "invalid", but it was once valid.

maisem commented 2 years ago

That's just the Key ID. The secret part seems to be redacted.

uhthomas commented 2 years ago

Ah, I see now. Thanks!