Secure Env variables at the Env level (currently only can do this for a pipeline)

Comments

4 comments

  • Avatar
    Jason Duff

    ping...

    0
    Comment actions Permalink
  • Avatar
    Jason Duff

    System level vars/secure vars would be nice too.

    0
    Comment actions Permalink
  • Avatar
    Thomas Heald

    Hi,

     

    I am also trying to set secure environmental variables at an environment level. Have found that it is possible to do this via the config xml using the secure="true" propery. e.g.

     

            <variable name="SECURE_VARIABLE" secure="true">
              <encryptedValue>encrypted_value</encryptedValue>
            </variable>

    This is then treated correctly as a secure property, and is blanked out in the console output as expected. However.... if this variable is then edited via the web front end (edit environment page), it reverts back to a regular variable. It is also visible on this page in unencrypted form.

    0
    Comment actions Permalink
  • Avatar
    Jyoti Singh

    Hi,

    Secure environment variables have been implemented only at the pipeline level. Currently, Go does not support environment/stage/job level secure environment variables. While, the trick Thomas mentioned works fine in a few cases, it clearly does not work correctly, and hence is not recommended.

    Thanks for the feedback, we have added this to our backlog, however, this is not in our roadmap for the next six months.

    Cheers,

    Jyoti

     

    0
    Comment actions Permalink

Please sign in to leave a comment.