Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-16991

Jenkins Artifactory plugin should have fixed built-in exclude patterns

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Open
    • Priority: 3 - High
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Build Info

      Description

      Currently, the Jenkins-Artifactory plugin (v2.12) provides exclude patterns when "Include Environment Variables" is enabled, to prevent environment variable with names that match any exclude pattern from being published to the build info tab in Artifactory in clear text format!  YIKES. Three values are currently auto-populated into this editable exclude patterns field (password,key,secret).  But we want these patterns to be fixed and not editable because users can remove them and obtain passwords or secrets for shared build accounts.

      Feature request summary: 

      1. The plugin should enforce a fixed/built-in set of non-editable exclude patterns (password,key,secret)*. T*hese fixed patterns should be case insensitive.

      2. The plugin can continue to offer (as it does today) an editable set of exclude patterns that would be appended to the fixed/built-in set.

      This is currently an audit issue.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              Santhi.Bhavanam Santhi Bhavanam
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:

                  Sync Status

                  Connection: RTFACT Sync
                  RTMID-16991 -
                  SYNCHRONIZED
                  • Last Sync Date: