I have this scenario:
1) Project-variable (password) with sensitive info
2) A stage where I call an executable with this sensitive info
When I check out the log file (the parameters section of the action), I can see the plain text there. Would it be possible to always keep it encrypted. An advanced scenario would be that you would even filter back the output of the application, so even the application writes the sensitive information to the console, you would still obfuscate it for the log.
Hi Geert, thank you for posting. We have this item high on our agenda. Our plan is to mask out the sensitive data for these variables (as we currently do with other sensitive fields).
I’m not sure if it will be possible to control what third party applications are writing to the log, we will look further into this area to see if anything can be done.
Thanks again.
What’s the status of this issue? I need to run a very sensitive app with password credentials. I have put the item as credentials, and the app itself is not exposing the password. But the parameters of the exe are shown in the log.
Hi Geert thankyou for posting.
This item is currently in development (hopefully it can progress into QA very shortly). You will be able to nominate (within the variable dialogue) which variables are to be masked within sensitive areas (eg logs).
Thanks again