Forum Discussion

SmartWolf's avatar
SmartWolf
New Contributor
6 years ago

Encrypted properties are being displayed in Jenkins logs when test fails

We have Ready API tests integrated with our Jenkins builds using the Jenkins plugin. We are running into an issue with encryption of sensitive information in the Ready API tests.

We have certain fields set up as encrypted properties in our ReadyAPI tests. When a test fails it prints out the decrypted value to the reports generated by the Ready API Jenkins plugin and also to the console output in Jenkins. What are our options to obfuscate these encrypted fields?

 

We’ve tried encrypting the entire project and encrypting individual properties – both these approaches print out all the encrypted fields in the logs when a test fails.

  • For me, I had to set the property that was sensitive with data and then override it with a Jenkins parameter and with an overloaded property in the project itself. In my case, I was using a WSS-Config password, so I set a pair of Project-level properties, certPath and certPass. Since certPass was sensitive, that was set up as a global jenkins password, and my testrunner script looked like this:

     

     

    exit_status=$(testrunner.sh "-FXML" "-RJUnit-Style HTML Report" -J -a -A -r "-PcertPath=${certPath}" "-PcertPass=${certPass}" ${WORKSPACE}/path/to/project.xml
  • nmrao's avatar
    nmrao
    Champion Level 3
    Would it be possible to explain the issue with sample log to understand the issue better? Need not be exact data.
    What sort of properties are those? Any password or so?
    • groovyguy's avatar
      groovyguy
      Community Hero

      I ran into a similar problem with passwords/sensitive information, at least when it came to being output in the Jenkins console. I was able to obfuscate that by setting it as a global level password property within Jenkins and referencing it as a paramter. I believe that made Jenkins obfuscate, in this instance, the password. 

      For the reports, you might have to augment the reporting logic to override that. I want to say I've seen similar posts here in the forums on that. 

      • SmartWolf's avatar
        SmartWolf
        New Contributor

        How do you refernce the global Jenkins property within the Ready API project?