cancel
Showing results for 
Search instead for 
Did you mean: 

Encrypted properties are being displayed in Jenkins logs when test fails

SOLVED
New Contributor

Encrypted properties are being displayed in Jenkins logs when test fails

We have Ready API tests integrated with our Jenkins builds using the Jenkins plugin. We are running into an issue with encryption of sensitive information in the Ready API tests.

We have certain fields set up as encrypted properties in our ReadyAPI tests. When a test fails it prints out the decrypted value to the reports generated by the Ready API Jenkins plugin and also to the console output in Jenkins. What are our options to obfuscate these encrypted fields?

 

We’ve tried encrypting the entire project and encrypting individual properties – both these approaches print out all the encrypted fields in the logs when a test fails.

1 ACCEPTED SOLUTION

Accepted Solutions
Community Hero

Re: Encrypted properties are being displayed in Jenkins logs when test fails

For me, I had to set the property that was sensitive with data and then override it with a Jenkins parameter and with an overloaded property in the project itself. In my case, I was using a WSS-Config password, so I set a pair of Project-level properties, certPath and certPass. Since certPass was sensitive, that was set up as a global jenkins password, and my testrunner script looked like this:

 

 

exit_status=$(testrunner.sh "-FXML" "-RJUnit-Style HTML Report" -J -a -A -r "-PcertPath=${certPath}" "-PcertPass=${certPass}" ${WORKSPACE}/path/to/project.xml



---

Click the Accept as Solution button if my answer has helped, and remember to give kudos where appropriate too!

View solution in original post

8 REPLIES 8
Community Manager

Re: Encrypted properties are being displayed in Jenkins logs when test fails

@msiadak , @nmrao , @richie , @HimanshuTayal , @Radford,

 I'll appreciate any suggestions from you.

---------
Tanya Gorbunova
SmartBear Community Manager

Did my reply answer your question? Give Kudos or Accept it as a Solution to help others.↓↓↓↓↓
Highlighted
Community Hero

Re: Encrypted properties are being displayed in Jenkins logs when test fails

Would it be possible to explain the issue with sample log to understand the issue better? Need not be exact data.
What sort of properties are those? Any password or so?


Regards,
Rao.
Community Hero

Re: Encrypted properties are being displayed in Jenkins logs when test fails

I ran into a similar problem with passwords/sensitive information, at least when it came to being output in the Jenkins console. I was able to obfuscate that by setting it as a global level password property within Jenkins and referencing it as a paramter. I believe that made Jenkins obfuscate, in this instance, the password. 

For the reports, you might have to augment the reporting logic to override that. I want to say I've seen similar posts here in the forums on that. 




---

Click the Accept as Solution button if my answer has helped, and remember to give kudos where appropriate too!
New Contributor

Re: Encrypted properties are being displayed in Jenkins logs when test fails

How do you refernce the global Jenkins property within the Ready API project?

Community Hero

Re: Encrypted properties are being displayed in Jenkins logs when test fails

For me, I had to set the property that was sensitive with data and then override it with a Jenkins parameter and with an overloaded property in the project itself. In my case, I was using a WSS-Config password, so I set a pair of Project-level properties, certPath and certPass. Since certPass was sensitive, that was set up as a global jenkins password, and my testrunner script looked like this:

 

 

exit_status=$(testrunner.sh "-FXML" "-RJUnit-Style HTML Report" -J -a -A -r "-PcertPath=${certPath}" "-PcertPass=${certPass}" ${WORKSPACE}/path/to/project.xml



---

Click the Accept as Solution button if my answer has helped, and remember to give kudos where appropriate too!

View solution in original post

Moderator

Re: Encrypted properties are being displayed in Jenkins logs when test fails

Hi all,

 

Thank you for sharing your knowledge, @msiadak!

 

@SmartWolf, if this information was useful, could you please click the Accept as Solution button below the reply that helped you?
Thank you in advance!


Olga Terentieva
SmartBear Assistant Community Manager

New Contributor

Re: Encrypted properties are being displayed in Jenkins logs when test fails

The proposed solution works but requires all sensitive information to be maintained in two places - Jenkins and ReadyAPI. Testers run the test cases manually as well outside of Jenkins. Can this be entered as an enhancement to not display encrypted fields in the logs in the case of test case failures.

Moderator

Re: Encrypted properties are being displayed in Jenkins logs when test fails

Hi @SmartWolf,

 

Yes, we already have a corresponding feature request in our DB. 


Anastasia
Customer Care Team

Did my reply answer your question? Give Kudos or Accept it as a Solution to help others.
New Here?
Join us and watch the welcome video:
Top Kudoed Authors