Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43263

Credentials usage tracking completely redacts secrets causing false duplicate tracking

    Details

    • Similar Issues:

      Description

      If you are using folder scoped credentials with the same ID and same description (only differing based on the secret) then the usage tracking will track incorrectly as the secrets are completely redacted instead of being replaced with a hash (either of the secret and the store or of just the store).

      This can also show up when the secret is updated as the tracking of usage will continue against the original secret value (though this could be considered useful too)

        Attachments

          Issue Links

            Activity

            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Stephen Connolly
            Path:
            src/main/java/com/cloudbees/plugins/credentials/CredentialsStoreAction.java
            http://jenkins-ci.org/commit/credentials-plugin/9983413e8ff390c13a14aa96a3fc35f22a3f7204
            Log:
            [FIXED JENKINS-43263] Mix a hash of the secret value into the fingerprint to remove false duplicate usage tracking

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Stephen Connolly Path: src/main/java/com/cloudbees/plugins/credentials/CredentialsStoreAction.java http://jenkins-ci.org/commit/credentials-plugin/9983413e8ff390c13a14aa96a3fc35f22a3f7204 Log: [FIXED JENKINS-43263] Mix a hash of the secret value into the fingerprint to remove false duplicate usage tracking

              People

              • Assignee:
                stephenconnolly Stephen Connolly
                Reporter:
                stephenconnolly Stephen Connolly
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: