Skip to content

Don't log GitHub and Gitlab credentials#3132

Merged
sgoggins merged 1 commit intoaugurlabs:devfrom
JohnStrunk:no-cred
Apr 23, 2025
Merged

Don't log GitHub and Gitlab credentials#3132
sgoggins merged 1 commit intoaugurlabs:devfrom
JohnStrunk:no-cred

Conversation

@JohnStrunk
Copy link
Copy Markdown
Contributor

@JohnStrunk JohnStrunk commented Apr 18, 2025

Description
Remove environment variable values from log messages to prevent sensitive information from being exposed. This change improves security by not displaying API keys and usernames in the console output.

This is particularly an issue in containerized environments (e.g., docker/kube/openshift) where the logs are preserved indefinitely and potentially shipped off-cluster.

This PR fixes #

Notes for Reviewers

Signed commits

  • Yes, I signed my commits.

@JohnStrunk
Fix env variable logging
d6049c6 
Remove environment variable values from log messages to prevent sensitive
information from being exposed. This change improves security by not
displaying API keys and usernames in the console output.

Signed-off-by: John Strunk <jstrunk@redhat.com>
@JohnStrunk JohnStrunk requested a review from sgoggins as a code owner April 18, 2025 17:14
@sgoggins sgoggins merged commit e2f5703 into augurlabs:dev Apr 23, 2025
7 checks passed
@JohnStrunk JohnStrunk deleted the no-cred branch July 9, 2025 15:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sgoggins sgoggins sgoggins approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JohnStrunk @sgoggins