Hi, We have been using gradle build tool(Gradle Plugin) for compiling the source code and then using the Artifactory plugin(Gradle-Artifactory Integration) for publishing the artifacts to the Artifactory server from the Jenkins server. Our server administrator reported that there are lot of buildInfoxxxx.properties on /tmp directory(where xxxx is any arbitrary number generated by build) on Jenkins server and its been observed that contents of buildInfoxxxx.properties are exposing the credentials of some of the resources accessed during the build & deploy process(e.g.: credentials of Artifactory, DB, Shared drives etc.). The excerpt of contents of buildInfoxxxx.properties(many lines deleted & masked) is as below: ------------------------------------------------------------------------------ artifactory.publish.contextUrl=xxxx artifactory.publish.ivy.m2compatible=xxxx buildInfo.env.JenkinsScripts=xxxx buildInfo.env.APP_DB_USER=xxxx artifactory.publish.record.all.dependencies=xxxx buildInfo.env.JOB_NAME=xxxx artifactory.resolve.password=XXXXX ---------------------------------------------------------------------------------
Since this is an delivery pipeline configured, we use "Environment Injector" & the "Mask Passwords" plugin which masks the password in the Jenkins UI console logs but not sure why the credentials are exposed and readable in the buildInfoxxxx.properties file. So I have two questions: 1. Is there any way that we can mask the information for credentials in the buildInfoxxxx.properties file? 2. Can the build automatically cleanup the buildInfoxxxx.properties after the build completes as there are lots of files being leftover in the /tmp directory filling up the disk space and are cleaned up through an automated script? Any suggestions/comments are greatly appreciated. Thanks! -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/ab3d82f1-354e-4d0b-b259-6dae847c0261%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
