New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hide find-certificate output when using cert #21351
Comments
@RaedShari Hi! I found temporary solution on my local setup. I just edit From this It looks like it now show all commands output to the console by default. You can remove this by correcting the main function in this file. Set print to false |
Sounds cool but this doesn't seem much a solution than a temporary fix, in that sense you could just output the result to a file to hide the key something like this I'd prefer an option to just silent the output, rather than tricks that hacks the project itself, after all it's CI/CD, nobody can expect tricks like changing some line in source code to work forever |
Discussed in #21350
Originally posted by RaedShari June 21, 2023
My current lane looks like:
lane :beta do
api_key = app_store_connect_api_key()
increment_build_number()
get_certificates(api_key: api_key)
get_provisioning_profile(api_key: api_key)
build_app(xcargs: "-allowProvisioningUpdates")
upload_to_testflight(api_key: api_key)
end
When my GitLab CI/CD job runs, I can see it logs some sensitive contents "my certificates".
[08:52:33]: Creating authorization token for App Store Connect API
[08:52:33]: Fetching profiles...
[08:52:34]: Verifying certificates...
[08:52:34]: $ security find-certificate -a -c 'Apple Worldwide Developer Relations' -p /Users/ec2-user/Library/Keychains/login.keychain-db
[08:52:34]: ▸ -----BEGIN CERTIFICATE-----
[08:52:34]: ▸ ################################
[08:52:34]: ▸ ################################
These logs are accessible by any user having access to the repo. Is there any option to silent this logs and preventing them from being logged?
The text was updated successfully, but these errors were encountered: