-
Notifications
You must be signed in to change notification settings - Fork 4
/
c0203.yml
35 lines (30 loc) · 919 Bytes
/
c0203.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
doc_meta: |
folder: security
title: mask senstive info in shell execution
head: |
When you use verbose level greater than vvv, it will print out the debugging final shell scripts rendered, which possiblly contains the secure vars. In such a case, upcmd will automatically mask the senstive variable with SECURE_SENSITIVE_INFO_MASKED
sections:
- title: Demo
log: yes
tasks:
-
name: task
task:
-
func: shell
dvars:
- name: enc_key
value: my_enc_key
flags:
- secret
- name: value_encrypted
value: '{{ "ENV_AAA" | encryptAES .enc_key }}'
flags:
- vvvv
- taskScope
- name: ENV_AAA
value: '{{.value_encrypted}}'
flags:
- secure
do: |
echo "hello, this is a secrt value: {{.secure_ENV_AAA}}"