我有一个基于shell的大厅任务,它在其中一个命令中使用半敏感凭证(测试服务器的密钥)。我想避免将其记录在任务输出中。
管道的要点是:
jobs:
- name: foobar
plan:
<...>
- task: build
config:
platform: linux
image_resource:
type: docker-image
source:
repository: ubuntu
<...>
run:
path: bash
args:
- -exc
- |
command-which-is-ok-to-print
foobar {{my-secret-data}} # <-- hide this one!
another-command-which-is-ok-to-print
目前输出显示为:
+ command-which-is-ok-to-print
results of first command which are OK to print
+ foobar "oh-no-secret-data-here!" <-- hide this one!
more results which are OK to print
+ another-command-which-is-ok-to-print
even more results which are OK to print
有没有办法抑制打印这条特定的线?
答案 0 :(得分:1)
我认为-exc实际设置了标记e和x(我认为它是execute的简写!
-x是导致命令被回显的原因(由bash本身而不是concourse),因此这成功阻止了单个命令的执行:
<...>
run:
path: bash
args:
- -exc
- |
command-which-is-ok-to-print
set +x
foobar {{my-secret-data}}
set -x
another-command-which-is-ok-to-print