New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hide sensitive information in match output #21603
Conversation
@@ -12,6 +12,7 @@ | |||
1257253924B7992C00E04FA3 /* main.swift in Sources */ = {isa = PBXBuildFile; fileRef = 1257253824B7992B00E04FA3 /* main.swift */; }; | |||
1267C3F42773A43E004DE48A /* Atomic.swift in Sources */ = {isa = PBXBuildFile; fileRef = 1267C3F32773A43E004DE48A /* Atomic.swift */; }; | |||
12D2EB8D2620D83C00844013 /* OptionalConfigValue.swift in Sources */ = {isa = PBXBuildFile; fileRef = 12D2EB8C2620D83B00844013 /* OptionalConfigValue.swift */; }; | |||
5F5D0ED98E02119343C05257 /* FastlaneRunner in FastlaneRunnerCopySigned */ = {isa = PBXBuildFile; fileRef = D556D6A91F6A08F5003108E3 /* FastlaneRunner */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this file was changed when I ran unit tests. Should I revert the changes to this file?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed in d995a7a
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great 👍
Could you please revert the project.pbxproj
changes? If that needs to be updated we should do it in a separate PR
Also if you can, please follow the instructions to oauth CircleCI to GitHub so the automated tests run
Just reverted the file in d995a7a, and hopefully my CircleCI link should be working 🤞 Thank you! 😁 |
Checklist
bundle exec rspec
from the root directory to see all new and existing tests passbundle exec rubocop -a
to ensure the code style is validci/circleci
builds in the "All checks have passed" section of my PR (connect CircleCI to GitHub if not)Motivation and Context
I've noticed that when running match, it tends to output the full WWDR certificate to the console. This has the potential to leak sensitive information, and I would prefer this not be directly viewable in CI logs. This was discussed in issues #21350 and #21351 (duplicate issues).
Description
As mentioned in a comment by user @AnubisFUp, you can silence this output by passing in
print: false
to the backticks action. I added their fix, along with updating tests to expect theprint
parameter. I tested usingbundle exec rspec
as well asbundle exec fastlane test
Testing Steps
In a project that uses match for managing certificates, download your certificates as you usually would. Before this change, you would see your certificates being output to the console in bright purple text. Now, that output should be hidden.