Exposed sensitive config fields on debug logs
At present, when LOG_LEVEL
is set to debug
, the GitLab runner token will be exposed in plaintext.
$ gitlab-runner register ...
$ gitlab-runner --log-level=debug run
Runtime platform arch=amd64 os=linux pid=7 revision=66a723c3 version=17.5.0
Starting multi-runner from /etc/gitlab-runner/config.toml... builds=0 max_builds=0
Checking runtime mode GOOS=linux uid=0
Running in system-mode.
Configuration loaded builds=0 max_builds=10
...
runners:
- name: 111111
runnercredentials:
id: 222222
token: glrt-redacted
...
It can be helpful at times to turn on debug logging when diagnosing runner issues, but will prefer not to expose the GitLab Runner authentication token in plaintext. I will propose that we keep the current behaviour, but either omit the token value or mask it before logging the config.
Edited by ZhengYuan Loo