Skip to content

Truncate runner token so it won't get logged

Matthew Bradburn requested to merge mbradburn-dont-log-runner-token into main

What does this MR do?

It adjusts the config.UniqueId() function to shorten the runner token, to prevent it from being logged in its entirety.

Why was this MR needed?

Currently we may log the complete runner token, which is considered bad for security.

What's the best way to test this MR?

Cause the runner to become unhealthy and examine the logged messages.

What are the relevant issue numbers?

#37224 (closed)

Merge request reports

Loading