Add "." to supported characters for variable mask
Problem to solve
Currently, JSON Web Tokens (JWTs) are used in a similar way to how SSH keys and other auth strings. The JWT format is a set of 3 Base64 encoded strings, with a "." period/decimal character between them.
The mask functionality does not support the period character at the moment, so JWTs either need to be split up and concatenated again in the job or unmasked.
Intended users
Devon needs to be able to let projects submit content to Artifactory and other systems which allow JWT authorization.
Sidney may configure JWT for authentication with a variety of systems. Other passwords may contain . as a "special character" requirement that some organizations have.
Sam will want to see authentication / authorization mechanisms be masked and protected from leaking to unauthorized folks.
Further details
- Allow JWTs to be protected without extra effort
- Allow any string with a period to be masked
Proposal
Follow the same process as was done for SSH keys to be masked.
Permissions and Security
Maintainer should be able to add them to the project CI Variables just like normal. No change to security model for this change.
Documentation
Testing
Testing would be similar to this merge request: gitlab-runner!1516 (merged)
What does success look like, and how can we measure that?
A maintainer can add a string with "." in the Project or Group settings' CI Variables page as a masked variable. That string should then be masked if rendered in the CI job log.
What is the type of buyer?
Core since that's where the other masking functionality went.