如何在 Fastlane 日志中 hide/mask 密码?
How to hide/mask passwords in Fastlane logs?
我一直在寻找一种在 Fastlane 中安全处理密码的方法,发现有一个内置的密码输入方法 UI.password:
lane :enter_password do
password = UI.password 'Password: '
sh "echo Your password is #{password}"
end
效果很好,但是当您使用密码时,它会以纯文本形式打印在日志中:
------------------------------------------------------
--- Step: echo 'Your password is tAM5RdCRxD3e3TU' ---
------------------------------------------------------
$ echo 'Your password is tAM5RdCRxD3e3TU'
▸ Your password is tAM5RdCRxD3e3TU
理想情况下,输出应该是这样的:
------------------------------------------------------
--- Step: echo 'Your password is *****' ---
------------------------------------------------------
$ echo 'Your password is *****'
▸ Your password is *****
有办法做到这一点吗?
不,如果不将此功能添加到 Fastlane 就不行。
但是你可以做的是将log:false传递给sh用于使用密码的命令:
lane :enter_password do
password = UI.password 'Password: '
sh "echo Your password is #{password}", log:false
end
这会导致 fastlane 只输出:
---------------------------
--- Step: shell command ---
---------------------------
这个问题是它抑制了所有内容,包括错误消息,这使得在命令失败时调试问题变得非常困难。解决方法是将密码放在环境变量中,如下所示:
lane :enter_password do
ENV['PASSWORD'] = UI.password 'Password: '
sh 'echo Your password is $PASSWORD'
end
输出将是:
---------------------------------------------
--- Step: echo Your password is $PASSWORD ---
---------------------------------------------
$ echo Your password is $PASSWORD
▸ Your password is tAM5RdCRxD3e3TU
这意味着只要您的命令不将密码打印到日志中,您将获得所有输出,而不会泄露密码。
我一直在寻找一种在 Fastlane 中安全处理密码的方法,发现有一个内置的密码输入方法 UI.password:
lane :enter_password do
password = UI.password 'Password: '
sh "echo Your password is #{password}"
end
效果很好,但是当您使用密码时,它会以纯文本形式打印在日志中:
------------------------------------------------------
--- Step: echo 'Your password is tAM5RdCRxD3e3TU' ---
------------------------------------------------------
$ echo 'Your password is tAM5RdCRxD3e3TU'
▸ Your password is tAM5RdCRxD3e3TU
理想情况下,输出应该是这样的:
------------------------------------------------------
--- Step: echo 'Your password is *****' ---
------------------------------------------------------
$ echo 'Your password is *****'
▸ Your password is *****
有办法做到这一点吗?
不,如果不将此功能添加到 Fastlane 就不行。
但是你可以做的是将log:false传递给sh用于使用密码的命令:
lane :enter_password do
password = UI.password 'Password: '
sh "echo Your password is #{password}", log:false
end
这会导致 fastlane 只输出:
---------------------------
--- Step: shell command ---
---------------------------
这个问题是它抑制了所有内容,包括错误消息,这使得在命令失败时调试问题变得非常困难。解决方法是将密码放在环境变量中,如下所示:
lane :enter_password do
ENV['PASSWORD'] = UI.password 'Password: '
sh 'echo Your password is $PASSWORD'
end
输出将是:
---------------------------------------------
--- Step: echo Your password is $PASSWORD ---
---------------------------------------------
$ echo Your password is $PASSWORD
▸ Your password is tAM5RdCRxD3e3TU
这意味着只要您的命令不将密码打印到日志中,您将获得所有输出,而不会泄露密码。