Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hide password in console logs #24

Open
azachar opened this issue Feb 15, 2018 · 6 comments
Open

Hide password in console logs #24

azachar opened this issue Feb 15, 2018 · 6 comments

Comments

@azachar
Copy link

azachar commented Feb 15, 2018

Hello,
currently, this plugin display passwords while running cordova tasks. Is it possible to strip it out?

Thank you!

Best regards,
Andrej
@janpio
Copy link

janpio commented Feb 15, 2018

Can you show an example (with the password replaced of course)?

@azachar
Copy link
Author

azachar commented Feb 16, 2018

[15:53:27]: $ cordova prepare android --release --device -- --keystore=XXXXX.keystore --storePassword=XXXXXX --password=XXXX --alias=XXXXX --versionCode=52888606 --cordovaNoFetch=false

@janpio
Copy link

janpio commented Feb 16, 2018
edited
Loading

Hm, problem is this is triggered by using the sh action:

fastlane-plugin-cordova/lib/fastlane/plugin/cordova/actions/cordova_action.rb

Line 86 in 35ab44c

sh "cordova prepare #{params[:platform]} #{args.join(' ')} #{ios_args} -- #{android_args}"

One can disable its output completely (see https://docs.fastlane.tools/actions/sh/), but as far as I know its not possible to filter it.

(To make sure: Can you show more context - a few lines before and after that command?)

@azachar
Copy link
Author

azachar commented Feb 17, 2018

NFO [2018-02-17 01:00:53.24]: ---------------------
INFO [2018-02-17 01:00:53.24]: --- Step: cordova ---
INFO [2018-02-17 01:00:53.24]: ---------------------
INFO [2018-02-17 01:00:53.25]: $ cordova prepare android --release --device -- --keystore=XXX.keystore --versionCode=52888624 --cordovaNoFetch=false .......

Is there any other way how to pass alias and password so it can be read from a variable directly. This leads to showing sh command even if there is a problem. So running this tool on CI, doesn't make so much sense then if every developer see all passwords for deployment...

@azachar
Copy link
Author

azachar commented Feb 17, 2018

Here is a sample of error:

INFO [2018-02-17 01:00:54.31]: ▸ Error: Current working directory is not a Cordova-based project.
WARN [2018-02-17 01:00:55.23]: Lane Context:
INFO [2018-02-17 01:00:55.23]: {:PLATFORM_NAME=>:android, :LANE_NAME=>"android build"}
ERROR [2018-02-17 01:00:55.23]: Exit status of command 'cordova prepare android --release --device
-- --keystore=xxxx.keystore --versionCode=52888624 --cordovaNoFetch=false' was 1 in
stead of 0.
Error: Current working directory is not a Cordova-based project.

@janpio
Copy link

janpio commented Feb 17, 2018

Problem is that it has to be supplied to the Cordova command somehow - and inside the plugin and sub actions used it then would be possible to be output again as log or error.

I think Cordova also accepts it via a build.json file - but you would have to either commit that to your repo then (where everyone can see it) or create the file via fastlane (where it probably could again leak out into the logs).

Maybe someone else has a better idea how to simply solve this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@janpio @azachar