From 10f6754c8eb474384564b213bff76a5f00c91d6d Mon Sep 17 00:00:00 2001 From: mikereiddigital Date: Fri, 28 Jun 2024 14:45:25 +0100 Subject: [PATCH] Amends redact script and adds mask to ACCOUNT_NUMBER vars in GITHUB_ENV to prevent sensitive values being included in workflow logs. --- .github/workflows/base.yml | 15 ++++++++++++--- .github/workflows/components.yml | 15 ++++++++++++--- .github/workflows/delius-core.yml | 15 ++++++++++++--- .github/workflows/delius-iaps.yml | 15 ++++++++++++--- .github/workflows/example.yml | 10 ++++++++-- .github/workflows/hmpps.yml | 15 ++++++++++++--- .github/workflows/modernisation-platform.yml | 10 ++++++++-- .github/workflows/nomis-data-hub.yml | 15 ++++++++++++--- .github/workflows/nomis.yml | 15 ++++++++++++--- .github/workflows/oasys.yml | 15 ++++++++++++--- scripts/redact-output.sh | 4 +++- 11 files changed, 115 insertions(+), 29 deletions(-) diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml index ca1c6914..3624e419 100644 --- a/.github/workflows/base.yml +++ b/.github/workflows/base.yml @@ -85,7 +85,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -248,7 +251,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -351,7 +357,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/.github/workflows/components.yml b/.github/workflows/components.yml index 10b0f555..095a934f 100644 --- a/.github/workflows/components.yml +++ b/.github/workflows/components.yml @@ -63,7 +63,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -142,7 +145,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -237,7 +243,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/.github/workflows/delius-core.yml b/.github/workflows/delius-core.yml index 1f0fe747..a4d0c865 100644 --- a/.github/workflows/delius-core.yml +++ b/.github/workflows/delius-core.yml @@ -85,7 +85,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -247,7 +250,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -350,7 +356,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/.github/workflows/delius-iaps.yml b/.github/workflows/delius-iaps.yml index 650709dd..6ed977bf 100644 --- a/.github/workflows/delius-iaps.yml +++ b/.github/workflows/delius-iaps.yml @@ -85,7 +85,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -247,7 +250,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -350,7 +356,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/.github/workflows/example.yml b/.github/workflows/example.yml index c7d5a78d..391bf78f 100644 --- a/.github/workflows/example.yml +++ b/.github/workflows/example.yml @@ -37,7 +37,10 @@ jobs: - name: Checkout Repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -72,7 +75,10 @@ jobs: - name: Checkout Repository uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/.github/workflows/hmpps.yml b/.github/workflows/hmpps.yml index 0f5f683e..42309c7b 100644 --- a/.github/workflows/hmpps.yml +++ b/.github/workflows/hmpps.yml @@ -85,7 +85,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -247,7 +250,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -350,7 +356,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/.github/workflows/modernisation-platform.yml b/.github/workflows/modernisation-platform.yml index c3bf749f..55217010 100644 --- a/.github/workflows/modernisation-platform.yml +++ b/.github/workflows/modernisation-platform.yml @@ -39,7 +39,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -77,7 +80,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/.github/workflows/nomis-data-hub.yml b/.github/workflows/nomis-data-hub.yml index 4e02b22a..d8d72718 100644 --- a/.github/workflows/nomis-data-hub.yml +++ b/.github/workflows/nomis-data-hub.yml @@ -85,7 +85,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -247,7 +250,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -350,7 +356,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/.github/workflows/nomis.yml b/.github/workflows/nomis.yml index 640a9392..0c2e25cb 100644 --- a/.github/workflows/nomis.yml +++ b/.github/workflows/nomis.yml @@ -85,7 +85,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -247,7 +250,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -350,7 +356,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/.github/workflows/oasys.yml b/.github/workflows/oasys.yml index abc6481d..55f5d383 100644 --- a/.github/workflows/oasys.yml +++ b/.github/workflows/oasys.yml @@ -85,7 +85,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -247,7 +250,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 @@ -350,7 +356,10 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Account Number - run: echo "ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT)" >> $GITHUB_ENV + run: | + ACCOUNT_NUMBER=$(jq -r -e '.modernisation_platform_account_id' <<< $ENVIRONMENT_MANAGEMENT) + echo "::add-mask::$ACCOUNT_NUMBER" + echo ACCOUNT_NUMBER=$ACCOUNT_NUMBER >> $GITHUB_ENV - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 diff --git a/scripts/redact-output.sh b/scripts/redact-output.sh index 3a8c1f9d..e370724c 100644 --- a/scripts/redact-output.sh +++ b/scripts/redact-output.sh @@ -6,4 +6,6 @@ sed -e 's/AWS_SECRET_ACCESS_KEY".*//g' \ -e 's/AWS_ACCESS_KEY_ID".*//g' \ -e 's/$AWS_SECRET_ACCESS_KEY".*//g' \ -e 's/$AWS_ACCESS_KEY_ID".*//g' \ - -e 's/\[id=.*\]/\[id=\]/g' + -e 's/\[id=.*\]/\[id=\]/g' \ + -e 's/::[0-9]\{12\}:/::REDACTED:/g' \ + -e 's/:[0-9]\{12\}:/:REDACTED:/g'