New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make mask-password
the Default Behaviour
#495
Comments
I 100% agree with this, masking the credentials should be default, and ideally not masking should not even be allowed. There should be better (more secure) ways to share credentials between jobs then outputting them from this job step. |
Curious about a better solution to share credentials between jobs. Until then: showing that you can the find keys to my house in the garden is not really desirable. See: #496 |
Yeah, especially thoses jobs running on a container fetched from ECR ... |
Is your feature request related to a problem? Please describe.
When running the amazon-ecr-login action with
mask-password
set to falsecredentials can be leaked to std-out via either explicitly printing them or running
the action in DEBUG mode. This is a security concern as it means that users are
able to obtain access to users (often privileged ones) that have access to push
to ECR registries, potentially implanting malicious code if the registry does not use
immutable tags.
Describe the solution you'd like
I would like to introduce a breaking change that switches
mask-password
totrue
as it is the more secure option. I would like to go one step further and remove the
ability not to mask the password at all if the maintainers will allow it.
Describe alternatives you've considered
N/A - it is considered a security best practise to mask secrets from logs for obvious
reasons.
Additional context
Implementing this change is breaking as there are a number of users who depend on
the ability to share the docker password between jobs as evidenced by previous
attempts to implement this feature. Masking the password prevents this behaviour
so this change should be considered breaking.
The text was updated successfully, but these errors were encountered: