Should the Variables file for every step of a Offline package drop be encrypted\secret?

pnolan's Avatar

pnolan

07 Dec, 2017 11:24 AM

Hi,

I'm running the latest version of Octopus and a couple of my steps have sensitive variables, however, the variables file for every step is encrypted.

Is this expected behaviour? If just one sensitive variable is used in a package does it automatically encrypt the Variables file for every step?

It would be VERY useful if we could see and modify any non-sensitive variables for a Offline package drop.

  1. Support Staff 1 Posted by Michael Noonan on 08 Dec, 2017 01:24 AM

    Michael Noonan's Avatar

    Hi!

    Thanks for getting in touch! Yes it is expected behaviour. We found a bug a while ago which could cause sensitive data to be written to a clear-text variables file. To fix the bug, and all classes of this kind of bug, would have meant a really wide sweeping change to variable evaluation. We made the decision to "not try to be too smart" and either use a clear-text variables file or an encrypted file based on whether the Offline Drop target is configured with an encryption password.

    Here is the issue which caused our decision in case it helps: https://github.com/OctopusDeploy/Issues/issues/3868

    What is the root reason for your wanting to modify any non-sensitive variables in the variables files? The files were really designed as a transport, not necessarily for editing after being built - though I can see it as a handy by-product of our old behaviour. :)

    Hope that helps!
    Mike

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac