arcade icon indicating copy to clipboard operation
arcade copied to clipboard
verified publisher icon dotnet

[Feature] Adopt binlog redacting in all templates/jobs publishing binlogs

Open JanKrivanek opened this issue 2 years ago • 1 comments

  • [ ] This issue is blocking
  • [ ] This issue is causing unreasonable pain

Context

As part of https://github.com/dotnet/arcade/pull/13991 a binlogs secrets redacting functionality is being added some of the arcade logs publishing steps (mainly as part of publishing build assets - as that spills most sensitive data). Once this is piloted and hardened, we should extend the functionality to other jobs/steps/templates that publishes build binlogs.

What will need to be done

  • bash template for runnign the redactor
  • more generic way of collecting the explicit strings to be redacted
  • injecting into other places publishing the logs (source-build.yml, job.yml, etc.)

JanKrivanek avatar Nov 14 '23 15:11 JanKrivanek

Or probably better apprach - add it as part of each MSBuild invocation in arcade:

https://github.com/dotnet/arcade/blob/0f16479e1811ef3b5c9fc251563c6181f9083c34/eng/common/tools.ps1#L795

JanKrivanek avatar Nov 22 '23 17:11 JanKrivanek