unity-actions icon indicating copy to clipboard operation
unity-actions copied to clipboard

Published 20 hours ago verified publisher icon game-ci

UNITY_PASSWORD is readable in the log

Open stephahn0916 opened this issue 2 years ago • 2 comments

Bug description

In game-ci/unity-builder@v2 when building Unity project, build log display UNITY_PASSWORD in clear, while UNITY_EMAIL and UNITY_SERIAL are both hidden

How to reproduce Use the workflow proposed by the documentation and follow the instructions on the documentation page. Look at the logs of github action. UNITY_PASSWORD is in clear in the docker command runned.

Expected behavior

Hidden password

Additional details

stephahn0916 avatar Jun 17 '22 14:06 stephahn0916

Thanks for reporting this @stephahn0916,

Can you confirm that your password in fact comes from secrets? In GitHub Actions secrets are supposed to be hidden automatically.

Would you mind sharing your workflow and a screenshot where this happens in your logs? It will help us narrow down the problem.

webbertakken avatar Jun 17 '22 16:06 webbertakken

@webbertakken the workflow is:

name: Build Deploy SoftwareA

on: [push, pull_request]

jobs:
   buildForWindowsBasedPlatforms:
    name: Build for ${{ matrix.targetPlatform }}
    runs-on: windows-2019
    strategy:
      fail-fast: false
      matrix:
        projectPath:
          - .
        unityVersion:
          - 2021.1.17f1
        targetPlatform:
          - StandaloneWindows # Build a Windows 32-bit standalone.
          - StandaloneWindows64 # Build a Windows 64-bit standalone.
    steps:
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0
          lfs: true
      - uses: actions/cache@v2
        with:
          path: ${{ matrix.projectPath }}/Library
          key:
            Library-${{ matrix.projectPath }}-${{ matrix.targetPlatform }}-${{
            hashFiles(matrix.projectPath) }}
          restore-keys: |
            Library-${{ matrix.projectPath }}-${{ matrix.targetPlatform }}-
            Library-${{ matrix.projectPath }}-
            Library-
      - uses: game-ci/unity-builder@v2
        env:
          UNITY_LICENSE: ${{ secrets.UNITY_LICENSE }}
          UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }}
          UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }}
        with:
          projectPath: ${{ matrix.projectPath }}
          unityVersion: ${{ matrix.unityVersion }}
          targetPlatform: ${{ matrix.targetPlatform }}

      - uses: actions/upload-artifact@v2
        with:
          name: Build
          path: build

Screenshot:

  • in red: the password
  • in green: things that I have to anonymize (mostly project name) gameci_actions_failure

stephahn0916 avatar Jun 18 '22 00:06 stephahn0916

@stephahn0916 Does your password contain special characters? I had similar issues and solved it by using alphanumeric characters only.

See docs: https://game.ci/docs/github/builder

NOTE: Issues have been observed when using a UNITY_PASSWORD with special characters. It is recommended to use a password without any special characters (mixed-case alphanumeric characters only).

sschmid avatar Oct 21 '22 21:10 sschmid