#551 ✓resolved
Greg Schueler

Secure option values cannot be used in scripts/commands

Reported by Greg Schueler | March 27th, 2012 @ 10:58 AM | in Rundeck 1.4.3 (closed)

  • Issue Type: Improvement
  • Rundeck version: 1.4.2

Issue:

Secure option values can only be used for SSH/sudo authentication, and cannot be used in scripts/commands.

A use case is to allow user to enter a password securely (not stored in DB), but use the value in a script, such as a DB admin password to load SQL data.

Proposal:

Add ability to have secure options that "expose" the values in scripts. Defining Job Options can select between three types of input: plain, "secure", and "secure authentication". The "secure" type will expose the value in a script, while "secure authentication" will not.

XML/Yaml job definitions will have a new attribute for options called "valueExposed=true/false".

An option definition can then specify secure="true" to indicate a "secure authentication" option. If valueExposed="true" as well, then the value will be available in scripts/commands.

example in XML:

     <option name='dbPassword' valueExposed='true' secure='true'>
          <description>secure DB Password entry</description>
     </option>

example in YAML:

options:
    dbPassword:
      description: secure DB Password entry
      secure: true
      valueExposed: true

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

(DEPRECATED) Please use github issues for issue tracking at http://github.com/dtolabs/rundeck/issues

Shared Ticket Bins

People watching this ticket

Referenced by

Pages