Masked variables can be echoed a

danilo-patrucco · July 16, 2024, 1:50am

Masked variables can be seen if encoded in base64 and echoed out

when a variable is masked and protected it is possible to see it in a job/pipeline by doing something like this:

test=$(echo $MY_PASSWORD | base64)
echo $test

Add the code above in any job and reference any masked variable that should be protected

No specific configuration needed.

Please select whether options apply, and add the version information.

Versions

GitLab (Web: /help or self-managed system information): v17.1.1-ee
GitLab Runner, if self-hosted (Web /admin/runners or CLI gitlab-runner --version): N/A

Topic		Replies	Views
How to check if a variable is Masked or not from the runner's bash General runner	0	343	March 15, 2022
Secret Detection GitLab CI/CD ci , docker , test , pipelines	0	647	August 16, 2022
View pipeline parameters in the pipeline info / description GitLab CI/CD ci	2	15931	June 22, 2022
Masked variables are not masked - credentials leaked GitLab CI/CD	3	1328	June 21, 2021
Is it safe to save a private ssh key as a visible CI/CI variable? GitLab CI/CD ci	2	164	September 20, 2024