actions/runner
1
0
Fork 0
mirror of https://github.com/actions/runner.git synced 2025-12-12 15:13:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

mask secrets with double-quotes when passed to docker command line (#1002)

Browse Source
This commit is contained in:
eric sciple
2021-03-05 15:17:55 -06:00
committed by GitHub
parent af198237ca
commit 8109c962f0
2 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Runner.Common/HostContext.cs
View File

@@ -84,6 +84,7 @@ namespace GitHub.Runner.Common
this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscape);
this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeShift1);
this.SecretMasker.AddValueEncoder(ValueEncoders.Base64StringEscapeShift2);
this.SecretMasker.AddValueEncoder(ValueEncoders.CommandLineArgumentEscape);
this.SecretMasker.AddValueEncoder(ValueEncoders.ExpressionStringEscape);
this.SecretMasker.AddValueEncoder(ValueEncoders.JsonStringEscape);
this.SecretMasker.AddValueEncoder(ValueEncoders.UriDataEscape);

6
src/Sdk/DTLogging/Logging/ValueEncoders.cs
View File

@@ -37,6 +37,12 @@ namespace GitHub.DistributedTask.Logging
return Base64StringEscapeShift(value, 2);
}
// Used when we pass environment variables to docker to escape " with \"
public static String CommandLineArgumentEscape(String value)
{
return value.Replace("\"", "\\\"");
}
public static String ExpressionStringEscape(String value)
{
return Expressions2.Sdk.ExpressionUtility.StringEscape(value);