ci/bare-metal: Don't leak JWT into logs

The JWT is sensitive - as it can be used to access e.g. private traces - so we don't want it anywhere in our logs. Signed-off-by: Daniel Stone <daniels@collabora.com> Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/11309>
2021-06-10 10:51:50 +01:00 · 2021-06-10 10:51:50 +01:00 · 34bb4412a3
parent a86449cb96
commit 34bb4412a3
2 changed files with 1 additions and 1 deletions
--- a/.gitlab-ci/bare-metal/rootfs-setup.sh
+++ b/.gitlab-ci/bare-metal/rootfs-setup.sh
@ -15,6 +15,7 @@ set +x
 chmod +x $rootfs_dst/set-job-env-vars.sh
 echo "Variables passed through:"
 cat $rootfs_dst/set-job-env-vars.sh
+echo "export CI_JOB_JWT=${CI_JOB_JWT@Q}" >> $rootfs_dst/set-job-env-vars.sh
 set -x

 # Add the Mesa drivers we built, and make a consistent symlink to them.
--- a/.gitlab-ci/common/generate-env.sh
+++ b/.gitlab-ci/common/generate-env.sh
@ -8,7 +8,6 @@ for var in \
    CI_COMMIT_BRANCH \
    CI_COMMIT_TITLE \
    CI_JOB_ID \
-    CI_JOB_JWT \
    CI_JOB_URL \
    CI_MERGE_REQUEST_SOURCE_BRANCH_NAME \
    CI_MERGE_REQUEST_TITLE \