Merge pull request #275 from crazy-max/redact-aws-creds

aws: ensure temp credentials redacted in workflow logs
2025-10-31 10:10:09 +08:00 · 2022-09-08 18:44:05 -07:00 · 2022-09-08 18:44:05 -07:00 · 21f251affc
commit 21f251affc
parent be010b4293 07cad18854
3 changed files with 6 additions and 2 deletions
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/src/aws.ts
+++ b/src/aws.ts
@ -96,6 +96,8 @@ export const getRegistriesData = async (registry: string, username?: string, pas
    }
    const authToken = Buffer.from(authTokenResponse.authorizationData.authorizationToken, 'base64').toString('utf-8');
    const creds = authToken.split(':', 2);
    core.setSecret(creds[0]); // redacted in workflow logs
    core.setSecret(creds[1]); // redacted in workflow logs
    return [
      {
        registry: 'public.ecr.aws',
@ -122,6 +124,8 @@ export const getRegistriesData = async (registry: string, username?: string, pas
    for (const authData of authTokenResponse.authorizationData) {
      const authToken = Buffer.from(authData.authorizationToken || '', 'base64').toString('utf-8');
      const creds = authToken.split(':', 2);
      core.setSecret(creds[0]); // redacted in workflow logs
      core.setSecret(creds[1]); // redacted in workflow logs
      regDatas.push({
        registry: authData.proxyEndpoint || '',
        username: creds[0],