Ensure set variable is not marked as a secret
Error: Set variable is marked as a secret
Bridgecrew Policy ID: BC_REPO_AZURE_PIPELINES_3
Checkov Check ID: CKV_AZUREPIPELINES_3
Severity: HIGH
You can set secret variables in a script with a logging command but this is not recommended since anyone who can access your pipeline will be able to also see the secret.
- bash: |
echo "##vso[task.setvariable variable=normal_variable;]something"
- echo "##vso[task.setvariable variable=secret_variable;issecret=true]super-secret"
Updated 5 months ago