search cancel

Sensitive API token information is exposed in gitlab environment due to DevTest configuration under config/properties

book

Article ID: 239834

calendar_today

Updated On:

Products

Service Virtualization

Issue/Introduction

Some of the Users at Customer end reported that they see Sensitive API Token information is exposed in gitlab environment where the API Token information is configured in DevTest Config file as propertie(s).

Need a way to encrypt the properties configured in DevTest Configuration files.

 

Cause

None

Environment

Release : 10.6, 10.7.x

Component : Service Virtualization

Resolution

There is an option to encrypt the properties in configurations. You can select the Encrypt check box next to the property in configuration file and that should encrypt the property value. Please see the below screenshot. 

If you are using the API_Token property in Testcase/VS, etc then you need to use the property as {{API_TOKEN_enc}} then the assets will show the encrypted value at runtime. If you use the property as {{API_Token}} then the assets will show the actual test at runtime. The below Screenshots show the usage of the properties and run time values.

 

 

Attachments