1. Stellarity Software Avatar Stellarity Software
  2. Powershell Task
  3. PowerShell Task
  4. Issues

Use more secure API to store passwords

Issue #26 resolved
Sergey Podobry created an issue

Bamboo 6 provides a more secure API (SecretEncryptionService instead of EncryptionService) to store sensitive data. Use that for Bamboo 6 and stick to the old API on Bamboo 5. Unfortunately it will require to create a new branch of PowerShell Task as API are not backward compatible. So from now 3 branches will exist:

  • 1.2.x - Bamboo 6.x
  • 1.1.x - Bamboo 5.x
  • 1.0.x - Bamboo 4.x

Additional info: https://confluence.atlassian.com/bamboo/system-wide-encryption-873930114.html

Comments (2)

  1. Sergey Podobry reporter

    To check which encryption is used you can export build plan to specs and take a look at the psPassword parameter.

    The old API:

    .tasks(new AnyTask(new AtlassianModule("com.stellarity.bamboo.powershell-task:powerShellTask"))
        .configuration(new MapBuilder()
                .put("psLocation", "BODY")
                .put("psRunAsUser", "true")
                .put("psBody", "ls\nwhoami")
                .put("psLoadProfile", "DEFAULT")
                .put("psBitness", "ANY")
                .put("psArguments", "")
                .put("psEnvironment", "")
                .put("psUsername", "user1")
                .put("psFile", "")
                .put("psPassword", "QNnVAj+CBbk=")
                .put("psSubdirectory", "")
                .build()))))

    and the new more secure API:

    .tasks(new AnyTask(new AtlassianModule("com.stellarity.bamboo.powershell-task:powerShellTask"))
        .configuration(new MapBuilder()
                .put("psLocation", "BODY")
                .put("psRunAsUser", "true")
                .put("psBody", "ls\nwhoami")
                .put("psLoadProfile", "DEFAULT")
                .put("psBitness", "ANY")
                .put("psArguments", "")
                .put("psEnvironment", "")
                .put("psUsername", "user1")
                .put("psFile", "")
                .put("psPassword", "BAMSCRT@0@0@CUuB56gTgb5twp2ICg8SQA==")
                .put("psSubdirectory", "")
                .build()))))

    BAMSCRT prefix tells that it’s a new API.

  3. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Version
1.1.16
Votes
0
Watchers
1
Jira Software: the preferred issue tracker for Bitbucket. Join the team!