Filter secret variable values from logs

Right now Project::VariablesController users the `value` parameter to send the secret variable value. `value` is a pretty generic term and could be used in other controllers, but for now it's better to err on the side of caution and filter this out. Closes #43313
author: Stan Hu <stanhu@gmail.com> 2018-02-15 11:26:01 -0800
committer: Stan Hu <stanhu@gmail.com> 2018-02-15 11:28:43 -0800
commit: efbe0768c35399ef58b6abac230adff6a1851088 (patch)
tree: 59bbd18b5083f8fccbcf193839dbb9338e308668
parent: efdde042a3299668957d16200a407b9daae52301 (diff)
download: gitlab-ce-efbe0768c35399ef58b6abac230adff6a1851088.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/config/application.rb b/config/application.rb
index c914e34b9c3..918bd4d57cf 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -69,6 +69,7 @@ module Gitlab
     # - Webhook URLs (:hook)
     # - Sentry DSN (:sentry_dsn)
     # - Deploy keys (:key)
+    # - Secret variable values (:value)
     config.filter_parameters += [/token$/, /password/, /secret/]
     config.filter_parameters += %i(
       certificate
@@ -80,6 +81,7 @@ module Gitlab
       sentry_dsn
       trace
       variables
+      value
     )
 
     # Enable escaping HTML in JSON.
author	Stan Hu <stanhu@gmail.com>	2018-02-15 11:26:01 -0800
committer	Stan Hu <stanhu@gmail.com>	2018-02-15 11:28:43 -0800
commit	efbe0768c35399ef58b6abac230adff6a1851088 (patch)
tree	59bbd18b5083f8fccbcf193839dbb9338e308668
parent	efdde042a3299668957d16200a407b9daae52301 (diff)
download	gitlab-ce-efbe0768c35399ef58b6abac230adff6a1851088.tar.gz