Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Runbook process editor commit failed silently due to sensitive variable declaration not support in version control #9233

Open
dan-close opened this issue Jan 30, 2025 · 0 comments
Open

Runbook process editor commit failed silently due to sensitive variable declaration not support in version control #9233

dan-close opened this issue Jan 30, 2025 · 0 comments
Labels
kind/bug This issue represents a verified problem we are committed to solving

Comments

@dan-close
Copy link

Severity

Low

Version

2025.1.7634

Latest Version

I could reproduce the problem in the latest build

What happened?

If a Runbook contains a sensitive value parameter, the Git commit will fail without displaying an error. In the browser developer tools, we see a 500 error with a "ErrorMessage": "The property 'Octolint.Octopus.ApiKey' is sensitive and not a variable declaration, which is not currently supported" message.

Image

Ideally, the user would see the same error message we display when they try to save a sensitive parameter value in a project deployment process step.
Example:

Image

Reproduction

  1. Create a step template with a Sensitive/password box parameter.
  2. Create a new runbook in a version-controlled project.
  3. Add the new step template as a process step in the runbook.
  4. Attempt to commit the changes and note that the Commit button stays green, and no errors are displayed in the UI.

Error and Stacktrace

Error from dev tools: "ErrorMessage": "The property 'Octolint.Octopus.ApiKey' is sensitive and not a variable declaration, which is not currently supported"

Instance logs:
System.NotSupportedException: The property 'Octolint.Octopus.ApiKey' is sensitive and not a variable declaration, which is not currently supported
   at Octopus.Core.Serialization.Ocl.OclConverters.PropertiesDictionaryOclConverter.ToElements(OclConversionContext context, PropertyInfo propertyInfo, Object value)+MoveNext() in ./source/Octopus.Core/Serialization/Ocl/OclConverters/PropertiesDictionaryOclConverter.cs:line 30
   at System.Linq.Enumerable.SelectManyIterator[TSource,TCollection,TResult](IEnumerable`1 source, Func`2 collectionSelector, Func`3 resultSelector)+MoveNext()
   at System.Linq.Enumerable.<ToArray>g__EnumerableToArray|314_0[TSource](IEnumerable`1 source)
   at System.Linq.Enumerable.OrderedIterator`2.MoveNext()
   at System.Linq.Enumerable.IteratorSelectIterator`2.ToListNoPresizing()
   at System.Linq.Enumerable.IteratorSelectIterator`2.ToList()
   at Octopus.Core.Serialization.Ocl.OclConverters.DeploymentActionOclConverter.GetElements(Object obj, OclConversionContext context) in ./source/Octopus.Core/Serialization/Ocl/OclConverters/DeploymentActionOclConverter.cs:line 132
   at Octopus.Ocl.Converters.DefaultBlockOclConverter.ConvertInternal(OclConversionContext context, PropertyInfo propertyInfo, Object obj)
   at Octopus.Core.Serialization.Ocl.OclConverters.DeploymentActionOclConverter.ConvertInternal(OclConversionContext context, PropertyInfo propertyInfo, Object obj) in ./source/Octopus.Core/Serialization/Ocl/OclConverters/DeploymentActionOclConverter.cs:line 80
   at Octopus.Ocl.Converters.OclConverter.ToElements(OclConversionContext context, PropertyInfo propertyInfo, Object obj)
   at Octopus.Ocl.Converters.DefaultCollectionOclConverter.ToElements(OclConversionContext context, PropertyInfo propertyInfo, Object value)+MoveNext()
   at System.Linq.Enumerable.SelectManyIterator[TSource,TCollection,TResult](IEnumerable`1 source, Func`2 collectionSelector, Func`3 resultSelector)+MoveNext()
   at System.Linq.Enumerable.<ToArray>g__EnumerableToArray|314_0[TSource](IEnumerable`1 source)
   at System.Linq.Enumerable.OrderedIterator`2.MoveNext()
   at System.Linq.Enumerable.IteratorSelectIterator`2.ToListNoPresizing()
   at System.Linq.Enumerable.IteratorSelectIterator`2.ToList()
   at Octopus.Ocl.OclBlock..ctor(String name, IEnumerable`1 labels, IEnumerable`1 elements)
   at Octopus.Ocl.Converters.DefaultBlockOclConverter.ConvertInternal(OclConversionContext context, PropertyInfo propertyInfo, Object obj)
   at Octopus.Core.Serialization.Ocl.OclConverters.DeploymentStepOclConverter.ConvertInternal(OclConversionContext context, PropertyInfo propertyInfo, Object obj) in ./source/Octopus.Core/Serialization/Ocl/OclConverters/DeploymentStepOclConverter.cs:line 27
   at Octopus.Ocl.Converters.OclConverter.ToElements(OclConversionContext context, PropertyInfo propertyInfo, Object obj)
   at Octopus.Ocl.Converters.DefaultCollectionOclConverter.ToElements(OclConversionContext context, PropertyInfo propertyInfo, Object value)+MoveNext()
   at System.Linq.Enumerable.SelectManyIterator[TSource,TCollection,TResult](IEnumerable`1 source, Func`2 collectionSelector, Func`3 resultSelector)+MoveNext()
   at System.Linq.Enumerable.<ToArray>g__EnumerableToArray|314_0[TSource](IEnumerable`1 source)
   at System.Linq.Enumerable.OrderedIterator`2.MoveNext()
   at System.Linq.Enumerable.IteratorSelectIterator`2.ToListNoPresizing()
   at System.Linq.Enumerable.IteratorSelectIterator`2.ToList()
   at Octopus.Ocl.Converters.DefaultBlockOclConverter.ToDocument(OclConversionContext context, Object obj)
   at Octopus.Ocl.OclSerializer.Serialize(Object obj)
   at Octopus.Core.Serialization.Ocl.Transformation.Transforms.RunbookProcessOclTransform.TransformToOcl(RunbookProcess model, GitDocumentContext context, OclFileInfo fileInfo, CancellationToken cancellationToken) in ./source/Octopus.Core/Serialization/Ocl/Transformation/Transforms/RunbookProcessOclTransform.cs:line 59
   at Octopus.Core.Serialization.Ocl.Transformation.Transforms.Decorators.IdToSlugOclTransformDecorator`1.TransformToOcl(T model, GitDocumentContext context, OclFileInfo fileInfo, CancellationToken cancellationToken) in ./source/Octopus.Core/Serialization/Ocl/Transformation/Transforms/Decorators/IdToSlugOclTransformDecorator.cs:line 26
   at Octopus.Core.Serialization.Ocl.OclHandler.ToOcl[T](T model, GitDocumentContext context, OclFileInfo fileInfo, CancellationToken cancellationToken) in ./source/Octopus.Core/Serialization/Ocl/OclHandler.cs:line 56
   at Octopus.Core.Serialization.Ocl.Documents.RunbookProcessOclFileHandler.WriteOclDocument(RunbookProcess document, GitDocumentContext context, IReadWriteVirtualFileSystem fileSystem, CancellationToken cancellationToken) in ./source/Octopus.Core/Serialization/Ocl/Documents/RunbookProcessOclFileHandler.cs:line 40
   at Octopus.Core.Serialization.Ocl.Documents.GitOclDocumentService.UpdateDocument[TDocument,TKey](TDocument document, GitDocumentContext context, IReadWriteVirtualFileSystem fileSystem, CancellationToken cancellationToken) in ./source/Octopus.Core/Serialization/Ocl/Documents/GitOclDocumentService.cs:line 38
   at Octopus.Core.Git.Transactions.GitDocumentTransaction.<>c__DisplayClass18_0`2.<<UpdateDocument>b__0>d.MoveNext() in ./source/Octopus.Core/Git/Transactions/GitDocumentTransaction.cs:line 131
--- End of stack trace from previous location ---
   at Octopus.Core.Git.Transactions.GitDocumentTransaction.<>c__DisplayClass25_0.<<MigrateBeforeExecute>b__0>d.MoveNext() in ./source/Octopus.Core/Git/Transactions/GitDocumentTransaction.cs:line 218
--- End of stack trace from previous location ---
   at Octopus.Core.Git.Transactions.GitDocumentTransaction.MigrateBeforeExecute[T](Func`1 innerOperation, CancellationToken cancellationToken)
   at Octopus.Core.Git.Transactions.GitDocumentTransaction.MigrateBeforeExecute(Func`1 innerOperation, CancellationToken cancellationToken) in ./source/Octopus.Core/Git/Transactions/GitDocumentTransaction.cs:line 215
   at Octopus.Core.Git.Transactions.GitDocumentTransaction.UpdateDocument[TDocument,TKey](TDocument document, CancellationToken cancellationToken) in ./source/Octopus.Core/Git/Transactions/GitDocumentTransaction.cs:line 130
   at Octopus.Core.Persistence.Git.GitDocumentStore`2.UpdateAsync(TDocument document, CancellationToken cancellationToken) in ./source/Octopus.Core/Persistence/Git/GitDocumentStore.cs:line 89
   at Octopus.Core.Persistence.Git.SlugDocumentStoreDecorator`2.UpdateAsync(TDocument document, CancellationToken cancellationToken) in ./source/Octopus.Core/Persistence/Git/SlugDocumentStoreDecorator.cs:line 88
   at Octopus.Core.Persistence.ChangeTracking.Git.GitChangeTrackingDocumentStoreDecorator`2.UpdateAsync(TDocument document, CancellationToken cancellationToken) in ./source/Octopus.Core/Persistence/ChangeTracking/Git/GitChangeTrackingDocumentStoreDecorator.cs:line 80
   at Octopus.Core.Persistence.Auditing.AuditingDocumentStoreDecorator`2.UpdateAsync(TDocument document, CancellationToken cancellationToken) in ./source/Octopus.Core/Persistence/Auditing/AuditingDocumentStoreDecorator.cs:line 89
   at Octopus.Core.Persistence.DocumentStore`2.UpdateAsync(TDocument document, CancellationToken cancellationToken) in ./source/Octopus.Core/Persistence/DocumentStore.cs:line 97
   at Octopus.Core.Features.Runbooks.ModifyRunbookProcessCommandHandler.HandlerInternal(RunbookProcess runbookProcess, RunbookIdentifier runbookId, RunbookProcessResource command, Project project, CancellationToken cancellationToken) in ./source/Octopus.Core/Features/Runbooks/ModifyRunbookProcessCommandHandler.cs:line 116
   at Octopus.Core.Features.Runbooks.ModifyRunbookProcessCommandHandler.Handle(ModifyRunbookProcessInGitCommand command, CancellationToken cancellationToken) in ./source/Octopus.Core/Features/Runbooks/ModifyRunbookProcessCommandHandler.cs:line 76
   at Octopus.Core.Infrastructure.Mediator.AutofacMediator.Do[TCommand,TResponse](ICommand`2 command, CancellationToken cancellationToken)
   at Octopus.Core.Infrastructure.Mediator.Decorators.SystemComponentModelValidationDecorator.Do[TCommand,TResponse](ICommand`2 command, CancellationToken cancellationToken)
   at Octopus.Core.Infrastructure.Mediator.Decorators.FluentValidationsDecorator.Do[TCommand,TResponse](ICommand`2 command, CancellationToken cancellationToken)
   at Octopus.Core.Infrastructure.Mediator.Decorators.MessageBusSiphoningDecorator.Do[TCommand,TResponse](ICommand`2 command, CancellationToken cancellationToken)
   at Octopus.Server.Web.Controllers.RunbookProcesses.ModifyRunbookProcessController.ModifyRunbookProcessInGit(ModifyRunbookProcessInGitCommand command, CancellationToken cancellationToken) in ./source/Octopus.Server/Web/Controllers/RunbookProcesses/ModifyRunbookProcessController.cs:line 38
   at lambda_method38283(Closure, Object)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
   at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|7_0(Endpoint endpoint, Task requestTask, ILogger logger)
   at Octopus.Server.Web.Middleware.BoundaryTrailerRewriteMiddleware.Invoke(HttpContext context, IAutomationContext automationContext) in ./source/Octopus.Server/Web/Middleware/BoundaryTrailerRewriteMiddleware.cs:line 45
   at Octopus.Server.Web.Middleware.OpenFeatureUserContextMiddleware.InvokeAsync(HttpContext httpContext, IOctopusPrincipalInternal principal, IFeatureClient client) in ./source/Octopus.Server/Web/Middleware/OpenFeatureUserContextMiddleware.cs:line 30
   at Octopus.Server.Web.Infrastructure.Authentication.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult) in ./source/Octopus.Server/Web/Infrastructure/Authentication/AuthorizationMiddlewareResultHandler.cs:line 50
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
   at Octopus.Server.Web.UnitOfWorkMiddleware.InvokeAsync(HttpContext httpContext, IUnitOfWork unitOfWork) in ./source/Octopus.Server/Web/UnitOfWorkMiddleware.cs:line 31
   at Octopus.Server.Web.UnitOfWorkMiddleware.InvokeAsync(HttpContext httpContext, IUnitOfWork unitOfWork) in ./source/Octopus.Server/Web/UnitOfWorkMiddleware.cs:line 42
   at Octopus.Server.Web.Middleware.OctopusClientOldVersionWarningMiddleware.InvokeAsync(HttpContext context, IAutomationContext automationContext) in ./source/Octopus.Server/Web/Middleware/OctopusClientOldVersionWarningMiddleware.cs:line 24
   at Octopus.Server.Web.Middleware.DynamicContentHeadersMiddleware.InvokeAsync(HttpContext context) in ./source/Octopus.Server/Web/Middleware/DynamicContentHeadersMiddleware.cs:line 50
   at Octopus.Server.Web.Middleware.MaintenanceModeMiddleware.InvokeAsync(HttpContext context) in ./source/Octopus.Server/Web/Middleware/MaintenanceModeMiddleware.cs:line 56
   at Octopus.Server.Web.Middleware.OctopusAuthenticationMiddleware.InvokeAsync(HttpContext context, IUserAuthenticator userAuthenticator, IUserSessionService userSessionService, IWebAuthCache authCache, ILogger logger) in ./source/Octopus.Server/Web/Middleware/OctopusAuthenticationMiddleware.cs:line 69
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Octopus.Server.Web.Middleware.TelemetryMiddleware.InvokeAsync(HttpContext context) in ./source/Octopus.Server/Web/Middleware/TelemetryMiddleware.cs:line 64
   at Octopus.Server.Web.Middleware.ErrorHandlingMiddleware.InvokeAsync(HttpContext context) in ./source/Octopus.Server/Web/Middleware/ErrorHandlingMiddleware.cs:line 46

More Information

No response

Workaround

Move the sensitive value to a variable and reference the variable in the step parameter before committing changes.
@dan-close dan-close added the kind/bug This issue represents a verified problem we are committed to solving label Jan 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug This issue represents a verified problem we are committed to solving
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dan-close