Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-60144

While running Confluence using docker, Password value passed through ATL_JDBC_PASSWORD is not Sanitised in support zip

    XMLWordPrintable

Details

    Description

      Problem

      While running Confluence from docker, if the ATL_JDBC_PASSWORD command is used in the docker/docker-compose commands, the value of the password is not sanitised in the support zip created from the instance. This is also true for other custom values such as JKS_PASS etc, where if password value is passed, it is presented without being sanitised.

      Environment

      7.4.0 Confluence using docker.

      Steps to Reproduce

      1. Create a docker instance of Confluence using steps from https://hub.docker.com/r/atlassian/confluence-server/
      2. Ensure to pass ATL_JDBC_USER and ATL_JDBC_PASSWORD commands along with  ATL_JDBC_URL and ATL_DB_TYPE so that these values need not be specified during database creation.
      3. Start the instance.
      4. Extract support zip from the instance, once it starts running.

      Expected Results

      The password information specified under ATL_JDBC_PASSWORD should be sanitised along with any other password information.

      Actual Results

      Password is not sanitised.

      Workaround

      No workaround at this time

      Notes

      Attachments

        Issue Links

          mentioned in

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              sganeshan@atlassian.com Sathya Ganeshan
              Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: