Overview
Below are an example decryption script and steps to create it.
Applicable to
Release version 9.7 as stated in Release Note (ENG-261)
Example of a decryption script
from com.xebialabs.deployit.util import PasswordEncrypter
mypass = globalVariables['global.pass']
print mypass
clearPassword = PasswordEncrypter.getInstance().ensureDecrypted(mypass)
print clearPassword
Steps to Follow
To allow the script task able to accept and decrypt the encrypted password, please follow the guideline below:
- Add these new lines in <Release>/conf/script.policy:
permission com.xebialabs.xlrelease.script.security.RuntimePermission "accessClass.com.company.
domain.*";
permission com.xebialabs.xlrelease.script.security.RuntimePermission "accessClass.com.company.
utils.HelperClass"; - Add these new lines in <Release>/conf/xl-release.conf:
xl.security.scripting.sandbox.jython.restricted-modules = ["importlib", "imp", "tempfile",
"linecache", "shutil", "os", "getpass", "platform", "threading", "thread", "subprocess",
"webbrowser", "cmd", "pdb", "bdb", "gc", "user", "code", "codeop", "zipimport", "pkgutil",
"modulefinder", "runpy", "distutils", "compiler", "posix", "pwd", "grp", "posixfile",
"commands"]
xl.repository.decryptPasswords=true
xl.security.scripting.sandbox.decryptPasswords=false
xl.security.scripting.sandbox.enabled = false - In version 9.7 onward, passing encrypted password values has been restricted for creating and updating operations. To enable it only for script tasks, please apply the script below in <RELEASE_HOME>/conf/xl-release.conf:
xl {
security {
accept-encrypted-secrets {
enabled = true
}
}
} - Restart Release
Extra Information
Comments
Please sign in to leave a comment.