diff --git a/README.md b/README.md index 758e9822..956ad4a4 100644 --- a/README.md +++ b/README.md @@ -137,6 +137,9 @@ for details on how to configure ECR policies Use the action to output your Docker credentials for logging into ECR Private, then use the credentials to run your private image as a service in another job. +> [!WARNING] +> Setting `mask-password` to `'false'` will log your Docker password output if [debug logging is enabled](https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging). +> For more information, see the [Docker Credentials](#docker-credentials) section below. ```yaml jobs: @@ -152,6 +155,8 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v2 + with: + mask-password: 'false' outputs: registry: ${{ steps.login-ecr.outputs.registry }} docker_username: ${{ steps.login-ecr.outputs.docker_username_123456789012_dkr_ecr_us_east_1_amazonaws_com }} # More information on these outputs can be found below in the 'Docker Credentials' section diff --git a/dist/index.js b/dist/index.js index 6b3728a5..78ba80f2 100644 --- a/dist/index.js +++ b/dist/index.js @@ -112,7 +112,7 @@ function replaceSpecialCharacters(registryUri) { async function run() { // Get inputs const httpProxy = core.getInput(INPUTS.httpProxy, { required: false }); - const maskPassword = (core.getInput(INPUTS.maskPassword, { required: false }).toLowerCase() || 'true') === 'true'; + const maskPassword = (core.getInput(INPUTS.maskPassword, { required: false }).toLowerCase() || 'true') !== 'false'; const registries = core.getInput(INPUTS.registries, { required: false }); const registryType = core.getInput(INPUTS.registryType, { required: false }).toLowerCase() || REGISTRY_TYPES.private; const skipLogout = core.getInput(INPUTS.skipLogout, { required: false }).toLowerCase() === 'true'; diff --git a/index.js b/index.js index 7a76ceb1..90daacc5 100644 --- a/index.js +++ b/index.js @@ -106,7 +106,7 @@ function replaceSpecialCharacters(registryUri) { async function run() { // Get inputs const httpProxy = core.getInput(INPUTS.httpProxy, { required: false }); - const maskPassword = (core.getInput(INPUTS.maskPassword, { required: false }).toLowerCase() || 'true') === 'true'; + const maskPassword = (core.getInput(INPUTS.maskPassword, { required: false }).toLowerCase() || 'true') !== 'false'; const registries = core.getInput(INPUTS.registries, { required: false }); const registryType = core.getInput(INPUTS.registryType, { required: false }).toLowerCase() || REGISTRY_TYPES.private; const skipLogout = core.getInput(INPUTS.skipLogout, { required: false }).toLowerCase() === 'true';