修复 Jenkinsfile 中敏感信息硬编码问题
This commit is contained in:
Vendored
+2
-2
@@ -3,12 +3,12 @@ pipeline {
|
||||
|
||||
environment {
|
||||
APP_NAME = 'no-whatever'
|
||||
AMAP_KEY = '7f6be40a6de3f7fbb7bc3f825b67573b'
|
||||
AMAP_KEY = credentials('amap-api-key')
|
||||
DEEPSEEK_KEY = credentials('deepseek-api-key')
|
||||
}
|
||||
|
||||
triggers {
|
||||
GenericTrigger(token: 'no-whatever-deploy')
|
||||
GenericTrigger(tokenCredentialId: 'no-whatever-deploy-token')
|
||||
}
|
||||
|
||||
stages {
|
||||
|
||||
@@ -83,7 +83,12 @@
|
||||
- 客户端统一返回泛化错误文案;
|
||||
- 详细错误仅记录在服务端日志(可加 requestId 关联)。
|
||||
|
||||
### P1-3 CI 配置中存在敏感信息硬编码
|
||||
### P1-3 CI 配置中存在敏感信息硬编码【已完成】
|
||||
- 修复状态:✅ 已完成(2026-03-03)
|
||||
- 修复内容:
|
||||
- `Jenkinsfile` 中地图 key 改为 `credentials('amap-api-key')`;
|
||||
- Webhook 触发 token 改为 `tokenCredentialId` 方式读取凭据;
|
||||
- 消除源码内硬编码敏感值。
|
||||
- 证据:
|
||||
- `Jenkinsfile:6`(地图 key 常量)
|
||||
- `Jenkinsfile:11`(固定触发 token)
|
||||
|
||||
Reference in New Issue
Block a user