From: Thanh Ha <thanh.ha@linuxfoundation.org>
Date: Thu, 8 Feb 2018 04:19:43 +0000 (-0500)
Subject: set +x around sensitive code docker login code
X-Git-Tag: v0.16.0~4
X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=commitdiff_plain;h=6704f23d5802e8cd7f72ca94c63ab5bbc1004a92;p=releng%2Fglobal-jjb.git

set +x around sensitive code docker login code

Call `set +x` as a guard just in case a script elsewhere is calling
`set -x` which could cause the credentials to print to console.

Change-Id: I6802887c7a3c9809d9d13d6b3cc90e3570f120fc
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
---

diff --git a/shell/docker-login.sh b/shell/docker-login.sh
index 6613118e..92da7e0d 100644
--- a/shell/docker-login.sh
+++ b/shell/docker-login.sh
@@ -35,6 +35,7 @@ set -eu -o pipefail
 
 # Execute the credential lookup and login to the registry
 do_login() {
+    set +x  # Ensure that no other scripts add `set -x` and print passwords
     echo "$1"
     CREDENTIAL=$(xmlstarlet sel -N "x=http://maven.apache.org/SETTINGS/1.0.0" \
         -t -m "/x:settings/x:servers/x:server[starts-with(x:id, '${1}')]" \