Fix security issue: Redact GitLab tokens in test logs

Falko Sieverdingrequested to merge
security/redact-tokens-in-logs into main

Summary

  • Added token redaction in both console output and log files in test_script.sh
  • Uses sed to replace GitLab tokens with [REDACTED_TOKEN]
  • Prevents accidental token leakage in log files and test output

Test plan

  1. Run the test script with a dummy token value containing "glpat-"
  2. Verify the token is redacted in both console output and log files
  3. Check that the script functionality remains unchanged

This change improves security by preventing sensitive authentication tokens from being displayed or logged. The script now redacts GitLab personal access tokens (strings starting with "glpat-") in both console output and log files. Instead of showing the actual token, it replaces them with "[REDACTED_TOKEN]" using a regular expression. This helps prevent accidental exposure of credentials that could lead to unauthorized access.

Merge request reports