Allow more special characters in masked variables
Problem to solve
Masked variables in their current state do not allow for the masking of many different types of credentials due to restrictions on the types of special characters that can be masked.
Further details
If more characters are allowed it will be easier to mask pre-generated credentials without having to regenerate access keys, passwords, etc multiple times. It looks like BitBucket currently supports the masking of many different types of characters as I had no problems masking a number of different AWS access keys without running into an error.
Proposal
A user should be able to mask a variable with a reasonable amount of special characters included. With this issue we change the implementing regular expression to allow for all characters in the base64 alphabet (https://tools.ietf.org/html/rfc4648) to be properly masked, if the string is at least 8 char long. This should allow gitlab-runner to mask $SSH_PRIVATE_KEY if any user is following the guide here: https://docs.gitlab.com/ee/ci/ssh_keys/#ssh-keys-when-using-the-docker-executor.
Limitations
There are still three characters that are unsupported as part of masking: @
, :
and \
. These will be addressed via https://gitlab.com/gitlab-org/gitlab-ce/issues/63043
ZD: https://gitlab.zendesk.com/agent/tickets/119466 (Internal)