Identifying secrets in deployment step

I’m creating a PowerShell step template which is currently updating Confluence documentation with variables and details about the deployment, but I’m having a really hard time trying to prevent sensitive variables from being output to Confluence. What I’m trying to do is find a variable type, but it looks like by default all $OctopusParameters variables are just strings in a collection?

Ideally I would like if I was able to do something like $OctopusParameters[‘mySecret’].Type or something to verify whether it’s a secret so I can obscure it before outputting.

I know this is a bit of an edge case but I find it weird that there isn’t a way to check a variable type. Any suggestions?

Hi Callum,

Thanks for getting in touch.

Unfortunately this is not something that Octopus currently supports. I can see how this would be useful and I can see how this would be frustrating right now. This might be worth raising on our User Voice Forum.

The best alternative I can think of involves introducing some conventions into your variable naming scheme. For example, variables containing Key or Password are considered sensitive and are masked. This is not a great solution because it could be difficult to maintain.

Sorry I don’t have a better answer for you, but I hope this answer helps you.

Regards,
Tom