Octopus Step Template


I have a custom step template, that uses sensitive variables which acts as parameter bridge to a higher level process within a Octopus project. See Octopus Template Sensitive Variable.png in attached post.

My question is regarding the sensitivity of the variable used within the step template.

When looking at a Octopus project, and examining the Process to see many steps, that step could potentially be using a custom step template and passing a value to that step template’s variable parameter. See Octopus Project Process Step using custom Step Template.png in attached post.

One can actually click on the link to see what the value of the sensitive variable is within the custom step template. See Octopus Template Hint.png in attached post.

By clicking on the actual variable/parameter used, and assigning a sensitive value as a Default value, it is clear for all to see. See Octopus Template Sensitive Variable Default Value.png in attached post.

This kind of defeats the purpose of having sensitive variables if they can be easily visible.

Would you have any suggestions on how to prevent this from happening within the step template, perhaps masking off the value in input box

Also, am using Octopus Deploy v3.4.13.






Hi Tom

Thanks for getting in touch. Apologies for the delay in getting back to you.

You are correct, displaying this sensitive value here is not great. Unfortunately, the best answer I can give you there is “don’t use default values with sensitive properties”. The intention was for this value to be supplied at the step level, rather than as a default value.

You could use a variable there, and define the variable in each project, but thats only a marginal improvement over manually entering the value in each step. If you’re using Tenants, then you could use the variable templates to assist here.

I’ve logged an issue for us to investigate and solve.

Sorry I cant give you better news.


Hi Matt,

Thank you so much for replying. It is much appreciated.

I shall certainly keep an eye on this issue on github.

Thanks again,