$ Linux One Liners
Back to commands

Hosting Operations

Read-only, can be slow

Detect Secret Leak Markers in Artifacts

Before publishing or sharing CI artifacts, you need a quick read-only scan for obvious secret-like markers.

Command

grep -RInE 'AWS_ACCESS_KEY|SECRET|TOKEN|PRIVATE KEY|PASSWORD' artifacts logs | head -50

Before you run this

System impact: Read-only. Can create load on large logs, directories, filesystems, or process tables.

When not to use it: Do not treat this as a complete secret scanner; use a dedicated scanner for enforcement.

Expected output

Any obvious secret marker lines found in logs or artifacts.

System impact

Read-only, can be slow. Nothing changes. Matching secret-like strings are printed for review.

Scope this to the smallest useful path or service on busy systems.

Recovery / rollback: no state is changed.

When to use it

Use before uploading, sharing, or attaching CI artifact bundles to tickets.

When not to use it

Do not treat this as a complete secret scanner; use a dedicated scanner for enforcement.

Watch this command run

Command transcript

This sanitized transcript shows the commands and output shape without exposing host details.

demo@lab:~$

$ cd /work/ci-artifacts && grep -RInE 'AWS_ACCESS_KEY|SECRET|TOKEN|PRIVATE KEY|PASSWORD' artifacts logs | head -50

logs/deploy.log:2:Using TOKEN=redacted-token in debug environment

$ cd /work/ci-artifacts && grep -RInE 'AWS_ACCESS_KEY|SECRET|TOKEN|PRIVATE KEY|PASSWORD' artifacts logs | cut -d: -f1 | sort -u

logs/deploy.log

$ cd /work/ci-artifacts && sed -n '1,60p' logs/deploy.log

Deploy started
Using TOKEN=redacted-token in debug environment
Uploading artifacts/dist
Deploy failed: missing artifacts/dist/robots.txt
View commands shown

These are the commands shown in the sanitized transcript.

Commands shown

  1. cd /lab/ci-artifacts && grep -RInE 'AWS_ACCESS_KEY|SECRET|TOKEN|PRIVATE KEY|PASSWORD' artifacts logs | head -50
  2. cd /lab/ci-artifacts && grep -RInE 'AWS_ACCESS_KEY|SECRET|TOKEN|PRIVATE KEY|PASSWORD' artifacts logs | cut -d: -f1 | sort -u
  3. cd /lab/ci-artifacts && sed -n '1,60p' logs/deploy.log

next steps

Related commands

Hosting Operations Can be slow

Scan Every CI Log for Error Lines

One grep pass can turn a log pile into a failure list.

grep -RInE 'error|failed|failure|exception|traceback' artifacts logs | head -50
Hosting Operations Can be slow

Find Tests That Passed After Rerun

A green retry can still hide a flaky test.

grep -RInE 'rerun|retry|flaky|passed on retry|failed attempt' artifacts logs
Hosting Operations Can be slow

Find Coverage Regression Lines

Coverage failures usually say the threshold out loud.

grep -RInE 'coverage|threshold|minimum|below' artifacts logs
Hosting Operations Can be slow

Find the Newest Build Logs First

The failing file is usually one of the newest artifacts.

find artifacts logs -type f \( -name '*.log' -o -name '*.txt' \) -printf '%TY-%Tm-%Td %TH:%TM %p\n' | sort -r | head
Study mapping

Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.

  • lpic1:103-gnu-unix-commands
  • lfcs:essential-commands
  • lfcs:operations-deployment
  • lfcs:services-logs
  • linuxplus:automation-scripting
  • linuxplus:provisional
  • risk:read-only

Useful for

  • LPIC-1 style command-line practice
  • LFCS style performance tasks
  • Linux+ style troubleshooting review

Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.