Error in Offline package with sensitive variables

Hey Octopus peeps,
So we ran into an issue with Offline deployments where there was a sensitive variable that lived in one of the deployment steps. We were running this in a development environment for testing so we had no sensitive variables in the variable sets. What we saw was the whole sensitive-variable password mechanism didn’t kick in because it didn’t realize there was a sensitive variable that lived in the steps. To get around it, I created an unscoped stub sensitive variable in the project variable set and it caused the mechanism to kick in. The problem manifests itself as an “Unable to parse sensitive-variables as valid JSON.” error.

If you need, I can attach the generated ps1 file but the gist is that this section was missing:

Taking a secure password and converting to plain text

Function ConvertTo-PlainText( [security.securestring]$secure ) {
$marshal = [Runtime.InteropServices.Marshal]
$marshal::PtrToStringAuto( $marshal::SecureStringToBSTR($secure) )

$Password = ConvertTo-PlainText (Read-Host “Enter your password to decrypt sensitive-variables:” -AsSecureString)
$PasswordArg="-sensitiveVariablesPassword=""+ $Password +"""

Hi Karim,

Thanks for getting in touch and sending through the error details. Unfortunately, I haven’t been able to reproduce the issue. I created a test simple project with the appropriately scoped variables plus an unscoped dummy variable to ensure the password mechanism kicked in. I tried deploying to my development environment and it prompted for a password and worked fine.

Can you create a simple test project and see if it still occurs? This should help me reproduce and isolate the problem.

Looking forward to your reply.


Hey Rob,
So I tried creating a simple project and got the same results as you. I went back to my other project and tried deleting the stub sensitive variable I created in the project’s variable set and I’m still seeing the same issue in that project. I can export parts of the project that doesn’t work if that helps.

Also, to be clear, in the other project there are no sensitive variables in the variable set, there is only one in the step. I attached a screen shot of the test project I created. It uses the same step template that has a sensitive variable in the problematic project.

Hi Karim,

Thanks for following-up and providing additional information. This appears to be a bug so I’ve created a github issue to investigate further and get it fixed. You can track it’s progress at the following URL.

Thanks again.