So I found out that currently if you have an open source project all your artifacts are viewable to the public and can be accessed simply by going to the artifacts on tab on a build and click on it. Which makes sense for someone that wants to publicize everything from their build, and don't have any api tokens in their log file, but if you are turning on debug mode on a lot of tools (i.e. packer in my case) it will print out (since it is in debugging) the api token I use for uploading vagrant boxes into vagrant cloud.
So I think it would be awesome if in the circle ci config to have either a specific file or specific regex match to be "protected", in that only the owner can access it
Because I would love to allow people to see my build log, but I would also love to view my debug log output (just in case), but can't since it prints out my api key.