search

arodus / nuke-docker

Docker CLI addon
https://nuke.build
MIT License
5 stars 2 forks source link

DockerLogin with EnablePasswordStdin produce invalid command line #5

Open jrouaix opened 5 years ago

jrouaix commented 5 years ago

When using this command configuration :

 DockerLogin(s => s
                .SetServer(DockerRegistryServer)
                .SetUsername(DockerRegistryUserName)
                .SetPassword(DockerRegistryPassword)
                .EnablePasswordStdin()
            );

the command generated is :

docker login --password <MYPASS> --password-stdin --username <MYUSER> <MYREGISTRY>.azurecr.io

and the error messages are :

2018-11-07T10:19:51.2642236Z ##[error]WARNING! Using --password via the CLI is insecure. Use --password-stdin.
2018-11-07T10:19:51.2643599Z ##[error]--password and --password-stdin are mutually exclusive
2018-11-07T10:19:51.3433335Z ##[error]Process 'docker' exited with code 1. Verify the invocation.

the second one is the important here

A workaround will be not to use password stdin for now but i produce the password in our CI logs ... not so safe.

arodus commented 5 years ago

You are right, the password parameter should be obscured, will update the addon so the password shouldn't get printed to the log anymore.

The addon is just an auto generetad wrapper that's why the .EnablePasswordStdin() parameter exists, but it's currently without any function since Nuke doesn't support passing parameters through stdin yet. I'm also not sure if this is required at all or obscuring the password is enough.

matkoch commented 5 years ago

There is https://github.com/nuke-build/nuke/issues/76 planned, which would solve this. If you like, you could take it.

mbenedykconfigit commented 2 years ago

Is there any progress?