Open christoph-buente opened 4 years ago
Having this value in the config
is a bit missleading - the original design intention was that the -k
be supplied to use the Keyring otherwise prompt for password - which I believe is the current behaviour. It does make it look like this can be configured on with the config
.
I guess we either have 2 ways forward:
google_config.keyring
from the configThe second option then does need something to negate this as you suggested. I like the -K
option.
Happy to gain feedback from the community around direction on this one.
Thanks @stevemac007 for clarification. If the line in the config files doen't do anything except mislead people, I would opt for dropping it.
I would appreciate being able to set it via the configuration, i.e not having to add -k to every command line using aws-google-auth.
I agree with @forsberg - personal preference would like the keyring value to be stored. If I get a chance I'll look at making it work, otherwise would happily review a PR for this.
I set my ~/.aws/config up with several profiles. When i want to refresh my tokens, i want the google password to be read from my keychain (which i set up earlier). So this is what the config looks like.
When calling aws-google-auth with just one parameter telling it the profile name to read from, it asks for the password, not honouring the
google_config.keyring = True
setting.And even worse, it sets the config to False. So next time i try to refresh the tokens, it asks for the password again. The only way to remedy it, is to set the
-k
parameter. Is this intended behaviour? But i guess if you want to switch keychain off, there is another "negative" parameter needed, like-K
to actively indicate you don't want the keychain and thne overriding the config file. Any thoughts are appreciated.