search

chocolatey-community / chocolatey-packages-template

A template to use when setting up to create packages both manual and automatic
Apache License 2.0
83 stars 348 forks source link

Github Gist with 2FA #9

Closed JonasGroeger closed 7 months ago

JonasGroeger commented 8 years ago

Hi!

I'm using GitHub with 2FA and in the file appveyor.yml I could not use this line:

- "ruby -e \"require 'gist'; Gist.login! username: ENV['github_user'], password: ENV['github_pass'] if ENV['github_user'] \""

If I do, the job at Appveyor just blocks (asking for a 2FA token).

Instead, I used my local machine, installed ruby, got the gist gem and logged running gist login. There I had to enter username and password. Another query comes up asking for a 2FA token. I enter it using my phone. A valid "Personal Access Token" (see https://github.com/settings/tokens) then is written into a file called ~/.gist.

In the appveyor.yml I added another line next to gist_id that says something like:

gist_token:
    secure: <YOUR_TOKEN_FROM_~/.gist>

Then, I replaced the - "ruby -e \"require ' ... line above with

  - ps: "$Env:gist_token | Out-File ~/.gist -Encoding ascii -NoNewline"

This should work for everybody with 2FA. I'm not sure how to submit this as a pull request since its kind of a special use case for people with 2FA "on" on Github. I'm also not sure how to put this into the appveyor.yml file since I'm not too experienced with Appveyor.

ferventcoder commented 8 years ago

Interesting. In most cases (other tools) I was able to use my 2FA token as the password.

Here I haven't officially tested this as I was setting it up with @choco-bot

JonasGroeger commented 8 years ago

You can do that. However, I would rather want to keep my TOTP token private (like, really private) and use a token I can revoke: "Personal Access Token".

ferventcoder commented 8 years ago

Personal access token is what I meant - man I got to work on my terminology! :)

AdmiringWorm commented 7 years ago

I remember I could never get the ruby gist to work with a Personal Access Token, so I ended up creating the minimal of powershell required to push the gist to github instead.

https://github.com/AdmiringWorm/chocolatey-packages/blob/fa7877e83f301c34c7383acb64395861c0d4a97c/au/scripts/Save-Gist.ps1#L82

It is still quite the naïve implementation, but could perhaps be an alternative than writing the token to file and continue using the ruby gist application

ferventcoder commented 7 years ago

Looks like @majkinetor has solved some of this for us with AU next.

majkinetor commented 7 years ago

Yeah, this is the plugin: https://github.com/majkinetor/au/blob/integrate/AU/Plugins/Gist.ps1. The token is the only way to use it and arbitrary files can be uploaded.

TheCakeIsNaOH commented 7 months ago

The gist plugin was added to update_all.ps1 in https://github.com/chocolatey-community/chocolatey-packages-template/commit/6738ecbb1e2e5c4d3b25242cbbaffd21a4a13e1e