search

creativeprojects / resticprofile

Configuration profiles manager and scheduler for restic backup
https://creativeprojects.github.io/resticprofile/
GNU General Public License v3.0
604 stars 29 forks source link

restic: use repository-file if the repo flag contains a password #336

Closed jkellerer closed 4 months ago

jkellerer commented 4 months ago

Experimental PR to replace restic --repo https://user:password@host with restic --repository-file /tmp/profile-repo.txt (with file mode 0600)

Currently fails tests (as they don't expect replacement) and depends on some functions from other PRs to complete it.

creativeprojects commented 4 months ago

I guess this is to hide the password if someone looks at the process list?

Makes sense 👍🏻

jkellerer commented 4 months ago

Exactly. A process list may also be sent by monitoring software so its easy to leak passwords around.

codecov[bot] commented 4 months ago

Codecov Report

Attention: Patch coverage is 88.88889% with 10 lines in your changes are missing coverage. Please review.

Project coverage is 71.02%. Comparing base (00360a2) to head (c1d9cf4). Report is 2 commits behind head on master.

Files Patch % Lines
config/profile.go 88.89% 3 Missing and 3 partials :warning:
util/maybe/bool.go 87.50% 1 Missing and 1 partial :warning:
util/templates/functions.go 90.00% 1 Missing and 1 partial :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #336 +/- ## ========================================== + Coverage 70.85% 71.02% +0.16% ========================================== Files 121 121 Lines 12273 12373 +100 ========================================== + Hits 8696 8787 +91 - Misses 3183 3190 +7 - Partials 394 396 +2 ``` | [Flag](https://app.codecov.io/gh/creativeprojects/resticprofile/pull/336/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Fred) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/creativeprojects/resticprofile/pull/336/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Fred) | `71.02% <88.89%> (+0.16%)` | :arrow_up: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Fred#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

jkellerer commented 4 months ago

Tests are fixed and the enhancement disables itself when it detects that the repo is set by env variables