Open mvdan opened 3 years ago
jaen
commented
3 years ago Hi, I'd like to be able to use bitwarden to store my https://github.com/99designs/aws-vault credentials and sync them between my machines – this would require implementing writing secrets and showing a graphical prompt to unlock them. I'm not sure how soon I'll get to it, buy if you don't mind sending me the credentials in advance, then please do forward them to tomek.manko serviced by railgun-solutions.com
sentriz
commented
3 years ago showing a graphical prompt to unlock them
I think this would be very cool, I think related are https://github.com/mvdan/bitw/issues/7 https://github.com/mvdan/bitw/issues/4
mvdan
commented
3 years ago @jaen I've just sent you an email - check the spam folder if you don't see it within a few minutes.
Happy to review PRs. If what you're implementing is not already described in an issue, please post your initial design on an existing or new issue. That way we can give some early feedback on new ideas and keep code reviews to just the code.
jaen
commented
3 years ago Thanks, I have received the passwords and tests seem to work with them. I'll possibly look into adding a docker with bitwarden-rs later, so there's no need for this and all tests work without an internet connection.
My interests are mainly with #21 and #4, which seem adequately described. I don't know how soon I'll get to it, but given that it limits my work with AWS to one machine, probably sooner rather than later.
mvdan
commented
3 years ago there's no need for this and all tests work without an internet connection
I've wanted to do this before :) So it would definitely be a welcome change. Ideally the tests would not require Docker, if bitwarden-rs is available in $PATH.
jaen
commented
3 years ago Docker is probably the simplest to implement and use (at least for me), but if working with a binary in $PATH is something you care about, I can take that into account.
mvdan
commented
3 years ago It's fine for a first implementation to require Docker. It would just be nicer, long-term, to not have a hard dependency on it to run all the tests. It's often quicker and more portable to not use it. All that said, requiring an internet connection and secret passwords is clearly worse than Docker :)
Amolith
commented
1 year ago I'd eventually like to take a crack at #21. Not being able to save secrets means I have to re-enter passwords for some apps every single time they start up and it's a massive pain, especially I'm signed in to multiple accounts in the same app :grimacing:
Might also look at #4, because keeping a terminal open running bitw for the duration of my session is a pain too.
By default,
go testwill skip a significant portion of the tests:This is because we use two real accounts with bitwarden.com to run the tests. Passwords are needed for
login-syncandlogin-tfa. The accounts and their passwords are dummy; they contain no sensitive information. However, I still don't want to publish them freely, because I reckon the accounts would get spammed or banned in a matter of weeks. Setting up the test accounts only took about an hour, but I would hate to have to re-do that regularly.For now, the passwords are needed for other tests like
dbusanddump, since we simply keep a copy of the encrypted data intestdata, and use it in those two tests. Since it's from the same account, it's the same password. In the future, we could use different data with a dummy password that we can just commit to master, since it wouldn't be in use with a real bitwarden.com account.In the future, we might do away with all of the passwords by using a local bitwarden server instead of bitwarden.com, initializing the local server with the dummy accounts we want.
But for now, the passwords are needed to run all tests. If you want to contribute to bitw, please leave a comment on this thread with your email address and I'll email them to you.