search

pawelsikora / mkdocs-with-confluence

MkDocs plugin for uploading markdown documentation to Confluence via Confluence REST API
MIT License
71 stars 33 forks source link

Collaboration and password security - do not embed username and password #6

Open danizen opened 2 years ago

danizen commented 2 years ago

This seems like a dream come true, but there are problems here with usability and password security. I may not store my password in clear-text in the mkdocs.yml file. Since a piece of code is not my personal possession but something I wish to share with a team, I would also not want to place my username in the mkdocs.yml file.

danizen commented 2 years ago

It looks like this could be folded into a better README.md or documentation that mentions JIRA_USERNAME and JIRA_PASSWORD.

danizen commented 2 years ago

I also think that since mkdocs configuration already supports using the environment, you drop JIRA_USERNAME and JIRA_PASSWORD and instead educate users how to use them via https://www.mkdocs.org/user-guide/configuration/#environment-variables.

I think there are two ways to work this to be more usable for collaboration:

danizen commented 2 years ago

Actually, since mkdocs uses the click library, we can probably just add a command-line sub-command when mkdocs_with_confluence is imported. I will try this and report back.

pawelsikora commented 2 years ago

Hi @danizen , great advices, thanks - I would like to collaborate on that, If you are still ok after such amount of time - please drop me an email to sikor6@gmail.com.

P.S. I did it this way without any security as it was used with a 'functional' user, which has not been tied to any particular user and password/credentials were available and public to the whole team as it was for automation purposes. I suppose you are not able to set such a functional user in your case?

Anyway, thanks and I am keeping this topic in my head.