Closed mvidalgarcia closed 2 years ago
Just noticed that the new workspace validation introduced these new checks, that's why if one has no workspace
in reana.yaml can still bypass the credentials check, as no network request is done.
This is not ideal as:
worskpace
set)
reana-client validate
is a local operation. While the logic remains local (we might move it to the server in the future), it shouldn't check credentials (REANA_SERVER_URL
andREANA_ACCESS_TOKEN
).Right now it's possible to trick the system by exporting fake credentials, as no server requests are being performed:
Somehow related to https://github.com/reanahub/reana-client/issues/567