Closed SBoudrias closed 9 years ago
Interesting, are you planning on reading the user
/token
from a untracked file? Would it be possible to to do the same with the url itself, read that from an untracked file?
Untracked file or server settings. For example you'd set a set
encoded key in your .travis.yml
.
The thing is we don't want to set a manually configured URL variable because this information is not seen as "secure" information, so chances are future updates to the project will log the secret key without realizing. Having specific login credential and handling them inside the plugin will ensure author changing the code realize these are privates informations.
Got it.
I'll look into it after I make some tests.
How did you expect your gruntfile
config to look like for this?
buildcontrol: {
url: 'https://my-app.com',
login: 'myname',
token: 'secret-https-token'
}
And the buildcontrol would generate final url as: https://myname:secret-https-token@my-app.com
making sure to never log the name and the token. Like:
pushing to https://<CREDENTIALS>@my-app.com
Done!
I had the idea of overriding grunt.log
functions to filter out the login
and token
.
Any thoughts? https://github.com/robwierzbowski/grunt-build-control/compare/feature/sensitive-logging
I feel like using the url utility would be cleaner than parsing url strings: http://nodejs.org/api/url.html
About the logging the sound good, maybe I'd parse login and token independently in order to not rely on a specific syntax.
Good idea on url.
I'm concerned for the case of http://kevinawoo:1111@github.com/kevinawoo/grunt-build-control.git
where { login: 'kevinawoo' }
the url
library uses auth being user:pass
, so I don't think it should be much of a problem
Yeah, current log parsing seems good enough. Maybe just scrub the token on it's own too just for extra security - I'm just a bit paranoïd here.
Can do, I'll go one step further and scrub it case insitive too!
When running in a CI environment (for instance Travis), there's no ssh key to help authenticating someone to the remote git.
Github provide https git endpoints that work this way:
https://<user>:<token>@github.com/repo.git
We sure can provide the formatted URL manually, but this makes it tricky to keep the secure
token
out of the logs. Adding auser
/token
options and ensuring in the task we never log the token would be pretty useful.