Closed JanekLehr closed 2 years ago
I'm sorry for the delay but I've been busy with completely unrelated work.
Now, thank you for putting the effort into this. However, this is not a new idea to me and I actually put the work before but didn't push because I concluded it was a bad idea to store such sensitive information. Let's look at #14 first and then come back at this.
@pires Ah, I understand your security concern. How do you deal with this issue then, especially for CLI tools that pull from Nexus during local dev workflows or CI/CD automation? Do you have to make sure everyone logs in via the browser each time a new Pod launches?
Hi @pires. This is a ping for my previous comment. Do you have the problem I mentioned in my earlier comment? How do you address it?
Sorry once again but I'm no longer involved with this effort. @arochaf @flaviof can you help?
Fixes #14
Use a file-based data store to enable persisting the credential store beyond server restarts.
The in-memory store has been replaced completely because it is causes this bug. In fact, the file-based store behaves the same way as the in-mem if run in a container without a volume attached to persist the store. However, if a persistent volume is used then auth tokens continue to work after restart and before a fresh oauth flow.