Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Figure out a better way to provide authentication details / credentials #8

Open
arvindsv opened this issue Jan 15, 2019 · 5 comments
Open

Figure out a better way to provide authentication details / credentials #8

arvindsv opened this issue Jan 15, 2019 · 5 comments

Comments

@arvindsv
Copy link

  • Providing it on the command-line could be insecure.
  • Even if provided as environment variables, it might not be ideal.
  • Ideally: An auth token, with a granular scope which allows only preflight checks.
@marques-work
Copy link
Collaborator

marques-work commented Jan 15, 2019
edited
Loading

@arvindsv Will add interactive prompts when not all args present — will that do until we finish the token auth work?

@tomzo
Copy link
Member

tomzo commented Jan 15, 2019

I think env variables are quite convenient and much better than CLI args.
A file with password wouldn't be so bad either as long as user can sustain its permissions at 0600.

How about a solution like hashicorp vault?

User can run vault login which expects some auth method to be used. This generates a temporary token and saves it in something like ~/.vault-token.

For now I guess we could be saving password to a file ~/.gocd-cli-secret, so that user does not have to provide it on each request.

@marques-work
Copy link
Collaborator

@tomzo theoretically, we get the environment variables free because we're using the spf13/viper package. I need to write some tests to ensure it works as designed.

We do already support the password files. ./gocd config <config key> stores its values (credentials, base GoCD server url) on disk already, so we don't need to provide in a request. however, it's plaintext (yaml).

@marques-work
Copy link
Collaborator

I think one of the ugly things that @arvindsv was pointing out was that by passing credentials as args means they are echoed to the terminal in plain sight, which is not ideal. The other is that the passwords are exposed in plaintext on disk. Auth tokens would reduce these risks.

@marques-work
Copy link
Collaborator

For basic auth:

  • make password optional.
  • if not specified, prompt for password without echoing
  • already should support reading from ENV; the appropriate environment variable to set is auth.password
$ env auth.password=mysecretpasswd

For token auth:

  • Backend implemented. Wire up front end to allow setting via command
  • Implement api call to create tokens as well
  • Make gocd accept piped input. Then things like this are possible:
$ <some command to generate token, e.g., curl> | gocd config auth-token -

@marques-work marques-work mentioned this issue Mar 21, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@arvindsv @marques-work @varshavaradarajan @tomzo