Support .starter.env for sensitive data like phpmyadmin credentials #64
Assignees
Labels
enhancement
New feature or request
passed-dev-qa
Optional state. Use this when QAing other peoples fixes in another branch.ready to be merged to main
Comments
apolopena
added a commit
that referenced
this issue
Mar 20, 2021
apolopena
added a commit
that referenced
this issue
Mar 20, 2021
apolopena
added
in-dev-qa
passed-dev-qa
apolopena
added a commit
that referenced
this issue
Mar 24, 2021
* 📖 DOC: #58 Readme: Revamp and add TOC * 🐛 FIX: #45 * 🤖 TEST: phpmyadmin * 🐛 FIX: #45 * 🐛 FIX: path * 🐛 FIX: typo in path * 🐛 FIX: #45 * 🐛 FIX: remove quotes in sed for phpmyadmin * 🤖 TEST: special chars * 🤖 TEST: restore test back to dynamic state * 🐛 FIX: phpmyadmin config * 🐛 FIX: @ breaks things when generated string starts with one * 🐛 FIX: create phpmyadmin db * 🐛 FIX: spinner * 🐛 FIX: #45 * 🐛 FIX: credentials * 🐛 FIX: go back to cp of config.sample.inc.php * 🤖 TEST: rsync progress * 👌 IMPROVE: #62 * 🐛 FIX: tweak rsync progress * 🐛 FIX: tweak rsync progress * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: rsync stats, restored spinner for speed * 🐛 FIX: use native rsync progress option * 🐛 FIX: colorized rsync stats * 🐛 FIX: log messages * 👌 IMPROVE: remove auth, edit comments * 👌 IMPROVE: Installtion information API for #61 * 📖 DOC: comments * 🤖 TEST: call yarn installs less * 🤖 TEST: call yarn installs less * 🐛 FIX: refactor to save calls to yarn install * 🐛 FIX: refactor to save calls to yarn install * 🤖 TEST: refactor to save calls to yarn install * 🐛 FIX: load spinner * 🐛 FIX: error mix not found * 🐛 FIX: tweak order * 🐛 FIX: line 130: printf: --: invalid option * 🐛 FIX: line 130: printf: --: invalid option * 🐛 FIX: tweaks * 🤖 TEST: fix npm error * 🤖 TEST: error in npm when install react scaffolding * 🤖 TEST: with no yarn run dev after node modules are installed * 🤖 TEST: installs * 🐛 FIX: tweaks for less npm installs can rless running of laravel mix * 🤖 TEST: tweaks for installs * 🐛 FIX: install info API, bad regexp * 🐛 FIX: new logic for installs * 🐛 FIX: run_laraval_mix_twice * 🐛 FIX: run_laravel_mix twice in the wrong spot * 🤖 TEST: run larvel mix twice * 🤖 TEST: run larvel mix twice * 🐛 FIX: fresh start on getting out of this hole * 🤖 TEST: vue install * 🤖 TEST: adding in laravel mix run when installing laravel/ui * 🤖 TEST: adding in laravel mix run when installing laravel/ui, remove extraneous condition * 🤖 TEST: no npm install after install of larvel/ui * 🤖 TEST: remove inistal npm install * 🤖 TEST: remove inistal npm install * 🤖 TEST: remove inistal npm install * 🤖 TEST: react install * 🤖 TEST: no front end scaffolding installs, still install node modules * 🐛 FIX: typo * 🤖 TEST: no front end scaffolding installs * 🐛 FIX: conditional * 📖 DOC: comments * 🐛 FIX: make successes a silent log * 🐛 FIX: install conditions, ready to test * 📖 DOC: fixed and tested one-liners for project creation * 🐛 FIX: typo in condition * 🐛 FIX: install node modules blindly to avoid frontend scaffolding overwrite * 🐛 FIX: remove uneccessary function * 🐛 FIX: phpmyadmin install * 🐛 FIX: path to public/phpmyadmin/config.inc.php * 👌 IMPROVE: enhanced phpmyadmin setup logic * 👌 IMPROVE: #64 Support .starter.env for sensitive data like phpmyadmin credentials * 🐛 FIX: refactor #64, works good * 🐛 FIX: rename and fix * 🐛 FIX: path * 🐛 FIX: file name * 📖 DOC: #66 Add phpMyAdmin section to README.md * 👌 IMPROVE: no trailing newline for .txt files * 👌 IMPROVE: #65 Add log message to summary * 📖 DOC: improve message * 📖 DOC: improve message * 🐛 FIX: #67 'before' tasks should be logged to file but not to the console * 👌 IMPROVE: log messages * 👌 IMPROVE: #68 Add help alias * 👌 IMPROVE: success messages are logged silently * 👌 IMPROVE: add silent log * 🐛 FIX: log messages * 🐛 FIX: logs and comments * 🐛 FIX: #63 * 🐛 FIX: #41 Rename test-app to laravel8-starter * 🤖 TEST: force workspace image build * 🐛 FIX: rsync path * 🐛 FIX: log message * 🐛 FIX: message * 🐛 FIX: message * 🐛 FIX: message * 👌 IMPROVE: #39 Expand Gitlog with additional emoji and git aliases * 🐛 FIX: #39 change add to ad, add noadd aliases * 📖 DOC: update as per #39 * 🐛 FIX: summary message * 🐛 FIX: messaging * 🐛 FIX: #69 * 🐛 FIX: fine tune, logic and logs * 🐛 FIX: wording * 🐛 FIX: edit log message * 🐛 FIX: alias: add changed to ad * 🐛 FIX: log silent on env injection success * 🐛 FIX: log msg * 🤖 TEST: fix broken web preview spinner * 🤖 TEST: fix for hung preview * 👌 IMPROVE: hung preview fix * 🤖 TEST: preview browser fix * 🤖 TEST: phpmyadmin install=0 * ♻️ REFACTOR: preview browser * 👌 IMPROVE: preview browser message * 🐛 FIX: removed preview browser open msg since #19 is a gitpod internal bug * 🤖 TEST: barebones install * 🤖 TEST: changelog generator * 🤖 TEST: force workspace image build * 🤖 TEST: changelog generator * ⚰️ REMOVE: workaround code for #46 * 🤖 TEST: force workspace image build * 🐛 FIX: init scripts should not depend on eachothers success * 🤖 TEST: force workspace image build * 📖 DOC: edit and enhance README * 🐛 FIX: removed ... from log messages
apolopena
added a commit
that referenced
this issue
Mar 24, 2021
* 📖 DOC: #58 Readme: Revamp and add TOC * 🐛 FIX: #45 * 🤖 TEST: phpmyadmin * 🐛 FIX: #45 * 🐛 FIX: path * 🐛 FIX: typo in path * 🐛 FIX: #45 * 🐛 FIX: remove quotes in sed for phpmyadmin * 🤖 TEST: special chars * 🤖 TEST: restore test back to dynamic state * 🐛 FIX: phpmyadmin config * 🐛 FIX: @ breaks things when generated string starts with one * 🐛 FIX: create phpmyadmin db * 🐛 FIX: spinner * 🐛 FIX: #45 * 🐛 FIX: credentials * 🐛 FIX: go back to cp of config.sample.inc.php * 🤖 TEST: rsync progress * 👌 IMPROVE: #62 * 🐛 FIX: tweak rsync progress * 🐛 FIX: tweak rsync progress * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: use native rsync progress option * 🐛 FIX: rsync stats, restored spinner for speed * 🐛 FIX: use native rsync progress option * 🐛 FIX: colorized rsync stats * 🐛 FIX: log messages * 👌 IMPROVE: remove auth, edit comments * 👌 IMPROVE: Installtion information API for #61 * 📖 DOC: comments * 🤖 TEST: call yarn installs less * 🤖 TEST: call yarn installs less * 🐛 FIX: refactor to save calls to yarn install * 🐛 FIX: refactor to save calls to yarn install * 🤖 TEST: refactor to save calls to yarn install * 🐛 FIX: load spinner * 🐛 FIX: error mix not found * 🐛 FIX: tweak order * 🐛 FIX: line 130: printf: --: invalid option * 🐛 FIX: line 130: printf: --: invalid option * 🐛 FIX: tweaks * 🤖 TEST: fix npm error * 🤖 TEST: error in npm when install react scaffolding * 🤖 TEST: with no yarn run dev after node modules are installed * 🤖 TEST: installs * 🐛 FIX: tweaks for less npm installs can rless running of laravel mix * 🤖 TEST: tweaks for installs * 🐛 FIX: install info API, bad regexp * 🐛 FIX: new logic for installs * 🐛 FIX: run_laraval_mix_twice * 🐛 FIX: run_laravel_mix twice in the wrong spot * 🤖 TEST: run larvel mix twice * 🤖 TEST: run larvel mix twice * 🐛 FIX: fresh start on getting out of this hole * 🤖 TEST: vue install * 🤖 TEST: adding in laravel mix run when installing laravel/ui * 🤖 TEST: adding in laravel mix run when installing laravel/ui, remove extraneous condition * 🤖 TEST: no npm install after install of larvel/ui * 🤖 TEST: remove inistal npm install * 🤖 TEST: remove inistal npm install * 🤖 TEST: remove inistal npm install * 🤖 TEST: react install * 🤖 TEST: no front end scaffolding installs, still install node modules * 🐛 FIX: typo * 🤖 TEST: no front end scaffolding installs * 🐛 FIX: conditional * 📖 DOC: comments * 🐛 FIX: make successes a silent log * 🐛 FIX: install conditions, ready to test * 📖 DOC: fixed and tested one-liners for project creation * 🐛 FIX: typo in condition * 🐛 FIX: install node modules blindly to avoid frontend scaffolding overwrite * 🐛 FIX: remove uneccessary function * 🐛 FIX: phpmyadmin install * 🐛 FIX: path to public/phpmyadmin/config.inc.php * 👌 IMPROVE: enhanced phpmyadmin setup logic * 👌 IMPROVE: #64 Support .starter.env for sensitive data like phpmyadmin credentials * 🐛 FIX: refactor #64, works good * 🐛 FIX: rename and fix * 🐛 FIX: path * 🐛 FIX: file name * 📖 DOC: #66 Add phpMyAdmin section to README.md * 👌 IMPROVE: no trailing newline for .txt files * 👌 IMPROVE: #65 Add log message to summary * 📖 DOC: improve message * 📖 DOC: improve message * 🐛 FIX: #67 'before' tasks should be logged to file but not to the console * 👌 IMPROVE: log messages * 👌 IMPROVE: #68 Add help alias * 👌 IMPROVE: success messages are logged silently * 👌 IMPROVE: add silent log * 🐛 FIX: log messages * 🐛 FIX: logs and comments * 🐛 FIX: #63 * 🐛 FIX: #41 Rename test-app to laravel8-starter * 🤖 TEST: force workspace image build * 🐛 FIX: rsync path * 🐛 FIX: log message * 🐛 FIX: message * 🐛 FIX: message * 🐛 FIX: message * 👌 IMPROVE: #39 Expand Gitlog with additional emoji and git aliases * 🐛 FIX: #39 change add to ad, add noadd aliases * 📖 DOC: update as per #39 * 🐛 FIX: summary message * 🐛 FIX: messaging * 🐛 FIX: #69 * 🐛 FIX: fine tune, logic and logs * 🐛 FIX: wording * 🐛 FIX: edit log message * 🐛 FIX: alias: add changed to ad * 🐛 FIX: log silent on env injection success * 🐛 FIX: log msg * 🤖 TEST: fix broken web preview spinner * 🤖 TEST: fix for hung preview * 👌 IMPROVE: hung preview fix * 🤖 TEST: preview browser fix * 🤖 TEST: phpmyadmin install=0 * ♻️ REFACTOR: preview browser * 👌 IMPROVE: preview browser message * 🐛 FIX: removed preview browser open msg since #19 is a gitpod internal bug * 🤖 TEST: barebones install * 🤖 TEST: changelog generator * 🤖 TEST: force workspace image build * 🤖 TEST: changelog generator * ⚰️ REMOVE: workaround code for #46 * 🤖 TEST: force workspace image build * 🐛 FIX: init scripts should not depend on eachothers success * 🤖 TEST: force workspace image build * 📖 DOC: edit and enhance README * 🐛 FIX: removed ... from log messages * 📖 DOC: Gitpod Caveats
|
Fixes #59 |
apolopena
added
passed-dev-qa
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem this feature will solve
Any password or username that needs to be setup during creation of a cworkspace must be kept in version control.
Background
Currently this is an issue for the phpmyadmin setup.
Never keep sensitive data in version control
Proposed Solution
support a
.starter.envwhere sensitive data can be loaded as a variable and then unset when that data is not longer needed.Implement a system where:
.starter.env.bashrcvia.bash_aliasesupdate_pma_pwsConstraints and Assumptions
.starter.envwill always on the git ignore listany valid name value pairs should be described in the file
.example.starter.envAlternatives or Workarounds
Nothing secure
Additional context
.
start.envshould probably only be used for the workspace initialization phase. Maybe in the init logs let the user know that for additional security they can delete the .starter.env fileThe text was updated successfully, but these errors were encountered: