-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Password stdin #271
Password stdin #271
Conversation
cli/command/registry/login.go
Outdated
fmt.Fprintf(dockerCli.Err(), "Using --password via the CLI is insecure. Use --password-stdin\n") | ||
if opts.passwordStdin { | ||
return errors.Errorf("--password and --password-stdin are mutually exclusive") | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if it would make sense to use -p -
to mean stdin
. Usually -
is only for files, but maybe it would be ok to use that convention here as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would break everyone whose password was "-", so it seems better not to.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hopefully -
is not an acceptable password on any registries, and they all require at least a few more characters..
cli/command/registry/login.go
Outdated
if opts.passwordStdin { | ||
if opts.user == "" { | ||
return errors.Errorf("Must provide --username with --password-stdin") | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This doesn't seem to be a requirement for --password
, why is it necessary for password-stdin
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you don't supply a username via --username, it asks via stdin, which then may eat parts of your password, depending on what characters it has in it (e.g. \n
). Seems better to just disallow it to prevent confusion to me.
Codecov Report
@@ Coverage Diff @@
## master #271 +/- ##
=======================================
Coverage 48.68% 48.68%
=======================================
Files 186 186
Lines 12416 12416
=======================================
Hits 6045 6045
Misses 5996 5996
Partials 375 375 |
cli/command/registry/login.go
Outdated
return err | ||
} | ||
|
||
if contents[len(contents)-1] == '\n' { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should still check that contents != ""
before doing that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also on Windows we have CRLF so we should test "\r\n" when running on windows.
Do we have helper functions for this @thaJeztah @vdemeester ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cc @johnstep
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. in fact, we should probably just use the stdlib to do all of this. Fixed, thanks!
cli/command/registry/login.go
Outdated
} | ||
|
||
if contents[len(contents)-1] == '\n' { | ||
opts.password = string(contents[:len(contents)-1]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same here for the CRLF, make sure we don't include the '\r'
cli/command/registry/login.go
Outdated
} | ||
|
||
opts.password = strings.TrimSuffix(string(contents), "\n") | ||
if runtime.GOOS == "windows" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any reason to limit this to Windows? The password could end up with a CR if it's piped from a file with DOS line endings, or pasted from a weird source. I don't think it will matter much in practice, but applying the same trimming on both platforms would be a slight simplification.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done, thanks.
Ping. Any movement on this? |
LGTM! |
/cc @vdemeester |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Design LGTM 👼
cli/command/registry/login.go
Outdated
@@ -47,6 +51,27 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { | |||
ctx := context.Background() | |||
clnt := dockerCli.Client() | |||
|
|||
if opts.password != "" { | |||
fmt.Fprintln(dockerCli.Err(), "WARNING! Using --password via the CLI is insecure. Use --password-stdin") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should there be a period at the end of this? If Using --password via the CLI is insecure
is formatted as a sentence, I think Use --password-stdin
should be as well.
cli/command/registry/login.go
Outdated
if opts.password != "" { | ||
fmt.Fprintln(dockerCli.Err(), "WARNING! Using --password via the CLI is insecure. Use --password-stdin") | ||
if opts.passwordStdin { | ||
return errors.Errorf("--password and --password-stdin are mutually exclusive") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
errors.New
And I'm wondering if there's a way to phrase this that's more friendly to people who don't speak english as a first language, but I don't have any good ideas right now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, I've left it as is now and fixed everything else. If someone has a better idea, let me know and I'll change it.
cli/command/registry/login.go
Outdated
|
||
if opts.passwordStdin { | ||
if opts.user == "" { | ||
return errors.Errorf("Must provide --username with --password-stdin") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
errors.New
.
This: * conflicts with --password (naturally) * conflicts with the absence of --username (both can't be grabbed by the stdin) * strips a trailing newline off the password if it exists Signed-off-by: Tycho Andersen <[email protected]>
LGTM |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM --password-stdin
is a bit verbose, but don't have a better solution (perhaps a -i
shortcut)?
We probably want this in 17.07, so I'm ok merging as-is, but we also need;
- changes to the completion scripts https://github.com/docker/cli/tree/master/contrib/completion
- update to the documentation (https://github.com/docker/cli/blob/master/docs/reference/commandline/login.md)
- update to the man-page (https://github.com/docker/cli/blob/master/man/src/login.md)
Sure, I can work up docs patches, feel free to merge. |
Add a --password-stdin argument to the login command, and update the warning message from #270 to tell people about it.