Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add tools get-creds command #1220

Merged
merged 14 commits into from
Jan 27, 2023
Merged

add tools get-creds command #1220

merged 14 commits into from
Jan 27, 2023

Conversation

andrewg-xyz
Copy link
Contributor

Description

Add command to easily get credentials printed during zarf init (i.e. git, logging, registry)

Related Issue

Fixes #1098

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Other (security config, docs update, etc)

Checklist before merging

@andrewg-xyz andrewg-xyz linked an issue Jan 19, 2023 that may be closed by this pull request
Zarf CLI should easily show Git and Registry credentials #1098
Closed
@andrewg-xyz
Copy link
Contributor Author

Initial changes, will refactor get-git-password to support

zarf tools get-creds <tool>

printing only the string secret, supporting users who will pipe the secret.

@YrrepNoj
Copy link
Contributor

Can you run make docs-and-schema to auto generate docs for the CLI help messages 😄

(if a pre-commit linter complains when you try to commit please ignore the pre-commit and just commit with --no-verify for now)

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 19, 2023
View reviewed changes
src/pkg/utils/credentials.go
fmt.Println(state.LoggingSecret)
case "git":
message.Note("Git Server push password (username: " + state.GitServer.PushUsername + "):")
fmt.Println(state.GitServer.PushPassword)

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information

[Sensitive data returned by an access to PushPassword](1) flows to a logging call.
src/pkg/utils/credentials.go
fmt.Println(state.GitServer.PushPassword)
case "git-readonly":
message.Note("Git Server (read-only) password (username: " + state.GitServer.PullUsername + "):")
fmt.Println(state.GitServer.PullPassword)

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information

[Sensitive data returned by an access to PullPassword](1) flows to a logging call.
src/pkg/utils/credentials.go
fmt.Println(state.GitServer.PullPassword)
case "registry":
message.Note("Image Registry password (username: " + state.RegistryInfo.PushUsername + "):")
fmt.Println(state.RegistryInfo.PushPassword)

Check failure

Code scanning / CodeQL

Clear-text logging of sensitive information

[Sensitive data returned by an access to PushPassword](1) flows to a logging call.
@andrewg-xyz andrewg-xyz marked this pull request as ready for review January 20, 2023 00:44
Racer159
Racer159 requested changes Jan 23, 2023
View reviewed changes
src/pkg/utils/credentials.go Outdated Show resolved Hide resolved
Racer159
Racer159 previously requested changes Jan 23, 2023
View reviewed changes
.github/codeql.yaml Show resolved Hide resolved
src/cmd/tools.go Outdated Show resolved Hide resolved
jeff-mccoy
jeff-mccoy approved these changes Jan 27, 2023
View reviewed changes
Copy link
Contributor

@jeff-mccoy jeff-mccoy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This behaved as I would expect with the password only be sent to stdout for capture.
Screenshot 2023-01-26 at 7 34 06 PM

Screenshot 2023-01-26 at 7 34 45 PM

@jeff-mccoy jeff-mccoy merged commit d0b3df7 into main Jan 27, 2023
@jeff-mccoy jeff-mccoy deleted the 1098-zarf-cli-should-easily-show-git-and-registry-credentials branch January 27, 2023 04:03
Noxsios pushed a commit that referenced this pull request Mar 8, 2023
@andrewg-xyz
add tools get-creds command (#1220)
b0474b8 
## Description

Add command to easily get credentials printed during zarf init (i.e.
git, logging, registry)

## Related Issue

Fixes #1098 

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Other (security config, docs update, etc)

## Checklist before merging

- [ ] Test, docs, adr added or updated as needed
- [ ] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/CONTRIBUTING.md#developer-workflow)
followed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeff-mccoy jeff-mccoy jeff-mccoy approved these changes

@YrrepNoj YrrepNoj Awaiting requested review from YrrepNoj

@Madeline-UX Madeline-UX Awaiting requested review from Madeline-UX

@JasonvanBrackel JasonvanBrackel Awaiting requested review from JasonvanBrackel

@RothAndrew RothAndrew Awaiting requested review from RothAndrew

@Racer159 Racer159 Awaiting requested review from Racer159

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Zarf CLI should easily show Git and Registry credentials
4 participants
@andrewg-xyz @YrrepNoj @jeff-mccoy @Racer159