Re: [libvirt] [jenkins-ci PATCH 10/20] quayadmin: Read configuration from file
On Wed, 2019-07-17 at 13:03 +0100, Daniel P. Berrangé wrote:
On Wed, Jul 17, 2019 at 01:53:59PM +0200, Andrea Bolognani wrote:
> We don't want sensitive information such as the API token to
> be stored into the script, both because it could lead to them
> being leaked by mistake and because it makes it needlessly
> complicated for users to take advantage of the tool.
We arguably don't want the token stored cleartext in a
config file either. How about making use of the system
keyring - there's a python module that looks to make
this fairly easy
https://pypi.org/project/keyring/
Sounds good as a follow-up improvement[1], but since clearly neither
of us has a ton of time to dedicate to this specific script I'd
rather merge the Good Enough™ solution for the time being instead of
blocking the whole thing on keyring integration.
[1] I wonder if I can manage to integrate it with my existing pass(1)
setup? That's be pretty neat!
--
Andrea Bolognani / Red Hat / Virtualization