On Wed, 2019-07-17 at 13:03 +0100, Daniel P. Berrangé wrote:
On Wed, Jul 17, 2019 at 01:53:59PM +0200, Andrea Bolognani wrote:
We don't want sensitive information such as the API token to be stored into the script, both because it could lead to them being leaked by mistake and because it makes it needlessly complicated for users to take advantage of the tool.
We arguably don't want the token stored cleartext in a config file either. How about making use of the system keyring - there's a python module that looks to make this fairly easy
Sounds good as a follow-up improvement[1], but since clearly neither of us has a ton of time to dedicate to this specific script I'd rather merge the Good Enough™ solution for the time being instead of blocking the whole thing on keyring integration. [1] I wonder if I can manage to integrate it with my existing pass(1) setup? That's be pretty neat! -- Andrea Bolognani / Red Hat / Virtualization