Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Get username/passwords in a way that doesn't end up in a repo #69

Open
drewoldag opened this issue Sep 20, 2024 · 0 comments
Open

Get username/passwords in a way that doesn't end up in a repo #69

drewoldag opened this issue Sep 20, 2024 · 0 comments

Comments

@drewoldag
Copy link
Collaborator

Currently we have username and password in the fibad_default_config.toml file. And there's nothing that would prevent a user from adding their real credentials and pushing to their repo.

It would be nice to introduce some low friction approach that allows users to specify their credentials in a file external to the config toml and that is listed in .gitignore.

If we used a credentials.ini file, it could look like the following:

In fibad_default_config.toml we could include key

[download]
credential_file = '.../credentials.ini'

A default credentials.ini looking like:

username=false
password=false

The user would be expected to either update the credentials.ini or provide their own and update their config accordingly.

There would be a little boilerplate code in the downloader to read and use the .ini file contents and allow us a little more protection against accidentally committing creds.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant