Introduce env. variable NOTARY_AUTH for setting username & password #1246

stefanberger · 2017-10-13T20:06:54Z

In case of automation it may not be possible to prompt the user
for username and password. To provide a way to pass username and
password we introduce the NOTARY_AUTH environment variable through
which username and password can be passed. Username and password
must be separated by ':' and base64 encoded.

The following example shows how to set username and password:

export NOTARY_AUTH="$(echo -n "me:mysecretpassword" | base64)"

Decoding:

echo $NOTARY_AUTH | base64 -d
me:mysecretpassword

Signed-off-by: Stefan Berger stefanb@linux.vnet.ibm.com

docker-jenkins · 2017-10-13T20:06:56Z

Can one of the admins verify this patch?

In case of automation it may not be possible to prompt the user for username and password. To provide a way to pass username and password we introduce the NOTARY_AUTH environment variable through which username and password can be passed. Username and password must be separated by ':' and base64 encoded. The following example shows how to set username and password: > export NOTARY_AUTH="$(echo -n "me:mysecretpassword" | base64)" Decoding: > echo $NOTARY_AUTH | base64 -d me:mysecretpassword Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

riyazdf

thank you @stefanberger this is very useful, LGTM!

endophage · 2017-10-23T22:40:26Z

cmd/notary/tuf.go

+			return username, password
+		}
+
+		logrus.Error("Malformatted authentication string; format must be <username>:<password>")


I'm debating whether it makes sense for this to be a fatal error here. This is only used in the CLI so it seems like it would be desirable to exit ASAP if we've made the decision the inputs are bad. Thoughts?

Would be fine by me. I followed the existing pattern where we don't exit with fatal error on timeout from keyboard input, either. Maybe that should then be changed as well in either a preceding patch or one on top of this here...

The test cases would not be able to test false inputs, though. Running into failures would exit the test case...

hmmm yeah, definitely prefer having the tests work properly. We'll leave this as is 👍

endophage

LGTM

stefanberger force-pushed the basic_auth_envvar branch 6 times, most recently from a0a8ef4 to 21ee339 Compare October 14, 2017 00:17

stefanberger force-pushed the basic_auth_envvar branch from 21ee339 to 6b49e10 Compare October 14, 2017 01:13

riyazdf approved these changes Oct 23, 2017

View reviewed changes

endophage reviewed Oct 23, 2017

View reviewed changes

endophage approved these changes Oct 25, 2017

View reviewed changes

endophage merged commit 78c6068 into notaryproject:master Oct 25, 2017

This was referenced Mar 2, 2018

non interactive authentication #1292

Closed

Document the NOTARY_AUTH environment variable #1309

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Introduce env. variable NOTARY_AUTH for setting username & password #1246

Introduce env. variable NOTARY_AUTH for setting username & password #1246

stefanberger commented Oct 13, 2017

docker-jenkins commented Oct 13, 2017

riyazdf left a comment

endophage Oct 23, 2017

stefanberger Oct 23, 2017

stefanberger Oct 23, 2017

endophage Oct 25, 2017

endophage left a comment

Introduce env. variable NOTARY_AUTH for setting username & password #1246

Introduce env. variable NOTARY_AUTH for setting username & password #1246

Conversation

stefanberger commented Oct 13, 2017

docker-jenkins commented Oct 13, 2017

riyazdf left a comment

Choose a reason for hiding this comment

endophage Oct 23, 2017

Choose a reason for hiding this comment

stefanberger Oct 23, 2017

Choose a reason for hiding this comment

stefanberger Oct 23, 2017

Choose a reason for hiding this comment

endophage Oct 25, 2017

Choose a reason for hiding this comment

endophage left a comment

Choose a reason for hiding this comment