Hello! On Tue, Jan 22, 2019 at 21:39:48 -0800, Shohre Mansouri wrote: > We need to "schedule" a pipeline on a GoCd server, from another GoCd server. > We have been able to do so using this documentation providing the username > and password in plain text as the arguments for -u (highlighted below): > > https://api.gocd.org/current/#scheduling-pipelines > > curl 'https://ci.example.com/go/api/pipelines/pipeline1/schedule' \ > -u '#username#:#password#' \ > -H 'Accept: application/vnd.go.cd.v1+json' \ > -H 'Content-Type: application/json' \ > -X POST \ > -d '{}'
Do you mean the ability to not pass in a username/password combination? Encrypting the password doesn't really change anything. The encrypted password will then become the "secret" that you need to manage, right? Anyone who has that encrypted password would be able to make the same call. Anyway, what might actually help you is in progress and will probably be released in February. It is: https://github.com/gocd/gocd/issues/5354 That should give you the ability to generate auth tokens, which you can use in place. That will make it possible to revoke them, if they are exposed, etc. Feel free to provide feedback there or in https://github.com/gocd/gocd/issues/5321. Hope that helps, Aravind -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
