Hi Drago On Tue, Mar 7, 2017 at 7:32 AM Drago Trusk <drago.tr...@gmail.com> wrote:
> Hi Pierre, > > it is understandable that people should use SSH keys, but if third party > exposes non-SSH access then this becomes a problem. > Could you be more specific on this? I'd like to understand the exact use case in order to see how we can support it the best. Since we are currently designing the secret manager <https://github.com/buildbot/buildbot/pull/2660/files>, and we need to understand the usecases in details in order to implement it best. Obfuscation of command (e.g. password) is nice, but if for whatever reason > this command fails and writes sensitive information into stderr/stdout it > will still be visible. Of course if worker is on Linux that can be piped > and replaced (or through code itself). > Again, I am not sure what you suggest as a solution for that? > Since I'm provisioning my workers with SSH keys anyway I have sensitive > information in gitconfig, but I just wanted to point out that use cases can > happen in situations when someone doesn't have another choice. > I would be interrested to see what kind of gitconfig do you have, could you please publish it (obviously with the sensitive information redacted) ? Regards, Pierre
_______________________________________________ users mailing list users@buildbot.net https://lists.buildbot.net/mailman/listinfo/users
