8000 simple password vault integration based on psql suggestion by denis-yuen · Pull Request #308 · dockstore/dockstore-cli · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

simple password vault integration based on psql suggestion #308

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 30, 2025
Merged

simple password vault integration based on psql suggestion #308

merged 2 commits into from
May 30, 2025
+19 −2

Conversation

denis-yuen
Copy link
Member
@denis-yuen denis-yuen commented May 28, 2025
edited
Loading

Description
Inspired by https://postgrespro.com/list/thread-id/2396558 a proposal on how to make pgsql and it's use of pgpass more secure. That proposal did not seem to come to fruition, but seems like a simple/elegant way to allow a user concerned about storing passwords/auth tokens on disk to store them instead in some kind of password vault or manager.

Review Instructions
Use the CLI, put your token in another file and cat it as a tokenCommand
Spun off documentation as https://ucsc-cgl.atlassian.net/browse/SEAB-7171

Issue
https://ucsc-cgl.atlassian.net/browse/SEAB-7032

Security
None, this is intended to improve security by providing a workaround to storing the auth token on disk.

  • Check that you pass the basic style checks and unit tests by running ./mvnw clean install
  • If this PR is for a user-facing feature, create and link a documentation ticket for this feature (usually in the same milestone as the linked issue). Style points if you create a documentation PR directly and link that instead.

@codecov Codecov
Copy link
codecov bot commented May 28, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 14.28571% with 6 lines in your changes missing coverage. Please review.

Project coverage is 23.80%. Comparing base (c5470e7) to head (93aaa5f).
Report is 1 commits behind head on develop.

Files with missing lines Patch % Lines
.../src/main/java/io/dockstore/client/cli/Client.java 14.28% 4 Missing and 2 partials ⚠️
Additional details and impacted files 
@@              Coverage Diff              @@
##             develop     #308      +/-   ##
=============================================
- Coverage      23.83%   23.80%   -0.04%     
+ Complexity       402      398       -4     
=============================================
  Files             48       48              
  Lines           6041     6046       +5     
  Branches         798      800       +2     
=============================================
- Hits            1440     1439       -1     
- Misses          4416     4418       +2     
- Partials         185      189       +4
Flag Coverage Δ
bitbuckettests 0.00% <0.00%> (ø)
confidentialtooltests 0.00% <0.00%> (ø)
confidentialworkflowtests 0.00% <0.00%> (ø)
nonconfidentialtests 23.12% <14.28%> (-0.04%) ⬇️
singularitytests 0.00% <0.00%> (ø)
toilintegrationtests 15.33% <14.28%> (+<0.01%) ⬆️
unittests 0.47% <0.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
45.5% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@denis-yuen denis-yuen self-assigned this May 29, 2025
@denis-yuen denis-yuen requested review from a team, kathy-t and svonworl and removed request for a team May 29, 2025 15:30
@denis-yuen denis-yuen marked this pull request as ready for review May 29, 2025 15:30
@denis-yuen denis-yuen changed the title simple hack based on psql suggestion simple password vaul integration based on psql suggestion May 29, 2025
@denis-yuen denis-yuen changed the title simple password vaul integration based on psql suggestion simple password vault integration based on psql suggestion May 30, 2025
@denis-yuen denis-yuen merged commit 4e3aeed into develop May 30, 2025
21 of 22 checks passed
@denis-yuen denis-yuen deleted the feature/simple_tokencommand branch May 30, 2025 17:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kathy-t kathy-t kathy-t approved these changes

@svonworl svonworl svonworl approved these changes

Assignees

@denis-yuen denis-yuen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@denis-yuen @kathy-t @svonworl
0