Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Import secrets are received without any terminal history #267

Merged
merged 10 commits into from
Jan 19, 2023
Merged

Import secrets are received without any terminal history #267

merged 10 commits into from
Jan 19, 2023

Conversation

AbineshECAD
Copy link
Contributor

@AbineshECAD AbineshECAD commented Dec 14, 2022
edited
Loading

Existing behaviour:
Secret key is part of the import cli command and available in cli history.
Behaviour with this fix
Secret key is not part of import cli. It is received fro user like a password. Not visible in cli history.

@codeclimate
Copy link

codeclimate bot commented Dec 14, 2022
edited
Loading

Code Climate has analyzed commit 99d7210 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 47.1% (0.0% change).

View more on Code Climate.

@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Dec 14, 2022
edited
Loading

Deploying with  Cloudflare Pages  Cloudflare Pages

Latest commit: 99d7210
Status: ✅  Deploy successful!
Preview URL: https://c2d52b93.signatory.pages.dev
Branch Preview URL: https://secret-import.signatory.pages.dev

View logs

@AbineshECAD
Copy link
Contributor Author

AbineshECAD commented Dec 14, 2022
edited
Loading

Test for empty secret input:

% ./signatory-cli import --vault kms --base-dir ./ -c ./s.yaml
INFO[0000] Initializing vault                            vault=cloudkms vault_name=kms
Enter secret key: 
Error: enter a valid secret key

Positive import for encrypted key:

% ./signatory-cli import --vault kms --base-dir ./ -c ./s.yaml
INFO[0000] Initializing vault                            vault=cloudkms vault_name=kms
Enter secret key: 
Enter Password: 
INFO[0009] Requesting import operation                   pkh=tz3be5v4ZWL3zQYUZoLWJQy8P3H6RJryVVXn vault=CloudKMS vault_name=projects/signatory-testing/locations/asia-south1/keyRings/signatory-abi
INFO[0012] Successfully imported                         key_id=projects/signatory-testing/locations/asia-south1/keyRings/signatory-abi/cryptoKeys/signatory-imported-2IvUdirA4yvh6AEiMSVfEnWpVxf/cryptoKeyVersions/1 pkh=tz3be5v4ZWL3zQYUZoLWJQy8P3H6RJryVVXn vault=CloudKMS vault_name=projects/signatory-testing/locations/asia-south1/keyRings/signatory-abi

danielelisi
danielelisi reviewed Jan 18, 2023
View reviewed changes
cmd/commands/import.go Outdated Show resolved Hide resolved
cmd/commands/import.go Outdated Show resolved Hide resolved
cmd/commands/import.go Show resolved Hide resolved
@danielelisi danielelisi merged commit b8a7a46 into main Jan 19, 2023
@danielelisi danielelisi deleted the secret-import branch January 19, 2023 02:16
@danielelisi danielelisi linked an issue Mar 16, 2023 that may be closed by this pull request
Don't save private keys in terminal history when importing keys via CLI #264
Closed
@danielelisi danielelisi mentioned this pull request Mar 16, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danielelisi danielelisi danielelisi approved these changes

@e-asphyx e-asphyx Awaiting requested review from e-asphyx

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Don't save private keys in terminal history when importing keys via CLI
2 participants
@AbineshECAD @danielelisi