starchart-labs / lockdown Goto Github PK
View Code? Open in Web Editor NEWHandling for when you simply can't avoid storing basic credentials
License: MIT License
Handling for when you simply can't avoid storing basic credentials
License: MIT License
DO what is necessary for a banner to appear notifying users of old group ID to new one
Once APIs are deprecated, add overall major-version-by-major-version guide (linked from front README) to assist users in migrating
The CII URLs must be updated for the move - may require re-doing the process, as it appears that the repo URL is unchangable
I used ssh-keygen -t rsa
to create a key pair called lockdown_rsa.
I defined a gradle task as such:
task addPgCredentials(type: com.coronaide.lockdown.gradle.task.AddCredentialsTask){
publicKey "${rootDir}/lockdown_rsa.pub"
credentialFile "${projectDir}/src/main/resources/credentials-dev.properties"
}
lockdown_rsa.pub is present in ${rootDir}. When running my task: ./gradlew :repository.pg:addPgCredentials -PlookupKey=key --stacktrace
I see the following stack trace:
* What went wrong:
Execution failed for task ':repository.pg:addPgCredentials'.
> java.lang.NullPointerException (no error message)
...cutting out the boring part of the stack trace....
Caused by: java.lang.NullPointerException
at com.coronaide.lockdown.CredentialStore.readAndDecodeKey(CredentialStore.java:341)
at com.coronaide.lockdown.CredentialStore.addOrUpdateCredentials(CredentialStore.java:87)
at com.coronaide.lockdown.CredentialStore$addOrUpdateCredentials$0.call(Unknown Source)
at com.coronaide.lockdown.gradle.task.AddCredentialsTask.exec(AddCredentialsTask.groovy:52)
at org.gradle.internal.reflect.JavaMethod.invoke(JavaMethod.java:75)
at org.gradle.api.internal.project.taskfactory.DefaultTaskClassInfoStore$StandardTaskAction.doExecute(DefaultTaskClassInfoStore.java:133)
at org.gradle.api.internal.project.taskfactory.DefaultTaskClassInfoStore$StandardTaskAction.execute(DefaultTaskClassInfoStore.java:126)
at org.gradle.api.internal.project.taskfactory.DefaultTaskClassInfoStore$StandardTaskAction.execute(DefaultTaskClassInfoStore.java:115)
at org.gradle.api.internal.AbstractTask$TaskActionWrapper.execute(AbstractTask.java:623)
at org.gradle.api.internal.AbstractTask$TaskActionWrapper.execute(AbstractTask.java:606)
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeAction(ExecuteActionsTaskExecuter.java:80)
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeActions(ExecuteActionsTaskExecuter.java:61)
... 68 more
By dint of owning coronaide.com, we can use things like com.coronaide.lockdown as the group name. Do so to keep things organized on the nexus side
The group ID and packages are currently com.coronaide - this should be migrated to org.starchartlabs. The group ID change will require update in Nexus - the packages will need to be deprecated for a major release before removal
Allow setting the login dialog title, so clients may use the login to collect other credentials at runtime if desired
The generated POM is currently missing the following values required by Maven:
These need to be added to the output of the maven-publish operation
TestNG introduces a vulnerable dependency on BeanShell - upgrade to TestNG 6.11 to remove it
Currently, the only way to check if a key is available is to try to use it, getting an exception if it isn't present. If would be nice to be able to check before attempting use to allow better client use patterns
The headers for license files are currently EPL - either change the target license, or update the headers
When entering passwords with the addkey function of lockdown-cli, the password is visible in the shell. Lots of command line tools I've used do not show characters as you're typing them for sensitive fields such as passwords, we should do the same thing
Once released on nexus, add badge for maven nexus location
To better allow those using Java 9 to utilize lockdown, provide an automatic module name manifest entry in the generated Jar files
Currently, the main use documentation is the README in the repository root - add README files for each project (linked from the abbreviated version) going into more detail for each specific project
Once v1.0.0 is released under the new group ID, update the URLs in the maven badges
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.