New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LPS-102998 Add a way for users to locally store generic private repo … #79365
Conversation
CI is automatically triggering "ci:test:sf" and "ci:test:relevant" for this pull to run Source Formatter and relevant tests. Comment "ci:test" to run the full PR Tester for this pull. |
✔️ ci:test:sf - 1 out of 1 jobs passed in 4 minutes 247 msClick here for more details.Base Branch:Branch Name: master Sender Branch:Branch Name: LPS-102998 1 Successful Jobs:For more details click here. |
❌ ci:test:relevant - 13 out of 17 jobs passed in 1 hour 5 minutes 51 seconds 840 msClick here for more details.Base Branch:Branch Name: master Copied in Private Modules Branch:Branch Name: master-private 4 Failed Jobs:
13 Successful Jobs:
For more details click here.Failures unique to this pull:
Failures in common with acceptance upstream results at 0dc6fe5:
|
ci:test:relevant |
❌ ci:test:relevant - 15 out of 17 jobs passed in 1 hour 15 minutes 59 seconds 675 msClick here for more details.Base Branch:Branch Name: master Copied in Private Modules Branch:Branch Name: master-private 2 Failed Jobs:15 Successful Jobs:
For more details click here.This pull contains no unique failures.Failures in common with acceptance upstream results at 6b0732d:
|
Hi @CAustin582, 1, Can this be improved to support credentials rotation? E.g. have some public https://files.liferay.com/.DXP_CREDENTIALS.sha512 file with a fingerprint of the private file content and if it doesn't match then ask again to download it? 2, Instead of asking the username & password from a command line, can we instruct user to open the file in a browser and download to a proper place? I don't trust cmd line, it shows password and password manager talks to browsers better. Thanks. |
Btw. the best solution would be to have okta integration with nexus. Then we could auto-provision user accounts into nexus and rely on OAuth2 instead of user credentials. This way when the .DXP_CREDENTIALS leaks (forgotten/stolen) laptop we would not need to rotate it for every developer, just rotate one user access token. Just saying. |
BChan said he will work with @petershin on Monday (Oct 14) on option #1 that @topolik suggested |
|
ci:test:relevant |
ci:test:relevant |
@CAustin582 we found a different way to do this.. @petershin has more details. |
…credentials