New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow elasticsearch authentication besides encoding credentials into url #72
Comments
As a workaround you could set |
@ionelmc This doesn't solve the problem because on success, pytest-benchmark will still reveal the url including the credentials:
|
Ok then there are two problems here:
|
I think latter would be the easiest to do, I'd also be fine with using |
Well on a second thought I'd prefer the .netrc option because it seems cleaner and you don't need to think twice in the future of preventing cred leakage when refactoring/adding features. |
Currrently the only way of using credentials to authenticate against an elasticsearch instance is to encode the username+password in the url.
This is bad when run in CI, i.e. gitlab unfortunatly still doesn't support protection against leaking secret variables. URls including credentials leak quite easy.
A better way would be to use a config file or a
.netrc
file for credentials.The text was updated successfully, but these errors were encountered: