Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: adds handling for a KC_CLI_PASSWORD env variable #29430

Merged
merged 1 commit into from
Jun 6, 2024
Merged

fix: adds handling for a KC_CLI_PASSWORD env variable #29430

merged 1 commit into from
Jun 6, 2024

Conversation

shawkins
Copy link
Contributor

@shawkins shawkins commented May 9, 2024
edited

closes: #21961

Went the route of picocli defaults for this. We could consider adding a general default handler, but option keys for the "secrets" don't seem consistent.

The other possible "secret" env variables (not addressed in this pr) include:

  • the truststore password (although we are trying to move away from truststores that require a password)
  • the initial token
  • the registration token

@shawkins shawkins requested review from a team as code owners May 9, 2024 20:20
This was referenced May 9, 2024
Closed
Closed
Closed
Closed
Closed
Closed
Closed
@keycloak-github-bot keycloak-github-bot bot mentioned this pull request May 9, 2024
Closed
vmuzikar
vmuzikar reviewed May 20, 2024
View reviewed changes
Copy link
Contributor

@vmuzikar vmuzikar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@shawkins Thanks for this enhancement.

I think it might be good to also document it that it now accepts env var? Possibly here?

...on/client-cli/admin-cli/src/main/java/org/keycloak/client/cli/common/BaseAuthOptionsCmd.java Outdated Show resolved Hide resolved
...ent-cli/admin-cli/src/main/java/org/keycloak/client/cli/common/BaseConfigCredentialsCmd.java Outdated Show resolved Hide resolved
@shawkins
Copy link
Contributor Author

@vmuzikar updated the punctuation / typo. I'm now thinking this is probably too narrow in scope. Users would expect the same behavior for the client secret, store pass, etc. Does it seem ok to expend the effort for all of these?

@vmuzikar
Copy link
Contributor

Does it seem ok to expend the effort for all of these?

Works for me.

@shawkins shawkins force-pushed the iss21961 branch 4 times, most recently from 1e26c33 to fbeda94 Compare May 28, 2024 13:21
@shawkins
Copy link
Contributor Author

@vmuzikar updated to all kcadm sensitive options, which covers some of kcreg as well. Added a few mentions in the docs. Can also add a v26 release note if desired.

This was referenced May 28, 2024
Open
Open
vmuzikar
vmuzikar approved these changes Jun 6, 2024
View reviewed changes
Copy link
Contributor

@vmuzikar vmuzikar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thank you @shawkins.

@shawkins @vmuzikar
fix: adds handling for all kcadm prompts as env variables
fee57f5 
closes: keycloak#21961

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
@vmuzikar vmuzikar enabled auto-merge (squash) June 6, 2024 11:18
@keycloak-github-bot keycloak-github-bot bot mentioned this pull request Jun 6, 2024
Open
@vmuzikar vmuzikar merged commit c7e9ee2 into keycloak:main Jun 6, 2024
62 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vmuzikar vmuzikar vmuzikar approved these changes

@mabartos mabartos Awaiting requested review from mabartos

Assignees
No one assigned
Labels
flaky-test team/cloud-native team/core-clients team/core-iam
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow to provider password to kcadm (keycloak-admin-cli) via environment variable
2 participants
@shawkins @vmuzikar