-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for reading pwd from Windows and Linux/GNOME keyrings #136
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @giulianopz, thanks for sending this! It would be great to be able to support Linux and Windows.
I'm travelling at the moment, so apologies in advance, I might not be able to get back to you very quickly.
Please, note that the PR introduces new flags to properly tell apart the different credentials sources (or no credentials at all).
This should improve user experience IMHO: before passing the domain flag implicitly meant "prompt me for a password" and a failure when retrieving the credentials from a source was handled by just disabling proxy auth.
I see what you mean, it makes sense to have explicit flags for each source of credentials. The way it currently works is the result of evolution, with various credential sources being added over time.
That said, I'm reluctant to change this as the existing behaviour has been documented (e.g. internal confluence pages) and scripted (e.g. in shell scripts and launchd agents). I'm not sure exactly how much would break if we change the command-line flags now, but I know of at least a few examples. Are you ok to leave the changes to the flags out of this PR?
@@ -1,4 +1,4 @@ | |||
// Copyright 2021 The Alpaca Authors | |||
// Copyright 2019, 2020, 2021 The Alpaca Authors |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you mean to add 2019 and 2020 to this, or did you mean to add 2024 instead?
Also, are you ok to add your name to the AUTHORS file, and are you ok with the Apache 2.0 license?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok for both things.
With regard to the years , I've just copy-pasted the from keyring_darwin.go
. I'm not a license expert but I remember this blog post from Daniel Stenberg who says that you don't really need to mention the year in copyright statements.
But I will update it to 2024, if you want so.
keyring.go
Outdated
// +build !darwin | ||
//go:build linux | ||
// +build linux |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think will restrict this file to only build on Linux (and keyring_darwin.go will be used on Mac). Will this break on Windows and other OSes? Should we leave it as !darwin
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My fault sorry, I've just restricted keyring.go
to Windows and Linux, adding an empty keyring interface for other platforms.
keyring_darwin.go
Outdated
//go:build darwin | ||
// +build darwin | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure this is needed - the filename already ends in _darwin.go
, which should restrict the file to darwin builds?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You are right: the build constraint in the filename is just enough.
Hi @samuong, I removed the To remove the What do you think? |
Use zalando/go-keyring to support targets different from macOS.
Please, note that the PR introduces new flags to properly tell apart the different credentials sources (or no credentials at all).
This should improve user experience IMHO: before passing the domain flag implicitly meant "prompt me for a password" and a failure when retrieving the credentials from a source was handled by just disabling proxy auth.
The README was updated accordingly.