We changed the git password recently and had quite a lot failing builds afterwards (or not even builds, because in checking build condition it already failed). The password is also stored in plaintext on the host which is a security risk because the password might leak.
We use https checkouts because distributing the ssh key to 300+ machines is not the best thing and also on Windows it is not that easy to use ssh at all.
I would expect Quickbuild to not store the password on the host, because it is a secret in QB. Also that way it would be able to change the password because it is not stored on the host in the gitconfig.
Description
We changed the git password recently and had quite a lot failing builds afterwards (or not even builds, because in checking build condition it already failed). The password is also stored in plaintext on the host which is a security risk because the password might leak.
We use https checkouts because distributing the ssh key to 300+ machines is not the best thing and also on Windows it is not that easy to use ssh at all.
I would expect Quickbuild to not store the password on the host, because it is a secret in QB. Also that way it would be able to change the password because it is not stored on the host in the gitconfig.
When password is changed, QuickBuild doesn't start a clean build and that is the reason caused this issue. It will be fixed soon.
But to remove password from gitconfig is not possible from QuickBuild side. But you still have options if you really concern the security issue. You can:
Steve Luo[12/Oct/19 01:10 AM]
Hi,
When password is changed, QuickBuild doesn't start a clean build and that is the reason caused this issue. It will be fixed soon.
But to remove password from gitconfig is not possible from QuickBuild side. But you still have options if you really concern the security issue. You can:
# Use global insteadof like:
git config --global url."https://username:password@github.com/username/repo.git".insteadOf https://github.com/username/repo.git
in this way, your password will be only stored in ~/.gitconfig file, and in quickbuild, you needn't specify the username and password any more.
Bug
Resolved
Critical
Changing the git password causes failing git operations on existing workspaces
When password is changed, QuickBuild doesn't start a clean build and that is the reason caused this issue. It will be fixed soon.
But to remove password from gitconfig is not possible from QuickBuild side. But you still have options if you really concern the security issue. You can:
# Use global insteadof like:
git config --global url."https://username:password@github.com/username/repo.git".insteadOf https://github.com/username/repo.git
in this way, your password will be only stored in ~/.gitconfig file, and in quickbuild, you needn't specify the username and password any more.