Key: |
QB-3451
|
Type: |
Bug
|
Status: |
Resolved
|
Resolution: |
Fixed
|
Priority: |
Critical
|
Assignee: |
Steve Luo
|
Reporter: |
AlSt
|
Votes: |
0
|
Watchers: |
0
|
If you were logged in you would be able to see more operations.
|
|
|
QuickBuild
Created: 07/Oct/19 08:06 AM
Updated: 23/Oct/19 01:11 AM
|
|
Component/s: |
None
|
Affects Version/s: |
8.0.38
|
Fix Version/s: |
9.0.23
|
|
Original Estimate:
|
Unknown
|
Remaining Estimate:
|
Unknown
|
Time Spent:
|
Unknown
|
|
We changed the git password recently and had quite a lot failing builds afterwards (or not even builds, because in checking build condition it already failed). The password is also stored in plaintext on the host which is a security risk because the password might leak.
We use https checkouts because distributing the ssh key to 300+ machines is not the best thing and also on Windows it is not that easy to use ssh at all.
I would expect Quickbuild to not store the password on the host, because it is a secret in QB. Also that way it would be able to change the password because it is not stored on the host in the gitconfig.
|
Description
|
We changed the git password recently and had quite a lot failing builds afterwards (or not even builds, because in checking build condition it already failed). The password is also stored in plaintext on the host which is a security risk because the password might leak.
We use https checkouts because distributing the ssh key to 300+ machines is not the best thing and also on Windows it is not that easy to use ssh at all.
I would expect Quickbuild to not store the password on the host, because it is a secret in QB. Also that way it would be able to change the password because it is not stored on the host in the gitconfig. |
Show » |
No work has yet been logged on this issue.
|
|