Skip to content

- Add new flag --no-store to print the encoded secret in "secret set"#4423

Merged
mislav merged 4 commits intocli:trunkfrom
sguzmanm:ISS-4388-do-not-store-secret
Dec 2, 2021
Merged

- Add new flag --no-store to print the encoded secret in "secret set"#4423
mislav merged 4 commits intocli:trunkfrom
sguzmanm:ISS-4388-do-not-store-secret

Conversation

@sguzmanm
Copy link
Contributor

@sguzmanm sguzmanm commented Oct 3, 2021

  • Print the generated secret without storing it in Github
  • Add tests for new flag using contains as a valid assertion in it

image

Fixes #4388

mislav
mislav reviewed Oct 5, 2021
View reviewed changes
Copy link
Contributor

@mislav mislav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you! This feature as you've made it looks good, but I'm still on the fence whether this belongs in gh secret set. More thoughts below

mislav
mislav reviewed Oct 5, 2021
View reviewed changes
pkg/cmd/secret/set/set.go Outdated
$ gh secret set MYSECRET < file.json

Print encoded secret value
$ gh secret set MYSECRET --no-store
Copy link
Contributor

@mislav mislav Oct 5, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It feels weird to have to specify the secret variable name even in the case when the value is not going to be stored. Maybe this is reason enough to move this functionality to be its own command rather than an extra flag in secret set? But please don't make this change yet— I would first like to hear more thoughts from people in my team and potentially other users about this. Please be patient until we reach a decision 🙇

Copy link
Contributor Author

@sguzmanm sguzmanm Oct 5, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gotcha

@sguzmanm
Copy link
Contributor Author

sguzmanm commented Oct 5, 2021

@mislav All changes setup, the only thing left is to define whether we need this in another command or here :)

@sguzmanm sguzmanm force-pushed the ISS-4388-do-not-store-secret branch from ca0966e to ff89c6d Compare October 17, 2021 21:40
@sguzmanm sguzmanm requested a review from a team as a code owner October 17, 2021 21:40
@sguzmanm sguzmanm requested review from mislav and removed request for a team October 17, 2021 21:40
@sguzmanm
Copy link
Contributor Author

sguzmanm commented Nov 21, 2021

@mislav any updates on this pending PR?

mislav
mislav approved these changes Dec 2, 2021
View reviewed changes
Copy link
Contributor

@mislav mislav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Pushed a few polish-level items and the ability to avoid specifying the secret name when using --no-store, since it's not needed in that mode

@mislav mislav enabled auto-merge (squash) December 2, 2021 15:57
@mislav mislav merged commit f13f0e7 into cli:trunk Dec 2, 2021
@VictorBatta VictorBatta mentioned this pull request Dec 4, 2021
Closed
@jenkins-infra-bot jenkins-infra-bot mentioned this pull request Dec 20, 2021
Merged
@shrink shrink mentioned this pull request Jan 12, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@mislav mislav mislav approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@mislav mislav

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add gh secret encrypt command to encrypt a secret locally without sending to GitHub

3 participants

@sguzmanm @mislav @samcoe