Skip to content

Update keyvalue.py to be able to add new values without leaking them in the shell history. #5164

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
cognifloyd merged 12 commits into from
Oct 3, 2021
+11 −2
Merged

Update keyvalue.py to be able to add new values without leaking them in the shell history. #5164

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
7ce0a2f
Update keyvalue.py
wingiti Feb 24, 2021
cd76da9
Merge branch 'master' into add-value-without-leak-in-history
wingiti Mar 11, 2021
48079c7
Merge branch 'master' into add-value-without-leak-in-history
wingiti Mar 15, 2021
7f72a4b
Merge branch 'master' into add-value-without-leak-in-history
arm4b Jun 2, 2021
9f40fbe
Update CHANGELOG.rst
wingiti Jun 2, 2021
aece661
Merge branch 'master' into add-value-without-leak-in-history
arm4b Jul 14, 2021
055868f
Update CHANGELOG.rst
Jul 14, 2021
ce77e4f
Merge branch 'master' into add-value-without-leak-in-history
amanda11 Oct 1, 2021
e792bdb
whitespace fix
cognifloyd Oct 2, 2021
a17f747
Merge branch 'master' into add-value-without-leak-in-history
cognifloyd Oct 2, 2021
5610ecb
Merge branch 'master' into add-value-without-leak-in-history
cognifloyd Oct 3, 2021
1371d5c
Merge branch 'master' into add-value-without-leak-in-history
cognifloyd Oct 3, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions CHANGELOG.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,11 @@ Changelog
in development
--------------

Added
~~~~~

* Added possibility to add new values to the KV store via CLI without leaking them to the shell history. #5164

Changed
~~~~~~~

Expand Down
8 changes: 6 additions & 2 deletions st2client/st2client/commands/keyvalue.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -256,7 +256,7 @@ def __init__(self, resource, *args, **kwargs):
self.parser.add_argument(
"name", metavar="name", help="Name of the key value pair."
)
self.parser.add_argument("value", help="Value paired with the key.")
self.parser.add_argument("value", help="Value paired with the key.", nargs="?")
self.parser.add_argument(
"-l",
"--ttl",
Expand Down Expand Up @@ -285,10 +285,14 @@ def run(self, args, **kwargs):
instance = KeyValuePair()
instance.id = args.name # TODO: refactor and get rid of id
instance.name = args.name
instance.value = args.value
instance.scope = args.scope
instance.user = args.user

if not args.value:
instance.value = input("Please insert value for key: ")
Copy link
Member

@Kami Kami Feb 24, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is also getpass.getpass() which displays entered value masked on the screen.

But if we go with that approach, we will likely need to ask for confirmation (aka input the secret value twice).

Copy link
Contributor Author

@wingiti wingiti Jun 2, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there anything you want to change here or will it be implemented in version 3.5? Nevertheless it is possible to check the value after it was inserted in the key value store.

Copy link
Member

@cognifloyd cognifloyd Jun 2, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In a future PR, I think we could add getpass.getpass() support, but only turn it on if encrypt is True. I think this PR is good enough to merge as is.

else:
instance.value = args.value

if args.secret:
instance.secret = args.secret

Expand Down