Roundup Tracker - Issues

Message7416

Author rouilj
Recipients rouilj
Date 2021-12-12.00:31:13
Message-id <1639269073.58.0.805095384236.issue2551182@roundup.psfhosted.org>
In-reply-to 
The tracker config.ini has multiple secret tokens in it:

  etag token
  jwt token

it would be nice to be able to put a placeholder these fields that allows
the contents of an external file to be loaded.

This would allow the config file to be stored in CM safely.

Maybe use a (pseudo) file url?

  file://filename is an invalid URL, interpret it as filename relative to the 
                  tracker home.
  file:///home/roundup/filename valid URL for file at /home/roundup/filename
                                absolute path

in both these cases, file:// should not start a valid token so easy to identify.

This may also be useful for issue2551064 if we need to rotate keys or specify
multiple keys. Each line could be a separate key.
History
Date User Action Args
2021-12-12 00:31:13rouiljsetrecipients: + rouilj
2021-12-12 00:31:13rouiljsetmessageid: <1639269073.58.0.805095384236.issue2551182@roundup.psfhosted.org>
2021-12-12 00:31:13rouiljlinkissue2551182 messages
2021-12-12 00:31:13rouiljcreate

Supported by The Python Software Foundation,
Powered by Roundup

Last modified: Fri Feb 28 22:02:04 EST 2020