-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: support file storage for provisioned tokens in OSes != darwin #202
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with a minor suggestion regarding an error message.
You forgot the suggestion 😛 |
src/utils/token_storage/fs.ts
Outdated
try { | ||
const info = await Deno.lstat(credentialsPath); | ||
if (!info.isFile || (info.mode !== null && (info.mode & 0o777) !== 0o600)) { | ||
throw new Error("The credentials file have have been tampered with."); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the user ends up in this situation (hopefully never), it is already a messy situation and the error message is very cryptic. It would be useful to split the sanity-checks and report actionable error details for each separately, only mentioning the tampering bit on the side (if at all).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My rationale is that users are not expected to touch this file at all, and I want the error message to convey this. I don't want users to try and fix the issue, but rather to remove whatever is in there and let deployctl do its thing. Maybe I should extend the error message with this explicit action call?
Also keep in mind that upon error, the program provisions a new token and stores it in memory for the duration of the execution, thus the UX does not get blocked by a possible error anyway.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(I don't want to stall the PR on this, so feel free to bypass this discussion if you prefer)
Maybe I should extend the error message with this explicit action call?
If that's the expected action, then maybe yes (or fixing the permissions directly?).
The closest think I can think of is the SSH client sanity-checking private-key permissions, in which case it just says the following (but keeps going):
Permissions for '<key-file>' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
I guess you can model the error-message here after that, replacing the last line with the manual action you'd expect from the user.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ack. Did you avoid mentioning the filepath for some reason on purpose? Or why not saying the credentials file at <filepath>...
? Other than that, let's land this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll add it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On second thought, I'd like to keep the message clean. This is an edge case, I'd prefer to be reactive about it.
@arnauorriols it got somehow lost in a black-hole while submitting the review, apologies. |
resolves #182