[MGPG-105] Stop propagating bad practices #71

cstamas · 2024-03-03T21:21:42Z

Storing any kind of "secret" on disk is bad.

This change makes passphrase possible to come in two ways:

if interactive, via gpg-agent (as before)
if non-interactive, via Env variable

Plugin from now on FAILS, if there is any kind of "secret" attempted to be configured in any other way that those two above.

https://issues.apache.org/jira/browse/MGPG-105

Storing any kind of "secret" on disk is bad. This change makes passphrase possible to come in two ways: * if interactive, via gpg-agent (as before) * if non-interactive, via Env variable Plugin from now on FAILS, if there is any kinf of "secret" attempted to be configured in any other way that those two above. --- https://issues.apache.org/jira/browse/MGPG-105

cstamas requested review from hboutemy, slawekjaranowski and slachiewicz March 3, 2024 21:21

cstamas self-assigned this Mar 3, 2024

cstamas added 4 commits March 3, 2024 22:26

Tidy up

9079b31

Remove unused

ef73002

Cleanup more

b219f28

Remove more cruft

f42c0b2

cstamas merged commit ea35e2c into apache:master Mar 3, 2024
19 checks passed

cstamas deleted the MGPG-105 branch March 3, 2024 22:10

aparnajyothi-y mentioned this pull request Sep 6, 2024

GPG-Signing of maven artifacts fails on Windows runners with actions/setup-java@v4 and maven-gpg-plugin version range [3.2.0, 3.2.7) actions/setup-java#629

Closed

5 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[MGPG-105] Stop propagating bad practices #71

[MGPG-105] Stop propagating bad practices #71

cstamas commented Mar 3, 2024 •

edited

Loading

[MGPG-105] Stop propagating bad practices #71

[MGPG-105] Stop propagating bad practices #71

Conversation

cstamas commented Mar 3, 2024 • edited Loading

cstamas commented Mar 3, 2024 •

edited

Loading