Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AzureDevOpsDsc: Change PAT type to PSCredential #16

Open
SphenicPaul opened this issue Jan 24, 2021 · 1 comment
Open

AzureDevOpsDsc: Change PAT type to PSCredential #16

SphenicPaul opened this issue Jan 24, 2021 · 1 comment
Labels
Backlog - Mid Term Backlog - Mid Term enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community. high priority The issue or PR should be resolved first. It is of less priority than the label 'Blocking Release'.

Comments

@SphenicPaul
Copy link
Contributor

SphenicPaul commented Jan 24, 2021
edited
Loading

Logging this issue off the back of the initial PR (#7) so it's logged and not missed...

Details of the scenario you tried and the problem that is occurring

String data type isn't a suitable/ideal type to hold/pass Personal Access Tokens.

Suggested solution to the issue

Update $Pat variables/parameters to use a PSCredential type, although unclear of most suitable option at present:

  • i) Have every Resource take a $Pat and $ApiUri parameter (where $Pat is updated to be a PSCredential type)
  • ii) Define a new Connection class which holds ApiUri and PAT information, and which is passed between functions
  • iii) Use the existing Connection class (as part of current, Azure DevOps, client libraries) ... less preferred perhaps as it couples this module with that?
@SphenicPaul SphenicPaul mentioned this issue Jan 24, 2021
Open
@johlju johlju added enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community. labels Jan 24, 2021
@johlju
Copy link
Member

johlju commented Jan 24, 2021

If PAT is a key that should not be shared then it should be a PSCredential so it is encrypted in the compiled configuration. Otherwise it will be visible in the compiled configuration making it a security problem.

@johlju johlju added the high priority The issue or PR should be resolved first. It is of less priority than the label 'Blocking Release'. label Jan 24, 2021
@kilasuit kilasuit added the Backlog - Mid Term Backlog - Mid Term label Jan 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Backlog - Mid Term Backlog - Mid Term enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community. high priority The issue or PR should be resolved first. It is of less priority than the label 'Blocking Release'.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kilasuit @johlju @SphenicPaul