Opened 8 years ago

Closed 20 months ago

#4846 closed enhancement (wontfix)

Safe password caching for package/bundle creation

Reported by: chiiph Owned by: nickm
Priority: Medium Milestone:
Component: Archived/Thandy Version:
Severity: Normal Keywords: archived-closed-2018-07-04
Cc: erinn, aagbsn Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


The SignerCLI script asks for a key password to sign the package or bundle being created, which is a good thing when you are creating one or two packages. A problem appears when we need to make more than 10 packages or bundles automatically, and you have to type your password too many times because SignerCLI can't cache the password from run to run in a safe way (I think). So we should try to see if we can come out with a good solution for this, otherwise it's likely to force the packager to use unsafe passwords.

One idea may be to create an "interpreter script" that asks for the password once, and executes a kind of script with the same password for each step.

For example, right now we do:

python makepackage ...
python makepackage ...
python makepackage ...
python makebundle ...

We can turn this to:
signer makepackage ...
signer makepackage ...
signer makepackage ...
signer makebundle ...

And have a python script that recognizes the first word, "signer" in this case, and runs the script with the parameters that follow.

Child Tickets

Change History (3)

comment:1 Changed 8 years ago by aagbsn

Cc: aagbsn added

comment:2 Changed 2 years ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

comment:3 Changed 20 months ago by teor

Keywords: archived-closed-2018-07-04 added
Resolution: wontfix
Status: newclosed

Close all tickets in archived components

Note: See TracTickets for help on using tickets.