onyxia account git

account git

Open fcomte opened this issue 4 years ago • 9 comments

Users can no more save the time that their git credential should be cache?

Can we add this here ?

Jun 21 '21 09:06 fcomte

this value is store in vault with the secret : gitCredentialCacheDuration

Jun 21 '21 09:06 fcomte

We removed this field because we assumed 0 (infinity) would always be the preferred default.
Was there user complaints about it?
Anyway, sure, I can add it back in if you think it's relevant.

Jun 21 '21 10:06 garronej

0 is not working. There is no cache at the moment. But anyway I prefer that users can control this security feature

Jun 21 '21 10:06 fcomte

What's the correct value for infinity then?

Jun 21 '21 10:06 garronej

i don't know

Jun 21 '21 10:06 fcomte

but infinity is very bad for security so I really don't like that

Jun 21 '21 10:06 fcomte

Considering we have IP protection enabled by default and a services password I though the git password was protected enough already... What do you see as default? 2 hours?

Jun 21 '21 14:06 garronej

The last default was no cache (0) I think it's a good default because it's the standard configuration of git.

Jun 21 '21 15:06 fcomte

Ok that's a good thing. To change a default I have to write a migration script...

Jun 22 '21 10:06 garronej

onyxia onyxia copied to clipboard

account git

onyxia
onyxia copied to clipboard