mgob icon indicating copy to clipboard operation
mgob copied to clipboard
verified publisher icon stefanprodan

Generated GCP credentials not cleared after backup

Open jonnydgreen opened this issue 4 years ago • 0 comments

Hi! I have been successfully using mgob for a while now with GCP storage. I have noticed that the generated GCP credentials from this line are not cleared after a backup and left in the running pod(s). These are located at: ~/.gcloud/credentials.db From a security perspective, I think it would be good to clear this after a backup has been run. I'm thinking of something like:

revoke := fmt.Sprintf("gcloud auth revoke")

_, err := sh.Command("/bin/sh", "-c", revoke).CombinedOutput()
if err != nil {
	return "", errors.Wrapf(err, "gcloud auth revoke for plan %v failed", plan.Name)
}

What do think? Do you agree? Happy to do the work and submit a PR for this :)

jonnydgreen avatar Sep 02 '21 09:09 jonnydgreen