On Wed, 2019-07-17 at 13:03 +0100, Daniel P. Berrangé wrote: > On Wed, Jul 17, 2019 at 01:53:59PM +0200, Andrea Bolognani wrote: > > We don't want sensitive information such as the API token to > > be stored into the script, both because it could lead to them > > being leaked by mistake and because it makes it needlessly > > complicated for users to take advantage of the tool. > > We arguably don't want the token stored cleartext in a > config file either. How about making use of the system > keyring - there's a python module that looks to make > this fairly easy > > https://pypi.org/project/keyring/ Sounds good as a follow-up improvement[1], but since clearly neither of us has a ton of time to dedicate to this specific script I'd rather merge the Good Enough™ solution for the time being instead of blocking the whole thing on keyring integration. [1] I wonder if I can manage to integrate it with my existing pass(1) setup? That's be pretty neat! -- Andrea Bolognani / Red Hat / Virtualization -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
