archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

git: Document security risk involved in embedding user creds (#84963)

Browse Source 
* Provide warning to user about the potential risk involved in
  embedding username and password in git URL while checking out the source.

Fixes: #84557

Signed-off-by: Abhijeet Kasurde <Akasurde@redhat.com>
pull/84971/head
Abhijeet Kasurde 8 months ago committed by GitHub
parent 82e4b469f6
commit fcdf0b80b3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File

4
lib/ansible/modules/git.py
Unescape Escape View File

@ -21,6 +21,10 @@ options:
repo:
description:
- git, SSH, or HTTP(S) protocol address of the git repository.
- Avoid embedding usernames and passwords within Git repository URLs.
This practice is insecure and can lead to unauthorized access to your repositories.
For secure authentication, configure SSH keys (recommended) or use a credential helper.
See Git documentation on SSH keys/credential helpers for instructions.
type: str
required: true
aliases: [ name ]

Write Preview
Loading…
Cancel
Save