Skip to content

Commit 4049c8d

Browse files
aduh95aduh95
committed
docs: nudge users into using partially encrypted config files
1 parent 7342aff commit 4049c8d

File tree

1 file changed

+11
-28
lines changed

1 file changed

+11
-28
lines changed

README.md

Lines changed: 11 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -76,18 +76,17 @@ Optionally, if you want to grant write access so `git-node` can write comments:
7676

7777
You can also edit the permission of existing tokens later.
7878

79-
After the token is generated, create an rc file with the following content:
80-
(`~/.ncurc` or `$XDG_CONFIG_HOME/ncurc`):
81-
82-
```json
83-
{
84-
"username": "your_github_username",
85-
"token": "token_that_you_created"
86-
}
79+
After the token is generated, you can give it to NCU using:
80+
81+
```sh
82+
ncu-config set username your_github_username
83+
# It is strongly recommended to encrypt your token. Do not provide it in the CLI,
84+
# `ncu-config` will prompt you for it.
85+
ncu-config set -x token
8786
```
8887

89-
Note: you could use `ncu-config` to configure these variables, but it's not
90-
recommended to leave your tokens in your command line history.
88+
Note: Encryption is available only if you have `gpg` setup on your machine. If
89+
not, do not pass the `-x` flag.
9190

9291
### Setting up Jenkins credentials
9392

@@ -108,28 +107,12 @@ To obtain the Jenkins API token
108107
`~/.ncurc.gpg` or `$XDG_CONFIG_HOME/ncurc.gpg`) with `jenkins_token` as key,
109108
like this:
110109

111-
```json
112-
{
113-
"username": "your_github_username",
114-
"token": "your_github_token",
115-
"jenkins_token": "your_jenkins_token"
116-
}
110+
```sh
111+
ncu-config set -x jenkins_token
117112
```
118113

119114
### Protecting your credentials
120115

121-
If you have `gpg` installed and setup on your local machine, it is strongly recommended
122-
to store an encrypted version of this file:
123-
124-
```console
125-
$ gpg --default-recipient-self --encrypt ~/.ncurc
126-
$ rm ~/.ncurc
127-
```
128-
129-
The credentials are now encrypted in `~/.ncurc.gpg` and everytime it's needed,
130-
node-core-utils will invoke `gpg` that may ask you to decrypt it using
131-
your default key via pinentry.
132-
133116
Put the following entries into your
134117
[global `gitignore` file](https://git-scm.com/docs/git-config#Documentation/git-config.txt-coreexcludesFile)
135118
(`$XDG_CONFIG_HOME/git/ignore` or a file specified by `core.excludesFile`). For example:

0 commit comments

Comments
 (0)