Fork me on GitHub
#off-topic
<
2021-09-01
>
mpenet07:09:57

somewhat related also on the latest repl podcast the discussion about bazel for clj projects, in particular the bits about running only tests for code that actually changed

mpenet07:09:48

I guess that could be one way to use a tool like codeq too

borkdude09:09:15

one could also use the clj-kondo analysis for this. I usually use a git hook to only lint files that have changed before committing, but one could also do more advanced stuff like detecting where in the graph of the vars things have been touched and run tests for those namespaces. https://github.com/clj-kondo/clj-kondo/blob/master/analysis/README.md

Stuart09:09:50

We have a service written in golang (yuck!) that runs only on Windows right now. I'm trying to see what is involved in porting it to linux. It uses some windows specific stuff that I can find alternatives to on linux except this one problem. As part of installing the service on a windows machine (on clients machines), we add credentials to the WIndows Credentials Store using the same account as the service runs under. When the service starts up it can retreives its credentials it needs to auth to our remote server. Does anyone know of a Linux equivalent to the WIndows Credential Store?

p-himik09:09:19

Nothing completely standard. KDE has KWallet, GNOME has GNOME Keyring. Some other DEs might use something else or reuse one of those two.

Stuart09:09:58

I guess as a last resort I could write the creds to disk, encrypted, then have the service programatically generate the key to decrypt.

p-himik09:09:30

Personally, I would just use both of the libraries, trying them dynamically. A user would then be required to have one or the other.

Stuart09:09:28

I imagine this willbe running on a system with no DE

Stuart09:09:56

It's a sort of proxy API that does some routing from internal network to RabbitMQ

p-himik09:09:17

Those libraries don't require a full DE. But they do have some chonky dependencies. Ah, seems like there's more barebones solution: https://lzone.de/blog/Using+Linux+keyring+secrets+from+your+scripts

p-himik09:09:09

Oh, neat! Seems like the spec was made by people from both KWallet and GNOME Keying.

Stuart09:09:39

yeah, thanks, this looks promising!

p-himik09:09:57

> the https://specifications.freedesktop.org/secret-service/ is standardized via http://freedesktop.org and is implemented by GnomeKeyring and ksecretservice So my initial comment was not entirely correct then. It's just that I've been burned a few times on apps that support one and not the other, but seems like it's a problem of particular apps and not of the system itself.

walterl19:09:06

If you just need to store/retrieve creds, how about something like a Java Keystore?