notation icon indicating copy to clipboard operation
notation copied to clipboard
verified publisher icon notaryproject

Update Cli spec to reflect username/password options in commands besides login

Open binbin-li opened this issue 3 years ago • 3 comments

Besides notation login, we need username/password options in other commands as well since the cli doesn't come with Credentials Store configured.

The current cli spec shows only login command support username/password which needs to be updated accordingly.

binbin-li avatar Aug 02 '22 07:08 binbin-li

Hi @binbin-li , I assume you are requesting to add username/password options to the following commands, right?

  • notation sign
  • notation verify
  • notation push
  • notation pull
  • notation list

If a user provides credentials for authenticated registry and logs into a registry via notation login, is it necessary to do authentication in the other commands above?

I think Notation should allow other operations by default after notation login, which means username/password options are only needed for the first-time authentication.

FeynmanZhou avatar Aug 05 '22 10:08 FeynmanZhou

Hi @binbin-li , I assume you are requesting to add username/password options to the following commands, right?

  • notation sign
  • notation verify
  • notation push
  • notation pull
  • notation list

If a user provides credentials for authenticated registry and logs into a registry via notation login, is it necessary to do authentication in the other commands above?

I think Notation should allow other operations by default after notation login, which means username/password options are only needed for the first-time authentication.

@FeynmanZhou from the previous discussions, users can use username/password in other commands even though logged in. And the user-typed username/password would have higher priority than that from first-time login command.

binbin-li avatar Aug 09 '22 05:08 binbin-li

@binbin-li Got you. The current implementation support specifying username & password for each command option, we can merge https://github.com/notaryproject/notation/pull/293 to make the spec consistent with implementation in alpha.3.

From an end user's perspective, I think we should recommend that use notation login with specifying username & password and provide a doc to instruct users to configure the Credential Store at the beginning.

Going forward, to achieve a simple and secure authentication user experience, I propose to remove username & password from other options in the next release.

cc @notaryproject/notation-release-managers @yizha1 @shizhMSFT @dtzar @iamsamirzon @SteveLasker

FeynmanZhou avatar Aug 11 '22 10:08 FeynmanZhou

Discuss with Yi and probably close it if the work is already done

priteshbandi avatar Nov 23 '22 18:11 priteshbandi

close it as spec was updated

yizha1 avatar Dec 02 '22 01:12 yizha1