Skip to content

Commit 53640a3

Browse files
provide environment variable alternatives
1 parent b4b4d3d commit 53640a3

2 files changed

Lines changed: 37 additions & 13 deletions

File tree

README.markdown

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,16 @@ You can obtain a free key and secret from https://testingbot.com/members/user/ed
3737

3838
**Hint:** Instead of passing the key and secret to the command, you can have them as environment variables `${TESTINGBOT_KEY}` and `${TESTINGBOT_SECRET}`.
3939

40+
### Avoiding credentials in the process list
41+
42+
CLI options whose value contains a password show up in `ps` / process listings. Three options can be set via environment variables instead. The CLI flag still takes precedence; the env var is used as a fallback when the flag is absent.
43+
44+
| CLI flag | Env var | Format |
45+
|---------|---------|--------|
46+
| `--auth` | `TESTINGBOT_AUTH` | `host:port:user:password` — comma-separated for multiple entries |
47+
| `--proxy-userpwd` | `TESTINGBOT_PROXY_USERPWD` | `user:password` |
48+
| `--metrics-auth` | `TESTINGBOT_METRICS_AUTH` | `user:password` |
49+
4050
Options
4151
-------
4252

src/main/java/com/testingbot/tunnel/App.java

Lines changed: 27 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -138,22 +138,22 @@ public static void main(String... args) throws Exception {
138138
options.addOption(metrics);
139139

140140
Option metricsAuthOpt = Option.builder().longOpt("metrics-auth").hasArg().argName("user:password")
141-
.desc("Require HTTP Basic auth on the /metrics (Prometheus) endpoint. Format: user:password. Off by default.").build();
141+
.desc("Require HTTP Basic auth on the /metrics (Prometheus) endpoint. Format: user:password. Off by default. Env: TESTINGBOT_METRICS_AUTH.").build();
142142
options.addOption(metricsAuthOpt);
143143

144144
Option proxy = new Option("Y", "proxy", true, "Specify an upstream proxy.");
145145
proxy.setArgName("PROXYHOST:PROXYPORT");
146146
options.addOption(proxy);
147147

148-
Option basicAuth = new Option("a", "auth", true, "Performs Basic Authentication for specific hosts.");
148+
Option basicAuth = new Option("a", "auth", true, "Performs Basic Authentication for specific hosts. Env: TESTINGBOT_AUTH (comma-separated for multiple entries).");
149149
basicAuth.setArgs(Option.UNLIMITED_VALUES);
150150
basicAuth.setArgName("host:port:user:passwd");
151151
options.addOption(basicAuth);
152152

153153
Option pacOption = Option.builder().longOpt("pac").hasArg().desc("Proxy autoconfiguration. Should be a http(s) URL").build();
154154
options.addOption(pacOption);
155155

156-
Option proxyAuth = new Option("z", "proxy-userpwd", true, "Username and password required to access the proxy configured with --proxy.");
156+
Option proxyAuth = new Option("z", "proxy-userpwd", true, "Username and password required to access the proxy configured with --proxy. Env: TESTINGBOT_PROXY_USERPWD.");
157157
proxyAuth.setArgName("user:pwd");
158158
options.addOption(proxyAuth);
159159

@@ -378,32 +378,46 @@ public static void main(String... args) throws Exception {
378378
app.setMetricsPort(Integer.parseInt(line));
379379
}
380380

381-
if (commandLine.hasOption("metrics-auth")) {
382-
String value = commandLine.getOptionValue("metrics-auth");
383-
if (value == null || !value.contains(":") || value.startsWith(":")) {
384-
throw new ParseException("--metrics-auth must be in the form user:password");
381+
String metricsAuthValue = commandLine.hasOption("metrics-auth")
382+
? commandLine.getOptionValue("metrics-auth")
383+
: System.getenv("TESTINGBOT_METRICS_AUTH");
384+
if (metricsAuthValue != null && !metricsAuthValue.isEmpty()) {
385+
if (!metricsAuthValue.contains(":") || metricsAuthValue.startsWith(":")) {
386+
throw new ParseException("--metrics-auth / TESTINGBOT_METRICS_AUTH must be in the form user:password");
385387
}
386-
app.setMetricsAuth(value);
388+
app.setMetricsAuth(metricsAuthValue);
387389
}
388390

389391
if (commandLine.hasOption("tunnel-identifier")) {
390392
String identifierValue = commandLine.getOptionValue("tunnel-identifier");
391393
app.setTunnelIdentifier(identifierValue.substring(0, Math.min(identifierValue.length(), 50)));
392394
}
393395

396+
String[] authValues = null;
394397
if (commandLine.hasOption("auth")) {
395-
for (String optionValue : commandLine.getOptionValues("auth")) {
398+
authValues = commandLine.getOptionValues("auth");
399+
} else {
400+
String envAuth = System.getenv("TESTINGBOT_AUTH");
401+
if (envAuth != null && !envAuth.isEmpty()) {
402+
authValues = envAuth.split(",");
403+
}
404+
}
405+
if (authValues != null) {
406+
for (String optionValue : authValues) {
396407
if (optionValue.split(":").length < 4) {
397408
throw new ParseException("ERROR: Auth value must contain host:port:user:password value: " + optionValue);
398409
}
399410
}
400-
app.setBasicAuth(commandLine.getOptionValues("auth"));
411+
app.setBasicAuth(authValues);
401412
}
402413

403-
if (commandLine.hasOption("proxy-userpwd")) {
404-
String line = commandLine.getOptionValue("proxy-userpwd");
405-
app.setProxyAuth(line);
414+
String proxyAuthValue = commandLine.hasOption("proxy-userpwd")
415+
? commandLine.getOptionValue("proxy-userpwd")
416+
: System.getenv("TESTINGBOT_PROXY_USERPWD");
417+
if (proxyAuthValue != null && !proxyAuthValue.isEmpty()) {
418+
app.setProxyAuth(proxyAuthValue);
406419
}
420+
407421
if (commandLine.hasOption("noproxy")) {
408422
app.noProxy = true;
409423
}

0 commit comments

Comments
 (0)