Guidance needed on securing username and password on Gocd yaml

13 views
Skip to first unread message

Sushma Gangaiah

unread,
Jun 4, 2021, 7:09:07 AMJun 4
to go-cd
Hi All,

I am stuck in encrypting password using gocd.

Referred https://api.gocd.org/current/#introduction and the paragragh in above link mentioned "All APIs SHOULD be accessed from https://go-server-url:8154/go/api", but when I try this facing 404 error. Please advice.

Regards,
Sushma

Marques Lee

unread,
Jun 4, 2021, 7:43:03 AMJun 4
to go...@googlegroups.com
Which API are you trying to use? That text just means that url is the prefix of all api calls. Which API endpoint is throwing a 404?

-Marques

--
You received this message because you are subscribed to the Google Groups "go-cd" group.
To unsubscribe from this group and stop receiving emails from it, send an email to go-cd+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/go-cd/f99cde95-c58d-4d58-8b6c-9681c02b34d5n%40googlegroups.com.

Marques Lee

unread,
Jun 4, 2021, 7:48:00 AMJun 4
to go...@googlegroups.com
Fir example, to list access tokens for your user, you would request GET:

And of course supplying the headers and auth according to the docs.

Marques Lee

unread,
Jun 4, 2021, 7:51:36 AMJun 4
to go...@googlegroups.com

Perhaps this is the API? You mentioned encrypting a password:


https://api.gocd.org/current/#encrypt-a-plain-text-value

Sushma Gangaiah

unread,
Jun 4, 2021, 7:55:28 AMJun 4
to go...@googlegroups.com
Dear Marques,

Yes,how will I encrypt password? Looking for the steps to be done .  As the above link is quite confusing for me. Is it possible to encrypt in GoCD server UI?

Regards,
Sushma

Sushma Gangaiah

unread,
Jun 4, 2021, 8:00:54 AMJun 4
to go...@googlegroups.com, Marques Lee
Dear Marques,

Do I need to use the below block to generate password?

$ curl 'https://ci.example.com/go/api/admin/encrypt' \
-u 'username:password' \ # which username password its asking for?
-H 'Accept: application/vnd.go.cd.v1+json' \ #is this constant?
-H 'Content-Type: application/json' \# also this is constant?
-X POST -d '{
  "value": "badger" # badger is value of password?
}'

Sushma Gangaiah

unread,
Jun 4, 2021, 8:11:18 AMJun 4
to go...@googlegroups.com, Marques Lee
Dear Marques,

Please find modified block. Let me know if my understanding is wrong.

$ curl 'https://ci.example.com/go/api/admin/encrypt' \ #our gocd url?
-u 'username:password' \ # username and pw of gocd?

-H 'Accept: application/vnd.go.cd.v1+json' \ #is this constant?
-H 'Content-Type: application/json' \# also this is constant?
-X POST -d '{
  "value": "badger" # badger is value of password?
}'

Aravind SV

unread,
Jun 4, 2021, 9:48:49 AMJun 4
to Sushma Gangaiah, go...@googlegroups.com, Marques Lee

Every API call will need authentication (either username:password you use for logging in, or authentication tokens). Those two headers are constant. And yes, the badger is the value you want to encrypt. What happened when you tried it?

Sushma Gangaiah

unread,
Jun 4, 2021, 9:59:30 AMJun 4
to Aravind SV, go...@googlegroups.com, Marques Lee
Hi Aravind,

Yes,it worked. 😊 I was just double checking. Thank you so much for assistance.

Regards,
Sushma
Reply all
Reply to author
Forward
0 new messages