Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add instructions to securely manage token #2322

Merged
merged 68 commits into from
Nov 27, 2024
Merged

Add instructions to securely manage token #2322

merged 68 commits into from
Nov 27, 2024

Conversation

abbycross
Copy link
Collaborator

Closes #2255

@abbycross abbycross self-assigned this Nov 14, 2024
@review-notebook-app Review Notebook App
Copy link

Check out this pull request on  ReviewNB

See visual diffs & provide feedback on Jupyter Notebooks.

Powered by ReviewNB

@abbycross
Copy link
Collaborator Author

I've added this content into a twistie in the requested spots. I wonder about potential confusion around the nesting, though - particularly on the functions page, where two similar code blocks appear one after the other when the twistie is opened. An alternative would be to separate this information out into a separate page, and simply point to that page from the three requested spots. Does this merit a separate page or is it working in-context? Thoughts @beckykd @javabster @pandasa123 ?

@beckykd
Copy link
Collaborator

beckykd commented Nov 15, 2024

confusion around the nesting

I wonder if it would make more sense to move the twistie after the save_account code block.

You could also separate the information into another section so it stands out better.

(Optional) Save your account information

You can optionally use the save_account() method or environment variables...

save account method

environment variables

@abbycross
Copy link
Collaborator Author

confusion around the nesting

I wonder if it would make more sense to move the twistie after the save_account code block.

You could also separate the information into another section so it stands out better.

(Optional) Save your account information

You can optionally use the save_account() method or environment variables...

save account method

environment variables

I like this idea to move save-account info into its own section - I'll mock it up.

@abbycross abbycross marked this pull request as ready for review November 15, 2024 17:00
@abbycross abbycross requested a review from beckykd November 15, 2024 17:00
@qiskit-bot
Copy link
Contributor

One or more of the following people are relevant to this code:

pandasa123
pandasa123 approved these changes Nov 15, 2024
View reviewed changes
Copy link
Collaborator

@pandasa123 pandasa123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Eric-Arellano
Eric-Arellano reviewed Nov 15, 2024
View reviewed changes
docs/guides/setup-channel.mdx Show resolved Hide resolved
docs/guides/setup-channel.mdx Show resolved Hide resolved
docs/guides/setup-channel.mdx Outdated Show resolved Hide resolved
docs/guides/setup-channel.mdx Outdated Show resolved Hide resolved
frankharkins
frankharkins reviewed Nov 18, 2024
View reviewed changes
Copy link
Member

@frankharkins frankharkins left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Honest question: How is this more secure? Any process that can read files can get the environment variable, and the environment variable is still plaintext. Would be nice to add a line explaining why.

@Eric-Arellano
Copy link
Collaborator

How is this more secure? Any process that can read files can get the environment variable, and the environment variable is still plaintext. Would be nice to add a line explaining why.

Storing secrets in source code is extremely dangerous because source code gets checked into version control like Git. With reading from an environment variable, it is true that any process with access to os.environ can access it - however it's at least not in version control.

Eric-Arellano
Eric-Arellano approved these changes Nov 27, 2024
View reviewed changes
Copy link
Collaborator

@Eric-Arellano Eric-Arellano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙏

docs/guides/setup-channel.mdx Outdated Show resolved Hide resolved
docs/guides/setup-channel.mdx Outdated Show resolved Hide resolved
docs/guides/setup-channel.mdx Outdated Show resolved Hide resolved
@abbycross abbycross added this pull request to the merge queue Nov 27, 2024
Merged via the queue into main with commit 74346aa Nov 27, 2024
4 checks passed
@abbycross abbycross deleted the ajc/update-install-instructions branch November 27, 2024 21:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johannesgreiner johannesgreiner johannesgreiner left review comments

@beckykd beckykd beckykd approved these changes

@frankharkins frankharkins frankharkins left review comments

@jyu00 jyu00 jyu00 left review comments

@Eric-Arellano Eric-Arellano Eric-Arellano approved these changes

@pandasa123 pandasa123 pandasa123 approved these changes

Assignees

@abbycross abbycross

Labels
None yet
Projects
Docs Planning
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update guidance to manage tokens in environment, rather than plaintext
8 participants
@abbycross @beckykd @qiskit-bot @Eric-Arellano @frankharkins @pandasa123 @jyu00 @johannesgreiner