[RQM] How to provide user credentials to a script run via the command line adapter?
Hi everybody,
I am setting up a bunch of test cases which run test scripts via the RQM command line interface. Those scripts will access different servers and need credentials of a user to log in there. What is your recommendation how to hand over the password without getting it logged somewhere along the way? I think execution variables will be logged (and I don't want my password to be shown in some log everybody can access).
My current workaround is to store my login credentials in the scripts itself. But I only do it because the scripts are currently only located on my PC. As soon as I distribute them to different PCs running CLA I don't want my password in there any longer (as well as I want other users to be able to give their credentials).
I am setting up a bunch of test cases which run test scripts via the RQM command line interface. Those scripts will access different servers and need credentials of a user to log in there. What is your recommendation how to hand over the password without getting it logged somewhere along the way? I think execution variables will be logged (and I don't want my password to be shown in some log everybody can access).
My current workaround is to store my login credentials in the scripts itself. But I only do it because the scripts are currently only located on my PC. As soon as I distribute them to different PCs running CLA I don't want my password in there any longer (as well as I want other users to be able to give their credentials).
Accepted answer
I'm not aware of any mechanism in QM for sending sensitive fields to automated tests. I'm not entirely sure what your circumstances are, but I know in our case our tests are only executing against test machines with fake data, so there is no requirement to guard the credentials to those machines.
I haven't thought this all the way through yet, so don't judge me too harshly, but perhaps there is something you could do with encryption? Maybe you give the script an encrypted password and pass the key to decrypt it as an execution variable? That would prevent anyone that only had access to the test machine from getting the password in plain text. Also, QM would never have the password, only the key, so you wouldn't need to worry about a plain text password from being logged on our side.
I feel like if I were you that's the direction I would start off in if I had to solve this problem.