Description (include screenshots)

Found when testing #1150

Clear text credentials should not be allowed using either ui5-deploy.yaml or via the cli.

The credentials should be validated before being accepted, for example;

export function validateCredential(credentials: Credentials): void {
    function validateUseEnv(property: string): boolean {
        return !property || (property && property.startsWith('env:'));
    }

    if (credentials && (!validateUseEnv(credentials.username) || !validateUseEnv(credentials.password))) {
        throw new Error(i18next.t('ERROR_USER_PASSWORD_PLAIN'));
    }
}

Invalid CLI param;

 fiori deploy --noConfig --username XYZ_USER --password XYZ_PASSWORD --description 'My Test App' --url 'https://XYZ.sap-system.corp:44311' --client '001' --package '$tmp' --name 'MyProject'

Invalid YAML config;

    configuration:
      target:
        url: https://XYZ.sap-system.corp:44311
        client: 200
        auth: basic
      credentials:
        username: XYZ_USER
        password: XYZ_PASSWORD

Value

Supplying and using cleartext passwords is bad practice.

Architecture Elaboration

Does it requires architecture elaboration?

Notes

Tasks

• Update the ABAP deployment flow to prevent credentials being read from a yaml config or via the CLI
• Update test cases
• Provide working examples

Valid YAML config;

    configuration:
      target:
        url: https://XYZ.sap-system.corp:44311
        client: 200
        auth: basic
      credentials:
        username: env:XYZ_USER
        password: env:XYZ_PASSWORD