Release v2.1.0 Secure Token Storage & Testing Improvements
Overview
This release introduces secure token storage using OS-native keyring and improves the testing infrastructure with Docker-based CI environment parity. All previously skipped tests have been fixed and are now passing.
🎯 Key Features
Secure Token Storage
- OS-Native Keyring Support: Store GitLab tokens securely using your OS keyring
- macOS: Keychain
- Linux: Secret Service API (GNOME Keyring, KWallet)
- Windows: Windows Credential Manager
- Automatic Token Retrieval: Tokens are automatically retrieved if no CLI token is provided
- Token Resolution Priority: CLI → Stored → Environment Variable
- Optional Dependency: Keyring is an optional dependency (
pip install gitlabber[keyring])
Testing Infrastructure
- Docker Testing Setup: Test on Ubuntu environment matching CI
📝 Changes
Added
TokenStorageclass for secure token storage using OS keyring--store-tokenCLI flag to store tokens securely- Automatic token retrieval from secure storage
- Docker testing infrastructure (
Dockerfile.test,docker-compose.test.yml) - Helper script
scripts/test-docker.shfor running tests in Docker - Comprehensive documentation for token storage feature
- Docker testing documentation in
DEVELOPMENT.md
Changed
- Token resolution now includes secure storage as a source
- Updated
README.mdandREADME.rstwith token storage documentation - Updated
DEVELOPMENT.mdwith Docker testing guide
🔧 Technical Details
Token Storage Implementation
- Module:
gitlabber/token_storage.py - Storage Backend: OS keyring (via
keyringlibrary) - Graceful Fallback: If keyring unavailable, falls back to environment variables
- Security: Tokens stored encrypted at rest by OS keyring
Testing Improvements
- Docker Environment: Python 3.11 on Ubuntu (matching CI)
- Cross-Platform: Verified on both macOS (local) and Ubuntu (Docker/CI)
📚 Usage
Storing a Token
# Install with keyring support (optional)
pip install gitlabber[keyring]
# Store token securely (one-time setup)
gitlabber --store-token -u https://gitlab.com
Enter token: [hidden input]
Token stored securely in keyring for https://gitlab.com ✓Using Stored Token
# Automatically uses stored token (no -t flag needed)
gitlabber -u https://gitlab.com .
# Override with CLI token if needed
gitlabber -t <token> -u https://gitlab.com .Docker Testing
# Run tests in Docker (Ubuntu environment)
docker-compose -f docker-compose.test.yml run --rm test
# Or use the helper script
./scripts/test-docker.sh🔄 Migration Guide
No migration required! This is a backward-compatible release.
- Existing workflows continue to work unchanged
- Environment variables (
GITLAB_TOKEN) still work - CLI arguments (
-t/--token) still work - Token storage is completely optional
🧪 Testing
All tests pass in both local and Docker environments:
# Local tests
pytest
# Docker tests (Ubuntu/CI environment)
docker-compose -f docker-compose.test.yml run --rm test📦 Dependencies
New Optional Dependency
keyring>=24.0.0- For secure token storage (optional)
Install with:
pip install gitlabber[keyring]📖 Documentation
- Updated
README.mdwith token storage usage - Updated
README.rstwith token storage usage - Added Docker testing guide to
DEVELOPMENT.md - Added token storage examples and best practices
🔍 Testing Checklist
- All unit tests pass locally
- All integration tests pass locally
- All tests pass in Docker (Ubuntu)
- Token storage works on macOS
- Token storage works on Linux (Docker)
- Token storage gracefully falls back when keyring unavailable
- Documentation updated
- No breaking changes
🙏 Credits
This release improves the developer experience with secure token storage and better testing infrastructure, making gitlabber more secure and easier to develop.
Ready for Review ✅
Full Changelog: v2.0.0...v2.1.0