The current version of the CLI is Flux v2 2.0.0-rc.4 – the 0.34 release is a very old one.

I tested your scenario against the latest CLI, and it did not delete the token. However, flux create source git with a --password and no --username does indeed fail to create the associated secret. Is it possible for you to include a username? (Will that break the authentication with Azure DevOps?)

I only have GitHub to work with right now, I cannot test on DevOps today, but if you're seeing a secret that gets deleted by flux create source git I would definitely call that a bug. However since I cannot replicate it in the current version, I'd like to ask you to try a current version instead, and let us know if it reproduces the same. That way if there is still an issue, we can re-scope your report and make it clearer what still remains about it to be fixed today.

Can you try the current Flux release please?

Is this scenario still valid where we could have the password flag without the username ?
I could make it but I'd be more comfortable introducing a new flag, something like --pat to avoid confusion

Typically the convention is to use the username git when connection is over SSH, and for HTTPS many git hosts will disregard the username altogether when you're using token auth, as the token alone is enough information to identify your user (or the permitted entity, and whatever user sits behind it).

I think there is a minor UX issue here but I'm not quite sure what it is. I'm renaming this issue because I think we've established that it's not deleting any secrets, that would be bad. I think you should be able to use create source git with only --password and it's reasonable to expect the result to be, the creation of a GitRepository source and a secret with only the password field in it. Is that what's needed? I'm not sure what class of user needs this behavior but I am not in it.

We need someone to make the case for change a bit clearer in order to follow this up.

Let's change the issue title to:

"flux create source git" with --password fails to create secret

(Turns out I don't have "edit issue/PR title" permissions here, with only the triage role)

I see, it makes sense. I will have time this weekend to submit the PR

If no one else is working on this issue, may I work on it? The PR created has the tag on hold, so is it fine if I take up this issue? @kingdonb

Absolutely, thanks for volunteering and welcome to ping me for reviews 🙇

Can you see the issue with the linked PR #4119? It's not clear to me from the comment thread yet