Bug 1124891
| Summary: | [oVirt][Foreman] return a proper error message on root password policy violation | ||
|---|---|---|---|
| Product: | [oVirt] ovirt-engine | Reporter: | Moti Asayag <masayag> |
| Component: | General | Assignee: | Yaniv Bronhaim <ybronhei> |
| Status: | CLOSED WONTFIX | QA Contact: | Petr Kubica <pkubica> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | --- | CC: | bugs, lsvaty, mperina, ohadlevy, oourfali, pkubica, pstehlik, rbalakri, srevivo, ybronhei, ykaul |
| Target Milestone: | --- | Flags: | sbonazzo:
ovirt-4.2-
|
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | vt13 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-07-04 12:22:05 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | Infra | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
The policy for that may vary depending on configuration on the Foreman side. I suggest to give a proper error message in this case, instead of validating. Changed the title accordingly. when the password is too short, or failed in any foreman's validation, we receive Authorized user admin(Admin User) Connected to server. Client connected. Unprocessable entity Host::Discovered (id: 14): Root password should be 8 characters or more Rendered api/v2/errors/unprocessable_entity.json.rabl within api/v2/layouts/error_layout (22.2ms) Completed 422 Unprocessable Entity in 3317ms (Views: 55.0ms | ActiveRecord: 636.3ms) in engine's side, i can just see the HTTP Status-Code 422. so its either having specific handling for status-code 422 or leaving the general handling which says "Error while executing action New Host: Failed to communicate with the external provider." it would be much nicer if foreman would had to the response body the fail reason, but currently that's not the case.. Foreman sends the response nicely now. this response in bare English which is a bit problematic to expose to the ui. For now I keep throw PROVIDER_FAILURE and full description will be reported in engine.log. is that enough or you have better suggestion here? (In reply to Yaniv Bronhaim from comment #3) > Foreman sends the response nicely now. this response in bare English which > is a bit problematic to expose to the ui. For now I keep throw > PROVIDER_FAILURE and full description will be reported in engine.log. is > that enough or you have better suggestion here? I think it is enough. Question for the future - Any way to sent the locale to Foreman as well? Also, please port to ovirt-engine-3.5. vt13 is a 3.5 build and this bug has 3.6 target release, also, we don't have 3.6 build so it shouldn't be ON_QA yet Could you fix the status and fixed in version, please? so it was fixed as part of 3.5 build. means that any 3.6 build should include it webadmin dialog says: Error while executing action New Host: Failed to communicate with the external provider, see log for additional details. engine.log is not much more informative Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release. I don't recall the versions we used to work with - but foreman api used to return json response - {'error': 'Root password should be 8 characters or more'} which the patch for that bug adds to engine.log. as it seems - now foreman doesn't return any object.
Ohad, can you take a look? maybe its an old version or we use old api path?
movciari says that he's using foreman 6.1.3
snip
---
2016-02-24 15:15:58 [I] Authorized user admin(Admin User)
2016-02-24 15:16:00 [E] Unprocessable entity Host::Discovered (id: 6):
Root password should be 8 characters or more
2016-02-24 15:16:00 [I] Rendered api/v2/errors/unprocessable_entity.json.rabl within api/v2/layouts/error_layout (2.0ms)
2016-02-24 15:16:00 [I] Completed 422 Unprocessable Entity in 1467ms (Views: 25.6ms | ActiveRecord: 82.0ms)
2016-02-24 15:16:26 [I] init config for SecureHeaders::Configuration
2016-02-24 15:16:31 [I] Client connected.
--
it should provide that in a clean error hash, can you provide the json api response here? Moving from 4.0 alpha to 4.0 beta since 4.0 alpha has been already released and bug is not ON_QA. oVirt 4.0 beta has been released, moving to RC milestone. I don't see us prioritizing that. Closing as WONTFIX. Oved: Maybe we can consider at least to be documented, either hint inside WA portal on password or mentioned inside external provides documentation? Petr: Can you please check if this is documented somewhere? (UI Portals, docuemtnation pages) (In reply to Lukas Svaty from comment #18) > Oved: Maybe we can consider at least to be documented, either hint inside WA > portal on password or mentioned inside external provides documentation? > I don't think it worth the efforts around it. |
Description of problem: Since foreman prevents root passwords shorter than 8 characters, it should be enforced on the engine side as well - both on UI and backend. Version-Release number of selected component (if applicable): commit ac985911a69317a6a974f3a0b754b5cddf177bad How reproducible: always Steps to Reproduce: 1. Add a host with password shorter than 8 characters Actual results: The action fails with a generic message ("Cannot connect to provider"). Expected results: Unsupported passwords should be blocked on engine-side