Bug 1438923

Summary: Encrypted password from Ansible Playbook service dialog needs to be decrypted
Product: Red Hat CloudForms Management Engine Reporter: Bill Wei <bilwei>
Component: ProvisioningAssignee: Bill Wei <bilwei>
Status: CLOSED CURRENTRELEASE QA Contact: Kedar Kulkarni <kkulkarn>
Severity: high Docs Contact:
Priority: high    
Version: 5.8.0CC: gmccullo, jhardy, kkulkarn, obarenbo, simaishi
Target Milestone: GAKeywords: TestOnly
Target Release: 5.9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: ansible:service
Fixed In Version: 5.9.0.1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1439938 (view as bug list) Environment:
Last Closed: 2018-03-06 14:48:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1500833, 1501528, 1506796, 1509233, 1509343    
Bug Blocks: 1439938    

Description Bill Wei 2017-04-04 18:50:02 UTC 
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Create a Service with type Ansible Playbook with extra vars.
2. Prepare a service dialog for the service. It can be automatically created.
3. Edit the dialog to make one of the extra var to be a password text field.

Actual results:
Depend on the actual playbook, the execution may succeed or fail, but the value passed to the playbook is still encrypted. For example if the playbook creates a VM and a login user/password is configured. The VM may be successfully created but user cannot log on with given password.

Expected results:
The password should be decrypted before passing to the playbook. However it should remain encrypted in the service's options column.

Additional info:
Comment 2 CFME Bot 2017-04-04 19:26:48 UTC 
https://github.com/ManageIQ/manageiq/pull/14636
Comment 3 CFME Bot 2017-04-06 14:21:46 UTC 
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/b2066945c8bbbe0fb611cdb0dfc399a3cbd1a3de

commit b2066945c8bbbe0fb611cdb0dfc399a3cbd1a3de
Author:     Bill Wei <bilwei>
AuthorDate: Tue Apr 4 11:44:33 2017 -0400
Commit:     Bill Wei <bilwei>
CommitDate: Tue Apr 4 15:24:00 2017 -0400

    Parse password field from dialog and decryt before job launch
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1438923

 app/models/service_ansible_playbook.rb       | 17 ++++++++-------
 spec/models/service_ansible_playbook_spec.rb | 31 +++++++++++++++++-----------
 2 files changed, 29 insertions(+), 19 deletions(-)
Comment 5 Kedar Kulkarni 2017-10-12 19:49:50 UTC 
Blocked by https://bugzilla.redhat.com/1501528 since service can not be added to catalog and order can not be placed to check if the Bug is fixed.
Comment 6 Kedar Kulkarni 2017-11-10 19:40:56 UTC 
Verified for 5.9.0.8