Bug 2028268
| Summary: | Password parameters are listed in FirmwareSchema in spite that cannot and shouldn't be set in HostFirmwareSettings | ||||||
|---|---|---|---|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Lubov <lshilin> | ||||
| Component: | Bare Metal Hardware Provisioning | Assignee: | Bob Fournier <bfournie> | ||||
| Bare Metal Hardware Provisioning sub component: | ironic | QA Contact: | Lubov <lshilin> | ||||
| Status: | CLOSED ERRATA | Docs Contact: | |||||
| Severity: | medium | ||||||
| Priority: | medium | CC: | bfournie | ||||
| Version: | 4.10 | Keywords: | Triaged | ||||
| Target Milestone: | --- | ||||||
| Target Release: | 4.10.0 | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2022-03-10 16:31:35 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Yeah, that's a good point, we can take the password fields out of the schema too. Fix has merged downstream on 12/17. Just waiting for a new 4.10 build verified on 4.10.0-0.nightly-2021-12-23-153012 on HPE setup Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056 |
Created attachment 1844401 [details] Dell FirmwareSchema Description of problem: According to requirements the values of Password AttributeType should not be stored in the status section and they should not be allowed to be set via the spec section. In FirmwareSchema they are listed as read-only: false (e.g. for Dell 'SHA256SystemPasswordSalt', 'SetupPassword', 'SHA256SetupPassword', 'SHA256SetupPasswordSalt', 'SysPassword', 'PasswordStatus', 'SHA256SystemPassword' are listed in schema). It's very confusing and can give an impression that this parameters are settable via HostFirmwareSettings CRDs I'd recommend to remove them from schema as well