Bug 2119155
Summary: | With every edit of an exising webhook, the value in password field disappears in Satellite 6.10/6.11/6.12 | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Sayan Das <saydas> | ||||||
Component: | Hooks and Webhooks | Assignee: | Oleh Fedorenko <ofedoren> | ||||||
Status: | CLOSED ERRATA | QA Contact: | Peter Ondrejka <pondrejk> | ||||||
Severity: | high | Docs Contact: | |||||||
Priority: | unspecified | ||||||||
Version: | 6.10.7 | CC: | ahumbe, iballou, mhulan, ofedoren, pcreech, wclark | ||||||
Target Milestone: | 6.13.0 | Keywords: | Triaged | ||||||
Target Release: | Unused | ||||||||
Hardware: | All | ||||||||
OS: | All | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | rubygem-foreman_webhooks-3.0.5 | Doc Type: | If docs needed, set a value | ||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | |||||||||
: | 2131771 2150069 (view as bug list) | Environment: | |||||||
Last Closed: | 2023-05-03 13:21:36 UTC | Type: | Bug | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Sayan Das
2022-08-17 17:45:43 UTC
While creating: 2022-08-17T13:23:58 [I|app|c5d3c02f] Started POST "/api/webhooks" for 10.74.XX.YYY at 2022-08-17 13:23:58 -0400 2022-08-17T13:23:58 [I|app|c5d3c02f] Processing by Api::V2::WebhooksController#create as JSON 2022-08-17T13:23:58 [I|app|c5d3c02f] Parameters: {"name"=>"Test", "target_url"=>"https://satellite.example.com:9090/shellhook/store_data", "user"=>"admin", "password"=>"[FILTERED]", "webhook_template_id"=>213, "http_method"=>"POST", "http_content_type"=>"application/json", "enabled"=>true, "verify_ssl"=>false, "ssl_ca_certs"=>"", "http_headers"=>"", "proxy_authorization"=>true, "event"=>"build_entered.event.foreman", "apiv"=>"v2", "webhook"=>{"name"=>"Test", "target_url"=>"https://satellite.example.com:9090/shellhook/store_data", "webhook_template_id"=>213, "http_method"=>"POST", "http_content_type"=>"application/json", "enabled"=>true, "verify_ssl"=>false, "ssl_ca_certs"=>"", "user"=>"admin", "password"=>"[FILTERED]", "http_headers"=>"", "proxy_authorization"=>true}} 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on name Test 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on target_url https://satellite.example.com:9090/shellhook/store_data 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on events ["build_entered.event.foreman"] 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on webhook_template_id 213 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on http_method POST 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on http_content_type application/json 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on enabled true 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on verify_ssl false 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on ssl_ca_certs 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on user admin 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on password [redacted] 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on http_headers 2022-08-17T13:23:58 [I|aud|c5d3c02f] Webhook (8) create event on proxy_authorization true While re-opening and immediately submitting without even making any changes : 2022-08-17T13:26:32 [I|app|c96c7748] Started PUT "/api/webhooks/8" for 10.74.XX.YYY at 2022-08-17 13:26:32 -0400 2022-08-17T13:26:32 [I|app|c96c7748] Processing by Api::V2::WebhooksController#update as JSON 2022-08-17T13:26:32 [I|app|c96c7748] Parameters: {"id"=>"8", "name"=>"Test", "target_url"=>"https://satellite.example.com:9090/shellhook/store_data", "user"=>"admin", "password"=>"[FILTERED]", "http_method"=>"POST", "http_content_type"=>"application/json", "webhook_template_id"=>213, "event"=>"build_entered.event.foreman", "enabled"=>true, "verify_ssl"=>false, "ssl_ca_certs"=>"", "http_headers"=>"", "apiv"=>"v2", "webhook"=>{"id"=>"8", "name"=>"Test", "target_url"=>"https://satellite.example.com:9090/shellhook/store_data", "webhook_template_id"=>213, "http_method"=>"POST", "http_content_type"=>"application/json", "enabled"=>true, "verify_ssl"=>false, "ssl_ca_certs"=>"", "user"=>"admin", "password"=>"[FILTERED]", "http_headers"=>""}} 2022-08-17T13:26:32 [I|aud|c96c7748] Webhook (8) update event on password [redacted], [redacted] As we can clearly see, the password field gets updated and it gets updated with a blank value CC'ing Oleh for visibility Created redmine issue https://projects.theforeman.org/issues/35385 from this bug Upstream bug assigned to ofedoren Upstream bug assigned to ofedoren Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/35385 has been resolved. Created attachment 1915112 [details]
RHEL 7 Hotfix RPM for Satellite 6.11.3
RHEL 7 INSTALL INSTRUCTIONS:
1. Take a complete backup or snapshot of the Satellite 6.11.3 server running RHEL 7
2. Download the RHEL 7 hotfix RPM for Satellite 6.11.3 attached to this BZ and copy it to the Satellite server
3. # yum install ./tfm-rubygem-foreman_webhooks-2.0.1-2.HOTFIXRHBZ2119155.el7sat.noarch.rpm --disableplugin=foreman-protector
4. # satellite-maintain service restart
Created attachment 1915113 [details]
RHEL 8 Hotfix RPM for Satellite 6.11.3
RHEL 8 INSTALL INSTRUCTIONS:
1. Take a complete backup or snapshot of the Satellite 6.11.3 server running RHEL 8
2. Download the RHEL 8 hotfix RPM for Satellite 6.11.3 attached to this BZ and copy it to the Satellite server
3. # yum install ./rubygem-foreman_webhooks-2.0.1-2.HOTFIXRHBZ2119155.el8sat.noarch.rpm --disableplugin=foreman-protector
4. # satellite-maintain service restart
Verified on Satellite 6.13 snap 2 using steps from the problem description. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Satellite 6.13 Release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:2097 |