Red Hat Bugzilla – Bug 1012981
Drupal 7 Quickstart do not show the credentials for admin at installation (rhc & web console)
Last modified: 2014-10-09 20:46:35 EDT
Description of problem:
Drupal 7 & 8 Quickstarts do not show the credentials for admin at installation (rhc & web console). Unlike the MySQL db credentials, the Drupal initial credentials are not displayed in the console or by rhc when Drupal is first installsed.
Version-Release number of selected component (if applicable):
Deploy either Drupal 7 or 8 Quickstarts
Steps to Reproduce:
1.log into OpenShift Online Account
2.create a Drupal applications
3.click on the url given for the new Drupal site
4.view the Drupal login page
5. scratch head and begin the search for documentation telling you what the default login is
6. click back to console, see the MySQL credentials displayed
7. wonder why quickstart/cartridge didn't auto-generate a random password for Drupal admin and display it
8. start clicking around on site searching for documentations
9. eventually meander to github and read the read.md file and locate the u/p section
10. try and remember the url for the drupal site, then enter the default u/p
11. then click on the my account tab for drupal and change the password
Most Drupal users are NOT Github users, the odds of them releasing they need to go to github are slim to none. At DrupalCon/Prague, we had at least 5 intelligent human beings come back to the booth after signing up for Online to ask us what the u/p was after spending a good amount of time searching for it. These are technically savvy people who are not used to installing from github.
We need to do two things:
(1) display the default credentials in the web console and in the rhc output when installing Drupal Quickstarts/Cartridges.
(2) Figure out how to supply a randomly generated password like we do for MySQL so that we don't have loads of idle Drupal sites with the default u/p hanging around and easily hijacked. We should also do this for Word Press.
Frustrated First time experiences
Simplicity, Few Clicks to Success & no hijacks
Talked with Dan, we'd like to finally enable this in post-configure.
In cartridge_actions.rb#post_configure, if the configure is successful, grep the build.log to extract lines starting with CLIENT_MESSAGE|CLIENT_DEBUG|CLIENT_ERROR|CLIENT_RESULT, then ship only those lines (up to a certain size) back to the broker as part of the output.
This should ensure that quickstarts can report messages back to the client.
Agree this is fairly high priority.
Pull request https://github.com/openshift/origin-server/pull/3751 provides support for post_configure to report CLIENT_* messages to broker.
Currently these quickstarts emit admin credentials from the deploy action hook, who's stream cannot be parsed. A solution would be to refactor the quickstarts to use the build action hook to output the admin credentials.
Commit pushed to master at https://github.com/openshift/origin-server
Bug 1012981 - Parse post-configure output for client messages
This PR also fixes the insecure default password issue.
Checked in devenv_5003
1. Three scenarios for drupal7 quickstart with https://github.com/openshift/drupal-quickstart. Could show the randomly generated password:
when creates the application from the web ui
when creates the app with rhc app create --from-app [...]
when creates the cartridges and pushes the quickstart via git
2. And the shown like the following:
Drupal installed successfully.
Drupal admin login: admin
Drupal admin password: B7lrWPysBrp8
Don't forget to change your drupal admin password!
3.Could reset admin passwd of drupal7 quickstart.
Move bug to VERIFIED.
drupal8 quickstart(https://github.com/phase2/drupal-quickstart) is still created with the default password(openshift_changeme) from rhc and web console site.
Assignee this bug back
@XiuJuan we don't support drupal8 at the moment, we also don't have control on the linked quickstart.
I'll notify the owner about the change I made, if he wants, he can apply them.
According to comment 7, move bug to verified.
@Balazs Thanks for your information~!