1012981 – Drupal 7 Quickstart do not show the credentials for admin at installation (rhc & web console)

Bug 1012981 - Drupal 7 Quickstart do not show the credentials for admin at installation (rhc & web console)

Summary: Drupal 7 Quickstart do not show the credentials for admin at installation (rh...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	OpenShift Online
Classification:	Red Hat
Component:	Templates
Sub Component:
Version:	1.x
Hardware:	All
OS:	All
Priority:	medium
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	Michal Fojtik
QA Contact:	libra bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1013684
TreeView+	depends on / blocked

Reported:	2013-09-27 13:44 UTC by Diane Mueller
Modified:	2014-10-10 00:46 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-10-10 00:46:35 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Diane Mueller 2013-09-27 13:44:32 UTC

Description of problem:
Drupal 7 & 8 Quickstarts do not show the credentials for admin at installation (rhc & web console). Unlike the MySQL db credentials, the Drupal initial credentials are not displayed in the console or by rhc when Drupal is first installsed.

Version-Release number of selected component (if applicable):

How reproducible:

Deploy either Drupal 7 or 8 Quickstarts

Steps to Reproduce:
1.log into OpenShift Online Account
2.create a Drupal applications
3.click on the url given for the new Drupal site
4.view the Drupal login page
5. scratch head and begin the search for documentation telling you what the default login is
6. click back to console, see the MySQL credentials displayed
7. wonder why quickstart/cartridge didn't auto-generate a random password for Drupal admin and display it
8. start clicking around on site searching for documentations
9. eventually meander to github and read the read.md file and locate the u/p section
10. try and remember the url for the drupal site, then enter the default u/p
11. then click on the my account tab for drupal and change the password

Most Drupal users are NOT Github users, the odds of them releasing they need to go to github are slim to none. At DrupalCon/Prague, we had at least 5 intelligent human beings come back to the booth after signing up for Online to ask us what the u/p was after spending a good amount of time searching for it. These are technically savvy people who are not used to installing from github.

We need to do two things:

(1) display the default credentials in the web console and in the rhc output when installing Drupal Quickstarts/Cartridges.

(2) Figure out how to supply a randomly generated password like we do for MySQL so that we don't have loads of idle Drupal sites with the default u/p hanging around and easily hijacked. We should also do this for Word Press.

Actual results:
Frustrated First time experiences

Expected results:
Simplicity, Few Clicks to Success & no hijacks

Additional info:

Comment 1 Clayton Coleman 2013-09-30 14:17:54 UTC

Talked with Dan, we'd like to finally enable this in post-configure.

In cartridge_actions.rb#post_configure, if the configure is successful, grep the build.log to extract lines starting with CLIENT_MESSAGE|CLIENT_DEBUG|CLIENT_ERROR|CLIENT_RESULT, then ship only those lines (up to a certain size) back to the broker as part of the output.  

This should ensure that quickstarts can report messages back to the client.

Agree this is fairly high priority.

Comment 2 Jhon Honce 2013-10-01 16:24:48 UTC

Pull request https://github.com/openshift/origin-server/pull/3751 provides support for post_configure to report CLIENT_* messages to broker.

Currently these quickstarts emit admin credentials from the deploy action hook, who's stream cannot be parsed. A solution would be to refactor the quickstarts to use the build action hook to output the admin credentials.

Comment 3 openshift-github-bot 2013-10-01 23:38:25 UTC

Commit pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/b48dadaf12af9789690362c3d1831b8bb6365b39
Bug 1012981 - Parse post-configure output for client messages

Comment 4 Balazs Varga 2014-07-16 16:02:30 UTC

https://github.com/openshift/drupal-quickstart/pull/21

This PR also fixes the insecure default password issue.

Comment 5 XiuJuan Wang 2014-07-24 03:44:45 UTC

Checked in devenv_5003
1. Three scenarios for drupal7 quickstart with https://github.com/openshift/drupal-quickstart. Could show the randomly generated password:

    when creates the application from the web ui
    when creates the app with rhc app create --from-app [...]
    when creates the cartridges and pushes the quickstart via git

2. And the shown like the following:

Drupal installed successfully.

      Drupal admin login: admin
   Drupal admin password: B7lrWPysBrp8

Don't forget to change your drupal admin password!

3.Could reset admin passwd of drupal7 quickstart.

Move bug to VERIFIED.

Comment 6 XiuJuan Wang 2014-07-24 10:35:12 UTC

drupal8 quickstart(https://github.com/phase2/drupal-quickstart) is still created with the default password(openshift_changeme) from rhc and web console site.

Assignee this bug back

Comment 7 Balazs Varga 2014-07-24 14:24:47 UTC

@XiuJuan we don't support drupal8 at the moment, we also don't have control on the linked quickstart.

I'll notify the owner about the change I made, if he wants, he can apply them.

Comment 8 XiuJuan Wang 2014-07-25 02:41:38 UTC

According to comment 7, move bug to verified.

Comment 11 XiuJuan Wang 2014-07-25 06:34:16 UTC

@Balazs Thanks for your information~!

Note You need to log in before you can comment on or make changes to this bug.