Description of problem: During Deployment, error in downloading manifest shows password in plaintext Version-Release number of selected component (if applicable): QCI 1.2 How reproducible: 100% with error Steps to Reproduce: 1. Install QCI 1.2 2. Log into run launch-fusor-installer 3. Deploy a provider, with errors on CDN side Actual results: Password displayed Expected results: Password removed/covered/obscured Additional info: Error occurred in "Actions::Fusor::Subscription::DownloadManifest Input:" Password appeared in Errors tab for task, Input parameters
Hi Thom, Do you remember exactly where the password is being displayed? Is it in the DynFlow console, in a deployment log, or perhaps in development.log? Additionally, can you clarify instructions for replication of "errors on CDN side"? Thanks!
The password is displayed in the Dynflow console "Password appeared in Errors tab for task, Input parameters" As I recall, the "errors on CDN side" referred to problems connecting to Customer Portal.
Contacted Ivan Necas from Satellite team to see about adding password filtering support to DynFlow. Ivan responded quickly and opened up two pull requests. https://github.com/theforeman/foreman-tasks/pull/192 https://github.com/Dynflow/dynflow/pull/190 Erik Nelson assisted by testing PR set in a sandbox environment and gain a reasonable certainty that they will suit our needs. Blocking BZ filed against Satellite 6.2 to get Ivan's PRs downstreamed for future use by QCI. See BZ 1354526. This BZ is blocked until Satellite team downstreams changes.
We are removing this from GA as we require a RFE to be added to Sat which we don't expect to make it into Sat 6.2