Red Hat Satellite 6.3 adds the ability to start a session to run Hammer commands so that the user only authenticates once, and subsequent commands are automatically authenticated using a token for the duration of the session. A procedure on how to start a session must be added to the Hammer CLI Guide.
Added engineering tracker to the 'depends' list.
Assigning to Misha for review.
Hi Michaela, I checked your text again using latest snap (satellite-6.3.0-19.0.beta.el7sat.noarch) where we have a fix for 1471099 present. With this fix, session and stored credentials are mutually exclusive, so I'd mention probably in step one in your procedure something like "Note that if you enable sessions, username and password settings in the .yml will be ignored" Also, I'd rather not call it tokenized authentication, this name sticked from the beginning when api tokens were considered as a possible solution, but now I'd say it is misleading. I'd call it hammer authentication sessions, so for the intro paragraph I suggest something like this: "Another option is to use a hammer authentication session. It is a cache that stores your credentials for a specified time. You provide your Satellite credentials only once, at the beginning of the session. By using sessions you can avoid storing your credentials in the ~/.hammer/cli.modules.d/foreman.yml file. Follow these steps to use authentication sessions: " Another problem is that changes in 6.3 make the first part of section 1.2 outdated: "By default, hammer prompts for your Satellite credentials each time you issue a command." -- in 6.3, when you install Sat (with satellite-installer) and specify the --foreman-admin-password option, the ~/.hammer/cli.modules.d/foreman.yml file is created and populated with :username and :password options so hammer will not prompt you for creds. If you didn't install with --foreman-admin-password, hammer will prompt for creds, but you don't need to create ~/.hammer/cli_config.yml as written in step 1, just set username/password in ~/.hammer/cli.modules.d/foreman.yml that should already exist. Steps 2 and 3 are also no longer necessary. Hope this helps
Good work, just two comments: In your config example, omit the ":host: 'https://satellite.example.com/'" no need to specify host there (I think it is set already somewhere in /etc/hammer/cli.modules.d/foreman.yml). The concluding note. "Examples in this guide assume saved credentials.", could confuse people to think they have to use option one, I'd add "...or enabled session". Otherwise ACK
This content shall be published with the next release of the Red Hat Satellite 6.3 Beta documentation. Closing.