Description of problem: Attempting an installation of IPI on BM using idrac-redfish for Dell servers produced in the logs a POST command with the BMC credentials in plain text. I scrubbed the data below but wanted to show what I see in the logs Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Install IPI on BM latest 4.6 nightly (4.6.0-0.nightly-2020-08-24-100004) 2020-08-25 13:07:14.556 1 DEBUG sushy.connector [req-16dbbd70-ad05-44ef-940f-e56279abf7f1 - - - - -] HTTP request: POST https://<server>/redfish/v1/SessionService/Sessions; headers: {'X-Auth-Token': None, 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': 'password'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:99[00m /usr/lib/python3.6/site-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings A patch has been created by Dmitry: https://review.opendev.org/#/c/747951/
See update on tagged package in https://bugzilla.redhat.com/show_bug.cgi?id=1872341. Fix has been merged and pkg has been tagged and is available in ironic-container-v4.6.0-202008290042.p0 (https://brewweb.engineering.redhat.com/brew/buildinfo?buildID=1300877).
Version - 4.6.0-0.nightly-2020-09-10-054902 From bootstrap: 2020-09-10 10:47:12.664 1 DEBUG sushy.connector [req-d7384c3a-5e60-49a2-9f0f-06f654ab48e6 - - - - -] HTTP request: POST https://10.46.2.222/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:102 2020-09-10 10:47:12.776 1 DEBUG sushy.connector [req-9380b505-49cb-4d11-ba1b-afa5ce46da64 - - - - -] HTTP request: POST https://10.46.2.221/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:102 2020-09-10 10:47:12.780 1 DEBUG sushy.connector [req-9e418acc-0470-4062-b66d-c33d37302966 - - - - -] HTTP request: POST https://10.46.2.220/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:102 From master ironic: 2020-09-10 11:41:38.350 1 DEBUG sushy.connector [req-551557e5-fe4e-4677-9670-925effa48857 ironic-user - - - -] HTTP request: POST https://10.46.2.224/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:102 2020-09-10 11:41:38.445 1 DEBUG sushy.connector [req-ef4e24ef-fe36-43f9-ab50-0fdaa4cb6f36 ironic-user - - - -] HTTP request: POST https://10.46.2.229/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:102 2020-09-10 11:41:38.689 1 DEBUG sushy.connector [req-6a225e42-7574-4278-b655-59fdaba29a3d ironic-user - - - -] HTTP request: POST https://10.46.2.223/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:102 2020-09-10 11:41:39.057 1 DEBUG sushy.connector [req-dce70684-32a9-42f7-a5ee-66238bf0f54f ironic-user - - - -] HTTP request: POST https://10.46.2.222/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:102 2020-09-10 11:41:39.351 1 DEBUG sushy.connector [req-3b5cf3a9-5b92-4038-9522-585ffc502b19 ironic-user - - - -] HTTP request: POST https://10.46.2.230/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:102 2020-09-10 11:41:39.405 1 DEBUG sushy.connector [req-70d88aca-da02-48b6-acb7-426ac0c1c494 ironic-user - - - -] HTTP request: POST https://10.46.2.221/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:102 2020-09-10 11:41:40.128 1 DEBUG sushy.connector [req-b148ccfa-f129-47d3-a759-f09006341166 ironic-user - - - -] HTTP request: POST https://10.46.2.220/redfish/v1/SessionService/Sessions/; headers: {'X-Auth-Token': '***', 'OData-Version': '4.0'}; body: {'UserName': 'admin', 'Password': '***'}; blocking: False; timeout: 60; session arguments: {}; _op /usr/lib/python3.6/site-packages/sushy/connector.py:
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196