Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check or reset the ID/PW of a project once registered when forgetting them #4844

Open
ffjlabo opened this issue Mar 21, 2024 · 6 comments · May be fixed by #4910
Open

Check or reset the ID/PW of a project once registered when forgetting them #4844

ffjlabo opened this issue Mar 21, 2024 · 6 comments · May be fixed by #4910
Assignees
@dgannon991
Labels
area/ops contribfest kind/enhancement New feature or request size/M

Comments

@ffjlabo
Copy link
Member

ffjlabo commented Mar 21, 2024

What would you like to be added:

It would be nice to be able to check or reset ID/PW in case we forgot them.

Why is this needed:
We can't log in when we forget them.
@ffjlabo ffjlabo added the kind/enhancement New feature or request label Mar 21, 2024
@dgannon991
Copy link
Contributor

Hi Guys,
I'd be interested in picking this one up, if it's still up for grabs.
Did you picture it being a command you could run on the server to remind you, or something more interactive in the GUI?
Cheers!
David

@ffjlabo
Copy link
Member Author

ffjlabo commented May 7, 2024

@dgannon991
Thank you! Please give it a try :)
First, I would like to reconsider how to deal with this issue.
I re-evaluated the situation and thought about how to deal with it.

There may be other workarounds besides this method.
I would like both of you to lend me your strength. WDYT? @khanhtc1202 @t-kikuc
if @dgannon991 also has any opinions, I'd love to hear them.

Motivation

The static admin is a project admin user generated automatically when the project is created. We can log in with that account.
Also, we can change the username and password on the web console.

ref: https://pipecd.dev/docs-v0.47.x/user-guide/managing-controlplane/auth/#static-admin

Currently, we can fix ID/PW only after logging in to the web console.
So if you forget them, we can't log in some cases below

  • before setting up the SSO
  • When enabling the static admin

How to solve it

[IMO] There are two ways for now.

  1. The control plane administrator resets the ID/PW on the ops page and notifies the new ID/PW to the project member. The control plane administrator encourages the project member to change them as soon as possible.

  2. The control plane administrator notifies the current ID/PW to the project member.

I think 1 is better because the control plane administrator should not know the info for the separating responsibility.

@t-kikuc t-kikuc changed the title Check or reset the ID/PW of a project once registered when to forget them Check or reset the ID/PW of a project once registered when forgetting them May 7, 2024
@t-kikuc
Copy link
Member

t-kikuc commented May 7, 2024

@ffjlabo
Is this the same as #2408?
If so, would you close #2408 with a comment?

@ffjlabo ffjlabo mentioned this issue May 7, 2024
Closed
@ffjlabo
Copy link
Member Author

ffjlabo commented May 7, 2024

@t-kikuc Thanks, closed

@t-kikuc
Copy link
Member

t-kikuc commented May 7, 2024

@ffjlabo
Thank you for your reconsideration.

How to solve it

I also think 1. is better because administrators should not know the current ID/PW for security.

@dgannon991
Copy link
Contributor

1 sounds great to me as well. I'll give it a go over the next few days. Cheers all!

@dgannon991 dgannon991 linked a pull request May 11, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dgannon991 dgannon991

Labels
area/ops contribfest kind/enhancement New feature or request size/M
Projects
v0.47.3
Status: In Progress
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add reset password button to ops project list dgannon991/pipecd-pipecd
4 participants
@dgannon991 @khanhtc1202 @ffjlabo @t-kikuc