pipecd icon indicating copy to clipboard operation
pipecd copied to clipboard
verified publisher icon pipe-cd

Check or reset the ID/PW of a project once registered when forgetting them

Open ffjlabo opened this issue 1 year ago • 6 comments

What would you like to be added:

It would be nice to be able to check or reset ID/PW in case we forgot them.

Why is this needed: We can't log in when we forget them.

ffjlabo avatar Mar 21 '24 00:03 ffjlabo

Hi Guys, I'd be interested in picking this one up, if it's still up for grabs. Did you picture it being a command you could run on the server to remind you, or something more interactive in the GUI? Cheers! David

dgannon991 avatar May 04 '24 12:05 dgannon991

@dgannon991 Thank you! Please give it a try :) First, I would like to reconsider how to deal with this issue. I re-evaluated the situation and thought about how to deal with it.

There may be other workarounds besides this method. I would like both of you to lend me your strength. WDYT? @khanhtc1202 @t-kikuc if @dgannon991 also has any opinions, I'd love to hear them.

Motivation

The static admin is a project admin user generated automatically when the project is created. We can log in with that account. Also, we can change the username and password on the web console.

ref: https://pipecd.dev/docs-v0.47.x/user-guide/managing-controlplane/auth/#static-admin

Currently, we can fix ID/PW only after logging in to the web console. So if you forget them, we can't log in some cases below

  • before setting up the SSO
  • When enabling the static admin

How to solve it

[IMO] There are two ways for now.

  1. The control plane administrator resets the ID/PW on the ops page and notifies the new ID/PW to the project member. The control plane administrator encourages the project member to change them as soon as possible.

  2. The control plane administrator notifies the current ID/PW to the project member.

I think 1 is better because the control plane administrator should not know the info for the separating responsibility.

ffjlabo avatar May 07 '24 05:05 ffjlabo

@ffjlabo Is this the same as https://github.com/pipe-cd/pipecd/issues/2408? If so, would you close https://github.com/pipe-cd/pipecd/issues/2408 with a comment?

t-kikuc avatar May 07 '24 06:05 t-kikuc

@t-kikuc Thanks, closed

ffjlabo avatar May 07 '24 08:05 ffjlabo

@ffjlabo Thank you for your reconsideration.

How to solve it

I also think 1. is better because administrators should not know the current ID/PW for security.

t-kikuc avatar May 07 '24 10:05 t-kikuc

1 sounds great to me as well. I'll give it a go over the next few days. Cheers all!

dgannon991 avatar May 10 '24 15:05 dgannon991