search

pipe-cd / pipecd

The One CD for All {applications, platforms, operations}
https://pipecd.dev
Apache License 2.0
1.1k stars 154 forks source link

Check or reset the ID/PW of a project once registered when forgetting them #4844

Closed ffjlabo closed 5 months ago

ffjlabo commented 8 months ago

What would you like to be added:

It would be nice to be able to check or reset ID/PW in case we forgot them.

Why is this needed: We can't log in when we forget them.

dgannon991 commented 7 months ago

Hi Guys, I'd be interested in picking this one up, if it's still up for grabs. Did you picture it being a command you could run on the server to remind you, or something more interactive in the GUI? Cheers! David

ffjlabo commented 6 months ago

@dgannon991 Thank you! Please give it a try :) First, I would like to reconsider how to deal with this issue. I re-evaluated the situation and thought about how to deal with it.

There may be other workarounds besides this method. I would like both of you to lend me your strength. WDYT? @khanhtc1202 @t-kikuc if @dgannon991 also has any opinions, I'd love to hear them.

Motivation

The static admin is a project admin user generated automatically when the project is created. We can log in with that account. Also, we can change the username and password on the web console.

ref: https://pipecd.dev/docs-v0.47.x/user-guide/managing-controlplane/auth/#static-admin

Currently, we can fix ID/PW only after logging in to the web console. So if you forget them, we can't log in some cases below

How to solve it

[IMO] There are two ways for now.

  1. The control plane administrator resets the ID/PW on the ops page and notifies the new ID/PW to the project member. The control plane administrator encourages the project member to change them as soon as possible.

  2. The control plane administrator notifies the current ID/PW to the project member.

I think 1 is better because the control plane administrator should not know the info for the separating responsibility.

t-kikuc commented 6 months ago

@ffjlabo Is this the same as https://github.com/pipe-cd/pipecd/issues/2408? If so, would you close https://github.com/pipe-cd/pipecd/issues/2408 with a comment?

ffjlabo commented 6 months ago

@t-kikuc Thanks, closed

t-kikuc commented 6 months ago

@ffjlabo Thank you for your reconsideration.

How to solve it

I also think 1. is better because administrators should not know the current ID/PW for security.

dgannon991 commented 6 months ago

1 sounds great to me as well. I'll give it a go over the next few days. Cheers all!