Add warning message for username/password

Question

Add warning message for username/password

gregoan opened this issue 2 years ago · 8 comments

Hello,

The username and group defined in default authenticator are not exported by WDT.
This is not a real blocking point but will it be possible to add warning message in generated model file

The username/password are not exported so please check if they exist and add them in model file if needed

or to make this warning message customizable from command line property in case others customers don't want to see it ?

Regards.

Answer 1 · 2023-09-19T13:18:57.000Z

Discover Domain is not able to export the users and groups defined in the Default Authenticator. We will consider a configurable warning message as a potential enhancement request.

Answer 2 · 2023-09-19T20:50:09.000Z

Thanks a lot for this

Answer 3 · 2023-09-20T01:38:47.000Z

@gregoan Having thought a little about this, the concern that I have is that this warning would always appear for every single run of the Discover Domain tool. It's not like there is some domain characteristic we could use to determine whether to do this warning since every domain has at least one authentication provider.

Given that a warning will cause the discoverDomain shell script to exit with an exit code of 1 (denoting that there was one or more warning). We could make this a notification level log message and this will still cause it to show up in the tool summary without forcing a non-zero exit code.

If the message always appears, it's not clear that it is better to create the message or just document the limitation (assuming it isn't already). In my experience, if something happens all the time, people tend to ignore it.

Thoughts?

Answer 4 · 2023-09-20T06:07:24.000Z

Hi,

Today, I execute :
${HOME}/weblogic-deploy/bin/discoverDomain.sh -oracle_home ${oracleHome} -model_file ./DomainModel.yaml -variable_file ./DomainVariable.properties -admin_url ${oracleServerUrl} -remote -skip_archive

Tomorrow, I would like to know if it's possible to execute something like this (-print-warning is added - it's an example):
${HOME}/weblogic-deploy/bin/discoverDomain.sh -oracle_home ${oracleHome} -model_file ./DomainModel.yaml -variable_file ./DomainVariable.properties -admin_url ${oracleServerUrl} -remote -skip_archive -print-warning

The default mode for print-warning is false
If it's not set, we are using the current behavior.
If it is set then a header message could be added inside generated file (or an INFO message on STODUT) informing the user none username/group will be generated meaning an additional and manual check must be executed.
The warning/info message is not interfering with shell script execution (return code)

What do you think ?

Answer 5 · 2023-09-20T12:49:59.000Z

@gregoan Sorry, I must not have communicated my concern clearly. Let me try again.

Since the message will appear on every invocation (when you enable it), I am concerned that we are just adding information that the user will learn to ignore (since it happens every time). Why do we need to log a message about this with every Discover Domain execution rather than just documenting the limitation; for example, on https://oracle.github.io/weblogic-deploy-tooling/userguide/limitations/limitations/?

Answer 6 · 2023-09-20T18:13:25.000Z

@robertpatrick I see and you are totally right :)
I knew the limitation because I read the doc but it's not the case of everybody :)
I agree with your proposal ; let's try for it

Answer 7 · 2023-09-21T15:24:35.000Z

@gregoan How is this?

https://oracle.github.io/weblogic-deploy-tooling/userguide/limitations/limitations/#discover-domain-tool-does-not-discover-users-or-groups

Answer 8 · 2023-09-21T18:21:26.000Z

It's good from my point of view