-
Notifications
You must be signed in to change notification settings - Fork 362
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Document replacing credentials in a basic auth setup #8491
Conversation
♻️ PR Preview 2dc6a56 has been successfully destroyed since this PR has been closed. 🤖 By surge-preview |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added non blocking comments, LGTM
@@ -25,6 +25,34 @@ Existing lakeFS installations that have a single user and a single set of creden | |||
Installations that have more than one user / credentials will require to run a command and choose which set of user + credentials to migrate | |||
(more details [here](#migration-of-existing-user)) | |||
|
|||
### Replacing credentials | |||
|
|||
To replace the credentials of the (single) user in a lakefs installation: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To replace the credentials of the (single) user in a lakefs installation: | |
In non-ACL setup (single user) to replace the credentials in a lakefs installation: |
> Calling the `superuser` command with `--access-key-id` and without `--secret-access-key` will make lakefs try to | ||
> import an existing user (see [Migration of existing user](#migration-of-existing-user)). | ||
> In case you already deleted the user by following step (1), this import operation will **fail** and result in an | ||
> **unrecoverable** state, and a clean installation is the only way out. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
> Calling the `superuser` command with `--access-key-id` and without `--secret-access-key` will make lakefs try to | |
> import an existing user (see [Migration of existing user](#migration-of-existing-user)). | |
> In case you already deleted the user by following step (1), this import operation will **fail** and result in an | |
> **unrecoverable** state, and a clean installation is the only way out. | |
> Calling the `superuser` command with pre-defined `--access-key-id` and `--secret-access-key` is possible but should be done with caution. Make sure that `--secret-access-key` is **not empty**, It's suitable for ACL's | |
> import an existing user (see [Migration of existing user](#migration-of-existing-user)). | |
> In case you already deleted the user by following step (1), this import operation will **fail** and result in an | |
> **unrecoverable** state, and a clean installation is the only way out. |
> In case you already deleted the user by following step (1), this import operation will **fail** and result in an | ||
> **unrecoverable** state, and a clean installation is the only way out. | ||
> | ||
> In general, replacing credentials is a risky operation. Proceed with caution. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure what is the value of this sentence, I would remove it (up to you)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @Isan-Rivkin, I changed the wording in the "direction" of your suggestions, but not exactly (preferred other sentence structures).
You're welcome to take another look (not asking for re-review though 🙂)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for documenting this!
In the current docs structure, this is the best place for this but we may want to change this is the future (a product item).
@@ -25,6 +25,34 @@ Existing lakeFS installations that have a single user and a single set of creden | |||
Installations that have more than one user / credentials will require to run a command and choose which set of user + credentials to migrate | |||
(more details [here](#migration-of-existing-user)) | |||
|
|||
### Replacing credentials | |||
|
|||
In non-ACL setup (single user), replacing credentials can be done as follows: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In non-ACL setup (single user), replacing credentials can be done as follows: | |
In a single user setup, replacing credentials can be done as follows: |
@@ -25,6 +25,34 @@ Existing lakeFS installations that have a single user and a single set of creden | |||
Installations that have more than one user / credentials will require to run a command and choose which set of user + credentials to migrate | |||
(more details [here](#migration-of-existing-user)) | |||
|
|||
### Replacing credentials |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Credentials Replacement
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @talSofer, fixed your comments.
Waiting for CI and pulling
> as providing an access key without a secret key will trigger an ACL import flow | ||
> (see [Migration of existing user](#migration-of-existing-user)). | ||
> In case you already deleted the user by following step (1), this import operation will **fail** and result in an | ||
> **unrecoverable** state, from which a clean installation is the only way out. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not good. You should at least provide a way to reset the super user here..
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ion-elgreco thanks for the feedback (!!)
You are right that it's not good, this specific scenario is an edge case that is not supported for OSS without ACL.
We created an issue to add programatic protection against this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I added a response to the issue last night, for a possible quick solution
Closes #8444