Project

General

Profile

Actions

Bug #5663

closed

[Documentation] Use "...puts rand()..." instead of "rake secret" in apiserver/workbench install instructions

Added by Nancy Ouyang about 7 years ago. Updated about 7 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Radhika Chippada
Category:
Documentation
Target version:
Start date:
04/19/2015
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
0.0

Description

apps/workbench/config/application.yml.example should put "foobar" into secret_token, instead of "~" "rake secret" should work without a secret_token configured -- the instructions say to run "$ rake secret" to generate secret_token, but "$ rake secret" does not work unless you have something in the field already.

$ rake secret
rake aborted!
Refusing to start in development mode with missing configuration.

The following configuration settings must be specified in
config/application.yml:
* secret_token

http://doc.arvados.org/install/install-workbench-app.html
https://arvados.org/projects/arvados/wiki/Hacking_Workbench

(a bigger story is to write up doc: how to start workbench instance from scratch to connect to existing api servers)


Subtasks 1 (0 open1 closed)

Task #5774: Review branch: 5663-doc-rake-secretResolvedRadhika Chippada04/19/2015

Actions
Actions #1

Updated by Brett Smith about 7 years ago

  • Subject changed from application.yml.example for workench -- secret_token field causes "rake secret" to fail to [Workbench] Can't run "rake secret" without a secret_token already set
  • Category set to Workbench
  • Story points set to 0.5

It's worth checking whether the API server has the same problem, and addressing it there if so.

Actions #2

Updated by Tom Clegg about 7 years ago

Putting "foobar" in the default config is not acceptable because it allows the application to start up with secret set to a well known string. The current setup where secret_token is nil in the default config, and the default config is invalid, is all correct -- the bug is only that "rake secret" refuses to run when the configuration is incomplete/invalid. Unlike app startup and other rake tasks, "rake secret" actually should run when configuration is incomplete.

Other possible solutions:

"rake secret" just prints a string of random characters. There are lots of other ways to do that. We could change the instructions to say "tr -dc a-z </dev/urandom | head -c64; echo" or "ruby -e 'puts rand(2**400).to_s(36)'" instead of "rake secret".

We could bypass the check for that particular config variable (or any configs, for that matter) in the special case of "rake secret".

Perhaps it would also work to never check whether secret_token is nil in our generic nil-config-preventing code. This would be acceptable if Rails itself already refuses to start up without it.

Actions #3

Updated by Tom Clegg about 7 years ago

  • Description updated (diff)
Actions #4

Updated by Tom Clegg about 7 years ago

  • Target version changed from Bug Triage to Arvados Future Sprints
Actions #5

Updated by Tom Clegg about 7 years ago

  • Subject changed from [Workbench] Can't run "rake secret" without a secret_token already set to [Documentation] Use "...puts rand()..." instead of "rake secret" in apiserver/workbench install instructions
Actions #6

Updated by Tom Clegg about 7 years ago

  • Target version changed from Arvados Future Sprints to 2015-05-20 sprint
Actions #7

Updated by Tom Clegg about 7 years ago

  • Assigned To set to Radhika Chippada
  • Target version changed from 2015-05-20 sprint to 2015-04-29 sprint
  • Story points changed from 0.5 to 0.0
Actions #8

Updated by Radhika Chippada about 7 years ago

  • Status changed from New to In Progress
  • Category changed from Workbench to Documentation
Actions #9

Updated by Radhika Chippada about 7 years ago

Notes:

  • Updated API and Workbench documentation to use "puts rand" instead of "rake secret"
  • Also updated SSO guide to use "puts rand" in place of "rake secret"
  • While at it, I also updated the index.html. Minor update to make the left hand side of the table to use the same display style as the right hand side with titles. I think the page looks more balanced with this.
Actions #10

Updated by Tom Clegg about 7 years ago

LGTM, thanks!

Actions #11

Updated by Radhika Chippada about 7 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 100

Applied in changeset arvados|commit:2054cdb05d79a3c45e8346661adc81062c383b16.

Actions

Also available in: Atom PDF