mnl/VM-Operator
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 4 Wiki Activity Actions

Clarify responsibilities of display secret monitor and reconciler.

Browse source
This commit is contained in:
Michael Lipp 2025-02-22 21:24:58 +01:00
parent e291352828
commit 81b128e4a3
5 changed files with 252 additions and 223 deletions
Download patch file Download diff file Expand all files Collapse all files

24
webpages/vm-operator/upgrading.md
View file

@ -7,16 +7,24 @@ layout: vm-operator
## To version 4.0.0
The VmViewer conlet has been renamed to VmAccess. This affects the
[configuration](https://jdrupes.org/vm-operator/user-gui.html). Configuration information using the old path
"/Manager/GuiHttpServer/ConsoleWeblet/WebConsole/ComponentCollector/VmViewer"
is still accepted for backward compatibility, but should be updated.
* The VmViewer conlet has been renamed to VmAccess. This affects the
[configuration](https://jdrupes.org/vm-operator/user-gui.html). Configuration
information using the old path
`/Manager/GuiHttpServer/ConsoleWeblet/WebConsole/ComponentCollector/VmViewer`
is still accepted for backward compatibility until the next major version,
but should be updated.
The change of name also causes conlets added to the overview page by
users to "disappear" from the GUI. They have to be re-added.
The change of name also causes conlets added to the overview page by
users to "disappear" from the GUI. They have to be re-added.
The latter behavior also applies to the VmConlet conlet which has been
renamed to VmMgmt.
The latter behavior also applies to the VmConlet conlet which has been
renamed to VmMgmt.
* The configuration property `passwordValidity` has been moved from component
`/Manager/Controller/DisplaySecretMonitor` to
`/Manager/Controller/Reconciler/DisplaySecretReconciler`. The old path is
still accepted for backward compatibility until the next major version,
but should be updated.
## To version 3.4.0

12
webpages/vm-operator/user-gui.md
View file

@ -127,16 +127,20 @@ of 16 (strong) random bytes (128 random bits). It is valid for
10 seconds only. This may be challenging on a slower computer
or if users may not enable automatic open for connection files
in the browser. The validity can therefore be adjusted in the
configuration.
configuration.[^oldPath]
```yaml
"/Manager":
"/Controller":
"/DisplaySecretMonitor":
# Validity of generated password in seconds
passwordValidity: 10
"/Reconciler":
"/DisplaySecretReconciler":
# Validity of generated password in seconds
passwordValidity: 10
```
[^oldPath]: Before version 4.0, the path for `passwordValidity` was
`/Manager/Controller/DisplaySecretMonitor`.
Taking into account that the controller generates a display
secret automatically by default, this approach to securing
console access should be sufficient in all cases. (Any feedback