Changed to not write the default creds when there are already creds (#34

) CASMHMS-6129
Cray-HPE · Feb 13, 2024 · 8e47d39 · 8e47d39
1 parent a94b634
commit 8e47d39
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 15 deletions.
diff --git a/.version b/.version
@@ -1 +1 @@
-1.15.0
+1.16.0
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.16.0] - 2024-02-07
+
+### Changed
+- Changed to not write the default credentials when there are already credentials in vault.
+
 ## [1.15.0] - 2023-09-25
 
 ### Added

diff --git a/cmd/hms_discovery/river.go b/cmd/hms_discovery/river.go
@@ -1,6 +1,6 @@
 // MIT License
 //
-// (C) Copyright [2020-2022] Hewlett Packard Enterprise Development LP
+// (C) Copyright [2020-2022,2024] Hewlett Packard Enterprise Development LP
 //
 // Permission is hereby granted, free of charge, to any person obtaining a
 // copy of this software and associated documentation files (the "Software"),
@@ -242,22 +242,35 @@ func doRiverDiscovery() {
 				}
 			}
 
-			// Put the creds in Vault.
-			compCred := compcredentials.CompCredentials{
-				Xname:    xname,
-				Username: defaultCredentials["Cray"].Username,
-				Password: defaultCredentials["Cray"].Password,
-			}
-			compCredErr := hsmCredentialStore.StoreCompCred(compCred)
-			if compCredErr != nil {
-				logger.Fatal("Failed to store BMC credentials!",
-					zap.Error(compCredErr),
+			creds, credsErr := hsmCredentialStore.GetCompCred(xname)
+			if credsErr != nil {
+				logger.Info("Using the default creds, because there was a failure reading the creds from vault",
 					zap.String("xname", xname),
-				)
+					zap.Error(credsErr))
+			}
 
-				failedXnames = append(failedXnames, xname)
+			if (creds.Xname == "" && creds.Username == "") || credsErr != nil {
+				// Put the creds in Vault.
+				compCred := compcredentials.CompCredentials{
+					Xname:    xname,
+					Username: defaultCredentials["Cray"].Username,
+					Password: defaultCredentials["Cray"].Password,
+				}
+				compCredErr := hsmCredentialStore.StoreCompCred(compCred)
+				if compCredErr != nil {
+					logger.Fatal("Failed to store BMC credentials!",
+						zap.Error(compCredErr),
+						zap.String("xname", xname),
+					)
 
-				break
+					failedXnames = append(failedXnames, xname)
+
+					break
+				}
+			} else {
+				logger.Info("Not writing default creds, because existing creds were found in vault.",
+					zap.String("xname", xname),
+					zap.String("username", creds.Username))
 			}
 
 			// From here on we know the xname is reachable and Redfish is responsive.