Fix save vCenter credentials functionality #489
Conversation
Pull Request Test Coverage Report for Build 2035
💛 - Coveralls |
Pull Request Test Coverage Report for Build 1735
💛 - Coveralls |
|
I am not sure if this is the right way to go. As long as we call the existing button as But I do not think this is the right direction. With this small-side-management approach, concerns of the wizard will become huge very soon. It would even make more sense to me to manage "persistent" connection is a separate part of the UI. Anyway for the BZ 1714004, I think it's enough to keep behaviour as it is now, except changing the last step fired in
@pcbailey, @andybraren and others, what do you think? PS: if nothing else, the flow around |
This is a good point. If we move forward with the proposed functionality, the button name should be changed to better reflect what it's actually doing. Letting the user decide the name is a good idea, as well.
I agree that things could easily get out of control. In terms of managing the connection as a separate part of the UI, what exactly are you thinking?
I haven't tested it, but it's my understanding that this is how it works currently. I did intend to remove the creation of the additional secret at the end of the flow for this PR, but obviously forgot it.
I think it makes sense to only persist the connection once the wizard is completed. I don't expect any changes I make in a wizard to become permanent until I get to the end. |
I agree @mareklibra, we definitely don't want to overload this wizard with side-tasks. Allowing users to validate and visibly see a new vCenter connection "saving" inside of Step 1 probably makes sense from a UX perspective though. I can see why this was filed as a bug. Thankfully I think there's a way to improve this that (hopefully) won't require significant changes. Here's a screenshot from Marek's recent video (which is super useful by the way, thank you!).
What do we think of this flow?:
|
I agree 100% that including a mini Create Secret Wizard within a Create VM wizard is a little odd, but until a separate UI is developed (not sure by whom, or where it would live in the console) including this mini-wizard within Create VM is still much better than letting the user figure out how to create the secret correctly on their own. Hopefully this is the only mini-wizard like this we'll need for Create VM.
@pcbailey Curious to hear what your thoughts are on the proposed flow above. |
I was wondering about the UX of having the user configure the secret first and then using the wizard. That's why I was asking for more details. I agree that a mini-wizard (I like the term, btw) is a viable option for the time being, unless technical limitations dictate otherwise. I'd like to hear @mareklibra's thoughts on that.
Agreed!
With the proposed changes, I think it's much clearer what's happening and is an acceptable way to handle the issue until/unless a better approach can be developed. Do you think we should provide any information to the user about how to manage the secret in case they decide after creating/saving it that they really didn't want to store the information or details need to be changed? I don't know that it's going to be obvious to them that it's being stored as a secret. Also, do you have an opinion one way or another on user-selected naming vs name generation? |
Great point. Maybe descriptive text underneath the checkbox with an external link to documentation on managing Secrets. Something short like this? (wording is tricky):
I know @matthewcarleton tested this at Summit and IIRC participants liked the idea of autogenerated names. Matt has been working on a PF4-ified version of this wizard over in the OpenShift Design repo that positions the Name & Description fields at the bottom of Step 1 to support this, but there are some remaining questions about whether/how users should be able to specify their own naming patterns. |
That would work nicely. =) The wording does feel a bit off, but I can't think of anything better off the top of my head, either.
Cool. I know users would appreciate that feature once they're importing and creating VMs in bulk. It would also be pretty easy to provide both as an option if we found that enough users wanted to be able to provide custom names. @matthewcarleton The PF4 mockups look great! |
I don't think the users need to understand that the underlying structure is a kubernetes secret. In this whole VM dialog we are trying to make everything very easy, not trying to explain the underlying concepts. For example when we create a new disk, we are not explaining that we are using DataVolumes / CDI for that. It is just a disk of a specified size from the user's PoV. Here it should just be the connection parameters. But other than that I really like the small changes proposed here, they will make it very clear what is happening. |
I was looking at it from the perspective that we offer the user the option to store the credentials and they may change their mind later and want to delete them. It's like when I use a credit card online. Sometimes I save the card while processing a transaction and decide afterward that I really don't want to leave that information stored there, so I go back into my account and remove it. Also, is it not possible that the username or password may change and require updating? I'm not really sure how these things are managed and used in real life, so I'm thinking about it from the way I manage my own data. |
That is actually a good point. But it than brings a new question: how will the user know which of the secrets in the system is this particular thing stored in? Im not saying to not to solve this issue, but not in this particular PR. |
I guess that's where naming comes into play. If the user will be able to define their own naming patterns as @andybraren mentioned previously, then they should be able to identify it. Being able to set their own names at the time the instance is created would also help, if users actually want that option.
Understood. I don't know how important management of these credentials are to our user base and how many instances can be expected in a normal scenario. If it's very important and/or many instances is the norm, then it's probably worth it to look into creating functionality that allows the user to manage them within the more specific context of vCenter credentials instead of the more generic secret context. Just my two cents worth. |
AFAIK you will typically have one vcenter instance from which you will be migrating the VMs. |
Gotcha. Then it's probably not worth investing much time and effort into a separate UI for managing them. As long as the name shows in the list and the user knows that it's stored as a secret, they can search the secrets list by name to find it. My only concerns are whether or not the typical user will know that it's stored as a secret and do we want to tell them about it. I'll leave that up to the UX folks to decide. =) @andybraren Thoughts? |
|
+1 on what Andy is proposing here. An alternative to this would be something similar to what Andy is suggesting when they need to update they could do it in the same way they are adding the credentials. |
I'm ok with this if everyone else is, but I would like for us to at least have something in the documentation that tells a user how to update credentials without having to use the wizard. If I were a user that wanted to update a set of credentials, I would find it odd to have to pretend to import a VM just to make that update. That being said, I also don't know enough about the use case(s) to know how likely this scenario is in the real world. So, if you guys think that it isn't realistic, then I acquiesce. =) |
|
what if we tweak the text @andybraren is suggesting from |
yes, that sounds great! Maybe just one correction, not "secrets" but "secret" (we store this credentials in one secret only) |
|
My apologies, guys. I think this whole conversation may be moot. I didn't notice that there's already an info icon next to the checkbox with the following text: If everyone agrees, I'm going to leave the info icon, but improve the wording a tiny bit and change it to the following: |
+1, sounds good |
|
@pcbailey just to confirm are we not adding any further functionality to this feature now (no check and save, check and update actions)? I just want to ensure I cover everything in the new designs too :) |
|
@matthewcarleton I'll be pushing an update to this PR today that will add parts 1-3 of @andybraren's proposed flow:
I'm running into an issue I haven't been able to fix while trying to implement part 4, but we plan to add that in a future update. We just want to get the primary fix into tomorrow's build. Correct me if I'm wrong @jelkosz.
|
|
ok great! What do we think about the ability to add "check and update" as well. Seems like a nice feature rather than sending the user to go update things and come back. Is there any technical issues with this approach? |
pcbailey
force-pushed
the
save-vcenter-credentials
branch
from
665710d
to
112a7e0
Compare
|
I like the idea. The only technical concern I can think of off the top of my head would be determining whether the check failed because the credentials are incorrect or from some other issue such as a network timeout. I'm not sure how much information we get when a check fails. I'd also want @mareklibra or @suomiy to weigh in, as they're far more knowledgeable than I am. |
|
ah good point. In that case we should investigate wording a bit more around
different types of errors I suppose. If there is an error hopefully we can
provide some meaningful assistance.
…On Thu, Jun 6, 2019 at 5:22 PM Phillip Bailey ***@***.***> wrote:
I like the idea. The only technical concern I can think of off the top of
my head would be determining whether the check failed because the
credentials are incorrect or from some other issue such as a network
timeout. I'm not sure how much information we get when a check fails. I'd
also want @mareklibra <https://github.com/mareklibra> or @suomiy
<https://github.com/suomiy> to weigh in, as they're far more
knowledgeable than I am.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#489?email_source=notifications&email_token=AACGJCBNGSU5GBDOF2DYWADPZFWYHA5CNFSM4HSEAU32YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODXEBRCI#issuecomment-499652745>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AACGJCC55J33BGWICQ7AYZLPZFWYHANCNFSM4HSEAU3Q>
.
--
Matthew Carleton
Senior Interaction Designer
User Experience Design Team
Red Hat, Inc.
mcarleton@redhat.com <mcarleto@redhat.com>
|
pcbailey
force-pushed
the
save-vcenter-credentials
branch
2 times, most recently
from
7422a85
to
dba4a94
Compare
well, its our code on the backend, it can return us anything we need. I would just be careful implementing it now. We are not doing any development on master until we move everything to upstream openshift and we are not adding any new features to the stable branch. In general its worth a little design work, but not really in this PR we need to get in asap :) |
We can pass through whatever details needed, the backend is ours. But for 2.0.0 there is no time to do that. Recently just the info about failing connection is provided. Relevant links to backend:
|
|
@pcbailey @jtomasek @mareklibra that sounds good to me. I'll add it to our list of design updates to follow up on. |
pcbailey
force-pushed
the
save-vcenter-credentials
branch
from
dba4a94
to
eee5ed9
Compare
This PR fixes an issue where vCenter credentials are not saved unless the create VM wizard is completed, regardless of success or failure. These changes cause the
kubevirt.io/temporarylabel to be removed from the secret if the "Remember vCenter credentials" box is checked and adds the label with a value of true if the "Remember vCenter credentials" box is unchecked; however, these changes are only made if the connection check is successful.Bug: https://bugzilla.redhat.com/1714004
Depends on: kubevirt/web-ui#399