Error when configuring profile

[JirkaAichler]

I am getting the following error. I would expect a message that would allow me to figure out the cause.

workspace# zowe config set "profiles.a.properties.user" "a" --secure
Unexpected Command Error:
Please review the message and stack below.
Contact the creator of handler:
"/usr/lib/node_modules/@zowe/cli/node_modules/@zowe/imperative/lib/imperative/src/config/cmd/set/set.handler"
Message:
No such interface “org.freedesktop.Secret.Collection” on object at path /org/freedesktop/secrets/collection/login
Stack:
Error: No such interface “org.freedesktop.Secret.Collection” on object at path /org/freedesktop/secrets/collection/login

[zFernand0]

I know this may not be a headless linux environmet, but I believe some of the same concepts may apply
https://docs.zowe.org/stable/user-guide/cli-configure-scs-on-headless-linux-os/

General comment: Try unlocking the keyring ? 😋

[JirkaAichler]

It would be nice if this would be part of the message. :-) This message does not give you much information. It is rather for a developer, not u a user.

I figure it out but it is quite tricky inside a dockerfile.

[zFernand0]

I believe the most we can do is some sort of error mapping.
For example: if we find No such interface "org.freedesktop.Secret.Collection" in the error, we could add a suggestion to the additionalDetails about unlocking the keyring

IDK if we want to start mapping errors since those messages can change without us knowing.

Hey @JirkaAichler,
Since you were working on a Dockerfile, is it fair to close the issue (for now) since there is documentation on how to configure such environments ?

[JirkaAichler]

It would be also nice to add a section to documentation on how to use it in Docker. I spent several hours before it started to work.

[t1m0thyj]

It would be also nice to add a section to documentation on how to use it in Docker. I spent several hours before it started to work.

@JirkaAichler Would you mind creating an issue in the zowe/docs-site repo related to this?

[plavjanik]

Do we need to use the Secure Credential Store inside a container? It requires additional privileges --cap-add ipc_lock and magic steps to make it work which often diminishes the security. Since the containers with Zowe CLI are typically short-lived and not accessible from outside, it would make sense to allow disabling Secure Credential Store in this use case and make easy-to-use in containers.

[t1m0thyj]

@plavjanik If you wish to not use the Secure Credential Store inside a container, you can add a step to the Dockerfile before running Zowe CLI commands to set the overrides.CredentialManager property to false in ~/.zowe/settings/imperative.json. The default value in Zowe v2 is "@zowe/cli" to use the built-in credential manager, and in v1 was "@zowe/secure-credential-store-for-zowe-cli" when the SCS plug-in was installed. You may also want to set the autoStore property to false in any zowe.config.json files used in the container, as autoStore does not store credentials in plain text for security reasons.

[phaumer]

I created #1469 for some follow-up proposals.