Skip to content

Commit

Permalink
Remove default admin credentials (#1134) (#1144)
Browse files Browse the repository at this point in the history
* Remove default admin credentials



* Replace default password with a placeholder in README files



---------


(cherry picked from commit 7192d84)

Signed-off-by: Jackie Han <[email protected]>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
  • Loading branch information
1 parent 72b7d53 commit b06717c
Show file tree
Hide file tree
Showing 4 changed files with 7 additions and 7 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/test_security.yml
Original file line number Diff line number Diff line change
Expand Up @@ -68,16 +68,16 @@ jobs:
if: env.imagePresent == 'true'
run: |
cd ..
docker run -p 9200:9200 -d -p 9600:9600 -e "discovery.type=single-node" opensearch-ad:test
docker run -p 9200:9200 -d -p 9600:9600 -e "OPENSEARCH_INITIAL_ADMIN_PASSWORD=myStrongPassword123!" -e "discovery.type=single-node" opensearch-ad:test
sleep 90
- name: Run AD Test
if: env.imagePresent == 'true'
run: |
security=`curl -XGET https://localhost:9200/_cat/plugins?v -u admin:admin --insecure |grep opensearch-security|wc -l`
security=`curl -XGET https://localhost:9200/_cat/plugins?v -u admin:myStrongPassword123! --insecure |grep opensearch-security|wc -l`
if [ $security -gt 0 ]
then
echo "Security plugin is available"
./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=admin
./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=myStrongPassword123!
else
echo "Security plugin is NOT available, skipping integration tests"
fi
2 changes: 1 addition & 1 deletion DEVELOPER_GUIDE.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ Currently we just put RCF jar in lib as dependency. Plan to publish to Maven and
2. `./gradlew :run` launches a single node cluster with anomaly-detection (and job-scheduler) plugin installed
3. `./gradlew :integTest` launches a single node cluster with anomaly-detection (and job-scheduler) plugin installed and runs all integration tests except security
4. ` ./gradlew :integTest --tests="**.test execute foo"` runs a single integration test class or method
5. `./gradlew integTestRemote -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=admin` launches integration tests against a local cluster and run tests with security
5. `./gradlew integTestRemote -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=<admin-password>` launches integration tests against a local cluster and run tests with security
6. `./gradlew spotlessApply` formats code. And/or import formatting rules in `.eclipseformat.xml` with IDE.
7. `./gradlew adBwcCluster#mixedClusterTask -Dtests.security.manager=false` launches a cluster with three nodes of bwc version of OpenSearch with anomaly-detection and job-scheduler and tests backwards compatibility by upgrading one of the nodes with the current version of OpenSearch with anomaly-detection and job-scheduler creating a mixed cluster.
8. `./gradlew adBwcCluster#rollingUpgradeClusterTask -Dtests.security.manager=false` launches a cluster with three nodes of bwc version of OpenSearch with anomaly-detection and job-scheduler and tests backwards compatibility by performing rolling upgrade of each node with the current version of OpenSearch with anomaly-detection and job-scheduler.
Expand Down
4 changes: 2 additions & 2 deletions dataGeneration/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ The dataset created will have two categorical fields to test a multi-entity AD (
### Ingestion Parameters

| Parameter Name | Description | Default | Required
| ----------- | ----------- | ----------- | ----------- |
| ----------- | ----------- | ---------- | ----------- |
| --endpoint | Endpoint OpenSearch cluster is running on | No default | Yes
| --index-name | Name of index that will be created and ingested too | No default | Yes
| --threads | Number of threads to be used for data ingestion | No deafult | Yes
Expand All @@ -51,7 +51,7 @@ The dataset created will have two categorical fields to test a multi-entity AD (
| --number-of-process | number of 'process' entities (process is one of the categorical field that an entity is defined by)| 1000 | No
| --number-of-historical-days | number of day of historical data to ingest | 2 | No
| --username | username for authentication if security is true | admin | No
| --password | password for authentication if security is true | admin | No
| --password | password for authentication if security is true | <admin-password> | No


### Ingestion Commands
Expand Down
2 changes: 1 addition & 1 deletion dataGeneration/generate-cosine-data-multi-entity.py
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@
parser.add_argument("-np", "--number-of-process", type=int, default=1000, help="number of 'process' entities, deafult is set to 1000, there will be two keyword categories in this index (must be at least 1)" )
parser.add_argument("-hd", "--number-of-historical-days", type=int, default=2, help="number of day of historical data to ingest, defaults to 2")
parser.add_argument("-u", "--username", type=str, default="admin", help="username for authentication if security is true")
parser.add_argument("-pass", "--password", type=str, default="admin", help="password for authentication if security is true")
parser.add_argument("-pass", "--password", type=str, default="myStrongPassword123!", help="password for authentication if security is true")

args = parser.parse_args()

Expand Down

0 comments on commit b06717c

Please sign in to comment.