Update admin default password in CI

ElliottKasoar · Mar 11, 2024 · 0d08bd3 · 0d08bd3
1 parent 1c4014b
commit 0d08bd3
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 4 deletions.
diff --git a/.ci/opensearch/action.yml b/.ci/opensearch/action.yml
@@ -17,10 +17,10 @@ inputs:
     description: 'Port where you want to run OpenSearch'
     required: false
     default: 9200
-  opensearch_password:
+  opensearch-initial-admin-password:
     description: 'The password for the user admin in your cluster'
     required: false
-    default: 'admin'
+    default: 'myStrongPassword123!'
 
 runs:
   using: 'docker'
@@ -30,3 +30,4 @@ runs:
     NODES: ${{ inputs.nodes }}
     PORT: ${{ inputs.port }}
     SECURITY_ENABLED: ${{ inputs.security-enabled }}
+    OPENSEARCH_INITIAL_ADMIN_PASSWORD: ${{ inputs.opensearch-initial-admin-password }}
diff --git a/.ci/opensearch/run-opensearch.sh b/.ci/opensearch/run-opensearch.sh
@@ -7,12 +7,22 @@ if [[ -z $OPENSEARCH_VERSION ]]; then
   exit 1
 fi
 
+OPENSEARCH_REQUIRED_VERSION="2.12.0"
+# Starting in 2.12.0, security demo configuration script requires an initial admin password
+COMPARE_VERSION=`echo $OPENSEARCH_REQUIRED_VERSION $OPENSEARCH_VERSION | tr ' ' '\n' | sort -V | uniq | head -n 1`
+if [ "$COMPARE_VERSION" != "$OPENSEARCH_REQUIRED_VERSION" ]; then
+  CREDENTIAL="admin:admin"
+else
+  CREDENTIAL=$OPENSEARCH_INITIAL_ADMIN_PASSWORD
+fi
+
+
 for (( node=1; node<=${NODES-1}; node++ ))
 do
   port=$((PORT + $node - 1))
 
   if [[ "$SECURITY_ENABLED" == "true" ]]; then
-    healthcmd="curl -vvv -s --insecure -u admin:admin --fail https://localhost:$port/_cluster/health || exit 1"
+    healthcmd="curl -vvv -s --insecure -u $CREDENTIAL --fail https://localhost:$port/_cluster/health || exit 1"
     security=($(cat <<-END
 
 END
@@ -34,6 +44,7 @@ END
     --env discovery.type=single-node \
     --env bootstrap.memory_lock=true \
     --env "OPENSEARCH_JAVA_OPTS=-Xms4g -Xmx4g" \
+    --env OPENSEARCH_INITIAL_ADMIN_PASSWORD=$OPENSEARCH_INITIAL_ADMIN_PASSWORD \
     "${security[@]}" \
     --publish "${port}:${port}" \
     --ulimit nofile=65536:65536 \

diff --git a/tests/opensearch.py b/tests/opensearch.py
@@ -27,10 +27,11 @@ def setUpClass(cls):
         cls.security_enabled = os.getenv("security_enabled") == "true"
         cls.port = int(os.environ["port"])
         cls.host = "localhost"
+        cls.credential = os.environ["CREDENTIAL"]
 
         logging.basicConfig(level=logging.INFO)
 
-        url = f"opensearch://admin:admin@{cls.host}:{cls.port}"
+        url = f"opensearch://{cls.credential}@{cls.host}:{cls.port}"
         try:
             abcd = ABCD.from_url(
                 url,