From c09ad448739652d9e928936de5b6fda0670b6880 Mon Sep 17 00:00:00 2001 From: ElliottKasoar Date: Mon, 11 Mar 2024 17:04:05 +0000 Subject: [PATCH] Update admin default password in CI --- .ci/opensearch/action.yml | 5 +++-- .ci/opensearch/run-opensearch.sh | 10 +++++++++- .github/workflows/opensearch.yml | 1 + tests/cli.py | 6 +++++- tests/opensearch.py | 6 +++++- 5 files changed, 23 insertions(+), 5 deletions(-) diff --git a/.ci/opensearch/action.yml b/.ci/opensearch/action.yml index bb516d35..f917a612 100644 --- a/.ci/opensearch/action.yml +++ b/.ci/opensearch/action.yml @@ -17,10 +17,10 @@ inputs: description: 'Port where you want to run OpenSearch' required: false default: 9200 - opensearch_password: + opensearch-initial-admin-password: description: 'The password for the user admin in your cluster' required: false - default: 'admin' + default: 'myStrongPassword123!' runs: using: 'docker' @@ -30,3 +30,4 @@ runs: NODES: ${{ inputs.nodes }} PORT: ${{ inputs.port }} SECURITY_ENABLED: ${{ inputs.security-enabled }} + OPENSEARCH_INITIAL_ADMIN_PASSWORD: ${{ inputs.opensearch-initial-admin-password }} diff --git a/.ci/opensearch/run-opensearch.sh b/.ci/opensearch/run-opensearch.sh index 22adc630..6d3ba611 100755 --- a/.ci/opensearch/run-opensearch.sh +++ b/.ci/opensearch/run-opensearch.sh @@ -7,12 +7,19 @@ if [[ -z $OPENSEARCH_VERSION ]]; then exit 1 fi +OPENSEARCH_REQUIRED_VERSION="latest" +# Starting in 2.12.0, security demo configuration script requires an initial admin password +if [ "$OPENSEARCH_VERSION" != "$OPENSEARCH_REQUIRED_VERSION" ]; then + OPENSEARCH_INITIAL_ADMIN_PASSWORD="admin" +fi + + for (( node=1; node<=${NODES-1}; node++ )) do port=$((PORT + $node - 1)) if [[ "$SECURITY_ENABLED" == "true" ]]; then - healthcmd="curl -vvv -s --insecure -u admin:admin --fail https://localhost:$port/_cluster/health || exit 1" + healthcmd="curl -vvv -s --insecure -u admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD --fail https://localhost:$port/_cluster/health || exit 1" security=($(cat <<-END END @@ -34,6 +41,7 @@ END --env discovery.type=single-node \ --env bootstrap.memory_lock=true \ --env "OPENSEARCH_JAVA_OPTS=-Xms4g -Xmx4g" \ + --env OPENSEARCH_INITIAL_ADMIN_PASSWORD=$OPENSEARCH_INITIAL_ADMIN_PASSWORD \ "${security[@]}" \ --publish "${port}:${port}" \ --ulimit nofile=65536:65536 \ diff --git a/.github/workflows/opensearch.yml b/.github/workflows/opensearch.yml index 57acee44..cb164601 100644 --- a/.github/workflows/opensearch.yml +++ b/.github/workflows/opensearch.yml @@ -44,4 +44,5 @@ jobs: poetry run python -m unittest -v tests env: port: 9250 + opensearch-version: ${{ matrix.opensearch }} security_enabled: ${{ matrix.security-enabled }} diff --git a/tests/cli.py b/tests/cli.py index 40820251..b534f782 100644 --- a/tests/cli.py +++ b/tests/cli.py @@ -20,10 +20,14 @@ def setUpClass(cls): cls.security_enabled = os.getenv("security_enabled") == "true" cls.port = int(os.environ["port"]) cls.host = "localhost" + if os.environ["opensearch-version"] == "latest": + cls.credential = "admin:myStrongPassword123!" + else: + cls.credential = "admin:admin" logging.basicConfig(level=logging.INFO) - url = f"opensearch://admin:admin@{cls.host}:{cls.port}" + url = f"opensearch://{cls.credential}@{cls.host}:{cls.port}" if not cls.security_enabled: url += " --disable_ssl" try: diff --git a/tests/opensearch.py b/tests/opensearch.py index e7abc41f..1bb8eb3b 100644 --- a/tests/opensearch.py +++ b/tests/opensearch.py @@ -27,10 +27,14 @@ def setUpClass(cls): cls.security_enabled = os.getenv("security_enabled") == "true" cls.port = int(os.environ["port"]) cls.host = "localhost" + if os.environ["opensearch-version"] == "latest": + cls.credential = "admin:myStrongPassword123!" + else: + cls.credential = "admin:admin" logging.basicConfig(level=logging.INFO) - url = f"opensearch://admin:admin@{cls.host}:{cls.port}" + url = f"opensearch://{cls.credential}@{cls.host}:{cls.port}" try: abcd = ABCD.from_url( url,