Remove default admin credentials (#1134) (#1144)

opensearch-trigger-bot[bot] · github-actions[bot] · web-flow · commit b06717c4b701 · 2024-01-25T09:49:56.000-08:00
* Remove default admin credentials * Replace default password with a placeholder in README files --------- (cherry picked from commit 7192d84) Signed-off-by: Jackie Han <jkhanjob@gmail.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
diff --git a/.github/workflows/test_security.yml b/.github/workflows/test_security.yml
@@ -68,16 +68,16 @@ jobs:
         if: env.imagePresent == 'true'
         run: |
           cd ..
-          docker run -p 9200:9200 -d -p 9600:9600 -e "discovery.type=single-node" opensearch-ad:test
+          docker run -p 9200:9200 -d -p 9600:9600 -e "OPENSEARCH_INITIAL_ADMIN_PASSWORD=myStrongPassword123!" -e "discovery.type=single-node" opensearch-ad:test
           sleep 90
       - name: Run AD Test
         if: env.imagePresent == 'true'
         run: |
-          security=`curl -XGET https://localhost:9200/_cat/plugins?v -u admin:admin --insecure |grep opensearch-security|wc -l`
+          security=`curl -XGET https://localhost:9200/_cat/plugins?v -u admin:myStrongPassword123! --insecure |grep opensearch-security|wc -l`
           if [ $security -gt 0 ]
           then
             echo "Security plugin is available"
-            ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=admin
+            ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=myStrongPassword123!
           else
             echo "Security plugin is NOT available, skipping integration tests"
           fi
diff --git a/DEVELOPER_GUIDE.md b/DEVELOPER_GUIDE.md
@@ -42,7 +42,7 @@ Currently we just put RCF jar in lib as dependency. Plan to publish to Maven and
 2. `./gradlew :run` launches a single node cluster with anomaly-detection (and job-scheduler) plugin installed
 3. `./gradlew :integTest` launches a single node cluster with anomaly-detection (and job-scheduler) plugin installed and runs all integration tests except security
 4. ` ./gradlew :integTest --tests="**.test execute foo"` runs a single integration test class or method
-5. `./gradlew integTestRemote -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=admin` launches integration tests against a local cluster and run tests with security
+5. `./gradlew integTestRemote -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=<admin-password>` launches integration tests against a local cluster and run tests with security
 6. `./gradlew spotlessApply` formats code. And/or import formatting rules in `.eclipseformat.xml` with IDE.
 7. `./gradlew adBwcCluster#mixedClusterTask -Dtests.security.manager=false` launches a cluster with three nodes of bwc version of OpenSearch with anomaly-detection and job-scheduler and tests backwards compatibility by upgrading one of the nodes with the current version of OpenSearch with anomaly-detection and job-scheduler creating a mixed cluster.
 8. `./gradlew adBwcCluster#rollingUpgradeClusterTask -Dtests.security.manager=false` launches a cluster with three nodes of bwc version of OpenSearch with anomaly-detection and job-scheduler and tests backwards compatibility by performing rolling upgrade of each node with the current version of OpenSearch with anomaly-detection and job-scheduler.
diff --git a/dataGeneration/README.md b/dataGeneration/README.md
@@ -39,7 +39,7 @@ The dataset created will have two categorical fields to test a multi-entity AD (
 ### Ingestion Parameters
 
 | Parameter Name | Description | Default |  Required
-| ----------- | ----------- | ----------- | ----------- |
+| ----------- | ----------- | ---------- | ----------- |
 | --endpoint | Endpoint OpenSearch cluster is running on | No default | Yes
 | --index-name | Name of index that will be created and ingested too | No default | Yes
 | --threads | Number of threads to be used for data ingestion | No deafult | Yes
@@ -51,7 +51,7 @@ The dataset created will have two categorical fields to test a multi-entity AD (
 | --number-of-process | number of 'process' entities (process is one of the categorical field that an entity is defined by)| 1000 | No
 | --number-of-historical-days | number of day of historical data to ingest | 2 | No
 | --username | username for authentication if security is true | admin | No
-| --password | password for authentication if security is true | admin | No
+| --password | password for authentication if security is true | <admin-password> | No
 
 
 ### Ingestion Commands
diff --git a/dataGeneration/generate-cosine-data-multi-entity.py b/dataGeneration/generate-cosine-data-multi-entity.py
@@ -42,7 +42,7 @@
 parser.add_argument("-np", "--number-of-process", type=int, default=1000, help="number of 'process' entities, deafult is set to 1000, there will be two keyword categories in this index (must be at least 1)" )
 parser.add_argument("-hd", "--number-of-historical-days", type=int, default=2, help="number of day of historical data to ingest, defaults to 2")
 parser.add_argument("-u", "--username", type=str, default="admin", help="username for authentication if security is true")
-parser.add_argument("-pass", "--password", type=str, default="admin", help="password for authentication if security is true")
+parser.add_argument("-pass", "--password", type=str, default="myStrongPassword123!", help="password for authentication if security is true")
 
 args = parser.parse_args()
 
