From d69c8f049f0b7daab07806c08fafe26bae8c379c Mon Sep 17 00:00:00 2001 From: Darshit Chanpura Date: Wed, 13 Dec 2023 14:15:44 -0500 Subject: [PATCH] Updates plugin install flow to reflect changes to variable name and uses ConfigConstants to define variable Signed-off-by: Darshit Chanpura --- .../actions/start-opensearch-with-one-plugin/action.yml | 4 ++-- .../org/opensearch/security/support/ConfigConstants.java | 4 ++++ .../tools/democonfig/SecuritySettingsConfigurer.java | 9 ++++++--- .../democonfig/SecuritySettingsConfigurerTests.java | 3 ++- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/.github/actions/start-opensearch-with-one-plugin/action.yml b/.github/actions/start-opensearch-with-one-plugin/action.yml index 642264f4ec..8513e64fdf 100644 --- a/.github/actions/start-opensearch-with-one-plugin/action.yml +++ b/.github/actions/start-opensearch-with-one-plugin/action.yml @@ -71,9 +71,9 @@ runs: 'y' | .\opensearch-${{ inputs.opensearch-version }}-SNAPSHOT\bin\opensearch-plugin.bat install file:$(pwd)\${{ inputs.plugin-name }}.zip shell: pwsh - - name: Write password to initialAdminPassword location + - name: Write password to opensearch_initial_admin_password txt run: - echo ${{ inputs.admin-password }} >> ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/config/initialAdminPassword.txt + echo ${{ inputs.admin-password }} >> ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/config/opensearch_initial_admin_password.txt shell: bash # Run any configuration scripts diff --git a/src/main/java/org/opensearch/security/support/ConfigConstants.java b/src/main/java/org/opensearch/security/support/ConfigConstants.java index 1f5728edfb..f106466984 100644 --- a/src/main/java/org/opensearch/security/support/ConfigConstants.java +++ b/src/main/java/org/opensearch/security/support/ConfigConstants.java @@ -334,6 +334,10 @@ public enum RolesMappingResolution { public static final boolean EXTENSIONS_BWC_PLUGIN_MODE_DEFAULT = false; // CS-ENFORCE-SINGLE + // Variables for initial admin password support + public static final String OPENSEARCH_INITIAL_ADMIN_PASSWORD = "OPENSEARCH_INITIAL_ADMIN_PASSWORD"; + public static final String OPENSEARCH_INITIAL_ADMIN_PASSWORD_TXT = "opensearch_initial_admin_password.txt"; + public static Set getSettingAsSet( final Settings settings, final String key, diff --git a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java index 0a8e0c2233..28da25c592 100644 --- a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java +++ b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java @@ -31,6 +31,7 @@ import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.dlic.rest.validation.PasswordValidator; import org.opensearch.security.dlic.rest.validation.RequestContentValidator; +import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.tools.Hasher; import org.yaml.snakeyaml.DumperOptions; @@ -94,8 +95,8 @@ public void configureSecuritySettings() { * Replaces the admin password in internal_users.yml with the custom or generated password */ void updateAdminPassword() { - String initialAdminPassword = System.getenv().get("OPENSEARCH_INITIAL_ADMIN_PASSWORD"); - String ADMIN_PASSWORD_FILE_PATH = installer.OPENSEARCH_CONF_DIR + "opensearch_initial_admin_password.txt"; + String initialAdminPassword = System.getenv().get(ConfigConstants.OPENSEARCH_INITIAL_ADMIN_PASSWORD); + String ADMIN_PASSWORD_FILE_PATH = installer.OPENSEARCH_CONF_DIR + ConfigConstants.OPENSEARCH_INITIAL_ADMIN_PASSWORD_TXT; String INTERNAL_USERS_FILE_PATH = installer.OPENSEARCH_CONF_DIR + "opensearch-security" + File.separator + "internal_users.yml"; boolean shouldValidatePassword = installer.environment.equals(ExecutionEnvironment.DEMO); try { @@ -115,7 +116,9 @@ void updateAdminPassword() { try (BufferedReader br = new BufferedReader(new FileReader(ADMIN_PASSWORD_FILE_PATH, StandardCharsets.UTF_8))) { ADMIN_PASSWORD = br.readLine(); } catch (IOException e) { - System.out.println("Error reading admin password from opensearch_initial_admin_password.txt."); + System.out.println( + "Error reading admin password from " + ConfigConstants.OPENSEARCH_INITIAL_ADMIN_PASSWORD_TXT + "." + ); System.exit(-1); } } diff --git a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java index ee8eeeddb3..cb36ba0d6c 100644 --- a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java +++ b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java @@ -32,6 +32,7 @@ import org.junit.Test; import org.junit.runner.RunWith; +import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.tools.democonfig.util.NoExitSecurityManager; import static org.hamcrest.MatcherAssert.assertThat; @@ -55,7 +56,7 @@ public class SecuritySettingsConfigurerTests { private final PrintStream originalErr = System.err; private final InputStream originalIn = System.in; - private final String adminPasswordKey = "OPENSEARCH_INITIAL_ADMIN_PASSWORD"; + private final String adminPasswordKey = ConfigConstants.OPENSEARCH_INITIAL_ADMIN_PASSWORD; private static SecuritySettingsConfigurer securitySettingsConfigurer;