From 1b5ae651f4ef6a9eb63ad42a7018245084c5be7e Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 20 Dec 2023 12:19:13 -0500 Subject: [PATCH 1/9] Improve messaging so that users know how to set their initial admin password Signed-off-by: Derek Ho --- .../security/tools/democonfig/SecuritySettingsConfigurer.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java index 116373a38f..1a5617a845 100644 --- a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java +++ b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java @@ -149,7 +149,7 @@ void updateAdminPassword() { // if ADMIN_PASSWORD is still an empty string, it implies no custom password was provided. We exit the setup. if (Strings.isNullOrEmpty(ADMIN_PASSWORD)) { - System.out.println("No custom admin password found. Please provide a password."); + System.out.println("No custom admin password found. Please provide a password via the environment variable OPENSEARCH_INITIAL_ADMIN_PASSWORD."); System.exit(-1); } From fc2932c33811e6ab7d9c0beabbe8242ee3810a3c Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 20 Dec 2023 13:16:15 -0500 Subject: [PATCH 2/9] Modify test for new statement Signed-off-by: Derek Ho --- .../tools/democonfig/SecuritySettingsConfigurerTests.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java index 948a66996c..d37da2a76c 100644 --- a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java +++ b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java @@ -104,7 +104,7 @@ public void testUpdateAdminPassword_noPasswordSupplied() { System.setSecurityManager(null); } - verifyStdOutContainsString("No custom admin password found. Please provide a password."); + verifyStdOutContainsString("No custom admin password found. Please provide a password via the environment variable OPENSEARCH_INITIAL_ADMIN_PASSWORD."); } @Test From 91918a32a567ca297229e421ca3652fcbd01de8e Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Tue, 2 Jan 2024 10:05:44 -0500 Subject: [PATCH 3/9] Spotless apply Signed-off-by: Derek Ho --- .../security/tools/democonfig/SecuritySettingsConfigurer.java | 4 +++- .../tools/democonfig/SecuritySettingsConfigurerTests.java | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java index 1a5617a845..8ea05e414e 100644 --- a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java +++ b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java @@ -149,7 +149,9 @@ void updateAdminPassword() { // if ADMIN_PASSWORD is still an empty string, it implies no custom password was provided. We exit the setup. if (Strings.isNullOrEmpty(ADMIN_PASSWORD)) { - System.out.println("No custom admin password found. Please provide a password via the environment variable OPENSEARCH_INITIAL_ADMIN_PASSWORD."); + System.out.println( + "No custom admin password found. Please provide a password via the environment variable OPENSEARCH_INITIAL_ADMIN_PASSWORD." + ); System.exit(-1); } diff --git a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java index d37da2a76c..3e69228a96 100644 --- a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java +++ b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java @@ -104,7 +104,9 @@ public void testUpdateAdminPassword_noPasswordSupplied() { System.setSecurityManager(null); } - verifyStdOutContainsString("No custom admin password found. Please provide a password via the environment variable OPENSEARCH_INITIAL_ADMIN_PASSWORD."); + verifyStdOutContainsString( + "No custom admin password found. Please provide a password via the environment variable OPENSEARCH_INITIAL_ADMIN_PASSWORD." + ); } @Test From 163bf494a7ebc623a154ccfb2ce587fab346a7b4 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Tue, 2 Jan 2024 15:35:55 -0500 Subject: [PATCH 4/9] Use the variable name from the constants Signed-off-by: Derek Ho --- .../tools/democonfig/SecuritySettingsConfigurer.java | 5 ++++- .../tools/democonfig/SecuritySettingsConfigurerTests.java | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java index 8ea05e414e..9c51fbe1d4 100644 --- a/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java +++ b/src/main/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurer.java @@ -150,7 +150,10 @@ void updateAdminPassword() { // if ADMIN_PASSWORD is still an empty string, it implies no custom password was provided. We exit the setup. if (Strings.isNullOrEmpty(ADMIN_PASSWORD)) { System.out.println( - "No custom admin password found. Please provide a password via the environment variable OPENSEARCH_INITIAL_ADMIN_PASSWORD." + String.format( + "No custom admin password found. Please provide a password via the environment variable %s.", + ConfigConstants.OPENSEARCH_INITIAL_ADMIN_PASSWORD + ) ); System.exit(-1); } diff --git a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java index 3e69228a96..27ba150a78 100644 --- a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java +++ b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java @@ -105,7 +105,10 @@ public void testUpdateAdminPassword_noPasswordSupplied() { } verifyStdOutContainsString( - "No custom admin password found. Please provide a password via the environment variable OPENSEARCH_INITIAL_ADMIN_PASSWORD." + String.format( + "No custom admin password found. Please provide a password via the environment variable %s.", + ConfigConstants.OPENSEARCH_INITIAL_ADMIN_PASSWORD + ) ); } From 0afaa5dab0c1287e01c0bd0848e61836652f2e3e Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 10 Jan 2024 14:49:07 -0500 Subject: [PATCH 5/9] Remove else block Signed-off-by: Derek Ho --- .../org/opensearch/security/tools/democonfig/Installer.java | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/main/java/org/opensearch/security/tools/democonfig/Installer.java b/src/main/java/org/opensearch/security/tools/democonfig/Installer.java index 61acd7e4c9..864607a9c6 100644 --- a/src/main/java/org/opensearch/security/tools/democonfig/Installer.java +++ b/src/main/java/org/opensearch/security/tools/democonfig/Installer.java @@ -212,9 +212,6 @@ void gatherUserInputs() { cluster_mode = confirmAction(scanner, "Enable cluster mode?"); } } - } else { - initsecurity = true; - cluster_mode = true; } } From 4372cb99bd68ee70408ceeb04b808e91db4882d8 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 10 Jan 2024 14:59:57 -0500 Subject: [PATCH 6/9] Update test Signed-off-by: Derek Ho --- .../opensearch/security/tools/democonfig/InstallerTests.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/test/java/org/opensearch/security/tools/democonfig/InstallerTests.java b/src/test/java/org/opensearch/security/tools/democonfig/InstallerTests.java index 06c6edf734..268bd9ea0e 100644 --- a/src/test/java/org/opensearch/security/tools/democonfig/InstallerTests.java +++ b/src/test/java/org/opensearch/security/tools/democonfig/InstallerTests.java @@ -193,8 +193,8 @@ public void testGatherInputs_withAssumeYes() { installer.gatherUserInputs(); - assertThat(installer.initsecurity, is(true)); - assertThat(installer.cluster_mode, is(true)); + assertThat(installer.initsecurity, is(false)); + assertThat(installer.cluster_mode, is(false)); } @Test From 447740dee946f93bac979aa674468bccaf4f7f74 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 10 Jan 2024 15:11:18 -0500 Subject: [PATCH 7/9] Adds tests to verify -c and -i behvarior when only -y is passed Signed-off-by: Derek Ho --- .../democonfig/SecuritySettingsConfigurerTests.java | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java index 27ba150a78..ac02b26dfe 100644 --- a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java +++ b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java @@ -241,6 +241,18 @@ public void testIsStringAlreadyPresentInFile_isPresent() throws IOException { assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, str2), is(equalTo(false))); } + @Test + public void testAssumeYesDoesNotInitializeClusterMode() throws IOException { + String str1 = "node.name"; // cluster_mode + String str2 = "plugins.security.allow_default_init_securityindex"; // init_security + + installer.assumeyes = true; + securitySettingsConfigurer.writeSecurityConfigToOpenSearchYML(); + + assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, str1), is(equalTo(false))); + assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, str2), is(equalTo(false))); + } + @Test public void testCreateSecurityAdminDemoScriptAndGetSecurityAdminCommands() throws IOException { String demoPath = installer.OPENSEARCH_CONF_DIR + "securityadmin_demo" + installer.FILE_EXTENSION; From 60769b3e2461377e9d0c459e519ecc9ad0a35762 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 10 Jan 2024 15:26:26 -0500 Subject: [PATCH 8/9] Apply code suggestion Signed-off-by: Derek Ho --- .../tools/democonfig/SecuritySettingsConfigurerTests.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java index ac02b26dfe..c7058d7b6b 100644 --- a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java +++ b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java @@ -249,8 +249,8 @@ public void testAssumeYesDoesNotInitializeClusterMode() throws IOException { installer.assumeyes = true; securitySettingsConfigurer.writeSecurityConfigToOpenSearchYML(); - assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, str1), is(equalTo(false))); - assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, str2), is(equalTo(false))); + assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, str1), is(false)); + assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, str2), is(false)); } @Test From 3b5d54ea76658e84ca9214fa5212c61c7d763941 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 10 Jan 2024 15:27:51 -0500 Subject: [PATCH 9/9] Change variable name Signed-off-by: Derek Ho --- .../tools/democonfig/SecuritySettingsConfigurerTests.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java index c7058d7b6b..280d704fb8 100644 --- a/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java +++ b/src/test/java/org/opensearch/security/tools/democonfig/SecuritySettingsConfigurerTests.java @@ -243,14 +243,14 @@ public void testIsStringAlreadyPresentInFile_isPresent() throws IOException { @Test public void testAssumeYesDoesNotInitializeClusterMode() throws IOException { - String str1 = "node.name"; // cluster_mode - String str2 = "plugins.security.allow_default_init_securityindex"; // init_security + String nodeName = "node.name"; // cluster_mode + String securityIndex = "plugins.security.allow_default_init_securityindex"; // init_security installer.assumeyes = true; securitySettingsConfigurer.writeSecurityConfigToOpenSearchYML(); - assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, str1), is(false)); - assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, str2), is(false)); + assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, nodeName), is(false)); + assertThat(isKeyPresentInYMLFile(installer.OPENSEARCH_CONF_FILE, securityIndex), is(false)); } @Test