Remove references to default admin creds (#3869)

Signed-off-by: Derek Ho <dxho@amazon.com>
opensearch-project · Jan 17, 2024 · a64f409 · a64f409
1 parent e0ed91c
commit a64f409
Show file tree

Hide file tree

Showing 8 changed files with 15 additions and 14 deletions.
diff --git a/data-prepper-plugins/opensearch/opensearch_security.md b/data-prepper-plugins/opensearch/opensearch_security.md
@@ -8,7 +8,7 @@ sink:
   - opensearch:
       ...
       username: "admin"
-      password: "admin"
+      password: "<admin password>"
 ```
 
 or by using user credential assigned with a role that has the below required permissions.

diff --git a/docs/log_analytics.md b/docs/log_analytics.md
@@ -113,7 +113,7 @@ log-pipeline:
         hosts: [ "https://localhost:9200" ]
         # Change to your credentials
         username: "admin"
-        password: "admin"
+        password: "<admin password>"
         # Add a certificate file if you are accessing an OpenSearch cluster with a self-signed certificate  
         #cert: /path/to/cert
         # If you are connecting to an Amazon OpenSearch Service domain without

diff --git a/docs/trace_analytics.md b/docs/trace_analytics.md
@@ -123,7 +123,7 @@ raw-pipeline:
         hosts: [ "https://localhost:9200" ]
         # Change to your credentials
         username: "admin"
-        password: "admin"
+        password: "<admin password>"
         # Add a certificate file if you are accessing an OpenSearch cluster with a self-signed certificate  
         #cert: /path/to/cert
         # If you are connecting to an Amazon OpenSearch Service domain without
@@ -137,7 +137,7 @@ raw-pipeline:
         index_type: trace-analytics-raw
         # Change to your credentials
         username: "admin"
-        password: "admin"
+        password: "<admin password>"
         # Add a certificate file if you are accessing an OpenSearch cluster with a self-signed certificate  
         #cert: /path/to/cert
         # If you are connecting to an Amazon OpenSearch Service domain without
@@ -174,7 +174,7 @@ service-map-pipeline:
         index_type: trace-analytics-service-map
         # Change to your credentials
         username: "admin"
-        password: "admin"
+        password: "<admin password>"
         # Add a certificate file if you are accessing an OpenSearch cluster with a self-signed certificate  
         #cert: /path/to/cert
         # If you are connecting to an Amazon OpenSearch Service domain without

diff --git a/examples/dev/trace-analytics-sample-app/docker-compose.yml b/examples/dev/trace-analytics-sample-app/docker-compose.yml
@@ -84,6 +84,7 @@ services:
       - "9600:9600"
     environment:
       - discovery.type=single-node
+      - "OPENSEARCH_INIITAL_ADMIN_PASSWORD=myStrongPassword123!"
     networks:
       - my_network
 

diff --git a/...es/dev/trace-analytics-sample-app/resources/data-prepper-wait-for-opensearch-and-start.sh b/...es/dev/trace-analytics-sample-app/resources/data-prepper-wait-for-opensearch-and-start.sh
@@ -5,7 +5,7 @@
 # SPDX-License-Identifier: Apache-2.0
 #
 
-until [[ $(curl --write-out %{http_code} --output /dev/null --silent --head --fail https://node-0.example.com:9200 -u admin:admin --insecure) == 200 ]]; do
+until [[ $(curl --write-out %{http_code} --output /dev/null --silent --head --fail https://node-0.example.com:9200 -u admin:myStrongPassword123! --insecure) == 200 ]]; do
   echo "Waiting for OpenSearch to be ready"
   sleep 1
 done

diff --git a/release/smoke-tests/README.md b/release/smoke-tests/README.md
@@ -76,7 +76,7 @@ data-prepper_1         | 2021-12-03T19:57:31,925 [grok-pipeline-prepper-worker-7
 ```
 ### 3. Confirm Open Search is running
 ```
-curl -s -k -u 'admin:admin' 'https://localhost:9200/_cat/indices'
+curl -s -k -u 'admin:<admin password>' 'https://localhost:9200/_cat/indices'
 ```
 If indicies are displayed Open Search is running.
 ```
@@ -90,14 +90,14 @@ yellow open otel-v1-apm-span-000001        3pN9V1YNSjSMY5ggHa2TfA 1 1 12 0 28.3k
 **To confirm if Open Search is receiving log data run**
 Use the following cURL command to query the index `test-grok-index` for any documents. **Note**: The results may not show all documents received.
 ```
-curl -k -u 'admin:admin' https://localhost:9200/test-grok-index/_search
+curl -k -u 'admin:<admin password>' https://localhost:9200/test-grok-index/_search
 ```
 If in your results the JSON path `.hits.total.value` has a value of 0 Open Search is not receiving log data. Confirm with the Data Prepper logs records are being processed from the buffer and no error messages are displayed.
 
 **To confirm if Open Search is receiving trace data run**
 Use the following cURL command to query the `otel-v1-apm-span-000001` index for documents containing **PythonService**. These documents will be generated by the **otel-span-exporter**, sent to **otel-collector**, then sent to **data-prepper**, then sent to **opensearch**.
 ```
-curl -k -u 'admin:admin' https://localhost:9200/otel-v1-apm-span-000001/_search?q=PythonService
+curl -k -u 'admin:<admin password>' https://localhost:9200/otel-v1-apm-span-000001/_search?q=PythonService
 ```
 If in your results the JSON path `.hits.total.value` has a value of 0 Open Search is not receiving trace data. Confirm OTel opentelemetry-collector logs are continueally displaying metrics and no errors are printing. Next confirm with the Data Prepper logs records are being processed from the buffer and no error messages are displayed.
 

diff --git a/release/smoke-tests/data-prepper/config/pipelines.yaml b/release/smoke-tests/data-prepper/config/pipelines.yaml
@@ -9,7 +9,7 @@ grok-pipeline:
     - opensearch:
         hosts: [ "https://node-0.example.com:9200" ]
         username: "admin"
-        password: "admin"
+        password: "myStrongPassword123!"
         index: "test-grok-index"
 
 entry-pipeline:
@@ -32,7 +32,7 @@ raw-pipeline:
     - opensearch:
         hosts: [ "https://node-0.example.com:9200" ]
         username: "admin"
-        password: "admin"
+        password: "myStrongPassword123!"
         index_type: trace-analytics-raw
 
 service-map-pipeline:
@@ -46,5 +46,5 @@ service-map-pipeline:
     - opensearch:
         hosts: ["https://node-0.example.com:9200"]
         username: "admin"
-        password: "admin"
+        password: "myStrongPassword123!"
         index_type: trace-analytics-service-map
diff --git a/release/smoke-tests/run-smoke-tests.sh b/release/smoke-tests/run-smoke-tests.sh
@@ -53,7 +53,7 @@ function usage() {
 function query_hits_gt_zero () {
     local URL=$1
     local SEARCH_RESPONSE
-    SEARCH_RESPONSE=$(curl -s -k -u 'admin:admin' "${URL}")
+    SEARCH_RESPONSE=$(curl -s -k -u 'admin:myStrongPassword123!' "${URL}")
     local LOG_COUNT=0
 
     if command -v jq &> /dev/null
@@ -138,7 +138,7 @@ WAITING_FOR_DATAPREPPER=true
 echo -n "Waiting for Data Prepper to start  "
 while ${WAITING_FOR_DATAPREPPER}
 do
-    if curl -s -k -u 'admin:admin' 'https://localhost:9200/_cat/indices' > /dev/null && curl -s -k -H "Content-Type: application/json" -d '[{"log": "smoke test log "}]' 'http://localhost:2021/log/ingest' > /dev/null
+    if curl -s -k -u 'admin:myStrongPassword123!' 'https://localhost:9200/_cat/indices' > /dev/null && curl -s -k -H "Content-Type: application/json" -d '[{"log": "smoke test log "}]' 'http://localhost:2021/log/ingest' > /dev/null
     then
         WAITING_FOR_DATAPREPPER=false
     else