From e276de637811fb56f706e78d426c212058f46be3 Mon Sep 17 00:00:00 2001 From: Stephen Crawford Date: Tue, 12 Sep 2023 16:15:12 -0400 Subject: [PATCH] update todo Signed-off-by: Stephen Crawford --- .../actions/start-opensearch-with-one-plugin/action.yml | 5 ++++- .../security/configuration/ConfigurationRepository.java | 9 ++++++++- tools/install_demo_configuration.sh | 1 + 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/actions/start-opensearch-with-one-plugin/action.yml b/.github/actions/start-opensearch-with-one-plugin/action.yml index fa5681c422..29bf425bc9 100644 --- a/.github/actions/start-opensearch-with-one-plugin/action.yml +++ b/.github/actions/start-opensearch-with-one-plugin/action.yml @@ -31,7 +31,6 @@ runs: with: url: https://artifacts.opensearch.org/snapshots/core/opensearch/${{ inputs.opensearch-version }}-SNAPSHOT/opensearch-min-${{ inputs.opensearch-version }}-SNAPSHOT-windows-x64-latest.zip - - name: Download OpenSearch for Linux uses: peternied/download-file@v2 if: ${{ runner.os == 'Linux' }} @@ -67,7 +66,11 @@ runs: 'y' | .\opensearch-${{ inputs.opensearch-version }}-SNAPSHOT\bin\opensearch-plugin.bat install file:$(pwd)\${{ inputs.plugin-name }}.zip shell: pwsh + # SPECIFY PASSWORD FROM ENV i.e. export=open_pass = .... + # FAIL IF NO PASS FOUND + # Run any configuration scripts + # Set up script now modifies file - name: Run Setup Script for Linux if: ${{ runner.os == 'Linux' && inputs.setup-script-name != '' }} run: | diff --git a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java index c58bbb63e6..44efc6ecda 100644 --- a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java +++ b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java @@ -259,13 +259,14 @@ private ConfigurationRepository( } LOGGER.info("Node '{}' initialized", clusterService.localNode().getName()); + //lock createAdminUser(); + //unlock sleep(1000); } catch (Exception e) { LOGGER.error("Unexpected exception while initializing node " + e, e); } }); - } private boolean createSecurityIndexIfAbsent() { @@ -507,3 +508,9 @@ private void createAdminUser() throws IOException, PrivilegedActionException { notifyAboutChanges(Collections.singletonMap(CType.INTERNALUSERS, sdc)); } } + +/** + * Need to update docker, helm issues, etc.-- make issues for them to do + * Need to update documentation for the isntall demo config + * How do we generate hash + */ diff --git a/tools/install_demo_configuration.sh b/tools/install_demo_configuration.sh index 7428ea7b14..8b8c42b47d 100755 --- a/tools/install_demo_configuration.sh +++ b/tools/install_demo_configuration.sh @@ -386,6 +386,7 @@ echo "plugins.security.check_snapshot_restore_write_privileges: true" | $SUDO_CM echo 'plugins.security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]' | $SUDO_CMD tee -a "$OPENSEARCH_CONF_FILE" > /dev/null echo 'plugins.security.system_indices.enabled: true' | $SUDO_CMD tee -a "$OPENSEARCH_CONF_FILE" > /dev/null echo 'plugins.security.system_indices.indices: [".plugins-ml-config", ".plugins-ml-connector", ".plugins-ml-model-group", ".plugins-ml-model", ".plugins-ml-task", ".plugins-ml-conversation-meta", ".plugins-ml-conversation-interactions", ".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opensearch-notifications-*", ".opensearch-notebooks", ".opensearch-observability", ".ql-datasources", ".opendistro-asynchronous-search-response*", ".replication-metadata-store", ".opensearch-knn-models", ".geospatial-ip2geo-data*", ".opendistro-job-scheduler-lock"]' | $SUDO_CMD tee -a "$OPENSEARCH_CONF_FILE" > /dev/null +# Read env variable and then found line in user file and modify it #network.host if $SUDO_CMD grep --quiet -i "^network.host" "$OPENSEARCH_CONF_FILE"; then