Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extracting install_demo_configuration script to a standalone Java Tool #3633

Closed
7 tasks done
Tracked by #3622
DarshitChanpura opened this issue Oct 31, 2023 · 1 comment · Fixed by #3669
Closed
7 tasks done
Tracked by #3622

Extracting install_demo_configuration script to a standalone Java Tool #3633

DarshitChanpura opened this issue Oct 31, 2023 · 1 comment · Fixed by #3669
Assignees
@DarshitChanpura
Labels
triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.

Comments

@DarshitChanpura
Copy link
Member

DarshitChanpura commented Oct 31, 2023
edited
Loading

Description:
This issue is created to track the process of extracting all the logic from the install_demo_configuration script and transferring it to a standalone Java tool.

What's Happening with the Script?
The script will serve as a wrapper to call the Java tool. This approach will ensure minimal changes to the current behavior when running the demo script. Additionally, it will allow the script to use the bundled JDK (similar to the OpenSearch process) if no JAVA_HOME is set, thereby preventing script failures. Without this wrapper, the newly created Java tool would require JAVA_HOME to be set, potentially causing issues in certain distributions (such as rpm/deb).

What Will the New Tool Look Like?
The behavior of new tool would be consistent with the script. The new tool will contain all of the current individual components, including generating certificates, updating the opensearch.yml file, and modifying the admin password in internal_users.yml, among others. These components will serve as the foundation for future enhancements, particularly focusing on addressing static secrets.

Why a Standalone Java Tool?

  1. Reusability: The requirement to generate a new random password can be fulfilled using tools like passay, which is currently employed for the service-account capability. This tool can be leveraged to generate a new password for the admin user. Similarly, the existing WeakPasswordValidation framework can be used to validate the provided password to ensure it is not weak.
  2. Avoiding Duplication: Currently, the logic for installing the demo configuration exists in both .sh and .bat files, leading to redundancy. Creating a Java tool will serve as a single source of truth for the demo config setup, eliminating this redundancy.

Acceptance Criteria:

  • A new password is generated if not provided, and the generated password is logged in the executing terminal (stdout).
  • The script should accept a new parameter environment -t to reflect that this script is going to be used in test environment. Default value is set to demo
  • When the environment is set to demo (default), and a custom password is provided:
    • It must be validated to ensure it is not a weak password:
      • The password should be at least 8 characters long.
      • The password should not contain the username.
  • When the environment is set to test, the password validation should be skipped.
@DarshitChanpura DarshitChanpura mentioned this issue Oct 31, 2023
Closed
6 tasks
@github-actions github-actions bot added the untriaged Require the attention of the repository maintainers and may need to be prioritized label Oct 31, 2023
@DarshitChanpura DarshitChanpura changed the title Update admin script to accept a new password and if none provided, should generate a new password [admin:admin] Update admin script to accept a new password and if none provided, should generate a new password Oct 31, 2023
@DarshitChanpura DarshitChanpura changed the title [admin:admin] Update admin script to accept a new password and if none provided, should generate a new password [admin:admin] Admin script should generate a new password Oct 31, 2023
@DarshitChanpura DarshitChanpura changed the title [admin:admin] Admin script should generate a new password [admin:admin] Extracting install_demo_configuration script to a standalone Java Tool Nov 1, 2023
@DarshitChanpura DarshitChanpura self-assigned this Nov 1, 2023
@DarshitChanpura DarshitChanpura changed the title [admin:admin] Extracting install_demo_configuration script to a standalone Java Tool [DefaultAdminPassword] Extracting install_demo_configuration script to a standalone Java Tool Nov 1, 2023
@DarshitChanpura DarshitChanpura changed the title [DefaultAdminPassword] Extracting install_demo_configuration script to a standalone Java Tool Extracting install_demo_configuration script to a standalone Java Tool Nov 1, 2023
@stephen-crawford
Copy link
Contributor

[Triage] Hi @DarshitChanpura, thank you for filing this issue. This issue has all the right info to be marked triaged :)

@stephen-crawford stephen-crawford added triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable. and removed untriaged Require the attention of the repository maintainers and may need to be prioritized labels Nov 6, 2023
@prudhvigodithi prudhvigodithi mentioned this issue Nov 7, 2023
Closed
2 tasks
@DarshitChanpura DarshitChanpura mentioned this issue Nov 8, 2023
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DarshitChanpura DarshitChanpura

Labels
triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Extracts demo configuration script to a java tool DarshitChanpura/security
2 participants
@DarshitChanpura @stephen-crawford