Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Chore] Updates developer guide for security development #5287

Closed
wants to merge 2 commits into from
Closed

[Chore] Updates developer guide for security development #5287

wants to merge 2 commits into from

Conversation

ashwin-pc
Copy link
Member

Description

Updates the developer guide with instructions on how to setup the security plugin for local development using the snapshot command

Issues Resolved

Screenshot

Testing the changes

Check List

  • All tests pass
    • yarn test:jest
    • yarn test:jest_integration
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

@ashwin-pc
Updates developer guide for security development
0bab763 
Signed-off-by: Ashwin P Chandran <ashwinpc@amazon.com>
@ashwin-pc ashwin-pc added backport 2.x Skip-Changelog PRs that are too trivial to warrant a changelog or release notes entry labels Oct 13, 2023
@ashwin-pc ashwin-pc added docs Improvements or additions to documentation and removed distinguished-contributor labels Oct 13, 2023
kavilla
kavilla reviewed Oct 13, 2023
View reviewed changes
DEVELOPER_GUIDE.md
> Running `yarn opensearch snapshot -P <security_plugin_url>` will not work since the plugin needs some additional configuration to setup correctly. To configure it correctly, here are the steps:
>
> 1. Run `yarn opensearch snapshot -P <security_plugin_url>`. This will fail to run and complain about missing certificates. Ignore that since what we want is for the build artifacts
> 2. Run `export initialAdminPassword=<inital admin password>` since its needed by the configuration script
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we provide just an example, like it can be admin or imply that this is setting up initial admin password not so much that it has to be preconfigured

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm okay with that. This is one of those docs where I want this to be a stub and see where people get confused and need more information. I think the variable name is quite self explanatory ;)

kavilla
kavilla reviewed Oct 13, 2023
View reviewed changes
DEVELOPER_GUIDE.md
>
> 1. Run `yarn opensearch snapshot -P <security_plugin_url>`. This will fail to run and complain about missing certificates. Ignore that since what we want is for the build artifacts
> 2. Run `export initialAdminPassword=<inital admin password>` since its needed by the configuration script
> 3. Run the config script in the plugin directory of opensearch. `bash .opensearch/<version>/plugins/opensearch-security/tools/install_demo_configuration.sh`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@manasvinibs do you think it's worth to consider provide an optional execute setup script or even "with security enabled that runs this default'

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That would be even better. A one line command would be ideal

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I agree! An additional flag to enable security which takes care of step 2 and step 3 will be neat.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want a separate PR for the additional flag?

@AMoo-Miki
Copy link
Collaborator

I would prefer an automated approach like #5451

@ashwin-pc
Merge branch 'main' into chore/os-plugin-build
77088a8 
Signed-off-by: Ashwin P Chandran <ashwinpc@amazon.com>
@ashwin-pc
Copy link
Member Author

closing this since #5451 has made this a lot easier

@ashwin-pc ashwin-pc closed this Dec 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kavilla kavilla kavilla left review comments

@ananzh ananzh Awaiting requested review from ananzh ananzh is a code owner

@seanneumann seanneumann Awaiting requested review from seanneumann

@AMoo-Miki AMoo-Miki Awaiting requested review from AMoo-Miki AMoo-Miki is a code owner

@joshuarrrr joshuarrrr Awaiting requested review from joshuarrrr joshuarrrr is a code owner

@abbyhu2000 abbyhu2000 Awaiting requested review from abbyhu2000 abbyhu2000 is a code owner

@zengyan-amazon zengyan-amazon Awaiting requested review from zengyan-amazon zengyan-amazon is a code owner

@kristenTian kristenTian Awaiting requested review from kristenTian

@zhongnansu zhongnansu Awaiting requested review from zhongnansu zhongnansu is a code owner

@manasvinibs manasvinibs Awaiting requested review from manasvinibs manasvinibs is a code owner

@ZilongX ZilongX Awaiting requested review from ZilongX ZilongX is a code owner

@Flyingliuhub Flyingliuhub Awaiting requested review from Flyingliuhub Flyingliuhub is a code owner

@BSFishy BSFishy Awaiting requested review from BSFishy

@curq curq Awaiting requested review from curq curq is a code owner

Assignees

@kavilla kavilla

Labels
backport 2.x docs Improvements or additions to documentation Skip-Changelog PRs that are too trivial to warrant a changelog or release notes entry
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ashwin-pc @AMoo-Miki @kavilla @ananzh @manasvinibs