-
Notifications
You must be signed in to change notification settings - Fork 884
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Chore] Updates developer guide for security development #5287
[Chore] Updates developer guide for security development #5287
Conversation
Signed-off-by: Ashwin P Chandran <ashwinpc@amazon.com>
> Running `yarn opensearch snapshot -P <security_plugin_url>` will not work since the plugin needs some additional configuration to setup correctly. To configure it correctly, here are the steps: | ||
> | ||
> 1. Run `yarn opensearch snapshot -P <security_plugin_url>`. This will fail to run and complain about missing certificates. Ignore that since what we want is for the build artifacts | ||
> 2. Run `export initialAdminPassword=<inital admin password>` since its needed by the configuration script |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should we provide just an example, like it can be admin
or imply that this is setting up initial admin password not so much that it has to be preconfigured
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm okay with that. This is one of those docs where I want this to be a stub and see where people get confused and need more information. I think the variable name is quite self explanatory ;)
> | ||
> 1. Run `yarn opensearch snapshot -P <security_plugin_url>`. This will fail to run and complain about missing certificates. Ignore that since what we want is for the build artifacts | ||
> 2. Run `export initialAdminPassword=<inital admin password>` since its needed by the configuration script | ||
> 3. Run the config script in the plugin directory of opensearch. `bash .opensearch/<version>/plugins/opensearch-security/tools/install_demo_configuration.sh` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@manasvinibs do you think it's worth to consider provide an optional execute setup script or even "with security enabled that runs this default'
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That would be even better. A one line command would be ideal
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah I agree! An additional flag to enable security which takes care of step 2
and step 3
will be neat.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want a separate PR for the additional flag?
I would prefer an automated approach like #5451 |
Signed-off-by: Ashwin P Chandran <ashwinpc@amazon.com>
closing this since #5451 has made this a lot easier |
Description
Updates the developer guide with instructions on how to setup the security plugin for local development using the snapshot command
Issues Resolved
Screenshot
Testing the changes
Check List
yarn test:jest
yarn test:jest_integration