From aa6b7106dcdfff31c0c578c7abc240712f09010e Mon Sep 17 00:00:00 2001
From: Varun Jain <varunudr@amazon.com>
Date: Tue, 23 Jan 2024 10:33:42 -0800
Subject: [PATCH] Remove admin credentials

Signed-off-by: Varun Jain <varunudr@amazon.com>
---
 DEVELOPER_GUIDE.md | 9 ++++-----
 build.gradle       | 7 ++++---
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/DEVELOPER_GUIDE.md b/DEVELOPER_GUIDE.md
index f19f178c4..7c5a182aa 100644
--- a/DEVELOPER_GUIDE.md
+++ b/DEVELOPER_GUIDE.md
@@ -137,12 +137,11 @@ Additionally, it is also possible to run a cluster with security enabled:
 ./gradlew run -Dsecurity.enabled=true
 ```
 
-By default, if `-Dsecurity.enabled=true` is passed the following defaults will be used: `https=true`, `user=admin` and
-`password=admin`.
+By default, if `-Dsecurity.enabled=true` is passed the following defaults will be used: `https=true`, `user=admin`. There is no default password and it is set as `password=<admin-password`.
 
-Then, to access the cluster, we can run
+Then, to access the cluster, we can run the below command. <admin-password> parameter is the password set by admin.
 ```bash
-curl https://localhost:9200 --insecure -u admin:admin
+curl https://localhost:9200 --insecure -u admin:<admin-password>
 
 {
   "name" : "integTest-0",
@@ -191,7 +190,7 @@ Integration tests can be run with remote cluster. For that run the following com
 In case remote cluster is secured it's possible to pass username and password with the following command:
 
 ```
-./gradlew :integTestRemote -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="integTest-0" -Dhttps=true -Duser=admin -Dpassword=admin
+./gradlew :integTestRemote -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="integTest-0" -Dhttps=true -Duser=admin -Dpassword=<admin-password>
 ```
 
 ### Debugging
diff --git a/build.gradle b/build.gradle
index c2dc3a317..85c1793bb 100644
--- a/build.gradle
+++ b/build.gradle
@@ -29,6 +29,7 @@ buildscript {
         }
         opensearch_group = "org.opensearch"
         opensearch_no_snapshot = opensearch_build.replace("-SNAPSHOT","")
+        System.setProperty("OPENSEARCH_INITIAL_ADMIN_PASSWORD", "myStrongPassword123!")
     }
 
     repositories {
@@ -85,9 +86,9 @@ ext {
         cluster.getNodes().forEach { node ->
             var creds = node.getCredentials()
             if (creds.isEmpty()) {
-                creds.add(Map.of('username', 'admin', 'password', 'admin'))
+                creds.add(Map.of('username', 'admin', 'password', System.getProperty("OPENSEARCH_INITIAL_ADMIN_PASSWORD")))
             } else {
-                creds.get(0).putAll(Map.of('username', 'admin', 'password', 'admin'))
+                creds.get(0).putAll(Map.of('username', 'admin', 'password', System.getProperty("OPENSEARCH_INITIAL_ADMIN_PASSWORD")))
             }
         }
 
@@ -302,7 +303,7 @@ integTest {
         // If security is enabled, set is_https/user/password defaults
         is_https = is_https == null ? "true" : is_https
         user = user == null ? "admin" : user
-        password = password == null ? "admin" : password
+        password = password == null ? System.getProperty("OPENSEARCH_INITIAL_ADMIN_PASSWORD") : password
     }
     systemProperty("https", is_https)
     systemProperty("user", user)