Closed
Description
Describe the bug
OpenSearch container complains about password strength when using a recent image version, even when setting security_enabled=False
. It seems this is the consequence of a change in version 2.12.0. There seems to be an easy fix for this, which is to replace plugins.security.disabled
environment variable with DISABLE_SECURITY_PLUGIN
. I opened a small PR for this, see #773.
To Reproduce
from testcontainers.opensearch import OpenSearchContainer
container = OpenSearchContainer("opensearchproject/opensearch:2.18.0")
container.start()
This will block forever waiting for the container to be ready, and the logs give the following output:
$ docker logs <container id>
Enabling OpenSearch Security Plugin
Enabling execution of install_demo_configuration.sh for OpenSearch Security Plugin
OpenSearch 2.12.0 onwards, the OpenSearch Security Plugin a change that requires an initial password for 'admin' user.
Please define an environment variable 'OPENSEARCH_INITIAL_ADMIN_PASSWORD' with a strong password string.
If a password is not provided, the setup will quit.
For more details, please visit: https://opensearch.org/docs/latest/install-and-configure/install-opensearch/docker/
### OpenSearch Security Demo Installer
### ** Warning: Do not use on production or public reachable systems **
OpenSearch install type: rpm/deb on Linux 6.1.0-17-amd64 amd64
OpenSearch config dir: /usr/share/opensearch/config/
OpenSearch config file: /usr/share/opensearch/config/opensearch.yml
OpenSearch bin dir: /usr/share/opensearch/bin/
OpenSearch plugins dir: /usr/share/opensearch/plugins/
OpenSearch lib dir: /usr/share/opensearch/lib/
Detected OpenSearch Version: 2.18.0
Detected OpenSearch Security Version: 2.18.0.0
Password admin failed validation: "Password is too short". Please re-try with a minimum 8 character password and must contain at least one uppercase letter, one lowercase letter, one digit, and one special character that is strong. Password strength can be tested here: https://lowe.github.io/tryzxcvbn
Runtime environment
Runtime environment
Linux debian 6.1.0-17-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.69-1 (2023-12-30) x86_64 GNU/Linux
Python 3.11.2
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc., v0.20.0)
compose: Docker Compose (Docker Inc., v2.32.4)
Server:
Containers: 53
Running: 2
Paused: 0
Stopped: 51
Images: 365
Server Version: 20.10.24+dfsg1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runtime.v1.linux nvidia runc io.containerd.runc.v2
Default Runtime: nvidia
Init Binary: docker-init
containerd version: 1.6.20~ds1-1+b1
runc version: 1.1.5+ds1-1+deb12u1
init version:
Security Options:
apparmor
seccomp
Profile: default
cgroupns
Kernel Version: 6.1.0-17-amd64
Operating System: Debian GNU/Linux 12 (bookworm)
OSType: linux
Architecture: x86_64
CPUs: 32
Total Memory: 62.51GiB
Name: debian
ID: MQZA:SAEE:WFPL:FTXS:NWZS:BZLG:B7FL:SQP3:GMZO:WMLA:5K7G:5DQ5
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
alembic==1.14.1
amqp==5.3.1
aniso8601==10.0.0
annotated-types==0.7.0
anyio==4.8.0
argon2-cffi==23.1.0
argon2-cffi-bindings==21.2.0
asgiref==3.8.1
asttokens==3.0.0
async-timeout==5.0.1
attrs==25.1.0
billiard==4.2.1
blinker==1.9.0
celery==5.4.0
certifi==2025.1.31
cffi==1.17.1
charset-normalizer==3.4.1
clean-text==0.6.0
click==8.1.8
click-didyoumean==0.3.1
click-plugins==1.1.1
click-repl==0.3.0
cryptography==44.0.1
-e git+ssh://git@gitlab.com/exantebe/curator.git@1d399adbdbd8a4cfaa30d4b336b31a7b8c001751#egg=curator
debugpy==1.8.12
decorator==5.1.1
Deprecated==1.2.18
deprecation==2.1.0
deptry==0.21.2
docker==7.1.0
emoji==1.7.0
environs==11.2.1
Events==0.5
executing==2.2.0
factory_boy==3.3.3
Faker==36.1.1
faker-file==0.17.14
Flask==3.1.0
Flask-HTTPAuth==4.8.0
Flask-Login==0.6.3
Flask-Mail==0.10.0
Flask-Migrate==4.1.0
flask-restx==1.3.0
Flask-SQLAlchemy==3.1.1
ftfy==6.3.1
gevent==24.11.1
greenlet==3.1.1
gunicorn==23.0.0
h11==0.14.0
httpcore==1.0.7
httpx==0.28.1
idna==3.10
img2pdf==0.5.1
importlib_resources==6.5.2
inflection==0.5.1
iniconfig==2.0.0
ipython==8.32.0
itsdangerous==2.2.0
jedi==0.19.2
Jinja2==3.1.5
jsonschema==4.23.0
jsonschema-specifications==2024.10.1
kombu==5.4.2
loguru==0.7.3
lxml==5.3.1
Mako==1.3.9
Markdown==3.7
markdown-it-py==3.0.0
MarkupSafe==3.0.2
marshmallow==3.26.1
marshmallow-oneofschema==3.1.1
marshmallow-sqlalchemy==1.4.1
matplotlib-inline==0.1.7
mdurl==0.1.2
minio==7.2.15
ocrmypdf==16.9.0
ollama==0.4.7
opensearch-py==2.8.0
orjson==3.10.15
packaging==24.2
parso==0.8.4
pdfkit==1.0.0
pdfminer.six==20240706
pdoc3==0.11.5
pexpect==4.9.0
pi_heif==0.21.0
pika==1.3.2
pikepdf==9.5.2
pillow==11.1.0
pluggy==1.5.0
polling==0.3.2
prompt_toolkit==3.0.50
psycogreen==1.0.2
psycopg2==2.9.10
ptyprocess==0.7.0
pure_eval==0.2.3
py-healthcheck==1.10.1
py-spy==0.3.14
pycparser==2.22
pycryptodome==3.21.0
pydantic==2.10.6
pydantic_core==2.27.2
pyfiglet==1.0.2
Pygments==2.19.1
pytest==8.3.4
pytest-dotenv==0.5.2
pytest-factoryboy==2.7.0
pytest-lazy-fixtures==1.1.2
pytest-print @ git+https://github.com/pytest-dev/pytest-print.git@d4721d5392713b61b75d85caa91ee34d67a4ddf8
python-dateutil==2.9.0.post0
python-dotenv==1.0.1
python-magic==0.4.27
pytz==2025.1
redis==5.2.1
referencing==0.36.2
requests==2.32.3
requests-toolbelt==1.0.0
requirements-parser==0.11.0
rich==13.9.4
rich-click==1.8.5
rpds-py==0.22.3
six==1.17.0
sniffio==1.3.1
SQLAlchemy==2.0.38
sqlalchemy-mixins==2.0.5
SQLAlchemy-Utils==0.41.2
stack-data==0.6.3
testcontainers @ git+https://github.com/oelhammouchi/testcontainers-python@acc3aa8cc03cff47432ccfcb32212d65ba474c3f
tika==2.6.0
traitlets==5.14.3
types-setuptools==75.8.0.20250210
typing_extensions==4.12.2
tzdata==2025.1
Unidecode==1.3.8
urllib3==2.3.0
vine==5.1.0
waitress==3.0.2
wcwidth==0.2.13
Werkzeug==3.1.3
wrapt==1.17.2
zope.event==5.0
zope.interface==7.2
Metadata
Metadata
Assignees
Labels
No labels