)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":32553,"name":"Sven Kieske","email":"sven_oss@posteo.de","username":"skieske"},"change_message_id":"15c795241879804bf4356ece118ad497555a8579","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"455626bf_fa94931d","updated":"2024-02-21 15:37:31.000000000","message":"needs docs, or a link to docs telling users to change these and how.\nmight make sense to do this in a separate change in k-a though (I don\u0027t know enough about the password setup in opensearch dashboards to judge this).","commit_id":"ba43b2fbc8dbb53f87d6bec385bb530b80126359"},{"author":{"_account_id":32553,"name":"Sven Kieske","email":"sven_oss@posteo.de","username":"skieske"},"change_message_id":"4208d19830089d2fa23c508916897c2b7d35715f","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"6a3f230a_b18b6b31","in_reply_to":"2ef47e47_0d4311e9","updated":"2024-02-21 16:06:10.000000000","message":"ah, excellent, this is information I was missing and which wasn\u0027t available in the linked issues as well. maybe put that context in the commit message?","commit_id":"ba43b2fbc8dbb53f87d6bec385bb530b80126359"},{"author":{"_account_id":22629,"name":"Michal Nasiadka","email":"mnasiadka@gmail.com","username":"mnasiadka"},"change_message_id":"7c422d8e78ba47b64a436151dac3e7bf2ab0053b","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"9b1f1e05_e17e4e06","in_reply_to":"455626bf_fa94931d","updated":"2024-02-21 15:42:10.000000000","message":"We don\u0027t support security plugin in k-a at all, because we don\u0027t support TLS in OpenSearch (yet) - I plan to work on this, so will add a task that will change this default password to a Kolla generated one.","commit_id":"ba43b2fbc8dbb53f87d6bec385bb530b80126359"},{"author":{"_account_id":32553,"name":"Sven Kieske","email":"sven_oss@posteo.de","username":"skieske"},"change_message_id":"c8eeab5e3b98d7cd93cd9e8c3af762f9b422efcc","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":4,"id":"e8e86e2c_3feadaaa","in_reply_to":"9b1f1e05_e17e4e06","updated":"2024-02-21 15:50:10.000000000","message":"okay? It\u0027s not entirely clear to me, neither from the k-a bug, nor from the linked github issue what this has to do with the fact we don\u0027t \"support\" the security plugin.\n\nif we set a default password we are responsible for either changing it automatically during deployment (I guess that\u0027s what you are proposing) and - until we do this - provide users with the necessary information that there is a default password now, which can be used by unauthorized third parties, and how to change that.\n\nit doesn\u0027t matter to me why we do this, but if we set a default password we need to inform users about this new behaviour so they can secure their installation. I\u0027m of course assuming that there is no automatic secure password generation in place, because I can only judge patches that are already posted and I\u0027m not aware of any patches that do this for the user. :)","commit_id":"ba43b2fbc8dbb53f87d6bec385bb530b80126359"},{"author":{"_account_id":22629,"name":"Michal Nasiadka","email":"mnasiadka@gmail.com","username":"mnasiadka"},"change_message_id":"bb6fb2eeae5ca3707b73b09464ac6f718868ac35","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":4,"id":"2ef47e47_0d4311e9","in_reply_to":"e8e86e2c_3feadaaa","updated":"2024-02-21 15:53:27.000000000","message":"If security plugin is disabled, there is NO authentication at all and this password is never used - and that\u0027s what we have in kolla-ansible (opensearch-dashboards authentication is basic auth on HAProxy).","commit_id":"ba43b2fbc8dbb53f87d6bec385bb530b80126359"},{"author":{"_account_id":22629,"name":"Michal Nasiadka","email":"mnasiadka@gmail.com","username":"mnasiadka"},"change_message_id":"7e280043aee88c7c6f4d05de079a8d4c55e00524","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"0c402066_b6f5f44a","updated":"2024-02-21 19:09:36.000000000","message":"recheck ubuntu keystone not ready on init runonce","commit_id":"756ee984c3c761514115c342e7cba9a3cb533d02"}]}