From 8d1cceccb9c1d6f8aa55dea751b60059d954ddba Mon Sep 17 00:00:00 2001
From: John Mazanec <jmazane@amazon.com>
Date: Mon, 18 Dec 2023 20:04:26 -0800
Subject: [PATCH 1/5] Avoid prefixing sys props with tests.opensearch

Avoids adding prefix "tests.opensearch." to system properties that
interact with gradle test cluster. Using this prefix causes these
properties to be passed to the nodes as settings:
https://github.com/opensearch-project/OpenSearch/blob/main/DEVELOPER_GUIDE.md#run-opensearch.

Signed-off-by: John Mazanec <jmazane@amazon.com>
---
 .../gradle/testclusters/OpenSearchNode.java          | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java b/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
index 268de50340cbf..300bde8fd1f7c 100644
--- a/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
+++ b/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
@@ -483,16 +483,16 @@ public Stream<String> logLines() throws IOException {
     @Override
     public synchronized void start() {
         LOGGER.info("Starting `{}`", this);
-        if (System.getProperty("tests.opensearch.secure") != null
-            && System.getProperty("tests.opensearch.secure").equalsIgnoreCase("true")) {
+        if (System.getProperty("tests.secure") != null
+            && System.getProperty("tests.secure").equalsIgnoreCase("true")) {
             secure = true;
         }
-        if (System.getProperty("tests.opensearch.username") != null) {
-            this.credentials.get(0).put("username", System.getProperty("tests.opensearch.username"));
+        if (System.getProperty("tests.username") != null) {
+            this.credentials.get(0).put("username", System.getProperty("tests.username"));
             LOGGER.info("Overwriting username to: " + this.getCredentials().get(0).get("username"));
         }
-        if (System.getProperty("tests.opensearch.password") != null) {
-            this.credentials.get(0).put("password", System.getProperty("tests.opensearch.password"));
+        if (System.getProperty("tests.password") != null) {
+            this.credentials.get(0).put("password", System.getProperty("tests.password"));
             LOGGER.info("Overwriting password to: " + this.getCredentials().get(0).get("password"));
         }
         if (Files.exists(getExtractedDistributionDir()) == false) {

From cc4654956b7cc805bee20f04e9464ac2d966d588 Mon Sep 17 00:00:00 2001
From: John Mazanec <jmazane@amazon.com>
Date: Tue, 19 Dec 2023 09:54:49 -0800
Subject: [PATCH 2/5] Revert "Avoid prefixing sys props with tests.opensearch"

This reverts commit 2458c4f525776ddc13f09235e22ad1d1b33222b8.

Signed-off-by: John Mazanec <jmazane@amazon.com>
---
 .../gradle/testclusters/OpenSearchNode.java          | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java b/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
index 300bde8fd1f7c..268de50340cbf 100644
--- a/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
+++ b/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
@@ -483,16 +483,16 @@ public Stream<String> logLines() throws IOException {
     @Override
     public synchronized void start() {
         LOGGER.info("Starting `{}`", this);
-        if (System.getProperty("tests.secure") != null
-            && System.getProperty("tests.secure").equalsIgnoreCase("true")) {
+        if (System.getProperty("tests.opensearch.secure") != null
+            && System.getProperty("tests.opensearch.secure").equalsIgnoreCase("true")) {
             secure = true;
         }
-        if (System.getProperty("tests.username") != null) {
-            this.credentials.get(0).put("username", System.getProperty("tests.username"));
+        if (System.getProperty("tests.opensearch.username") != null) {
+            this.credentials.get(0).put("username", System.getProperty("tests.opensearch.username"));
             LOGGER.info("Overwriting username to: " + this.getCredentials().get(0).get("username"));
         }
-        if (System.getProperty("tests.password") != null) {
-            this.credentials.get(0).put("password", System.getProperty("tests.password"));
+        if (System.getProperty("tests.opensearch.password") != null) {
+            this.credentials.get(0).put("password", System.getProperty("tests.opensearch.password"));
             LOGGER.info("Overwriting password to: " + this.getCredentials().get(0).get("password"));
         }
         if (Files.exists(getExtractedDistributionDir()) == false) {

From 8725838e872556283b474104c11a1b99933d1a0b Mon Sep 17 00:00:00 2001
From: John Mazanec <jmazane@amazon.com>
Date: Tue, 19 Dec 2023 10:09:09 -0800
Subject: [PATCH 3/5] Set user option to set credentials for the node

Sets the user option for the OpenSearchNode to set the credentials the
node should use. This allows us to avoid passing in the username and
password as system properties in order to launch the cluster with
security plugin installed. These credentials will be used for the health
check.

Signed-off-by: John Mazanec <jmazane@amazon.com>
---
 .../gradle/testclusters/OpenSearchNode.java   | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java b/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
index 268de50340cbf..c9308735b48e7 100644
--- a/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
+++ b/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
@@ -703,7 +703,24 @@ public void extraJarFile(File from) {
     }
 
     @Override
-    public void user(Map<String, String> userSpec) {}
+    public void user(Map<String, String> userSpec) {
+        if (userSpec == null) {
+            return;
+        }
+
+        if (userSpec.containsKey("username") && userSpec.containsKey("password")) {
+            this.credentials.get(0).put("username", userSpec.get("username"));
+            this.credentials.get(0).put("password",  userSpec.get("password"));
+            return;
+        }
+
+        if (!userSpec.containsKey("username")) {
+            LOGGER.warn("Unable to set user. userSpec must contain username.");
+        }
+        if (!userSpec.containsKey("password")) {
+            LOGGER.warn("Unable to set user. userSpec must contain password.");
+        }
+    }
 
     private void runOpenSearchBinScriptWithInput(String input, String tool, CharSequence... args) {
         if (Files.exists(getDistroDir().resolve("bin").resolve(tool)) == false

From 50a027c0437666f64abed3eb00d6289adf82de92 Mon Sep 17 00:00:00 2001
From: John Mazanec <jmazane@amazon.com>
Date: Wed, 20 Dec 2023 13:32:39 -0800
Subject: [PATCH 4/5] Add changelog entry

Signed-off-by: John Mazanec <jmazane@amazon.com>
---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 52b89e57c0959..871552fcf8657 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -122,6 +122,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - [BWC and API enforcement] Introduce checks for enforcing the API restrictions ([#11175](https://github.com/opensearch-project/OpenSearch/pull/11175))
 - Create separate transport action for render search template action ([#11170](https://github.com/opensearch-project/OpenSearch/pull/11170))
 - Add additional handling in SearchTemplateRequest when simulate is set to true ([#11591](https://github.com/opensearch-project/OpenSearch/pull/11591))
+- Add option to set user for test cluster to perform health checks during run with security enabled ([#11641](https://github.com/opensearch-project/OpenSearch/pull/11641))
 
 ### Dependencies
 - Bump Lucene from 9.7.0 to 9.8.0 ([10276](https://github.com/opensearch-project/OpenSearch/pull/10276))

From 0feaa31f4c198706026d2b407dec5f9b99a2724b Mon Sep 17 00:00:00 2001
From: John Mazanec <jmazane@amazon.com>
Date: Wed, 20 Dec 2023 13:45:58 -0800
Subject: [PATCH 5/5] Fix style check

Signed-off-by: John Mazanec <jmazane@amazon.com>
---
 .../java/org/opensearch/gradle/testclusters/OpenSearchNode.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java b/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
index c9308735b48e7..6d710bf46dab6 100644
--- a/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
+++ b/buildSrc/src/main/java/org/opensearch/gradle/testclusters/OpenSearchNode.java
@@ -710,7 +710,7 @@ public void user(Map<String, String> userSpec) {
 
         if (userSpec.containsKey("username") && userSpec.containsKey("password")) {
             this.credentials.get(0).put("username", userSpec.get("username"));
-            this.credentials.get(0).put("password",  userSpec.get("password"));
+            this.credentials.get(0).put("password", userSpec.get("password"));
             return;
         }