From 61819056239d2467f6573257b8fbe47732673086 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=9C=D0=B0=D1=80=D1=82=D1=8B=D0=BD=D0=BE=D0=B2=20=D0=9C?=
 =?UTF-8?q?=D0=B0=D0=BA=D1=81=D0=B8=D0=BC=20=D0=A1=D0=B5=D1=80=D0=B3=D0=B5?=
 =?UTF-8?q?=D0=B5=D0=B2=D0=B8=D1=87?= <msmarty5@mts.ru>
Date: Wed, 5 Feb 2025 16:21:07 +0300
Subject: [PATCH] [DOP-23743] All hardcoded passwords in this repo are used
 ONLY for tests

---
 .env.docker                       | 42 ++++++------------
 .env.local                        | 22 +++++-----
 docker-compose.test.yml           | 72 +++++++++++++++----------------
 docker/ftp/on_post_init.sh        |  0
 docker/mssql/setup.sql            |  2 +-
 docker/samba/custom_entrypoint.sh |  2 +-
 docker/webdav/on_post_init.sh     |  0
 7 files changed, 63 insertions(+), 77 deletions(-)
 mode change 100644 => 100755 docker/ftp/on_post_init.sh
 mode change 100644 => 100755 docker/samba/custom_entrypoint.sh
 mode change 100644 => 100755 docker/webdav/on_post_init.sh

diff --git a/.env.docker b/.env.docker
index b1c92fc9..0dc55778 100644
--- a/.env.docker
+++ b/.env.docker
@@ -38,34 +38,20 @@ SYNCMASTER__AUTH__ACCESS_TOKEN__SECRET_KEY=generate_another_random_string
 # Scheduler options
 SYNCMASTER__SCHEDULER__TRANSFER_FETCHING_TIMEOUT_SECONDS=200
 
-# Tests-only
-# S3
-MINIO_ACCESS_KEY=syncmaster
-MINIO_SECRET_KEY=changeme
-MINIO_ROOT_USER=syncmaster
-MINIO_ROOT_PASSWORD=changeme
-
 TEST_S3_HOST_FOR_CONFTEST=test-s3
 TEST_S3_PORT_FOR_CONFTEST=9000
 TEST_S3_HOST_FOR_WORKER=test-s3
 TEST_S3_PORT_FOR_WORKER=9000
 TEST_S3_ACCESS_KEY=syncmaster
-TEST_S3_SECRET_KEY=changeme
+TEST_S3_SECRET_KEY=123UsedOnlyForTests@!
 TEST_S3_BUCKET=syncmaster
 
-# needed for test-postgres container
-POSTGRES_HOST=test-postgres
-POSTGRES_PORT=5432
-POSTGRES_DB=syncmaster
-POSTGRES_USER=syncmaster
-POSTGRES_PASSWORD=changeme
-
 TEST_POSTGRES_HOST_FOR_CONFTEST=test-postgres
 TEST_POSTGRES_PORT_FOR_CONFTEST=5432
 TEST_POSTGRES_HOST_FOR_WORKER=test-postgres
 TEST_POSTGRES_PORT_FOR_WORKER=5432
 TEST_POSTGRES_USER=syncmaster
-TEST_POSTGRES_PASSWORD=changeme
+TEST_POSTGRES_PASSWORD=123UsedOnlyForTests@!
 TEST_POSTGRES_DB=syncmaster
 
 TEST_ORACLE_HOST_FOR_CONFTEST=test-oracle
@@ -73,23 +59,23 @@ TEST_ORACLE_PORT_FOR_CONFTEST=1521
 TEST_ORACLE_HOST_FOR_WORKER=test-oracle
 TEST_ORACLE_PORT_FOR_WORKER=1521
 TEST_ORACLE_USER=syncmaster
-TEST_ORACLE_PASSWORD=changeme
+TEST_ORACLE_PASSWORD=123UsedOnlyForTests@!
 TEST_ORACLE_SERVICE_NAME=XEPDB1
 
 TEST_CLICKHOUSE_HOST_FOR_CONFTEST=test-clickhouse
 TEST_CLICKHOUSE_PORT_FOR_CONFTEST=8123
 TEST_CLICKHOUSE_HOST_FOR_WORKER=test-clickhouse
 TEST_CLICKHOUSE_PORT_FOR_WORKER=8123
-TEST_CLICKHOUSE_USER=default
-TEST_CLICKHOUSE_PASSWORD=test_only
-TEST_CLICKHOUSE_DB=default
+TEST_CLICKHOUSE_USER=syncmaster
+TEST_CLICKHOUSE_PASSWORD=123UsedOnlyForTests@!
+TEST_CLICKHOUSE_DB=syncmaster
 
 TEST_MSSQL_HOST_FOR_CONFTEST=test-mssql
 TEST_MSSQL_PORT_FOR_CONFTEST=1433
 TEST_MSSQL_HOST_FOR_WORKER=test-mssql
 TEST_MSSQL_PORT_FOR_WORKER=1433
 TEST_MSSQL_USER=syncmaster
-TEST_MSSQL_PASSWORD=7ellowEl7akey
+TEST_MSSQL_PASSWORD=123UsedOnlyForTests@!
 TEST_MSSQL_DB=syncmaster
 
 TEST_MYSQL_HOST_FOR_CONFTEST=test-mysql
@@ -97,12 +83,12 @@ TEST_MYSQL_PORT_FOR_CONFTEST=3306
 TEST_MYSQL_HOST_FOR_WORKER=test-mysql
 TEST_MYSQL_PORT_FOR_WORKER=3306
 TEST_MYSQL_USER=syncmaster
-TEST_MYSQL_PASSWORD=ohbuz9Eochaj9saibooK3thooGa5aesh
+TEST_MYSQL_PASSWORD=123UsedOnlyForTests@!
 TEST_MYSQL_DB=syncmaster
 
 TEST_HIVE_CLUSTER=test-hive
 TEST_HIVE_USER=syncmaster
-TEST_HIVE_PASSWORD=changeme
+TEST_HIVE_PASSWORD=123UsedOnlyForTests@!
 
 TEST_HDFS_HOST=test-hive
 TEST_HDFS_WEBHDFS_PORT=9870
@@ -113,21 +99,21 @@ TEST_SFTP_PORT_FOR_CONFTEST=2222
 TEST_SFTP_HOST_FOR_WORKER=test-sftp
 TEST_SFTP_PORT_FOR_WORKER=2222
 TEST_SFTP_USER=syncmaster
-TEST_SFTP_PASSWORD=test_only
+TEST_SFTP_PASSWORD=123UsedOnlyForTests@!
 
 TEST_FTP_HOST_FOR_CONFTEST=test-ftp
 TEST_FTP_PORT_FOR_CONFTEST=21
 TEST_FTP_HOST_FOR_WORKER=test-ftp
 TEST_FTP_PORT_FOR_WORKER=21
 TEST_FTP_USER=syncmaster
-TEST_FTP_PASSWORD=test_only
+TEST_FTP_PASSWORD=123UsedOnlyForTests@!
 
 TEST_FTPS_HOST_FOR_CONFTEST=test-ftps
 TEST_FTPS_PORT_FOR_CONFTEST=21
 TEST_FTPS_HOST_FOR_WORKER=test-ftps
 TEST_FTPS_PORT_FOR_WORKER=21
 TEST_FTPS_USER=syncmaster
-TEST_FTPS_PASSWORD=test_only
+TEST_FTPS_PASSWORD=123UsedOnlyForTests@!
 
 TEST_SAMBA_HOST_FOR_CONFTEST=test-samba
 TEST_SAMBA_PORT_FOR_CONFTEST=445
@@ -139,7 +125,7 @@ TEST_SAMBA_UID=1000
 TEST_SAMBA_GID=1000
 TEST_SAMBA_SHARE=SmbShare
 TEST_SAMBA_USER=syncmaster
-TEST_SAMBA_PASSWORD=test_only
+TEST_SAMBA_PASSWORD=123UsedOnlyForTests@!
 TEST_SAMBA_AUTH_TYPE=NTLMv2
 
 TEST_WEBDAV_HOST_FOR_CONFTEST=webdav
@@ -147,7 +133,7 @@ TEST_WEBDAV_PORT_FOR_CONFTEST=80
 TEST_WEBDAV_HOST_FOR_WORKER=webdav
 TEST_WEBDAV_PORT_FOR_WORKER=80
 TEST_WEBDAV_USER=syncmaster
-TEST_WEBDAV_PASSWORD=test_only
+TEST_WEBDAV_PASSWORD=123UsedOnlyForTests@!
 
 SPARK_CONF_DIR=/app/tests/spark/hive/conf/
 HADOOP_CONF_DIR=/app/tests/spark/hadoop/
diff --git a/.env.local b/.env.local
index 1c84df54..06d9bd85 100644
--- a/.env.local
+++ b/.env.local
@@ -44,7 +44,7 @@ export TEST_S3_PORT_FOR_CONFTEST=9010
 export TEST_S3_HOST_FOR_WORKER=test-s3
 export TEST_S3_PORT_FOR_WORKER=9000
 export TEST_S3_ACCESS_KEY=syncmaster
-export TEST_S3_SECRET_KEY=changeme
+export TEST_S3_SECRET_KEY=123UsedOnlyForTests@!
 export TEST_S3_BUCKET=syncmaster
 
 export TEST_POSTGRES_HOST_FOR_CONFTEST=localhost
@@ -52,7 +52,7 @@ export TEST_POSTGRES_PORT_FOR_CONFTEST=5433
 export TEST_POSTGRES_HOST_FOR_WORKER=test-postgres
 export TEST_POSTGRES_PORT_FOR_WORKER=5432
 export TEST_POSTGRES_USER=syncmaster
-export TEST_POSTGRES_PASSWORD=changeme
+export TEST_POSTGRES_PASSWORD=123UsedOnlyForTests@!
 export TEST_POSTGRES_DB=syncmaster
 
 export TEST_ORACLE_HOST_FOR_CONFTEST=localhost
@@ -60,7 +60,7 @@ export TEST_ORACLE_PORT_FOR_CONFTEST=1522
 export TEST_ORACLE_HOST_FOR_WORKER=test-oracle
 export TEST_ORACLE_PORT_FOR_WORKER=1521
 export TEST_ORACLE_USER=syncmaster
-export TEST_ORACLE_PASSWORD=changeme
+export TEST_ORACLE_PASSWORD=123UsedOnlyForTests@!
 export TEST_ORACLE_SERVICE_NAME=XEPDB1
 
 export TEST_CLICKHOUSE_HOST_FOR_CONFTEST=localhost
@@ -68,7 +68,7 @@ export TEST_CLICKHOUSE_PORT_FOR_CONFTEST=8123
 export TEST_CLICKHOUSE_HOST_FOR_WORKER=test-clickhouse
 export TEST_CLICKHOUSE_PORT_FOR_WORKER=8123
 export TEST_CLICKHOUSE_USER=default
-export TEST_CLICKHOUSE_PASSWORD=test_only
+export TEST_CLICKHOUSE_PASSWORD=123UsedOnlyForTests@!
 export TEST_CLICKHOUSE_DB=default
 
 export TEST_MSSQL_HOST_FOR_CONFTEST=localhost
@@ -76,7 +76,7 @@ export TEST_MSSQL_PORT_FOR_CONFTEST=1433
 export TEST_MSSQL_HOST_FOR_WORKER=test-mssql
 export TEST_MSSQL_PORT_FOR_WORKER=1433
 export TEST_MSSQL_USER=syncmaster
-export TEST_MSSQL_PASSWORD=7ellowEl7akey
+export TEST_MSSQL_PASSWORD=123UsedOnlyForTests@!
 export TEST_MSSQL_DB=syncmaster
 
 export TEST_MYSQL_HOST_FOR_CONFTEST=localhost
@@ -84,7 +84,7 @@ export TEST_MYSQL_PORT_FOR_CONFTEST=3306
 export TEST_MYSQL_HOST_FOR_WORKER=test-mysql
 export TEST_MYSQL_PORT_FOR_WORKER=3306
 export TEST_MYSQL_USER=syncmaster
-export TEST_MYSQL_PASSWORD=ohbuz9Eochaj9saibooK3thooGa5aesh
+export TEST_MYSQL_PASSWORD=123UsedOnlyForTests@!
 export TEST_MYSQL_DB=syncmaster
 
 export TEST_HIVE_CLUSTER=test-hive
@@ -100,21 +100,21 @@ export TEST_SFTP_PORT_FOR_CONFTEST=2222
 export TEST_SFTP_HOST_FOR_WORKER=test-sftp
 export TEST_SFTP_PORT_FOR_WORKER=2222
 export TEST_SFTP_USER=syncmaster
-export TEST_SFTP_PASSWORD=test_only
+export TEST_SFTP_PASSWORD=123UsedOnlyForTests@!
 
 export TEST_FTP_HOST_FOR_CONFTEST=localhost
 export TEST_FTP_PORT_FOR_CONFTEST=2121
 export TEST_FTP_HOST_FOR_WORKER=test-ftp
 export TEST_FTP_PORT_FOR_WORKER=21
 export TEST_FTP_USER=syncmaster
-export TEST_FTP_PASSWORD=test_only
+export TEST_FTP_PASSWORD=123UsedOnlyForTests@!
 
 export TEST_FTPS_HOST_FOR_CONFTEST=localhost
 export TEST_FTPS_PORT_FOR_CONFTEST=2122
 export TEST_FTPS_HOST_FOR_WORKER=test-ftps
 export TEST_FTPS_PORT_FOR_WORKER=21
 export TEST_FTPS_USER=syncmaster
-export TEST_FTPS_PASSWORD=test_only
+export TEST_FTPS_PASSWORD=123UsedOnlyForTests@!
 
 export TEST_SAMBA_HOST_FOR_CONFTEST=localhost
 export TEST_SAMBA_PORT_FOR_CONFTEST=1445
@@ -126,7 +126,7 @@ export TEST_SAMBA_UID=1000
 export TEST_SAMBA_GID=1000
 export TEST_SAMBA_SHARE=SmbShare
 export TEST_SAMBA_USER=syncmaster
-export TEST_SAMBA_PASSWORD=test_only
+export TEST_SAMBA_PASSWORD=123UsedOnlyForTests@!
 export TEST_SAMBA_AUTH_TYPE=NTLMv2
 
 export TEST_WEBDAV_HOST_FOR_CONFTEST=localhost
@@ -134,7 +134,7 @@ export TEST_WEBDAV_PORT_FOR_CONFTEST=8010
 export TEST_WEBDAV_HOST_FOR_WORKER=webdav
 export TEST_WEBDAV_PORT_FOR_WORKER=80
 export TEST_WEBDAV_USER=syncmaster
-export TEST_WEBDAV_PASSWORD=test_only
+export TEST_WEBDAV_PASSWORD=123UsedOnlyForTests@!
 
 export SPARK_CONF_DIR=./tests/spark/hive/conf/
 export HADOOP_CONF_DIR=./tests/spark/hadoop/
diff --git a/docker-compose.test.yml b/docker-compose.test.yml
index d02b8c9d..13800547 100644
--- a/docker-compose.test.yml
+++ b/docker-compose.test.yml
@@ -132,7 +132,10 @@ services:
     restart: unless-stopped
     ports:
       - 5433:5432
-    env_file: .env.docker
+    environment:
+      POSTGRES_DB: syncmaster
+      POSTGRES_USER: syncmaster
+      POSTGRES_PASSWORD: 123UsedOnlyForTests@!
     healthcheck:
       test: pg_isready
       start_period: 5s
@@ -145,7 +148,9 @@ services:
     image: bitnami/minio:latest
     container_name: test-s3
     restart: unless-stopped
-    env_file: .env.docker
+    environment:
+      MINIO_ROOT_USER: syncmaster
+      MINIO_ROOT_PASSWORD: 123UsedOnlyForTests@!
     ports:
       - 9010:9000
       - 9011:9001
@@ -164,19 +169,18 @@ services:
       - 1522:1521
     environment:
       TZ: UTC
-      ORACLE_PASSWORD: changeme
-      ORACLE_DATABASE: syncmaster
+      ORACLE_PASSWORD: 123UsedOnlyForTests@!
       APP_USER: syncmaster
-      APP_USER_PASSWORD: changeme
+      APP_USER_PASSWORD: 123UsedOnlyForTests@!
     profiles: [oracle, all]
 
   test-clickhouse:
     image: clickhouse/clickhouse-server
     restart: unless-stopped
     environment:
-      CLICKHOUSE_USER: default
-      CLICKHOUSE_PASSWORD: test_only
-      CLICKHOUSE_DB: default
+      CLICKHOUSE_USER: syncmaster
+      CLICKHOUSE_PASSWORD: 123UsedOnlyForTests@!
+      CLICKHOUSE_DB: syncmaster
     ports:
       - 8123:8123
       - 9001:9000
@@ -187,11 +191,7 @@ services:
     restart: unless-stopped
     environment:
       ACCEPT_EULA: Y
-      MSSQL_PID: Developer
-      MSSQL_SA_PASSWORD: 7ellowEl7akey
-      MSSQL_DATABASE: syncmaster
-      MSSQL_USER: syncmaster
-      MSSQL_PASSWORD: 7ellowEl7akey
+      MSSQL_SA_PASSWORD: 123AdminUserForTests@!@!
     ports:
       - 1433:1433
     volumes:
@@ -204,10 +204,10 @@ services:
     image: mysql
     restart: unless-stopped
     environment:
-      MYSQL_ROOT_PASSWORD: ohbuz9Eochaj9saibooK3thooGa5aesh
+      MYSQL_ROOT_PASSWORD: 123RootUserForTestsOnly@!
       MYSQL_DATABASE: syncmaster
       MYSQL_USER: syncmaster
-      MYSQL_PASSWORD: ohbuz9Eochaj9saibooK3thooGa5aesh
+      MYSQL_PASSWORD: 123UsedForTestOnly@!
     ports:
       - 3306:3306
     platform: linux/amd64
@@ -278,22 +278,22 @@ services:
       PUID: 1000
       PGID: 1000
       USER_NAME: syncmaster
-      PASSWORD_ACCESS: true
-      SUDO_ACCESS: true
-      USER_PASSWORD: test_only
+      PASSWORD_ACCESS: 'true'
+      SUDO_ACCESS: 'true'
+      USER_PASSWORD: 123UsedOnlyForTests@!
     profiles: [sftp, all]
 
   test-ftp:
     image: ${FTP_IMAGE:-chonjay21/ftps:latest}
     restart: unless-stopped
     environment:
-      - USE_SSL=false
-      - PASSV_MIN_PORT=30000
-      - PASSV_MAX_PORT=30010
-      - APP_USER_NAME=syncmaster
-      - APP_USER_PASSWD=test_only
-      - APP_UID=1000
-      - APP_GID=1000
+      USE_SSL: 'false'
+      PASSV_MIN_PORT: 30000
+      PASSV_MAX_PORT: 30010
+      APP_USER_NAME: syncmaster
+      APP_USER_PASSWD: 123UsedOnlyForTests@!
+      APP_UID: 1000
+      APP_GID: 1000
     ports:
       - 2121:21
       - 30000-30010:30000-30010
@@ -305,13 +305,13 @@ services:
     image: ${FTPS_IMAGE:-chonjay21/ftps:latest}
     restart: unless-stopped
     environment:
-      - USE_SSL=true
-      - PASSV_MIN_PORT=30020
-      - PASSV_MAX_PORT=30030
-      - APP_USER_NAME=syncmaster
-      - APP_USER_PASSWD=test_only
-      - APP_UID=1000
-      - APP_GID=1000
+      USE_SSL: 'true'
+      PASSV_MIN_PORT: 30020
+      PASSV_MAX_PORT: 30030
+      APP_USER_NAME: syncmaster
+      APP_USER_PASSWD: 123UsedOnlyForTests@!
+      APP_UID: 1000
+      APP_GID: 1000
     ports:
       - 2122:21
       - 30020-30030:30020-30030
@@ -334,10 +334,10 @@ services:
     image: ${WEBDAV_IMAGE:-chonjay21/webdav:latest}
     restart: unless-stopped
     environment:
-      - APP_USER_NAME=syncmaster
-      - APP_USER_PASSWD=test_only
-      - APP_UID=1000
-      - APP_GID=1000
+      APP_USER_NAME: syncmaster
+      APP_USER_PASSWD: 123UsedOnlyForTests@!
+      APP_UID: 1000
+      APP_GID: 1000
     ports:
       - 8010:80
     volumes:
diff --git a/docker/ftp/on_post_init.sh b/docker/ftp/on_post_init.sh
old mode 100644
new mode 100755
diff --git a/docker/mssql/setup.sql b/docker/mssql/setup.sql
index e06e3f8a..abce79a2 100644
--- a/docker/mssql/setup.sql
+++ b/docker/mssql/setup.sql
@@ -10,7 +10,7 @@ GO
 USE syncmaster;
 GO
 
-CREATE LOGIN syncmaster WITH PASSWORD = '7ellowEl7akey';
+CREATE LOGIN syncmaster WITH PASSWORD = '123UsedOnlyForTests@!';
 GO
 
 CREATE USER syncmaster FOR LOGIN syncmaster;
diff --git a/docker/samba/custom_entrypoint.sh b/docker/samba/custom_entrypoint.sh
old mode 100644
new mode 100755
index fb51c82d..20f0f174
--- a/docker/samba/custom_entrypoint.sh
+++ b/docker/samba/custom_entrypoint.sh
@@ -3,4 +3,4 @@
 # allow create files and directories
 mkdir -p /share/folder
 chmod 0777 /share/folder
-/entrypoint.sh -u "1000:1000:syncmaster:syncmaster:test_only" -s "SmbShare:/share/folder:rw:syncmaster"
+/entrypoint.sh -u "1000:1000:syncmaster:syncmaster:123UsedOnlyForTests@!" -s "SmbShare:/share/folder:rw:syncmaster"
diff --git a/docker/webdav/on_post_init.sh b/docker/webdav/on_post_init.sh
old mode 100644
new mode 100755