From d1a026ff678cf8bcb59fa446309f16cc312104d5 Mon Sep 17 00:00:00 2001
From: Jaap Eldering <jaap@jaapeldering.nl>
Date: Tue, 26 Nov 2024 23:27:38 +0100
Subject: [PATCH] Set a more grep-able admin password

Also don't set this explicitly in `workflows/database-upgrade.yml`
as it is already set in `jobs/baseinstall.sh` called before.
Don't pass admin:password to the API check as it already uses
curl with `-n` option to read from `~/.netrc`.
---
 .github/jobs/baseinstall.sh            | 6 +++---
 .github/workflows/database-upgrade.yml | 2 --
 .github/workflows/integration.yml      | 6 +++---
 3 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/.github/jobs/baseinstall.sh b/.github/jobs/baseinstall.sh
index 2c61bc2a7b..76a7457fc9 100755
--- a/.github/jobs/baseinstall.sh
+++ b/.github/jobs/baseinstall.sh
@@ -17,9 +17,9 @@ composer install --no-scripts |tee "$ARTIFACTS"/composer_out.txt
 cd ..
 section_end
 
-section_start "Set simple admin password"
-echo "password" > ./etc/initial_admin_password.secret
-echo "default login admin password password" > ~/.netrc
+section_start "Set admin password"
+echo "admin_password" > ./etc/initial_admin_password.secret
+echo "default login admin password admin_password" > ~/.netrc
 section_end
 
 section_start "Install domserver"
diff --git a/.github/workflows/database-upgrade.yml b/.github/workflows/database-upgrade.yml
index dd3fe7a351..b66f219475 100644
--- a/.github/workflows/database-upgrade.yml
+++ b/.github/workflows/database-upgrade.yml
@@ -28,8 +28,6 @@ jobs:
         run: mysql -hsqlserver -uroot -proot < .github/jobs/data/dj733.sql
       - name: Upgrade DOMjudge
         run: .github/jobs/baseinstall.sh default upgrade
-      - name: Setting initial Admin Password
-        run: echo "pass" > /opt/domjudge/domserver/etc/initial_admin_password.secret
       - name: Check for Errors in the Upgrade
         run: mysql -hsqlserver -uroot -proot -e "SHOW TABLES FROM domjudge;"
       - name: Check for Errors in Domjudge Web
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index e9d9d0c651..d915c43478 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -45,9 +45,9 @@ jobs:
       - name: Configure print command
         working-directory: submit
         run: |
-          curl --fail -u 'admin:password' -X 'GET' 'http://localhost/domjudge/api/v4/config?strict=false' \
+          curl -n --fail -X 'GET' 'http://localhost/domjudge/api/v4/config?strict=false' \
             | jq '.print_command |= "cp [file] /tmp/dj-printfile"' \
-            | curl --fail -u 'admin:password' -X 'PUT' -T - 'http://localhost/domjudge/api/v4/config?strict=false' \
+            | curl -n --fail -X 'PUT' -T - 'http://localhost/domjudge/api/v4/config?strict=false' \
       - name: Testing submit client
         working-directory: submit
         run: make check-full
@@ -149,4 +149,4 @@ jobs:
           export CCS_SPECS_PINNED_SHA1='a68aff54c4e60fc2bff2fc5c36c119bffa4d30f1'
           ( cd ccs-specs && git reset --hard $CCS_SPECS_PINNED_SHA1 )
           export CHECK_API="${HOME}/ccs-specs/check-api.sh -j ${HOME}/yajsv"
-          $CHECK_API -n -C -e -a 'strict=1' http://admin:password@localhost/domjudge/api
+          $CHECK_API -n -C -e -a 'strict=1' http://localhost/domjudge/api