From 63fa119db36cff66294c053eecaee44acc57d7e4 Mon Sep 17 00:00:00 2001
From: Micah Nagel <micah.nagel@parsons.com>
Date: Wed, 14 Jul 2021 21:46:12 +0000
Subject: [PATCH] Document Default Credentials

---
 docs/guides/README.md                         |  4 +++
 .../using_bigbang/default_credentials.md      | 30 +++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 docs/guides/using_bigbang/default_credentials.md

diff --git a/docs/guides/README.md b/docs/guides/README.md
index ed2472135d..06fa815571 100644
--- a/docs/guides/README.md
+++ b/docs/guides/README.md
@@ -7,3 +7,7 @@ Beginner friendly how to guides are intended to be added to these subfolders ove
 ## prerequisites
 
 Beginner friendly comprehensive explanations of prerequisites that are generically applicable to multiple scenarios
+
+## using_bigbang
+
+Beginner friendly information on how to use Big Bang, intended to encompass how to navigate and work with BB packages
diff --git a/docs/guides/using_bigbang/default_credentials.md b/docs/guides/using_bigbang/default_credentials.md
new file mode 100644
index 0000000000..a38c0fd6c6
--- /dev/null
+++ b/docs/guides/using_bigbang/default_credentials.md
@@ -0,0 +1,30 @@
+# Credentials for Big Bang Packages
+
+This document includes details on credentials to access each package in a default install (without SSO). It is safe to assume that any packages not listed in the two categories below either have no need for authentication or use different methods (ex: velero require kubectl access).
+
+## Packages with no built in authentication
+
+Although the below applications have no built in authentication, Big Bang's helm values can be configured to deploy authservice in front of these endpoints. Authservice is an Authentication Proxy that can integrate with SSO providers like Keycloak.
+
+- Jaeger
+- Monitoring (Prometheus)
+- Monitoring (Alertmanager)
+
+## Packages with built in authentication
+
+The applications in the table below provide both SSO and built in auth. The table gives default credentials and ways to access and/or override those.
+
+| Package (Application) | Default Username | Default Password | Additional Notes |
+| --------------------- | ---------------- | ---------------- | ---------------- |
+| Kiali | N/A | (randomly generated) | Use `kubectl get secret -n kiali \| grep kiali-service-account-token \| awk '{print $1}' \| xargs kubectl get secret -n kiali -o go-template='{{.data.token \| base64decode}}'` to get the token |
+| Logging (Kibana) | `elastic` | (randomly generated) | Use `kubectl get secrets -n logging logging-ek-es-elastic-user -o go-template='{{.data.elastic \| base64decode}}'` to get the password |
+| Monitoring (Grafana) | `admin` | `prom-operator` | Default password can be overridden with Helm values `monitoring.values.grafana.adminPassword` |
+| Twistlock | N/A | N/A | Prompted to setup an admin account when you first hit the virtual service, no default user |
+| ArgoCD | `admin` | (randomly generated) | Use `kubectl -n argocd get secret argocd-initial-admin-secret -o go-template='{{.data.password \| base64decode}}'` to get the password |
+| Minio | `minio` | `minio123` | Access and secret key can be overridden with Helm values `addons.minio.accesskey` and `addons.minio.secretkey` respectively |
+| Gitlab | `root` | (randomly generated) | Use `kubectl -n gitlab get secret gitlab-gitlab-initial-root-password -o go-template='{{.data.password \| base64decode}}'` to get the password |
+| Nexus | `admin` | (randomly generated) | Use `kubectl get secret -n nexus-repository-manager nexus-repository-manager-secret -o go-template='{{index .data "admin.password" \| base64decode}}'` to get the password |
+| Sonarqube | `admin` | `admin` | Default password can be overridden with Helm values `addons.sonarqube.values.account.adminPassword` |
+| Anchore | `admin` | (randomly generated) | Use `kubectl get secrets -n anchore anchore-anchore-engine-admin-pass -o go-template='{{.data.ANCHORE_ADMIN_PASSWORD \| base64decode}}'` to get the password, or override with Helm values `addons.anchore.values.anchoreGlobal.defaultAdminPassword` |
+| Mattermost | N/A | N/A | Prompted to setup an account when you first hit the virtual service - this user becomes admin, no default user |
+| Keycloak | `admin` | `password` | Default username and password can be overridden with Helm values `addons.keycloak.values.secrets.credentials.stringData.adminuser` and `addons.keycloak.values.secrets.credentials.stringData.password` respectively |
-- 
GitLab