Explain how to authenticate to the now running control plane. (#8977)

JustinAzoff · web-flow · commit a41e466b3ac9 · 2025-09-05T22:29:26.000-04:00
diff --git a/dev-tools/omicron-dev/src/main.rs b/dev-tools/omicron-dev/src/main.rs
@@ -159,6 +159,7 @@ impl RunAllArgs {
             "omicron-dev: privileged user name:  {}",
             cptestctx.user_name.as_ref(),
         );
+        println!("omicron-dev: privileged password:   {}", cptestctx.password);
 
         // Wait for a signal.
         let caught_signal = signal_stream.next().await;
diff --git a/docs/how-to-run-simulated.adoc b/docs/how-to-run-simulated.adoc
@@ -307,6 +307,17 @@ Once everything is up and running, you can use the system in a few ways:
 * Use the browser-based console.  The Nexus log output will show what IP address and port it's listening on.  This is also configured in the config file.  If you're using the defaults with `omicron-dev run-all`, you can reach the console at `http://127.0.0.1:12220/projects`.  If you ran a second Nexus using the `config-second.toml` config file, it will be on port `12222` instead (because that config file specifies port 12222).  Depending on the environment where you're running this, you may need an ssh tunnel or the like to reach this from your browser.
 * Use the xref:cli.adoc[`oxide` CLI].
 
+You can authenticate using a username of `test-privileged` and a password of `oxide`.
+
+If the console endpoints are returning a 404 run `cargo xtask download console`.
+
+Initiate a cli login using
+
+[source,text]
+----
+$ oxide auth login --host http://localhost:12220
+----
+
 == Running with TLS
 
 When you run the above, you will wind up with Nexus listening on HTTP (with no TLS) on its external address.  This is convenient for debugging, but not representative of a real system.  If you want to run it with TLS, you need to tweak the above procedure slightly:
diff --git a/nexus/test-utils/src/lib.rs b/nexus/test-utils/src/lib.rs
@@ -193,6 +193,7 @@ pub struct ControlPlaneTestContext<N> {
     pub initial_blueprint_id: BlueprintUuid,
     pub silo_name: Name,
     pub user_name: UserId,
+    pub password: String,
 }
 
 impl<N: NexusServer> ControlPlaneTestContext<N> {
@@ -454,6 +455,7 @@ pub struct ControlPlaneTestContextBuilder<'a, N: NexusServer> {
 
     pub silo_name: Option<Name>,
     pub user_name: Option<UserId>,
+    pub password: Option<String>,
 
     pub simulated_upstairs: Arc<sim::SimulatedUpstairs>,
 }
@@ -503,6 +505,7 @@ impl<'a, N: NexusServer> ControlPlaneTestContextBuilder<'a, N> {
             blueprint_sleds: None,
             silo_name: None,
             user_name: None,
+            password: None,
             simulated_upstairs: Arc::new(sim::SimulatedUpstairs::new(
                 simulated_upstairs_log,
             )),
@@ -1103,6 +1106,7 @@ impl<'a, N: NexusServer> ControlPlaneTestContextBuilder<'a, N> {
         self.internal_client = Some(testctx_internal);
         self.silo_name = Some(silo_name);
         self.user_name = Some(user_name);
+        self.password = Some(TEST_SUITE_PASSWORD.to_string());
         self.server = Some(server);
     }
 
@@ -1476,6 +1480,7 @@ impl<'a, N: NexusServer> ControlPlaneTestContextBuilder<'a, N> {
             initial_blueprint_id: self.initial_blueprint_id.unwrap(),
             silo_name: self.silo_name.unwrap(),
             user_name: self.user_name.unwrap(),
+            password: self.password.unwrap(),
         }
     }
 
