forked from opensearch-project/security-dashboards-plugin
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge remote-tracking branch 'origin/1.3' into 1.x
- Resolves opensearch-project#1520 Signed-off-by: Peter Nied <[email protected]>
- Loading branch information
Showing
35 changed files
with
4,455 additions
and
239 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| name: 'Download Security Plugin' | ||
| description: 'Installs OpenSearch Dashboard with a Plugin from github, then checkouts the correct dashboards version for the plugin, configures npm/yarn, and bootstraps Dashboards' | ||
|
|
||
| inputs: | ||
| opensearch-version: | ||
| description: 'The version of OpenSearch that should be used, e.g "1.3.0"' | ||
| required: true | ||
|
|
||
| plugin-name: | ||
| description: 'The the name of the plugin to use, such as opensearch-security' | ||
| required: true | ||
|
|
||
| plugin-version: | ||
| description: 'The version of security plugin that should be used, e.g "1.3.0"' | ||
| required: true | ||
|
|
||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - name: Download OpenSearch for Linux | ||
| uses: peternied/download-file@v2 | ||
| if: ${{ runner.os == 'Linux' }} | ||
| with: | ||
| url: https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/${{ inputs.opensearch-version }}/latest/linux/x64/tar/builds/opensearch/plugins/${{ inputs.plugin-name }}-${{ inputs.plugin-version }}.zip | ||
|
|
||
| - name: Download OpenSearch for Windows | ||
| uses: peternied/download-file@v2 | ||
| if: ${{ runner.os == 'Windows' }} | ||
| with: | ||
| url: https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/${{ inputs.opensearch-version }}/latest/windows/x64/zip/builds/opensearch/plugins/${{ inputs.plugin-name }}-${{ inputs.plugin-version }}.zip | ||
|
|
||
| - name: Rename the Plugin Files | ||
| run: mv opensearch-security-${{ inputs.plugin-version }}.zip opensearch-security.zip | ||
| shell: bash | ||
|
|
||
| - name: Create Setup Script for Linux | ||
| if: ${{ runner.os == 'Linux' }} | ||
| run: | | ||
| cat > setup.sh <<'EOF' | ||
| chmod +x ./opensearch-${{ inputs.opensearch-version}}-SNAPSHOT/plugins/${{ inputs.plugin-name }}/tools/install_demo_configuration.sh | ||
| /bin/bash -c "yes | ./opensearch-${{ inputs.opensearch-version}}-SNAPSHOT/plugins/${{ inputs.plugin-name }}/tools/install_demo_configuration.sh" | ||
| echo "plugins.security.unsupported.restapi.allow_securityconfig_modification: true" >> ./opensearch-${{ inputs.opensearch-version }}-SNAPSHOT/config/opensearch.yml | ||
| EOF | ||
| shell: bash | ||
|
|
||
| - name: Create Setup Script for Windows | ||
| if: ${{ runner.os == 'Windows' }} | ||
| run: | | ||
| New-Item .\setup.bat -type file | ||
| Set-Content .\setup.bat -Value "powershell.exe -noexit -command `".\opensearch-${{ inputs.opensearch-version}}-SNAPSHOT\plugins\${{ inputs.plugin-name }}\tools\install_demo_configuration.bat -y -i -c`"" | ||
| Add-Content -Path .\setup.bat -Value "echo plugins.security.unsupported.restapi.allow_securityconfig_modification: true >> .\opensearch-${{ inputs.opensearch-version}}-SNAPSHOT\config\opensearch.yml" | ||
| Get-Content .\setup.bat | ||
| shell: pwsh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,82 @@ | ||
| name: 'Install Dashboards with Plugin' | ||
| description: 'Installs OpenSearch Dashboard with a Plugin from github, then checkouts the correct dashboards version for the plugin, configures npm/yarn, and bootstraps Dashboards' | ||
|
|
||
| inputs: | ||
| plugin_name: | ||
| description: 'The the name of the plugin to use, such as security-dashboards-plugin' | ||
| required: true | ||
|
|
||
| outputs: | ||
| dashboards-directory: | ||
| description: "The directory where the dashboards has been configured" | ||
| value: ${{ steps.determine-dashboards-directory.outputs.dashboards-directory }} | ||
|
|
||
| plugin-directory: | ||
| description: "The directory where the plugin has been configured" | ||
| value: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} | ||
|
|
||
|
|
||
| runs: | ||
| using: "composite" | ||
| steps: | ||
| - id: determine-dashboards-directory | ||
| run: echo "dashboards-directory=OpenSearch-Dashboards" >> $GITHUB_OUTPUT | ||
| shell: bash | ||
|
|
||
| - id: determine-plugin-directory | ||
| run: echo "::set-output name=plugin-directory::./OpenSearch-Dashboards/plugins/${{ inputs.plugin_name }}" | ||
| shell: bash | ||
|
|
||
| - uses: actions/checkout@v2 | ||
| with: | ||
| path: OpenSearch-Dashboards | ||
| repository: opensearch-project/OpenSearch-Dashboards | ||
| ref: 'main' | ||
| fetch-depth: 0 | ||
|
|
||
| - uses: actions/checkout@v2 | ||
| with: | ||
| path: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} | ||
|
|
||
| - id: osd-version | ||
| run: | | ||
| echo "::set-output name=osd-version::$(cat package.json | jq '.opensearchDashboards.version' | cut -c 2-4)" | ||
| echo "::set-output name=osd-x-version::$(cat package.json | jq '.opensearchDashboards.version' | cut -c 2-3)" | ||
| working-directory: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} | ||
| shell: bash | ||
|
|
||
| - id: branch-switch-if-possible | ||
| continue-on-error: true # Defaults onto main if the branch switch doesn't work | ||
| if: ${{ steps.osd-version.outputs.osd-version }} | ||
| run: git checkout ${{ steps.osd-version.outputs.osd-version }} || git checkout ${{ steps.osd-version.outputs.osd-x-version }}x | ||
| working-directory: ./OpenSearch-Dashboards | ||
| shell: bash | ||
|
|
||
| - id: tool-versions | ||
| run: | | ||
| echo "node_version=$(cat .node-version)" >> $GITHUB_OUTPUT | ||
| echo "yarn_version=$(jq -r '.engines.yarn' package.json)" >> $GITHUB_OUTPUT | ||
| working-directory: OpenSearch-Dashboards | ||
| shell: bash | ||
|
|
||
| - uses: actions/setup-node@v1 | ||
| with: | ||
| node-version: ${{ steps.tool-versions.outputs.node_version }} | ||
| registry-url: 'https://registry.npmjs.org' | ||
|
|
||
| - name: Setup Opensearch Dashboards | ||
| run: | | ||
| npm uninstall -g yarn | ||
| echo "Installing yarn ${{ steps.tool-versions.outputs.yarn_version }}" | ||
| npm i -g yarn@${{ steps.tool-versions.outputs.yarn_version }} | ||
| yarn cache clean | ||
| yarn add sha.js | ||
| working-directory: OpenSearch-Dashboards | ||
| shell: bash | ||
|
|
||
| - name: Bootstrap the OpenSearch Dashboard | ||
| uses: nick-fields/retry@v2 | ||
| with: | ||
| timeout_minutes: 20 | ||
| max_attempts: 2 | ||
| command: yarn --cwd OpenSearch-Dashboards osd bootstrap --oss |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| name: Releases | ||
|
|
||
| on: | ||
| push: | ||
| tags: | ||
| - '*' | ||
|
|
||
| jobs: | ||
|
|
||
| build: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: write | ||
| steps: | ||
| - name: GitHub App token | ||
| id: github_app_token | ||
| uses: tibdex/[email protected] | ||
| with: | ||
| app_id: ${{ secrets.APP_ID }} | ||
| private_key: ${{ secrets.APP_PRIVATE_KEY }} | ||
| installation_id: 22958780 | ||
| - name: Get tag | ||
| id: tag | ||
| uses: dawidd6/action-get-tag@v1 | ||
| - uses: actions/checkout@v2 | ||
| - uses: ncipollo/release-action@v1 | ||
| with: | ||
| github_token: ${{ steps.github_app_token.outputs.token }} | ||
| bodyFile: release-notes/opensearch-security-dashboards-plugin.release-notes-${{steps.tag.outputs.tag}}.md |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,113 +1,91 @@ | ||
| name: Integration Tests | ||
|
|
||
| on: | ||
| pull_request: | ||
| branches: | ||
| - main | ||
| push: | ||
| branches: | ||
| - main | ||
| on: [push, pull_request] | ||
|
|
||
| env: | ||
| TEST_BROWSER_HEADLESS: 1 | ||
| CI: 1 | ||
| PLUGIN_NAME: opensearch-security | ||
|
|
||
| jobs: | ||
| tests: | ||
| name: Run integration tests | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| os: [ ubuntu-latest , windows-latest ] | ||
| runs-on: ${{ matrix.os }} | ||
|
|
||
| steps: | ||
| - name: Download OpenSearch Core | ||
| run: | | ||
| wget https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/1.3.0/488/linux/x64/builds/opensearch/dist/opensearch-min-1.3.0-linux-x64.tar.gz | ||
| tar -xzf opensearch-*.tar.gz | ||
| rm -f opensearch-*.tar.gz | ||
| - name: Checkout Branch | ||
| uses: actions/checkout@v3 | ||
|
|
||
| - name: Download OpenSearch Security Plugin | ||
| run: wget -O opensearch-security.zip https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/1.3.0/488/linux/x64/builds/opensearch/plugins/opensearch-security-1.3.0.0.zip | ||
| - name: Set up JDK | ||
| uses: actions/setup-java@v1 | ||
| with: | ||
| java-version: 11 | ||
|
|
||
| - name: Run OpenSearch with plugin | ||
| - name: Set env | ||
| run: | | ||
| cat > os-ep.sh <<EOF | ||
| yes | opensearch-plugin install file:///docker-host/security-plugin.zip | ||
| chmod +x plugins/opensearch-security/tools/install_demo_configuration.sh | ||
| yes | plugins/opensearch-security/tools/install_demo_configuration.sh | ||
| echo "plugins.security.unsupported.restapi.allow_securityconfig_modification: true" >> /opensearch/config/opensearch.yml | ||
| chown 1001:1001 -R /opensearch | ||
| su -c "/opensearch/bin/opensearch" -s /bin/bash opensearch | ||
| EOF | ||
| docker build -t opensearch-test:latest -f- . <<EOF | ||
| FROM ubuntu:latest | ||
| COPY --chown=1001:1001 os-ep.sh /docker-host/ | ||
| COPY --chown=1001:1001 opensearch-security.zip /docker-host/security-plugin.zip | ||
| COPY --chown=1001:1001 opensearch* /opensearch/ | ||
| RUN chmod +x /docker-host/os-ep.sh | ||
| RUN useradd -u 1001 -s /sbin/nologin opensearch | ||
| ENV PATH="/opensearch/bin:${PATH}" | ||
| WORKDIR /opensearch/ | ||
| ENTRYPOINT /docker-host/os-ep.sh | ||
| EOF | ||
| docker run -d -p 9200:9200 -p 9600:9600 -i opensearch-test:latest | ||
| - name: Checkout OpenSearch Dashboard | ||
| uses: actions/checkout@v2 | ||
| opensearch_version=$(node -p "require('./package.json').opensearchDashboards.version") | ||
| plugin_version=$(node -p "require('./package.json').version") | ||
| echo "OPENSEARCH_VERSION=$opensearch_version" >> $GITHUB_ENV | ||
| echo "PLUGIN_VERSION=$plugin_version" >> $GITHUB_ENV | ||
| shell: bash | ||
|
|
||
| - uses: browser-actions/[email protected] | ||
| - run: geckodriver --version | ||
|
|
||
| - name: Set up Firefox browser | ||
| if: ${{ runner.os == 'Linux' }} | ||
| uses: browser-actions/setup-firefox@v1 | ||
|
|
||
| - run: firefox --version | ||
| if: ${{ runner.os == 'Linux' }} | ||
|
|
||
| # Browser-action version does not work on Windows | ||
| - name: Set up Firefox browser for Windows | ||
| if: ${{ runner.os == 'Windows' }} | ||
| uses: RyanL1997/setup-browser@main | ||
| with: | ||
| path: OpenSearch-Dashboards | ||
| repository: opensearch-project/OpenSearch-Dashboards | ||
| ref: '1.x' | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Create plugins dir | ||
| run: | | ||
| cd ./OpenSearch-Dashboards | ||
| mkdir -p plugins | ||
| - name: Checkout OpenSearch Dashboard Security plugin | ||
| uses: actions/checkout@v2 | ||
| browser: firefox | ||
| version: latest | ||
|
|
||
| - name: Download security plugin and create setup scripts | ||
| uses: ./.github/actions/download-plugin | ||
| with: | ||
| path: OpenSearch-Dashboards/plugins/security-dashboards-plugin | ||
| ref: ${{ github.ref }} | ||
|
|
||
| - name: Check OpenSearch Running | ||
| continue-on-error: true | ||
| run: curl -XGET https://localhost:9200 -u 'admin:admin' -k | ||
|
|
||
| # - name: Get OpenSearch Dashboards version | ||
| # id: osd_version | ||
| # run: | | ||
| # echo "::set-output name=osd_version::$(jq -r '.opensearchDashboards.version' ./OpenSearch-Dashboards/plugins/security-dashboards-plugin/package.json)" | ||
|
|
||
| # - name: Check OpenSearch Dashboards release tag | ||
| # run: | | ||
| # cd ./OpenSearch-Dashboards | ||
| # git checkout tags/${{ steps.osd_version.outputs.osd_version }} -b v${{ steps.osd_version.outputs.osd_version }} | ||
|
|
||
| - name: Get node and yarn versions | ||
| id: versions | ||
| run: | | ||
| echo "::set-output name=node_version::$(cat ./OpenSearch-Dashboards/.node-version)" | ||
| echo "::set-output name=yarn_version::$(jq -r '.engines.yarn' ./OpenSearch-Dashboards/package.json)" | ||
| - name: Setup node | ||
| uses: actions/setup-node@v1 | ||
| opensearch-version: ${{ env.OPENSEARCH_VERSION }} | ||
| plugin-name: ${{ env.PLUGIN_NAME }} | ||
| plugin-version: ${{ env.PLUGIN_VERSION }} | ||
|
|
||
| - name: Run Opensearch with A Single Plugin | ||
| uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main | ||
| with: | ||
| node-version: ${{ steps.versions.outputs.node_version }} | ||
| registry-url: 'https://registry.npmjs.org' | ||
|
|
||
| - name: Install correct yarn version for OpenSearch Dashboards | ||
| run: | | ||
| npm uninstall -g yarn | ||
| echo "Installing yarn ${{ steps.versions_step.outputs.yarn_version }}" | ||
| npm i -g yarn@${{ steps.versions.outputs.yarn_version }} | ||
| - name: Check OpenSearch Running | ||
| continue-on-error: true | ||
| run: curl -XGET https://localhost:9200 -u 'admin:admin' -k | ||
|
|
||
| - name: Bootstrap OpenSearch Dashboards | ||
| run: | | ||
| cd ./OpenSearch-Dashboards | ||
| yarn osd bootstrap | ||
| - name: Run integration tests | ||
| opensearch-version: ${{ env.OPENSEARCH_VERSION }} | ||
| plugin-name: ${{ env.PLUGIN_NAME }} | ||
| setup-script-name: setup | ||
|
|
||
| - id: install-dashboards | ||
| uses: ./.github/actions/install-dashboards | ||
| with: | ||
| plugin_name: security-dashboards-plugin | ||
|
|
||
| - name: Start Dashboards in background | ||
| run: node scripts/build_opensearch_dashboards_platform_plugins.js | ||
| working-directory: ${{ steps.install-dashboards.outputs.dashboards-directory }} | ||
|
|
||
| - name: Run integration tests on Linux | ||
| if: ${{ runner.os == 'Linux' }} | ||
| run: | | ||
| echo "check if opensearch is ready" | ||
| curl -XGET https://localhost:9200 -u 'admin:admin' -k | ||
| cd ./OpenSearch-Dashboards/plugins/security-dashboards-plugin | ||
| yarn test:jest_server --coverage | ||
| working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }} | ||
|
|
||
| - name: Run integration tests on Windows | ||
| if: ${{ runner.os == 'Windows' }} | ||
| run: | | ||
| echo "check if opensearch is ready" | ||
| curl -XGET https://localhost:9200 -u 'admin:admin' -k | ||
| node .\test\run_jest_tests.js --config .\test\jest.config.server.js --testPathIgnorePatterns saml_auth.test.ts | ||
| working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }} |
Oops, something went wrong.