diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 05f144533..206f8a630 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -3,7 +3,7 @@ *Description of changes:* *CheckList:* -[ ] Commits are signed per the DCO using --signoff +- [ ] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/alerting/blob/main/CONTRIBUTING.md#developer-certificate-of-origin). \ No newline at end of file diff --git a/alerting/src/test/kotlin/org/opensearch/alerting/AlertingRestTestCase.kt b/alerting/src/test/kotlin/org/opensearch/alerting/AlertingRestTestCase.kt index 07c115b95..3e676af40 100644 --- a/alerting/src/test/kotlin/org/opensearch/alerting/AlertingRestTestCase.kt +++ b/alerting/src/test/kotlin/org/opensearch/alerting/AlertingRestTestCase.kt @@ -80,6 +80,8 @@ import javax.management.remote.JMXServiceURL */ abstract class AlertingRestTestCase : ODFERestTestCase() { + protected val password = "D%LMX3bo#@U3XqVQ" + protected val isDebuggingTest = DisableOnDebug(null).isDebugging protected val isDebuggingRemoteCluster = System.getProperty("cluster.debug", "false")!!.toBoolean() protected val numberOfNodes = System.getProperty("cluster.number_of_nodes", "1")!!.toInt() @@ -1133,11 +1135,11 @@ abstract class AlertingRestTestCase : ODFERestTestCase() { client().updateSettings(DestinationSettings.ALLOW_LIST.key, allowedDestinations) } - fun createUser(name: String, passwd: String, backendRoles: Array) { + fun createUser(name: String, backendRoles: Array) { val request = Request("PUT", "/_plugins/_security/api/internalusers/$name") val broles = backendRoles.joinToString { it -> "\"$it\"" } var entity = " {\n" + - "\"password\": \"$passwd\",\n" + + "\"password\": \"$password\",\n" + "\"backend_roles\": [$broles],\n" + "\"attributes\": {\n" + "}} " @@ -1277,7 +1279,7 @@ abstract class AlertingRestTestCase : ODFERestTestCase() { } fun createUserWithTestData(user: String, index: String, role: String, backendRole: String) { - createUser(user, user, arrayOf(backendRole)) + createUser(user, arrayOf(backendRole)) createTestIndex(index) createIndexRole(role, index) createUserRolesMapping(role, arrayOf(user)) @@ -1290,7 +1292,7 @@ abstract class AlertingRestTestCase : ODFERestTestCase() { backendRoles: List, clusterPermissions: String? ) { - createUser(user, user, backendRoles.toTypedArray()) + createUser(user, backendRoles.toTypedArray()) createTestIndex(index) createCustomIndexRole(role, index, clusterPermissions) createUserRolesMapping(role, arrayOf(user)) @@ -1302,7 +1304,7 @@ abstract class AlertingRestTestCase : ODFERestTestCase() { backendRoles: List, isExistingRole: Boolean ) { - createUser(user, user, backendRoles.toTypedArray()) + createUser(user, backendRoles.toTypedArray()) for (role in roles) { if (isExistingRole) { updateRoleMapping(role, listOf(user), true) @@ -1319,7 +1321,7 @@ abstract class AlertingRestTestCase : ODFERestTestCase() { backendRole: String, dlsQuery: String ) { - createUser(user, user, arrayOf(backendRole)) + createUser(user, arrayOf(backendRole)) createTestIndex(index) createIndexRoleWithDocLevelSecurity(role, index, dlsQuery) createUserRolesMapping(role, arrayOf(user)) @@ -1333,7 +1335,7 @@ abstract class AlertingRestTestCase : ODFERestTestCase() { dlsQuery: String, clusterPermissions: String? ) { - createUser(user, user, arrayOf(backendRole)) + createUser(user, arrayOf(backendRole)) createTestIndex(index) createIndexRoleWithDocLevelSecurity(role, index, dlsQuery) createCustomIndexRole(role, index, clusterPermissions) diff --git a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureDestinationRestApiIT.kt b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureDestinationRestApiIT.kt index cb1d32cdb..482b6cf3b 100644 --- a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureDestinationRestApiIT.kt +++ b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureDestinationRestApiIT.kt @@ -48,8 +48,8 @@ class SecureDestinationRestApiIT : AlertingRestTestCase() { @Before fun create() { if (userClient == null) { - createUser(user, user, arrayOf()) - userClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), user, user).setSocketTimeout(60000).build() + createUser(user, arrayOf()) + userClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), user, password).setSocketTimeout(60000).build() } } diff --git a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureEmailAccountRestApiIT.kt b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureEmailAccountRestApiIT.kt index 1802714dc..7310b3c6e 100644 --- a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureEmailAccountRestApiIT.kt +++ b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureEmailAccountRestApiIT.kt @@ -59,8 +59,8 @@ class SecureEmailAccountRestApiIT : AlertingRestTestCase() { @Before fun create() { if (userClient == null) { - createUser(user, user, arrayOf()) - userClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), user, user).setSocketTimeout(60000).build() + createUser(user, arrayOf()) + userClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), user, password).setSocketTimeout(60000).build() } } diff --git a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureEmailGroupsRestApiIT.kt b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureEmailGroupsRestApiIT.kt index 1c575cb3f..f6f0e32ee 100644 --- a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureEmailGroupsRestApiIT.kt +++ b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureEmailGroupsRestApiIT.kt @@ -59,8 +59,8 @@ class SecureEmailGroupsRestApiIT : AlertingRestTestCase() { @Before fun create() { if (userClient == null) { - createUser(user, user, arrayOf()) - userClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), user, user).setSocketTimeout(60000).build() + createUser(user, arrayOf()) + userClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), user, password).setSocketTimeout(60000).build() } } diff --git a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureMonitorRestApiIT.kt b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureMonitorRestApiIT.kt index cc3a5c890..dae878872 100644 --- a/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureMonitorRestApiIT.kt +++ b/alerting/src/test/kotlin/org/opensearch/alerting/resthandler/SecureMonitorRestApiIT.kt @@ -86,8 +86,8 @@ class SecureMonitorRestApiIT : AlertingRestTestCase() { @Before fun create() { if (userClient == null) { - createUser(user, user, arrayOf()) - userClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), user, user).setSocketTimeout(60000).build() + createUser(user, arrayOf()) + userClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), user, password).setSocketTimeout(60000).build() } } @@ -395,7 +395,7 @@ class SecureMonitorRestApiIT : AlertingRestTestCase() { listOf("role2"), getClusterPermissionsFromCustomRole(ALERTING_GET_MONITOR_ACCESS) ) - val getUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), getUser, getUser) + val getUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), getUser, password) .setSocketTimeout(60000).build() val getMonitorResponse = getUserClient?.makeRequest( @@ -588,7 +588,7 @@ class SecureMonitorRestApiIT : AlertingRestTestCase() { listOf("role2"), getClusterPermissionsFromCustomRole(ALERTING_GET_MONITOR_ACCESS) ) - val getUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), getUser, getUser) + val getUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), getUser, password) .setSocketTimeout(60000).build() val getMonitorResponse = getUserClient?.makeRequest( @@ -724,7 +724,7 @@ class SecureMonitorRestApiIT : AlertingRestTestCase() { listOf("role2"), getClusterPermissionsFromCustomRole(ALERTING_GET_MONITOR_ACCESS) ) - val getUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), getUser, getUser) + val getUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), getUser, password) .setSocketTimeout(60000).build() val getMonitorResponse = getUserClient?.makeRequest( @@ -777,7 +777,7 @@ class SecureMonitorRestApiIT : AlertingRestTestCase() { false ) - val updateUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), updateUser, updateUser) + val updateUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), updateUser, password) .setSocketTimeout(60000).build() val updatedMonitor = updateMonitorWithClient(updateUserClient, createdMonitor, listOf("role5")) @@ -828,7 +828,7 @@ class SecureMonitorRestApiIT : AlertingRestTestCase() { listOf("role1", "role2"), getClusterPermissionsFromCustomRole(ALERTING_GET_MONITOR_ACCESS) ) - val getUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), getUser, getUser) + val getUserClient = SecureRestClientBuilder(clusterHosts.toTypedArray(), isHttps(), getUser, password) .setSocketTimeout(60000).build() val getMonitorResponse = getUserClient?.makeRequest( @@ -1342,7 +1342,7 @@ class SecureMonitorRestApiIT : AlertingRestTestCase() { TODO: https://github.com/opensearch-project/alerting/issues/300 */ fun `test execute query-level monitor with user having partial index permissions`() { - createUser(user, user, arrayOf(TEST_HR_BACKEND_ROLE)) + createUser(user, arrayOf(TEST_HR_BACKEND_ROLE)) createTestIndex(TEST_HR_INDEX) createIndexRoleWithDocLevelSecurity( TEST_HR_ROLE, @@ -1398,7 +1398,7 @@ class SecureMonitorRestApiIT : AlertingRestTestCase() { } fun `test execute bucket-level monitor with user having partial index permissions`() { - createUser(user, user, arrayOf(TEST_HR_BACKEND_ROLE)) + createUser(user, arrayOf(TEST_HR_BACKEND_ROLE)) createTestIndex(TEST_HR_INDEX) createIndexRoleWithDocLevelSecurity( TEST_HR_ROLE, @@ -1474,7 +1474,7 @@ class SecureMonitorRestApiIT : AlertingRestTestCase() { */ fun `test create monitor failure clean up with a user without delete monitor access`() { enableFilterBy() - createUser(user, user, listOf(TEST_HR_BACKEND_ROLE, "role2").toTypedArray()) + createUser(user, listOf(TEST_HR_BACKEND_ROLE, "role2").toTypedArray()) createTestIndex(TEST_HR_INDEX) createCustomIndexRole( ALERTING_INDEX_MONITOR_ACCESS,