Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Backport 2.11] Add integration test against security enabled cluster #515

Merged
merged 1 commit into from
Oct 5, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
88 changes: 88 additions & 0 deletions .github/workflows/test_security.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
name: Test Geospatial on Secure Cluster
on:
schedule:
- cron: '0 0 * * *' # every night
push:
branches:
- "*"
- "feature/**"
pull_request:
branches:
- "*"
- "feature/**"

jobs:
Build-ad:
strategy:
matrix:
java: [ 11,17 ]
os: [ubuntu-latest]
fail-fast: true

name: Test Geospatial on Secure Cluster
runs-on: ${{ matrix.os }}

steps:
- name: Checkout Geospatial
uses: actions/checkout@v1

- name: Setup Java ${{ matrix.java }}
uses: actions/setup-java@v1
with:
java-version: ${{ matrix.java }}

- name: Assemble Geospatial
run: |
./gradlew assemble

# example of variables:
# plugin = opensearch-geospatial-2.7.0.0-SNAPSHOT.zip
# version = 2.7.0
# plugin_version = 2.7.0.0
# qualifier = `SNAPSHOT`
- name: Pull and Run Docker
run: |
plugin=`basename $(ls build/distributions/*.zip)`
version=`echo $plugin|awk -F- '{print $3}'| cut -d. -f 1-3`
plugin_version=`echo $plugin|awk -F- '{print $3}'| cut -d. -f 1-4`
qualifier=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-1`
if [ $qualifier != `SNAPSHOT` ];
then
docker_version=$version-$qualifier
else
docker_version=$version
fi
echo plugin version plugin_version qualifier docker_version
echo "($plugin) ($version) ($plugin_version) ($qualifier) ($docker_version)"

cd ..
if docker pull opensearchstaging/opensearch:$docker_version
then
echo "FROM opensearchstaging/opensearch:$docker_version" >> Dockerfile
echo "RUN if [ -d /usr/share/opensearch/plugins/opensearch-geospatial ]; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-geospatial; fi" >> Dockerfile
echo "ADD geospatial/build/distributions/$plugin /tmp/" >> Dockerfile
echo "RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/$plugin" >> Dockerfile
docker build -t opensearch-geospatial:test .
echo "imagePresent=true" >> $GITHUB_ENV
else
echo "imagePresent=false" >> $GITHUB_ENV
fi

- name: Run Docker Image
if: env.imagePresent == 'true'
run: |
cd ..
docker run -p 9200:9200 -d -p 9600:9600 -e "discovery.type=single-node" opensearch-geospatial:test
sleep 90

- name: Run Geospatial Integ Test
if: env.imagePresent == 'true'
run: |
security=`curl -XGET https://localhost:9200/_cat/plugins?v -u admin:admin --insecure |grep opensearch-security|wc -l`
if [ $security -gt 0 ]
then
echo "Security plugin is available"
./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=admin
else
echo "Security plugin is NOT available, skipping integration tests"
fi
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
### Enhancements
### Bug Fixes
### Infrastructure
* Add integration test against security enabled cluster ([#513](https://github.com/opensearch-project/geospatial/pull/513))
### Documentation
### Maintenance
### Refactoring
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ public abstract class OpenSearchSecureRestTestCase extends OpenSearchRestTestCas
private static final String SYS_PROPERTY_KEY_PASSWORD = "password";
private static final String DEFAULT_SOCKET_TIMEOUT = "60s";
private static final String INTERNAL_INDICES_PREFIX = ".";
private static final String SYSTEM_INDEX_PREFIX = "security-auditlog";
private static String protocol;

@Override
Expand Down Expand Up @@ -150,6 +151,10 @@ public void deleteExternalIndices() throws IOException {
.map(index -> (String) index.get("index"))
.filter(indexName -> indexName != null)
.filter(indexName -> !indexName.startsWith(INTERNAL_INDICES_PREFIX))
// This is hack to remove the security audit index from deletion. We will need a proper fix where
// we delete the indices after a test is completed.
// Issue: https://github.com/opensearch-project/geospatial/issues/428
.filter(indexName -> !indexName.startsWith(SYSTEM_INDEX_PREFIX))
.collect(Collectors.toList());

for (String indexName : externalIndices) {
Expand Down