-
Notifications
You must be signed in to change notification settings - Fork 73
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Converts .opendistro-job-scheduler-lock index into a system index #474
Conversation
Codecov Report
@@ Coverage Diff @@
## main #474 +/- ##
============================================
- Coverage 29.19% 29.17% -0.03%
Complexity 98 98
============================================
Files 22 22
Lines 1185 1186 +1
Branches 109 109
============================================
Hits 346 346
- Misses 818 819 +1
Partials 21 21
|
spi/src/main/java/org/opensearch/jobscheduler/spi/utils/LockService.java
Show resolved
Hide resolved
Signed-off-by: Joshua Palis <[email protected]>
Interestingly the SampleJobRunnerIT tests are failing consistently, but pass locally. I will continue to look into this |
Signed-off-by: Joshua Palis <[email protected]>
spi/src/main/java/org/opensearch/jobscheduler/spi/utils/LockService.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Joshua Palis <[email protected]>
Tests are failing |
It may be the case that JobScheduler does not need to wrap calls to interact with the lock system index inside of a Typically stashContext is used within plugins when handling authenticated requests. (i.e. API Endpoint Handling) which JS does not do to my knowledge. A good example is Anomaly Detection create detector.
If JS is always outside of an authenticated user context than stashing the threadcontext could be considered redundant, however, there are other avenues for plugins to inject roles/user into the threadcontext so stashing the context ensures that the block executing code has a clean slate. |
I've observed that the integration tests would fail consistently after this change, at first I considered it might be a transitive error but after a few test runs it hasn't been resolved. I'll opt to revert the changes to stash the thread context |
Signed-off-by: Joshua Palis <[email protected]>
* Converts .opendistro-job-scheduler-lock into a system index Signed-off-by: Joshua Palis <[email protected]> * testing Signed-off-by: Joshua Palis <[email protected]> * setting fail-fast to false Signed-off-by: Joshua Palis <[email protected]> * reverting CI/thread context modifications to the lockservice Signed-off-by: Joshua Palis <[email protected]> --------- Signed-off-by: Joshua Palis <[email protected]> (cherry picked from commit 0cec350)
…) (#478) * Converts .opendistro-job-scheduler-lock into a system index Signed-off-by: Joshua Palis <[email protected]> * testing Signed-off-by: Joshua Palis <[email protected]> * setting fail-fast to false Signed-off-by: Joshua Palis <[email protected]> * reverting CI/thread context modifications to the lockservice Signed-off-by: Joshua Palis <[email protected]> --------- Signed-off-by: Joshua Palis <[email protected]> (cherry picked from commit 0cec350) Co-authored-by: Joshua Palis <[email protected]>
…ndex (opensearch-project#474) (opensearch-project#478)" This reverts commit 9107d41.
Description
Actioning two issues to convert the
.opendistro-job-scheduler-lock
index into a system index.This PR makes the following modifications :
JobSchedulerPlugin
implement theSystemIndexPlugin
and overrides thegetSystemIndexDescriptors
extension pointwraps each instance in which the plugin interacts with the system index within theLockService
to stash the threadcontext prior to executing a CRUD operation. From a security perspective this allows the plugin to go into a local trusted mode in which they are allowed to interact with the system indexNext steps :
Issues Resolved
#466 - System Index Usage Verification
#305
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.