Skip to content

Updates sample cert and admin keystore (#862) #970

Updates sample cert and admin keystore (#862)

Updates sample cert and admin keystore (#862) #970

##
# Copyright OpenSearch Contributors
# SPDX-License-Identifier: Apache-2.0
##
name: Security Test and Build Notifications
on: [push, pull_request]
jobs:
build:
strategy:
# This setting says that all jobs should finish, even if one fails
fail-fast: false
matrix:
java: [11, 17, 21]
runs-on: ubuntu-latest
steps:
- name: Set up JDK ${{ matrix.java }}
uses: actions/setup-java@v2
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: ${{ matrix.java }}
# notifications
- name: Checkout Notifications
uses: actions/checkout@v2
# Temporarily exclude tests which causing CI to fail. Tracking in #251
- name: Build with Gradle
# Only assembling since the full build is governed by other workflows
run: |
cd notifications
./gradlew assemble
- name: Pull and Run Docker
run: |
plugin_core=`basename $(ls notifications/core/build/distributions/*.zip)`
plugin=`basename $(ls notifications/notifications/build/distributions/*.zip)`
list_of_files=`ls`
list_of_all_files=`ls notifications/core/build/distributions/`
version=`echo $plugin|awk -F- '{print $3}'| cut -d. -f 1-3`
plugin_version=`echo $plugin|awk -F- '{print $3}'| cut -d. -f 1-4`
qualifier=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-1`
candidate_version=`echo $plugin|awk -F- '{print $5}'| cut -d. -f 1-1`
docker_version=$version
[[ -z $candidate_version ]] && candidate_version=$qualifier && qualifier=""
echo plugin version plugin_version qualifier candidate_version docker_version
echo "($plugin) ($version) ($plugin_version) ($qualifier) ($candidate_version) ($docker_version)"
echo $ls $list_of_all_files
if docker pull opensearchstaging/opensearch:$docker_version
then
echo "FROM opensearchstaging/opensearch:$docker_version" >> Dockerfile
# Making the removal of the existing plugins in the docker image conditional in case this workflow is running before the new version of the plugins are published to the Docker image
echo "RUN if /usr/share/opensearch/bin/opensearch-plugin list | grep -q 'opensearch-notifications$'; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-notifications; fi" >> Dockerfile
echo "RUN if /usr/share/opensearch/bin/opensearch-plugin list | grep -q 'opensearch-notifications-core$'; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-notifications-core; fi" >> Dockerfile
echo "ADD notifications/core/build/distributions/$plugin_core /tmp/" >> Dockerfile
echo "RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/$plugin_core" >> Dockerfile
echo "ADD notifications/notifications/build/distributions/$plugin /tmp/" >> Dockerfile
echo "RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/$plugin" >> Dockerfile
docker build -t opensearch-notifications:test .
echo "imagePresent=true" >> $GITHUB_ENV
else
echo "imagePresent=false" >> $GITHUB_ENV
fi
- name: Run Docker Image
if: env.imagePresent == 'true'
run: |
cd ..
container_id=`docker run -p 9200:9200 -d -p 9600:9600 -e "OPENSEARCH_INITIAL_ADMIN_PASSWORD=myStrongPassword123!" -e "discovery.type=single-node" opensearch-notifications:test`
sleep 120
echo `docker logs $container_id`
- name: Run Notification Test for security enabled test cases
if: env.imagePresent == 'true'
run: |
container_id=`docker ps -q`
plugins=`docker exec $container_id /usr/share/opensearch/bin/opensearch-plugin list`
echo "plugins: $plugins"
security=`echo $plugins | grep opensearch-security | wc -l`
if [ $security -gt 0 ]
then
echo "Security plugin is available"
cd notifications
./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername=docker-cluster -Dhttps=true -Duser=admin -Dpassword=myStrongPassword123!
else
echo "Security plugin is NOT available skipping this run as tests without security have already been run"
exit 1
fi