Skip to content

Commit

Permalink
Opensearch security plugin windows install certs demo config and add …
Browse files Browse the repository at this point in the history
…batch install script (#2704)

* Security script for install.sh add windows specific changes

Signed-off-by: Peter Zhu <[email protected]>

* Add Windows install batch and resolve security plugin demo config issues

Signed-off-by: Peter Zhu <[email protected]>

* Add more comments

Signed-off-by: Peter Zhu <[email protected]>

* Add more comments

Signed-off-by: Peter Zhu <[email protected]>

* Add more comments

Signed-off-by: Peter Zhu <[email protected]>

* Add more comments

Signed-off-by: Peter Zhu <[email protected]>

* Add sql 2.4.0

Signed-off-by: Peter Zhu <[email protected]>

* Add sql 2.4.0

Signed-off-by: Peter Zhu <[email protected]>

* Add comments

Signed-off-by: Peter Zhu <[email protected]>

* Add comments

Signed-off-by: Peter Zhu <[email protected]>

* Add comments

Signed-off-by: Peter Zhu <[email protected]>

Signed-off-by: Peter Zhu <[email protected]>
  • Loading branch information
peterzhuamazon authored Oct 10, 2022
1 parent 6b71a5f commit 1d84633
Show file tree
Hide file tree
Showing 7 changed files with 151 additions and 3 deletions.
22 changes: 22 additions & 0 deletions DEVELOPER_GUIDE.md
Original file line number Diff line number Diff line change
Expand Up @@ -276,7 +276,29 @@ Each jenkins library should have a test case associated with it. Eg: [TestSignAr
- Jenkins' library test should extend [BuildPipelineTest.groovy](tests/jenkins/BuildPipelineTest.groovy)
- Create a dummy job such as [Hello_Jenkinsfile](tests/jenkins/jobs/Hello_Jenkinsfile) to call and test the function
and output [Hello_Jenkinsfile.txt](tests/jenkins/jobs/Hello_Jenkinsfile.txt)
- If using remote libs from [opensearch-build-libraries](https://github.com/opensearch-project/opensearch-build-libraries) repository with tag (ex: 1.0.0), make sure
both the Jenkins Test file as well as the Jenkins Job file are overriding the libs version with the same tag (ex: 1.0.0), or Jacoco test will fail to generate reports.
This would happen if defaultVersion in BuildPipelineTest.groovy (default to 'main') have a different HEAD commit id compares to tag commit id you defined to use.
```
super.setUp()
......
helper.registerSharedLibrary(
library().name('jenkins')
.defaultVersion('1.0.0')
.allowOverride(true)
.implicit(true)
.targetPath('vars')
.retriever(gitSource('https://github.com/opensearch-project/opensearch-build-libraries.git'))
.build()
)
```

```
lib = library(identifier: '[email protected]', retriever: modernSCM([
$class: 'GitSCMSource',
remote: 'https://github.com/opensearch-project/opensearch-build-libraries.git',
]))
```

#### Testing in Jenkins
* [Build_OpenSearch_Dashboards_Jenkinsfile](tests/jenkins/jobs/Build_OpenSearch_Dashboards_Jenkinsfile): is similar to [OpenSearch Dashboards Jenkinsfile](jenkins/opensearch-dashboards/Jenkinsfile) w/o notifications.
Expand Down
9 changes: 9 additions & 0 deletions manifests/2.4.0/opensearch-2.4.0.yml
Original file line number Diff line number Diff line change
Expand Up @@ -101,3 +101,12 @@ components:
checks:
- gradle:properties:version
- gradle:dependencies:opensearch.version
- name: sql
repository: https://github.com/opensearch-project/sql.git
ref: '2.x'
platforms:
- linux
- windows
checks:
- gradle:properties:version
- gradle:dependencies:opensearch.version: opensearch-sql-plugin
8 changes: 5 additions & 3 deletions scripts/components/OpenSearch/install.sh
Original file line number Diff line number Diff line change
Expand Up @@ -80,9 +80,11 @@ cd $DIR

## Copy the tar installation script into the bundle
if [ "$DISTRIBUTION" = "tar" ]; then
cp ../../../scripts/legacy/tar/linux/opensearch-tar-install.sh "$OUTPUT/"
cp -v ../../../scripts/startup/tar/linux/opensearch-tar-install.sh "$OUTPUT/"

elif [ "$DISTRIBUTION" = "rpm" ]; then
cp -a ../../../scripts/pkg/service_templates/opensearch/* "$OUTPUT/../"
cp -a ../../../scripts/pkg/build_templates/opensearch/* "$OUTPUT/../"
cp -va ../../../scripts/pkg/service_templates/opensearch/* "$OUTPUT/../"
cp -va ../../../scripts/pkg/build_templates/opensearch/* "$OUTPUT/../"
elif [ "$DISTRIBUTION" = "zip" ] && [ "$PLATFORM" = "windows" ]; then
cp -v ../../../scripts/startup/zip/windows/opensearch-windows-install.bat "$OUTPUT/"
fi
83 changes: 83 additions & 0 deletions scripts/components/security/install.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
#!/bin/bash

# Copyright OpenSearch Contributors
# SPDX-License-Identifier: Apache-2.0
#
# The OpenSearch Contributors require contributions made to
# this file be licensed under the Apache-2.0 license or a
# compatible open source license.

set -ex

function usage() {
echo "Usage: $0 [args]"
echo ""
echo "Arguments:"
echo -e "-v VERSION\t[Required] OpenSearch version."
echo -e "-s SNAPSHOT\t[Optional] Build a snapshot, default is 'false'."
echo -e "-p PLATFORM\t[Optional] Platform, default is 'uname -s'."
echo -e "-a ARCHITECTURE\t[Optional] Build architecture, default is 'uname -m'."
echo -e "-f ARTIFACTS\t[Optional] Location of build artifacts."
echo -e "-o OUTPUT\t[Optional] Output path."
echo -e "-h help"
}

while getopts ":h:v:q:s:o:p:a:f:" arg; do
case $arg in
h)
usage
exit 1
;;
v)
VERSION=$OPTARG
;;
q)
QUALIFIER=$OPTARG
;;
s)
SNAPSHOT=$OPTARG
;;
o)
OUTPUT=$OPTARG
;;
p)
PLATFORM=$OPTARG
;;
a)
ARCHITECTURE=$OPTARG
;;
f)
ARTIFACTS=$ARTIFACTS
;;
:)
echo "Error: -${OPTARG} requires an argument"
usage
exit 1
;;
?)
echo "Invalid option: -${arg}"
exit 1
;;
esac
done

if [ -z "$VERSION" ]; then
echo "Error: missing version."
usage
exit 1
fi

[ -z "$SNAPSHOT" ] && SNAPSHOT="false"
[ -z "$PLATFORM" ] && PLATFORM=$(uname -s | awk '{print tolower($0)}')
[ -z "$ARCHITECTURE" ] && ARCHITECTURE=`uname -m`

SECURITY_PLUGIN="opensearch-security"
chmod -c 755 $OUTPUT/plugins/$SECURITY_PLUGIN/tools/*.sh

if [ "$PLATFORM" = "windows" ]; then
chmod -c 755 $OUTPUT/plugins/$SECURITY_PLUGIN/tools/*.bat

# Temporary solution to run shell script on Windows through MinGW
# Tracking issue: https://github.com/opensearch-project/security/issues/2148
$OUTPUT/plugins/$SECURITY_PLUGIN/tools/install_demo_configuration.sh -y -i -s
fi
22 changes: 22 additions & 0 deletions scripts/startup/zip/windows/opensearch-windows-install.bat
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
:: SPDX-License-Identifier: Apache-2.0
:: Copyright OpenSearch Contributors

@echo off

:: Set variables and cd into the location of the batch script
PUSHD "%~dp0"
SET "OPENSEARCH_HOME=%CD%"
SET "OPENSEARCH_PATH_CONF=%OPENSEARCH_HOME%\config"

:: Echo User Inputs
ECHO "OPENSEARCH_HOME: %OPENSEARCH_HOME%"
ECHO "OPENSEARCH_PATH_CONF: %OPENSEARCH_PATH_CONF%"

:: Start OpenSearch
ECHO Start OpenSearch
IF "%~1" == "" (
CALL "%OPENSEARCH_HOME%\bin\opensearch.bat"
) ELSE (
CALL "%OPENSEARCH_HOME%\bin\opensearch.bat" "%*"
)

10 changes: 10 additions & 0 deletions tests/jenkins/TestDockerScanJob.groovy
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,16 @@ class TestDockerScanJob extends BuildPipelineTest {

super.setUp()

helper.registerSharedLibrary(
library().name('jenkins')
.defaultVersion('1.0.1')
.allowOverride(true)
.implicit(true)
.targetPath('vars')
.retriever(gitSource('https://github.com/opensearch-project/opensearch-build-libraries.git'))
.build()
)

// Variables
binding.setVariable('IMAGE_FULL_NAME', 'alpine:3')

Expand Down

0 comments on commit 1d84633

Please sign in to comment.