Skip to content

Commit

Permalink
Merge branch 'opensearch-project:main' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
@rishabh6788
rishabh6788 committed Sep 4, 2024
2 parents 571b70d + c527d8d commit 10a5611
Show file tree
Hide file tree
Showing 66 changed files with 14,192 additions and 279 deletions.
18 changes: 0 additions & 18 deletions .github/workflows/dco.yml
View file

This file was deleted.

32 changes: 32 additions & 0 deletions .github/workflows/keycloak-build-test.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: Keycloak Build and Test

on:
pull_request:
paths:
- keycloak/**

jobs:
build-and-test:
runs-on: ubuntu-latest
defaults:
run:
working-directory: keycloak

steps:
- uses: actions/checkout@v3

- uses: actions/setup-node@v4
with:
node-version: 16.x

- name: Run CDK Build and Test
run: |
npm install
npm run build
- name: Run test coverage
run: |
npm test -- --coverage
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v3
5 changes: 3 additions & 2 deletions .github/workflows/nightly-playground-deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ jobs:
pipenv install --deploy --dev
- name: Validate OS and OSD
run: ./validation.sh --file-path opensearch=${{needs.set-os-osd-urls.outputs.OPENSEARCH_URL}} opensearch-dashboards=${{needs.set-os-osd-urls.outputs.OPENSEARCH_DASHBOARDS_URL}}
run: unset JAVA_HOME && ./validation.sh --file-path opensearch=${{needs.set-os-osd-urls.outputs.OPENSEARCH_URL}} opensearch-dashboards=${{needs.set-os-osd-urls.outputs.OPENSEARCH_DASHBOARDS_URL}}

- uses: actions/checkout@v3

Expand All @@ -77,7 +77,8 @@ jobs:
npm install
playground_id=`echo ${{inputs.dist_version}} | cut -d. -f1`x
echo "PLAYGROUND_ID=$playground_id" >> "$GITHUB_OUTPUT"
npm run cdk deploy "infra*" -- -c playGroundId=$playground_id -c distVersion=${{inputs.dist_version}} -c distributionUrl=${{needs.set-os-osd-urls.outputs.OPENSEARCH_URL}} -c dashboardsUrl=${{needs.set-os-osd-urls.outputs.OPENSEARCH_DASHBOARDS_URL}} -c dashboardPassword=${{ SECRETS.DASHBOARDS_PASSWORD }} -c adminPassword=${{ SECRETS.OPENSEARCH_PASSWORD }} --require-approval never
aws s3 cp s3://nightly-playgrounds-snapshots-bucket/internal_users.yml resources/security-config/internal_users.yml
npm run cdk deploy "infra*" -- -c playGroundId=$playground_id -c distVersion=${{inputs.dist_version}} -c distributionUrl=${{needs.set-os-osd-urls.outputs.OPENSEARCH_URL}} -c dashboardsUrl=${{needs.set-os-osd-urls.outputs.OPENSEARCH_DASHBOARDS_URL}} -c dashboardPassword=${{ SECRETS.DASHBOARDS_PASSWORD }} -c adminPassword=${{ SECRETS.OPENSEARCH_PASSWORD }} -c dashboardOpenIDClientSecret=${{ SECRETS.DASHBOARD_OPENID_CLIENT_SECRET }} --require-approval never
echo "ENDPOINT=$(aws cloudformation --region us-west-2 describe-stacks --stack-name infraStack-$playground_id --query 'Stacks[0].Outputs[0].OutputValue' --output text)" >> "$GITHUB_OUTPUT"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/nightly-playground-trigger.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
deploy-nightly-playground:
strategy:
matrix:
dist_version: ['2.14.0', '3.0.0']
dist_version: ['2.17.0', '3.0.0']
fail-fast: false
uses: ./.github/workflows/nightly-playground-deploy.yml
secrets: inherit
Expand Down
23 changes: 23 additions & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
*.js
!.eslintrc.js
!jest.config.js
*.d.ts
node_modules
cdk.context.json
.DS_Store
lib/.DS_Store

# CDK asset staging directory
.cdk.staging
cdk.out

# Coverage directory used by tools like istanbul
coverage

# coverage output
coverage.lcov

# excluding intellij Idea files
*.iml
.idea/
.vscode/
13 changes: 13 additions & 0 deletions Pipfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"

[packages]
requests = "*"

[dev-packages]

[requires]
python_version = "3.10"
python_full_version = "3.10.13"
151 changes: 151 additions & 0 deletions Pipfile.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions jenkins-control-plane/infra/.gitignore → benchmark-control-plane/infra/.gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,5 @@ node_modules
# CDK asset staging directory
.cdk.staging
cdk.out
.DS_Store
../.DS_Store
0 jenkins-control-plane/infra/.npmignore → benchmark-control-plane/infra/.npmignore
View file
File renamed without changes.
0 jenkins-control-plane/infra/README.md → benchmark-control-plane/infra/README.md
View file
File renamed without changes.
0 jenkins-control-plane/infra/bin/infra.ts → benchmark-control-plane/infra/bin/infra.ts
View file
File renamed without changes.
0 jenkins-control-plane/infra/cdk.context.json → ...mark-control-plane/infra/cdk.context.json
View file
File renamed without changes.
0 jenkins-control-plane/infra/cdk.json → benchmark-control-plane/infra/cdk.json
View file
File renamed without changes.
0 jenkins-control-plane/infra/jest.config.js → benchmark-control-plane/infra/jest.config.js
View file
File renamed without changes.
0 jenkins-control-plane/infra/lib/Pipfile → benchmark-control-plane/infra/lib/Pipfile
View file
File renamed without changes.
0 ...a/lib/compute/benchmarkLambdaFunctions.ts → ...a/lib/compute/benchmarkLambdaFunctions.ts
View file
File renamed without changes.
0 ...ns-control-plane/infra/lib/lambda/Pipfile → ...rk-control-plane/infra/lib/lambda/Pipfile
View file
File renamed without changes.
0 ...ntrol-plane/infra/lib/lambda/Pipfile.lock → ...ntrol-plane/infra/lib/lambda/Pipfile.lock
View file
File renamed without changes.
0 ...ontrol-plane/infra/lib/lambda/__init__.py → ...ontrol-plane/infra/lib/lambda/__init__.py
View file
File renamed without changes.
0 ...ne/infra/lib/lambda/custom_lambda_auth.py → ...ne/infra/lib/lambda/custom_lambda_auth.py
View file
File renamed without changes.
4 changes: 2 additions & 2 deletions ...ne/infra/lib/lambda/submit_jenkins_job.py → ...ne/infra/lib/lambda/submit_jenkins_job.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,10 @@ def handler(event, context):

if 'submitBenchmarkRun' in resource:
secret_name = 'benchmark-job-token'
jenkins_job_name = 'zsngri-gradle-test'
jenkins_job_name = 'benchmark-pull-request'
elif 'submitBenchmarkEndpointRun' in resource:
secret_name = 'benchmark-endpoint-job-token'
jenkins_job_name = 'zsngri-gradle-test'
jenkins_job_name = 'benchmark-test-endpoint'

job_token = get_secret(secret_name)

Expand Down
0 ...l-plane/infra/lib/lambda/test/__init__.py → ...l-plane/infra/lib/lambda/test/__init__.py
View file
File renamed without changes.
79 changes: 79 additions & 0 deletions benchmark-control-plane/infra/lib/lambda/test/test_custom_lambda_authorizer.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
import json
import sys
import os
from unittest.mock import patch, MagicMock
import pytest

sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__), '..')))
from custom_lambda_auth import generate_policy, check_user_permission, lambda_handler


@pytest.fixture
def mock_requests():
with patch('custom_lambda_auth.requests') as mock:
yield mock


@pytest.fixture
def mock_boto3():
with patch('custom_lambda_auth.boto3') as mock:
yield mock


def test_lambda_handler_valid_token(mock_requests):
# Mock the GitHub API response
mock_response = MagicMock()
mock_response.status_code = 200
mock_response.json.return_value = {'login': 'testuser'}
mock_requests.get.return_value = mock_response

# Mock the check_user_permission function
with patch('custom_lambda_auth.check_user_permission', return_value=True):
event = {
'authorizationToken': 'valid_token',
'methodArn': 'arn:aws:execute-api:us-east-1:123456789012:api-id/stage/method/resource-path'
}
result = lambda_handler(event, {})

assert result['policyDocument']['Statement'][0]['Effect'] == 'Allow'
assert result['principalId'] == 'testuser'


def test_lambda_handler_invalid_token(mock_requests):
# Mock the GitHub API response for invalid token
mock_response = MagicMock()
mock_response.status_code = 401
mock_response.json.return_value = {'login': 'testuser'}
mock_requests.get.return_value = mock_response

with patch('custom_lambda_auth.check_user_permission'):
event = {
'authorizationToken': 'invalid_token',
'methodArn': 'arn:aws:execute-api:us-east-1:123456789012:api-id/stage/method/resource-path'
}
result = lambda_handler(event, {})

assert result['policyDocument']['Statement'][0]['Effect'] == 'Deny'
assert result['principalId'] == 'testuser'


def test_lambda_handler_no_token():
event = {
'methodArn': 'arn:aws:execute-api:us-east-1:123456789012:api-id/stage/method/resource-path'
}
result = lambda_handler(event, {})

assert result['policyDocument']['Statement'][0]['Effect'] == 'Deny'
assert result['principalId'] == 'user'


def test_generate_policy():
method_arn = 'arn:aws:execute-api:us-east-1:123456789012:api-id/stage/method/resource-path'
effect = 'Allow'
principal_id = 'testuser'

policy = generate_policy(method_arn, effect, principal_id)

assert policy['principalId'] == principal_id
assert policy['policyDocument']['Statement'][0]['Effect'] == effect
assert policy['policyDocument']['Statement'][0]['Resource'] == method_arn
Loading

0 comments on commit 10a5611

Please sign in to comment.