Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Enhancement-3191] transport_enabled setting on an auth domain and authorizer may be unnecessary after transport client removal #3939

Merged
merged 12 commits into from
Jan 19, 2024
Merged

[Enhancement-3191] transport_enabled setting on an auth domain and authorizer may be unnecessary after transport client removal #3939

merged 12 commits into from
Jan 19, 2024

Conversation

prabhask5
Copy link
Contributor

Description

Remove the transport_enabled setting in config.yml and its related code in DynamicConfigModelV6/7, ConfigV6/7, associated tests. Additionally add handlers in Config files to handle when transport_enabled is still used within the config.yml file while alerting the user with a message in startup that this setting can be safely removed from the config.

Issues Resolved

#3191

Is this a backport? If so, please add backport PR # and/or commits #
No

Testing

No tests were made, all tests should run since the behavior should not change.

Check List

  • New functionality includes testing
  • New functionality has been documented
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@codecov Codecov
Copy link

codecov bot commented Jan 12, 2024
edited
Loading

Codecov Report

Attention: 8 lines in your changes are missing coverage. Please review.

Comparison is base (f217fa8) 65.18% compared to head (ba197b7) 65.61%.
Report is 11 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #3939      +/-   ##
==========================================
+ Coverage   65.18%   65.61%   +0.43%     
==========================================
  Files         298      298              
  Lines       21216    21246      +30     
  Branches     3457     3457              
==========================================
+ Hits        13829    13940     +111     
+ Misses       5672     5588      -84     
- Partials     1715     1718       +3
Files Coverage Δ
...ch/security/securityconf/DynamicConfigModelV7.java 65.51% <100.00%> (-0.79%) ⬇️
...pensearch/security/setting/DeprecatedSettings.java 85.71% <100.00%> (+5.71%) ⬆️
...ch/security/securityconf/DynamicConfigModelV6.java 0.00% <0.00%> (ø)
...search/security/securityconf/impl/v7/ConfigV7.java 78.39% <83.33%> (+1.42%) ⬆️
...search/security/securityconf/impl/v6/ConfigV6.java 62.39% <66.66%> (+2.58%) ⬆️

... and 9 files with indirect coverage changes

@prabhask5
change set up logging test
b63afa5 
Signed-off-by: Prabhas Kurapati <[email protected]>
@prabhask5 prabhask5 marked this pull request as ready for review January 12, 2024 14:09
@prabhask5
Copy link
Contributor Author

@peternied @scrawfor99 @cwperks Ready for review!

peternied
peternied requested changes Jan 12, 2024
View reviewed changes
Copy link
Member

@peternied peternied left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, lets reuse DeprecatedSettings and add more test cases, see comments inline.

src/main/java/org/opensearch/security/securityconf/impl/v6/ConfigV6.java Outdated Show resolved Hide resolved
src/main/java/org/opensearch/security/securityconf/impl/v6/ConfigV6.java Outdated Show resolved Hide resolved
src/main/java/org/opensearch/security/securityconf/impl/v6/ConfigV6.java Outdated Show resolved Hide resolved
stephen-crawford
stephen-crawford reviewed Jan 12, 2024
View reviewed changes
Copy link
Contributor

@stephen-crawford stephen-crawford left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @prabhask5 thanks for making these changes. Great job keeping things up to date! Other than Peter's suggestions, things look good to me. Let me know when you address those and I can give a final pass through and approve (assuming nothing else comes up etc.)

DarshitChanpura
DarshitChanpura reviewed Jan 16, 2024
View reviewed changes
Copy link
Member

@DarshitChanpura DarshitChanpura left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good to me. Have we analyzed the blast radius for removing these files? Will there be downstream plugins that will have broken tests?

@prabhask5
Copy link
Contributor Author

prabhask5 commented Jan 18, 2024
edited
Loading

Changes look good to me. Have we analyzed the blast radius for removing these files? Will there be downstream plugins that will have broken tests?

@DarshitChanpura I haven't checked for any other repository tests being impacted by this change, though I can confirm that the only errors that were caused by removing this setting being a parsing error from Jackson which I resolved using the unknownPropertiesHandler. If this error would have occurred in downstream plugins it should not. I'm new to contributing, can you let me know of other plugins to check tests for?

@prabhask5
add requested changes
22f25f7 
Signed-off-by: Prabhas Kurapati <[email protected]>
@prabhask5
Copy link
Contributor Author

@peternied I think I've addressed all your requested changes:

  1. I added a new method to the DeprecatedSettings class that allows for the logging of any deprecated setting in which the codebase does not support any more and the utilization of would result in an error, I have "extra information" of where the config that should be removed as a parameter to add extra information for a specific setting.
  2. Previously the unknownPropertyHandler didn't account for other unknown properties so I refactored it so it throws the original error if the setting is not transport_enabled (which is currently the only setting that is deprecated here), I also used a switch statement to make it easy to add more deprecated settings in the future.
  3. I added some more tests in DeprecatedSettingsTest to account for both of these cases.

This should be ready for review once I fix the test errors!

@prabhask5
spotless apply
5609519 
Signed-off-by: Prabhas Kurapati <[email protected]>
stephen-crawford
stephen-crawford previously approved these changes Jan 18, 2024
View reviewed changes
Copy link
Contributor

@stephen-crawford stephen-crawford left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @prabhask5, thanks for your work with this! Looks good to me :)

@DarshitChanpura
Copy link
Member

DarshitChanpura commented Jan 18, 2024
edited
Loading

@DarshitChanpura I haven't checked for any other repository tests being impacted by this change, though I can confirm that the only errors that were caused by removing this setting being a parsing error from Jackson which I resolved using the unknownPropertiesHandler. If this error would have occurred in downstream plugins it should not. I'm new to contributing, can you let me know of other plugins to check tests for?

I'm not aware of any off the top of my mind. We can merge this and if there are any downstream failures we can analyze and revert of necessary.

@prabhask5
spotless apply
ba197b7 
Signed-off-by: Prabhas Kurapati <[email protected]>
@cwperks cwperks added the backport 2.x backport to 2.x branch label Jan 19, 2024
@peternied peternied merged commit 881ed58 into opensearch-project:main Jan 19, 2024
83 checks passed
opensearch-trigger-bot bot pushed a commit that referenced this pull request Jan 19, 2024
@github-actions
[Enhancement-3191] transport_enabled setting on an auth domain and …
6e4314e 
…authorizer may be unnecessary after transport client removal (#3939)

Signed-off-by: Prabhas Kurapati <[email protected]>
(cherry picked from commit 881ed58)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Jan 19, 2024
Merged
peternied pushed a commit that referenced this pull request Jan 22, 2024
@opensearch-trigger-bot @github-actions
[Backport 2.x] [Enhancement-3191] transport_enabled setting on an a…
e008610 
…uth domain and authorizer may be unnecessary after transport client removal (#3966)

Backport 881ed58 from #3939.

Signed-off-by: Prabhas Kurapati <[email protected]>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
dlin2028 pushed a commit to dlin2028/security that referenced this pull request May 1, 2024
@prabhask5 @dlin2028
[Enhancement-3191] transport_enabled setting on an auth domain and …
f93c848 
…authorizer may be unnecessary after transport client removal (opensearch-project#3939)

Signed-off-by: Prabhas Kurapati <[email protected]>
@prabhask5 prabhask5 deleted the pk-remove-transport-enabled-config branch July 10, 2024 17:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@peternied peternied peternied approved these changes

@cwperks cwperks cwperks approved these changes

@cliu123 cliu123 Awaiting requested review from cliu123

@davidlago davidlago Awaiting requested review from davidlago

@RyanL1997 RyanL1997 Awaiting requested review from RyanL1997 RyanL1997 is a code owner

@reta reta Awaiting requested review from reta reta is a code owner

@willyborankin willyborankin Awaiting requested review from willyborankin willyborankin is a code owner

@stephen-crawford stephen-crawford Awaiting requested review from stephen-crawford

@DarshitChanpura DarshitChanpura Awaiting requested review from DarshitChanpura DarshitChanpura is a code owner

Assignees
No one assigned
Labels
backport 2.x backport to 2.x branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@prabhask5 @DarshitChanpura @peternied @cwperks @stephen-crawford