Skip to content

Commit

Permalink
Compatibility with opensearch 2.17.1 (#128)
Browse files Browse the repository at this point in the history
* Add compatibility with OpenSearch 2.11.0 (#31)

* Bump version Security Dashboards Plugin 2.9.0.0 (#21)

* Upgrade to version 2.8.0 of Security Dashboards Plugin (#20)

* Patch actions and workflows. Skip integration tests that fail (#4)

* Change plugin name in actions and workflows

* Patch install-dashboards action

* Change jest config path

* Skip tests

---------

Co-authored-by: Alex Ruiz Becerra <[email protected]>
Co-authored-by: yenienserrano <[email protected]>

* Change Wazuh logo and titles (#3)

* Change Wazuh logo and titles

* Don't force custom logo to have 100% width

* Add comment

* Fix lint

* Fix prettier

* Update snapshots

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>
Co-authored-by: yenienserrano <[email protected]>
Co-authored-by: Ian Yenien Serrano <[email protected]>

* Disable tenant popup (#5)

Co-authored-by: Alex Ruiz Becerra <[email protected]>

* Replace readme (#16)

* Replace readme

* Replace Opensearch to Wazuh

* Update README.md

Signed-off-by: Ian Yenien Serrano <[email protected]>

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>

* Add GitHub workflow for automated build  (#15)

* Manual build

* Workflow for automated build

* Update .github/workflows/dev-environment.yml

Signed-off-by: Álex Ruiz <[email protected]>

---------

Signed-off-by: Álex Ruiz <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>

* Create codeql.yml

Signed-off-by: Álex Ruiz <[email protected]>

* Revert changes in cypress-test.yml

* Revert changes in integration-test.yml

* Fix integration test

* Fix cypress test tenancy disabled

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>
Signed-off-by: Álex Ruiz <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: Alex Ruiz Becerra <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>

* Skip overview page test

* Skip test for issue

* Skip test for issue

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>
Signed-off-by: Álex Ruiz <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: Alex Ruiz Becerra <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>

* Fix home image and lint

* Fix lint

* Fix snapshot

* Fix integration test

* Revert selector

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>
Signed-off-by: Álex Ruiz <[email protected]>
Co-authored-by: Ian Yenien Serrano <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: yenienserrano <[email protected]>

* Update of the GitHub actions to create the packages (#33)

* Update Build manual Github action

* Add wazuh version in package.json

* Update package.json

Signed-off-by: Ian Yenien Serrano <[email protected]>

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>

* Change order of security in left menu (#36)

* Change order of security in left menu

* Fix cypress test

* Fix repository tests (#46)

* Initial commit

* Removed Windows and Mac tests

* Fix oidc test

* Fix SAML test

* Bump version 4.10.0 revision 00 (#53)

* Support Wazuh 5.0.0

* Merge 4.9.1 into 4.10.0 (#102) (#121)

* 2.13 release notes (opensearch-project#1832) (opensearch-project#1837)

* 2.13 release notes



* Fix style and package



* Fix style and package



* Fix link



---------


(cherry picked from commit 7c8058f)



* Add required ml permissions to support new roles (opensearch-project#1838) (opensearch-project#1844)

* Add required ml permissions to support new roles



* Add ml permissions



* Remove internal ml action permissions



* Add back internal ml action permissions



---------


(cherry picked from commit f0cd1cf)



* Add compatibility with OpenSearch 2.11.0 (#31)

* Bump version Security Dashboards Plugin 2.9.0.0 (#21)

* Upgrade to version 2.8.0 of Security Dashboards Plugin (#20)

* Patch actions and workflows. Skip integration tests that fail (#4)

* Change plugin name in actions and workflows

* Patch install-dashboards action

* Change jest config path

* Skip tests

---------




* Change Wazuh logo and titles (#3)

* Change Wazuh logo and titles

* Don't force custom logo to have 100% width

* Add comment

* Fix lint

* Fix prettier

* Update snapshots

---------





* Disable tenant popup (#5)



* Replace readme (#16)

* Replace readme

* Replace Opensearch to Wazuh

* Update README.md



---------



* Add GitHub workflow for automated build  (#15)

* Manual build

* Workflow for automated build

* Update .github/workflows/dev-environment.yml



---------




* Create codeql.yml



* Revert changes in cypress-test.yml

* Revert changes in integration-test.yml

* Fix integration test

* Fix cypress test tenancy disabled

---------







* Skip overview page test

* Skip test for issue

* Skip test for issue

---------







* Fix home image and lint

* Fix lint

* Fix snapshot

* Fix integration test

* Revert selector

---------







* Update of the GitHub actions to create the packages (#33)

* Update Build manual Github action

* Add wazuh version in package.json

* Update package.json



---------



* Change order of security in left menu (#36)

* Change order of security in left menu

* Fix cypress test

* Fix repository tests (#46)

* Initial commit

* Removed Windows and Mac tests

* Fix oidc test

* Fix SAML test

* Bump 4.9.0 to revision 01 (#56)

* chore: bump 4.9.0 revision 02 (#64)

* Bump revision 03 (#74)

* chore: bump to 4.9.1 revision 00 (#76)

* Update the security policy (#95)

* change: update the security policy

* fix: security policy

* Update repository security policy (#97)

* chore(bump): revision 4.9.1 01 (#99)

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>
Signed-off-by: Álex Ruiz <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Co-authored-by: Stephen Crawford <[email protected]>
Co-authored-by: Sicheng Song <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Ian Yenien Serrano <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: yenienserrano <[email protected]>

* Remove checkout cypress-test-tenancy-disabled.yml for consistency with opensearch

---------

Signed-off-by: Ian Yenien Serrano <[email protected]>
Signed-off-by: Álex Ruiz <[email protected]>
Co-authored-by: Álex Ruiz <[email protected]>
Co-authored-by: Federico Rodriguez <[email protected]>
Co-authored-by: Nicolas Agustin Guevara Pihen <[email protected]>
Co-authored-by: Tostti <[email protected]>
Co-authored-by: Antonio <[email protected]>
Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Co-authored-by: Stephen Crawford <[email protected]>
Co-authored-by: Sicheng Song <[email protected]>
  • Loading branch information
9 people authored Nov 7, 2024
1 parent 6bc2e34 commit 3589649
Show file tree
Hide file tree
Showing 23 changed files with 434 additions and 99 deletions.
19 changes: 19 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# This workflow builds a production-ready package when a tag is created.
#
# This workflow is based on the `dev-environment` workflow.

name: Build

on:
push:
tags:
- 'v*'
jobs:
build:
name: Build app package (auto)
uses: ./.github/workflows/dev-environment.yml
with:
reference: ${{ github.ref_name }}
command: 'yarn build'
artifact_name: 'wazuh-security-dashboards-plugin-${{ github.ref_name }}'
artifact_path: './wazuh-security-plugin/build'
77 changes: 77 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"

on:
push:
branches: [ "main", "[0-9].[0-9]", "[0-9].x" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "main" ]
schedule:
- cron: '00 8 * * 5'
workflow_dispatch:

jobs:
analyze:
name: Analyze
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ 'javascript' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Use only 'java' to analyze code written in Java, Kotlin or both
# Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

steps:
- name: Checkout repository
uses: actions/checkout@v3

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.

# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality


# Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun

# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.

# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:${{matrix.language}}"
5 changes: 3 additions & 2 deletions .github/workflows/cypress-test-tenancy-disabled.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: Cypress Tests Multitenancy Disabled

on: [ push, pull_request ]
on: [push, pull_request]

env:
TEST_BROWSER_HEADLESS: 1
Expand Down Expand Up @@ -50,7 +50,7 @@ jobs:
uses: derek-ho/start-opensearch@v2
with:
opensearch-version: ${{ env.OPENSEARCH_VERSION }}
plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip"
plugins: 'file:$(pwd)/${{ env.PLUGIN_NAME }}.zip'
security-enabled: true
admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}

Expand All @@ -73,6 +73,7 @@ jobs:
uses: derek-ho/setup-opensearch-dashboards@v1
with:
plugin_name: security-dashboards-plugin
app_reference: ${{ vars.WZD_REF }}
opensearch_dashboards_yml: tenancy-disabled-opensearch-dashboards-config.yml

- name: Configure and Run OpenSearch Dashboards with Cypress Test Cases
Expand Down
9 changes: 5 additions & 4 deletions .github/workflows/cypress-test.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: Cypress Tests

on: [ push, pull_request ]
on: [push, pull_request]

env:
TEST_BROWSER_HEADLESS: 1
Expand All @@ -21,7 +21,7 @@ jobs:
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}

steps:
steps:
- name: Set up JDK
uses: actions/setup-java@v1
with:
Expand Down Expand Up @@ -50,7 +50,7 @@ jobs:
uses: derek-ho/start-opensearch@v2
with:
opensearch-version: ${{ env.OPENSEARCH_VERSION }}
plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip"
plugins: 'file:$(pwd)/${{ env.PLUGIN_NAME }}.zip'
security-enabled: true
admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}

Expand All @@ -75,14 +75,15 @@ jobs:
uses: derek-ho/setup-opensearch-dashboards@v1
with:
plugin_name: security-dashboards-plugin
app_reference: ${{ vars.WZD_REF }}
opensearch_dashboards_yml: cypress-opensearch-dashboards-config.yml

- name: Configure and Run OpenSearch Dashboards with Cypress Test Cases
run: |
cd ./OpenSearch-Dashboards
nohup yarn start --no-base-path --no-watch &
sleep 500
git clone https://github.com/opensearch-project/opensearch-dashboards-functional-test.git
git clone https://github.com/opensearch-project/opensearch-dashboards-functional-test.git -b ${{ env.OPENSEARCH_VERSION }}
cd opensearch-dashboards-functional-test
npm install cypress --save-dev
yarn cypress:run-with-security-and-aggregation-view --browser chrome --spec "cypress/integration/plugins/security-dashboards-plugin/aggregation_view.js"
Expand Down
96 changes: 96 additions & 0 deletions .github/workflows/dev-environment.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
# This workflow downloads the source code at the given git reference
# (branch, tag or commit), an sets up an environment (Kibana or OpenSearch)
# to run this code and a command (build, test, ...).
#
# This workflow is used as a base for other workflows.

name: Base workflow - Environment

on:
workflow_call:
inputs:
reference:
required: true
type: string
default: master
description: Source code reference (branch, tag or commit SHA).
command:
required: true
type: string
default: 'yarn build'
description: Command to run in the environment
docker_run_extra_args:
type: string
default: ''
description: Additional paramaters for the docker run command.
required: false
artifact_name:
type: string
default: ''
description: Artifact name (will be automatically suffixed with .zip)
required: false
artifact_path:
type: string
default: ''
description: Folder to include in the archive.
required: false
notify_jest_coverage_summary:
type: boolean
default: false
required: false

jobs:
# Deploy the plugin in a development environment and run a command
# using a pre-built Docker image, hosted in Quay.io.
deploy_and_run_command:
name: Deploy and run command
runs-on: ubuntu-latest
steps:
- name: Step 01 - Download the plugin's source code
uses: actions/checkout@v3
with:
repository: wazuh/wazuh-security-dashboards-plugin
ref: ${{ inputs.reference }}
path: wazuh-security-plugin

# Fix source code ownership so the internal user of the Docker
# container is also owner.
- name: Step 02 - Change code ownership
run: sudo chown 1000:1000 -R wazuh-security-plugin;

- name: Step 03 - Set up the environment and run the command
run: |
# Read the platform version from the package.json file
echo "Reading the platform version from the package.json...";
platform_version=$(jq -r '.opensearchDashboards.version | select(. != null)' wazuh-security-plugin/package.json);
echo "Plugin platform version: $platform_version";
# Up the environment and run the command
docker run -t --rm \
-e OPENSEARCH_DASHBOARDS_VERSION=${platform_version} \
-v `pwd`/wazuh-security-plugin:/home/node/kbn/plugins/wazuh-security-plugin \
${{ inputs.docker_run_extra_args }} \
quay.io/wazuh/osd-dev:${platform_version} \
bash -c '
yarn config set registry https://registry.yarnpkg.com;
cd /home/node/kbn/plugins/wazuh-security-plugin && yarn && ${{ inputs.command }};
'
- name: Get the plugin version
run: |
echo "version=$(jq -r '.wazuh.version' $(pwd)/wazuh-security-plugin/package.json)" >> $GITHUB_ENV
echo "revision=$(jq -r '.wazuh.revision' $(pwd)/wazuh-security-plugin/package.json)" >> $GITHUB_ENV
- name: Step 04 - Upload artifact to GitHub
if: ${{ inputs.artifact_name && inputs.artifact_path }}
uses: actions/upload-artifact@v3
with:
name: ${{ inputs.artifact_name }}_${{ env.version }}-${{ env.revision }}_${{ inputs.reference }}.zip
path: ${{ inputs.artifact_path }}

- name: Step 05 - Upload coverage results to GitHub
if: ${{ inputs.notify_jest_coverage_summary && github.event_name == 'pull_request' }}
uses: AthleticNet/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
path: ./wazuh-security-plugin/target/test-coverage/coverage-summary.json
title: "Code coverage (Jest)"
44 changes: 31 additions & 13 deletions .github/workflows/integration-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,13 @@ jobs:
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest , windows-latest ]
os: [ubuntu-latest] # Removed windows-latest
runs-on: ${{ matrix.os }}

steps:
- name: Checkout Branch
uses: actions/checkout@v3

- name: Set up JDK
uses: actions/setup-java@v1
with:
Expand All @@ -34,7 +34,25 @@ jobs:
echo "PLUGIN_VERSION=$plugin_version" >> $GITHUB_ENV
shell: bash

- name: Download security plugin and create setup scripts for remote cluster
- uses: browser-actions/[email protected]
- run: geckodriver --version

- name: Set up Firefox browser
if: ${{ runner.os == 'Linux' }}
uses: browser-actions/setup-firefox@v1

- run: firefox --version
if: ${{ runner.os == 'Linux' }}

# Browser-action version does not work on Windows
# - name: Set up Firefox browser for Windows
# if: ${{ runner.os == 'Windows' }}
# uses: RyanL1997/setup-browser@main
# with:
# browser: firefox
# version: latest

- name: Download security plugin and create setup scripts
uses: ./.github/actions/download-plugin
with:
opensearch-version: ${{ env.OPENSEARCH_VERSION }}
Expand Down Expand Up @@ -69,7 +87,7 @@ jobs:
uses: derek-ho/start-opensearch@v2
with:
opensearch-version: ${{ env.OPENSEARCH_VERSION }}
plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip"
plugins: 'file:$(pwd)/${{ env.PLUGIN_NAME }}.zip'
security-enabled: true
admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}

Expand All @@ -83,7 +101,8 @@ jobs:
- id: install-dashboards
uses: derek-ho/setup-opensearch-dashboards@v3
with:
plugin_name: security-dashboards-plugin
plugin_name: wazuh-security-dashboards-plugin
app_reference: ${{ vars.WZD_REF }}

- name: Start Dashboards in background
run: node scripts/build_opensearch_dashboards_platform_plugins.js
Expand All @@ -101,11 +120,10 @@ jobs:
shell: bash
working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }}

- name: Run integration tests on Windows
if: ${{ runner.os == 'Windows' }}
run: |
echo "check if opensearch is ready"
curl -XGET https://localhost:9200 -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k
export ADMIN_PASSWORD=${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} && node ./test/run_jest_tests.js --runInBand --detectOpenHandles --forceExit --config ./test/jest.config.server.js
shell: bash
working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }}
# - name: Run integration tests on Windows
# if: ${{ runner.os == 'Windows' }}
# run: |
# echo "check if opensearch is ready"
# curl -XGET https://localhost:9200 -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k
# node .\test\run_jest_tests.js --runInBand --detectOpenHandles --forceExit --config .\test\jest.config.server.js
# working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }}
34 changes: 34 additions & 0 deletions .github/workflows/manual-build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# This workflow builds a production-ready package from the given Git reference.
# Any branch, tag or commit SHA existing in the origin can be used.
#
# This workflow is based on the `dev-environment` workflow.

name: Manual build

on:
workflow_call:
inputs:
reference:
required: true
type: string
description: Source code reference (branch, tag or commit SHA)
default: 4.10.0
workflow_dispatch:
inputs:
reference:
required: true
type: string
default: master
description: Source code reference (branch, tag or commit SHA)

jobs:
# Build an app package from the given source code reference.
build:
name: Build app package
uses: ./.github/workflows/dev-environment.yml
with:
reference: ${{ inputs.reference }}
command: 'yarn build'
artifact_name: 'wazuh-security-dashboards-plugin'
artifact_path: './wazuh-security-plugin/build'
secrets: inherit
Loading

0 comments on commit 3589649

Please sign in to comment.