Increment all version references in 2.x line #3333
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…-project#1903) * Switch to standard OpenSearch gradle build (opensearch-project#1888) * Rewrote build.gradle to follow OpenSearch plugin standards * Enabled license headers check on the repository * Did not enable several new repository checks * Added maven publishing for security * Removed excess forced dependency resolutions * Rebuilt projects dependencies, release plugin binary has the exact same dependencies and versions * Converted dependencies into runtime dependencies to avoid use during coding * Converted dependencies from project wide to test only dependencies * jackson-databind version comes from OpenSearch * Replaced handmade build manifest with git properties to automated version used by OpenSearch * Added license headers to files that were missing them * Checkstyle improvements * Disable checkstyle checks that are not errors * Moved checkstyle file into directory off of the project root * Moved standard configuration directory * Using default test running from OpenSearch * Switched to RandomizedTest as the base test class * Parameterized test runner cannot be used with RandomizedTest converted test functionality * Fixed tests resource issues, added new fields to make this consistent in the codebase * Fixed issue with leaky environment variable for security root directory, refactored usage * Removed unneeded setDefaultUncaughtExceptionHandler in tests * Fixed issues with deprecated internal reflection from Mockito * Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries * Initial pass on non-inclusive terminology, commented out exclusions * Removed test dependency on scala * Removed test dependency on legacy xmlsecurity library Signed-off-by: Peter Nied <[email protected]> (cherry picked from commit 03a224d) * Fix build break from cluster manager changes Signed-off-by: Peter Nied <[email protected]> Co-authored-by: Peter Nied <[email protected]>
…t#1912) (opensearch-project#1913) Fixes CVE-2021-4104, CVE-2020-9488, and more from dependency on log4j-1.2.17.jar Signed-off-by: Peter Nied <[email protected]> (cherry picked from commit 746748b) Co-authored-by: Peter Nied <[email protected]>
…pensearch-project#1915) Signed-off-by: Peter Nied <[email protected]> (cherry picked from commit d507ebb) Co-authored-by: Peter Nied <[email protected]>
…#1897) (opensearch-project#1916) Signed-off-by: Clay Downs <[email protected]> (cherry picked from commit 7f5ca53) Co-authored-by: Clay Downs <[email protected]>
…search-project#1901) (opensearch-project#1919) * Adds release notes for 2.1.0 Signed-off-by: Darshit Chanpura <[email protected]> * Revert "Bump version to 3.0.0.0 (opensearch-project#1890)" This reverts commit 00e2a5d. Signed-off-by: Darshit Chanpura <[email protected]> (cherry picked from commit 15f1fbd) Co-authored-by: Darshit Chanpura <[email protected]>
…pensearch-project#1921) (opensearch-project#1923) (cherry picked from commit 192ef35) Co-authored-by: Darshit Chanpura <[email protected]>
…search-project#1920) (opensearch-project#1924) We were seeing test failures where on higher end computers there would be duplicate audit messages for the index mapping creation. Then when run inside GitHub Actions there would only be 2 messages. This doesn't look like an overt product issue, overlogging of requests, but the test case was not handling it well. Also improved the failure message response for faster future debugging. Signed-off-by: Peter Nied <[email protected]> (cherry picked from commit 1904db5) Co-authored-by: Peter Nied <[email protected]>
…ct#1926) (opensearch-project#1928) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit be876c0) Co-authored-by: Craig Perkins <[email protected]>
…1945) (opensearch-project#1946) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit b63f7a8) Co-authored-by: Craig Perkins <[email protected]>
…oject#1968) Signed-off-by: Darshit Chanpura <[email protected]> (cherry picked from commit d9bd0dd) Co-authored-by: Darshit Chanpura <[email protected]>
…pensearch-project#1937) (opensearch-project#1973) (cherry picked from commit f153c27) Co-authored-by: Peter Nied <[email protected]>
…#1972) * Abstract waitForInit to AbstractSecurityUnitTest and increase configuration load timeout to 10s * Use waitForInit inside waitOrThrow for CCReplicationTest Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit cb24f6e) Co-authored-by: Craig Perkins <[email protected]>
Signed-off-by: Andriy Redko <[email protected]> (cherry picked from commit d96da6c) Co-authored-by: Andriy Redko <[email protected]>
…oles, securityRoles and attributes in User (opensearch-project#1970) (opensearch-project#1983) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit 50a94b4) Co-authored-by: Craig Perkins <[email protected]>
…ect#1988) (opensearch-project#1990) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit 437eb02) Co-authored-by: Craig Perkins <[email protected]>
…search-project#1992) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit 62cf906) Co-authored-by: Craig Perkins <[email protected]>
…project#2005) Signed-off-by: Bharathwaj G <[email protected]> (cherry picked from commit 9ce8b4f) Co-authored-by: Bharathwaj G <[email protected]>
…pensearch-project#2006) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit 7eaaafe) Co-authored-by: Craig Perkins <[email protected]>
…project#1958) (opensearch-project#2017) * Initial commit with a base test, gradle change and execution script Signed-off-by: Darshit Chanpura <[email protected]> * Disable JarHell with classpsloading override Signed-off-by: Peter Nied <[email protected]> * Sample certficates for sanity tests Signed-off-by: Darshit Chanpura <[email protected]> * Updates test and adds a base class that extends OpenSearchRestTestCase and modifies client builder methods Signed-off-by: Darshit Chanpura <[email protected]> * Adds common-utils dependency and modifies integTestRemote task Signed-off-by: Darshit Chanpura <[email protected]> * Updates integtest script Signed-off-by: Darshit Chanpura <[email protected]> * Makes integtest script executable Signed-off-by: Darshit Chanpura <[email protected]> * Updates code hygiene Signed-off-by: Darshit Chanpura <[email protected]> * Disabling integTest task that was auto-triggered Signed-off-by: Darshit Chanpura <[email protected]> * Fix broken github action for build-artifacts Signed-off-by: Darshit Chanpura <[email protected]> * Updates bwc gradle to skip sanity tests Signed-off-by: Darshit Chanpura <[email protected]> * Updates test task to skip sanity test Signed-off-by: Darshit Chanpura <[email protected]> * Code cleanup Signed-off-by: Darshit Chanpura <[email protected]> * Documenting the changes Signed-off-by: Darshit Chanpura <[email protected]> * Updates exclusion filter for build gradle test task Signed-off-by: Darshit Chanpura <[email protected]> * Addresses requested PR changes Signed-off-by: Darshit Chanpura <[email protected]> * Fixes incorrect license headers Signed-off-by: Darshit Chanpura <[email protected]> * Adds sanity tests CI check Signed-off-by: Darshit Chanpura <[email protected]> * Hard codes common-utils version to stop CI from failing Signed-off-by: Darshit Chanpura <[email protected]> * Updates TODO comment with tracking issue Signed-off-by: Darshit Chanpura <[email protected]> * Makes common-utils version dynamic and acceptable as input parameter to gradle command Signed-off-by: Darshit Chanpura <[email protected]> * Update bwc build gradle to exclude sanity tests Signed-off-by: Darshit Chanpura <[email protected]> * Hardcodes default common utils version Signed-off-by: Darshit Chanpura <[email protected]> * Uses assertThat Signed-off-by: Darshit Chanpura <[email protected]> * Removes incorrect license headers Signed-off-by: Darshit Chanpura <[email protected]> * Fixes CI errors Signed-off-by: Darshit Chanpura <[email protected]> Co-authored-by: Peter Nied <[email protected]> (cherry picked from commit f7b6fe5) Co-authored-by: Darshit Chanpura <[email protected]>
…project#2019) Signed-off-by: Darshit Chanpura <[email protected]> Signed-off-by: Darshit Chanpura <[email protected]> (cherry picked from commit 63edf43) Co-authored-by: Darshit Chanpura <[email protected]>
…ensearch-project#2002) (cherry picked from commit 42b936e) Co-authored-by: Peter Nied <[email protected]>
…t#1996) (opensearch-project#2024) Revert some changes introduced by opensearch-project#1563 to correct work with log4j. Signed-off-by: Andrey Pustovetov <[email protected]> (cherry picked from commit 68f5624) Co-authored-by: Andrey Pustovetov <[email protected]>
…2030) Signed-off-by: Andriy Redko <[email protected]> Signed-off-by: Andriy Redko <[email protected]> (cherry picked from commit b57359a) Co-authored-by: Andriy Redko <[email protected]>
…oject#2031) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit f4b3a3a) Co-authored-by: Craig Perkins <[email protected]>
…rch-project#2037) Signed-off-by: Bharathwaj G <[email protected]> (cherry picked from commit 6b7a586) Co-authored-by: Bharathwaj G <[email protected]>
…ct#2046) (opensearch-project#2048) Signed-off-by: cliu123 <[email protected]> (cherry picked from commit 287e945) Co-authored-by: Chang Liu <[email protected]>
…ch-project#2075) Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit f83a7e8) Co-authored-by: Craig Perkins <[email protected]>
…ct#2080) Signed-off-by: Chang Liu <[email protected]> Signed-off-by: Chang Liu <[email protected]> (cherry picked from commit 8f7f1b5) Co-authored-by: Chang Liu <[email protected]>
…rch-project#2082) Signed-off-by: Craig Perkins <[email protected]> Signed-off-by: Craig Perkins <[email protected]> (cherry picked from commit a9f752d) Co-authored-by: Craig Perkins <[email protected]>
…ect#3242) (opensearch-project#3243) Signed-off-by: Peter Nied <[email protected]> (cherry picked from commit d7d7f62)
…7.36 (opensearch-project#3253) Backport 3e66d54 from opensearch-project#3249. Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…1.3 (opensearch-project#3256) Backport 47a047c from opensearch-project#3251. Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Peter Nied <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Peter Nied <[email protected]>
…ot fail on forbidden setting (opensearch-project#3258) ### Description Backport 4c095d2 of opensearch-project#3236 ### Check List - [ ] New functionality includes testing - [ ] New functionality has been documented - [X] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin). --------- Signed-off-by: Derek Ho <[email protected]>
### Description Opening up a PR to describe the issues faced with BWC tests with the security plugin installed and solicit feedback. I plan to forward port this change to main, but first wanted to show this working for 2.9 -> 2.10 tests (as of the time of this writing). Thanks to the work that @scrawfor99 did in [core](opensearch-project/OpenSearch#8900) to supply security settings to testClusters to be able to run the initial wait for cluster yellow checks with a URL that includes the right protocol (`https` when security is enabled) along with a username and password to authenticate the request. I ran into 4 hurdles to get this to run: 1. Initially the cluster didn't form. After a lot of frustration, I ended up finding that by supplying `network.bind_host` and `network.publish_host` to both 127.0.0.1 it resolved the issue. These could probably be combined into a single `network.host`, but I chose to keep them separated. 2. I had issue testing changes to the gradle build-tools after making changes locally. This was the most frustrating hurdle, but ultimately the solution was to change the [`opensearch.version` setting in `bwc-test/build.gradle`](https://github.com/opensearch-project/security/blob/2.x/bwc-test/build.gradle#L47) to `2.10.0-SNAPSHOT`. This value is specifically used as the version of the gradle build-tools that the [BWC tests use](https://github.com/opensearch-project/security/blob/main/bwc-test/build.gradle#L58). The changes I made locally didn't reflect because I was publishing to maven local from the 2.x branch (currently 2.10) and it was looking for 2.9.0-SNAPSHOT artifacts. After updating the value it found my maven local snapshots. For this artifact you can produce maven local snapshots using `./gradlew :build-tools:publishToMavenLocal` from the respective branch in the core repo. 3. After the waitForYellow checks were able to run successfully, the REST Client in the SecurityBackwardsCompatibilityIT was also having problems connecting to the cluster because it didn't recognize the certificates of the server. I ended up using the overly trustworthy route where there is no SSL verification for the REST Client used in this test. I borrowed this implementation from [k-NN's ODFERestTestCase](https://github.com/opensearch-project/k-NN/blob/2.x/src/testFixtures/java/org/opensearch/knn/ODFERestTestCase.java#L118-L141) which is widely used in the plugin ecosystem. There is an open issue to abstract this class into common-utils. More work can be done here to ensure the rest-high-level-client runs with a truststore with the root certificate. 4. The last hurdle I faced was a WarningFailureException where the REST Client could not deserialize the cluster health response because of a warning that was returned with the response about the request including system indices. According to this [comment](opensearch-project/OpenSearch#1108 (comment)), this may only be enabled in snapshots. To fix this, I set preserve cluster to true which [bypasses the method](https://github.com/opensearch-project/OpenSearch/blob/main/test/framework/src/main/java/org/opensearch/test/rest/OpenSearchRestTestCase.java#L364) where the error was thrown. * Category (Enhancement, New feature, Bug fix, Test fix, Refactoring, Maintenance, Documentation) Enhancement ### Issues Resolved opensearch-project#3056 ### Check List - [ ] New functionality includes testing - [ ] New functionality has been documented - [ ] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin). --------- Signed-off-by: Craig Perkins <[email protected]>
…N in node certificate (opensearch-project#3268) (opensearch-project#3277) Backports opensearch-project#3268 by cherry-picking a4f8f03 Manual backport was required to address conflicts in DEVELOPER_GUIDE.md
…RestApiActions for consistency and clarity (opensearch-project#3261) Backport 0338cdd from opensearch-project#3123
…ernal users (opensearch-project#3282) Backport 53f64b9 from opensearch-project#3278. Signed-off-by: Andrey Pleskach <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…ror messages (opensearch-project#3279) Backport 9fb106c from opensearch-project#3205. Signed-off-by: Andrey Pleskach <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…d in core (opensearch-project#3307) Backport of opensearch-project#3306 to 2.x Signed-off-by: Craig Perkins <[email protected]>
…roject#3287) Backport cd45e78 from opensearch-project#3283 Moved only gradle settings and checkstyle files. Signed-off-by: Andrey Pleskach <[email protected]>
…rmat (opensearch-project#3322) Backport opensearch-project#3289 to 2.x Signed-off-by: Craig Perkins <[email protected]>
…ensearch-project#3325) Backports opensearch-project#2287 to 2.x (cherry picked from commit 1379234) Manual backport was required since SystemIndicesTests.java was deleted in main in lieu of the new testing for system indices. Also had to change http5 imports in tests to http4 Co-authored-by: Sam <[email protected]>
…ner from 0.16.4 to 0.16.5 (opensearch-project#3328) Backport 00167b3 from opensearch-project#3296. Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…6.21.0 (opensearch-project#3298) Backport 7c61fd9 from opensearch-project#3295. Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ameless.json:json-base to 2.4.2 (opensearch-project#3327) Manual backports of opensearch-project#3295 and opensearch-project#3293 to 2.x Signed-off-by: Craig Perkins <[email protected]>
…h-project#3330) Backport of - opensearch-project#3326 - opensearch-project#3237 Signed-off-by: Craig Perkins <[email protected]> Co-authored-by: HenryL27 <[email protected]>
Signed-off-by: Stephen Crawford <[email protected]>
stephen-crawford
requested review from
cliu123,
cwperks,
DarshitChanpura,
davidlago,
peternied,
RyanL1997,
reta and
willyborankin
as code owners
|
Wrong brach target |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
[Describe what this change achieves]
Increments all version references for security, opensearch-core, and common-utils to the next version.
Issues Resolved
Part of the release tasks: #3028
Check List
New functionality includes testingNew functionality has been documentedBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.