[backport to 2.x] Bump RCF Version and Fix Default Rules Bug in AnomalyDetector #985
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Security test workflow for Anomaly Detection | |
on: | |
push: | |
branches: | |
- "*" | |
pull_request: | |
branches: | |
- "*" | |
env: | |
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true | |
jobs: | |
Build-ad: | |
strategy: | |
matrix: | |
java: [11,17,21] | |
fail-fast: false | |
name: Security test workflow for Anomaly Detection | |
runs-on: ubuntu-latest | |
steps: | |
- name: Setup Java ${{ matrix.java }} | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'temurin' | |
java-version: ${{ matrix.java }} | |
# time-series-analytics | |
- name: Checkout AD | |
uses: actions/checkout@v4 | |
- name: Build Anomaly Detection | |
run: | | |
./gradlew assemble | |
# example of variables: | |
# plugin = opensearch-time-series-analytics-2.10.0.0-SNAPSHOT.zip | |
# version = 2.10.0, plugin_version = 2.10.0.0, qualifier = SNAPSHOT | |
- name: Pull and Run Docker | |
run: | | |
plugin=`basename $(ls build/distributions/*.zip)` | |
version=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-3` | |
plugin_version=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-4` | |
qualifier=`echo $plugin|awk -F- '{print $5}'| cut -d. -f 1-1` | |
if $qualifier!=SNAPSHOT | |
then | |
docker_version=$version-$qualifier | |
else | |
docker_version=$version | |
fi | |
echo plugin version plugin_version qualifier docker_version | |
echo "($plugin) ($version) ($plugin_version) ($qualifier) ($docker_version)" | |
cd .. | |
if docker pull opensearchstaging/opensearch:$docker_version | |
then | |
echo "FROM opensearchstaging/opensearch:$docker_version" >> Dockerfile | |
echo "RUN if [ -d /usr/share/opensearch/plugins/opensearch-anomaly-detection ]; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-anomaly-detection; fi" >> Dockerfile | |
echo "RUN if [ -d /usr/share/opensearch/plugins/opensearch-time-series-analytics ]; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-time-series-analytics; fi" >> Dockerfile | |
echo "ADD anomaly-detection/build/distributions/$plugin /tmp/" >> Dockerfile | |
echo "RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/$plugin" >> Dockerfile | |
docker build -t opensearch-ad:test . | |
echo "imagePresent=true" >> $GITHUB_ENV | |
else | |
echo "imagePresent=false" >> $GITHUB_ENV | |
fi | |
- name: Run Docker Image | |
if: env.imagePresent == 'true' | |
run: | | |
cd .. | |
docker run -p 9200:9200 -d -p 9600:9600 -e "OPENSEARCH_INITIAL_ADMIN_PASSWORD=myStrongPassword123!" -e "discovery.type=single-node" opensearch-ad:test | |
sleep 90 | |
- name: Run AD Test | |
if: env.imagePresent == 'true' | |
run: | | |
security=`curl -XGET https://localhost:9200/_cat/plugins?v -u admin:myStrongPassword123! --insecure |grep opensearch-security|wc -l` | |
if [ $security -gt 0 ] | |
then | |
echo "Security plugin is available" | |
./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=myStrongPassword123! | |
else | |
echo "Security plugin is NOT available, skipping integration tests" | |
fi |