Skip to content

Commit

Permalink
Add github action for security enabled integ tests (#48) (#50)
Browse files Browse the repository at this point in the history
(cherry picked from commit 2efd7ae)

Signed-off-by: Chenyang Ji <[email protected]>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
  • Loading branch information
1 parent b9cab2c commit 800e067
Show file tree
Hide file tree
Showing 2 changed files with 92 additions and 3 deletions.
90 changes: 90 additions & 0 deletions .github/workflows/integ-tests-with-security.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
name: Security Plugin IT

on:
pull_request:
push:
branches-ignore:
- 'dependabot/**'
paths:
- 'integ-test/**'
- '.github/workflows/integ-tests-with-security.yml'

jobs:
Get-CI-Image-Tag:
uses: opensearch-project/opensearch-build/.github/workflows/get-ci-image-tag.yml@main
with:
product: opensearch

security-it-linux:
needs: Get-CI-Image-Tag
strategy:
fail-fast: false
matrix:
java: [ 11, 17, 21 ]
env:
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
runs-on: ubuntu-latest
container:
# using the same image which is used by opensearch-build team to build the OpenSearch Distribution
# this image tag is subject to change as more dependencies and updates will arrive over time
image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
# need to switch to root so that github actions can install runner binary on container without permission issues.
options: --user root

steps:
- uses: actions/checkout@v3

- name: Set up JDK ${{ matrix.java }}
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ matrix.java }}

- name: Build with Gradle
run: |
chown -R 1000:1000 `pwd`
su `id -un 1000` -c "./gradlew integTestWithSecurity"
- name: Upload test reports
if: ${{ always() }}
uses: actions/upload-artifact@v2
continue-on-error: true
with:
name: test-reports-${{ matrix.os }}-${{ matrix.java }}
path: |
integ-test/build/reports/**
integ-test/build/testclusters/*/logs/*
integ-test/build/testclusters/*/config/*
security-it-windows-macos:
strategy:
fail-fast: false
matrix:
os: [ windows-latest, macos-13 ]
java: [ 11, 17, 21 ]

runs-on: ${{ matrix.os }}

steps:
- uses: actions/checkout@v3

- name: Set up JDK ${{ matrix.java }}
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: ${{ matrix.java }}

- name: Build with Gradle
run: ./gradlew integTestWithSecurity

- name: Upload test reports
if: ${{ always() }}
uses: actions/upload-artifact@v2
continue-on-error: true
with:
name: test-reports-${{ matrix.os }}-${{ matrix.java }}
path: |
integ-test/build/reports/**
integ-test/build/testclusters/*/logs/*
integ-test/build/testclusters/*/config/*
5 changes: 2 additions & 3 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,7 @@ test {
tasks.named("check").configure { dependsOn(integTest) }

integTest {
useCluster testClusters.integTest
// The --debug-jvm command-line option makes the cluster debuggable; this makes the tests debuggable
if (System.getProperty("test.debug") != null) {
jvmArgs '-agentlib:jdwp=transport=dt_socket,server=y,suspend=y,address=*:5005'
Expand Down Expand Up @@ -243,15 +244,13 @@ integTest {
filter {
includeTestsMatching 'org.opensearch.plugin.insights.rules.resthandler.top_queries.TopQueriesRestIT'
}

if (System.getProperty("security.enabled") == "true") {
useCluster testClusters.integTestWithSecurity
getClusters().forEach { cluster ->
configureSecurityPlugin(cluster)
}
systemProperty "user", "admin"
systemProperty "password", "admin"
} else {
useCluster testClusters.integTest
}
}

Expand Down

0 comments on commit 800e067

Please sign in to comment.