From e08db1d70dd4e9ec42769109f6621535cd12cae4 Mon Sep 17 00:00:00 2001 From: Peter Zhu Date: Fri, 1 Apr 2022 20:13:39 -0400 Subject: [PATCH 1/8] Security plugin qualifier support default to alpha1 Signed-off-by: Peter Zhu --- build.gradle | 34 +++++++++++++++------------------- 1 file changed, 15 insertions(+), 19 deletions(-) diff --git a/build.gradle b/build.gradle index 10818763c7..4002786335 100644 --- a/build.gradle +++ b/build.gradle @@ -55,9 +55,19 @@ repositories { } ext { - default_opensearch_version = property("opensearch-core.version") + "-SNAPSHOT" - opensearch_version = System.getProperty("opensearch.version", default_opensearch_version) - buildVersionQualifier = System.getProperty("build.version_qualifier") + isSnapshot = "true" == System.getProperty("build.snapshot", "true") + opensearch_version = System.getProperty("opensearch.version", "2.0.0-alpha1-SNAPSHOT") + buildVersionQualifier = System.getProperty("build.version_qualifier", "alpha1") + // 2.0.0-alpha1-SNAPSHOT -> 2.0.0.0-alpha1-SNAPSHOT + version_tokens = opensearch_version.tokenize('-') + opensearch_build = version_tokens[0] + '.0' + if (buildVersionQualifier) { + opensearch_build += "-${buildVersionQualifier}" + opensearch_build_nosnapshot = opensearch_build + } + if (isSnapshot) { + opensearch_build += "-SNAPSHOT" + } } configurations.all { @@ -124,19 +134,8 @@ dependencies { compileOnly "org.opensearch:opensearch:${opensearch_version}" } -ext { - securityPluginVersion = property('security-plugin.version') - isSnapshot = "true" == System.getProperty("build.snapshot", "true") -} - group = 'org.opensearch' -version = securityPluginVersion -if (buildVersionQualifier) { - version += "-${buildVersionQualifier}" -} -if (isSnapshot) { - version += "-SNAPSHOT" -} +version = opensearch_build description = 'OpenSearch Security' @@ -326,16 +325,13 @@ task bundleSecurityAdminStandaloneTarGz(dependsOn: jar, type: Tar) { } task createPluginDescriptor() { - if (opensearch_version.contains("-SNAPSHOT")) { - opensearch_version=opensearch_version.substring(0, opensearch_version.length() - 9) - } List descriptorProperties = [ "description=Provide access control related features for OpenSearch", "version=${version}", "name=opensearch-security", "classname=org.opensearch.security.OpenSearchSecurityPlugin", "java.version=${java.targetCompatibility}", - "opensearch.version=${opensearch_version}", + "opensearch.version=${opensearch_build_nosnapshot}", ] new File("plugin-descriptor.properties").text = descriptorProperties.join ("\n") From 55c278a4ba149803ada7490a2768cb2e84e8455d Mon Sep 17 00:00:00 2001 From: cliu123 Date: Fri, 1 Apr 2022 22:46:56 -0700 Subject: [PATCH 2/8] Upgrade to OpenSearch 2.0.0-alpha1 Signed-off-by: cliu123 --- ...omplianceIndexingOperationListenerImpl.java | 4 ++-- .../security/compliance/FieldReadCallback.java | 4 ++-- .../configuration/DlsFlsFilterLeafReader.java | 16 +++------------- .../org/opensearch/security/TracingTests.java | 12 ++++-------- .../security/auditlog/impl/TracingTests.java | 18 ++++++------------ .../CustomFieldMaskedComplexMappingTest.java | 2 +- .../security/dlic/dlsfls/DlsNestedTest.java | 3 +-- .../security/dlic/dlsfls/DlsTest.java | 2 +- .../dlic/dlsfls/FlsExistsFieldsTest.java | 7 +------ .../security/dlic/dlsfls/FlsFieldsTest.java | 3 +-- .../security/dlic/dlsfls/FlsFieldsWcTest.java | 3 +-- 11 files changed, 23 insertions(+), 51 deletions(-) diff --git a/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java b/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java index 7ae1bdfbcf..7142a05c2e 100644 --- a/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java +++ b/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java @@ -149,12 +149,12 @@ public void postIndex(ShardId shardId, Index index, IndexResult result) { if(previousContent == null) { //no previous content if(!result.isCreated()) { - log.warn("No previous content and not created (its an update but do not find orig source) for {}/{}/{}/{}", index.startTime(), shardId, index.type(), index.id()); + log.warn("No previous content and not created (its an update but do not find orig source) for {}/{}/{}", index.startTime(), shardId, index.id()); } assert result.isCreated():"No previous content and not created"; } else { if(result.isCreated()) { - log.warn("Previous content and created for {}/{}/{}/{}", index.startTime(), shardId, index.type(), index.id()); + log.warn("Previous content and created for {}/{}/{}", index.startTime(), shardId, index.id()); } assert !result.isCreated():"Previous content and created"; } diff --git a/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java b/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java index 585d5c750f..03858968f5 100644 --- a/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java +++ b/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java @@ -120,12 +120,12 @@ public void binaryFieldRead(final FieldInfo fieldInfo, byte[] fieldValue) { } } - public void stringFieldRead(final FieldInfo fieldInfo, final byte[] fieldValue) { + public void stringFieldRead(final FieldInfo fieldInfo, final String fieldValue) { try { if(!recordField(fieldInfo.name, true)) { return; } - fieldRead0(fieldInfo.name, new String(fieldValue, StandardCharsets.UTF_8)); + fieldRead0(fieldInfo.name, fieldValue); } catch (Exception e) { log.error("Unexpected error reading string field '{}' in index '{}'", fieldInfo.name, index.getName()); } diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java index 3d78dd9ac3..716b051fce 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java @@ -421,11 +421,6 @@ public void checkIntegrity() throws IOException { public void close() throws IOException { in.close(); } - - @Override - public long ramBytesUsed() { - return in.ramBytesUsed(); - } } @Override @@ -521,7 +516,7 @@ public int hashCode() { } @Override - public void stringField(final FieldInfo fieldInfo, final byte[] value) throws IOException { + public void stringField(final FieldInfo fieldInfo, final String value) throws IOException { fieldReadCallback.stringFieldRead(fieldInfo, value); delegate.stringField(fieldInfo, value); } @@ -610,7 +605,7 @@ public int hashCode() { } @Override - public void stringField(final FieldInfo fieldInfo, final byte[] value) throws IOException { + public void stringField(final FieldInfo fieldInfo, final String value) throws IOException { delegate.stringField(fieldInfo, value); } @@ -681,7 +676,7 @@ public int hashCode() { } @Override - public void stringField(final FieldInfo fieldInfo, final byte[] value) throws IOException { + public void stringField(final FieldInfo fieldInfo, final String value) throws IOException { final Optional mf = maskedFieldsMap.getMaskedField(fieldInfo.name); if(mf.isPresent()) { @@ -868,11 +863,6 @@ private SortedDocValues wrapSortedDocValues(final String field, final SortedDocV if (mf != null) { return new SortedDocValues() { - @Override - public BytesRef binaryValue() throws IOException { - return mf.mask(sortedDocValues.binaryValue()); - } - @Override public int lookupTerm(BytesRef key) throws IOException { return sortedDocValues.lookupTerm(key); diff --git a/src/test/java/org/opensearch/security/TracingTests.java b/src/test/java/org/opensearch/security/TracingTests.java index a5a626c671..fc193e2611 100644 --- a/src/test/java/org/opensearch/security/TracingTests.java +++ b/src/test/java/org/opensearch/security/TracingTests.java @@ -62,14 +62,10 @@ public void testAdvancedMapping() throws Exception { setup(Settings.EMPTY, new DynamicSecurityConfig(), Settings.EMPTY, true, ClusterConfiguration.DEFAULT); try (Client tc = getClient()) { - tc.admin().indices().create(new CreateIndexRequest("myindex1") - .mapping("mytype1", FileHelper.loadFile("mapping1.json"), XContentType.JSON)).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex2") - .mapping("mytype2", FileHelper.loadFile("mapping2.json"), XContentType.JSON)).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex3") - .mapping("mytype3", FileHelper.loadFile("mapping3.json"), XContentType.JSON)).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex4") - .mapping("mytype4", FileHelper.loadFile("mapping4.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex1")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex2")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex3")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex4")).actionGet(); } RestHelper rh = nonSslRestHelper(); diff --git a/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java b/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java index f4d79f571a..59951c2566 100644 --- a/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java +++ b/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java @@ -338,14 +338,10 @@ public void testAdvancedMapping() throws Exception { rh.executePutRequest("_opendistro/_security/api/audit/config", AuditTestUtils.createAuditPayload(settings), encodeBasicHeader("admin", "admin")); try (Client tc = getClient()) { - tc.admin().indices().create(new CreateIndexRequest("myindex1") - .mapping("mytype1", FileHelper.loadFile("mapping1.json"), XContentType.JSON)).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex2") - .mapping("mytype2", FileHelper.loadFile("mapping2.json"), XContentType.JSON)).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex3") - .mapping("mytype3", FileHelper.loadFile("mapping3.json"), XContentType.JSON)).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex4") - .mapping("mytype4", FileHelper.loadFile("mapping4.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex1")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex2")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex3")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex4")).actionGet(); } System.out.println("############ write into mapping 1"); @@ -391,10 +387,8 @@ public void testImmutableIndex() throws Exception { rh.executePutRequest("_opendistro/_security/api/audit/config", AuditTestUtils.createAuditPayload(Settings.EMPTY), encodeBasicHeader("admin", "admin")); try (Client tc = getClient()) { - tc.admin().indices().create(new CreateIndexRequest("myindex1") - .mapping("mytype1", FileHelper.loadFile("mapping1.json"), XContentType.JSON)).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex2") - .mapping("mytype2", FileHelper.loadFile("mapping1.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex1")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex2")).actionGet(); } System.out.println("############ immutable 1"); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java index a6b968dbdd..2c2c74c7d6 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java @@ -36,7 +36,7 @@ public class CustomFieldMaskedComplexMappingTest extends AbstractDlsFlsTest{ protected void populateData(Client tc) { try { - tc.admin().indices().create(new CreateIndexRequest("logs").mapping("_doc", FileHelper.loadFile("dlsfls/masked_field_mapping.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("logs")).actionGet(); byte[] data = FileHelper.loadFile("dlsfls/logs_bulk_data.json").getBytes(StandardCharsets.UTF_8); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java index 4369db6599..18ce04c9e5 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java @@ -44,8 +44,7 @@ protected void populateData(Client tc) { ""; tc.admin().indices().create(new CreateIndexRequest("deals") - .settings(Settings.builder().put("number_of_shards", 1).put("number_of_replicas", 0).build()) - .mapping("mytype", mapping, XContentType.JSON)).actionGet(); + .settings(Settings.builder().put("number_of_shards", 1).put("number_of_replicas", 0).build())).actionGet(); //tc.index(new IndexRequest("deals").id("3").setRefreshPolicy(RefreshPolicy.IMMEDIATE) // .source("{\"amount\": 7,\"owner\": \"a\", \"my_nested_object\" : {\"name\": \"spock\"}}", XContentType.JSON)).actionGet(); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java index 0de711caec..e0a24cb2ce 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java @@ -273,7 +273,7 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { setup(); try (Client client = getClient()) { - client.admin().indices().create(new CreateIndexRequest("logs").mapping("_doc", ImmutableMap.of("properties", ImmutableMap.of("termX", ImmutableMap.of("type", "keyword"))))).actionGet(); + client.admin().indices().create(new CreateIndexRequest("logs")).actionGet(); for (int i = 0; i < 3; i++) { client.index(new IndexRequest("logs").setRefreshPolicy(RefreshPolicy.IMMEDIATE).source("amount", i, "termX", "A", "timestamp", "2022-01-06T09:05:00Z")).actionGet(); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java index 103387d1f1..b0ce96c8a8 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java @@ -30,12 +30,7 @@ public class FlsExistsFieldsTest extends AbstractDlsFlsTest { protected void populateData(Client tc) { - tc.admin().indices().create(new CreateIndexRequest("data").mapping("doc", - "@timestamp", "type=date", - "host", "type=text,norms=false", - "response", "type=text,norms=false", - "non-existing", "type=text,norms=false" - )) + tc.admin().indices().create(new CreateIndexRequest("data")) .actionGet(); for (int i = 0; i < 1; i++) { diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java index b115f5d502..371f36efba 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java @@ -34,8 +34,7 @@ public class FlsFieldsTest extends AbstractDlsFlsTest{ protected void populateData(Client tc) { - tc.admin().indices().create(new CreateIndexRequest("deals") - .mapping("deals", "timestamp","type=date","@timestamp","type=date")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("deals")).actionGet(); try { String doc = FileHelper.loadFile("dlsfls/doc1.json"); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java index 5063eb3f25..19a0e9a791 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java @@ -34,8 +34,7 @@ public class FlsFieldsWcTest extends AbstractDlsFlsTest{ protected void populateData(Client tc) { - tc.admin().indices().create(new CreateIndexRequest("deals") - .mapping("deals", "timestamp","type=date","@timestamp","type=date")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("deals")).actionGet(); try { String doc = FileHelper.loadFile("dlsfls/doc1.json"); From 887535bb5ad9a0489acedec1136d5f34f2eaa5eb Mon Sep 17 00:00:00 2001 From: cliu123 Date: Tue, 5 Apr 2022 08:27:05 -0700 Subject: [PATCH 3/8] Remove hardcoded versions Signed-off-by: cliu123 --- .github/workflows/ci.yml | 18 ++++++++---------- .github/workflows/plugin_install.yml | 9 ++------- build.gradle | 2 +- 3 files changed, 11 insertions(+), 18 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 42f8da8c72..b72d1e1348 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -81,27 +81,25 @@ jobs: - run: ./gradlew clean assemble - - id: security-plugin-version - uses: madhead/read-java-properties@66cc8c88f5c6f6069ebfb42586024dd6ffe2e451 - with: - file: gradle.properties - property: security-plugin.version - - uses: actions/setup-java@v1 with: java-version: 11 - run: ./gradlew clean assemble - - run: test -s ./build/opensearch-security-${{ steps.security-plugin-version.outputs.value }}-SNAPSHOT.jar + - run: | + security_plugin_version=`./gradlew properties -q | grep -E "^version:" | awk '{print $2}'` + test -s ./build/opensearch-security-$security_plugin_version.jar - run: ./gradlew clean assemble -Dbuild.snapshot=false - - run: test -s ./build/opensearch-security-${{ steps.security-plugin-version.outputs.value }}.jar + - run: | + security_plugin_version_no_snapshot=`./gradlew properties -q | grep -E "^version:" | awk '{print $2}' | sed 's/-SNAPSHOT//g'` + test -s ./build/opensearch-security-$security_plugin_version_no_snapshot.jar - run: ./gradlew clean assemble -Dbuild.snapshot=false -Dbuild.version_qualifier=alpha1 - - run: test -s ./build/opensearch-security-${{ steps.security-plugin-version.outputs.value }}-alpha1.jar + - run: test -s ./build/opensearch-security-$security_plugin_version_no_snapshot.jar - run: ./gradlew clean assemble -Dbuild.version_qualifier=alpha1 - - run: test -s ./build/opensearch-security-${{ steps.security-plugin-version.outputs.value }}-alpha1-SNAPSHOT.jar + - run: test -s ./build/opensearch-security-$security_plugin_version.jar - name: List files in the build directory if there was an error run: ls -al ./build/ diff --git a/.github/workflows/plugin_install.yml b/.github/workflows/plugin_install.yml index 1f90e7745b..3cab575dc0 100644 --- a/.github/workflows/plugin_install.yml +++ b/.github/workflows/plugin_install.yml @@ -9,12 +9,6 @@ jobs: steps: - uses: actions/checkout@v2 - - id: opensearch-version - uses: madhead/read-java-properties@66cc8c88f5c6f6069ebfb42586024dd6ffe2e451 - with: - file: gradle.properties - property: opensearch-core.version - - name: Set up JDK uses: actions/setup-java@v1 with: @@ -25,7 +19,8 @@ jobs: - name: Download OpenSearch Core run: | - wget https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/${{ steps.opensearch-version.outputs.value }}/latest/linux/x64/builds/opensearch/dist/opensearch-min-${{ steps.opensearch-version.outputs.value }}-linux-x64.tar.gz + opensearch_version=`./gradlew properties -q | grep "opensearch_version:" | awk '{print $2}' | sed 's/-SNAPSHOT//g'` + wget https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/$opensearch_version/latest/linux/x64/builds/opensearch/dist/opensearch-min-$opensearch_version-linux-x64.tar.gz tar -xzf opensearch-*.tar.gz rm -f opensearch-*.tar.gz diff --git a/build.gradle b/build.gradle index 4002786335..b546847a87 100644 --- a/build.gradle +++ b/build.gradle @@ -331,7 +331,7 @@ task createPluginDescriptor() { "name=opensearch-security", "classname=org.opensearch.security.OpenSearchSecurityPlugin", "java.version=${java.targetCompatibility}", - "opensearch.version=${opensearch_build_nosnapshot}", + "opensearch.version=${version_tokens[0]}", ] new File("plugin-descriptor.properties").text = descriptorProperties.join ("\n") From b0489538031968025add6d32c1ff572e31e82aad Mon Sep 17 00:00:00 2001 From: cliu123 Date: Tue, 5 Apr 2022 10:43:30 -0700 Subject: [PATCH 4/8] Append variables to GITHUB_ENV Signed-off-by: cliu123 --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b72d1e1348..6c55f64941 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -87,12 +87,12 @@ jobs: - run: ./gradlew clean assemble - run: | - security_plugin_version=`./gradlew properties -q | grep -E "^version:" | awk '{print $2}'` + echo security_plugin_version=$(./gradlew properties -q | grep -E "^version:" | awk '{print $2}') >> $GITHUB_ENV test -s ./build/opensearch-security-$security_plugin_version.jar - run: ./gradlew clean assemble -Dbuild.snapshot=false - run: | - security_plugin_version_no_snapshot=`./gradlew properties -q | grep -E "^version:" | awk '{print $2}' | sed 's/-SNAPSHOT//g'` + echo security_plugin_version_no_snapshot=$(/gradlew properties -q | grep -E "^version:" | awk '{print $2}' | sed 's/-SNAPSHOT//g') >> $GITHUB_ENV test -s ./build/opensearch-security-$security_plugin_version_no_snapshot.jar - run: ./gradlew clean assemble -Dbuild.snapshot=false -Dbuild.version_qualifier=alpha1 From 640a62aec4a3614ef1f0cf106891d285550224b8 Mon Sep 17 00:00:00 2001 From: Peter Zhu Date: Tue, 5 Apr 2022 13:54:40 -0400 Subject: [PATCH 5/8] test env Signed-off-by: Peter Zhu --- .github/workflows/ci.yml | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6c55f64941..8280db0fb0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,27 +79,34 @@ jobs: steps: - uses: actions/checkout@v2 - - run: ./gradlew clean assemble - - uses: actions/setup-java@v1 with: java-version: 11 - - run: ./gradlew clean assemble - run: | - echo security_plugin_version=$(./gradlew properties -q | grep -E "^version:" | awk '{print $2}') >> $GITHUB_ENV - test -s ./build/opensearch-security-$security_plugin_version.jar + security_plugin_version=$(./gradlew properties -q | grep -E '^version:' | awk '{print $2}') + security_plugin_version_no_snapshot=$(echo $security_plugin_version | sed 's/-SNAPSHOT//g') + security_plugin_version_only_number=$(echo $security_plugin_version_no_snapshot | cut -d- -f1) + test_qualifier=alpha2 + + echo "SECURITY_PLUGIN_VERSION=$security_plugin_version" >> $GITHUB_ENV + echo "SECURITY_PLUGIN_VERSION_NO_SNAPSHOT=$security_plugin_version_no_snapshot" >> $GITHUB_ENV + echo "SECURITY_PLUGIN_VERSION_ONLY_NUMBER=$security_plugin_version_only_number" >> $GITHUB_ENV + echo "TEST_QUALIFIER=$test_qualifier" >> $GITHUB_ENV - - run: ./gradlew clean assemble -Dbuild.snapshot=false - run: | - echo security_plugin_version_no_snapshot=$(/gradlew properties -q | grep -E "^version:" | awk '{print $2}' | sed 's/-SNAPSHOT//g') >> $GITHUB_ENV - test -s ./build/opensearch-security-$security_plugin_version_no_snapshot.jar + echo ${{ env.SECURITY_PLUGIN_VERSION }} + echo ${{ env.SECURITY_PLUGIN_VERSION_NO_SNAPSHOT }} + echo ${{ env.SECURITY_PLUGIN_VERSION_ONLY_NUMBER }} + echo ${{ env.TEST_QUALIFIER }} + + - run: ./gradlew clean assemble && test -s ./build/opensearch-security-${{ env.SECURITY_PLUGIN_VERSION }}.jar + + - run: ./gradlew clean assemble -Dbuild.snapshot=false && test -s ./build/opensearch-security-${{ env.SECURITY_PLUGIN_VERSION_NO_SNAPSHOT }}.jar - - run: ./gradlew clean assemble -Dbuild.snapshot=false -Dbuild.version_qualifier=alpha1 - - run: test -s ./build/opensearch-security-$security_plugin_version_no_snapshot.jar + - run: ./gradlew clean assemble -Dbuild.snapshot=false -Dbuild.version_qualifier=${{ env.TEST_QUALIFIER }} && test -s ./build/opensearch-security-${{ env.SECURITY_PLUGIN_VERSION_ONLY_NUMBER }}-${{ env.TEST_QUALIFIER }}.jar - - run: ./gradlew clean assemble -Dbuild.version_qualifier=alpha1 - - run: test -s ./build/opensearch-security-$security_plugin_version.jar + - run: ./gradlew clean assemble -Dbuild.version_qualifier=${{ env.TEST_QUALIFIER }} && test -s ./build/opensearch-security-${{ env.SECURITY_PLUGIN_VERSION_ONLY_NUMBER }}-${{ env.TEST_QUALIFIER }}-SNAPSHOT.jar - name: List files in the build directory if there was an error run: ls -al ./build/ From d3ed3088769c21befdff502dcd788d9e19f039b1 Mon Sep 17 00:00:00 2001 From: cliu123 Date: Wed, 6 Apr 2022 10:23:48 -0700 Subject: [PATCH 6/8] Fix test failures Signed-off-by: cliu123 --- .../org/opensearch/security/dlic/dlsfls/DlsNestedTest.java | 3 +-- src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java index 18ce04c9e5..a70d5ee433 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java @@ -43,8 +43,7 @@ protected void populateData(Client tc) { " }" + ""; - tc.admin().indices().create(new CreateIndexRequest("deals") - .settings(Settings.builder().put("number_of_shards", 1).put("number_of_replicas", 0).build())).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("deals").simpleMapping("amount", "type=integer").simpleMapping("owner", "type=text").simpleMapping("my_nested_object", "type=nested").settings(Settings.builder().put("number_of_shards", 1).put("number_of_replicas", 0).build())).actionGet(); //tc.index(new IndexRequest("deals").id("3").setRefreshPolicy(RefreshPolicy.IMMEDIATE) // .source("{\"amount\": 7,\"owner\": \"a\", \"my_nested_object\" : {\"name\": \"spock\"}}", XContentType.JSON)).actionGet(); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java index e0a24cb2ce..7c704c2bda 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java @@ -273,7 +273,7 @@ public void testDlsWithMinDocCountZeroAggregations() throws Exception { setup(); try (Client client = getClient()) { - client.admin().indices().create(new CreateIndexRequest("logs")).actionGet(); + client.admin().indices().create(new CreateIndexRequest("logs").simpleMapping("termX", "type=keyword")).actionGet(); for (int i = 0; i < 3; i++) { client.index(new IndexRequest("logs").setRefreshPolicy(RefreshPolicy.IMMEDIATE).source("amount", i, "termX", "A", "timestamp", "2022-01-06T09:05:00Z")).actionGet(); From bc3aa89d8858527d530df1ad94f49011adc54569 Mon Sep 17 00:00:00 2001 From: cliu123 Date: Wed, 6 Apr 2022 11:35:12 -0700 Subject: [PATCH 7/8] Delete gradle.properties Signed-off-by: cliu123 --- gradle.properties | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 gradle.properties diff --git a/gradle.properties b/gradle.properties deleted file mode 100644 index e4cbe65dcc..0000000000 --- a/gradle.properties +++ /dev/null @@ -1,4 +0,0 @@ -# Sets the version of the Security plugin -security-plugin.version=2.0.0.0 -# Sets the version of OpenSearch this plugin should be built with -opensearch-core.version=2.0.0 From f6246a88bc34d8ed09efae3bfa9c66731477c590 Mon Sep 17 00:00:00 2001 From: cliu123 Date: Wed, 6 Apr 2022 12:57:58 -0700 Subject: [PATCH 8/8] Add mapping back Signed-off-by: cliu123 --- .../java/org/opensearch/security/TracingTests.java | 8 ++++---- .../security/auditlog/impl/TracingTests.java | 12 ++++++------ .../dlsfls/CustomFieldMaskedComplexMappingTest.java | 2 +- .../security/dlic/dlsfls/DlsNestedTest.java | 5 ++++- .../security/dlic/dlsfls/FlsExistsFieldsTest.java | 3 ++- .../security/dlic/dlsfls/FlsFieldsTest.java | 2 +- .../security/dlic/dlsfls/FlsFieldsWcTest.java | 2 +- 7 files changed, 19 insertions(+), 15 deletions(-) diff --git a/src/test/java/org/opensearch/security/TracingTests.java b/src/test/java/org/opensearch/security/TracingTests.java index fc193e2611..32cdb0bbf4 100644 --- a/src/test/java/org/opensearch/security/TracingTests.java +++ b/src/test/java/org/opensearch/security/TracingTests.java @@ -62,10 +62,10 @@ public void testAdvancedMapping() throws Exception { setup(Settings.EMPTY, new DynamicSecurityConfig(), Settings.EMPTY, true, ClusterConfiguration.DEFAULT); try (Client tc = getClient()) { - tc.admin().indices().create(new CreateIndexRequest("myindex1")).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex2")).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex3")).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex4")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex1").mapping(FileHelper.loadFile("mapping1.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex2").mapping(FileHelper.loadFile("mapping2.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex3").mapping(FileHelper.loadFile("mapping3.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex4").mapping(FileHelper.loadFile("mapping4.json"), XContentType.JSON)).actionGet(); } RestHelper rh = nonSslRestHelper(); diff --git a/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java b/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java index 59951c2566..60f0cde15e 100644 --- a/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java +++ b/src/test/java/org/opensearch/security/auditlog/impl/TracingTests.java @@ -338,10 +338,10 @@ public void testAdvancedMapping() throws Exception { rh.executePutRequest("_opendistro/_security/api/audit/config", AuditTestUtils.createAuditPayload(settings), encodeBasicHeader("admin", "admin")); try (Client tc = getClient()) { - tc.admin().indices().create(new CreateIndexRequest("myindex1")).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex2")).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex3")).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex4")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex1").mapping(FileHelper.loadFile("mapping1.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex2").mapping(FileHelper.loadFile("mapping2.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex3").mapping(FileHelper.loadFile("mapping3.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex4").mapping(FileHelper.loadFile("mapping4.json"), XContentType.JSON)).actionGet(); } System.out.println("############ write into mapping 1"); @@ -387,8 +387,8 @@ public void testImmutableIndex() throws Exception { rh.executePutRequest("_opendistro/_security/api/audit/config", AuditTestUtils.createAuditPayload(Settings.EMPTY), encodeBasicHeader("admin", "admin")); try (Client tc = getClient()) { - tc.admin().indices().create(new CreateIndexRequest("myindex1")).actionGet(); - tc.admin().indices().create(new CreateIndexRequest("myindex2")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex1").mapping(FileHelper.loadFile("mapping1.json"), XContentType.JSON)).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("myindex2").mapping(FileHelper.loadFile("mapping1.json"), XContentType.JSON)).actionGet(); } System.out.println("############ immutable 1"); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java index 2c2c74c7d6..0cb392c66e 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/CustomFieldMaskedComplexMappingTest.java @@ -36,7 +36,7 @@ public class CustomFieldMaskedComplexMappingTest extends AbstractDlsFlsTest{ protected void populateData(Client tc) { try { - tc.admin().indices().create(new CreateIndexRequest("logs")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("logs").mapping(FileHelper.loadFile("dlsfls/masked_field_mapping.json"), XContentType.JSON)).actionGet(); byte[] data = FileHelper.loadFile("dlsfls/logs_bulk_data.json").getBytes(StandardCharsets.UTF_8); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java index a70d5ee433..0dbceab386 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsNestedTest.java @@ -43,7 +43,10 @@ protected void populateData(Client tc) { " }" + ""; - tc.admin().indices().create(new CreateIndexRequest("deals").simpleMapping("amount", "type=integer").simpleMapping("owner", "type=text").simpleMapping("my_nested_object", "type=nested").settings(Settings.builder().put("number_of_shards", 1).put("number_of_replicas", 0).build())).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("deals") + .simpleMapping("amount", "type=integer", "owner", "type=text", "my_nested_object", "type=nested") + .settings(Settings.builder().put("number_of_shards", 1).put("number_of_replicas", 0).build())) + .actionGet(); //tc.index(new IndexRequest("deals").id("3").setRefreshPolicy(RefreshPolicy.IMMEDIATE) // .source("{\"amount\": 7,\"owner\": \"a\", \"my_nested_object\" : {\"name\": \"spock\"}}", XContentType.JSON)).actionGet(); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java index b0ce96c8a8..80d17d3ee0 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsExistsFieldsTest.java @@ -30,7 +30,8 @@ public class FlsExistsFieldsTest extends AbstractDlsFlsTest { protected void populateData(Client tc) { - tc.admin().indices().create(new CreateIndexRequest("data")) + tc.admin().indices().create(new CreateIndexRequest("data") + .simpleMapping("@timestamp", "type=date", "host", "type=text,norms=false", "response", "type=text,norms=false", "non-existing", "type=text,norms=false")) .actionGet(); for (int i = 0; i < 1; i++) { diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java index 371f36efba..91e0544cb4 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsTest.java @@ -34,7 +34,7 @@ public class FlsFieldsTest extends AbstractDlsFlsTest{ protected void populateData(Client tc) { - tc.admin().indices().create(new CreateIndexRequest("deals")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("deals").simpleMapping("timestamp", "type=date", "@timestamp", "type=date")).actionGet(); try { String doc = FileHelper.loadFile("dlsfls/doc1.json"); diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java index 19a0e9a791..1a6db9ec02 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFieldsWcTest.java @@ -34,7 +34,7 @@ public class FlsFieldsWcTest extends AbstractDlsFlsTest{ protected void populateData(Client tc) { - tc.admin().indices().create(new CreateIndexRequest("deals")).actionGet(); + tc.admin().indices().create(new CreateIndexRequest("deals").simpleMapping("timestamp", "type=date", "@timestamp", "type=date")).actionGet(); try { String doc = FileHelper.loadFile("dlsfls/doc1.json");