diff --git a/.github/workflows/docker-security-test-workflow.yml b/.github/workflows/docker-security-test-workflow.yml index 61727711f..bc3bf0581 100644 --- a/.github/workflows/docker-security-test-workflow.yml +++ b/.github/workflows/docker-security-test-workflow.yml @@ -73,7 +73,7 @@ jobs: if [ $security -gt 0 ] then echo "Security plugin is available" - ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername=docker-cluster -Dsecurity=true -Dhttps=true -Duser=admin -Dpassword=admin + ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername=docker-cluster -Dsecurity=true -Dhttps=true -Duser=admin -Dpassword=admin -Dtests.class=“*SecurityBehaviorIT" else echo "Security plugin is NOT available skipping this run as tests without security have already been run" fi diff --git a/.github/workflows/security-test-workflow.yml b/.github/workflows/security-test-workflow.yml index 7fe56adfb..d5edaf14c 100644 --- a/.github/workflows/security-test-workflow.yml +++ b/.github/workflows/security-test-workflow.yml @@ -24,7 +24,7 @@ jobs: uses: actions/checkout@v2 - name: Run integration tests run: | - ./gradlew integTest -Dsecurity=true -Dhttps=true + ./gradlew integTest -Dsecurity=true -Dhttps=true -Dtests.class=“*SecurityBehaviorIT" - name: Upload failed logs uses: actions/upload-artifact@v2 if: failure() diff --git a/src/test/kotlin/org/opensearch/indexmanagement/SecurityRestTestCase.kt b/src/test/kotlin/org/opensearch/indexmanagement/SecurityRestTestCase.kt index e4ca31c6b..ccce595e3 100644 --- a/src/test/kotlin/org/opensearch/indexmanagement/SecurityRestTestCase.kt +++ b/src/test/kotlin/org/opensearch/indexmanagement/SecurityRestTestCase.kt @@ -1,12 +1,6 @@ /* + * Copyright OpenSearch Contributors * SPDX-License-Identifier: Apache-2.0 - * - * The OpenSearch Contributors require contributions made to - * this file be licensed under the Apache-2.0 license or a - * compatible open source license. - * - * Modifications Copyright OpenSearch Contributors. See - * GitHub history for details. */ package org.opensearch.indexmanagement @@ -224,7 +218,8 @@ abstract class SecurityRestTestCase : IndexManagementRestTestCase() { return entityAsMap(executeRequest(request, RestStatus.OK, client)) } - protected fun getExistingManagedIndexConfig(index: String) = IndexStateManagementRestTestCaseExt.getExistingManagedIndexConfigExt(index) + protected fun getExistingManagedIndexConfig(index: String) = + IndexStateManagementRestTestCaseExt.getExistingManagedIndexConfigExt(index) protected fun createPolicyJson( policyString: String, @@ -356,7 +351,8 @@ abstract class SecurityRestTestCase : IndexManagementRestTestCase() { client: RestClient ) = TransformRestTestCaseExt.getTransformExt(transformId, header, client) - protected fun getTransformMetadata(metadataId: String) = TransformRestTestCaseExt.getTransformMetadataExt(metadataId) + protected fun getTransformMetadata(metadataId: String) = + TransformRestTestCaseExt.getTransformMetadataExt(metadataId) protected fun checkTransformExplain(transformId: String, userClient: RestClient, expectedStatus: RestStatus): Response { val request = Request(RestRequest.Method.GET.name, IndexManagementPlugin.TRANSFORM_BASE_URI + "/$transformId/_explain") diff --git a/src/test/kotlin/org/opensearch/indexmanagement/AccessRoles.kt b/src/test/kotlin/org/opensearch/indexmanagement/security/AccessRoles.kt similarity index 100% rename from src/test/kotlin/org/opensearch/indexmanagement/AccessRoles.kt rename to src/test/kotlin/org/opensearch/indexmanagement/security/AccessRoles.kt diff --git a/src/test/kotlin/org/opensearch/indexmanagement/ExplainSecurityBehaviorIT.kt b/src/test/kotlin/org/opensearch/indexmanagement/security/ExplainSecurityBehaviorIT.kt similarity index 85% rename from src/test/kotlin/org/opensearch/indexmanagement/ExplainSecurityBehaviorIT.kt rename to src/test/kotlin/org/opensearch/indexmanagement/security/ExplainSecurityBehaviorIT.kt index 223b9171e..55997ab3b 100644 --- a/src/test/kotlin/org/opensearch/indexmanagement/ExplainSecurityBehaviorIT.kt +++ b/src/test/kotlin/org/opensearch/indexmanagement/security/ExplainSecurityBehaviorIT.kt @@ -3,7 +3,7 @@ * SPDX-License-Identifier: Apache-2.0 */ -package org.opensearch.indexmanagement +package org.opensearch.indexmanagement.security import org.junit.After import org.junit.Before @@ -11,14 +11,21 @@ import org.opensearch.action.admin.indices.alias.IndicesAliasesRequest import org.opensearch.client.ResponseException import org.opensearch.client.RestClient import org.opensearch.commons.rest.SecureRestClientBuilder -import org.opensearch.indexmanagement.IndexManagementPlugin.Companion.INDEX_MANAGEMENT_INDEX +import org.opensearch.indexmanagement.BULK_WRITE_INDEX +import org.opensearch.indexmanagement.CREATE_INDEX +import org.opensearch.indexmanagement.GET_INDEX_MAPPING +import org.opensearch.indexmanagement.IndexManagementPlugin +import org.opensearch.indexmanagement.MANAGED_INDEX +import org.opensearch.indexmanagement.PUT_INDEX_MAPPING +import org.opensearch.indexmanagement.SEARCH_INDEX +import org.opensearch.indexmanagement.SecurityRestTestCase +import org.opensearch.indexmanagement.WRITE_INDEX import org.opensearch.indexmanagement.indexstatemanagement.action.AliasAction import org.opensearch.indexmanagement.indexstatemanagement.model.Policy import org.opensearch.indexmanagement.indexstatemanagement.model.State import org.opensearch.indexmanagement.indexstatemanagement.randomErrorNotification import org.opensearch.indexmanagement.indexstatemanagement.transport.action.explain.ExplainAction import org.opensearch.rest.RestStatus -import org.opensearch.test.OpenSearchTestCase import org.opensearch.test.junit.annotations.TestLogging import java.time.Instant import java.time.temporal.ChronoUnit @@ -65,13 +72,13 @@ class ExplainSecurityBehaviorIT : SecurityRestTestCase() { deleteUser(ismUser) deleteRole(HELPDESK_ROLE) - deleteIndexByName("$INDEX_MANAGEMENT_INDEX") + deleteIndexByName("${IndexManagementPlugin.INDEX_MANAGEMENT_INDEX}") } fun `test managed index explain indices permission check`() { - val notPermittedIndexPrefix = OpenSearchTestCase.randomAlphaOfLength(10).lowercase(Locale.getDefault()) - val policyId = OpenSearchTestCase.randomAlphaOfLength(10) + val notPermittedIndexPrefix = randomAlphaOfLength(10).lowercase(Locale.getDefault()) + val policyId = randomAlphaOfLength(10) val permittedindices = mutableListOf() val notPermittedindices = mutableListOf() diff --git a/src/test/kotlin/org/opensearch/indexmanagement/RollupSecurityBehaviorIT.kt b/src/test/kotlin/org/opensearch/indexmanagement/security/RollupSecurityBehaviorIT.kt similarity index 92% rename from src/test/kotlin/org/opensearch/indexmanagement/RollupSecurityBehaviorIT.kt rename to src/test/kotlin/org/opensearch/indexmanagement/security/RollupSecurityBehaviorIT.kt index b0c963e50..29a8a530f 100644 --- a/src/test/kotlin/org/opensearch/indexmanagement/RollupSecurityBehaviorIT.kt +++ b/src/test/kotlin/org/opensearch/indexmanagement/security/RollupSecurityBehaviorIT.kt @@ -1,20 +1,27 @@ /* + * Copyright OpenSearch Contributors * SPDX-License-Identifier: Apache-2.0 - * - * The OpenSearch Contributors require contributions made to - * this file be licensed under the Apache-2.0 license or a - * compatible open source license. - * - * Modifications Copyright OpenSearch Contributors. See - * GitHub history for details. */ -package org.opensearch.indexmanagement +package org.opensearch.indexmanagement.security import org.junit.After import org.junit.Before import org.opensearch.client.RestClient import org.opensearch.commons.rest.SecureRestClientBuilder +import org.opensearch.indexmanagement.BULK_WRITE_INDEX +import org.opensearch.indexmanagement.CREATE_INDEX +import org.opensearch.indexmanagement.DELETE_ROLLUP +import org.opensearch.indexmanagement.EXPLAIN_ROLLUP +import org.opensearch.indexmanagement.GET_INDEX_MAPPING +import org.opensearch.indexmanagement.GET_ROLLUP +import org.opensearch.indexmanagement.INDEX_ROLLUP +import org.opensearch.indexmanagement.MANAGED_INDEX +import org.opensearch.indexmanagement.PUT_INDEX_MAPPING +import org.opensearch.indexmanagement.SEARCH_INDEX +import org.opensearch.indexmanagement.SecurityRestTestCase +import org.opensearch.indexmanagement.UPDATE_ROLLUP +import org.opensearch.indexmanagement.WRITE_INDEX import org.opensearch.indexmanagement.common.model.dimension.DateHistogram import org.opensearch.indexmanagement.indexstatemanagement.settings.ManagedIndexSettings import org.opensearch.indexmanagement.rollup.model.Rollup @@ -26,6 +33,7 @@ import org.opensearch.indexmanagement.rollup.model.metric.Min import org.opensearch.indexmanagement.rollup.model.metric.Sum import org.opensearch.indexmanagement.rollup.model.metric.ValueCount import org.opensearch.indexmanagement.rollup.randomRollup +import org.opensearch.indexmanagement.waitFor import org.opensearch.jobscheduler.spi.schedule.IntervalSchedule import org.opensearch.rest.RestStatus import org.opensearch.test.junit.annotations.TestLogging diff --git a/src/test/kotlin/org/opensearch/indexmanagement/SecurityBehaviorIT.kt b/src/test/kotlin/org/opensearch/indexmanagement/security/SecurityBehaviorIT.kt similarity index 89% rename from src/test/kotlin/org/opensearch/indexmanagement/SecurityBehaviorIT.kt rename to src/test/kotlin/org/opensearch/indexmanagement/security/SecurityBehaviorIT.kt index 90dfc398b..74d708d61 100644 --- a/src/test/kotlin/org/opensearch/indexmanagement/SecurityBehaviorIT.kt +++ b/src/test/kotlin/org/opensearch/indexmanagement/security/SecurityBehaviorIT.kt @@ -1,21 +1,29 @@ /* + * Copyright OpenSearch Contributors * SPDX-License-Identifier: Apache-2.0 - * - * The OpenSearch Contributors require contributions made to - * this file be licensed under the Apache-2.0 license or a - * compatible open source license. - * - * Modifications Copyright OpenSearch Contributors. See - * GitHub history for details. */ -package org.opensearch.indexmanagement +package org.opensearch.indexmanagement.security import org.junit.After import org.junit.Before import org.opensearch.client.RestClient import org.opensearch.commons.rest.SecureRestClientBuilder +import org.opensearch.indexmanagement.BULK_WRITE_INDEX +import org.opensearch.indexmanagement.CREATE_INDEX +import org.opensearch.indexmanagement.EXPLAIN_INDEX +import org.opensearch.indexmanagement.GET_INDEX_MAPPING +import org.opensearch.indexmanagement.GET_POLICIES +import org.opensearch.indexmanagement.GET_POLICY +import org.opensearch.indexmanagement.MANAGED_INDEX +import org.opensearch.indexmanagement.PUT_INDEX_MAPPING +import org.opensearch.indexmanagement.SEARCH_INDEX +import org.opensearch.indexmanagement.SecurityRestTestCase +import org.opensearch.indexmanagement.WRITE_INDEX +import org.opensearch.indexmanagement.WRITE_POLICY import org.opensearch.indexmanagement.indexstatemanagement.settings.ManagedIndexSettings +import org.opensearch.indexmanagement.makeRequest +import org.opensearch.indexmanagement.waitFor import org.opensearch.rest.RestStatus import org.opensearch.test.junit.annotations.TestLogging