From e47e12ff655ec7adf732545e5724c6ff806a379f Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 21 Feb 2024 13:27:47 -0500 Subject: [PATCH 01/20] Revert to old version Signed-off-by: Derek Ho --- .github/actions/run-cypress-tests/action.yml | 82 ++------------------ 1 file changed, 7 insertions(+), 75 deletions(-) diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index b006769da..6d7383aa3 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -35,89 +35,21 @@ runs: plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - # Download OpenSearch - - name: Download OpenSearch for Linux - uses: peternied/download-file@v2 - if: ${{ runner.os == 'Linux' }} - with: - url: https://artifacts.opensearch.org/snapshots/core/opensearch/${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/opensearch-min-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64-latest.tar.gz - - # Extract downloaded tar/zip - - name: Extract downloaded tar - if: ${{ runner.os == 'Linux' }} - run: | - tar -xzf opensearch-*.tar.gz - rm -f opensearch-*.tar.gz - shell: bash - - # Install the security plugin - - name: Install Plugin into OpenSearch for Linux - if: ${{ runner.os == 'Linux'}} - run: | - chmod +x ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/bin/opensearch-plugin - /bin/bash -c "yes | ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/bin/opensearch-plugin install file:$(pwd)/opensearch-security.zip" - shell: bash - - name: Replace demo configuration - if: ${{ runner.os == 'Linux' }} - run: | - if [ -f ${{ inputs.security_config_file }} ]; then - mv ${{ inputs.security_config_file }} ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/config/opensearch-security/config.yml - fi - shell: bash - - # Run any configuration scripts - - name: Run Setup Script for Linux - if: ${{ runner.os == 'Linux' }} - run: | - echo "running linux setup" - chmod +x ./setup.sh - ./setup.sh - shell: bash - # OSD bootstrap - name: Run Dashboard with Security Dashboards Plugin uses: ./.github/actions/install-dashboards with: plugin_name: security-dashboards-plugin - - name: Replace dashboards configuration - if: ${{ runner.os == 'Linux' }} - run: | - if [ -f ${{ inputs.dashboards_config_file }} ]; then - mv ${{ inputs.dashboards_config_file }} ./OpenSearch-Dashboards/config/opensearch_dashboards.yml - fi - shell: bash - - - name: Run pretest script - if: ${{ runner.os == 'Linux' }} - run: | - cd ./OpenSearch-Dashboards/plugins/security-dashboards-plugin - yarn pretest:jest_server - shell: bash - - # Run OpenSearch - - name: Run OpenSearch with plugin on Linux - if: ${{ runner.os == 'Linux'}} - run: | - /bin/bash -c "./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/bin/opensearch &" - shell: bash - - # Give the OpenSearch process some time to boot up before sending any requires, might need to increase the default time! - - name: Sleep while OpenSearch starts - uses: peternied/action-sleep@v1 + - name: Run Opensearch with A Single Plugin + uses: derek-ho/start-opensearch@main with: - seconds: 30 - - # Verify that the server is operational - - name: Check OpenSearch Running on Linux - if: ${{ runner.os != 'Windows'}} - run: curl https://localhost:9200/_cat/plugins -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k -v - shell: bash - - - if: always() - run: cat ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/logs/opensearch.log - shell: bash + opensearch-version: ${{ env.OPENSEARCH_VERSION }} + plugins: "file:$(pwd)/opensearch-security.zip" + security-enabled: true + admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} + security_config_file: ${{ inputs.security_config_file }} - name: Run OpenSearch Dashboards with provided configuration if: ${{ runner.os == 'Linux' }} From 6be3712d76783c4da03c7deaf808365dcb302cac Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 21 Feb 2024 13:29:00 -0500 Subject: [PATCH 02/20] Fix order Signed-off-by: Derek Ho --- .github/actions/run-cypress-tests/action.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index 6d7383aa3..5b79398d4 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -34,14 +34,7 @@ runs: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - # OSD bootstrap - - name: Run Dashboard with Security Dashboards Plugin - uses: ./.github/actions/install-dashboards - with: - plugin_name: security-dashboards-plugin - - name: Run Opensearch with A Single Plugin uses: derek-ho/start-opensearch@main with: @@ -51,6 +44,12 @@ runs: admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} security_config_file: ${{ inputs.security_config_file }} + # OSD bootstrap + - name: Run Dashboard with Security Dashboards Plugin + uses: ./.github/actions/install-dashboards + with: + plugin_name: security-dashboards-plugin + - name: Run OpenSearch Dashboards with provided configuration if: ${{ runner.os == 'Linux' }} run: | From 2542bdb3cc9f8f38669e697237d9ce1434f082d9 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 21 Feb 2024 14:28:03 -0500 Subject: [PATCH 03/20] Revert deletion of custom dashboards file Signed-off-by: Derek Ho --- .github/actions/run-cypress-tests/action.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index 5b79398d4..45b96781d 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -50,6 +50,21 @@ runs: with: plugin_name: security-dashboards-plugin + - name: Replace dashboards configuration + if: ${{ runner.os == 'Linux' }} + run: | + if [ -f ${{ inputs.dashboards_config_file }} ]; then + mv ${{ inputs.dashboards_config_file }} ./OpenSearch-Dashboards/config/opensearch_dashboards.yml + fi + shell: bash + + - name: Run pretest script + if: ${{ runner.os == 'Linux' }} + run: | + cd ./OpenSearch-Dashboards/plugins/security-dashboards-plugin + yarn pretest:jest_server + shell: bash + - name: Run OpenSearch Dashboards with provided configuration if: ${{ runner.os == 'Linux' }} run: | From e0ca2f90179a905af3f3edbaae7dd9e0c90cb39b Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 21 Feb 2024 14:32:57 -0500 Subject: [PATCH 04/20] Replace other instances of the backend workflow Signed-off-by: Derek Ho --- .github/workflows/cypress-test-tenancy-disabled.yml | 11 ++++++----- .github/workflows/cypress-test.yml | 11 ++++++----- .github/workflows/integration-test.yml | 11 ++++++----- .github/workflows/verify-binary-installation.yml | 6 +++--- 4 files changed, 21 insertions(+), 18 deletions(-) diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index c033501aa..11cae195f 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -10,6 +10,7 @@ env: OPENSEARCH_SNAPSHOT_CMD: 'node ../scripts/opensearch snapshot' SPEC: 'cypress/integration/plugins/security-dashboards-plugin/aggregation_view.js,' PLUGIN_NAME: opensearch-security + OPENSEARCH_INITIAL_ADMIN_PASSWORD: myStrongPassword123! jobs: cypress-tests-multitenancy-disabled: @@ -44,13 +45,13 @@ jobs: plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - name: Run Opensearch with A Single Plugin - uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main + - name: Run Opensearch with security + uses: derek-ho/start-opensearch@v1 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugin-name: ${{ env.PLUGIN_NAME }} - setup-script-name: setup - admin-password: myStrongPassword123! + plugins: "$(pwd)/${{ env.PLUGIN_NAME }}.zip" + security-enabled: true + admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} - name: Run Dashboard with Security Dashboards Plugin uses: ./.github/actions/install-dashboards diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index 614febc34..cf56f20da 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -10,6 +10,7 @@ env: OPENSEARCH_SNAPSHOT_CMD: 'node ../scripts/opensearch snapshot' SPEC: 'cypress/integration/plugins/security-dashboards-plugin/aggregation_view.js,' PLUGIN_NAME: opensearch-security + OPENSEARCH_INITIAL_ADMIN_PASSWORD: myStrongPassword123! jobs: cypress-tests: @@ -44,13 +45,13 @@ jobs: plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - name: Run Opensearch with A Single Plugin - uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main + - name: Run Opensearch with security + uses: derek-ho/start-opensearch@v1 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugin-name: ${{ env.PLUGIN_NAME }} - setup-script-name: setup - admin-password: myStrongPassword123! + plugins: "$(pwd)/${{ env.PLUGIN_NAME }}.zip" + security-enabled: true + admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} - name: Run Dashboard with Security Dashboards Plugin uses: ./.github/actions/install-dashboards diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 44db99642..be76df324 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -6,6 +6,7 @@ env: TEST_BROWSER_HEADLESS: 1 CI: 1 PLUGIN_NAME: opensearch-security + OPENSEARCH_INITIAL_ADMIN_PASSWORD: admin jobs: tests: @@ -58,13 +59,13 @@ jobs: plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - name: Run Opensearch with A Single Plugin - uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main + - name: Run Opensearch with security + uses: derek-ho/start-opensearch@v1 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugin-name: ${{ env.PLUGIN_NAME }} - setup-script-name: setup - admin-password: admin + plugins: "$(pwd)/${{ env.PLUGIN_NAME }}.zip" + security-enabled: true + admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} # https://github.com/actions/runner-images/issues/2840#issuecomment-790492173 - name: Remove unnecessary files Linux diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index cca92cb5a..6c7e60b7d 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -42,12 +42,12 @@ jobs: plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - name: Run Opensearch with A Single Plugin - uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main + - name: Run Opensearch with security + uses: derek-ho/start-opensearch@v1 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugin-name: ${{ env.PLUGIN_NAME }} - setup-script-name: setup + security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} - uses: actions/checkout@v2 From ad03837d4c34b728d0ffd3c76299f5240ea210cf Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 21 Feb 2024 14:38:44 -0500 Subject: [PATCH 05/20] Add file prefix Signed-off-by: Derek Ho --- .github/workflows/cypress-test-tenancy-disabled.yml | 2 +- .github/workflows/cypress-test.yml | 2 +- .github/workflows/integration-test.yml | 2 +- .github/workflows/verify-binary-installation.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index 11cae195f..e34f3c596 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -49,7 +49,7 @@ jobs: uses: derek-ho/start-opensearch@v1 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugins: "$(pwd)/${{ env.PLUGIN_NAME }}.zip" + plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index cf56f20da..27dc14698 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -49,7 +49,7 @@ jobs: uses: derek-ho/start-opensearch@v1 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugins: "$(pwd)/${{ env.PLUGIN_NAME }}.zip" + plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index be76df324..ef4959caa 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -63,7 +63,7 @@ jobs: uses: derek-ho/start-opensearch@v1 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugins: "$(pwd)/${{ env.PLUGIN_NAME }}.zip" + plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 6c7e60b7d..8195b9b72 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -46,7 +46,7 @@ jobs: uses: derek-ho/start-opensearch@v1 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugin-name: ${{ env.PLUGIN_NAME }} + plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} From 7bc277a3426c465ea9adc1ecc745442e17967edb Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 21 Feb 2024 14:40:19 -0500 Subject: [PATCH 06/20] Also add env variable references in workflow Signed-off-by: Derek Ho --- .github/workflows/integration-test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index ef4959caa..39807d9c0 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -90,7 +90,7 @@ jobs: if: ${{ runner.os == 'Linux' }} run: | echo "check if opensearch is ready" - curl -XGET https://localhost:9200 -u 'admin:admin' -k + curl -XGET https://localhost:9200 -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k yarn test:jest_server --coverage working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }} @@ -98,6 +98,6 @@ jobs: if: ${{ runner.os == 'Windows' }} run: | echo "check if opensearch is ready" - curl -XGET https://localhost:9200 -u 'admin:admin' -k + curl -XGET https://localhost:9200 -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k node .\test\run_jest_tests.js --runInBand --detectOpenHandles --forceExit --config .\test\jest.config.server.js working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }} From 6b910ecbceb4cc17b2d384c04af49966af8712d7 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 21 Feb 2024 15:47:45 -0500 Subject: [PATCH 07/20] Try the branch that adds settings for security dashboards ci support Signed-off-by: Derek Ho --- .github/actions/run-cypress-tests/action.yml | 2 +- .github/workflows/cypress-test-tenancy-disabled.yml | 2 +- .github/workflows/cypress-test.yml | 2 +- .github/workflows/integration-test.yml | 2 +- .github/workflows/verify-binary-installation.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index 45b96781d..413f22850 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -36,7 +36,7 @@ runs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with A Single Plugin - uses: derek-ho/start-opensearch@main + uses: derek-ho/start-opensearch@space-security-settings with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/opensearch-security.zip" diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index e34f3c596..17af6885d 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -46,7 +46,7 @@ jobs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@v1 + uses: derek-ho/start-opensearch@space-security-settings with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index 27dc14698..b68694fb8 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -46,7 +46,7 @@ jobs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@v1 + uses: derek-ho/start-opensearch@space-security-settings with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 39807d9c0..1e7714e00 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -60,7 +60,7 @@ jobs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@v1 + uses: derek-ho/start-opensearch@space-security-settings with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 8195b9b72..5e230ca9b 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -43,7 +43,7 @@ jobs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@v1 + uses: derek-ho/start-opensearch@space-security-settings with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" From 54022a1b18530609b77639f15f47941d4e042256 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Wed, 21 Feb 2024 17:07:05 -0500 Subject: [PATCH 08/20] Update workflow to v2 Signed-off-by: Derek Ho --- .github/actions/run-cypress-tests/action.yml | 2 +- .github/workflows/cypress-test-tenancy-disabled.yml | 2 +- .github/workflows/cypress-test.yml | 2 +- .github/workflows/integration-test.yml | 2 +- .github/workflows/verify-binary-installation.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index 413f22850..b20f14e99 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -36,7 +36,7 @@ runs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with A Single Plugin - uses: derek-ho/start-opensearch@space-security-settings + uses: derek-ho/start-opensearch@v2 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/opensearch-security.zip" diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index 17af6885d..280462972 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -46,7 +46,7 @@ jobs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@space-security-settings + uses: derek-ho/start-opensearch@v2 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index b68694fb8..1c8ec5f1e 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -46,7 +46,7 @@ jobs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@space-security-settings + uses: derek-ho/start-opensearch@v2 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 1e7714e00..d5a4200a8 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -60,7 +60,7 @@ jobs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@space-security-settings + uses: derek-ho/start-opensearch@v2 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 5e230ca9b..c33db91a3 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -43,7 +43,7 @@ jobs: plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with security - uses: derek-ho/start-opensearch@space-security-settings + uses: derek-ho/start-opensearch@v2 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" From 667d1bb458ccf181432ca049bf3b18c3a1094d20 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Thu, 22 Feb 2024 14:05:32 -0500 Subject: [PATCH 09/20] Use setup opensearch dashboards workflow Signed-off-by: Derek Ho --- .github/actions/install-dashboards/action.yml | 85 ------------------- .github/actions/run-cypress-tests/action.yml | 2 +- .../cypress-test-tenancy-disabled.yml | 2 +- .github/workflows/cypress-test.yml | 2 +- .github/workflows/unit-test.yml | 2 +- 5 files changed, 4 insertions(+), 89 deletions(-) delete mode 100644 .github/actions/install-dashboards/action.yml diff --git a/.github/actions/install-dashboards/action.yml b/.github/actions/install-dashboards/action.yml deleted file mode 100644 index e198f2dbb..000000000 --- a/.github/actions/install-dashboards/action.yml +++ /dev/null @@ -1,85 +0,0 @@ -name: 'Install Dashboards with Plugin' -description: 'Installs OpenSearch Dashboard with a Plugin from github, then checkouts the correct dashboards version for the plugin, configures npm/yarn, and bootstraps Dashboards' - -inputs: - plugin_name: - description: 'The name of the plugin to use, such as security-dashboards-plugin' - required: true - -outputs: - dashboards-directory: - description: "The directory where the dashboards has been configured" - value: ${{ steps.determine-dashboards-directory.outputs.dashboards-directory }} - - plugin-directory: - description: "The directory where the plugin has been configured" - value: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} - - -runs: - using: "composite" - steps: - - id: determine-dashboards-directory - run: echo "dashboards-directory=OpenSearch-Dashboards" >> $GITHUB_OUTPUT - shell: bash - - - id: determine-plugin-directory - run: echo "::set-output name=plugin-directory::./OpenSearch-Dashboards/plugins/${{ inputs.plugin_name }}" - shell: bash - - - uses: actions/checkout@v2 - with: - path: OpenSearch-Dashboards - repository: opensearch-project/OpenSearch-Dashboards - ref: 'main' - fetch-depth: 0 - filter: | - cypress - test - - - uses: actions/checkout@v2 - with: - path: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} - - - id: osd-version - run: | - echo "::set-output name=osd-version::$(jq -r '.opensearchDashboards.version | split(".") | .[:2] | join(".")' package.json)" - echo "::set-output name=osd-x-version::$(jq -r '.opensearchDashboards.version | split(".") | .[0]' package.json).x" - working-directory: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} - shell: bash - - - id: branch-switch-if-possible - continue-on-error: true # Defaults onto main if the branch switch doesn't work - if: ${{ steps.osd-version.outputs.osd-version }} - run: git checkout ${{ steps.osd-version.outputs.osd-version }} || git checkout ${{ steps.osd-version.outputs.osd-x-version }} - working-directory: ./OpenSearch-Dashboards - shell: bash - - - id: tool-versions - run: | - echo "node_version=$(cat .node-version)" >> $GITHUB_OUTPUT - echo "yarn_version=$(jq -r '.engines.yarn' package.json)" >> $GITHUB_OUTPUT - working-directory: OpenSearch-Dashboards - shell: bash - - - uses: actions/setup-node@v1 - with: - node-version: ${{ steps.tool-versions.outputs.node_version }} - registry-url: 'https://registry.npmjs.org' - - - name: Setup Opensearch Dashboards - run: | - npm uninstall -g yarn - echo "Installing yarn ${{ steps.tool-versions.outputs.yarn_version }}" - npm i -g yarn@${{ steps.tool-versions.outputs.yarn_version }} - yarn cache clean - yarn add sha.js - working-directory: OpenSearch-Dashboards - shell: bash - - - name: Bootstrap the OpenSearch Dashboard - uses: nick-fields/retry@v2 - with: - timeout_minutes: 20 - max_attempts: 2 - command: yarn --cwd OpenSearch-Dashboards osd bootstrap --oss --single-version=loose # loose is passed in to ignore version conflicts on cypress version used in OSD and this repo diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index b20f14e99..951f598b1 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -46,7 +46,7 @@ runs: # OSD bootstrap - name: Run Dashboard with Security Dashboards Plugin - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index 280462972..7ed3e31a3 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -54,7 +54,7 @@ jobs: admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} - name: Run Dashboard with Security Dashboards Plugin - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index 1c8ec5f1e..29d9516e4 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -54,7 +54,7 @@ jobs: admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} - name: Run Dashboard with Security Dashboards Plugin - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index de2572654..8fc641184 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@v2 - id: install-dashboards - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin From 74f25f30d9586d06e4501882c93f1a81871a5f1c Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Thu, 22 Feb 2024 14:07:39 -0500 Subject: [PATCH 10/20] Remove duplciate functionality in binary installation Signed-off-by: Derek Ho --- .../workflows/verify-binary-installation.yml | 71 +------------------ 1 file changed, 3 insertions(+), 68 deletions(-) diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index c33db91a3..0e6f8cc6b 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -22,11 +22,6 @@ jobs: - name: Checkout Branch uses: actions/checkout@v3 - - name: Set up JDK - uses: actions/setup-java@v1 - with: - java-version: 11 - - name: Set env run: | opensearch_version=$(node -p "require('./package.json').opensearchDashboards.version") @@ -50,70 +45,10 @@ jobs: security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} - - uses: actions/checkout@v2 - with: - path: OpenSearch-Dashboards - repository: opensearch-project/OpenSearch-Dashboards - ref: 'main' - fetch-depth: 0 - filter: | - cypress - test - - - id: osd-version - run: | - echo "::set-output name=osd-version::$(jq -r '.opensearchDashboards.version | split(".") | .[:2] | join(".")' package.json)" - echo "::set-output name=osd-x-version::$(jq -r '.opensearchDashboards.version | split(".") | .[0]' package.json).x" - shell: bash - - - id: branch-switch-if-possible - continue-on-error: true # Defaults onto main if the branch switch doesn't work - if: ${{ steps.osd-version.outputs.osd-version }} - run: git checkout ${{ steps.osd-version.outputs.osd-version }} || git checkout ${{ steps.osd-version.outputs.osd-x-version }} - working-directory: ./OpenSearch-Dashboards - shell: bash - - - id: tool-versions - run: | - echo "node_version=$(cat .node-version)" >> $GITHUB_OUTPUT - echo "yarn_version=$(jq -r '.engines.yarn' package.json)" >> $GITHUB_OUTPUT - working-directory: OpenSearch-Dashboards - shell: bash - - - uses: actions/setup-node@v1 + - name: Run Dashboard with Security Dashboards Plugin + uses: derek-ho/setup-opensearch-dashboards@main with: - node-version: ${{ steps.tool-versions.outputs.node_version }} - registry-url: 'https://registry.npmjs.org' - - # loose is passed in to ignore version conflicts on cypress version used in OSD and this repo - - name: Setup Opensearch Dashboards - run: | - npm uninstall -g yarn - echo "Installing yarn ${{ steps.tool-versions.outputs.yarn_version }}" - npm i -g yarn@${{ steps.tool-versions.outputs.yarn_version }} - yarn cache clean - yarn add sha.js - yarn osd bootstrap --single-version=loose - scripts/use_node scripts/build - working-directory: OpenSearch-Dashboards - shell: bash - - - uses: actions/checkout@v2 - with: - path: OpenSearch-Dashboards/plugins/security-dashboards-plugin - - # loose is passed in to ignore version conflicts on cypress version used in OSD and this repo - - name: Install dependencies - run: | - yarn osd bootstrap --single-version=loose - working-directory: OpenSearch-Dashboards - shell: bash - - - name: Build Plugin Zip - run: | - yarn build - working-directory: OpenSearch-Dashboards/plugins/security-dashboards-plugin - shell: bash + plugin_name: security-dashboards-plugin - name: Install plugin to OSD Linux run: | From cd097f508f87c1353060c558e3cc2c395c29671c Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Thu, 22 Feb 2024 14:08:39 -0500 Subject: [PATCH 11/20] Unsaved local changes Signed-off-by: Derek Ho --- .github/workflows/integration-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index d5a4200a8..b149e99f2 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -75,7 +75,7 @@ jobs: sudo rm -rf "$AGENT_TOOLSDIRECTORY" - id: install-dashboards - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin From 41d74b05b4f401172c8882b6dd31ffac0bfe16b0 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Thu, 22 Feb 2024 18:10:42 -0500 Subject: [PATCH 12/20] install zip as true Signed-off-by: Derek Ho --- .github/workflows/verify-binary-installation.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 0e6f8cc6b..c9ba5cbd4 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -49,6 +49,7 @@ jobs: uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin + install_zip: true - name: Install plugin to OSD Linux run: | From 3d11b66fcc2bf2fd1eeb498b99043b15f8977717 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Fri, 23 Feb 2024 10:17:36 -0500 Subject: [PATCH 13/20] Consolidate writing yml file Signed-off-by: Derek Ho --- .github/actions/run-cypress-tests/action.yml | 9 +---- .../cypress-test-tenancy-disabled.yml | 28 +++++++++----- .github/workflows/cypress-test.yml | 32 ++++++++++------ .../workflows/verify-binary-installation.yml | 37 ++++++++++--------- 4 files changed, 59 insertions(+), 47 deletions(-) diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index 951f598b1..1e6de2fe5 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -49,14 +49,7 @@ runs: uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin - - - name: Replace dashboards configuration - if: ${{ runner.os == 'Linux' }} - run: | - if [ -f ${{ inputs.dashboards_config_file }} ]; then - mv ${{ inputs.dashboards_config_file }} ./OpenSearch-Dashboards/config/opensearch_dashboards.yml - fi - shell: bash + opensearch_dashboards_yml: ${{ inputs.dashboards_config_file }} - name: Run pretest script if: ${{ runner.os == 'Linux' }} diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index 7ed3e31a3..f2b9952ea 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -53,24 +53,32 @@ jobs: security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} + # Configure the Dashboard + - name: Configure OpenSearch Dashboards with tenancy disabled + run: | + cat << 'EOT' > tenancy-disabled-config.yml + server.host: "0.0.0.0" + opensearch.hosts: ["https://localhost:9200"] + opensearch.ssl.verificationMode: none + opensearch.username: "kibanaserver" + opensearch.password: "kibanaserver" + opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] + opensearch_security.multitenancy.enabled: false + opensearch_security.readonly_mode.roles: ["kibana_read_only"] + opensearch_security.cookie.secure: false + EOT + echo 'HERE IS THE DASHBOARD CONFIG FILE: ' + cat tenancy-disabled-config.yml + - name: Run Dashboard with Security Dashboards Plugin uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin + opensearch_dashboards_yml: tenancy-disabled-config.yml - name: Configure and Run OpenSearch Dashboards with Cypress Test Cases run: | cd ./OpenSearch-Dashboards - > ./config/opensearch_dashboards.yml # Clear the file - echo 'server.host: "0.0.0.0"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.hosts: ["https://localhost:9200"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch.ssl.verificationMode: none' >> ./config/opensearch_dashboards.yml - echo 'opensearch.username: "kibanaserver"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.password: "kibanaserver"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.requestHeadersWhitelist: [ authorization,securitytenant ]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.multitenancy.enabled: false' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.readonly_mode.roles: ["kibana_read_only"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.cookie.secure: false' >> ./config/opensearch_dashboards.yml nohup yarn start --no-base-path --no-watch & sleep 500 git clone https://github.com/opensearch-project/opensearch-dashboards-functional-test.git diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index 29d9516e4..32cae3592 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -53,26 +53,34 @@ jobs: security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} + # Configure the Dashboard + - name: Configure OpenSearch Dashboards for cypress + run: | + cat << 'EOT' > cypress-config.yml + server.host: "0.0.0.0" + opensearch.hosts: ["https://localhost:9200"] + opensearch.ssl.verificationMode: none + opensearch.username: "kibanaserver" + opensearch.password: "kibanaserver" + opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] + opensearch_security.multitenancy.enabled: true + opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"] + opensearch_security.readonly_mode.roles: ["kibana_read_only"] + opensearch_security.cookie.secure: false + opensearch_security.multitenancy.enable_aggregation_view: true + EOT + echo 'HERE IS THE DASHBOARD CONFIG FILE: ' + cat cypress-config.yml + - name: Run Dashboard with Security Dashboards Plugin uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin + opensearch_dashboards_yml: cypress-config.yml - name: Configure and Run OpenSearch Dashboards with Cypress Test Cases run: | cd ./OpenSearch-Dashboards - > ./config/opensearch_dashboards.yml # Clear the file - echo 'server.host: "0.0.0.0"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.hosts: ["https://localhost:9200"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch.ssl.verificationMode: none' >> ./config/opensearch_dashboards.yml - echo 'opensearch.username: "kibanaserver"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.password: "kibanaserver"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.requestHeadersWhitelist: [ authorization,securitytenant ]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.multitenancy.enabled: true' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.readonly_mode.roles: ["kibana_read_only"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.cookie.secure: false' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.multitenancy.enable_aggregation_view: true' >> ./config/opensearch_dashboards.yml nohup yarn start --no-base-path --no-watch & sleep 500 git clone https://github.com/opensearch-project/opensearch-dashboards-functional-test.git diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index c9ba5cbd4..c0264e89d 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -45,22 +45,10 @@ jobs: security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} - - name: Run Dashboard with Security Dashboards Plugin - uses: derek-ho/setup-opensearch-dashboards@main - with: - plugin_name: security-dashboards-plugin - install_zip: true - - - name: Install plugin to OSD Linux - run: | - build/opensearch-dashboards-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64/bin/opensearch-dashboards-plugin install file:$(pwd)/plugins/security-dashboards-plugin/build/security-dashboards-${{env.PLUGIN_VERSION}}.zip - working-directory: OpenSearch-Dashboards - shell: bash - - - name: Write security settings into OSD yml file + # Configure the Dashboard + - name: Configure OpenSearch Dashboards run: | - rm -rf ./config/opensearch_dashboards.yml - cat << 'EOT' > ./config/opensearch_dashboards.yml + cat << 'EOT' > config.yml server.host: "0.0.0.0" opensearch.hosts: ["https://localhost:9200"] opensearch.ssl.verificationMode: none @@ -73,9 +61,24 @@ jobs: # Use this setting if you are running opensearch-dashboards without https opensearch_security.cookie.secure: false - working-directory: OpenSearch-Dashboards/build/opensearch-dashboards-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64 - + EOT + echo 'HERE IS THE DASHBOARD CONFIG FILE: ' + cat config.yml + + - name: Run Dashboard with Security Dashboards Plugin + uses: derek-ho/setup-opensearch-dashboards@main + with: + plugin_name: security-dashboards-plugin + install_zip: true + opensearch_dashboards_yml: config.yml + + - name: Install plugin to OSD Linux + run: | + build/opensearch-dashboards-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64/bin/opensearch-dashboards-plugin install file:$(pwd)/plugins/security-dashboards-plugin/build/security-dashboards-${{env.PLUGIN_VERSION}}.zip + working-directory: OpenSearch-Dashboards + shell: bash + - name: Start the binary run: | nohup ./bin/opensearch-dashboards & From 38e5c38dcb54cdfb1bb19076a178cb4e81110ae8 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Fri, 23 Feb 2024 10:30:18 -0500 Subject: [PATCH 14/20] Remove duplicate install Signed-off-by: Derek Ho --- .github/workflows/verify-binary-installation.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index c0264e89d..3dc928529 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -72,12 +72,6 @@ jobs: plugin_name: security-dashboards-plugin install_zip: true opensearch_dashboards_yml: config.yml - - - name: Install plugin to OSD Linux - run: | - build/opensearch-dashboards-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64/bin/opensearch-dashboards-plugin install file:$(pwd)/plugins/security-dashboards-plugin/build/security-dashboards-${{env.PLUGIN_VERSION}}.zip - working-directory: OpenSearch-Dashboards - shell: bash - name: Start the binary run: | From 7b5e2b6b8a64793953bfd86b17231cae29f86acd Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Fri, 23 Feb 2024 11:03:30 -0500 Subject: [PATCH 15/20] Modify workflow to pass in built plugin artifact name Signed-off-by: Derek Ho --- .github/workflows/verify-binary-installation.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 3dc928529..32fde972d 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -70,6 +70,7 @@ jobs: uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin + built_plugin_name: security-dashboards install_zip: true opensearch_dashboards_yml: config.yml From b4a5b8a3cf1c0536d98bb4593ff746ed10ec6256 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Fri, 23 Feb 2024 11:44:34 -0500 Subject: [PATCH 16/20] Use latest version of workflow and use directory output Signed-off-by: Derek Ho --- .github/workflows/verify-binary-installation.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 32fde972d..7ba0439e4 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -67,6 +67,7 @@ jobs: - name: Run Dashboard with Security Dashboards Plugin + id: setup-dashboards uses: derek-ho/setup-opensearch-dashboards@main with: plugin_name: security-dashboards-plugin @@ -77,7 +78,7 @@ jobs: - name: Start the binary run: | nohup ./bin/opensearch-dashboards & - working-directory: OpenSearch-Dashboards/build/opensearch-dashboards-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64 + working-directory: working-directory: ${{ steps.setup-dashboards.outputs.dashboards-directory }} shell: bash - name: Health check From bbe2abf1250f2bd749c1c453e2f18fb02181c950 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Fri, 23 Feb 2024 11:49:00 -0500 Subject: [PATCH 17/20] Fix syntax issue Signed-off-by: Derek Ho --- .github/workflows/verify-binary-installation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 7ba0439e4..b9da30748 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -78,7 +78,7 @@ jobs: - name: Start the binary run: | nohup ./bin/opensearch-dashboards & - working-directory: working-directory: ${{ steps.setup-dashboards.outputs.dashboards-directory }} + working-directory: ${{ steps.setup-dashboards.outputs.dashboards-directory }} shell: bash - name: Health check From 7d9b7ed6f59a85dad38ba2aecf5cb0002cd640e5 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Fri, 23 Feb 2024 12:45:28 -0500 Subject: [PATCH 18/20] Run start dashboards command in correct directory Signed-off-by: Derek Ho --- .github/workflows/verify-binary-installation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index b9da30748..957865d76 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -78,7 +78,7 @@ jobs: - name: Start the binary run: | nohup ./bin/opensearch-dashboards & - working-directory: ${{ steps.setup-dashboards.outputs.dashboards-directory }} + working-directory: ${{ steps.setup-dashboards.outputs.dashboards-binary-directory }} shell: bash - name: Health check From 6f6a7c19adf33db8acbd199dbd731337b105bebf Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Fri, 23 Feb 2024 13:32:45 -0500 Subject: [PATCH 19/20] Use v1 release Signed-off-by: Derek Ho --- .github/actions/run-cypress-tests/action.yml | 2 +- .github/workflows/cypress-test-tenancy-disabled.yml | 2 +- .github/workflows/cypress-test.yml | 2 +- .github/workflows/integration-test.yml | 2 +- .github/workflows/unit-test.yml | 2 +- .github/workflows/verify-binary-installation.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index 1e6de2fe5..6627243f0 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -46,7 +46,7 @@ runs: # OSD bootstrap - name: Run Dashboard with Security Dashboards Plugin - uses: derek-ho/setup-opensearch-dashboards@main + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin opensearch_dashboards_yml: ${{ inputs.dashboards_config_file }} diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index f2b9952ea..a915c4147 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -71,7 +71,7 @@ jobs: cat tenancy-disabled-config.yml - name: Run Dashboard with Security Dashboards Plugin - uses: derek-ho/setup-opensearch-dashboards@main + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin opensearch_dashboards_yml: tenancy-disabled-config.yml diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index 32cae3592..b771ae459 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -73,7 +73,7 @@ jobs: cat cypress-config.yml - name: Run Dashboard with Security Dashboards Plugin - uses: derek-ho/setup-opensearch-dashboards@main + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin opensearch_dashboards_yml: cypress-config.yml diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index b149e99f2..40dcdfecc 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -75,7 +75,7 @@ jobs: sudo rm -rf "$AGENT_TOOLSDIRECTORY" - id: install-dashboards - uses: derek-ho/setup-opensearch-dashboards@main + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index 8fc641184..8ee310d6d 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@v2 - id: install-dashboards - uses: derek-ho/setup-opensearch-dashboards@main + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 957865d76..79d978ee8 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -68,7 +68,7 @@ jobs: - name: Run Dashboard with Security Dashboards Plugin id: setup-dashboards - uses: derek-ho/setup-opensearch-dashboards@main + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin built_plugin_name: security-dashboards From b6d7780202a67e2fabb7a1a160e66068cc5b20fe Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Fri, 23 Feb 2024 16:59:13 -0500 Subject: [PATCH 20/20] Remove cats and rename config files Signed-off-by: Derek Ho --- .github/workflows/cypress-test-multiauth-e2e.yml | 4 ---- .github/workflows/cypress-test-oidc-e2e.yml | 4 ---- .github/workflows/cypress-test-saml-e2e.yml | 4 ---- .github/workflows/cypress-test-tenancy-disabled.yml | 6 ++---- .github/workflows/cypress-test.yml | 6 ++---- .github/workflows/verify-binary-installation.yml | 6 ++---- 6 files changed, 6 insertions(+), 24 deletions(-) diff --git a/.github/workflows/cypress-test-multiauth-e2e.yml b/.github/workflows/cypress-test-multiauth-e2e.yml index 9d577be1e..3b9827b0f 100644 --- a/.github/workflows/cypress-test-multiauth-e2e.yml +++ b/.github/workflows/cypress-test-multiauth-e2e.yml @@ -66,8 +66,6 @@ jobs: authentication_backend: type: noop EOT - echo "THIS IS THE SECURITY CONFIG FILE: " - cat config_multiauth.yml # Configure the Dashboard for SAML setup - name: Configure OpenSearch Dashboards with multi-auth configuration including SAML @@ -90,8 +88,6 @@ jobs: opensearch_security.auth.anonymous_auth_enabled: false home.disableWelcomeScreen: true EOT - echo 'HERE IS THE DASHBOARD CONFIG FILE: ' - cat opensearch_dashboards_multiauth.yml - name: Run Cypress Tests uses: ./.github/actions/run-cypress-tests diff --git a/.github/workflows/cypress-test-oidc-e2e.yml b/.github/workflows/cypress-test-oidc-e2e.yml index 333fb9096..59bfe08e4 100644 --- a/.github/workflows/cypress-test-oidc-e2e.yml +++ b/.github/workflows/cypress-test-oidc-e2e.yml @@ -110,8 +110,6 @@ jobs: authentication_backend: type: noop EOT - echo "THIS IS THE SECURITY CONFIG FILE: " - cat config_openid.yml # Configure the Dashboard for OpenID setup - name: Create OpenSearch Dashboards Config for OpenID @@ -136,8 +134,6 @@ jobs: opensearch_security.ui.openid.login.buttonname: "OIDC" home.disableWelcomeScreen: true EOT - echo 'HERE IS THE DASHBOARD CONFIG FILE: ' - cat opensearch_dashboards_openid.yml - name: Run Cypress Tests uses: ./.github/actions/run-cypress-tests diff --git a/.github/workflows/cypress-test-saml-e2e.yml b/.github/workflows/cypress-test-saml-e2e.yml index bce3f8ad8..b5b697ba4 100644 --- a/.github/workflows/cypress-test-saml-e2e.yml +++ b/.github/workflows/cypress-test-saml-e2e.yml @@ -66,8 +66,6 @@ jobs: authentication_backend: type: noop EOT - echo "THIS IS THE SECURITY CONFIG FILE: " - cat config_saml.yml # Configure the Dashboard for SAML setup - name: Configure and Run OpenSearch Dashboards with SAML Configuration @@ -90,8 +88,6 @@ jobs: opensearch_security.auth.anonymous_auth_enabled: false home.disableWelcomeScreen: true EOT - echo 'HERE IS THE DASHBOARD CONFIG FILE: ' - cat opensearch_dashboards_saml.yml - name: Run Cypress Tests uses: ./.github/actions/run-cypress-tests diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index a915c4147..8ba25a4c8 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -56,7 +56,7 @@ jobs: # Configure the Dashboard - name: Configure OpenSearch Dashboards with tenancy disabled run: | - cat << 'EOT' > tenancy-disabled-config.yml + cat << 'EOT' > tenancy-disabled-opensearch-dashboards-config.yml server.host: "0.0.0.0" opensearch.hosts: ["https://localhost:9200"] opensearch.ssl.verificationMode: none @@ -67,14 +67,12 @@ jobs: opensearch_security.readonly_mode.roles: ["kibana_read_only"] opensearch_security.cookie.secure: false EOT - echo 'HERE IS THE DASHBOARD CONFIG FILE: ' - cat tenancy-disabled-config.yml - name: Run Dashboard with Security Dashboards Plugin uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin - opensearch_dashboards_yml: tenancy-disabled-config.yml + opensearch_dashboards_yml: tenancy-disabled-opensearch-dashboards-config.yml - name: Configure and Run OpenSearch Dashboards with Cypress Test Cases run: | diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index b771ae459..ab5000383 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -56,7 +56,7 @@ jobs: # Configure the Dashboard - name: Configure OpenSearch Dashboards for cypress run: | - cat << 'EOT' > cypress-config.yml + cat << 'EOT' > cypress-opensearch-dashboards-config.yml server.host: "0.0.0.0" opensearch.hosts: ["https://localhost:9200"] opensearch.ssl.verificationMode: none @@ -69,14 +69,12 @@ jobs: opensearch_security.cookie.secure: false opensearch_security.multitenancy.enable_aggregation_view: true EOT - echo 'HERE IS THE DASHBOARD CONFIG FILE: ' - cat cypress-config.yml - name: Run Dashboard with Security Dashboards Plugin uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin - opensearch_dashboards_yml: cypress-config.yml + opensearch_dashboards_yml: cypress-opensearch-dashboards-config.yml - name: Configure and Run OpenSearch Dashboards with Cypress Test Cases run: | diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index 79d978ee8..7c89029d8 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -48,7 +48,7 @@ jobs: # Configure the Dashboard - name: Configure OpenSearch Dashboards run: | - cat << 'EOT' > config.yml + cat << 'EOT' > opensearch-dashboards-config.yml server.host: "0.0.0.0" opensearch.hosts: ["https://localhost:9200"] opensearch.ssl.verificationMode: none @@ -62,8 +62,6 @@ jobs: # Use this setting if you are running opensearch-dashboards without https opensearch_security.cookie.secure: false EOT - echo 'HERE IS THE DASHBOARD CONFIG FILE: ' - cat config.yml - name: Run Dashboard with Security Dashboards Plugin @@ -73,7 +71,7 @@ jobs: plugin_name: security-dashboards-plugin built_plugin_name: security-dashboards install_zip: true - opensearch_dashboards_yml: config.yml + opensearch_dashboards_yml: opensearch-dashboards-config.yml - name: Start the binary run: |