-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[DRAFT] Resource permissions and sharing #166
base: main
Are you sure you want to change the base?
Conversation
From latest
Next test would be to determine whether it recognizes security plugin |
security plugin bootstrap: DarshitChanpura/security#10 (comment) |
* The index where resource meta-data is stored | ||
* @return the name of the parent index where resource meta-data is stored | ||
*/ | ||
String getResourceIndex(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can a plugin define multiple types of resources and resource indices?
*/ | ||
public class ShareWith implements ToXContentFragment { | ||
|
||
private List<String> users; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can see pushback on introducing these concepts into the core. Is there a way to make this generic and let a plugin define an implementation?
d8710cc
to
23fcfba
Compare
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Gaurav Bafna <gbbafna@amazon.com>
* Adding _list/shards API Signed-off-by: Harsh Garg <gkharsh@amazon.com>
* Update Apache Lucene to 9.12.0 Signed-off-by: Andriy Redko <andriy.redko@aiven.io> * change to IOContext READONCE in locations where the file is not expected to be read multiple times. Signed-off-by: Marc Handalian <marc.handalian@gmail.com> * Use READ IOContext for all non Segment* files when copying node-node Signed-off-by: Marc Handalian <marc.handalian@gmail.com> * Fixing more test failures Signed-off-by: Andriy Redko <andriy.redko@aiven.io> * Move Composite912Codec under org.opensearch.index.codec.composite.composite912 package Signed-off-by: Andriy Redko <andriy.redko@aiven.io> --------- Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Signed-off-by: Marc Handalian <marc.handalian@gmail.com> Co-authored-by: Marc Handalian <marc.handalian@gmail.com>
…4993) * Avoid deep copy and other allocation improvements * Refactoring based on PR Comments and added JavaDocs * Added more comments * Added character for Triggering Jenkins build * Changes to cover collectZeroDocEntries method * Updated comment based on change in method's functionality * Added test to cover branches in collectZeroDocEntriesIfRequired * Rebased and resolved changelog conflict --------- Signed-off-by: expani <anijainc@amazon.com>
…ject#15925) * cancellation related Signed-off-by: Kiran Prakash <awskiran@amazon.com> * Update CHANGELOG.md Signed-off-by: Kiran Prakash <awskiran@amazon.com> * add better cancellation reason Signed-off-by: Kiran Prakash <awskiran@amazon.com> * Update DefaultTaskCancellationTests.java Signed-off-by: Kiran Prakash <awskiran@amazon.com> * refactor Signed-off-by: Kiran Prakash <awskiran@amazon.com> * refactor Signed-off-by: Kiran Prakash <awskiran@amazon.com> * Update DefaultTaskCancellation.java Signed-off-by: Kiran Prakash <awskiran@amazon.com> * Update DefaultTaskCancellation.java Signed-off-by: Kiran Prakash <awskiran@amazon.com> * Update DefaultTaskCancellation.java Signed-off-by: Kiran Prakash <awskiran@amazon.com> * Update DefaultTaskSelectionStrategy.java Signed-off-by: Kiran Prakash <awskiran@amazon.com> * refactor Signed-off-by: Kiran Prakash <awskiran@amazon.com> * refactor node level threshold Signed-off-by: Kiran Prakash <awskiran@amazon.com> * use query group task Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * code clean up and refactorings Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * add unit tests and fix existing ones Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * uncomment the test case Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * update CHANGELOG Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * fix imports Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * add queryGroupService Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * refactor and add UTs for new constructs Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * fix javadocs Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * remove code clutter Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * change annotation version and task selection strategy Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * rename a util class Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * remove wrappers from resource type Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * apply spotless Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * address comments Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * add rename changes Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * address comments Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * initial changes Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * refactor changes and logical bug fix Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * add chanegs Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * address comments Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * temp changes Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * add UTs Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * add changelog Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * add task completion listener hook Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * add remaining pieces to make the feature functional Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * extend stats and fix bugs Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * fix bugs and add logic to make SBP work with wlm Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * address comments Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * fix bugs and SBP ITs Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * add missed applyCluster state change Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * address comments Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * decouple queryGroupService and cancellationService Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * replace StateApplier with StateListener interface Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * fix precommit errors Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> --------- Signed-off-by: Kiran Prakash <awskiran@amazon.com> Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> Co-authored-by: Kiran Prakash <awskiran@amazon.com>
* Segmented cache changes for TieredCache Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Adding change log Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Allow segment number to be power of two Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Moving common tiered cache IT methods to a common base class Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Adding disk took time IT test with multiple segment Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Correcting changelog Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Addressing comments Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Fixing invalid segment count variable name Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Introducing new settings for size for respective cache tier Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Changing the default segmentCount logic Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Fixing missing java doc issue Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> --------- Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> Signed-off-by: Sagar <99425694+sgup432@users.noreply.github.com>
…project#15249) --------- Signed-off-by: Bharathwaj G <bharath78910@gmail.com>
* Refactoring builder tests Signed-off-by: Bharathwaj G <bharath78910@gmail.com> * adding date tests Signed-off-by: Bharathwaj G <bharath78910@gmail.com> --------- Signed-off-by: Bharathwaj G <bharath78910@gmail.com>
…#16110) * Change successfulSearchShardIndices to Set<Index> Signed-off-by: David Zane <davizane@amazon.com> * Update CHANGELOG.md Signed-off-by: Ankit Jain <akjain@amazon.com> --------- Signed-off-by: David Zane <davizane@amazon.com> Signed-off-by: Ankit Jain <akjain@amazon.com> Co-authored-by: Ankit Jain <akjain@amazon.com>
Signed-off-by: Gaurav Bafna <gbbafna@amazon.com>
…azure (opensearch-project#16217) * Bump com.azure:azure-json in /plugins/repository-azure Bumps [com.azure:azure-json](https://github.com/Azure/azure-sdk-for-java) from 1.1.0 to 1.3.0. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](Azure/azure-sdk-for-java@v1.1.0...v1.3.0) --- updated-dependencies: - dependency-name: com.azure:azure-json dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
…roject#16228) Signed-off-by: Sachin Kale <sachinpkale@gmail.com>
…es (opensearch-project#16237) * Remove force to TLSv1.2 in gradle.properties Signed-off-by: Craig Perkins <cwperx@amazon.com> * Add TLSv1.3 Signed-off-by: Craig Perkins <cwperx@amazon.com> --------- Signed-off-by: Craig Perkins <cwperx@amazon.com>
…rch-project#16240) Signed-off-by: Sayali Gaikawad <gaiksaya@amazon.com>
…16238) * Fix Cache breaking change Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Empty commit to trigger build Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> --------- Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com>
…omposite99Codec (opensearch-project#16227) * Refactoring builder tests * composite912 codec refactor changes --------- Signed-off-by: Bharathwaj G <bharath78910@gmail.com>
…plugins/repository-gcs (opensearch-project#16216) * Bump com.google.api-client:google-api-client in /plugins/repository-gcs Bumps [com.google.api-client:google-api-client](https://github.com/googleapis/google-api-java-client) from 2.2.0 to 2.7.0. - [Release notes](https://github.com/googleapis/google-api-java-client/releases) - [Changelog](https://github.com/googleapis/google-api-java-client/blob/main/CHANGELOG.md) - [Commits](googleapis/google-api-java-client@v2.2.0...v2.7.0) --- updated-dependencies: - dependency-name: com.google.api-client:google-api-client dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: gaobinlong <gbinlong@amazon.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: gaobinlong <gbinlong@amazon.com>
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
…s-fixture (opensearch-project#16212) * Bump com.squareup.okio:okio in /test/fixtures/hdfs-fixture Bumps [com.squareup.okio:okio](https://github.com/square/okio) from 3.9.0 to 3.9.1. - [Release notes](https://github.com/square/okio/releases) - [Changelog](https://github.com/square/okio/blob/master/CHANGELOG.md) - [Commits](square/okio@parent-3.9.0...3.9.1) --- updated-dependencies: - dependency-name: com.squareup.okio:okio dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
…opensearch-project#16213) * Bump io.grpc:grpc-api from 1.57.2 to 1.68.0 in /plugins/discovery-gce Bumps [io.grpc:grpc-api](https://github.com/grpc/grpc-java) from 1.57.2 to 1.68.0. - [Release notes](https://github.com/grpc/grpc-java/releases) - [Commits](grpc/grpc-java@v1.57.2...v1.68.0) --- updated-dependencies: - dependency-name: io.grpc:grpc-api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> * Centralize grpc version management Signed-off-by: Andriy Redko <andriy.redko@aiven.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: Andriy Redko <andriy.redko@aiven.io>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
…#16641) * Changes to support IP --------- Signed-off-by: bharath-techie <bharath78910@gmail.com>
We [reached agreement][1] to move this plugin to a separate repository. The implementation was never completed here, and this code was never backported to any release, so it is safe to remove. [1]: opensearch-project#7771 (comment) Signed-off-by: Andrew Ross <andrross@amazon.com>
…16828) Signed-off-by: kkewwei <kkewwei@163.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
ffda76d
to
448307b
Compare
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
…/repository-azure (opensearch-project#16895) * Bump com.nimbusds:oauth2-oidc-sdk in /plugins/repository-azure Bumps [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) from 11.19.1 to 11.20.1. - [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt) - [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.20.1..11.19.1) --- updated-dependencies: - dependency-name: com.nimbusds:oauth2-oidc-sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
…stribution/packages (opensearch-project#16896) * Bump com.netflix.nebula.ospackage-base in /distribution/packages Bumps com.netflix.nebula.ospackage-base from 11.10.0 to 11.10.1. --- updated-dependencies: - dependency-name: com.netflix.nebula.ospackage-base dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
…xtures/hdfs-fixture (opensearch-project#16898) * Bump ch.qos.logback:logback-classic in /test/fixtures/hdfs-fixture Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.12 to 1.5.15. - [Commits](qos-ch/logback@v_1.5.12...v_1.5.15) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
…t#16897) * Bump lycheeverse/lychee-action from 2.1.0 to 2.2.0 Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](lycheeverse/lychee-action@v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
…earch-project#16844) * Extract jars to sub dirs during thirdPartyAudit task. Signed-off-by: Finn Carroll <carrofin@amazon.com> * Change regex to split on '-'/'.'. Ignore version. Signed-off-by: Finn Carroll <carrofin@amazon.com> * Split on .jar for sub folder prefix. Signed-off-by: Finn Carroll <carrofin@amazon.com> --------- Signed-off-by: Finn Carroll <carrofin@amazon.com>
…ository-azure (opensearch-project#16918) * Bump com.microsoft.azure:msal4j in /plugins/repository-azure Bumps [com.microsoft.azure:msal4j](https://github.com/AzureAD/microsoft-authentication-library-for-java) from 1.17.2 to 1.18.0. - [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-java/releases) - [Changelog](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/dev/changelog.txt) - [Commits](AzureAD/microsoft-authentication-library-for-java@v1.17.2...v1.18.0) --- updated-dependencies: - dependency-name: com.microsoft.azure:msal4j dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Updating SHAs Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
…ixtures/hdfs-fixture (opensearch-project#16919) * Bump org.apache.commons:commons-text in /test/fixtures/hdfs-fixture Bumps org.apache.commons:commons-text from 1.12.0 to 1.13.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Introduce auxiliary transport to NetworkPlugin and add gRPC plugin. Auxiliary transports are optional lifecycle components provided by network plugins which run in parallel to the http server/native transport. They are distinct from the existing NetworkPlugin interfaces of 'getTransports' and 'getHttpTransports' as auxiliary transports are optional. Each AuxTransport implements it's own 'aux.transport.type' and 'aux.transport.<type>.ports' setting. Since Security.java initializes previous to Node.java during bootstrap socket binding permissions are granted based on 'aux.transport.<type>.ports' for each enabled 'aux.transport.type', falling back to a default if no ports are specified. Signed-off-by: Finn Carroll <carrofin@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
60c9d1a
to
532d13a
Compare
companion PR: DarshitChanpura/security#10