From 0f351af59a38830e682ffd0388c541f9eb0d11f5 Mon Sep 17 00:00:00 2001 From: Amit Galitzky Date: Fri, 28 Oct 2022 18:03:20 +0000 Subject: [PATCH 1/6] break up workflows and add working security CI Signed-off-by: Amit Galitzky --- .github/workflows/CI.yml | 57 ----------------- .github/workflows/Security-Test-CI.yml | 85 ++++++++++++++++++++++++++ .github/workflows/bwc-test-CI.yml | 45 ++++++++++++++ 3 files changed, 130 insertions(+), 57 deletions(-) create mode 100644 .github/workflows/Security-Test-CI.yml create mode 100644 .github/workflows/bwc-test-CI.yml diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index febebcbe4..8b313e0df 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -53,16 +53,7 @@ jobs: - name: Assemble anomaly-detection run: | - plugin_version=`./gradlew properties -q | grep "opensearch_build:" | awk '{print $2}'` - echo plugin_version $plugin_version ./gradlew assemble - echo "Creating ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version ..." - mkdir -p ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version - echo "Copying ./build/distributions/*.zip to ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version ..." - ls ./build/distributions/ - cp ./build/distributions/*.zip ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version - echo "Copied ./build/distributions/*.zip to ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version ..." - ls ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version - name: Build and Run Tests run: | ./gradlew build -Dtest.logs=true @@ -72,54 +63,6 @@ jobs: - name: Multi Nodes Integration Testing run: | ./gradlew integTest -PnumNodes=3 - - name: Pull and Run Docker - run: | - plugin=`basename $(ls build/distributions/*.zip)` - version=`echo $plugin|awk -F- '{print $3}'| cut -d. -f 1-3` - plugin_version=`echo $plugin|awk -F- '{print $3}'| cut -d. -f 1-4` - qualifier=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-1` - candidate_version=`echo $plugin|awk -F- '{print $5}'| cut -d. -f 1-1` - docker_version=$version-$qualifier - - [[ -z $candidate_version ]] && candidate_version=$qualifier && qualifier="" - - echo plugin version plugin_version qualifier candidate_version docker_version - echo "($plugin) ($version) ($plugin_version) ($qualifier) ($candidate_version) ($docker_version)" - - cd .. - if docker pull opensearchstaging/opensearch:$docker_version - then - echo "FROM opensearchstaging/opensearch:$docker_version" >> Dockerfile - echo "RUN if [ -d /usr/share/opensearch/plugins/opensearch-anomaly-detection ]; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-anomaly-detection; fi" >> Dockerfile - echo "ADD anomaly-detection/build/distributions/$plugin /tmp/" >> Dockerfile - echo "RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/$plugin" >> Dockerfile - docker build -t opensearch-ad:test . - echo "imagePresent=true" >> $GITHUB_ENV - else - echo "imagePresent=false" >> $GITHUB_ENV - fi - - name: Run Docker Image - if: env.imagePresent == 'true' - run: | - cd .. - docker run -p 9200:9200 -d -p 9600:9600 -e "discovery.type=single-node" opensearch-ad:test - sleep 90 - - name: Run AD Test - if: env.imagePresent == 'true' - run: | - security=`curl -XGET https://localhost:9200/_cat/plugins?v -u admin:admin --insecure |grep opensearch-security|wc -l` - if [ $security -gt 0 ] - then - echo "Security plugin is available" - ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=admin - else - echo "Security plugin is NOT available" - ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" - fi - - name: Run AD Backwards Compatibility Tests - run: | - echo "Running backwards compatibility tests ..." - ./gradlew bwcTestSuite -Dtests.security.manager=false - name: Upload Coverage Report uses: codecov/codecov-action@v1 with: diff --git a/.github/workflows/Security-Test-CI.yml b/.github/workflows/Security-Test-CI.yml new file mode 100644 index 000000000..a380286a2 --- /dev/null +++ b/.github/workflows/Security-Test-CI.yml @@ -0,0 +1,85 @@ +name: Security test workflow for Anomaly Detection +on: + push: + branches: + - "*" + pull_request: + branches: + - "*" + +jobs: + Build-ad: + strategy: + matrix: + java: [11,17] + fail-fast: false + + name: Security test workflow for Anomaly Detection + runs-on: ubuntu-latest + + steps: + - name: Setup Java ${{ matrix.java }} + uses: actions/setup-java@v1 + with: + java-version: ${{ matrix.java }} + + # anomaly-detection + - name: Checkout AD + uses: actions/checkout@v2 + + - name: Build Anomaly Detection + run: | + ./gradlew assemble + # example of variables: + # plugin = opensearch-anomaly-detection-2.4.0.0-SNAPSHOT.zip + # version = 2.4.0, plugin_version = 2.4.0.0, qualifier = SNAPSHOT + - name: Pull and Run Docker + run: | + plugin=`basename $(ls build/distributions/*.zip)` + version=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-3` + plugin_version=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-4` + qualifier=`echo $plugin|awk -F- '{print $5}'| cut -d. -f 1-1` + + if $qualifier!=SNAPSHOT + then + docker_version=$version-$qualifier + else + docker_version=$version + fi + echo plugin version plugin_version qualifier docker_version + echo "($plugin) ($version) ($plugin_version) ($qualifier) ($docker_version)" + + cd .. + if docker pull opensearchstaging/opensearch:$docker_version + then + echo "FROM opensearchstaging/opensearch:$docker_version" >> Dockerfile + echo "RUN if [ -d /usr/share/opensearch/plugins/opensearch-anomaly-detection ]; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-anomaly-detection; fi" >> Dockerfile + echo "ADD anomaly-detection/build/distributions/$plugin /tmp/" >> Dockerfile + echo "RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/$plugin" >> Dockerfile + docker build -t opensearch-ad:test . + echo "imagePresent=true" >> $GITHUB_ENV + else + echo "imagePresent=false" >> $GITHUB_ENV + fi + - name: Run Docker Image + if: env.imagePresent == 'true' + run: | + cd .. + docker run -p 9200:9200 -d -p 9600:9600 -e "discovery.type=single-node" opensearch-ad:test + sleep 90 + - name: Run AD Test + if: env.imagePresent == 'true' + run: | + security=`curl -XGET https://localhost:9200/_cat/plugins?v -u admin:admin --insecure |grep opensearch-security|wc -l` + if [ $security -gt 0 ] + then + echo "Security plugin is available" + ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=admin + else + echo "Security plugin is NOT available" + ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" + fi + - name: Run AD Backwards Compatibility Tests + run: | + echo "Running backwards compatibility tests ..." + ./gradlew bwcTestSuite -Dtests.security.manager=false diff --git a/.github/workflows/bwc-test-CI.yml b/.github/workflows/bwc-test-CI.yml new file mode 100644 index 000000000..97b019b05 --- /dev/null +++ b/.github/workflows/bwc-test-CI.yml @@ -0,0 +1,45 @@ +name: Test Anomaly detection BWC +on: + push: + branches: + - "*" + pull_request: + branches: + - "*" + +jobs: + Build-ad: + strategy: + matrix: + java: [11,17] + fail-fast: false + + name: Test Anomaly detection BWC + runs-on: ubuntu-latest + + steps: + - name: Setup Java ${{ matrix.java }} + uses: actions/setup-java@v1 + with: + java-version: ${{ matrix.java }} + + # anomaly-detection + - name: Checkout AD + uses: actions/checkout@v2 + + - name: Assemble anomaly-detection + run: | + plugin_version=`./gradlew properties -q | grep "opensearch_build:" | awk '{print $2}'` + echo plugin_version $plugin_version + ./gradlew assemble + echo "Creating ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version ..." + mkdir -p ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version + echo "Copying ./build/distributions/*.zip to ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version ..." + ls ./build/distributions/ + cp ./build/distributions/*.zip ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version + echo "Copied ./build/distributions/*.zip to ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version ..." + ls ./src/test/resources/org/opensearch/ad/bwc/anomaly-detection/$plugin_version + - name: Run AD Backwards Compatibility Tests + run: | + echo "Running backwards compatibility tests ..." + ./gradlew bwcTestSuite -Dtests.security.manager=false \ No newline at end of file From 746146ef22735dd14389a210cff4bd26ea549629 Mon Sep 17 00:00:00 2001 From: Amit Galitzky Date: Fri, 28 Oct 2022 18:23:04 +0000 Subject: [PATCH 2/6] remove bwc from security Signed-off-by: Amit Galitzky --- .github/workflows/Security-Test-CI.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/Security-Test-CI.yml b/.github/workflows/Security-Test-CI.yml index a380286a2..3ced28703 100644 --- a/.github/workflows/Security-Test-CI.yml +++ b/.github/workflows/Security-Test-CI.yml @@ -79,7 +79,3 @@ jobs: echo "Security plugin is NOT available" ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" fi - - name: Run AD Backwards Compatibility Tests - run: | - echo "Running backwards compatibility tests ..." - ./gradlew bwcTestSuite -Dtests.security.manager=false From b24a88c017ff8f59eef4a941cd1bffbfc14a0b94 Mon Sep 17 00:00:00 2001 From: Amit Galitzky Date: Fri, 28 Oct 2022 18:48:43 +0000 Subject: [PATCH 3/6] added macos ci Signed-off-by: Amit Galitzky --- .github/workflows/CI.yml | 27 ++------------------------- 1 file changed, 2 insertions(+), 25 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 8b313e0df..ce608d802 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -8,38 +8,15 @@ on: - "*" jobs: - Build-ad-windows: - strategy: - matrix: - java: [ 11, 17 ] - name: Build and Test Anomaly Detection Plugin on Windows - runs-on: windows-latest - steps: - - name: Setup Java ${{ matrix.java }} - uses: actions/setup-java@v1 - with: - java-version: ${{ matrix.java }} - # checkout Anomaly Detection - - name: Checkout Anomaly Detection - uses: actions/checkout@v2 - - - name: Build and Run Tests - run: | - ./gradlew.bat build - - name: Publish to Maven Local - run: | - ./gradlew publishToMavenLocal - - name: Multi Nodes Integration Testing - run: | - ./gradlew integTest -PnumNodes=3 Build-ad: strategy: matrix: java: [11,17] + os: [ubuntu-latest, windows-latest, macos-latest] fail-fast: false name: Build and Test Anomaly detection Plugin - runs-on: ubuntu-latest + runs-on: ${{ matrix.os }} steps: - name: Setup Java ${{ matrix.java }} From 205ed148dfb45837b9c3c53348868d8d3f0e3578 Mon Sep 17 00:00:00 2001 From: Amit Galitzky Date: Fri, 28 Oct 2022 20:14:38 +0000 Subject: [PATCH 4/6] seperate windows CI due to logging issue Signed-off-by: Amit Galitzky --- .github/workflows/CI.yml | 31 +++++++++++++++++++++++++++++-- 1 file changed, 29 insertions(+), 2 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index ce608d802..50e86f785 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -8,11 +8,39 @@ on: - "*" jobs: + Build-ad-windows: + strategy: + matrix: + java: [ 11, 17 ] + name: Build and Test Anomaly Detection Plugin on Windows + runs-on: windows-latest + steps: + - name: Setup Java ${{ matrix.java }} + uses: actions/setup-java@v1 + with: + java-version: ${{ matrix.java }} + - name: Checkout Anomaly Detection + uses: actions/checkout@v2 + + - name: Build and Run Tests + run: | + ./gradlew build + - name: Publish to Maven Local + run: | + ./gradlew publishToMavenLocal + - name: Multi Nodes Integration Testing + run: | + ./gradlew integTest -PnumNodes=3 + - name: Upload Coverage Report + uses: codecov/codecov-action@v1 + with: + file: ./build/reports/jacoco/test/jacocoTestReport.xml + flags: plugin Build-ad: strategy: matrix: java: [11,17] - os: [ubuntu-latest, windows-latest, macos-latest] + os: [ubuntu-latest, macos-latest] fail-fast: false name: Build and Test Anomaly detection Plugin @@ -24,7 +52,6 @@ jobs: with: java-version: ${{ matrix.java }} - # anomaly-detection - name: Checkout AD uses: actions/checkout@v2 From f0bed418d6a4b6108228b44d27eff4ebea493b35 Mon Sep 17 00:00:00 2001 From: Amit Galitzky Date: Fri, 28 Oct 2022 22:12:45 +0000 Subject: [PATCH 5/6] changed file name, removing running integ tests if no security plugin Signed-off-by: Amit Galitzky --- .github/workflows/{CI.yml => test_build_multi_platform.yml} | 0 .github/workflows/{bwc-test-CI.yml => test_bwc.yml} | 0 .github/workflows/{Security-Test-CI.yml => test_security.yml} | 1 - 3 files changed, 1 deletion(-) rename .github/workflows/{CI.yml => test_build_multi_platform.yml} (100%) rename .github/workflows/{bwc-test-CI.yml => test_bwc.yml} (100%) rename .github/workflows/{Security-Test-CI.yml => test_security.yml} (95%) diff --git a/.github/workflows/CI.yml b/.github/workflows/test_build_multi_platform.yml similarity index 100% rename from .github/workflows/CI.yml rename to .github/workflows/test_build_multi_platform.yml diff --git a/.github/workflows/bwc-test-CI.yml b/.github/workflows/test_bwc.yml similarity index 100% rename from .github/workflows/bwc-test-CI.yml rename to .github/workflows/test_bwc.yml diff --git a/.github/workflows/Security-Test-CI.yml b/.github/workflows/test_security.yml similarity index 95% rename from .github/workflows/Security-Test-CI.yml rename to .github/workflows/test_security.yml index 3ced28703..10cd95415 100644 --- a/.github/workflows/Security-Test-CI.yml +++ b/.github/workflows/test_security.yml @@ -77,5 +77,4 @@ jobs: ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=admin else echo "Security plugin is NOT available" - ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" fi From 7b897bd47d56df9f526af13d3c87f3c46b4fe200 Mon Sep 17 00:00:00 2001 From: Amit Galitzky Date: Fri, 28 Oct 2022 22:14:08 +0000 Subject: [PATCH 6/6] changed message on no security plugin Signed-off-by: Amit Galitzky --- .github/workflows/test_security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test_security.yml b/.github/workflows/test_security.yml index 10cd95415..651ba8627 100644 --- a/.github/workflows/test_security.yml +++ b/.github/workflows/test_security.yml @@ -76,5 +76,5 @@ jobs: echo "Security plugin is available" ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername="docker-cluster" -Dhttps=true -Duser=admin -Dpassword=admin else - echo "Security plugin is NOT available" + echo "Security plugin is NOT available, skipping integration tests" fi