Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixing security tests #477

Merged
merged 2 commits into from
Jan 30, 2024
Merged

Fixing security tests #477

merged 2 commits into from
Jan 30, 2024

Conversation

joshpalis
Copy link
Member

@joshpalis joshpalis commented Jan 30, 2024
edited
Loading

Description

Enabled security integration tests using -Dhttps flag. Now security enabled integration tests will run with the following commands

  • ./gradlew integTest -Dhttps=true -Duser=admin -Dpassword=admin
  • ./gradlew integTest -Dsecurity.enabled=true

Issues Resolved

Resolves #469

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@joshpalis
Fixing security tests
9be1ae2 
Signed-off-by: Joshua Palis <jpalis@amazon.com>
@joshpalis joshpalis added the backport 2.x backport PRs to 2.x branch label Jan 30, 2024
@codecov Codecov
Copy link

codecov bot commented Jan 30, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (a812e51) 71.91% compared to head (9fdde23) 71.91%.
Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##               main     #477   +/-   ##
=========================================
  Coverage     71.91%   71.91%           
  Complexity      621      621           
=========================================
  Files            78       78           
  Lines          3133     3133           
  Branches        234      234           
=========================================
  Hits           2253     2253           
  Misses          776      776           
  Partials        104      104

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

dbwiddis
dbwiddis reviewed Jan 30, 2024
View reviewed changes
build.gradle Show resolved Hide resolved
@owaiskazi19
Copy link
Member

Thanks for addressing this @joshpalis.
QQ: How does security tests work for other plugins with security.enabled flag?

@dbwiddis
Copy link
Member

In the issue summary, add "Fixes" or "Resolves" prior to the issue number you're fixing. That will auto-link the issue to close it when the PR is merged.

dbwiddis
dbwiddis approved these changes Jan 30, 2024
View reviewed changes
Copy link
Member

@dbwiddis dbwiddis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Is there a way to re-trigger the build that autocut the issue to verify the fix?

@joshpalis
Copy link
Member Author

QQ: How does security tests work for other plugins with security.enabled flag?

Other plugins such as KNN only pull in the security plugin when the security.enabled flag is set. However they do not filter tests based on this flag. In our case, when running with security enabled, we only include the secure integration tests. The issue was that the distribution build job only passes the https flag, the security.enabled flag is something that we added for our plugin, so our non-security enabled tests were not filtered out. These changes ensure that non-security tests are filtered out based on the https flag instead of the security.enabled flag

@owaiskazi19
Copy link
Member

Other plugins such as KNN only pull in the security plugin when the security.enabled flag is set. However they do not filter tests based on this flag. In our case, when running with security enabled, we only include the secure integration tests. The issue was that the distribution build job only passes the https flag, the security.enabled flag is something that we added for our plugin, so our non-security enabled tests were not filtered out. These changes ensure that non-security tests are filtered out based on the https flag instead of the security.enabled flag

The reason KNN and other plugins work with security-enabled flag is because they have the same integ tests running for security plugin enabled and disabled case. Whereas we have different tests for both. Instead, we should have the same test cases by only changing the url of the cluster to http or https.
Also, the https flag is set here from the build repo.
I am fine merging this for 2.12 but for the next release we can incorporate #478.

@dbwiddis dbwiddis merged commit 69c0c61 into opensearch-project:main Jan 30, 2024
31 of 32 checks passed
opensearch-trigger-bot bot pushed a commit that referenced this pull request Jan 30, 2024
@github-actions
Fixing security tests (#477)
1e9c567 
Signed-off-by: Joshua Palis <jpalis@amazon.com>
(cherry picked from commit 69c0c61)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Jan 30, 2024
Merged
dbwiddis pushed a commit that referenced this pull request Jan 30, 2024
@opensearch-trigger-bot @github-actions
[Backport 2.x] Fixing security tests (#479)
931f199 
Fixing security tests (#477)


(cherry picked from commit 69c0c61)

Signed-off-by: Joshua Palis <jpalis@amazon.com>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@owaiskazi19
Copy link
Member

owaiskazi19 commented Jan 31, 2024
edited
Loading

LGTM! Is there a way to re-trigger the build that autocut the issue to verify the fix?

Builds run once a day. Ongoing build https://build.ci.opensearch.org/view/Build/job/distribution-build-opensearch/9294/

@owaiskazi19
Copy link
Member

In the issue summary, add "Fixes" or "Resolves" prior to the issue number you're fixing. That will auto-link the issue to close it when the PR is merged.

For autocut issue we should avoid using fixes or closes because if the build passes, autocut bot itself closes the issue.

@dbwiddis
Copy link
Member

For autocut issue we should avoid using fixes or closes because if the build passes, autocut bot itself closes the issue.

Or we can close it and autocut will reopen it when it fails again...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@owaiskazi19 owaiskazi19 owaiskazi19 approved these changes

@dbwiddis dbwiddis dbwiddis approved these changes

@ohltyler ohltyler Awaiting requested review from ohltyler ohltyler is a code owner

@amitgalitz amitgalitz Awaiting requested review from amitgalitz amitgalitz is a code owner

@jackiehanyang jackiehanyang Awaiting requested review from jackiehanyang jackiehanyang is a code owner

Assignees
No one assigned
Labels
backport 2.x backport PRs to 2.x branch skip-changelog
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[AUTOCUT] Integration Test failed for flow-framework: 2.12.0 tar distribution
3 participants
@joshpalis @owaiskazi19 @dbwiddis