Skip to content

Commit

Permalink
Set security plugin 3.0.0 baseline JDK version to JDK-21 (opensearch-…
Browse files Browse the repository at this point in the history
…project#4457)

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
  • Loading branch information
reta authored Jun 14, 2024
1 parent 671438b commit 439606c
Show file tree
Hide file tree
Showing 24 changed files with 42 additions and 16 deletions.
6 changes: 6 additions & 0 deletions .github/actions/create-bwc-build/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,12 @@ runs:
ref: ${{ inputs.plugin-branch }}
path: ${{ inputs.plugin-branch }}

- uses: actions/setup-java@v4
if: ${{ inputs.plugin-branch == 'current_branch' }}
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: 21

- name: Build
uses: gradle/gradle-build-action@v2
with:
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
uses: actions/setup-java@v4
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: 17
java-version: 21

- name: Checkout security
uses: actions/checkout@v4
Expand All @@ -40,7 +40,7 @@ jobs:
matrix:
gradle_task: ${{ fromJson(needs.generate-test-list.outputs.separateTestsNames) }}
platform: [windows-latest, ubuntu-latest]
jdk: [11, 17, 21]
jdk: [21]
runs-on: ${{ matrix.platform }}

steps:
Expand Down Expand Up @@ -97,7 +97,7 @@ jobs:
strategy:
fail-fast: false
matrix:
jdk: [11, 17, 21]
jdk: [21]
platform: [ubuntu-latest, windows-latest]
runs-on: ${{ matrix.platform }}

Expand Down Expand Up @@ -132,7 +132,7 @@ jobs:
strategy:
fail-fast: false
matrix:
jdk: [17]
jdk: [21]
platform: [ubuntu-latest]
runs-on: ${{ matrix.platform }}

Expand All @@ -159,7 +159,7 @@ jobs:
- uses: actions/setup-java@v4
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: 17
java-version: 21

- name: Checkout Security Repo
uses: actions/checkout@v4
Expand Down Expand Up @@ -204,7 +204,7 @@ jobs:
- uses: actions/setup-java@v4
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: 11
java-version: 21
- uses: github/codeql-action/init@v3
with:
languages: java
Expand All @@ -219,7 +219,7 @@ jobs:
- uses: actions/setup-java@v4
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: 11
java-version: 21

- run: |
security_plugin_version=$(./gradlew properties -q | grep -E '^version:' | awk '{print $2}')
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/code-hygiene.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
- uses: actions/setup-java@v4
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: 17
java-version: 21

- uses: gradle/gradle-build-action@v3
with:
Expand All @@ -38,7 +38,7 @@ jobs:
- uses: actions/setup-java@v4
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: 11
java-version: 21

- uses: gradle/gradle-build-action@v3
with:
Expand All @@ -54,7 +54,7 @@ jobs:
- uses: actions/setup-java@v4
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: 11
java-version: 21

- uses: gradle/gradle-build-action@v3
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/integration-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
strategy:
fail-fast: false
matrix:
jdk: [11, 17, 21]
jdk: [21]
test-run: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]

steps:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/maven-publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
- uses: actions/setup-java@v4
with:
distribution: temurin # Temurin is a distribution of adoptium
java-version: 11
java-version: 21
- uses: actions/checkout@v4
- uses: aws-actions/configure-aws-credentials@v4
with:
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/plugin_install.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
jdk: [11, 17, 21]
jdk: [21]
runs-on: ${{ matrix.os }}

steps:
Expand Down Expand Up @@ -40,12 +40,13 @@ jobs:
shell: bash

- name: Run Opensearch with A Single Plugin
uses: derek-ho/start-opensearch@v4
uses: derek-ho/start-opensearch@v5
with:
opensearch-version: ${{ env.OPENSEARCH_VERSION }}
plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip"
security-enabled: true
admin-password: ${{ steps.random-password.outputs.generated_name }}
jdk-version: 21

- name: Run sanity tests
uses: gradle/gradle-build-action@v3
Expand Down
4 changes: 2 additions & 2 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -94,8 +94,8 @@ spotbugsTest {
enabled = false
}

java.sourceCompatibility = JavaVersion.VERSION_11
java.targetCompatibility = JavaVersion.VERSION_11
java.sourceCompatibility = JavaVersion.VERSION_21
java.targetCompatibility = JavaVersion.VERSION_21


compileJava {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ public class HTTPJwtAuthenticator implements HTTPAuthenticator {
private final List<String> requiredAudience;
private final String requireIssuer;

@SuppressWarnings("removal")
public HTTPJwtAuthenticator(final Settings settings, final Path configPath) {
super();

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -190,6 +190,7 @@ public AuthCredentials run() {
return creds;
}

@SuppressWarnings("removal")
private AuthCredentials extractCredentials0(final SecurityRequest request) {

if (acceptorPrincipal == null || acceptorKeyTabPath == null) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,7 @@ public static <T> T getOrDefault(Map<String, Object> properties, String key, T d
return value != null ? value : defaultValue;
}

@SuppressWarnings("removal")
public static <T> T readTree(JsonNode node, Class<T> clazz) throws IOException {

final SecurityManager sm = System.getSecurityManager();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -655,6 +655,7 @@ public static int getDefaultConfigVersion() {
return ConfigurationRepository.DEFAULT_CONFIG_VERSION;
}

@SuppressWarnings("removal")
private class AccessControllerWrappedThread extends Thread {
private final Thread innerThread;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -265,6 +265,7 @@ private <T> SecurityDynamicConfiguration<T> loadYamlFile(final String filepath,
return ConfigHelper.fromYamlFile(filepath, cType, ConfigurationRepository.DEFAULT_CONFIG_VERSION, 0, 0);
}

@SuppressWarnings("removal")
JsonNode loadConfigFileAsJson(final CType cType) throws IOException {
final var cd = securityApiDependencies.configurationRepository().getConfigDirectory();
final var filepath = cType.configFile(Path.of(cd)).toString();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ public class BCryptPasswordHasher implements PasswordHasher {

private static final HashingFunction DEFAULT_BCRYPT_FUNCTION = BcryptFunction.getInstance(Bcrypt.Y, 12);

@SuppressWarnings("removal")
@Override
public String hash(char[] password) {
if (password == null || password.length == 0) {
Expand All @@ -49,6 +50,7 @@ public String hash(char[] password) {
}
}

@SuppressWarnings("removal")
@Override
public boolean check(char[] password, String hash) {
if (password == null || password.length == 0) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@ public class OnBehalfOfAuthenticator implements HTTPAuthenticator {

private final EncryptionDecryptionUtil encryptionUtil;

@SuppressWarnings("removal")
public OnBehalfOfAuthenticator(Settings settings, String clusterName) {
String oboEnabledSetting = settings.get("enabled", "true");
oboEnabled = Boolean.parseBoolean(oboEnabledSetting);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -425,6 +425,7 @@ private void destroyDestroyables(List<Destroyable> destroyableComponents) {
}
}

@SuppressWarnings("removal")
private <T> T newInstance(final String clazzOrShortcut, String type, final Settings settings, final Path configPath) {
final String clazz = authImplMap.computeIfAbsent(clazzOrShortcut + "_" + type, k -> clazzOrShortcut);
return AccessController.doPrivileged((PrivilegedAction<T>) () -> {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -972,6 +972,7 @@ private void initEnabledSSLCiphers() {
enabledTransportProtocolsJDKProvider.retainAll(allowedSecureTransportSSLProtocols);
}

@SuppressWarnings("removal")
private SslContext buildSSLServerContext(
final PrivateKey _key,
final X509Certificate[] _cert,
Expand Down Expand Up @@ -1003,6 +1004,7 @@ public SslContextBuilder run() throws Exception {
}
}

@SuppressWarnings("removal")
private SslContext buildSSLServerContext(
final File _key,
final File _cert,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@ public static void uploadFile(Client tc, String filepath, String index, CType cT
uploadFile(tc, filepath, index, cType, configVersion, false);
}

@SuppressWarnings("removal")
public static void uploadFile(
Client tc,
String filepath,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,7 @@ public void createIndex(ActionListener<Boolean> listener) {
}
}

@SuppressWarnings("removal")
public void uploadDefaultConfiguration(final Path configDir, final ActionListener<Set<SecurityConfig>> listener) {
try (final ThreadContext.StoredContext threadContext = client.threadPool().getThreadContext().stashContext()) {
AccessController.doPrivileged((PrivilegedAction<Void>) () -> {
Expand Down
1 change: 1 addition & 0 deletions src/main/java/org/opensearch/security/util/KeyUtils.java
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@

public class KeyUtils {

@SuppressWarnings("removal")
public static JwtParserBuilder createJwtParserBuilderFromSigningKey(final String signingKey, final Logger log) {
final SecurityManager sm = System.getSecurityManager();

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;

@SuppressWarnings("removal")
public class OnBehalfOfAuthenticatorTest {
final static String clusterName = "cluster_0";
final static String enableOBO = "true";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@
import static org.opensearch.security.tools.democonfig.util.DemoConfigHelperUtil.deleteDirectoryRecursive;
import static org.junit.Assert.fail;

@SuppressWarnings("removal")
public class CertificateGeneratorTests {

private static Installer installer;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.fail;

@SuppressWarnings("removal")
public class InstallerTests {
private final ByteArrayOutputStream outContent = new ByteArrayOutputStream();
private final PrintStream originalOut = System.out;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@
import static org.opensearch.security.tools.democonfig.util.DemoConfigHelperUtil.deleteDirectoryRecursive;
import static org.junit.Assert.fail;

@SuppressWarnings("removal")
@RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class)
public class SecuritySettingsConfigurerTests {

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
/**
* Helper class to allow capturing and testing exit codes and block test execution from exiting mid-way
*/
@SuppressWarnings("removal")
public class NoExitSecurityManager extends SecurityManager {
@Override
public void checkPermission(java.security.Permission perm) {
Expand Down

0 comments on commit 439606c

Please sign in to comment.