diff --git a/.github/actions/download-plugin/action.yml b/.github/actions/download-plugin/action.yml new file mode 100644 index 000000000..0b5473a1e --- /dev/null +++ b/.github/actions/download-plugin/action.yml @@ -0,0 +1,53 @@ +name: 'Download Security Plugin' +description: 'Installs OpenSearch Dashboard with a Plugin from github, then checkouts the correct dashboards version for the plugin, configures npm/yarn, and bootstraps Dashboards' + +inputs: + opensearch-version: + description: 'The version of OpenSearch that should be used, e.g "3.0.0"' + required: true + + plugin-name: + description: 'The the name of the plugin to use, such as opensearch-security' + required: true + + plugin-version: + description: 'The version of security plugin that should be used, e.g "3.0.0.0"' + required: true + +runs: + using: "composite" + steps: + - name: Download OpenSearch for Linux + uses: peternied/download-file@v2 + if: ${{ runner.os == 'Linux' }} + with: + url: https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/${{ inputs.opensearch-version }}/latest/linux/x64/tar/builds/opensearch/plugins/${{ inputs.plugin-name }}-${{ inputs.plugin-version }}.zip + + - name: Download OpenSearch for Windows + uses: peternied/download-file@v2 + if: ${{ runner.os == 'Windows' }} + with: + url: https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/${{ inputs.opensearch-version }}/latest/windows/x64/zip/builds/opensearch/plugins/${{ inputs.plugin-name }}-${{ inputs.plugin-version }}.zip + + - name: Rename the Plugin Files + run: mv opensearch-security-${{ inputs.plugin-version }}.zip opensearch-security.zip + shell: bash + + - name: Create Setup Script for Linux + if: ${{ runner.os == 'Linux' }} + run: | + cat > setup.sh <<'EOF' + chmod +x ./opensearch-${{ inputs.opensearch-version}}-SNAPSHOT/plugins/${{ inputs.plugin-name }}/tools/install_demo_configuration.sh + /bin/bash -c "yes | ./opensearch-${{ inputs.opensearch-version}}-SNAPSHOT/plugins/${{ inputs.plugin-name }}/tools/install_demo_configuration.sh" + echo "plugins.security.unsupported.restapi.allow_securityconfig_modification: true" >> ./opensearch-${{ inputs.opensearch-version }}-SNAPSHOT/config/opensearch.yml + EOF + shell: bash + + - name: Create Setup Script for Windows + if: ${{ runner.os == 'Windows' }} + run: | + New-Item .\setup.bat -type file + Set-Content .\setup.bat -Value "powershell.exe -noexit -command `".\opensearch-${{ inputs.opensearch-version}}-SNAPSHOT\plugins\${{ inputs.plugin-name }}\tools\install_demo_configuration.bat -y -i -c`"" + Add-Content -Path .\setup.bat -Value "echo plugins.security.unsupported.restapi.allow_securityconfig_modification: true >> .\opensearch-${{ inputs.opensearch-version}}-SNAPSHOT\config\opensearch.yml" + Get-Content .\setup.bat + shell: pwsh diff --git a/.github/actions/install-dashboards/action.yml b/.github/actions/install-dashboards/action.yml index d9b7d9eb0..d314c40f7 100644 --- a/.github/actions/install-dashboards/action.yml +++ b/.github/actions/install-dashboards/action.yml @@ -14,6 +14,7 @@ outputs: plugin-directory: description: "The directory where the plugin has been configured" value: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} + runs: using: "composite" @@ -33,16 +34,11 @@ runs: ref: 'main' fetch-depth: 0 - - run: mkdir -p plugins - working-directory: OpenSearch-Dashboards - shell: bash - - uses: actions/checkout@v2 with: path: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} - id: osd-version - continue-on-error: true run: | echo "::set-output name=osd-version::$(cat package.json | jq '.opensearchDashboards.version' | cut -c 2-4)" echo "::set-output name=osd-x-version::$(cat package.json | jq '.opensearchDashboards.version' | cut -c 2-3)" @@ -68,14 +64,18 @@ runs: node-version: ${{ steps.tool-versions.outputs.node_version }} registry-url: 'https://registry.npmjs.org' - - run: | + - name: Setup Opensearch Dashboards + run: | npm uninstall -g yarn echo "Installing yarn ${{ steps.tool-versions.outputs.yarn_version }}" npm i -g yarn@${{ steps.tool-versions.outputs.yarn_version }} + yarn cache clean + yarn add sha.js working-directory: OpenSearch-Dashboards shell: bash - - uses: nick-fields/retry@v2 + - name: Bootstrap the OpenSearch Dashboard + uses: nick-fields/retry@v2 with: timeout_minutes: 20 max_attempts: 2 diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index 51cf78bbc..10099fa47 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -1,6 +1,6 @@ name: Cypress Tests -on: [push, pull_request] +on: [ push, pull_request ] env: TEST_BROWSER_HEADLESS: 1 @@ -16,21 +16,27 @@ env: jobs: tests: name: Run Cypress tests - runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + os: [ ubuntu-latest , windows-latest ] + runs-on: ${{ matrix.os }} + steps: + - name: Set up JDK + uses: actions/setup-java@v1 + with: + java-version: 11 + - name: Checkout Branch - uses: actions/checkout@v2 - - - name: Download OpenSearch Security Plugin - run: wget --progress=bar:force:noscroll -O opensearch-security.zip https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/${{ env.OPENSEARCH_VERSION }}/latest/linux/x64/tar/builds/opensearch/plugins/${{ env.PLUGIN_NAME }}-${{ env.PLUGIN_VERSION }}.zip - - - name: Create Setup Script - if: ${{ runner.os == 'Linux' }} - run: | - cat > setup.sh <<'EOF' - chmod +x ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/plugins/${{ env.PLUGIN_NAME }}/tools/install_demo_configuration.sh - /bin/bash -c "yes | ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/plugins/${{ env.PLUGIN_NAME }}/tools/install_demo_configuration.sh" - EOF + uses: actions/checkout@v3 + + - name: Download security plugin and create setup scripts + uses: ./.github/actions/download-plugin + with: + opensearch-version: ${{ env.OPENSEARCH_VERSION }} + plugin-name: ${{ env.PLUGIN_NAME }} + plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with A Single Plugin uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main @@ -44,8 +50,7 @@ jobs: with: plugin_name: security-dashboards-plugin - - name: Configure and Run OpenSearch Dashboards - continue-on-error: false + - name: Configure and Run OpenSearch Dashboards with Cypress Test Cases run: | cd ./OpenSearch-Dashboards echo 'server.host: "0.0.0.0"' >> ./config/opensearch_dashboards.yml @@ -59,23 +64,9 @@ jobs: echo 'opensearch_security.readonly_mode.roles: ["kibana_read_only"]' >> ./config/opensearch_dashboards.yml echo 'opensearch_security.cookie.secure: false' >> ./config/opensearch_dashboards.yml echo 'opensearch_security.multitenancy.enable_aggregation_view: true' >> ./config/opensearch_dashboards.yml - yarn start --no-base-path --no-watch & - sleep 300 - - - name: Checkout - uses: actions/checkout@v2 - with: - path: ${{ env.FTR_PATH }} - repository: opensearch-project/opensearch-dashboards-functional-test - ref: 'main' - - - name: Get Cypress version - id: cypress_version - run: | - echo "::set-output name=cypress_version::$(cat ./${{ env.FTR_PATH }}/package.json | jq '.devDependencies.cypress' | tr -d '"')" - - - name: Run tests - uses: cypress-io/github-action@v2 - with: - working-directory: ${{ env.FTR_PATH }} - command: yarn cypress:run-with-security-and-aggregation-view --browser chromium --spec ${{ env.SPEC }} + nohup yarn start --no-base-path --no-watch & + sleep 500 + git clone https://github.com/opensearch-project/opensearch-dashboards-functional-test.git + cd opensearch-dashboards-functional-test + npm install cypress --save-dev + yarn cypress:run-with-security-and-aggregation-view --browser chrome --spec "cypress/integration/plugins/security-dashboards-plugin/aggregation_view.js" diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 2b692ef5d..e445fa0af 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -12,28 +12,45 @@ env: jobs: tests: name: Run integration tests - runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + os: [ ubuntu-latest , windows-latest ] + runs-on: ${{ matrix.os }} + steps: - name: Checkout Branch - uses: actions/checkout@v2 + uses: actions/checkout@v3 + + - name: Set up JDK + uses: actions/setup-java@v1 + with: + java-version: 11 - - uses: browser-actions/setup-geckodriver@latest + - uses: browser-actions/setup-geckodriver@v0.0.0 - run: geckodriver --version - - uses: browser-actions/setup-firefox@latest + - name: Set up Firefox browser + if: ${{ runner.os == 'Linux' }} + uses: browser-actions/setup-firefox@v1 + - run: firefox --version - - - name: Download OpenSearch Security Plugin - run: wget --progress=bar:force:noscroll -O opensearch-security.zip https://ci.opensearch.org/ci/dbc/distribution-build-opensearch/${{ env.OPENSEARCH_VERSION }}/latest/linux/x64/tar/builds/opensearch/plugins/${{ env.PLUGIN_NAME }}-${{ env.PLUGIN_VERSION }}.zip - - - name: Create Setup Script if: ${{ runner.os == 'Linux' }} - run: | - cat > setup.sh <<'EOF' - chmod +x ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/plugins/${{ env.PLUGIN_NAME }}/tools/install_demo_configuration.sh - /bin/bash -c "yes | ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/plugins/${{ env.PLUGIN_NAME }}/tools/install_demo_configuration.sh" - echo "plugins.security.unsupported.restapi.allow_securityconfig_modification: true" >> ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/config/opensearch.yml - EOF + + # Browser-action version does not work on Windows + - name: Set up Firefox browser for Windows + if: ${{ runner.os == 'Windows' }} + uses: RyanL1997/setup-browser@main + with: + browser: firefox + version: latest + + - name: Download security plugin and create setup scripts + uses: ./.github/actions/download-plugin + with: + opensearch-version: ${{ env.OPENSEARCH_VERSION }} + plugin-name: ${{ env.PLUGIN_NAME }} + plugin-version: ${{ env.PLUGIN_VERSION }} - name: Run Opensearch with A Single Plugin uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main @@ -51,9 +68,18 @@ jobs: run: node scripts/build_opensearch_dashboards_platform_plugins.js working-directory: ${{ steps.install-dashboards.outputs.dashboards-directory }} - - name: Run integration tests + - name: Run integration tests on Linux + if: ${{ runner.os == 'Linux' }} run: | echo "check if opensearch is ready" curl -XGET https://localhost:9200 -u 'admin:admin' -k yarn test:jest_server --coverage working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }} + + - name: Run integration tests on Windows + if: ${{ runner.os == 'Windows' }} + run: | + echo "check if opensearch is ready" + curl -XGET https://localhost:9200 -u 'admin:admin' -k + node .\test\run_jest_tests.js --config .\test\jest.config.server.js --testPathIgnorePatterns saml_auth.test.ts + working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }} diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index 8b8dd02cf..de2572654 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -1,6 +1,6 @@ name: Unit Tests -on: [push, pull_request] +on: [ push, pull_request ] jobs: unit-tests: diff --git a/test/jest_integration/jwt_auth.test.ts b/test/jest_integration/jwt_auth.test.ts index 371abe961..12c6d3ccc 100644 --- a/test/jest_integration/jwt_auth.test.ts +++ b/test/jest_integration/jwt_auth.test.ts @@ -284,9 +284,9 @@ describe('start OpenSearch Dashboards server', () => { await driver.get(`http://localhost:5601/app/opensearch_dashboards_overview?token=${token}`); const rep = await driver.getPageSource(); - expect(rep).toContain( - '"statusCode":401,"error":"Unauthorized","message":"Authentication Exception"' - ); + expect(rep).toContain('401'); + expect(rep).toContain('Unauthorized'); + expect(rep).toContain('Authentication Exception'); const cookie = await driver.manage().getCookies(); expect(cookie.length).toEqual(0); @@ -311,9 +311,9 @@ describe('start OpenSearch Dashboards server', () => { await driver.get(`http://localhost:5601/app/dev_tools?token=${token}`); const rep = await driver.getPageSource(); - expect(rep).toContain( - '"statusCode":401,"error":"Unauthorized","message":"Authentication Exception"' - ); + expect(rep).toContain('401'); + expect(rep).toContain('Unauthorized'); + expect(rep).toContain('Authentication Exception'); const cookie = await driver.manage().getCookies(); expect(cookie.length).toEqual(0);