Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support of secure OpenSearch clusters in integration tests #50

Merged
merged 1 commit into from
Sep 14, 2023
Merged

Add support of secure OpenSearch clusters in integration tests #50

merged 1 commit into from
Sep 14, 2023

Conversation

reta
Copy link
Collaborator

@reta reta commented Sep 14, 2023

Description

Add support of secure OpenSearch clusters in integration tests

Issues Resolved

Closes #49

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

nknize
nknize approved these changes Sep 14, 2023
View reviewed changes
Copy link
Collaborator

@nknize nknize left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving to non-block. One small comment just to raise awareness around the use of insecure strings.

src/integrationTest/java/org/opensearch/index/codec/rest/CreateIndexWithCodecIT.java
throw new RuntimeException("user name is missing");
}

final String password = System.getProperty("password");
Copy link
Collaborator

@nknize nknize Sep 14, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe a non issue here since this is a simple test but my senses tingle when I see a password that doesn't use the closeable SecureString in a try-with-resources. I'm not sure there's a way to avoid returning the property as a String instead of char[] anyway so the String object allocation is likely unavoidable.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @nknize , this is sadly platform wide issue since the password is passed from CI to the tests (for all core and all pugins) using environment variables [1].

[1] https://github.com/opensearch-project/opensearch-build/blob/main/scripts/default/integtest.sh#L98

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In a separate PR we should work to change that to use the KeyStore.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 no objection, could you please open an issue https://github.com/opensearch-project/opensearch-build here, I will provide more details if needed, thank you

@reta
Add support of secure OpenSearch clusters in integration tests
cb19825 
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
@reta reta merged commit c0aa957 into opensearch-project:main Sep 14, 2023
5 checks passed
opensearch-trigger-bot bot pushed a commit that referenced this pull request Sep 14, 2023
@github-actions
Add support of secure OpenSearch clusters in integration tests (#50)
4c1c17d 
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
(cherry picked from commit c0aa957)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Sep 14, 2023
Merged
opensearch-trigger-bot bot pushed a commit that referenced this pull request Sep 14, 2023
@github-actions
Add support of secure OpenSearch clusters in integration tests (#50)
4be6ff5 
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
(cherry picked from commit c0aa957)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Sep 14, 2023
Merged
reta pushed a commit that referenced this pull request Sep 14, 2023
@github-actions @reta
Add support of secure OpenSearch clusters in integration tests (#50)
2d6425e 
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
(cherry picked from commit c0aa957)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
reta pushed a commit that referenced this pull request Sep 14, 2023
@opensearch-trigger-bot @github-actions
Add support of secure OpenSearch clusters in integration tests (#50) (#…
28cea11 
…52)

(cherry picked from commit c0aa957)

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
reta pushed a commit that referenced this pull request Sep 14, 2023
@github-actions @reta
Add support of secure OpenSearch clusters in integration tests (#50)
782caa7 
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
(cherry picked from commit c0aa957)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
reta pushed a commit that referenced this pull request Sep 14, 2023
@opensearch-trigger-bot @github-actions
Add support of secure OpenSearch clusters in integration tests (#50) (#…
196d553 
…51)

(cherry picked from commit c0aa957)

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nknize nknize nknize approved these changes

@andrross andrross Awaiting requested review from andrross andrross is a code owner

Assignees
No one assigned
Labels
backport 2.x backport 2.10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[AUTOCUT] Integration Test failed for custom-codecs: 2.10.0 tar distribution
2 participants
@reta @nknize