diff --git a/yaml_test_runner/skip_with_security.yml b/yaml_test_runner/skip_with_security.yml new file mode 100644 index 00000000..17b2f5bd --- /dev/null +++ b/yaml_test_runner/skip_with_security.yml @@ -0,0 +1,196 @@ +# Skip file of features and tests to skip when running with a secure OpenSearch cluster. +# This is used at compilation time, when compiling tests from the YAML tests, to not generate tests that match +# on name or features defined below that should be skipped. Accordingly, changing values in this file requires +# recompiling tests in order for the changes to take effect. + +# tests to skip generating and compiling a test for +features: + - node_selector + - stash_path_replace + - embedded_stash_key + +# tests to skip generating and compiling a test for +tests: + + free/cat.aliases/10_basic.yml: + # this test fails as the regex needs a \n before the ending $ + - "Multiple alias names" + + free/cat.indices/10_basic.yml: + # this test fails as the regex needs a \n before the ending $ + - "Test cat indices using health status" + + free/cat.templates/10_basic.yml: + # Regex do not account for hidden templates returned by the request + - "Multiple template" + - "No templates" + - "Sort templates" + + free/indices.flush/10_basic.yml: + # uses number as a key into object. serde_json::Value expects a string key + - "Index synced flush rest test" + + free/indices.segments/10_basic.yml: + # uses number as a key into object. serde_json::Value expects a string key + - "basic segments test" + + free/indices.shard_stores/10_basic.yml: + # uses number as a key into object. serde_json::Value expects a string key + - "basic index test" + - "multiple indices test" + + free/indices.stats/12_level.yml: + # uses number as a key into object. serde_json::Value expects a string key + - "Level - shards" + + free/nodes.info/10_basic.yml: + # node has a lot more roles than those checked in the test (expects "ingest", finds "data_cold") + - "node_info role test" + + free/search.aggregation/250_moving_fn.yml: + # The use of an invalid window interval results in a 400 response which looks like + # it suppresses the sending of deprecation headers + - "Bad window deprecated interval" + + free/indices.put_mapping/10_basic.yml: + # The type parameter is removed in 2.0 + - "Put mappings with explicit _doc type" + - "Put mappings with explicit _doc type bwc" + + free/cat.health/10_basic.yml: + # Should be fixed after inclusive naming changes - master -> cluster_manager + - "Help" + + free/cat.nodes/10_basic.yml: + # Should be fixed after inclusive naming changes - master -> cluster_manager + - "Test cat nodes output" + + free/cluster.health/10_basic.yml: + # Should be fixed after inclusive naming changes - master -> cluster_manager + - "Get cluster health has same value for discovered_master and discovered_cluster_manager" + - "cluster health with closed index (pre 7.2.0)" + - "cluster health basic test, one index" + - "cluster health basic test, one index with wait for active shards" + - "cluster health basic test, one index with wait for all active shards" + + free/cluster.reroute/10_basic.yml: + # Should be fixed after inclusive naming changes - master -> cluster_manager + - "Cluster reroute returns cluster_manager_node" + + free/cluster.reroute/20_response_filtering.yml: + # Should be fixed after inclusive naming changes - master -> cluster_manager + - "Filter the cluster reroute by cluster_manager_node only should work" + + free/cluster.state/10_basic.yml: + # Should be fixed after inclusive naming changes - master -> cluster_manager + - "Get cluster state returns cluster_manager_node" + + free/cluster.state/20_filtering.yml: + # Should be fixed after inclusive naming changes - master -> cluster_manager + - "Filter the cluster state by cluster_manager_node only should work" + + free/cluster.stats/10_basic.yml: + # Should be fixed after inclusive naming changes - master -> cluster_manager + - "get cluster stats nodes count with both master and cluster_manager" + + free/search/230_interval_query.yml: + - "*" + + free/cat.allocation/10_basic.yml: + - "Node ID" + + free/cat.count/10_basic.yml: + - "Test cat count output" + + free/cat.recovery/10_basic.yml: + - "Test cat recovery output" + + free/cat.segments/10_basic.yml: + - "Test cat segments output" + + free/cat.shards/10_basic.yml: + - "Test cat shards output" + - "Test cat shards sort" + + free/cat.snapshots/10_basic.yml: + - "Test cat snapshots output" + + free/cluster.allocation_explain/10_basic.yml: + - "cluster shard allocation explanation test with empty request" + + free/indices.refresh/10_basic.yml: + - "Indices refresh test _all" + - "Indices refresh test empty array" + + free/indices.stats/10_index.yml: + - "Index - all" + - "Index - blank" + - "Index - pattern" + - "Index - star" + + free/msearch/10_basic.yml: + - "Basic multi-search" + - "Least impact smoke test" + + free/search/10_source_filtering.yml: + - "*" + + free/search/120_batch_reduce_size.yml: + - "batched_reduce_size 2 with 5 shards" + + free/search/140_pre_filter_search_shards: + - "pre_filter_shard_size with shards that have no hit" + + free/search/20_default_values.yml: + - "Search with new response format" + + free/search/40_indices_boost.yml: + - "*" + + free/search/140_pre_filter_search_shards.yml: + - "pre_filter_shard_size with shards that have no hit" + + free/search.aggregation/100_avg_metric.yml: + - "Aggregating wrong datatype test" + + free/search.aggregation/10_histogram.yml: + - "Basic test" + - "Format test" + + free/search.aggregation/110_max_metric.yml: + - "Aggregating wrong datatype test" + + free/search.aggregation/120_min_metric.yml: + - "Aggregating wrong datatype test" + + free/search.aggregation/130_sum_metric.yml: + - "Aggregating wrong datatype test" + + free/search.aggregation/180_percentiles_tdigest_metric.yml: + - "Invalid params test" + + free/search.aggregation/190_percentiles_hdr_metric.yml: + - "Basic test" + - "Invalid params test" + + free/search.aggregation/20_terms.yml: + - "*" + + free/search.aggregation/260_weighted_avg.yml: + - "Basic test" + + free/search.aggregation/280_rare_terms.yml: + - "*" + + free/search.aggregation/40_range.yml: + - "*" + + free/search.aggregation/50_filter.yml: + - "As a child of terms" + + free/snapshot.create/10_basic.yml: + - "Create a snapshot" + + free/snapshot.restore/10_basic.yml: + - "Create a snapshot and then restore it" + \ No newline at end of file diff --git a/yaml_test_runner/src/generator.rs b/yaml_test_runner/src/generator.rs index 211b14e2..50ddcd67 100644 --- a/yaml_test_runner/src/generator.rs +++ b/yaml_test_runner/src/generator.rs @@ -43,7 +43,11 @@ use std::{ io::Write, path::{Path, PathBuf}, }; +use opensearch::{ + DEFAULT_ADDRESS, +}; use yaml_rust::{Yaml, YamlLoader}; +use url::Url; /// The test suite to compile #[derive(Debug, PartialEq)] @@ -365,6 +369,13 @@ impl TestFn { } } +fn cluster_addr() -> String { + match std::env::var("OPENSEARCH_URL") { + Ok(server) => server, + Err(_) => DEFAULT_ADDRESS.into(), + } +} + /// Items to globally skip #[derive(Deserialize)] struct GlobalSkip { @@ -380,7 +391,12 @@ pub fn generate_tests_from_yaml( download_dir: &PathBuf, generated_dir: &PathBuf, ) -> Result<(), failure::Error> { - let skips = serde_yaml::from_str::(include_str!("./../skip.yml"))?; + let url = Url::parse(cluster_addr().as_ref()).unwrap(); + let skips = if url.scheme() == "https" { + serde_yaml::from_str::(include_str!("./../skip_with_security.yml"))? + } else { + serde_yaml::from_str::(include_str!("./../skip.yml"))? + }; let paths = fs::read_dir(download_dir)?; for entry in paths { if let Ok(entry) = entry { diff --git a/yaml_test_runner/tests/common/client.rs b/yaml_test_runner/tests/common/client.rs index 10c54ff6..510b5fa1 100644 --- a/yaml_test_runner/tests/common/client.rs +++ b/yaml_test_runner/tests/common/client.rs @@ -29,10 +29,14 @@ */ use once_cell::sync::Lazy; +use std::fs::File; +use std::io::Read; use opensearch::{ - auth::Credentials, + auth::{ + Credentials, + ClientCertificate + }, cert::CertificateValidation, - cluster::ClusterHealthParts, http::{ response::Response, transport::{SingleNodeConnectionPool, TransportBuilder}, @@ -41,9 +45,8 @@ use opensearch::{ indices::{ IndicesDeleteParts, }, - params::{ExpandWildcards, WaitForStatus}, + params::ExpandWildcards, snapshot::{SnapshotDeleteParts, SnapshotDeleteRepositoryParts}, - tasks::TasksCancelParts, Error, OpenSearch, DEFAULT_ADDRESS, }; use serde_json::{Value}; @@ -65,28 +68,15 @@ fn running_proxy() -> bool { } static GLOBAL_CLIENT: Lazy = Lazy::new(|| { - let mut url = Url::parse(cluster_addr().as_ref()).unwrap(); + let url = Url::parse(cluster_addr().as_ref()).unwrap(); - // if the url is https and specifies a username and password, remove from the url and set credentials + // if the url is https, set credentials let credentials = if url.scheme() == "https" { - let username = if !url.username().is_empty() { - let u = url.username().to_string(); - url.set_username("").unwrap(); - u - } else { - "admin".into() - }; - - let password = match url.password() { - Some(p) => { - let pass = p.to_string(); - url.set_password(None).unwrap(); - pass - } - None => "admin".into(), - }; - - Some(Credentials::Basic(username, password)) + let mut buf = Vec::new(); + let mut f = File::open("tests/common/kirk.p12").expect("Unable to open file"); + f.read_to_end(&mut buf).expect("Unable to read vec"); + let cert = ClientCertificate::Pkcs12(buf, Some("".to_string())); + Some(Credentials::Certificate(cert)) } else { None }; diff --git a/yaml_test_runner/tests/common/kirk.p12 b/yaml_test_runner/tests/common/kirk.p12 new file mode 100644 index 00000000..3879380c Binary files /dev/null and b/yaml_test_runner/tests/common/kirk.p12 differ