From 9516bea862e407df5da2c53ff3e9bb5303716963 Mon Sep 17 00:00:00 2001 From: Derek Ho Date: Mon, 26 Feb 2024 13:14:21 -0500 Subject: [PATCH] Use start-opensearch and setup-opensearch-dashboards actions (#1783) * Revert to old version Signed-off-by: Derek Ho * Fix order Signed-off-by: Derek Ho * Revert deletion of custom dashboards file Signed-off-by: Derek Ho * Replace other instances of the backend workflow Signed-off-by: Derek Ho * Add file prefix Signed-off-by: Derek Ho * Also add env variable references in workflow Signed-off-by: Derek Ho * Try the branch that adds settings for security dashboards ci support Signed-off-by: Derek Ho * Update workflow to v2 Signed-off-by: Derek Ho * Use setup opensearch dashboards workflow Signed-off-by: Derek Ho * Remove duplciate functionality in binary installation Signed-off-by: Derek Ho * Unsaved local changes Signed-off-by: Derek Ho * install zip as true Signed-off-by: Derek Ho * Consolidate writing yml file Signed-off-by: Derek Ho * Remove duplicate install Signed-off-by: Derek Ho * Modify workflow to pass in built plugin artifact name Signed-off-by: Derek Ho * Use latest version of workflow and use directory output Signed-off-by: Derek Ho * Fix syntax issue Signed-off-by: Derek Ho * Run start dashboards command in correct directory Signed-off-by: Derek Ho * Use v1 release Signed-off-by: Derek Ho * Remove cats and rename config files Signed-off-by: Derek Ho --------- Signed-off-by: Derek Ho --- .github/actions/install-dashboards/action.yml | 85 -------------- .github/actions/run-cypress-tests/action.yml | 81 ++------------ .../workflows/cypress-test-multiauth-e2e.yml | 4 - .github/workflows/cypress-test-oidc-e2e.yml | 4 - .github/workflows/cypress-test-saml-e2e.yml | 4 - .../cypress-test-tenancy-disabled.yml | 39 ++++--- .github/workflows/cypress-test.yml | 43 ++++--- .github/workflows/integration-test.yml | 17 +-- .github/workflows/unit-test.yml | 2 +- .../workflows/verify-binary-installation.yml | 105 ++++-------------- 10 files changed, 87 insertions(+), 297 deletions(-) delete mode 100644 .github/actions/install-dashboards/action.yml diff --git a/.github/actions/install-dashboards/action.yml b/.github/actions/install-dashboards/action.yml deleted file mode 100644 index e198f2dbb..000000000 --- a/.github/actions/install-dashboards/action.yml +++ /dev/null @@ -1,85 +0,0 @@ -name: 'Install Dashboards with Plugin' -description: 'Installs OpenSearch Dashboard with a Plugin from github, then checkouts the correct dashboards version for the plugin, configures npm/yarn, and bootstraps Dashboards' - -inputs: - plugin_name: - description: 'The name of the plugin to use, such as security-dashboards-plugin' - required: true - -outputs: - dashboards-directory: - description: "The directory where the dashboards has been configured" - value: ${{ steps.determine-dashboards-directory.outputs.dashboards-directory }} - - plugin-directory: - description: "The directory where the plugin has been configured" - value: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} - - -runs: - using: "composite" - steps: - - id: determine-dashboards-directory - run: echo "dashboards-directory=OpenSearch-Dashboards" >> $GITHUB_OUTPUT - shell: bash - - - id: determine-plugin-directory - run: echo "::set-output name=plugin-directory::./OpenSearch-Dashboards/plugins/${{ inputs.plugin_name }}" - shell: bash - - - uses: actions/checkout@v2 - with: - path: OpenSearch-Dashboards - repository: opensearch-project/OpenSearch-Dashboards - ref: 'main' - fetch-depth: 0 - filter: | - cypress - test - - - uses: actions/checkout@v2 - with: - path: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} - - - id: osd-version - run: | - echo "::set-output name=osd-version::$(jq -r '.opensearchDashboards.version | split(".") | .[:2] | join(".")' package.json)" - echo "::set-output name=osd-x-version::$(jq -r '.opensearchDashboards.version | split(".") | .[0]' package.json).x" - working-directory: ${{ steps.determine-plugin-directory.outputs.plugin-directory }} - shell: bash - - - id: branch-switch-if-possible - continue-on-error: true # Defaults onto main if the branch switch doesn't work - if: ${{ steps.osd-version.outputs.osd-version }} - run: git checkout ${{ steps.osd-version.outputs.osd-version }} || git checkout ${{ steps.osd-version.outputs.osd-x-version }} - working-directory: ./OpenSearch-Dashboards - shell: bash - - - id: tool-versions - run: | - echo "node_version=$(cat .node-version)" >> $GITHUB_OUTPUT - echo "yarn_version=$(jq -r '.engines.yarn' package.json)" >> $GITHUB_OUTPUT - working-directory: OpenSearch-Dashboards - shell: bash - - - uses: actions/setup-node@v1 - with: - node-version: ${{ steps.tool-versions.outputs.node_version }} - registry-url: 'https://registry.npmjs.org' - - - name: Setup Opensearch Dashboards - run: | - npm uninstall -g yarn - echo "Installing yarn ${{ steps.tool-versions.outputs.yarn_version }}" - npm i -g yarn@${{ steps.tool-versions.outputs.yarn_version }} - yarn cache clean - yarn add sha.js - working-directory: OpenSearch-Dashboards - shell: bash - - - name: Bootstrap the OpenSearch Dashboard - uses: nick-fields/retry@v2 - with: - timeout_minutes: 20 - max_attempts: 2 - command: yarn --cwd OpenSearch-Dashboards osd bootstrap --oss --single-version=loose # loose is passed in to ignore version conflicts on cypress version used in OSD and this repo diff --git a/.github/actions/run-cypress-tests/action.yml b/.github/actions/run-cypress-tests/action.yml index b006769da..6627243f0 100644 --- a/.github/actions/run-cypress-tests/action.yml +++ b/.github/actions/run-cypress-tests/action.yml @@ -34,60 +34,22 @@ runs: opensearch-version: ${{ env.OPENSEARCH_VERSION }} plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - # Download OpenSearch - - name: Download OpenSearch for Linux - uses: peternied/download-file@v2 - if: ${{ runner.os == 'Linux' }} - with: - url: https://artifacts.opensearch.org/snapshots/core/opensearch/${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/opensearch-min-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64-latest.tar.gz - - # Extract downloaded tar/zip - - name: Extract downloaded tar - if: ${{ runner.os == 'Linux' }} - run: | - tar -xzf opensearch-*.tar.gz - rm -f opensearch-*.tar.gz - shell: bash - - # Install the security plugin - - name: Install Plugin into OpenSearch for Linux - if: ${{ runner.os == 'Linux'}} - run: | - chmod +x ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/bin/opensearch-plugin - /bin/bash -c "yes | ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/bin/opensearch-plugin install file:$(pwd)/opensearch-security.zip" - shell: bash - - name: Replace demo configuration - if: ${{ runner.os == 'Linux' }} - run: | - if [ -f ${{ inputs.security_config_file }} ]; then - mv ${{ inputs.security_config_file }} ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/config/opensearch-security/config.yml - fi - shell: bash - - # Run any configuration scripts - - name: Run Setup Script for Linux - if: ${{ runner.os == 'Linux' }} - run: | - echo "running linux setup" - chmod +x ./setup.sh - ./setup.sh - shell: bash + - name: Run Opensearch with A Single Plugin + uses: derek-ho/start-opensearch@v2 + with: + opensearch-version: ${{ env.OPENSEARCH_VERSION }} + plugins: "file:$(pwd)/opensearch-security.zip" + security-enabled: true + admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} + security_config_file: ${{ inputs.security_config_file }} # OSD bootstrap - name: Run Dashboard with Security Dashboards Plugin - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin - - - name: Replace dashboards configuration - if: ${{ runner.os == 'Linux' }} - run: | - if [ -f ${{ inputs.dashboards_config_file }} ]; then - mv ${{ inputs.dashboards_config_file }} ./OpenSearch-Dashboards/config/opensearch_dashboards.yml - fi - shell: bash + opensearch_dashboards_yml: ${{ inputs.dashboards_config_file }} - name: Run pretest script if: ${{ runner.os == 'Linux' }} @@ -96,29 +58,6 @@ runs: yarn pretest:jest_server shell: bash - # Run OpenSearch - - name: Run OpenSearch with plugin on Linux - if: ${{ runner.os == 'Linux'}} - run: | - /bin/bash -c "./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/bin/opensearch &" - shell: bash - - # Give the OpenSearch process some time to boot up before sending any requires, might need to increase the default time! - - name: Sleep while OpenSearch starts - uses: peternied/action-sleep@v1 - with: - seconds: 30 - - # Verify that the server is operational - - name: Check OpenSearch Running on Linux - if: ${{ runner.os != 'Windows'}} - run: curl https://localhost:9200/_cat/plugins -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k -v - shell: bash - - - if: always() - run: cat ./opensearch-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT/logs/opensearch.log - shell: bash - - name: Run OpenSearch Dashboards with provided configuration if: ${{ runner.os == 'Linux' }} run: | diff --git a/.github/workflows/cypress-test-multiauth-e2e.yml b/.github/workflows/cypress-test-multiauth-e2e.yml index 9d577be1e..3b9827b0f 100644 --- a/.github/workflows/cypress-test-multiauth-e2e.yml +++ b/.github/workflows/cypress-test-multiauth-e2e.yml @@ -66,8 +66,6 @@ jobs: authentication_backend: type: noop EOT - echo "THIS IS THE SECURITY CONFIG FILE: " - cat config_multiauth.yml # Configure the Dashboard for SAML setup - name: Configure OpenSearch Dashboards with multi-auth configuration including SAML @@ -90,8 +88,6 @@ jobs: opensearch_security.auth.anonymous_auth_enabled: false home.disableWelcomeScreen: true EOT - echo 'HERE IS THE DASHBOARD CONFIG FILE: ' - cat opensearch_dashboards_multiauth.yml - name: Run Cypress Tests uses: ./.github/actions/run-cypress-tests diff --git a/.github/workflows/cypress-test-oidc-e2e.yml b/.github/workflows/cypress-test-oidc-e2e.yml index 333fb9096..59bfe08e4 100644 --- a/.github/workflows/cypress-test-oidc-e2e.yml +++ b/.github/workflows/cypress-test-oidc-e2e.yml @@ -110,8 +110,6 @@ jobs: authentication_backend: type: noop EOT - echo "THIS IS THE SECURITY CONFIG FILE: " - cat config_openid.yml # Configure the Dashboard for OpenID setup - name: Create OpenSearch Dashboards Config for OpenID @@ -136,8 +134,6 @@ jobs: opensearch_security.ui.openid.login.buttonname: "OIDC" home.disableWelcomeScreen: true EOT - echo 'HERE IS THE DASHBOARD CONFIG FILE: ' - cat opensearch_dashboards_openid.yml - name: Run Cypress Tests uses: ./.github/actions/run-cypress-tests diff --git a/.github/workflows/cypress-test-saml-e2e.yml b/.github/workflows/cypress-test-saml-e2e.yml index bce3f8ad8..b5b697ba4 100644 --- a/.github/workflows/cypress-test-saml-e2e.yml +++ b/.github/workflows/cypress-test-saml-e2e.yml @@ -66,8 +66,6 @@ jobs: authentication_backend: type: noop EOT - echo "THIS IS THE SECURITY CONFIG FILE: " - cat config_saml.yml # Configure the Dashboard for SAML setup - name: Configure and Run OpenSearch Dashboards with SAML Configuration @@ -90,8 +88,6 @@ jobs: opensearch_security.auth.anonymous_auth_enabled: false home.disableWelcomeScreen: true EOT - echo 'HERE IS THE DASHBOARD CONFIG FILE: ' - cat opensearch_dashboards_saml.yml - name: Run Cypress Tests uses: ./.github/actions/run-cypress-tests diff --git a/.github/workflows/cypress-test-tenancy-disabled.yml b/.github/workflows/cypress-test-tenancy-disabled.yml index c033501aa..8ba25a4c8 100644 --- a/.github/workflows/cypress-test-tenancy-disabled.yml +++ b/.github/workflows/cypress-test-tenancy-disabled.yml @@ -10,6 +10,7 @@ env: OPENSEARCH_SNAPSHOT_CMD: 'node ../scripts/opensearch snapshot' SPEC: 'cypress/integration/plugins/security-dashboards-plugin/aggregation_view.js,' PLUGIN_NAME: opensearch-security + OPENSEARCH_INITIAL_ADMIN_PASSWORD: myStrongPassword123! jobs: cypress-tests-multitenancy-disabled: @@ -44,32 +45,38 @@ jobs: plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - name: Run Opensearch with A Single Plugin - uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main + - name: Run Opensearch with security + uses: derek-ho/start-opensearch@v2 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugin-name: ${{ env.PLUGIN_NAME }} - setup-script-name: setup - admin-password: myStrongPassword123! + plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" + security-enabled: true + admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} + + # Configure the Dashboard + - name: Configure OpenSearch Dashboards with tenancy disabled + run: | + cat << 'EOT' > tenancy-disabled-opensearch-dashboards-config.yml + server.host: "0.0.0.0" + opensearch.hosts: ["https://localhost:9200"] + opensearch.ssl.verificationMode: none + opensearch.username: "kibanaserver" + opensearch.password: "kibanaserver" + opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] + opensearch_security.multitenancy.enabled: false + opensearch_security.readonly_mode.roles: ["kibana_read_only"] + opensearch_security.cookie.secure: false + EOT - name: Run Dashboard with Security Dashboards Plugin - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin + opensearch_dashboards_yml: tenancy-disabled-opensearch-dashboards-config.yml - name: Configure and Run OpenSearch Dashboards with Cypress Test Cases run: | cd ./OpenSearch-Dashboards - > ./config/opensearch_dashboards.yml # Clear the file - echo 'server.host: "0.0.0.0"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.hosts: ["https://localhost:9200"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch.ssl.verificationMode: none' >> ./config/opensearch_dashboards.yml - echo 'opensearch.username: "kibanaserver"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.password: "kibanaserver"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.requestHeadersWhitelist: [ authorization,securitytenant ]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.multitenancy.enabled: false' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.readonly_mode.roles: ["kibana_read_only"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.cookie.secure: false' >> ./config/opensearch_dashboards.yml nohup yarn start --no-base-path --no-watch & sleep 500 git clone https://github.com/opensearch-project/opensearch-dashboards-functional-test.git diff --git a/.github/workflows/cypress-test.yml b/.github/workflows/cypress-test.yml index 614febc34..ab5000383 100644 --- a/.github/workflows/cypress-test.yml +++ b/.github/workflows/cypress-test.yml @@ -10,6 +10,7 @@ env: OPENSEARCH_SNAPSHOT_CMD: 'node ../scripts/opensearch snapshot' SPEC: 'cypress/integration/plugins/security-dashboards-plugin/aggregation_view.js,' PLUGIN_NAME: opensearch-security + OPENSEARCH_INITIAL_ADMIN_PASSWORD: myStrongPassword123! jobs: cypress-tests: @@ -44,34 +45,40 @@ jobs: plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - name: Run Opensearch with A Single Plugin - uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main + - name: Run Opensearch with security + uses: derek-ho/start-opensearch@v2 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugin-name: ${{ env.PLUGIN_NAME }} - setup-script-name: setup - admin-password: myStrongPassword123! + plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" + security-enabled: true + admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} + + # Configure the Dashboard + - name: Configure OpenSearch Dashboards for cypress + run: | + cat << 'EOT' > cypress-opensearch-dashboards-config.yml + server.host: "0.0.0.0" + opensearch.hosts: ["https://localhost:9200"] + opensearch.ssl.verificationMode: none + opensearch.username: "kibanaserver" + opensearch.password: "kibanaserver" + opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] + opensearch_security.multitenancy.enabled: true + opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"] + opensearch_security.readonly_mode.roles: ["kibana_read_only"] + opensearch_security.cookie.secure: false + opensearch_security.multitenancy.enable_aggregation_view: true + EOT - name: Run Dashboard with Security Dashboards Plugin - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin + opensearch_dashboards_yml: cypress-opensearch-dashboards-config.yml - name: Configure and Run OpenSearch Dashboards with Cypress Test Cases run: | cd ./OpenSearch-Dashboards - > ./config/opensearch_dashboards.yml # Clear the file - echo 'server.host: "0.0.0.0"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.hosts: ["https://localhost:9200"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch.ssl.verificationMode: none' >> ./config/opensearch_dashboards.yml - echo 'opensearch.username: "kibanaserver"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.password: "kibanaserver"' >> ./config/opensearch_dashboards.yml - echo 'opensearch.requestHeadersWhitelist: [ authorization,securitytenant ]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.multitenancy.enabled: true' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.readonly_mode.roles: ["kibana_read_only"]' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.cookie.secure: false' >> ./config/opensearch_dashboards.yml - echo 'opensearch_security.multitenancy.enable_aggregation_view: true' >> ./config/opensearch_dashboards.yml nohup yarn start --no-base-path --no-watch & sleep 500 git clone https://github.com/opensearch-project/opensearch-dashboards-functional-test.git diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index 44db99642..40dcdfecc 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -6,6 +6,7 @@ env: TEST_BROWSER_HEADLESS: 1 CI: 1 PLUGIN_NAME: opensearch-security + OPENSEARCH_INITIAL_ADMIN_PASSWORD: admin jobs: tests: @@ -58,13 +59,13 @@ jobs: plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - name: Run Opensearch with A Single Plugin - uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main + - name: Run Opensearch with security + uses: derek-ho/start-opensearch@v2 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugin-name: ${{ env.PLUGIN_NAME }} - setup-script-name: setup - admin-password: admin + plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" + security-enabled: true + admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} # https://github.com/actions/runner-images/issues/2840#issuecomment-790492173 - name: Remove unnecessary files Linux @@ -74,7 +75,7 @@ jobs: sudo rm -rf "$AGENT_TOOLSDIRECTORY" - id: install-dashboards - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin @@ -89,7 +90,7 @@ jobs: if: ${{ runner.os == 'Linux' }} run: | echo "check if opensearch is ready" - curl -XGET https://localhost:9200 -u 'admin:admin' -k + curl -XGET https://localhost:9200 -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k yarn test:jest_server --coverage working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }} @@ -97,6 +98,6 @@ jobs: if: ${{ runner.os == 'Windows' }} run: | echo "check if opensearch is ready" - curl -XGET https://localhost:9200 -u 'admin:admin' -k + curl -XGET https://localhost:9200 -u 'admin:${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }}' -k node .\test\run_jest_tests.js --runInBand --detectOpenHandles --forceExit --config .\test\jest.config.server.js working-directory: ${{ steps.install-dashboards.outputs.plugin-directory }} diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index de2572654..8ee310d6d 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@v2 - id: install-dashboards - uses: ./.github/actions/install-dashboards + uses: derek-ho/setup-opensearch-dashboards@v1 with: plugin_name: security-dashboards-plugin diff --git a/.github/workflows/verify-binary-installation.yml b/.github/workflows/verify-binary-installation.yml index cca92cb5a..7c89029d8 100644 --- a/.github/workflows/verify-binary-installation.yml +++ b/.github/workflows/verify-binary-installation.yml @@ -22,11 +22,6 @@ jobs: - name: Checkout Branch uses: actions/checkout@v3 - - name: Set up JDK - uses: actions/setup-java@v1 - with: - java-version: 11 - - name: Set env run: | opensearch_version=$(node -p "require('./package.json').opensearchDashboards.version") @@ -42,89 +37,18 @@ jobs: plugin-name: ${{ env.PLUGIN_NAME }} plugin-version: ${{ env.PLUGIN_VERSION }} - - name: Run Opensearch with A Single Plugin - uses: opensearch-project/security/.github/actions/start-opensearch-with-one-plugin@main + - name: Run Opensearch with security + uses: derek-ho/start-opensearch@v2 with: opensearch-version: ${{ env.OPENSEARCH_VERSION }} - plugin-name: ${{ env.PLUGIN_NAME }} - setup-script-name: setup + plugins: "file:$(pwd)/${{ env.PLUGIN_NAME }}.zip" + security-enabled: true admin-password: ${{ env.OPENSEARCH_INITIAL_ADMIN_PASSWORD }} - - uses: actions/checkout@v2 - with: - path: OpenSearch-Dashboards - repository: opensearch-project/OpenSearch-Dashboards - ref: 'main' - fetch-depth: 0 - filter: | - cypress - test - - - id: osd-version - run: | - echo "::set-output name=osd-version::$(jq -r '.opensearchDashboards.version | split(".") | .[:2] | join(".")' package.json)" - echo "::set-output name=osd-x-version::$(jq -r '.opensearchDashboards.version | split(".") | .[0]' package.json).x" - shell: bash - - - id: branch-switch-if-possible - continue-on-error: true # Defaults onto main if the branch switch doesn't work - if: ${{ steps.osd-version.outputs.osd-version }} - run: git checkout ${{ steps.osd-version.outputs.osd-version }} || git checkout ${{ steps.osd-version.outputs.osd-x-version }} - working-directory: ./OpenSearch-Dashboards - shell: bash - - - id: tool-versions - run: | - echo "node_version=$(cat .node-version)" >> $GITHUB_OUTPUT - echo "yarn_version=$(jq -r '.engines.yarn' package.json)" >> $GITHUB_OUTPUT - working-directory: OpenSearch-Dashboards - shell: bash - - - uses: actions/setup-node@v1 - with: - node-version: ${{ steps.tool-versions.outputs.node_version }} - registry-url: 'https://registry.npmjs.org' - - # loose is passed in to ignore version conflicts on cypress version used in OSD and this repo - - name: Setup Opensearch Dashboards + # Configure the Dashboard + - name: Configure OpenSearch Dashboards run: | - npm uninstall -g yarn - echo "Installing yarn ${{ steps.tool-versions.outputs.yarn_version }}" - npm i -g yarn@${{ steps.tool-versions.outputs.yarn_version }} - yarn cache clean - yarn add sha.js - yarn osd bootstrap --single-version=loose - scripts/use_node scripts/build - working-directory: OpenSearch-Dashboards - shell: bash - - - uses: actions/checkout@v2 - with: - path: OpenSearch-Dashboards/plugins/security-dashboards-plugin - - # loose is passed in to ignore version conflicts on cypress version used in OSD and this repo - - name: Install dependencies - run: | - yarn osd bootstrap --single-version=loose - working-directory: OpenSearch-Dashboards - shell: bash - - - name: Build Plugin Zip - run: | - yarn build - working-directory: OpenSearch-Dashboards/plugins/security-dashboards-plugin - shell: bash - - - name: Install plugin to OSD Linux - run: | - build/opensearch-dashboards-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64/bin/opensearch-dashboards-plugin install file:$(pwd)/plugins/security-dashboards-plugin/build/security-dashboards-${{env.PLUGIN_VERSION}}.zip - working-directory: OpenSearch-Dashboards - shell: bash - - - name: Write security settings into OSD yml file - run: | - rm -rf ./config/opensearch_dashboards.yml - cat << 'EOT' > ./config/opensearch_dashboards.yml + cat << 'EOT' > opensearch-dashboards-config.yml server.host: "0.0.0.0" opensearch.hosts: ["https://localhost:9200"] opensearch.ssl.verificationMode: none @@ -137,13 +61,22 @@ jobs: # Use this setting if you are running opensearch-dashboards without https opensearch_security.cookie.secure: false - working-directory: OpenSearch-Dashboards/build/opensearch-dashboards-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64 - + EOT + + - name: Run Dashboard with Security Dashboards Plugin + id: setup-dashboards + uses: derek-ho/setup-opensearch-dashboards@v1 + with: + plugin_name: security-dashboards-plugin + built_plugin_name: security-dashboards + install_zip: true + opensearch_dashboards_yml: opensearch-dashboards-config.yml + - name: Start the binary run: | nohup ./bin/opensearch-dashboards & - working-directory: OpenSearch-Dashboards/build/opensearch-dashboards-${{ env.OPENSEARCH_VERSION }}-SNAPSHOT-linux-x64 + working-directory: ${{ steps.setup-dashboards.outputs.dashboards-binary-directory }} shell: bash - name: Health check