Fix CI failures related to security plugin download (#2171)

* Attempt to fix CI failures related to security plugin download Signed-off-by: Craig Perkins <cwperx@amazon.com> * Make generic Signed-off-by: Craig Perkins <cwperx@amazon.com> * Maven repository Signed-off-by: Craig Perkins <cwperx@amazon.com> * debug Signed-off-by: Craig Perkins <cwperx@amazon.com> * Add SNAPSHOT Signed-off-by: Craig Perkins <cwperx@amazon.com> * Remove wildcard Signed-off-by: Craig Perkins <cwperx@amazon.com> * Remove debug Signed-off-by: Craig Perkins <cwperx@amazon.com> * Use IPv6 Signed-off-by: Craig Perkins <cwperx@amazon.com> * Wrap with cy.origin Signed-off-by: Craig Perkins <cwperx@amazon.com> * Remove cy.visit in before Signed-off-by: Craig Perkins <cwperx@amazon.com> * Wrap with cy.origin Signed-off-by: Craig Perkins <cwperx@amazon.com> * Move up by 1 Signed-off-by: Craig Perkins <cwperx@amazon.com> * Pass basePath as arg Signed-off-by: Craig Perkins <cwperx@amazon.com> * Wrap with cy.origin Signed-off-by: Craig Perkins <cwperx@amazon.com> * Intercept and replace ::1 with localhost Signed-off-by: Craig Perkins <cwperx@amazon.com> * Intercept and replace ::1 with localhost Signed-off-by: Craig Perkins <cwperx@amazon.com> * remove console.log Signed-off-by: Craig Perkins <cwperx@amazon.com> * Surround with cy.origin Signed-off-by: Craig Perkins <cwperx@amazon.com> * move cy.origin Signed-off-by: Craig Perkins <cwperx@amazon.com> * Use req.on response Signed-off-by: Craig Perkins <cwperx@amazon.com> --------- Signed-off-by: Craig Perkins <cwperx@amazon.com> (cherry picked from commit 90b2e77) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
opensearch-project · Jan 31, 2025 · d3f236a · d3f236a
1 parent 1ec0851
commit d3f236a
Show file tree

Hide file tree

Showing 4 changed files with 118 additions and 44 deletions.
diff --git a/.github/workflows/cypress-test-multiauth-e2e.yml b/.github/workflows/cypress-test-multiauth-e2e.yml
@@ -59,7 +59,7 @@ jobs:
                     config:
                       idp:
                         entity_id: urn:example:idp
-                        metadata_url: http://localhost:7000/metadata
+                        metadata_url: http://[::1]:7000/metadata
                       sp:
                         entity_id: https://localhost:9200
                       kibana_url: http://localhost:5601${{ matrix.basePath }}

diff --git a/.github/workflows/cypress-test-saml-e2e.yml b/.github/workflows/cypress-test-saml-e2e.yml
@@ -59,7 +59,7 @@ jobs:
                     config:
                       idp:
                         entity_id: urn:example:idp
-                        metadata_url: http://localhost:7000/metadata
+                        metadata_url: http://[::1]:7000/metadata
                       sp:
                         entity_id: https://localhost:9200
                       kibana_url: http://localhost:5601${{ matrix.basePath }}

diff --git a/test/cypress/e2e/saml/saml_auth_test.spec.js b/test/cypress/e2e/saml/saml_auth_test.spec.js
@@ -29,36 +29,70 @@ before(() => {
 
   // Avoid Cypress lock onto the ipv4 range, so fake `visit()` before `request()`.
   // See: https://github.com/cypress-io/cypress/issues/25397#issuecomment-1402556488
-  cy.visit(`http://localhost:5601${basePath}`);
+  if (Cypress.env('loginMethod') === 'saml_multiauth') {
+    cy.visit(`http://localhost:5601${basePath}`);
+  } else {
+    cy.request(`http://localhost:5601${basePath}`);
+  }
 
   cy.createRoleMapping(ALL_ACCESS_ROLE, samlUserRoleMapping);
   cy.clearCookies();
   cy.clearLocalStorage();
 });
 
+beforeEach(() => {
+  cy.intercept('GET', '**/**', (req) => {
+    // Replace [::1] with localhost in the request URL and headers
+    if (req.url.includes('[::1]')) {
+      req.url = req.url.replace(/\[::1\]/g, 'localhost');
+    }
+
+    req.on('response', (res) => {
+      if (res && res.headers) {
+        Object.keys(res.headers).forEach((key) => {
+          if (typeof res.headers[key] === 'string' && res.headers[key].includes('[::1]')) {
+            res.headers[key] = res.headers[key].replace(/\[::1\]/g, 'localhost');
+          }
+        });
+      }
+      return res;
+    });
+  });
+});
+
 afterEach(() => {
   cy.clearCookies();
   cy.clearLocalStorage();
 });
 
 describe('Log in via SAML', () => {
-  const samlLogin = () => {
-    if (Cypress.env('loginMethod') === 'saml_multiauth') {
-      cy.loginWithSamlMultiauth();
-    } else {
-      cy.loginWithSaml();
-    }
+  const loginWithSamlMultiauth = () => {
+    cy.get('a[aria-label="saml_login_button"]').should('be.visible');
+    cy.get('a[aria-label="saml_login_button"]').should('be.visible').click();
+    cy.origin('http://localhost:7000', () => {
+      cy.get('input[id=userName]').should('be.visible');
+      cy.get('button[id=btn-sign-in]').should('be.visible').click();
+    });
   };
 
   it('Login to app/opensearch_dashboards_overview#/ when SAML is enabled', () => {
     localStorage.setItem('opendistro::security::tenant::saved', '"__user__"');
     localStorage.setItem('home:newThemeModal:show', 'false');
 
-    cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
-      failOnStatusCode: false,
-    });
-
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => {
+        cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('#osdOverviewPageHeader__title').should('be.visible');
     cy.getCookie('security_authentication').should('exist');
@@ -68,11 +102,20 @@ describe('Log in via SAML', () => {
     localStorage.setItem('opendistro::security::tenant::saved', '"__user__"');
     localStorage.setItem('home:newThemeModal:show', 'false');
 
-    cy.visit(`http://localhost:5601${basePath}/app/dev_tools#/console`, {
-      failOnStatusCode: false,
-    });
-
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(`http://localhost:5601${basePath}/app/dev_tools#/console`, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => {
+        cy.visit(`http://localhost:5601${basePath}/app/dev_tools#/console`, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('a.euiBreadcrumb--last').contains('Dev Tools');
     cy.getCookie('security_authentication').should('exist');
@@ -84,11 +127,20 @@ describe('Log in via SAML', () => {
 
     const urlWithHash = `http://localhost:5601${basePath}/app/security-dashboards-plugin#/getstarted`;
 
-    cy.visit(urlWithHash, {
-      failOnStatusCode: false,
-    });
-
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(urlWithHash, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { urlWithHash } }, ({ urlWithHash }) => {
+        cy.visit(urlWithHash, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('h1').contains('Get started');
     cy.getCookie('security_authentication').should('exist');
@@ -97,11 +149,20 @@ describe('Log in via SAML', () => {
   it('Tenancy persisted after logout in SAML', () => {
     localStorage.setItem('home:newThemeModal:show', 'false');
 
-    cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
-      failOnStatusCode: false,
-    });
-
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => {
+        cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('#private').should('be.enabled');
     cy.get('#private').click({ force: true });
@@ -114,7 +175,20 @@ describe('Log in via SAML', () => {
 
     cy.get('button[data-test-subj^="log-out-"]').click();
 
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => {
+        cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('#user-icon-btn').should('be.visible');
     cy.get('#user-icon-btn').click();
@@ -131,8 +205,20 @@ describe('Log in via SAML', () => {
       // since the Shorten URL api is return's set-cookie header for admin user.
       cy.clearCookies().then(() => {
         const gotoUrl = `http://localhost:5601${basePath}/goto/${response.urlId}?security_tenant=global`;
-        cy.visit(gotoUrl);
-        samlLogin();
+        if (Cypress.env('loginMethod') === 'saml_multiauth') {
+          cy.visit(gotoUrl, {
+            failOnStatusCode: false,
+          });
+          loginWithSamlMultiauth();
+        } else {
+          cy.origin('http://localhost:7000', { args: { gotoUrl } }, ({ gotoUrl }) => {
+            cy.visit(gotoUrl, {
+              failOnStatusCode: false,
+            });
+            cy.get('input[id=userName]').should('be.visible');
+            cy.get('button[id=btn-sign-in]').should('be.visible').click();
+          });
+        }
         cy.getCookie('security_authentication').should('exist');
       });
     });

diff --git a/test/cypress/support/commands.js b/test/cypress/support/commands.js
@@ -79,18 +79,6 @@ Cypress.Commands.add('createRoleMapping', (roleID, rolemappingJson) => {
   });
 });
 
-Cypress.Commands.add('loginWithSaml', () => {
-  cy.get('input[id=userName]').should('be.visible');
-  cy.get('button[id=btn-sign-in]').should('be.visible').click();
-});
-
-Cypress.Commands.add('loginWithSamlMultiauth', () => {
-  cy.get('a[aria-label="saml_login_button"]').should('be.visible');
-  cy.get('a[aria-label="saml_login_button"]').should('be.visible').click();
-  cy.get('input[id=userName]').should('be.visible');
-  cy.get('button[id=btn-sign-in]').should('be.visible').click();
-});
-
 if (Cypress.env('LOGIN_AS_ADMIN')) {
   // Define custom cy.visit() only if LOGIN_AS_ADMIN is true
   Cypress.Commands.overwrite('visit', (orig, url, options = {}) => {