From d3f236a1c0b1c8d888c49d4977706a59e8e5fff2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 31 Jan 2025 01:02:08 +0000 Subject: [PATCH] Fix CI failures related to security plugin download (#2171) * Attempt to fix CI failures related to security plugin download Signed-off-by: Craig Perkins * Make generic Signed-off-by: Craig Perkins * Maven repository Signed-off-by: Craig Perkins * debug Signed-off-by: Craig Perkins * Add SNAPSHOT Signed-off-by: Craig Perkins * Remove wildcard Signed-off-by: Craig Perkins * Remove debug Signed-off-by: Craig Perkins * Use IPv6 Signed-off-by: Craig Perkins * Wrap with cy.origin Signed-off-by: Craig Perkins * Remove cy.visit in before Signed-off-by: Craig Perkins * Wrap with cy.origin Signed-off-by: Craig Perkins * Move up by 1 Signed-off-by: Craig Perkins * Pass basePath as arg Signed-off-by: Craig Perkins * Wrap with cy.origin Signed-off-by: Craig Perkins * Intercept and replace ::1 with localhost Signed-off-by: Craig Perkins * Intercept and replace ::1 with localhost Signed-off-by: Craig Perkins * remove console.log Signed-off-by: Craig Perkins * Surround with cy.origin Signed-off-by: Craig Perkins * move cy.origin Signed-off-by: Craig Perkins * Use req.on response Signed-off-by: Craig Perkins --------- Signed-off-by: Craig Perkins (cherry picked from commit 90b2e773b30861bde0ef5e16ea8fe0713ddf5512) Signed-off-by: github-actions[bot] --- .../workflows/cypress-test-multiauth-e2e.yml | 2 +- .github/workflows/cypress-test-saml-e2e.yml | 2 +- test/cypress/e2e/saml/saml_auth_test.spec.js | 146 ++++++++++++++---- test/cypress/support/commands.js | 12 -- 4 files changed, 118 insertions(+), 44 deletions(-) diff --git a/.github/workflows/cypress-test-multiauth-e2e.yml b/.github/workflows/cypress-test-multiauth-e2e.yml index bb7985f9b..aab3511b3 100644 --- a/.github/workflows/cypress-test-multiauth-e2e.yml +++ b/.github/workflows/cypress-test-multiauth-e2e.yml @@ -59,7 +59,7 @@ jobs: config: idp: entity_id: urn:example:idp - metadata_url: http://localhost:7000/metadata + metadata_url: http://[::1]:7000/metadata sp: entity_id: https://localhost:9200 kibana_url: http://localhost:5601${{ matrix.basePath }} diff --git a/.github/workflows/cypress-test-saml-e2e.yml b/.github/workflows/cypress-test-saml-e2e.yml index 292cb2fe3..dc8256e24 100644 --- a/.github/workflows/cypress-test-saml-e2e.yml +++ b/.github/workflows/cypress-test-saml-e2e.yml @@ -59,7 +59,7 @@ jobs: config: idp: entity_id: urn:example:idp - metadata_url: http://localhost:7000/metadata + metadata_url: http://[::1]:7000/metadata sp: entity_id: https://localhost:9200 kibana_url: http://localhost:5601${{ matrix.basePath }} diff --git a/test/cypress/e2e/saml/saml_auth_test.spec.js b/test/cypress/e2e/saml/saml_auth_test.spec.js index fc6c6934c..2839cf42e 100644 --- a/test/cypress/e2e/saml/saml_auth_test.spec.js +++ b/test/cypress/e2e/saml/saml_auth_test.spec.js @@ -29,36 +29,70 @@ before(() => { // Avoid Cypress lock onto the ipv4 range, so fake `visit()` before `request()`. // See: https://github.com/cypress-io/cypress/issues/25397#issuecomment-1402556488 - cy.visit(`http://localhost:5601${basePath}`); + if (Cypress.env('loginMethod') === 'saml_multiauth') { + cy.visit(`http://localhost:5601${basePath}`); + } else { + cy.request(`http://localhost:5601${basePath}`); + } cy.createRoleMapping(ALL_ACCESS_ROLE, samlUserRoleMapping); cy.clearCookies(); cy.clearLocalStorage(); }); +beforeEach(() => { + cy.intercept('GET', '**/**', (req) => { + // Replace [::1] with localhost in the request URL and headers + if (req.url.includes('[::1]')) { + req.url = req.url.replace(/\[::1\]/g, 'localhost'); + } + + req.on('response', (res) => { + if (res && res.headers) { + Object.keys(res.headers).forEach((key) => { + if (typeof res.headers[key] === 'string' && res.headers[key].includes('[::1]')) { + res.headers[key] = res.headers[key].replace(/\[::1\]/g, 'localhost'); + } + }); + } + return res; + }); + }); +}); + afterEach(() => { cy.clearCookies(); cy.clearLocalStorage(); }); describe('Log in via SAML', () => { - const samlLogin = () => { - if (Cypress.env('loginMethod') === 'saml_multiauth') { - cy.loginWithSamlMultiauth(); - } else { - cy.loginWithSaml(); - } + const loginWithSamlMultiauth = () => { + cy.get('a[aria-label="saml_login_button"]').should('be.visible'); + cy.get('a[aria-label="saml_login_button"]').should('be.visible').click(); + cy.origin('http://localhost:7000', () => { + cy.get('input[id=userName]').should('be.visible'); + cy.get('button[id=btn-sign-in]').should('be.visible').click(); + }); }; it('Login to app/opensearch_dashboards_overview#/ when SAML is enabled', () => { localStorage.setItem('opendistro::security::tenant::saved', '"__user__"'); localStorage.setItem('home:newThemeModal:show', 'false'); - cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, { - failOnStatusCode: false, - }); - - samlLogin(); + if (Cypress.env('loginMethod') === 'saml_multiauth') { + cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, { + failOnStatusCode: false, + }); + loginWithSamlMultiauth(); + } else { + cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => { + cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, { + failOnStatusCode: false, + }); + cy.get('input[id=userName]').should('be.visible'); + cy.get('button[id=btn-sign-in]').should('be.visible').click(); + }); + } cy.get('#osdOverviewPageHeader__title').should('be.visible'); cy.getCookie('security_authentication').should('exist'); @@ -68,11 +102,20 @@ describe('Log in via SAML', () => { localStorage.setItem('opendistro::security::tenant::saved', '"__user__"'); localStorage.setItem('home:newThemeModal:show', 'false'); - cy.visit(`http://localhost:5601${basePath}/app/dev_tools#/console`, { - failOnStatusCode: false, - }); - - samlLogin(); + if (Cypress.env('loginMethod') === 'saml_multiauth') { + cy.visit(`http://localhost:5601${basePath}/app/dev_tools#/console`, { + failOnStatusCode: false, + }); + loginWithSamlMultiauth(); + } else { + cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => { + cy.visit(`http://localhost:5601${basePath}/app/dev_tools#/console`, { + failOnStatusCode: false, + }); + cy.get('input[id=userName]').should('be.visible'); + cy.get('button[id=btn-sign-in]').should('be.visible').click(); + }); + } cy.get('a.euiBreadcrumb--last').contains('Dev Tools'); cy.getCookie('security_authentication').should('exist'); @@ -84,11 +127,20 @@ describe('Log in via SAML', () => { const urlWithHash = `http://localhost:5601${basePath}/app/security-dashboards-plugin#/getstarted`; - cy.visit(urlWithHash, { - failOnStatusCode: false, - }); - - samlLogin(); + if (Cypress.env('loginMethod') === 'saml_multiauth') { + cy.visit(urlWithHash, { + failOnStatusCode: false, + }); + loginWithSamlMultiauth(); + } else { + cy.origin('http://localhost:7000', { args: { urlWithHash } }, ({ urlWithHash }) => { + cy.visit(urlWithHash, { + failOnStatusCode: false, + }); + cy.get('input[id=userName]').should('be.visible'); + cy.get('button[id=btn-sign-in]').should('be.visible').click(); + }); + } cy.get('h1').contains('Get started'); cy.getCookie('security_authentication').should('exist'); @@ -97,11 +149,20 @@ describe('Log in via SAML', () => { it('Tenancy persisted after logout in SAML', () => { localStorage.setItem('home:newThemeModal:show', 'false'); - cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, { - failOnStatusCode: false, - }); - - samlLogin(); + if (Cypress.env('loginMethod') === 'saml_multiauth') { + cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, { + failOnStatusCode: false, + }); + loginWithSamlMultiauth(); + } else { + cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => { + cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, { + failOnStatusCode: false, + }); + cy.get('input[id=userName]').should('be.visible'); + cy.get('button[id=btn-sign-in]').should('be.visible').click(); + }); + } cy.get('#private').should('be.enabled'); cy.get('#private').click({ force: true }); @@ -114,7 +175,20 @@ describe('Log in via SAML', () => { cy.get('button[data-test-subj^="log-out-"]').click(); - samlLogin(); + if (Cypress.env('loginMethod') === 'saml_multiauth') { + cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, { + failOnStatusCode: false, + }); + loginWithSamlMultiauth(); + } else { + cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => { + cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, { + failOnStatusCode: false, + }); + cy.get('input[id=userName]').should('be.visible'); + cy.get('button[id=btn-sign-in]').should('be.visible').click(); + }); + } cy.get('#user-icon-btn').should('be.visible'); cy.get('#user-icon-btn').click(); @@ -131,8 +205,20 @@ describe('Log in via SAML', () => { // since the Shorten URL api is return's set-cookie header for admin user. cy.clearCookies().then(() => { const gotoUrl = `http://localhost:5601${basePath}/goto/${response.urlId}?security_tenant=global`; - cy.visit(gotoUrl); - samlLogin(); + if (Cypress.env('loginMethod') === 'saml_multiauth') { + cy.visit(gotoUrl, { + failOnStatusCode: false, + }); + loginWithSamlMultiauth(); + } else { + cy.origin('http://localhost:7000', { args: { gotoUrl } }, ({ gotoUrl }) => { + cy.visit(gotoUrl, { + failOnStatusCode: false, + }); + cy.get('input[id=userName]').should('be.visible'); + cy.get('button[id=btn-sign-in]').should('be.visible').click(); + }); + } cy.getCookie('security_authentication').should('exist'); }); }); diff --git a/test/cypress/support/commands.js b/test/cypress/support/commands.js index cdab9ed22..400494764 100644 --- a/test/cypress/support/commands.js +++ b/test/cypress/support/commands.js @@ -79,18 +79,6 @@ Cypress.Commands.add('createRoleMapping', (roleID, rolemappingJson) => { }); }); -Cypress.Commands.add('loginWithSaml', () => { - cy.get('input[id=userName]').should('be.visible'); - cy.get('button[id=btn-sign-in]').should('be.visible').click(); -}); - -Cypress.Commands.add('loginWithSamlMultiauth', () => { - cy.get('a[aria-label="saml_login_button"]').should('be.visible'); - cy.get('a[aria-label="saml_login_button"]').should('be.visible').click(); - cy.get('input[id=userName]').should('be.visible'); - cy.get('button[id=btn-sign-in]').should('be.visible').click(); -}); - if (Cypress.env('LOGIN_AS_ADMIN')) { // Define custom cy.visit() only if LOGIN_AS_ADMIN is true Cypress.Commands.overwrite('visit', (orig, url, options = {}) => {