Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[MD] Credentials security redesign #2253

Conversation

noCharger
Copy link
Contributor

@noCharger noCharger commented Sep 1, 2022

Description

The old design had a security flaw when credentials are shared. An attacker could create a datasource with their own http endpoint but use someone else's credential. In the basic authentication scenario, this will expose any user's username and plaintext password.

Issues Resolved

  1. Data model changes for data source saved object
  2. Server side changes for data source saved object
    a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password encryption / decryption.
    b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient)
    c. Fix unit tests accordingly

Check List

  • yarn test:jest
  • Commits are signed per the DCO using --signoff

@noCharger noCharger force-pushed the credentials-security-redesign branch from f3e8ba2 to 5b62400 Compare September 1, 2022 17:23
@noCharger noCharger self-assigned this Sep 1, 2022
@noCharger noCharger added the multiple datasource multiple datasource project label Sep 1, 2022
@noCharger noCharger changed the title Credentials security redesign [MD] Credentials security redesign Sep 1, 2022
@noCharger noCharger force-pushed the credentials-security-redesign branch from 6c930d3 to 190ef93 Compare September 1, 2022 18:33
@noCharger noCharger force-pushed the credentials-security-redesign branch from 190ef93 to 228b2b2 Compare September 1, 2022 18:44
@noCharger noCharger requested a review from zhongnansu September 1, 2022 18:55
@noCharger noCharger force-pushed the credentials-security-redesign branch from 228b2b2 to dd17e4e Compare September 1, 2022 19:18
@noCharger noCharger marked this pull request as ready for review September 1, 2022 19:23
@noCharger noCharger requested a review from a team as a code owner September 1, 2022 19:23
@noCharger noCharger force-pushed the credentials-security-redesign branch from dd17e4e to b060ca9 Compare September 1, 2022 19:27
Signed-off-by: Louis Chu <clingzhi@amazon.com>
@noCharger noCharger force-pushed the credentials-security-redesign branch from b060ca9 to ce7005f Compare September 1, 2022 19:28
return {
...attributes,
// Drop the credentials attribute for no_auth
credentials: undefined,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the input credentials in attributes should be undefined , if the type is a AuthType.NoAuth? So this line could be removed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We are adding server-side validation, if there's a save object request comes over, and we don't want to contaminate the existing indexes

@noCharger noCharger requested a review from zhongnansu September 1, 2022 20:44
@zhongnansu
Copy link
Member

If you could, polish the commit message before you merge
@noCharger

@noCharger noCharger merged commit 7fefb05 into opensearch-project:feature/multi-datasource Sep 1, 2022
kristenTian pushed a commit to kristenTian/OpenSearch-Dashboards that referenced this pull request Sep 12, 2022
1. Data model changes for data source saved object
2. Server side changes for data source saved object
  a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password 
  encryption / decryption.
  b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient)
  c. Fix unit tests accordingly

Signed-off-by: Louis Chu <clingzhi@amazon.com>
kristenTian pushed a commit to kristenTian/OpenSearch-Dashboards that referenced this pull request Sep 14, 2022
1. Data model changes for data source saved object
2. Server side changes for data source saved object
  a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password 
  encryption / decryption.
  b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient)
  c. Fix unit tests accordingly

Signed-off-by: Louis Chu <clingzhi@amazon.com>
kristenTian pushed a commit to kristenTian/OpenSearch-Dashboards that referenced this pull request Sep 14, 2022
1. Data model changes for data source saved object
2. Server side changes for data source saved object
  a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password
  encryption / decryption.
  b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient)
  c. Fix unit tests accordingly

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>
kristenTian pushed a commit to kristenTian/OpenSearch-Dashboards that referenced this pull request Sep 15, 2022
1. Data model changes for data source saved object
2. Server side changes for data source saved object
  a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password
  encryption / decryption.
  b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient)
  c. Fix unit tests accordingly

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>
kristenTian added a commit that referenced this pull request Sep 19, 2022
* Instantiate credential management plugin code structure (#1996)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Data source inside stack management setup (#2017) (#2030)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* enable CI for feature branch (#2010)

Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add empty data source plugin (#2052)

Adds empty data source plugin.

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Add initial credential management CRUD pages (#2040)

* Add credential management CRUD pages

1. List all credentials
2. Create your saved credential
3. Edit your credential
4. Delete credentials

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Register Data source to savedObject & Update license header (#2037)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Move credential saved object to data source plugin (#2062)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

Move credential saved object to data source plugin
Resolve follow up comments on UI

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* breadcrumbfix for datasource management (#2066)

* breadcrumbfix for datasource management

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* breadcrumbfix for datasource management - refactoring code

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* using services to update breadcrumb on data sources management page

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Changing the license header on breadcrumbs.ts datasource management

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Fix breadcrumb on listing page and update saved object mapping (#2069)

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add data source step into IndexPattern with Mock switch (#2064) (#2086)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add delete button for credential detailed page (#2067)

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Link datasource to indexpattern (#2118)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add encrypt/decrypt module on data source plugin (#2120)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

1. Add encrypt/decrypt module with UT
2. Add client factory wrapper for encrypt credential
3. Add encryption config support
4. Bugfix on Jest interpret Buffer

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Integrate index pattern with new data client (#2146)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add noAuth to dataSource attributes (#2154)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Datasource Management - creation & listing - UI only (#2128)

* data source management - creation & Listing UI only

* data source management - creation & Listing UI only

* Create/edit data source feature

* toggling default value

* refactoring code as per review comments

* toggling server flag to false

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Apply dataSource plugin as dependent for cm and dsm plugins (#2150)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

Apply dataSource plugin as dependent for cm and dsm plugins (#2150)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Leverage datasource enablement in index pattern management

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Add client management module and register `getClient()` to route handler context (#2121)

* Add client management module and register `getClient()` interface to route handler context
Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Make step info in index pattern creation dynamic (#2164)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Refactor for credential listing page & add loading effect (#2142)

Signed-off-by: Yibo Wang <yibow@amazon.com>

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Integration sequal - replace data client placeholders (#2167)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Integrate with crypto module to decrpt password (#2170)

Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] noAuth integration, credential & endpoint validation (#2165)

* noAuth integration, credential & endpoint validation

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Refactoring validation message

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Adding back accidentally deleted file home/tutorials/haproxy_metrics/index.ts

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Refactor search strategy to conditionally user datasource client (#2171)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* adding relation between credential selection and no auth checkbox (#2175)

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update getIndicesViaSearch with datasource (#2176)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add null header to child client spawn (#2188)

Signed-off-by: Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD][IP]Update button position & Add UT & Add skip option (#2195)

* Add UT - index pattern related

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update button position

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add skip option to allow use default os data source

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD]Refactor layout and validate input fields for listing and create pages (#2202)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Enable datasource link in saveObjectManagement (#2209)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update configure data source per UX input (#2235)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Enable data source audit log to file (#2215)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Refactor of credential editing page layout & refactor backend field validation method (#2222)

* Refactor of credential editing page layout & refactor backend field validation method

* Resolved the comments & fix the multiple call for one operation

Signed-off-by: Yibo Wang <yibow@amazon.com>

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Tweak fetch data back to original (#2238)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Revamped UX for data source management (#2239)

* revamped UX for data source management

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* refactored datasource screens as per PR comments

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Credentials security redesign (#2253)

1. Data model changes for data source saved object
2. Server side changes for data source saved object
  a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password
  encryption / decryption.
  b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient)
  c. Fix unit tests accordingly

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add step data source UI test (#2264)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD]Improve datasource server side error handling (#2236)

Signed-off-by: Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Datasource management new API change integrations (#2282)

* changing datasource management design to integrate with new API changes

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Update edit_data_source_form.tsx

moving masked password to constants

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update stream test to bypass CI env generate domain attribute

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Delete credential management

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Address comments

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Datasource Management - Create data source - Unit tests (#2341)

* Unit test cases for data source management - create

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* adding tests to utils.ts & changing it to test

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Fix update data source & block update endpint (#2364)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* MD datasource management-datasource table-UTs (#2350)

Signed-off-by: Yibo Wang <yibow@amazon.com>

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* reafctor based on PR 2334 comments to merge to main (#2375)

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* removing invalid urls as CI fails on link checker for inavlid urls in git (#2376)

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Address comments

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Fix DS snapshot test

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add https://test.com/ to lychee exclude

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Address comments

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Remove unnessacry check

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Remove not needed check

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>
Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Su <szhongna@amazon.com>
Co-authored-by: Louis Chu <lingzhichu.clz@gmail.com>
Co-authored-by: Zhongnan Su <szhongna@amazon.com>
Co-authored-by: Yan Zeng <46499415+zengyan-amazon@users.noreply.github.com>
Co-authored-by: Manideep Pabba <109986843+mpabba3003@users.noreply.github.com>
Co-authored-by: Yibo Wang <109543558+yibow98@users.noreply.github.com>
kavilla pushed a commit to kavilla/OpenSearch-Dashboards-1 that referenced this pull request Sep 21, 2022
* Instantiate credential management plugin code structure (opensearch-project#1996)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Data source inside stack management setup (opensearch-project#2017) (opensearch-project#2030)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* enable CI for feature branch (opensearch-project#2010)

Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add empty data source plugin (opensearch-project#2052)

Adds empty data source plugin.

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Add initial credential management CRUD pages (opensearch-project#2040)

* Add credential management CRUD pages

1. List all credentials
2. Create your saved credential
3. Edit your credential
4. Delete credentials

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Register Data source to savedObject & Update license header (opensearch-project#2037)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Move credential saved object to data source plugin (opensearch-project#2062)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

Move credential saved object to data source plugin
Resolve follow up comments on UI

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* breadcrumbfix for datasource management (opensearch-project#2066)

* breadcrumbfix for datasource management

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* breadcrumbfix for datasource management - refactoring code

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* using services to update breadcrumb on data sources management page

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Changing the license header on breadcrumbs.ts datasource management

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Fix breadcrumb on listing page and update saved object mapping (opensearch-project#2069)

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add data source step into IndexPattern with Mock switch (opensearch-project#2064) (opensearch-project#2086)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add delete button for credential detailed page (opensearch-project#2067)

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Link datasource to indexpattern (opensearch-project#2118)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add encrypt/decrypt module on data source plugin (opensearch-project#2120)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

1. Add encrypt/decrypt module with UT
2. Add client factory wrapper for encrypt credential
3. Add encryption config support
4. Bugfix on Jest interpret Buffer

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Integrate index pattern with new data client (opensearch-project#2146)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add noAuth to dataSource attributes (opensearch-project#2154)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Datasource Management - creation & listing - UI only (opensearch-project#2128)

* data source management - creation & Listing UI only

* data source management - creation & Listing UI only

* Create/edit data source feature

* toggling default value

* refactoring code as per review comments

* toggling server flag to false

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Apply dataSource plugin as dependent for cm and dsm plugins (opensearch-project#2150)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

Apply dataSource plugin as dependent for cm and dsm plugins (opensearch-project#2150)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Leverage datasource enablement in index pattern management

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Add client management module and register `getClient()` to route handler context (opensearch-project#2121)

* Add client management module and register `getClient()` interface to route handler context
Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Make step info in index pattern creation dynamic (opensearch-project#2164)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Refactor for credential listing page & add loading effect (opensearch-project#2142)

Signed-off-by: Yibo Wang <yibow@amazon.com>

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Integration sequal - replace data client placeholders (opensearch-project#2167)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Integrate with crypto module to decrpt password (opensearch-project#2170)

Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] noAuth integration, credential & endpoint validation (opensearch-project#2165)

* noAuth integration, credential & endpoint validation

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Refactoring validation message

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Adding back accidentally deleted file home/tutorials/haproxy_metrics/index.ts

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Refactor search strategy to conditionally user datasource client (opensearch-project#2171)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* adding relation between credential selection and no auth checkbox (opensearch-project#2175)

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update getIndicesViaSearch with datasource (opensearch-project#2176)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add null header to child client spawn (opensearch-project#2188)

Signed-off-by: Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD][IP]Update button position & Add UT & Add skip option (opensearch-project#2195)

* Add UT - index pattern related

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update button position

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add skip option to allow use default os data source

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD]Refactor layout and validate input fields for listing and create pages (opensearch-project#2202)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Enable datasource link in saveObjectManagement (opensearch-project#2209)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update configure data source per UX input (opensearch-project#2235)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Enable data source audit log to file (opensearch-project#2215)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Refactor of credential editing page layout & refactor backend field validation method (opensearch-project#2222)

* Refactor of credential editing page layout & refactor backend field validation method

* Resolved the comments & fix the multiple call for one operation

Signed-off-by: Yibo Wang <yibow@amazon.com>

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Tweak fetch data back to original (opensearch-project#2238)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Revamped UX for data source management (opensearch-project#2239)

* revamped UX for data source management

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* refactored datasource screens as per PR comments

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Credentials security redesign (opensearch-project#2253)

1. Data model changes for data source saved object
2. Server side changes for data source saved object
  a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password
  encryption / decryption.
  b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient)
  c. Fix unit tests accordingly

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add step data source UI test (opensearch-project#2264)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD]Improve datasource server side error handling (opensearch-project#2236)

Signed-off-by: Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Datasource management new API change integrations (opensearch-project#2282)

* changing datasource management design to integrate with new API changes

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Update edit_data_source_form.tsx

moving masked password to constants

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update stream test to bypass CI env generate domain attribute

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Delete credential management

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Address comments

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Datasource Management - Create data source - Unit tests (opensearch-project#2341)

* Unit test cases for data source management - create

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* adding tests to utils.ts & changing it to test

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Fix update data source & block update endpint (opensearch-project#2364)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* MD datasource management-datasource table-UTs (opensearch-project#2350)

Signed-off-by: Yibo Wang <yibow@amazon.com>

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* reafctor based on PR 2334 comments to merge to main (opensearch-project#2375)

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* removing invalid urls as CI fails on link checker for inavlid urls in git (opensearch-project#2376)

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Address comments

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Fix DS snapshot test

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add https://test.com/ to lychee exclude

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Address comments

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Remove unnessacry check

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Remove not needed check

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>
Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Su <szhongna@amazon.com>
Co-authored-by: Louis Chu <lingzhichu.clz@gmail.com>
Co-authored-by: Zhongnan Su <szhongna@amazon.com>
Co-authored-by: Yan Zeng <46499415+zengyan-amazon@users.noreply.github.com>
Co-authored-by: Manideep Pabba <109986843+mpabba3003@users.noreply.github.com>
Co-authored-by: Yibo Wang <109543558+yibow98@users.noreply.github.com>
sipopo pushed a commit to sipopo/OpenSearch-Dashboards that referenced this pull request Dec 16, 2022
* Instantiate credential management plugin code structure (opensearch-project#1996)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Data source inside stack management setup (opensearch-project#2017) (opensearch-project#2030)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* enable CI for feature branch (opensearch-project#2010)

Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add empty data source plugin (opensearch-project#2052)

Adds empty data source plugin.

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Add initial credential management CRUD pages (opensearch-project#2040)

* Add credential management CRUD pages

1. List all credentials
2. Create your saved credential
3. Edit your credential
4. Delete credentials

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Register Data source to savedObject & Update license header (opensearch-project#2037)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Move credential saved object to data source plugin (opensearch-project#2062)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

Move credential saved object to data source plugin
Resolve follow up comments on UI

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* breadcrumbfix for datasource management (opensearch-project#2066)

* breadcrumbfix for datasource management

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* breadcrumbfix for datasource management - refactoring code

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* using services to update breadcrumb on data sources management page

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Changing the license header on breadcrumbs.ts datasource management

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Fix breadcrumb on listing page and update saved object mapping (opensearch-project#2069)

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add data source step into IndexPattern with Mock switch (opensearch-project#2064) (opensearch-project#2086)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add delete button for credential detailed page (opensearch-project#2067)

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Link datasource to indexpattern (opensearch-project#2118)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add encrypt/decrypt module on data source plugin (opensearch-project#2120)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

1. Add encrypt/decrypt module with UT
2. Add client factory wrapper for encrypt credential
3. Add encryption config support
4. Bugfix on Jest interpret Buffer

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Integrate index pattern with new data client (opensearch-project#2146)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add noAuth to dataSource attributes (opensearch-project#2154)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Datasource Management - creation & listing - UI only (opensearch-project#2128)

* data source management - creation & Listing UI only

* data source management - creation & Listing UI only

* Create/edit data source feature

* toggling default value

* refactoring code as per review comments

* toggling server flag to false

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Apply dataSource plugin as dependent for cm and dsm plugins (opensearch-project#2150)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

Apply dataSource plugin as dependent for cm and dsm plugins (opensearch-project#2150)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Leverage datasource enablement in index pattern management

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Add client management module and register `getClient()` to route handler context (opensearch-project#2121)

* Add client management module and register `getClient()` interface to route handler context
Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Make step info in index pattern creation dynamic (opensearch-project#2164)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Refactor for credential listing page & add loading effect (opensearch-project#2142)

Signed-off-by: Yibo Wang <yibow@amazon.com>

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Integration sequal - replace data client placeholders (opensearch-project#2167)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Integrate with crypto module to decrpt password (opensearch-project#2170)

Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] noAuth integration, credential & endpoint validation (opensearch-project#2165)

* noAuth integration, credential & endpoint validation

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Refactoring validation message

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Adding back accidentally deleted file home/tutorials/haproxy_metrics/index.ts

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Refactor search strategy to conditionally user datasource client (opensearch-project#2171)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* adding relation between credential selection and no auth checkbox (opensearch-project#2175)

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update getIndicesViaSearch with datasource (opensearch-project#2176)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add null header to child client spawn (opensearch-project#2188)

Signed-off-by: Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD][IP]Update button position & Add UT & Add skip option (opensearch-project#2195)

* Add UT - index pattern related

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update button position

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add skip option to allow use default os data source

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD]Refactor layout and validate input fields for listing and create pages (opensearch-project#2202)

Signed-off-by: Louis Chu <clingzhi@amazon.com>

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Enable datasource link in saveObjectManagement (opensearch-project#2209)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update configure data source per UX input (opensearch-project#2235)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Enable data source audit log to file (opensearch-project#2215)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Refactor of credential editing page layout & refactor backend field validation method (opensearch-project#2222)

* Refactor of credential editing page layout & refactor backend field validation method

* Resolved the comments & fix the multiple call for one operation

Signed-off-by: Yibo Wang <yibow@amazon.com>

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Tweak fetch data back to original (opensearch-project#2238)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Revamped UX for data source management (opensearch-project#2239)

* revamped UX for data source management

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* refactored datasource screens as per PR comments

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Credentials security redesign (opensearch-project#2253)

1. Data model changes for data source saved object
2. Server side changes for data source saved object
  a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password
  encryption / decryption.
  b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient)
  c. Fix unit tests accordingly

Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add step data source UI test (opensearch-project#2264)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD]Improve datasource server side error handling (opensearch-project#2236)

Signed-off-by: Su <szhongna@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Datasource management new API change integrations (opensearch-project#2282)

* changing datasource management design to integrate with new API changes

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* Update edit_data_source_form.tsx

moving masked password to constants

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Update stream test to bypass CI env generate domain attribute

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Delete credential management

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Address comments

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* [MD] Datasource Management - Create data source - Unit tests (opensearch-project#2341)

* Unit test cases for data source management - create

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

* adding tests to utils.ts & changing it to test

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Fix update data source & block update endpint (opensearch-project#2364)

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* MD datasource management-datasource table-UTs (opensearch-project#2350)

Signed-off-by: Yibo Wang <yibow@amazon.com>

Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* reafctor based on PR 2334 comments to merge to main (opensearch-project#2375)

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* removing invalid urls as CI fails on link checker for inavlid urls in git (opensearch-project#2376)

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>

Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Address comments

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Fix DS snapshot test

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Add https://test.com/ to lychee exclude

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Address comments

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Remove unnessacry check

Signed-off-by: Kristen Tian <tyarong@amazon.com>

* Remove not needed check

Signed-off-by: Kristen Tian <tyarong@amazon.com>

Signed-off-by: Kristen Tian <tyarong@amazon.com>
Signed-off-by: Zhongnan Su <szhongna@amazon.com>
Signed-off-by: Louis Chu <clingzhi@amazon.com>
Signed-off-by: Yibo Wang <yibow@amazon.com>
Signed-off-by: mpabba3003 <amazonmanideep@gmail.com>
Signed-off-by: Su <szhongna@amazon.com>
Co-authored-by: Louis Chu <lingzhichu.clz@gmail.com>
Co-authored-by: Zhongnan Su <szhongna@amazon.com>
Co-authored-by: Yan Zeng <46499415+zengyan-amazon@users.noreply.github.com>
Co-authored-by: Manideep Pabba <109986843+mpabba3003@users.noreply.github.com>
Co-authored-by: Yibo Wang <109543558+yibow98@users.noreply.github.com>
Signed-off-by: Sergey V. Osipov <sipopo@yandex.ru>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
multiple datasource multiple datasource project
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants