Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Switch to standard OpenSearch gradle build #1888

Merged
merged 15 commits into from
Jun 24, 2022

Conversation

peternied
Copy link
Member

@peternied peternied commented Jun 16, 2022

Description

By switching to the standard build process we should no longer have to solve build related issues in isolation, we should be able to reuse all the standard scripts and practices by the OpenSearch organization.

  • Rewrote build.gradle to follow OpenSearch plugin standards
    • Enabled license headers check on the repository
    • Did not enable several new repository checks
    • Added maven publishing for security
    • Removed excess forced dependency resolutions
    • Rebuilt projects dependencies, release plugin binary has the exact same dependencies and versions
    • Converted dependencies into runtime dependencies to avoid use during coding
    • Converted dependencies from project wide to test only dependencies
    • jackson-databind version comes from OpenSearch
    • Replaced handmade build manifest with git properties to automated version used by OpenSearch
  • Added license headers to files that were missing them
  • Checkstyle improvements
    • Moved checkstyle file into directory off of the project root
  • Moved configuration files into config directory off of project root
  • Using default test runner from OpenSearch
    • Switched to RandomizedTest as the base test class
    • Parameterized test runner cannot be used with RandomizedTest converted existing tests
    • Fixed tests resource issues, added new fields to make this consistent in the codebase
    • Fixed issue with leaky environment variable for security root directory, refactored usage
    • Removed unneeded setDefaultUncaughtExceptionHandler in tests
    • Fixed issues with deprecated internal reflection from Mockito
    • Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries
  • Initial pass on non-inclusive terminology, commented out exclusions
  • Removed test dependency on scala
  • Removed test dependency on legacy xmlsecurity library

Issues Resolved

Testing

Security plugin - comparison

Folder Compare
Produced: 6/16/2022 3:28:53 PM

Mode:  All
Left base folder: C:\Users\petern\distros\opensearch-security-2.1.0.0-SNAPSHOT.zip
Right base folder: C:\Users\petern\distros\opensearch-security-2.1.0.0-SNAPSHOT-newest.zip
Name                                                           Size      Modified                 Name                                                           Size      Modified
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
config                                                            39,560 6/16/2022 5:59:40 PM     config                                                            39,560 6/16/2022 6:08:20 PM
tools                                                             26,656 6/16/2022 5:59:40 PM     tools                                                             26,656 6/16/2022 6:08:20 PM
accessors-smart-2.4.7.jar                                         29,489 5/11/2022 4:43:28 PM  =  accessors-smart-2.4.7.jar                                         29,489 5/11/2022 4:43:28 PM
aggs-matrix-stats-client-2.1.0-SNAPSHOT.jar                       57,358 6/15/2022 10:52:56 PM =  aggs-matrix-stats-client-2.1.0-SNAPSHOT.jar                       57,358 6/15/2022 10:52:56 PM
asm-9.1.jar                                                      121,790 5/11/2022 4:43:28 PM  =  asm-9.1.jar                                                      121,790 5/11/2022 4:43:28 PM
bcprov-jdk15on-1.67.jar                                        5,961,136 5/11/2022 4:43:28 PM  =  bcprov-jdk15on-1.67.jar                                        5,961,136 5/11/2022 4:43:28 PM
checker-qual-3.5.0.jar                                           214,381 5/11/2022 4:43:28 PM  =  checker-qual-3.5.0.jar                                           214,381 5/11/2022 4:43:28 PM
commons-cli-1.3.1.jar                                             52,988 5/11/2022 4:43:28 PM  =  commons-cli-1.3.1.jar                                             52,988 5/11/2022 4:43:28 PM
commons-codec-1.14.jar                                           347,669 5/11/2022 4:43:28 PM  =  commons-codec-1.14.jar                                           347,669 5/11/2022 4:43:28 PM
commons-collections-3.2.2.jar                                    588,337 5/11/2022 4:43:28 PM  =  commons-collections-3.2.2.jar                                    588,337 5/11/2022 4:43:28 PM
commons-lang-2.4.jar                                             261,809 5/11/2022 4:43:28 PM  =  commons-lang-2.4.jar                                             261,809 5/11/2022 4:43:28 PM
commons-lang3-3.4.jar                                            434,678 5/11/2022 4:43:28 PM  =  commons-lang3-3.4.jar                                            434,678 5/11/2022 4:43:28 PM
commons-logging-1.2.jar                                           61,829 5/11/2022 4:43:28 PM  =  commons-logging-1.2.jar                                           61,829 5/11/2022 4:43:28 PM
commons-text-1.2.jar                                             136,544 5/11/2022 4:43:28 PM  =  commons-text-1.2.jar                                             136,544 5/11/2022 4:43:28 PM
compiler-0.9.10.jar                                              111,518 5/11/2022 4:43:28 PM  =  compiler-0.9.10.jar                                              111,518 5/11/2022 4:43:28 PM
cryptacular-1.2.4.jar                                            162,471 5/11/2022 4:43:28 PM  =  cryptacular-1.2.4.jar                                            162,471 5/11/2022 4:43:28 PM
cxf-core-3.4.5.jar                                             1,434,086 5/11/2022 4:43:28 PM  =  cxf-core-3.4.5.jar                                             1,434,086 5/11/2022 4:43:28 PM
cxf-rt-rs-json-basic-3.4.5.jar                                    22,028 5/11/2022 4:43:28 PM  =  cxf-rt-rs-json-basic-3.4.5.jar                                    22,028 5/11/2022 4:43:28 PM
cxf-rt-rs-security-jose-3.4.5.jar                                234,129 5/11/2022 4:43:28 PM  =  cxf-rt-rs-security-jose-3.4.5.jar                                234,129 5/11/2022 4:43:28 PM
cxf-rt-security-3.4.5.jar                                         41,621 5/11/2022 4:43:28 PM  =  cxf-rt-security-3.4.5.jar                                         41,621 5/11/2022 4:43:28 PM
error_prone_annotations-2.3.4.jar                                 13,879 5/11/2022 4:43:28 PM  =  error_prone_annotations-2.3.4.jar                                 13,879 5/11/2022 4:43:28 PM
eventbus-3.2.0.jar                                                60,100 5/11/2022 4:43:28 PM  =  eventbus-3.2.0.jar                                                60,100 5/11/2022 4:43:28 PM
failureaccess-1.0.1.jar                                            4,617 5/11/2022 4:43:28 PM  =  failureaccess-1.0.1.jar                                            4,617 5/11/2022 4:43:28 PM
guava-30.0-jre.jar                                             2,858,426 5/11/2022 4:43:28 PM  =  guava-30.0-jre.jar                                             2,858,426 5/11/2022 4:43:28 PM
httpasyncclient-4.1.4.jar                                        179,964 5/11/2022 4:43:28 PM  =  httpasyncclient-4.1.4.jar                                        179,964 5/11/2022 4:43:28 PM
httpclient-4.5.13.jar                                            780,321 5/11/2022 4:43:28 PM  =  httpclient-4.5.13.jar                                            780,321 5/11/2022 4:43:28 PM
httpclient-cache-4.5.13.jar                                      164,090 5/11/2022 4:43:28 PM  =  httpclient-cache-4.5.13.jar                                      164,090 5/11/2022 4:43:28 PM
httpcore-4.4.12.jar                                              328,347 5/11/2022 4:43:28 PM  =  httpcore-4.4.12.jar                                              328,347 5/11/2022 4:43:28 PM
httpcore-nio-4.4.12.jar                                          367,672 5/11/2022 4:43:28 PM  =  httpcore-nio-4.4.12.jar                                          367,672 5/11/2022 4:43:28 PM
istack-commons-runtime-3.0.12.jar                                 29,807 5/11/2022 4:43:28 PM  =  istack-commons-runtime-3.0.12.jar                                 29,807 5/11/2022 4:43:28 PM
j2objc-annotations-1.3.jar                                         8,781 5/11/2022 4:43:28 PM  =  j2objc-annotations-1.3.jar                                         8,781 5/11/2022 4:43:28 PM
jackson-annotations-2.13.2.jar                                    75,717 5/11/2022 4:43:28 PM  =  jackson-annotations-2.13.2.jar                                    75,717 5/11/2022 4:43:28 PM
                                                                                               << jackson-databind-2.13.2.2.jar                                  1,535,087 5/13/2022 9:39:48 PM
jackson-databind-2.13.2.jar                                    1,534,715 5/11/2022 4:43:28 PM  >>
jakarta.activation-1.2.2.jar                                      68,453 5/11/2022 4:43:34 PM  =  jakarta.activation-1.2.2.jar                                      68,453 5/11/2022 4:43:34 PM
jakarta.annotation-api-1.3.5.jar                                  25,058 5/11/2022 4:43:28 PM  =  jakarta.annotation-api-1.3.5.jar                                  25,058 5/11/2022 4:43:28 PM
jakarta.xml.bind-api-2.3.3.jar                                   115,638 5/11/2022 4:43:28 PM  =  jakarta.xml.bind-api-2.3.3.jar                                   115,638 5/11/2022 4:43:28 PM
java-saml-2.5.0.jar                                               12,285 5/11/2022 4:43:28 PM  =  java-saml-2.5.0.jar                                               12,285 5/11/2022 4:43:28 PM
java-saml-core-2.5.0.jar                                         113,170 5/11/2022 4:43:28 PM  =  java-saml-core-2.5.0.jar                                         113,170 5/11/2022 4:43:28 PM
java-support-7.5.1.jar                                           272,381 5/11/2022 4:43:28 PM  =  java-support-7.5.1.jar                                           272,381 5/11/2022 4:43:28 PM
jaxb-runtime-2.3.4.jar                                         1,037,093 5/11/2022 4:43:28 PM  =  jaxb-runtime-2.3.4.jar                                         1,037,093 5/11/2022 4:43:28 PM
jjwt-api-0.10.8.jar                                               74,746 5/11/2022 4:43:28 PM  =  jjwt-api-0.10.8.jar                                               74,746 5/11/2022 4:43:28 PM
jjwt-impl-0.10.8.jar                                              70,159 5/11/2022 4:43:34 PM  =  jjwt-impl-0.10.8.jar                                              70,159 5/11/2022 4:43:34 PM
jjwt-jackson-0.10.8.jar                                            4,714 5/11/2022 4:43:34 PM  =  jjwt-jackson-0.10.8.jar                                            4,714 5/11/2022 4:43:34 PM
json-flattener-0.5.0.jar                                          25,211 5/11/2022 4:43:28 PM  =  json-flattener-0.5.0.jar                                          25,211 5/11/2022 4:43:28 PM
json-path-2.4.0.jar                                              223,186 5/11/2022 4:43:28 PM  =  json-path-2.4.0.jar                                              223,186 5/11/2022 4:43:28 PM
json-smart-2.4.7.jar                                             119,227 5/11/2022 4:43:28 PM  =  json-smart-2.4.7.jar                                             119,227 5/11/2022 4:43:28 PM
jsr305-3.0.2.jar                                                  19,936 5/11/2022 4:43:24 PM  =  jsr305-3.0.2.jar                                                  19,936 5/11/2022 4:43:24 PM
kafka-clients-3.0.0.jar                                        4,855,638 5/11/2022 4:43:28 PM  =  kafka-clients-3.0.0.jar                                        4,855,638 5/11/2022 4:43:28 PM
lang-mustache-client-2.1.0-SNAPSHOT.jar                           62,947 6/15/2022 10:52:56 PM =  lang-mustache-client-2.1.0-SNAPSHOT.jar                           62,947 6/15/2022 10:52:56 PM
ldaptive-1.2.3.jar                                               802,456 5/11/2022 4:43:28 PM  =  ldaptive-1.2.3.jar                                               802,456 5/11/2022 4:43:28 PM
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar     2,199 5/11/2022 4:43:28 PM  =  listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar     2,199 5/11/2022 4:43:28 PM
lz4-java-1.7.1.jar                                               649,950 5/11/2022 4:43:34 PM  =  lz4-java-1.7.1.jar                                               649,950 5/11/2022 4:43:34 PM
mapper-extras-client-2.1.0-SNAPSHOT.jar                           83,904 6/15/2022 10:52:32 PM =  mapper-extras-client-2.1.0-SNAPSHOT.jar                           83,904 6/15/2022 10:52:32 PM
metrics-core-3.1.2.jar                                           112,558 5/11/2022 4:43:28 PM  =  metrics-core-3.1.2.jar                                           112,558 5/11/2022 4:43:28 PM
minimal-json-0.9.5.jar                                            34,221 5/11/2022 4:43:28 PM  =  minimal-json-0.9.5.jar                                            34,221 5/11/2022 4:43:28 PM
netty-buffer-4.1.73.Final.jar                                    302,927 5/11/2022 4:43:28 PM  =  netty-buffer-4.1.73.Final.jar                                    302,927 5/11/2022 4:43:28 PM
netty-codec-4.1.73.Final.jar                                     337,170 5/11/2022 4:43:28 PM  =  netty-codec-4.1.73.Final.jar                                     337,170 5/11/2022 4:43:28 PM
netty-codec-http-4.1.73.Final.jar                                634,551 5/11/2022 4:43:28 PM  =  netty-codec-http-4.1.73.Final.jar                                634,551 5/11/2022 4:43:28 PM
netty-common-4.1.73.Final.jar                                    649,516 5/11/2022 4:43:28 PM  =  netty-common-4.1.73.Final.jar                                    649,516 5/11/2022 4:43:28 PM
netty-handler-4.1.73.Final.jar                                   522,638 5/11/2022 4:43:28 PM  =  netty-handler-4.1.73.Final.jar                                   522,638 5/11/2022 4:43:28 PM
netty-resolver-4.1.73.Final.jar                                   37,776 5/11/2022 4:43:28 PM  =  netty-resolver-4.1.73.Final.jar                                   37,776 5/11/2022 4:43:28 PM
netty-transport-4.1.73.Final.jar                                 478,804 5/11/2022 4:43:28 PM  =  netty-transport-4.1.73.Final.jar                                 478,804 5/11/2022 4:43:28 PM
opensaml-core-3.4.5.jar                                          181,870 5/11/2022 4:43:28 PM  =  opensaml-core-3.4.5.jar                                          181,870 5/11/2022 4:43:28 PM
opensaml-messaging-api-3.4.5.jar                                  56,249 5/11/2022 4:43:28 PM  =  opensaml-messaging-api-3.4.5.jar                                  56,249 5/11/2022 4:43:28 PM
opensaml-profile-api-3.4.5.jar                                    31,118 5/11/2022 4:43:28 PM  =  opensaml-profile-api-3.4.5.jar                                    31,118 5/11/2022 4:43:28 PM
opensaml-saml-api-3.4.5.jar                                      407,731 5/11/2022 4:43:28 PM  =  opensaml-saml-api-3.4.5.jar                                      407,731 5/11/2022 4:43:28 PM
opensaml-saml-impl-3.4.5.jar                                   1,169,221 5/11/2022 4:43:28 PM  =  opensaml-saml-impl-3.4.5.jar                                   1,169,221 5/11/2022 4:43:28 PM
opensaml-security-api-3.4.5.jar                                   66,957 5/11/2022 4:43:28 PM  =  opensaml-security-api-3.4.5.jar                                   66,957 5/11/2022 4:43:28 PM
opensaml-security-impl-3.4.5.jar                                 112,079 5/11/2022 4:43:28 PM  =  opensaml-security-impl-3.4.5.jar                                 112,079 5/11/2022 4:43:28 PM
opensaml-soap-api-3.4.5.jar                                      169,987 5/11/2022 4:43:28 PM  =  opensaml-soap-api-3.4.5.jar                                      169,987 5/11/2022 4:43:28 PM
opensaml-soap-impl-3.4.5.jar                                     403,255 5/11/2022 4:43:28 PM  =  opensaml-soap-impl-3.4.5.jar                                     403,255 5/11/2022 4:43:28 PM
opensaml-storage-api-3.4.5.jar                                    23,813 5/11/2022 4:43:28 PM  =  opensaml-storage-api-3.4.5.jar                                    23,813 5/11/2022 4:43:28 PM
opensaml-xmlsec-api-3.4.5.jar                                    209,519 5/11/2022 4:43:28 PM  =  opensaml-xmlsec-api-3.4.5.jar                                    209,519 5/11/2022 4:43:28 PM
opensaml-xmlsec-impl-3.4.5.jar                                   297,343 5/11/2022 4:43:28 PM  =  opensaml-xmlsec-impl-3.4.5.jar                                   297,343 5/11/2022 4:43:28 PM
opensearch-rest-client-2.1.0-SNAPSHOT.jar                         65,600 6/15/2022 10:52:32 PM =  opensearch-rest-client-2.1.0-SNAPSHOT.jar                         65,600 6/15/2022 10:52:32 PM
opensearch-rest-high-level-client-2.1.0-SNAPSHOT.jar             307,667 6/15/2022 10:52:32 PM =  opensearch-rest-high-level-client-2.1.0-SNAPSHOT.jar             307,667 6/15/2022 10:52:32 PM
opensearch-security-2.1.0.0-SNAPSHOT.jar                       1,170,360 6/16/2022 5:59:38 PM  << opensearch-security-2.1.0.0-SNAPSHOT.jar                       1,174,435 6/16/2022 6:08:18 PM
parent-join-client-2.1.0-SNAPSHOT.jar                             87,032 6/15/2022 10:52:56 PM =  parent-join-client-2.1.0-SNAPSHOT.jar                             87,032 6/15/2022 10:52:56 PM
plugin-descriptor.properties                                         216 6/16/2022 5:59:36 PM  << plugin-descriptor.properties                                       1,951 6/16/2022 6:08:18 PM
plugin-security.policy                                             3,280 6/15/2022 4:15:02 PM  =  plugin-security.policy                                             3,280 6/15/2022 4:15:02 PM
rank-eval-client-2.1.0-SNAPSHOT.jar                               82,422 6/15/2022 10:52:56 PM =  rank-eval-client-2.1.0-SNAPSHOT.jar                               82,422 6/15/2022 10:52:56 PM
slf4j-api-1.7.30.jar                                              41,472 5/11/2022 4:43:24 PM  =  slf4j-api-1.7.30.jar                                              41,472 5/11/2022 4:43:24 PM
snappy-java-1.1.8.1.jar                                        1,952,778 5/11/2022 4:43:34 PM  =  snappy-java-1.1.8.1.jar                                        1,952,778 5/11/2022 4:43:34 PM
stax2-api-4.2.1.jar                                              195,909 5/11/2022 4:43:28 PM  =  stax2-api-4.2.1.jar                                              195,909 5/11/2022 4:43:28 PM
transport-netty4-client-2.1.0-SNAPSHOT.jar                        73,277 6/15/2022 10:52:56 PM =  transport-netty4-client-2.1.0-SNAPSHOT.jar                        73,277 6/15/2022 10:52:56 PM
txw2-2.3.4.jar                                                    71,975 5/11/2022 4:43:28 PM  =  txw2-2.3.4.jar                                                    71,975 5/11/2022 4:43:28 PM
woodstox-core-6.2.6.jar                                        1,584,445 5/11/2022 4:43:28 PM  =  woodstox-core-6.2.6.jar                                        1,584,445 5/11/2022 4:43:28 PM
xmlschema-core-2.2.5.jar                                         173,293 5/11/2022 4:43:28 PM  =  xmlschema-core-2.2.5.jar                                         173,293 5/11/2022 4:43:28 PM
xmlsec-2.2.3.jar                                               1,123,199 5/11/2022 4:43:28 PM  =  xmlsec-2.2.3.jar                                               1,123,199 5/11/2022 4:43:28 PM
zjsonpatch-0.4.4.jar                                              30,476 5/11/2022 4:43:28 PM  =  zjsonpatch-0.4.4.jar                                              30,476 5/11/2022 4:43:28 PM
zstd-jni-1.5.0-2.jar                                           6,762,522 5/11/2022 4:43:34 PM  =  zstd-jni-1.5.0-2.jar                                           6,762,522 5/11/2022 4:43:34 PM
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

The only meaningful difference seen here is the jackson-databind version, which is in alignment with the OpenSearch repository.

Check List

  • New functionality includes testing
  • New functionality has been documented
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@peternied peternied requested a review from a team June 16, 2022 20:36
@peternied peternied self-assigned this Jun 16, 2022
@codecov-commenter
Copy link

codecov-commenter commented Jun 16, 2022

Codecov Report

Merging #1888 (e222521) into main (8393c71) will decrease coverage by 0.02%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##               main    #1888      +/-   ##
============================================
- Coverage     61.04%   61.01%   -0.03%     
- Complexity     3234     3235       +1     
============================================
  Files           256      256              
  Lines         18088    18088              
  Branches       3224     3224              
============================================
- Hits          11041    11036       -5     
- Misses         5467     5468       +1     
- Partials       1580     1584       +4     
Impacted Files Coverage Δ
...earch/security/dlic/rest/api/MigrateApiAction.java 4.16% <ø> (ø)
...rch/security/dlic/rest/api/WhitelistApiAction.java 100.00% <ø> (ø)
...ch/security/securityconf/DynamicConfigFactory.java 56.05% <ø> (ø)
...rg/opensearch/security/ssl/util/CertFileProps.java 100.00% <ø> (ø)
...org/opensearch/security/ssl/util/CertFromFile.java 100.00% <ø> (ø)
...opensearch/security/ssl/util/CertFromKeystore.java 73.91% <ø> (ø)
...ensearch/security/ssl/util/CertFromTruststore.java 87.87% <ø> (ø)
...search/security/ssl/util/CertificateValidator.java 69.41% <ø> (ø)
...rg/opensearch/security/ssl/util/KeystoreProps.java 72.72% <ø> (ø)
...a/org/opensearch/security/tools/SecurityAdmin.java 37.31% <ø> (ø)
... and 4 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7f5ca53...e222521. Read the comment docs.

build.gradle Show resolved Hide resolved
build.gradle Show resolved Hide resolved
Copy link
Member

@cliu123 cliu123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are very sensitive changes. We need to make sure not to change any dependencies, artifacts, tests etc. Any miss could introduce build, test and functionality regressions. A couple of initial comments:

  1. There are only 245 tests running:
    245 tests completed, 1 failed, 8 skipped
    Before the change, 1111 tests running:
    1111 tests completed, 1 failed, 46 skipped
  2. Please verify all the dependencies and artifacts being generated are exactly same.

@peternied
Copy link
Member Author

Please verify all the dependencies and artifacts being generated are exactly same.

See in the description Security plugin - comparison (it expands with the file diff) the produced artifacts is the same.

There are only 245 tests running:
245 tests completed, 1 failed, 8 skipped
Before the change, 1111 tests running:
1111 tests completed, 1 failed, 46 skipped

Great idea to check this... I'll see about getting before/after test lists.

@cliu123
Copy link
Member

cliu123 commented Jun 16, 2022

See in the description Security plugin - comparison (it expands with the file diff) the produced artifacts is the same.

I see some differences here:

                                                                                               << jackson-databind-2.13.2.2.jar                                  1,535,087 5/13/2022 9:39:48 PM
jackson-databind-2.13.2.jar                                    1,534,715 5/11/2022 4:43:28 PM  >>
opensearch-security-2.1.0.0-SNAPSHOT.jar                       1,170,360 6/16/2022 5:59:38 PM  << opensearch-security-2.1.0.0-SNAPSHOT.jar                       1,174,435 6/16/2022 6:08:18 PM
plugin-descriptor.properties                                         216 6/16/2022 5:59:36 PM  << plugin-descriptor.properties                                       1,951 6/16/2022 6:08:18 PM

@davidlago
Copy link

davidlago commented Jun 17, 2022

Suspicious that a significant portion of the coverage drop comes from whitelist-named files 🤔

@peternied
Copy link
Member Author

peternied commented Jun 17, 2022

@cliu123 Thanks for checking in on those differences, they are all expected, here is a quick rundown with explainations for each.

The jackson-databind version is in now in alignment with the OpenSearch repository, this difference is expected

The plugin descriptor follows the template pattern, see expanded diff

DlsFlsFilterLeafReader.java#L652-L665
Produced: 6/17/2022 1:57:32 PM

Mode:  All, Ignoring Unimportant
Left file: C:\Users\petern\distros\opensearch-security-2.1.0.0-SNAPSHOT.zip\plugin-descriptor.properties
Right file: C:\Users\petern\distros\opensearch-security-2.1.0.0-SNAPSHOT-newest.zip\plugin-descriptor.properties
                                                                   -+ #
                                                                      # SPDX-License-Identifier: Apache-2.0
                                                                      #
                                                                      # The OpenSearch Contributors require contributions made to
                                                                      # this file be licensed under the Apache-2.0 license or a
                                                                      # compatible open source license.
                                                                      #
                                                                      # Modifications Copyright OpenSearch Contributors. See
                                                                      # GitHub history for details.
                                                                      #
-----------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                   =
-----------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                   -+ # OpenSearch plugin descriptor file
                                                                      # This file must exist as 'plugin-descriptor.properties' inside a plugin.
                                                                      #
                                                                      ### example plugin for "foo"
                                                                      #
                                                                      # foo.zip <-- zip file for the plugin, with this structure:
                                                                      # |____   <arbitrary name1>.jar <-- classes, resources, dependencies
                                                                      # |____   <arbitrary nameN>.jar <-- any number of jars
                                                                      # |____   plugin-descriptor.properties <-- example contents below:
                                                                      #
                                                                      # classname=foo.bar.BazPlugin
                                                                      # description=My cool plugin
                                                                      # version=6.0
                                                                      # opensearch.version=6.0
                                                                      # java.version=1.8
                                                                      #
                                                                      ### mandatory elements for all plugins:
                                                                      #
                                                                      # 'description': simple summary of the plugin
-----------------------------------------------------------------------------------------------------------------------------------------------------------
description=Provide access control related features for OpenSearch =  description=Provide access control related features for OpenSearch
-----------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                   -+ #
                                                                      # 'version': plugin's version
-----------------------------------------------------------------------------------------------------------------------------------------------------------
version=2.1.0.0-SNAPSHOT                                           =  version=2.1.0.0-SNAPSHOT
-----------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                   -+ #
                                                                      # 'name': the plugin name
-----------------------------------------------------------------------------------------------------------------------------------------------------------
name=opensearch-security                                           =  name=opensearch-security
-----------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                   -+ #
                                                                      # 'classname': the name of the class to load, fully-qualified
-----------------------------------------------------------------------------------------------------------------------------------------------------------
classname=org.opensearch.security.OpenSearchSecurityPlugin         =  classname=org.opensearch.security.OpenSearchSecurityPlugin
-----------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                   -+ #
                                                                      # 'java.version': version of java the code is built against
                                                                      # use the system property java.specification.version
                                                                      # version string must be a sequence of nonnegative decimal integers
                                                                      # separated by "."'s and may have leading zeros
-----------------------------------------------------------------------------------------------------------------------------------------------------------
java.version=11                                                    =  java.version=11
-----------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                   -+ #
                                                                      # 'opensearch.version': semantic version of opensearch the plugin is compatible with
                                                                      # does not include -SNAPSHOT if compiled against a snapshot build
-----------------------------------------------------------------------------------------------------------------------------------------------------------
opensearch.version=2.1.0                                           =  opensearch.version=2.1.0
-----------------------------------------------------------------------------------------------------------------------------------------------------------
                                                                   -+ #
                                                                      ### optional elements for plugins:
                                                                      #
                                                                      # 'custom.foldername': the custom name of the folder in which the plugin is installed
                                                                      custom.foldername=
                                                                      #
                                                                      # 'extended.plugins': other plugins this plugin extends through SPI
                                                                      extended.plugins=
                                                                      #
                                                                      # 'has.native.controller': whether or not the plugin has a native controller
                                                                      has.native.controller=false
-----------------------------------------------------------------------------------------------------------------------------------------------------------

The changes within the opensearch-security-*.jar are ignorable,

Folder Compare
Produced: 6/17/2022 2:02:45 PM

Mode:  All
Ignoring Unimportant
Left base folder: C:\Users\petern\distros\opensearch-security-2.1.0.0-SNAPSHOT\opensearch-security-2.1.0.0-SNAPSHOT.jar
Right base folder: C:\Users\petern\distros\opensearch-security-2.1.0.0-SNAPSHOT-newest\opensearch-security-2.1.0.0-SNAPSHOT.jar
Name                      Size      Modified                Name                      Size      Modified
--------------------------------------------------------------------------------------------------------------------
com                         357,769 6/16/2022 5:59:38 PM    com                         357,769 6/16/2022 6:08:18 PM
\amazon                     357,769 6/16/2022 5:59:38 PM    \amazon                     357,769 6/16/2022 6:08:18 PM
license_headers                 294 6/16/2022 5:59:38 PM    license_headers                 294 6/16/2022 6:08:18 PM
\license_header.txt             294 6/16/2022 5:59:38 PM =  \license_header.txt             294 6/16/2022 6:08:18 PM
META-INF                        389 6/16/2022 5:59:38 PM    META-INF                     12,364 6/16/2022 6:08:18 PM
|                                                        << +LICENSE.txt                 11,357 4/22/2022 5:47:16 PM
\MANIFEST.MF                    389 6/16/2022 5:59:38 PM <> +MANIFEST.MF                    643 6/16/2022 6:08:18 PM
                                                         << \NOTICE.txt                     364 6/7/2022 5:49:38 PM
org                       2,269,860 6/16/2022 5:59:36 PM    org                       2,269,860 6/16/2022 6:08:16 PM
static_config                 8,912 6/16/2022 5:59:38 PM    static_config                 8,912 6/16/2022 6:08:18 PM
+static_action_groups.yml     5,036 6/16/2022 5:59:38 PM =  +static_action_groups.yml     5,036 6/16/2022 6:08:18 PM
+static_audit.yml                18 6/16/2022 5:59:38 PM =  +static_audit.yml                18 6/16/2022 6:08:18 PM
+static_roles.yml             3,714 6/16/2022 5:59:38 PM =  +static_roles.yml             3,714 6/16/2022 6:08:18 PM
\static_tenants.yml             144 6/16/2022 5:59:38 PM =  \static_tenants.yml             144 6/16/2022 6:08:18 PM
git.properties                  572 6/16/2022 5:59:38 PM >>
NOTICE.txt                      364 6/7/2022 5:49:38 PM  =  NOTICE.txt                      364 6/7/2022 5:49:38 PM
THIRD-PARTY.txt               9,864 2/14/2022 7:46:50 PM =  THIRD-PARTY.txt               9,864 2/14/2022 7:46:50 PM
--------------------------------------------------------------------------------------------------------------------

Inside opensearch-security-*.jar, updated META-INF\MANIFEST.MF file

Mode:  All, Ignoring Unimportant
Left file: C:\Users\petern\distros\opensearch-security-2.1.0.0-SNAPSHOT\opensearch-security-2.1.0.0-SNAPSHOT.jar\META-INF\MANIFEST.MF
Right file: C:\Users\petern\distros\opensearch-security-2.1.0.0-SNAPSHOT-newest\opensearch-security-2.1.0.0-SNAPSHOT.jar\META-INF\MANIFEST.MF
Manifest-Version: 1.0                                              =  Manifest-Version: 1.0
----------------------------------------------------------------------------------------------------------------------------------------------
Created-By: Gradle 7.4.2                                           <> Module-Origin: git@github.com:opensearch-project/security.git
Build-Jdk: 17.0.1                                                     Change: 3722175d713e0a07b78e6a32cc385d5ed85b44f8
                                                                      X-Compile-OpenSearch-Version: 2.1.0-SNAPSHOT
                                                                      X-Compile-Lucene-Version: 9.2.0-snapshot-ba8c3a8
                                                                      X-Compile-OpenSearch-Snapshot: true
Implementation-Title: OpenSearch Security                             Implementation-Title: org.opensearch#opensearch-security;2.1.0.0-SNAPSHO
                                                                       T
----------------------------------------------------------------------------------------------------------------------------------------------
Implementation-Version: 2.1.0.0-SNAPSHOT                           =  Implementation-Version: 2.1.0.0-SNAPSHOT
----------------------------------------------------------------------------------------------------------------------------------------------
Implementation-Vendor-Id: org.opensearch                           <> Built-Status: integration
Implementation-URL: https://github.com/opensearch-project/security    Built-By: petern
                                                                      Built-OS: Linux
Build-Time: 2022-06-16T17:59:36Z                                      Build-Date: 2022-06-16T18:08:08.170239443Z
Built-By: OpenSearch Security Plugin                                  Gradle-Version: 7.4.2
git-sha1: cd28b115a7ec3b14f465b8f292c98de3709a6322                    Created-By: 17.0.1+12-39 (Oracle Corporation)
                                                                      Build-Java-Version: 17
                                                                      X-Compile-Target-JDK: 11
                                                                      X-Compile-Source-JDK: 11
----------------------------------------------------------------------------------------------------------------------------------------------
                                                                   =
----------------------------------------------------------------------------------------------------------------------------------------------

Inside opensearch-security-*.jar, deleted git.properties. The manifest includes the relevant details and removes the custom build logic to generate this

git.branch=HEAD
git.build.version=2.1.0.0-SNAPSHOT
git.closest.tag.commit.count=143
git.closest.tag.name=1.1.0.0
git.commit.id=cd28b115a7ec3b14f465b8f292c98de3709a6322
git.commit.id.abbrev=cd28b11
git.commit.id.describe=1.1.0.0-143-gcd28b11
git.commit.message.full=Bump version to 2.1.0.0 (\#1883)\n\nSigned-off-by\: cliu123 <lc12251109@gmail.com>
git.commit.message.short=Bump version to 2.1.0.0 (\#1883)
git.commit.time=2022-06-16T17\:08\:29+0000
git.dirty=false
git.remote.origin.url=git@github.com\:opensearch-project/security.git
git.tags=
git.total.commit.count=523

@cliu123
Copy link
Member

cliu123 commented Jun 17, 2022

Suspicious that a significant portion of the coverage drop comes from whitelist-named files 🤔

The logic and tests for whitelist have not been removed. It's been deprecated, but not removed. Allowlist was introduced, but it included both logic and tests, so it didn't have much impact on the test coverage.

@cliu123
Copy link
Member

cliu123 commented Jun 20, 2022

@peternied Great work! Could you move the changes that are not required to standardize the build with OpenSearch plugin? Things like test refactoring, sun_check(non-inclusive terminologies) etc. are not in the scope of this PR. They can be in separate PRs.

@peternied
Copy link
Member Author

@cliu123 I was able to remove the checkstyle supressions, but the other changes are needed. Please create comments on individual changes if you think they should be removed. Calling out the test changes, they are needed because the Parameterized runner cannot be used with RandomizedTest runner, this was preventing these tests from being executed

@DarshitChanpura
Copy link
Member

@peternied Can you please review the failing CI build for java-17?

peternied added 14 commits June 23, 2022 15:21
* Rewrote build.gradle to follow OpenSearch plugin standards
  * Enabled license headers check on the repository
  * Did not enable several new repository checks
  * Added maven publishing for security
  * Removed excess forced dependency resolutions
  * Rebuilt projects dependencies, release plugin binary has the exact same dependenices and versions
  * Converted dependencies into runtime dependencies to avoid use during coding
  * Converted dependencies from project wide to test only dependencies
  * jackson-databind version comes from OpenSearch
  * Replaced handmade build manifest with git properties to automated version used by OpenSearch
* Added license headers to files that were missing them
* Checkstyle improvements
  * Removed check for one-off issue with incorrect headers
  * Disable checkstyle checks that are not errors
  * Added comment for checkstyle supression
  * Moved checkstyle file into directory off of the project root
* Moved standard configuration directory
* Using default test running from OpenSearch
  * Switched to RandomizedTest as the base test class
  * Parameterized test runner cannot be used with RandomizedTest coverted test functionality
  * Fixed tests resource issues, added new fields to make this consistant in the codebase
  * Fixed issue with leaky environment variable for security root directory, refactored usage
  * Removed unneeded setDefaultUncaughtExceptionHandler in tests
  * Fixed issues with deprecated internal reflection from Mockito
  * Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries
* Initial pass on non-inclusive terminology, commented out exclusions
* Removed test dependency on scala
* Removed test dependency on legacy xmlsecurity library

Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
…t cases

Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
@cliu123
Copy link
Member

cliu123 commented Jun 23, 2022

@cliu123 vrozov removed himself from reviewing this change, do you have specific concerns that aren't addressed by seeing CI pass?

@peternied I know that @vrozov mentioned that Randomized Runner could introduce some regressions for some reason, but @vrozov has more context on this. Would you follow up?

@cliu123
Copy link
Member

cliu123 commented Jun 23, 2022

I see some test failures in CI. And 1147 tests ran, but only 1111 tests ran before the changes as I commented above. The build system migration change should not add more tests though.

2022-06-23T16:03:23.6707707Z 1147 tests completed, 6 failed, 45 skipped
2022-06-23T16:03:23.6708294Z > Task :test
2022-06-23T16:03:23.6708670Z 
2022-06-23T16:03:23.6708935Z Tests with failures:
2022-06-23T16:03:23.6709809Z  - org.opensearch.security.HttpIntegrationTests.testTenantInfo
2022-06-23T16:03:23.6710682Z  - org.opensearch.security.dlic.dlsfls.DlsTest.testDlsWithMinDocCountZeroAggregations
2022-06-23T16:03:23.6711801Z  - org.opensearch.security.dlic.rest.api.TenantInfoActionTest.testTenantInfoAPIUpdate

@peternied
Copy link
Member Author

I see some test failures in CI. And 1147 tests ran, but only 1111 tests ran before the changes as I commented above. The build system migration change should not add more tests though.

When I compare the number of tests run against main I see 1146, where as with this change I see 1145. The number of tests includes retries, so exact numeric matches aren't. That aside, the associated test coverage is nearly identical. I don't think there is an issue here - how does this sound to you?

Copy link

@davidlago davidlago left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At this point, I don't think we have enough solid information to block/delay this PR on the suspicion that the Randomized Runner might be causing issues. I support moving forward with this change and addressing any particular issues (if/when confirmed) as they arise. This is an important PR that is long overdue to bring us in line with the rest of the project.

@cliu123
Copy link
Member

cliu123 commented Jun 24, 2022

I've dismissed my review.

@cliu123 cliu123 dismissed their stale review June 24, 2022 16:20

unblocking the PR

@cliu123
Copy link
Member

cliu123 commented Jun 24, 2022

I see some test failures in CI. And 1147 tests ran, but only 1111 tests ran before the changes as I commented above. The build system migration change should not add more tests though.

When I compare the number of tests run against main I see 1146, where as with this change I see 1145. The number of tests includes retries, so exact numeric matches aren't. That aside, the associated test coverage is nearly identical. I don't think there is an issue here - how does this sound to you?

Thanks for clarifying! Looking at the test summary, I see more retries, which means more tests have become flaky(6 tests failed). I'd suggest to re-run CI a few times to confirm the stability of tests remain same.

@peternied peternied added v2.1.0 backport 2.x backport to 2.x branch labels Jun 24, 2022
@peternied peternied merged commit 03a224d into opensearch-project:main Jun 24, 2022
@peternied peternied deleted the gradle-build branch June 24, 2022 17:22
opensearch-trigger-bot bot pushed a commit that referenced this pull request Jun 24, 2022
* Switch to standard OpenSearch gradle build

* Rewrote build.gradle to follow OpenSearch plugin standards
  * Enabled license headers check on the repository
  * Did not enable several new repository checks
  * Added maven publishing for security
  * Removed excess forced dependency resolutions
  * Rebuilt projects dependencies, release plugin binary has the exact same dependencies and versions
  * Converted dependencies into runtime dependencies to avoid use during coding
  * Converted dependencies from project wide to test only dependencies
  * jackson-databind version comes from OpenSearch
  * Replaced handmade build manifest with git properties to automated version used by OpenSearch
* Added license headers to files that were missing them
* Checkstyle improvements
  * Disable checkstyle checks that are not errors
  * Moved checkstyle file into directory off of the project root
* Moved standard configuration directory
* Using default test running from OpenSearch
  * Switched to RandomizedTest as the base test class
  * Parameterized test runner cannot be used with RandomizedTest converted test functionality
  * Fixed tests resource issues, added new fields to make this consistent in the codebase
  * Fixed issue with leaky environment variable for security root directory, refactored usage
  * Removed unneeded setDefaultUncaughtExceptionHandler in tests
  * Fixed issues with deprecated internal reflection from Mockito
  * Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries
* Initial pass on non-inclusive terminology, commented out exclusions
* Removed test dependency on scala
* Removed test dependency on legacy xmlsecurity library

Signed-off-by: Peter Nied <petern@amazon.com>
(cherry picked from commit 03a224d)
peternied added a commit that referenced this pull request Jun 24, 2022
* Switch to standard OpenSearch gradle build (#1888)

* Rewrote build.gradle to follow OpenSearch plugin standards
  * Enabled license headers check on the repository
  * Did not enable several new repository checks
  * Added maven publishing for security
  * Removed excess forced dependency resolutions
  * Rebuilt projects dependencies, release plugin binary has the exact same dependencies and versions
  * Converted dependencies into runtime dependencies to avoid use during coding
  * Converted dependencies from project wide to test only dependencies
  * jackson-databind version comes from OpenSearch
  * Replaced handmade build manifest with git properties to automated version used by OpenSearch
* Added license headers to files that were missing them
* Checkstyle improvements
  * Disable checkstyle checks that are not errors
  * Moved checkstyle file into directory off of the project root
* Moved standard configuration directory
* Using default test running from OpenSearch
  * Switched to RandomizedTest as the base test class
  * Parameterized test runner cannot be used with RandomizedTest converted test functionality
  * Fixed tests resource issues, added new fields to make this consistent in the codebase
  * Fixed issue with leaky environment variable for security root directory, refactored usage
  * Removed unneeded setDefaultUncaughtExceptionHandler in tests
  * Fixed issues with deprecated internal reflection from Mockito
  * Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries
* Initial pass on non-inclusive terminology, commented out exclusions
* Removed test dependency on scala
* Removed test dependency on legacy xmlsecurity library

Signed-off-by: Peter Nied <petern@amazon.com>
(cherry picked from commit 03a224d)

* Fix build break from cluster manager changes

Signed-off-by: Peter Nied <petern@amazon.com>

Co-authored-by: Peter Nied <petern@amazon.com>
stephen-crawford pushed a commit to stephen-crawford/security that referenced this pull request Nov 10, 2022
…-project#1903)

* Switch to standard OpenSearch gradle build (opensearch-project#1888)

* Rewrote build.gradle to follow OpenSearch plugin standards
  * Enabled license headers check on the repository
  * Did not enable several new repository checks
  * Added maven publishing for security
  * Removed excess forced dependency resolutions
  * Rebuilt projects dependencies, release plugin binary has the exact same dependencies and versions
  * Converted dependencies into runtime dependencies to avoid use during coding
  * Converted dependencies from project wide to test only dependencies
  * jackson-databind version comes from OpenSearch
  * Replaced handmade build manifest with git properties to automated version used by OpenSearch
* Added license headers to files that were missing them
* Checkstyle improvements
  * Disable checkstyle checks that are not errors
  * Moved checkstyle file into directory off of the project root
* Moved standard configuration directory
* Using default test running from OpenSearch
  * Switched to RandomizedTest as the base test class
  * Parameterized test runner cannot be used with RandomizedTest converted test functionality
  * Fixed tests resource issues, added new fields to make this consistent in the codebase
  * Fixed issue with leaky environment variable for security root directory, refactored usage
  * Removed unneeded setDefaultUncaughtExceptionHandler in tests
  * Fixed issues with deprecated internal reflection from Mockito
  * Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries
* Initial pass on non-inclusive terminology, commented out exclusions
* Removed test dependency on scala
* Removed test dependency on legacy xmlsecurity library

Signed-off-by: Peter Nied <petern@amazon.com>
(cherry picked from commit 03a224d)

* Fix build break from cluster manager changes

Signed-off-by: Peter Nied <petern@amazon.com>

Co-authored-by: Peter Nied <petern@amazon.com>
stephen-crawford pushed a commit to stephen-crawford/security that referenced this pull request Nov 10, 2022
* Switch to standard OpenSearch gradle build

* Rewrote build.gradle to follow OpenSearch plugin standards
  * Enabled license headers check on the repository
  * Did not enable several new repository checks
  * Added maven publishing for security
  * Removed excess forced dependency resolutions
  * Rebuilt projects dependencies, release plugin binary has the exact same dependencies and versions
  * Converted dependencies into runtime dependencies to avoid use during coding
  * Converted dependencies from project wide to test only dependencies
  * jackson-databind version comes from OpenSearch
  * Replaced handmade build manifest with git properties to automated version used by OpenSearch
* Added license headers to files that were missing them
* Checkstyle improvements
  * Disable checkstyle checks that are not errors
  * Moved checkstyle file into directory off of the project root
* Moved standard configuration directory
* Using default test running from OpenSearch
  * Switched to RandomizedTest as the base test class
  * Parameterized test runner cannot be used with RandomizedTest converted test functionality
  * Fixed tests resource issues, added new fields to make this consistent in the codebase
  * Fixed issue with leaky environment variable for security root directory, refactored usage
  * Removed unneeded setDefaultUncaughtExceptionHandler in tests
  * Fixed issues with deprecated internal reflection from Mockito
  * Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries
* Initial pass on non-inclusive terminology, commented out exclusions
* Removed test dependency on scala
* Removed test dependency on legacy xmlsecurity library

Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
stephen-crawford pushed a commit to stephen-crawford/security that referenced this pull request Nov 10, 2022
…-project#1903)

* Switch to standard OpenSearch gradle build (opensearch-project#1888)

* Rewrote build.gradle to follow OpenSearch plugin standards
  * Enabled license headers check on the repository
  * Did not enable several new repository checks
  * Added maven publishing for security
  * Removed excess forced dependency resolutions
  * Rebuilt projects dependencies, release plugin binary has the exact same dependencies and versions
  * Converted dependencies into runtime dependencies to avoid use during coding
  * Converted dependencies from project wide to test only dependencies
  * jackson-databind version comes from OpenSearch
  * Replaced handmade build manifest with git properties to automated version used by OpenSearch
* Added license headers to files that were missing them
* Checkstyle improvements
  * Disable checkstyle checks that are not errors
  * Moved checkstyle file into directory off of the project root
* Moved standard configuration directory
* Using default test running from OpenSearch
  * Switched to RandomizedTest as the base test class
  * Parameterized test runner cannot be used with RandomizedTest converted test functionality
  * Fixed tests resource issues, added new fields to make this consistent in the codebase
  * Fixed issue with leaky environment variable for security root directory, refactored usage
  * Removed unneeded setDefaultUncaughtExceptionHandler in tests
  * Fixed issues with deprecated internal reflection from Mockito
  * Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries
* Initial pass on non-inclusive terminology, commented out exclusions
* Removed test dependency on scala
* Removed test dependency on legacy xmlsecurity library

Signed-off-by: Peter Nied <petern@amazon.com>
(cherry picked from commit 03a224d)

* Fix build break from cluster manager changes

Signed-off-by: Peter Nied <petern@amazon.com>

Co-authored-by: Peter Nied <petern@amazon.com>
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
stephen-crawford pushed a commit to stephen-crawford/security that referenced this pull request Nov 10, 2022
…-project#1903)

* Switch to standard OpenSearch gradle build (opensearch-project#1888)

* Rewrote build.gradle to follow OpenSearch plugin standards
  * Enabled license headers check on the repository
  * Did not enable several new repository checks
  * Added maven publishing for security
  * Removed excess forced dependency resolutions
  * Rebuilt projects dependencies, release plugin binary has the exact same dependencies and versions
  * Converted dependencies into runtime dependencies to avoid use during coding
  * Converted dependencies from project wide to test only dependencies
  * jackson-databind version comes from OpenSearch
  * Replaced handmade build manifest with git properties to automated version used by OpenSearch
* Added license headers to files that were missing them
* Checkstyle improvements
  * Disable checkstyle checks that are not errors
  * Moved checkstyle file into directory off of the project root
* Moved standard configuration directory
* Using default test running from OpenSearch
  * Switched to RandomizedTest as the base test class
  * Parameterized test runner cannot be used with RandomizedTest converted test functionality
  * Fixed tests resource issues, added new fields to make this consistent in the codebase
  * Fixed issue with leaky environment variable for security root directory, refactored usage
  * Removed unneeded setDefaultUncaughtExceptionHandler in tests
  * Fixed issues with deprecated internal reflection from Mockito
  * Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries
* Initial pass on non-inclusive terminology, commented out exclusions
* Removed test dependency on scala
* Removed test dependency on legacy xmlsecurity library

Signed-off-by: Peter Nied <petern@amazon.com>
(cherry picked from commit 03a224d)

* Fix build break from cluster manager changes

Signed-off-by: Peter Nied <petern@amazon.com>

Co-authored-by: Peter Nied <petern@amazon.com>
Signed-off-by: Stephen Crawford <steecraw@amazon.com>
@DarshitChanpura DarshitChanpura added the backport 1.3 backport to 1.3 branch label Dec 2, 2022
@opensearch-trigger-bot
Copy link
Contributor

The backport to 1.3 failed:

The process '/usr/bin/git' failed with exit code 1

To backport manually, run these commands in your terminal:

# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-1.3 1.3
# Navigate to the new working tree
cd .worktrees/backport-1.3
# Create a new branch
git switch --create backport/backport-1888-to-1.3
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 03a224d16045a8f561e2d7d84b8765c95309524c
# Push it to GitHub
git push --set-upstream origin backport/backport-1888-to-1.3
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-1.3

Then, create a pull request where the base branch is 1.3 and the compare/head branch is backport/backport-1888-to-1.3.

wuychn pushed a commit to ochprince/security that referenced this pull request Mar 16, 2023
…-project#1903)

* Switch to standard OpenSearch gradle build (opensearch-project#1888)

* Rewrote build.gradle to follow OpenSearch plugin standards
  * Enabled license headers check on the repository
  * Did not enable several new repository checks
  * Added maven publishing for security
  * Removed excess forced dependency resolutions
  * Rebuilt projects dependencies, release plugin binary has the exact same dependencies and versions
  * Converted dependencies into runtime dependencies to avoid use during coding
  * Converted dependencies from project wide to test only dependencies
  * jackson-databind version comes from OpenSearch
  * Replaced handmade build manifest with git properties to automated version used by OpenSearch
* Added license headers to files that were missing them
* Checkstyle improvements
  * Disable checkstyle checks that are not errors
  * Moved checkstyle file into directory off of the project root
* Moved standard configuration directory
* Using default test running from OpenSearch
  * Switched to RandomizedTest as the base test class
  * Parameterized test runner cannot be used with RandomizedTest converted test functionality
  * Fixed tests resource issues, added new fields to make this consistent in the codebase
  * Fixed issue with leaky environment variable for security root directory, refactored usage
  * Removed unneeded setDefaultUncaughtExceptionHandler in tests
  * Fixed issues with deprecated internal reflection from Mockito
  * Disabled ThreadLeak detection as it is catching real issues that are mitigated by retries
* Initial pass on non-inclusive terminology, commented out exclusions
* Removed test dependency on scala
* Removed test dependency on legacy xmlsecurity library

Signed-off-by: Peter Nied <petern@amazon.com>
(cherry picked from commit 03a224d)

* Fix build break from cluster manager changes

Signed-off-by: Peter Nied <petern@amazon.com>

Co-authored-by: Peter Nied <petern@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport 1.3 backport to 1.3 branch backport 2.x backport to 2.x branch v2.1.0
Projects
None yet
5 participants