forked from opensearch-project/security
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add CI for Windows and MacOS platforms (opensearch-project#2190)
Add CI for Windows and MacOS platforms Due to the increase in the number of platforms, I've separated the newer integration tests into their own workflow. Until retries have been enabled they will automatically pass - but still run and report logs. As soon as we have full confidence we will allow them to start blocking pull requests from merging. opensearch-project#2184 Switch the gradle commands to be platform agnostic via the `gradle/gradle-build-action@v2`, dropping the 'clean' step to the build which allows us to reuse the gradle cache - if we see any problems pulling in more recent snapshots we can disable this setting quickly. Found and fixed an issued with config value replacement via environment variables, long story short Windows and MacOS allow for many more characters that are used in the unix environment variable landscape. Added new tests to cover these interesting scenarios as well. Found an encoding issue with user names from config files, still unclear of the source of this issue, be it test setup specific or a problem in the broader OpenSearch ecosystem, disabling the `testSpecialUsernames` until we can dive deeper. opensearch-project#2194 Disabled the HeapBasedRateTrackerTests - it was depending on system timing and was very brittle if the system under test experienced any undo load, created follow up issue opensearch-project#2193 Fixed a test issue in testDlsWithMinDocCountZeroAggregations where there was a random chance for a test failure, easier to find intermittent tests when they are run so often. OpenSSL has open questions - while it is supported for our Linux JDK11 builds, it seems like a stopgap measure. I've disabled the tests on windows environment while we determine if we should support OpenSSL at all on Windows JDK11. opensearch-project#2195 Signed-off-by: Peter Nied <petern@amazon.com>
- Loading branch information
Showing
6 changed files
with
89 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
73 changes: 73 additions & 0 deletions
73
src/test/java/org/opensearch/security/support/SecurityUtilsTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
/* | ||
* SPDX-License-Identifier: Apache-2.0 | ||
* | ||
* The OpenSearch Contributors require contributions made to | ||
* this file be licensed under the Apache-2.0 license or a | ||
* compatible open source license. | ||
* | ||
* Modifications Copyright OpenSearch Contributors. See | ||
* GitHub history for details. | ||
*/ | ||
package org.opensearch.security.support; | ||
|
||
import java.util.Collection; | ||
import java.util.List; | ||
import java.util.function.Predicate; | ||
|
||
import org.junit.Test; | ||
|
||
import static org.hamcrest.MatcherAssert.assertThat; | ||
import static org.hamcrest.Matchers.equalTo; | ||
import static org.opensearch.security.support.SecurityUtils.ENVBASE64_PATTERN; | ||
import static org.opensearch.security.support.SecurityUtils.ENVBC_PATTERN; | ||
import static org.opensearch.security.support.SecurityUtils.ENV_PATTERN; | ||
|
||
public class SecurityUtilsTest { | ||
|
||
private final Collection<String> interestingEnvKeyNames = List.of( | ||
"=ExitCode", | ||
"=C:", | ||
"ProgramFiles(x86)", | ||
"INPUT_GRADLE-HOME-CACHE-CLEANUP", | ||
"MYENV", | ||
"MYENV:", | ||
"MYENV::" | ||
); | ||
private final Collection<String> namesFromThisRuntimeEnvironment = System.getenv().keySet(); | ||
|
||
@Test | ||
public void checkInterestingNamesForEnvPattern() { | ||
checkKeysWithPredicate(interestingEnvKeyNames, "env", ENV_PATTERN.asMatchPredicate()); | ||
} | ||
|
||
@Test | ||
public void checkRuntimeKeyNamesForEnvPattern() { | ||
checkKeysWithPredicate(namesFromThisRuntimeEnvironment, "env", ENV_PATTERN.asMatchPredicate()); | ||
} | ||
|
||
@Test | ||
public void checkInterestingNamesForEnvbcPattern() { | ||
checkKeysWithPredicate(interestingEnvKeyNames, "envbc", ENVBC_PATTERN.asMatchPredicate()); | ||
} | ||
|
||
@Test | ||
public void checkInterestingNamesForEnvBase64Pattern() { | ||
checkKeysWithPredicate(interestingEnvKeyNames, "envbase64", ENVBASE64_PATTERN.asMatchPredicate()); | ||
} | ||
|
||
private void checkKeysWithPredicate(Collection<String> keys, String predicateName, Predicate<String> predicate) { | ||
keys.forEach(envKeyName -> { | ||
final String prefixWithKeyName = "${" + predicateName + "." + envKeyName; | ||
|
||
final String baseKeyName = prefixWithKeyName + "}"; | ||
assertThat("Testing " + envKeyName + ", " + baseKeyName, | ||
predicate.test(baseKeyName), | ||
equalTo(true)); | ||
|
||
final String baseKeyNameWithDefault = prefixWithKeyName + ":-tTt}"; | ||
assertThat("Testing " + envKeyName + " with defaultValue, " + baseKeyNameWithDefault, | ||
predicate.test(baseKeyNameWithDefault), | ||
equalTo(true)); | ||
}); | ||
} | ||
} |