@@ -7,94 +7,51 @@ name: Security Test and Build Notifications
77
88on : [push, pull_request]
99
10- env :
11- ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION : true
12-
1310jobs :
14- build :
11+ Get-CI-Image-Tag :
12+ uses : opensearch-project/opensearch-build/.github/workflows/get-ci-image-tag.yml@main
13+ with :
14+ product : opensearch
15+
16+ build-linux :
1517 strategy :
16- # This setting says that all jobs should finish, even if one fails
17- fail-fast : false
1818 matrix :
19- java : [21, 23]
20- os :
21- - ubuntu-24.04-arm # arm64-preview
22- - ubuntu-24.04 # x64
23-
24- runs-on : ${{ matrix.os }}
25-
19+ java : [ 21 ]
20+ needs : Get-CI-Image-Tag
21+ # This job runs on Linux
22+ runs-on : ubuntu-latest
23+ container :
24+ # using the same image which is used by opensearch-build team to build the OpenSearch Distribution
25+ # this image tag is subject to change as more dependencies and updates will arrive over time
26+ image : ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
27+ options : ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-options }}
28+
29+ name : Build and test Notifications with security-enabled
2630 steps :
27- - name : Set up JDK ${{ matrix.java }}
31+ - name : Run start commands
32+ run : ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-command }}
33+
34+ # This step uses the setup-java Github action: https://github.com/actions/setup-java
35+ - name : Set Up JDK ${{ matrix.java }}
2836 uses : actions/setup-java@v4
2937 with :
3038 distribution : temurin # Temurin is a distribution of adoptium
3139 java-version : ${{ matrix.java }}
3240
33- # notifications
34- - name : Checkout Notifications
41+ # This step uses the checkout Github action: https://github.com/actions/checkout
42+ - name : Checkout Branch
3543 uses : actions/checkout@v4
3644
37- # Temporarily exclude tests which causing CI to fail. Tracking in #251
38- - name : Build with Gradle
39- # Only assembling since the full build is governed by other workflows
45+ - name : Run integration tests
4046 run : |
4147 cd notifications
42- ./gradlew assemble
43-
44- name : Pull and Run Docker
45- run : |
46- plugin_core=`basename $(ls notifications/core/build/distributions/*.zip)`
47- plugin=`basename $(ls notifications/notifications/build/distributions/*.zip)`
48- list_of_files=`ls`
49- list_of_all_files=`ls notifications/core/build/distributions/`
50- version=`echo $plugin|awk -F- '{print $3}'| cut -d. -f 1-3`
51- plugin_version=`echo $plugin|awk -F- '{print $3}'| cut -d. -f 1-4`
52- qualifier=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-1`
53- candidate_version=`echo $plugin|awk -F- '{print $5}'| cut -d. -f 1-1`
54- docker_version=$version
48+ chown -R 1000:1000 `pwd`
49+ su `id -un 1000` -c "./gradlew integTest -Dsecurity=true -Dhttps=true --tests '*IT'"
5550
56- [[ -z $candidate_version ]] && candidate_version=$qualifier && qualifier=""
57-
58- echo plugin version plugin_version qualifier candidate_version docker_version
59- echo "($plugin) ($version) ($plugin_version) ($qualifier) ($candidate_version) ($docker_version)"
60- echo $ls $list_of_all_files
61-
62- if docker pull opensearchstaging/opensearch:$docker_version
63- then
64- echo "FROM opensearchstaging/opensearch:$docker_version" >> Dockerfile
65- # Making the removal of the existing plugins in the docker image conditional in case this workflow is running before the new version of the plugins are published to the Docker image
66- echo "RUN if /usr/share/opensearch/bin/opensearch-plugin list | grep -q 'opensearch-notifications$'; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-notifications; fi" >> Dockerfile
67- echo "RUN if /usr/share/opensearch/bin/opensearch-plugin list | grep -q 'opensearch-notifications-core$'; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-notifications-core; fi" >> Dockerfile
68- echo "ADD notifications/core/build/distributions/$plugin_core /tmp/" >> Dockerfile
69- echo "RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/$plugin_core" >> Dockerfile
70- echo "ADD notifications/notifications/build/distributions/$plugin /tmp/" >> Dockerfile
71- echo "RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/$plugin" >> Dockerfile
72- docker build -t opensearch-notifications:test .
73- echo "imagePresent=true" >> $GITHUB_ENV
74- else
75- echo "imagePresent=false" >> $GITHUB_ENV
76- fi
77-
78- name : Run Docker Image
79- if : env.imagePresent == 'true'
80- run : |
81- cd ..
82- container_id=`docker run -p 9200:9200 -d -p 9600:9600 -e "OPENSEARCH_INITIAL_ADMIN_PASSWORD=myStrongPassword123!" -e "discovery.type=single-node" opensearch-notifications:test`
83- sleep 120
84- echo `docker logs $container_id`
85- name : Run Notification Test for security enabled test cases
86- if : env.imagePresent == 'true'
87- run : |
88- container_id=`docker ps -q`
89- plugins=`docker exec $container_id /usr/share/opensearch/bin/opensearch-plugin list`
90- echo "plugins: $plugins"
91- security=`echo $plugins | grep opensearch-security | wc -l`
92- if [ $security -gt 0 ]
93- then
94- echo "Security plugin is available"
95- cd notifications
96- ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername=docker-cluster -Dhttps=true -Duser=admin -Dpassword=myStrongPassword123!
97- else
98- echo "Security plugin is NOT available skipping this run as tests without security have already been run"
99- exit 1
100- fi
51+ name : Upload failed logs
52+ uses : actions/upload-artifact@v4
53+ if : failure()
54+ with :
55+ name : logs
56+ overwrite : ' true'
57+ path : build/testclusters/integTest-*/logs/*
0 commit comments