|
| 1 | +name: Docker Security Test Workflow |
| 2 | +on: |
| 3 | + pull_request: |
| 4 | + branches: |
| 5 | + - "*" |
| 6 | + push: |
| 7 | + branches: |
| 8 | + - "*" |
| 9 | + |
| 10 | +jobs: |
| 11 | + test: |
| 12 | + # This job runs on Linux |
| 13 | + runs-on: ubuntu-latest |
| 14 | + steps: |
| 15 | + - name: Set Up JDK |
| 16 | + uses: actions/setup-java@v1 |
| 17 | + with: |
| 18 | + java-version: 17 |
| 19 | + - name: Checkout Branch |
| 20 | + uses: actions/checkout@v2 |
| 21 | + - name: Build Index Management |
| 22 | + run: ./gradlew assemble -Dbuild.snapshot=false |
| 23 | + - name: Pull and Run Docker |
| 24 | + run: | |
| 25 | + plugin=`basename $(ls build/distributions/*.zip)` |
| 26 | + list_of_files=`ls` |
| 27 | + list_of_all_files=`ls build/distributions/` |
| 28 | + version=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-3` |
| 29 | + plugin_version=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-4` |
| 30 | + qualifier=`echo $plugin|awk -F- '{print $4}'| cut -d. -f 1-1` |
| 31 | + candidate_version=`echo $plugin|awk -F- '{print $5}'| cut -d. -f 1-1` |
| 32 | + if qualifier |
| 33 | + then |
| 34 | + docker_version=$version-$qualifier |
| 35 | + else |
| 36 | + docker_version=$version |
| 37 | + fi |
| 38 | +
|
| 39 | + [[ -z $candidate_version ]] && candidate_version=$qualifier && qualifier="" |
| 40 | +
|
| 41 | + echo plugin version plugin_version qualifier candidate_version docker_version |
| 42 | + echo "($plugin) ($version) ($plugin_version) ($qualifier) ($candidate_version) ($docker_version)" |
| 43 | + echo $ls $list_of_all_files |
| 44 | +
|
| 45 | + if docker pull opensearchstaging/opensearch:$docker_version |
| 46 | + then |
| 47 | + echo "FROM opensearchstaging/opensearch:$docker_version" >> Dockerfile |
| 48 | + echo "RUN if [ -d /usr/share/opensearch/plugins/opensearch-index-management ]; then /usr/share/opensearch/bin/opensearch-plugin remove opensearch-index-management; fi" >> Dockerfile |
| 49 | + echo "ADD build/distributions/$plugin /tmp/" >> Dockerfile |
| 50 | + echo "RUN /usr/share/opensearch/bin/opensearch-plugin install --batch file:/tmp/$plugin" >> Dockerfile |
| 51 | + echo "RUN echo 'path.repo: ["/usr/share/opensearch/data/repo"]' >> /usr/share/opensearch/config/opensearch.yml" >> Dockerfile |
| 52 | +
|
| 53 | + docker build -t opensearch-index-management:test . |
| 54 | + echo "imagePresent=true" >> $GITHUB_ENV |
| 55 | + else |
| 56 | + echo "imagePresent=false" >> $GITHUB_ENV |
| 57 | + fi |
| 58 | + - name: Run Docker Image |
| 59 | + if: env.imagePresent == 'true' |
| 60 | + run: | |
| 61 | + cd .. |
| 62 | + docker run -p 9200:9200 -d -p 9600:9600 -e "discovery.type=single-node" opensearch-index-management:test |
| 63 | + sleep 120 |
| 64 | + - name: Run Index Management Test for security enabled test cases |
| 65 | + if: env.imagePresent == 'true' |
| 66 | + run: | |
| 67 | + cluster_running=`curl -XGET https://localhost:9200/_cat/plugins -u admin:admin --insecure` |
| 68 | + echo $cluster_running |
| 69 | + security=`curl -XGET https://localhost:9200/_cat/plugins -u admin:admin --insecure |grep opensearch-security|wc -l` |
| 70 | + echo $security |
| 71 | + if [ $security -gt 0 ] |
| 72 | + then |
| 73 | + echo "Security plugin is available" |
| 74 | + ./gradlew integTest -Dtests.rest.cluster=localhost:9200 -Dtests.cluster=localhost:9200 -Dtests.clustername=docker-cluster -Dsecurity=true -Dhttps=true -Duser=admin -Dpassword=admin |
| 75 | + else |
| 76 | + echo "Security plugin is NOT available skipping this run as tests without security have already been run" |
| 77 | + fi |
| 78 | + - name: Upload failed logs |
| 79 | + uses: actions/upload-artifact@v2 |
| 80 | + if: failure() |
| 81 | + with: |
| 82 | + name: logs |
| 83 | + path: build/testclusters/integTest-*/logs/* |
0 commit comments