From 6ce045e106a25b73440e7fbaa10b93508427e315 Mon Sep 17 00:00:00 2001 From: Sai Kumar Date: Mon, 21 Feb 2022 11:34:31 +0530 Subject: [PATCH] Updated security CI workflow to build security plugin via Gradle Signed-off-by: Sai Kumar --- .github/workflows/security-tests.yml | 6 +++--- CONTRIBUTING.md | 28 +++++++++++++++++++++------- 2 files changed, 24 insertions(+), 10 deletions(-) diff --git a/.github/workflows/security-tests.yml b/.github/workflows/security-tests.yml index 709e133fb..25bc46664 100644 --- a/.github/workflows/security-tests.yml +++ b/.github/workflows/security-tests.yml @@ -11,7 +11,7 @@ on: jobs: build: # Job name - name: Build Replication plugin + name: Build and Run Security tests runs-on: ubuntu-latest steps: # This step uses the setup-java Github action: https://github.com/actions/setup-java @@ -32,8 +32,8 @@ jobs: - name: Build security working-directory: ./security run: | - mvn clean package -Padvanced -DskipTests - cp target/releases/opensearch-security-*-SNAPSHOT.zip ../src/test/resources/security/plugin/ + ./gradlew clean assemble + cp build/distributions/opensearch-security-*-SNAPSHOT.zip ../src/test/resources/security/plugin/ - name: Build and run Replication tests run: | ls -al src/test/resources/security/plugin diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 7b31b0784..a1b9935a1 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -8,6 +8,7 @@ - [Developer Certificate of Origin](#developer-certificate-of-origin) - [License Headers](#license-headers) - [Backports](#backports) +- [Security tests](#security-tests) - [Review Process](#review-process) ## Contributing to OpenSearch @@ -105,13 +106,6 @@ Test suite covers following 3 scenarios: New files in your code contributions should contain the following license header. If you are modifying existing files with license headers, or including new files that already have license headers, do not remove or modify them without guidance. -## Backports - -The Github workflow in [`backport.yml`](.github/workflows/backport.yml) creates backport PRs automatically when the -original PR with an appropriate label `backport ` is merged to main with the backport workflow -run successfully on the PR. For example, if a PR on main needs to be backported to `1.x` branch, add a label -`backport 1.x` to the PR and make sure the backport workflow runs on the PR along with other checks. Once this PR is -merged to main, the workflow will create a backport PR to the `1.x` branch. ### Kotlin @@ -137,6 +131,26 @@ merged to main, the workflow will create a backport PR to the `1.x` branch. # SPDX-License-Identifier: Apache-2.0 ``` +## Backports + +The Github workflow in [`backport.yml`](.github/workflows/backport.yml) creates backport PRs automatically when the +original PR with an appropriate label `backport ` is merged to main with the backport workflow +run successfully on the PR. For example, if a PR on main needs to be backported to `1.x` branch, add a label +`backport 1.x` to the PR and make sure the backport workflow runs on the PR along with other checks. Once this PR is +merged to main, the workflow will create a backport PR to the `1.x` branch. + +## Security tests + +To run security tests locally, +``` +git clone https://github.com/opensearch-project/security.git +cd security +./gradlew clean assemble +# REPLICATION_DIR - root dir of cross-cluster-replication repo +cp build/distributions/opensearch-security-1.3.0.0-SNAPSHOT.zip $REPLICATION_DIR/src/test/resources/security/plugin/ +./gradlew clean release -Psecurity=true +``` + ## Review Process We deeply appreciate everyone who takes the time to make a contribution. We will review all contributions as quickly as possible. As a reminder, [opening an issue](issues/new/choose) discussing your change before you make it is the best way to smooth the PR process. This will prevent a rejection because someone else is already working on the problem, or because the solution is incompatible with the architectural direction.