Sync org.opensearch:protobufs version with core

[karenyrx]

Description

The current situation is that if the protobufs version is updated in core, a manual PR has to be submitted to this repo to upgrade the protobufs version as well.

With this PR, as long as a breaking protobuf change is not made, then the security builds will succeed, and always be kept up to date with core.

Protobufs version from core is defined here.

Issues Resolved

[List any issues this PR will resolve]

Is this a backport? If so, please add backport PR # and/or commits #, and remove backport-failed label from the original PR.

Do these changes introduce new permission(s) to be displayed in the static dropdown on the front-end? If so, please open a draft PR in the security dashboards plugin and link the draft PR here

Testing

[Please provide details of testing done: unit testing, integration testing and manual testing]

Check List

• New functionality includes testing
• New functionality has been documented
• New Roles/Permissions have a corresponding security dashboards plugin PR
• API changes companion pull request created
• Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[karenyrx]

cc @finnegancarroll @cwperks could you help take a look?

[finnegancarroll]

In the case where there's a naming change could it be breaking to automatically update the protobuf version within plugins? The previous version could be wire compatible but conversion logic would fail within security plugin tests maybe?

I've been thinking about keeping compatibility with plugins stable in relation to this issue and was thinking some basic test utilities could be housed in the SPI or a separate test framework package such that we can automatically consume breaking changes from core.

[karenyrx]

I agree with your proposal long term. In the short term, I'm thinking, we shouldn't have to open up a separate PR to update the protobuf version if there are no breaking changes (thus this PR). In the future we also shouldn't be making frequent breaking protobuf changes either as the feature becomes more stable.

[karenyrx]

Note that https://github.com/opensearch-project/OpenSearch/pull/19447/files was just merged which bumped the protobufs version to 0.18.0 in core. If this PR is not merged, then at the very least we should open one up for a manual bump from 0.13.0->0.18.0 for this repo.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 72.97%. Comparing base (42aa382) to head (fae6f8b).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5659      +/-   ##
==========================================
+ Coverage   72.95%   72.97%   +0.02%     
==========================================
  Files         414      414              
  Lines       25867    25869       +2     
  Branches     3934     3934              
==========================================
+ Hits        18870    18879       +9     
+ Misses       5085     5080       -5     
+ Partials     1912     1910       -2     

see 10 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.