Commit Graph

54911 Commits

Author SHA1 Message Date
Rabi Panda 50abf6d066
[CVE] Upgrade dependencies to mitigate CVEs (#657)
This PR upgrade the following dependencies to fix CVEs.

- commons-codec:1.12 (->1.13) apache/commons-codec@48b6157
- ant:1.10.8 (->1.10.9) https://ant.apache.org/security.html
- jackson-databind:2.10.4 (->2.11.0) FasterXML/jackson-databind#2589
- jackson-dataformat-cbor:2.10.4 (->2.11.0) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28491
- apache-httpclient:4.5.10 (->4.5.13) https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-13956
- checkstyle:8.20 (->8.29) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10782
- junit:4.12 (->4.13.1) https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp
- netty:4.1.49.Final (->4.1.59) https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-05-18 11:37:24 -07:00
Harmish 6732239f1c
Add read_only block argument to opensearch-node unsafe-bootstrap command (#599)
* apply user defined cluster wide read only block after unsafe bootstrap command

Signed-off-by: Harmish Lakhani <harmish.lakhani@gmail.com>
2021-05-18 10:15:37 -04:00
Ketan Verma ce12097095
Support Data Streams in OpenSearch (#690)
This commit adds support for data streams by adding a DataStreamFieldMapper, and making timestamp 
field name configurable. Backwards compatibility is supported.

Signed-off-by: Ketan Verma <ketan9495@gmail.com>
2021-05-17 09:09:25 -05:00
Rabi Panda c2e816ecf6
[TEST] Fix failing distro tests for linux packages (#569)
Changes to fix the failing OpenSearch distribution tests for packages (linux-archive, linux-archive-aarch64, debian, rpm, docker) on supported linux distros. 

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-05-15 21:45:48 -07:00
Neal Gompa (ニール・ゴンパ) 4d88210c12
distribution/packages: Fix filename format for deb archives (#621)
Debian packages are formatted with the following filename structure:

name_[epoch:]version-release_arch.deb

Make generated Debian packages follow this convention.

Signed-off-by: Neal Gompa <ngompa13@gmail.com>
2021-05-13 15:14:02 -07:00
Rabi Panda 943c778a7f
[CVE-2018-11765] Upgrade hadoop dependencies for hdfs plugin (#654)
Hadoop 2.8.5 has been reported to have CVEs (https://bugzilla.redhat.com/show_bug.cgi?id=1883549). We need to upgrade this to 2.10.1. This also updates the hadoop-minicluster version to 2.10.1 as well. This upgrade also brings in two additional dependencies, woodstox-core and stax2-api that are added along with the sha1s, licenses and notices.

Also upgrade guava to the latest as per the CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-05-13 14:56:47 -07:00
Rabi Panda 6550e099b3
[CVE-2020-7692] Upgrade google-oauth clients for goolge cloud plugins (#662)
For discovery-gce and repository-gcs plugins update the google-oauth-client library to version 1.31.0. See CVE details at https://nvd.nist.gov/vuln/detail/CVE-2020-7692

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-05-13 12:19:57 -07:00
Sarat Vemulapalli 053b793695
Updating README and CONTRIBUTING guide to get ready for beta1 release. (#672)
* Updating README and CONTRIBUTING guide to get ready for beta1 release.

Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com>

* Addressing comments.

Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com>
2021-05-13 10:23:27 -07:00
Rabi Panda 5aab081cc6
Update instructions on debugging OpenSearch. (#689)
Add clear instructions on how to run OpenSearch with debugging mode in IntelliJ. 
Fixed a few minor typos and grammars.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-05-12 09:13:08 -07:00
Rabi Panda 0e180f4703
Update dependencies for ingest-attachment plugin. (#666)
This PR resolves the CVEs for dependencies in the ingest-attachment plugin.

tika : '1.24' -> '1.24.1' (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9489)
pdfbox : '2.0.19' -> '2.0.23' (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27807)
commons-io:commons-io : '2.6' -> '2.7' (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425)

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-05-11 10:40:33 -07:00
Daniel Doubrovkine (dB.) 58f9aaccb0
Catch runtime exceptions to make class loader race conditions easier to debug. (#608)
Signed-off-by: dblock <dblock@amazon.com>
2021-05-10 15:21:33 -04:00
Vacha 2581f3d450
Update issue template with multiple labels (#668)
Signed-off-by: Vacha Shah <vachshah@amazon.com>

Co-authored-by: Vacha Shah <vachshah@amazon.com>
2021-05-07 11:16:35 -07:00
Sooraj Sinha a8b8a96036
Remove URL content from Reindex error response (#630)
Signed-off-by: Sooraj Sinha <soosinha@amazon.com>
2021-05-07 07:33:16 -07:00
Daniel Doubrovkine (dB.) 61f4c7d5a4
Standardize int, long, double and float Setting constructors. (#665) 2021-05-06 17:17:11 -04:00
Sooraj Sinha 181ee8a211
Add Remote Reindex SPI extension (#547)
This change extends the remote reindex SPI to allow adding a custom interceptor.
This interceptor can be plugged in to perform any processing on the request or response.

Signed-off-by: Sooraj Sinha <soosinha@amazon.com>
2021-05-06 09:38:25 -07:00
Daniel Doubrovkine (dB.) 2cf40be8ce
Fix #649: Properly escape @ in JavaDoc. (#651)
Signed-off-by: dblock <dblock@amazon.com>
2021-05-05 16:39:49 -04:00
arunabh23 41e0ff9d6d
Make default number of shards configurable (#625)
* Make default number of shards configurable

The default number of primary shards for a new index, when the number of shards are not provided in the request, can be configured for the cluster.

Signed-off-by: Arunabh Singh <arunabs@amazon.com>

* Address PR comments

Signed-off-by: Arunabh Singh <arunabs@amazon.com>

Co-authored-by: Arunabh Singh <arunabs@amazon.com>
2021-05-05 12:23:49 -07:00
Daniel Doubrovkine (dB.) 6d1e6a0720
Converted all .asciidoc to .md. (#658)
Signed-off-by: dblock <dblock@amazon.com>
2021-05-05 15:04:14 -04:00
Daniel Doubrovkine (dB.) d9cb7daa65
Make -Dtests.output=always actually work. (#648)
Signed-off-by: dblock <dblock@amazon.com>
2021-05-04 19:45:04 -04:00
Rabi Panda 67460c7804
Update hadoop-minicluster version for test fixture. (#645)
The `hadoop-minicluster:2.8.5` which is used for integration tests, has dependencies which have been flagged for having security vulnerabilities. Update this to the latest version `3.3.0`

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-05-04 10:48:43 -07:00
amitai stern ca9fb6d302
Fix snapshot deletion task getting stuck in the event of exceptions (#629)
Changes the behavior of the recursive deletion function `executeOneStaleIndexDelete()` stop
condition to be when the queue of `staleIndicesToDelete` is empty -- also in the error flow.
Otherwise the GroupedActionListener never responds and in the event of a few exceptions the
deletion task gets stuck.
Alters the test case to fail to delete in bulk many snapshots at the first attempt, and then
the next successful deletion also takes care of the previously failed attempt as the test
originally intended.
SNAPSHOT threadpool is at most 5. So in the event we get more than 5 exceptions there are no
more threads to handle the deletion task and there is still one more snapshot to delete in the
queue. Thus, in the test I made the number of extra snapshots be one more than the max in the
SNAPSHOT threadpool.

Signed-off-by: AmiStrn <amitai.stern@logz.io>
2021-05-04 08:44:15 -05:00
Dawn Foster b4dad22348
Added a link to the maintainer file in contribution guides (#589) 2021-05-03 16:48:38 -04:00
Meet Shah 6cc989c548
Handle inefficiencies while fetching the delayed unassigned shards during cluster health (#588)
Signed-off-by: Meet Shah <meetshsh@gmail.com>
2021-04-29 09:19:25 -07:00
Daniel Doubrovkine (dB.) d09249c627
[WIP] Developer guide updates (#595)
* Add detail on how to install Java.

Signed-off-by: dblock <dblock@amazon.com>

* There's no password requirement for the instance.

Signed-off-by: dblock <dblock@amazon.com>

* Explain how to listen on an external IP.

Signed-off-by: dblock <dblock@amazon.com>
2021-04-28 09:39:23 -04:00
Abbas Hussain eacd7324d0
Replace elastic.co with opensearch.org (#611)
Signed-off-by: Abbas Hussain <abbas_10690@yahoo.com>
2021-04-27 21:45:12 -05:00
Robert Muir 13aa169896
Speedup lang-painless tests (#605)
Painless tests would previously create script engine for every single test method.
Now the tests that need to tweak script engine settings create a class
level fixture (BeforeClass/AfterClass) that is used across all the test
methods in that suite.

RegexLimitTests was split into two suites (limit=1 and limit=2) rather
than dynamically applying different settings.

C2 compiler is no longer needed for tests to be fast, instead tests run
faster with C1 only as expected, like the rest of the unit tests.

Signed-off-by: Robert Muir <rmuir@apache.org>
2021-04-27 13:36:19 -05:00
piyush 7ccb714045
Speedup snapshot stale indices delete (#613)
Instead of snapshot delete of stale indices being a single threaded operation this commit makes 
it a multithreaded operation and delete multiple stale indices in parallel using SNAPSHOT 
threadpool's workers.

Signed-off-by: Piyush Daftary <piyush.besu@gmail.com>
2021-04-27 13:28:35 -05:00
Sarat Vemulapalli 0e9f74e35f
Renaming CPU architecture to have consistent naming (#612)
* Renaming CPU architecture from x86_64, aarch64 to x64, arm64

Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com>
2021-04-26 09:40:09 -07:00
Nick Knize c5a3c3cb41
Update lucene version to 8.8.2 (#557)
This commit updates the codebase to the latest released version of Lucene.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2021-04-23 09:48:41 -05:00
Rabi Panda 821c44c440
Fix failing test caused by versioning change. (#598)
The change in 0ba0e7cc, introduced the issue where randomly selecting an incompatible version fails the test. It caused the filtering logic to incorrectly identify all ES 7.*.* versions as bad versions for joining which should not be the case.

Additionally, split the test into two separate tests where earlier only one of them was run at random.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-04-23 07:31:41 -07:00
Nick Knize 6e04778d0c
[Versioning] Fix Version.fromString logic for legacy version (#604)
This commit fixes the Version.fromString logic to identify legacy versions. It
also adds an optional "distribution" field to the MainRespose for OpenSearch
version 1.0.0+. Any preceeding versions that do not contain the distribution
label will be handeled as legacy versions appropriately.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2021-04-22 23:04:44 -05:00
Rabi Panda 3fede8be3c
Rename the distribution used in test clusters. (#603)
For test clusters, we are using the archive(zip, tar), so we rename the distribution accordingly.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-04-22 14:21:32 -07:00
Sarat Vemulapalli 9701b226d8
Updating the Ivy repository to point to real url for Releases (#602)
Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com>
2021-04-22 10:22:50 -07:00
Tom "spot" Callaway b8f9469cc9
clean up rpm artifact naming (#590)
Signed-off-by: Tom spot Callaway <spotaws@amazon.com>
2021-04-21 11:45:53 -07:00
Daniel Doubrovkine (dB.) 97698e082c
Cleaned up developer guide, added TOC. (#572)
Signed-off-by: dblock <dblock@amazon.com>
2021-04-21 09:39:31 -07:00
Abbas Hussain 9d73fecbe7
Remove all elastic.co references from javadocs (#586)
Signed-off-by: Abbas Hussain <abbas_10690@yahoo.com>
2021-04-21 10:41:14 +05:30
Rabi Panda 163a51fc5a
Remove the oss string from OpenSearch distributions (#575)
This commit removes the 'oss' string which was a remnant of the predecessor distribution flavors. As OpenSearch has no flavors for distributions, we are removing this tag from all the distribution names.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-04-20 09:27:40 -07:00
Robert Muir 5474e8d094
Speed ups to test suite and precommit tasks. (#580)
Use C1 compiler only for short-lived tasks and unit test execution. Tone
down some of the slowest unit tests.

Signed-off-by: Robert Muir <rmuir@apache.org>
2021-04-20 09:02:45 -05:00
Tyler Ohlsen feb435aeff
Fix DCO CLI example in CONTRIBUTING.md (#576)
Signed-off-by: Tyler Ohlsen <ohltyler@amazon.com>
2021-04-19 14:15:55 -07:00
Nick Knize 0ba0e7cc26
[Versioning] Rebase to OpenSearch version 1.0.0 (#555)
This commit rebases the versioning to OpenSearch 1.0.0

Co-authored-by: Rabi Panda <adnapibar@gmail.com>

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2021-04-15 17:06:47 -05:00
Nick Knize 4dde0f2a3b
[DOCKER] add apt update to test fixture krb5kdc (#565)
* [DOCKER] add apt update to test fixture krb5kdc

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2021-04-15 16:06:21 -05:00
Robert Muir bdb7aade9a
TEST BUG: MergeSchedulerSettingsTests fails always on small machines (#559)
MergeSchedulerSettingsTests tweaks the `node.processors` setting: sets it
explicitly to values of `2` and `8`. On a machine with only `4` threads
(e.g. my 2-core thinkpad), the test fails, because it creates unexpected
warnings about `node.processors` being set higher than the number of
cpus.

The problem can be reproduced always, by pretending to be single core:
```
./gradlew ':server:test' --tests "org.opensearch.index.MergeSchedulerSettingsTests.testMaxThreadAndMergeCount" -Dtests.jvm.argline="-XX:ActiveProcessorCount=1"
```

Instead, allow the test to provoke these specific warnings.

Signed-off-by: Robert Muir <rmuir@apache.org>
2021-04-15 13:57:57 -05:00
Robert Muir 6aa3675e9d
Prevent setting maxParallelForks=0 on single-cpu machines (#558)
The maxParallelForks is currently numJavaCpus / 2, but this evaluates to
zero (illegal value) if numJavaCpus is 1 and breaks the build.

Remove large chunk of complex dead code above this calculation, as it is
always overwritten by the simple calculation anyway.

Closes #554

Signed-off-by: Robert Muir <rmuir@apache.org>
2021-04-14 19:17:58 -07:00
Rabi Panda 0a66f9ace1
[TEST] Fix failing packaging tests for OpenSearch distributions. (#541)
While creating the archives and packages, the build tries to copy the non-existent file `README.asciidoc` instead of `README.md`. Consequently, the packaging tests fail during verification time. This commit addresses the issue by fixing the name.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-04-14 07:02:25 -07:00
Jonah Kowall ff02542c8b
Update README with getting started (#549)
Update README with getting started instructions

Signed-off-by: Jonah Kowall <jkowall@kowall.net>
2021-04-14 08:19:50 -05:00
Nick Knize ee6d15e26a
[License] Add SPDX License Header to security policies (#531)
This commit adds the SPDX license header and modifications copyright to security
policy files.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2021-04-12 22:59:36 -05:00
Dawn Foster 3563b72c7e
Added a maintainers file (#523)
based on the maintainers list that CEHENKLE posted in the forums here: https://discuss.opendistrocommunity.dev/t/preparing-opensearch-and-opensearch-dashboards-for-release/5567 

Signed-off-by: Dawn M. Foster <fosterd@vmware.com>
2021-04-12 19:41:03 -07:00
Kyle Conroy d7926100d4
Remove extra greater-thans from README (#527)
Signed-off-by: Kyle Conroy <kyle@conroy.org>
2021-04-12 16:20:11 -05:00
Manivannan Giridharan 05167b1621
Update Developers Guide. (#522)
Fixes Git Clone Link

Signed-off-by: Giridharan Manivannan <giridar123@gmail.com>
2021-04-12 11:31:24 -07:00
CEHENKLE 9a0050c454 changed to point to open issues rather than the project board
Signed-off-by: CEHENKLE <henkle@amazon.com>
2021-04-11 11:09:03 -07:00