I observed a [test failure][1] that I believe was caused by the fact
that an OpenSearch server happened to be running at localhost:9200 when
these unit tests were executed. The code under test has logic to try to
connect to localhost:9200 and then fall back to defaults if that port is
not open. The tests expect these defaults and will fail if different
data is returned. The change here is to use a non-default port to make
it very unlikely that a real instance will be running at the non-default
port. I don't know why an OpenSearch service happened to be running
during the linked test failure, but I think making these unit tests more
independent and isolated is helpful no matter the underlying cause in
this case.
[1]: https://fork-jenkins.searchservices.aws.dev/job/OpenSearch_CI/job/PR_Checks/job/Gradle_Check/975/artifact/gradle_check_975.log/*view*/
Signed-off-by: Andrew Ross <andrross@amazon.com>
* Allow building on FreeBSD
With this set of change, we are able to successfuly run:
```
./gradlew publishToMavenLocal -Dbuild.snapshot=false
```
This step is used in the OpenSearch repository context when building
plugins in the current state of the CI.
While here, reorder OS conditions alphabetically.
Before building, the openjdk14 package was installed and the environment
was adjusted to use it:
```
sudo pkg install openjdk14
export JAVA_HOME=/usr/local/openjdk14/
export PATH=$JAVA_HOME/bin:$PATH
```
Signed-off-by: Romain Tartière <romain@blogreen.org>
* Unbreak CI with FreeBSD support
Signed-off-by: dblock <dblock@dblock.org>
Co-authored-by: dblock <dblock@dblock.org>
* Modernize and consolidate JDKs usage across all stages of the build. Use JDK-17 as bundled JDK distribution to run tests
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
* Using -Djava.security.egd=file:/dev/urandom explicitly for cli tests
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
The public key has changed since the initial release. This commit fixes the
public key and uses the .sig files that are published to the artifacts site.
Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
Lucene 9 removes support for SimpleFS File System format. This commit deprecates
the SimpleFS format in favor of NIOFS.
Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
Add validation to check for official plugins during the plugins installation task for the upgrade tool.
Signed-off-by: Vacha Shah <vachshah@amazon.com>
Replace the docs links In scripts bin/opensearch-env and config/jvm.options, with OpenSearch docs links.
Signed-off-by: Poojita-Raj <poojiraj@amazon.com>
distribution/bin/opensearch-env always sources the environment from the default environment file /etc/default/opensearch. This is an issue if we want to run multiple instances of OpenSearch on the same host. This change lets users override the default behavior by not sourcing the default environment file in case OPENSEARCH_PATH_CONF is set.
Signed-off-by: Xue Zhou <xuezhou@amazon.com>
Currently, the permissions for opensearch logs are -rw-r-r-, which gives read access to anyone. This weak permission
structure can lead to leakage of any sensitive information (if published) in the logs. This commit restricts read
access with -rw-r--- permission.
Signed-off-by: Himanshu Setia <setiah@amazon.com>
This change adds the initial version of a new CLI tool `opensearch-upgrade` as part of the OpenSearch distribution. This tool is meant for assisting during an upgrade from an existing Elasticsearch v7.10.2/v6.8.0 node to OpenSearch. It automates the process of importing existing configurations and installing of core plugins.
Signed-off-by: Rabi Panda <adnapibar@gmail.com>
* Lower build requirement from Java 14+ to Java 11+
Avoid use of -Werror -Xlint:all, which may change significantly across
java releases (new warnings could be added). Instead, just list the
warnings individually.
Workaround JDK 11 compiler bug (JDK-8209058) that only impacts test fixture
code in the build itself.
Signed-off-by: Robert Muir <rmuir@apache.org>
* Disable warning around -source 7 -release 7 for java version checker
The java version checker triggers some default warnings because it
targets java7:
```
> Task :distribution:tools:java-version-checker:compileJava FAILED
warning: [options] source value 7 is obsolete and will be removed in a future release
warning: [options] target value 7 is obsolete and will be removed in a future release
warning: [options] To suppress warnings about obsolete options, use -Xlint:-options.
error: warnings found and -Werror specified
```
Suppress this warning explicitly for this module.
Signed-off-by: Robert Muir <rmuir@apache.org>
* more java14 -> java11 cleanup
Signed-off-by: Robert Muir <rmuir@apache.org>
Co-authored-by: Robert Muir <rmuir@apache.org>
with Elasticsearch there were two flavours of the docker build: one for
the OSS build and one with X-Pack. accordingly, there were two
`log4j2.properties` files for the two cases and the `build.gradle`
picked up the correct one depending on the build.
commit 83e87f7e54 removed all non-OSS functionality from the build but
with that it also removed the logic which so far copied over the OSS
version of `log4j2.properties`.
what the diff doesn't show properly here is that `log4j2.properties` has
been deleted and `oss/log4j2.properties` has been moved into its place
without any changes to it.
this fixes#868
Signed-off-by: Ralph Ursprung <Ralph.Ursprung@avaloq.com>
OpenSearch uses plugins to add new features. A plugin can be included in the distribution by default (as part of *modules* directory) or can be installed optionally from a plugin repository.
This change provides a separate space called *sandbox* inside OpenSearch for the community to easily experiment new ideas and innovate. Ideally, this is where an experimental feature will reside before it can be promoted to the *modules* directory. All the plugins in this module will only be included in the **snapshot distributions**. During assembling distributions, we will check if the following two conditions are met to include the sandbox modules,
* the distribution is a snapshot i.e. the build system property `build.snapshot` is set to true. We use this because it will prevent accidental bundling of these modules in a release distribution.
* the `enable.sandbox` system property is set to true. By default it is set to true. The purpose of adding this extra flag is that we can exclude the modules from snapshots if needed. For example, we may want to run performance tests on snapshots without the sandbox modules.
Signed-off-by: Rabi Panda <adnapibar@gmail.com>
* Adds a gradle plugin to validate missing javadocs
Use `./gradlew missingJavadoc` to validate missing javadocs.
Currently this task fails because several modules are missing
appropriate javadocs. Once added, this should pass.
Also, precommit PomValidation check currently fails with missing Javadoc
plugin, that needs to be fixed -
https://github.com/opensearch-project/OpenSearch/issues/449
Thus keeping this in a separate feature branch.
Signed-off-by: Himanshu Setia <setiah@amazon.com>
* Fix Javadoc errors in module `client/rest` (#685)
* Fix Javadoc errors in client/rest module
Signed-off-by: Gregor Zurowski <gregor@zurowski.org>
* Add package info file in client/rest module
Signed-off-by: Gregor Zurowski <gregor@zurowski.org>
* Fix typos
Signed-off-by: Gregor Zurowski <gregor@zurowski.org>
* Add exception documentation to Javadoc
Signed-off-by: Gregor Zurowski <gregor@zurowski.org>
* Fixes precommit task configuration failures due to newly added missin… (#707)
* Fixes precommit task configuration failures due to newly added missingJavadoc task
Signed-off-by: Himanshu Setia <setiah@amazon.com>
* Fixes javadoc task errors due to PR#685
Signed-off-by: Himanshu Setia <setiah@amazon.com>
* Updated CONTRIBUTING.md for info on javadocs
Signed-off-by: Himanshu Setia <setiah@amazon.com>
* Correcting licenses and naming
Signed-off-by: Himanshu Setia <setiah@amazon.com>
* Correcting version info
Signed-off-by: Himanshu Setia <setiah@amazon.com>
Co-authored-by: Gregor Zurowski <gregor@zurowski.org>
Changes to fix the failing OpenSearch distribution tests for packages (linux-archive, linux-archive-aarch64, debian, rpm, docker) on supported linux distros.
Signed-off-by: Rabi Panda <adnapibar@gmail.com>
Debian packages are formatted with the following filename structure:
name_[epoch:]version-release_arch.deb
Make generated Debian packages follow this convention.
Signed-off-by: Neal Gompa <ngompa13@gmail.com>
This commit removes the 'oss' string which was a remnant of the predecessor distribution flavors. As OpenSearch has no flavors for distributions, we are removing this tag from all the distribution names.
Signed-off-by: Rabi Panda <adnapibar@gmail.com>
This commit rebases the versioning to OpenSearch 1.0.0
Co-authored-by: Rabi Panda <adnapibar@gmail.com>
Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
While creating the archives and packages, the build tries to copy the non-existent file `README.asciidoc` instead of `README.md`. Consequently, the packaging tests fail during verification time. This commit addresses the issue by fixing the name.
Signed-off-by: Rabi Panda <adnapibar@gmail.com>
This commit adds the SPDX license header and modifications copyright to security
policy files.
Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
This commit updates the public_key.asc for verifying the signature of plugins in
the InstallPluginCommand utility. The key details are as follows:
e-mail: opensearch-infra@amazon.com
key id: 0934A65836A51424
Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
This commit adds the SPDX Apache-2.0 license header along with an additional
copyright header for all modifications.
Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
This commit removes the references for the `default` docker distributions which were originally part of the different flavors of distributions. This also fixes some of the failing docker compose tests under `qa`.
Signed-off-by: Rabi Panda <adnapibar@gmail.com>
The opensearch-keystore tool is currently failing to load and update older versions keystores created using the elasticsearch-keystore tool. This results in couple of failing tests for bwc and upgrade of the older versions of keystore files.
This commit mutes these two tests until we make a decision on the minimum supported version.
Signed-off-by: Rabi Panda <adnapibar@gmail.com>