Skip to content

Run security-dashboards-plugin CI while security-dashboards-plugin is split into 2 separate plugins#7

Open
cwperks wants to merge 47 commits intomainfrom
admin-screens-only
Open

Run security-dashboards-plugin CI while security-dashboards-plugin is split into 2 separate plugins#7
cwperks wants to merge 47 commits intomainfrom
admin-screens-only

Conversation

@cwperks
Copy link
Copy Markdown
Owner

@cwperks cwperks commented May 22, 2024

Companion PR: https://github.com/cwperks/OpenSearch-Dashboards/pull/1/files

In this PR, the security-dashboards-plugin is installed twice for cypress testing.

  1. Session Management Only Mode - In the first instance, the security admin pages are removed and security-dashboards-plugin is in session management mode only. Session management mode is a mode that has log in and log out functionality as well as the ability to switch tenants, view user info and change the logged in user's password.
  2. Security Admin Pages - In the second instance, the security dashboards plugin operates as a shell and only adds the Security pages to OSD. This plugin does not provide the session management functionality.

cwperks added 28 commits May 17, 2024 13:28
@cwperks
Introduce opensearch_security.configuration.admin_pages_enabled setti…
918faa5 
…ng to be able to disable security admin pages

Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Fix typo
27779f9 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Define common routes
8c1d1e5 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
WIP on admin screen only
36b0098 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Only register custom error page if pages are enabled
d66fd63 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Merge branch 'disable-security-pages' into admin-screens-only
da3dd2e
@cwperks
Organize sections in public/plugin.ts
4858db3 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Remove comment
9ffa45b 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Merge branch 'disable-security-pages' into admin-screens-only
c653144
@cwperks
Update server/plugin.ts
90f4fc6 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Update datasource
dbb5318 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Merge branch 'disable-security-pages' into admin-screens-only
2a93bb0
@cwperks
Remove defineCommonRoutes
4ec526d 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Fix top nav bar
6e56a42 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Create common plugin
6ac1fea 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Pass appropriate handler context
80b58c7 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Move list
1a2c0dd 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
defineCommonRoutes
1f54c72 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Surround with try catch
6426257 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Only register if not already registered
1df7862 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Revert route handler context change
80c1c38 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Add defineRoutes backs
f777798 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Move up logic for defining routes
fd776f3 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Add all routes
70367e8 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Revert changes
72b6990 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Revert changes
002b3d3 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Merge branch 'disable-security-pages' into admin-screens-only
aefb24a
@cwperks
Run with multiple security-dashboards-plugin
f2c7455 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
cwperks added 17 commits May 22, 2024 15:37
@cwperks
Use local action
7b334f7 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Comment out section
d39b947 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Fix indentation
e7a7801 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Add shell
7144beb 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
rewrite package.json
e92eb03 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Change package.json before bootstrap
7498fad 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
minor change
0a0c343 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Add debug step
1400f56 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Move opensearch_dashboards.json logic
439f303 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Update URL
9d4639e 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Only run linux
e3cb5d4 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Test change
018cc7f 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Revert "Test change"
0868d19 
This reverts commit 018cc7f.
@cwperks
Update FTR branch
65a1c1c 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Only run on push
2767f69 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Remove duplication
c4a9a84 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Minor change
cd69d85 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
RyanL1997
RyanL1997 reviewed May 24, 2024
View reviewed changes
Copy link
Copy Markdown
Collaborator

@RyanL1997 RyanL1997 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @cwperks, thanks for putting this together. This is indeed a very interesting PR to review. I can see that this experimental change is designed to support MDS. To help bridge my knowledge gap with the new security frontend experience, I've left some conceptual questions in this round of review.

.github/actions/setup-opensearch-dashboards/action.yml

- uses: actions/checkout@v2
with:
path: ./OpenSearch-Dashboards/plugins/security-admin-dashboards-plugin
Copy link
Copy Markdown
Collaborator

@RyanL1997 RyanL1997 May 24, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this the second installation for Security Admin Pages?

.github/actions/setup-opensearch-dashboards/action.yml

- uses: actions/checkout@v2
with:
path: ${{ steps.determine-plugin-directory.outputs.plugin-directory }}
Copy link
Copy Markdown
Collaborator

@RyanL1997 RyanL1997 May 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to be the first installation for Session Management Only Mode, is that correct?

.github/actions/setup-opensearch-dashboards/action.yml
working-directory: OpenSearch-Dashboards
shell: bash

- name: Create opensearch_dashboards.json for security admin dashboards plugin
Copy link
Copy Markdown
Collaborator

@RyanL1997 RyanL1997 May 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest we add a working-directory for this at ./OpenSearch-Dashboards/plugins/security-admin-dashboards-plugin

.github/actions/setup-opensearch-dashboards/action.yml
- name: Add to opensearch_dashboards.yml config file
run: |
echo 'opensearch_security.configuration.admin_pages_enabled: false' >> ./OpenSearch-Dashboards/config/opensearch_dashboards.yml
echo 'opensearch_security_admin.configuration.session_management_enabled: false' >> ./OpenSearch-Dashboards/config/opensearch_dashboards.yml
Copy link
Copy Markdown
Collaborator

@RyanL1997 RyanL1997 May 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For my knowledge, I do have some conceptual questions about these flags:

  • what are these flags for? (I guess it is for disable/enable the 2 security dashboards we installed, but why we disabled both of them here?)
  • Are they enabled by default?

Copy link
Copy Markdown
Owner Author

@cwperks cwperks May 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Notice that the prefixes are different opensearch_security vs opensearch_security_admin.

For one of the plugin installations it disables the Admin pages and only manages the session, including login/logout, changing tenant and viewing user info. For the other plugin, it disables session management. In that mode, the plugin acts like any other dashboard plugin where it displays pages for the user to interact with security. It takes for granted that another plugin manages the session.

cwperks added 2 commits May 24, 2024 09:27
@cwperks
Remove agg view test
e491ea7 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
@cwperks
Use correct prefix
8655bec 
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@RyanL1997 RyanL1997 RyanL1997 left review comments

@derek-ho derek-ho Awaiting requested review from derek-ho derek-ho is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cwperks @RyanL1997