From 4ba3cc0e2ebec61b726b227fdf51e55f4a502182 Mon Sep 17 00:00:00 2001 From: Chang Liu Date: Thu, 24 Jun 2021 16:16:02 -0700 Subject: [PATCH] Cleanup md files (#1298) --- ADMINS.md | 7 +++ CODE_OF_CONDUCT.md | 2 - CONTRIBUTING.md | 104 ++--------------------------------------- DEVELOPER_GUIDE.md | 37 +++++++++++++++ LICENSE => LICENSE.txt | 0 MAINTAINERS.md | 6 ++- README.md | 42 ++++++++++++++--- RELEASING.md | 1 + SECURITY.md | 3 ++ 9 files changed, 90 insertions(+), 112 deletions(-) create mode 100644 ADMINS.md create mode 100644 DEVELOPER_GUIDE.md rename LICENSE => LICENSE.txt (100%) create mode 100644 RELEASING.md create mode 100644 SECURITY.md diff --git a/ADMINS.md b/ADMINS.md new file mode 100644 index 0000000000..534cc1be41 --- /dev/null +++ b/ADMINS.md @@ -0,0 +1,7 @@ +## Admins + +| Admin | GitHub ID | Affiliation | +| --------------- | --------------------------------------- | ----------- | +| Henri Yandell | [hyandell](https://github.com/hyandell) | Amazon | + +[This document](https://github.com/opensearch-project/.github/blob/main/ADMINS.md) explains what admins do in this repo. and how they should be doing it. If you're interested in becoming a maintainer, see [MAINTAINERS](MAINTAINERS.md). If you're interested in contributing, see [CONTRIBUTING](CONTRIBUTING.md). \ No newline at end of file diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 997bae660b..f5bfd709aa 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,7 +1,6 @@ This code of conduct applies to all spaces provided by the OpenSource project including in code, documentation, issue trackers, mailing lists, chat channels, wikis, blogs, social media and any other communication channels used by the project. - **Our open source communities endeavor to:** * Be Inclusive: We are committed to being a community where everyone can join and contribute. This means using inclusive and welcoming language. @@ -9,7 +8,6 @@ This code of conduct applies to all spaces provided by the OpenSource project in * Be Respectful: We are committed to encouraging differing viewpoints, accepting constructive criticism and work collaboratively towards decisions that help the project grow. Disrespectful and unacceptable behavior will not be tolerated. * Be Collaborative: We are committed to supporting what is best for our community and users. When we build anything for the benefit of the project, we should document the work we do and communicate to others on how this affects their work. - **Our Responsibility. As contributors, members, or bystanders we each individually have the responsibility to behave professionally and respectfully at all times. Disrespectful and unacceptable behaviors include, but are not limited to:** * The use of violent threats, abusive, discriminatory, or derogatory language; diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index bfa72ed39b..2562cbbf1b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,102 +1,4 @@ -# Contributing Guidelines - -Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional -documentation, we greatly value feedback and contributions from our community. - -Please read through this document before submitting any issues or pull requests to ensure we have all the necessary -information to effectively respond to your bug report or contribution. - - -## Reporting Bugs/Feature Requests - -We welcome you to use the GitHub issue tracker to report bugs or suggest features. - -When filing an issue, please check [existing open](https://github.com/opensearch-project/security/issues), or [recently closed](https://github.com/opensearch-project/security/issues?q=is%3Aissue+is%3Aclosed), issues to make sure somebody else hasn't already reported the issue. Please try to include as much information as you can. Details like these are incredibly useful: - -* A reproducible test case or series of steps -* The version of our code being used -* Any modifications you've made relevant to the bug -* Anything unusual about your environment or deployment - - -## Contributing via Pull Requests -Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: - -1. You are working against the latest source on the *main* branch. -2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. -3. You open an issue to discuss any significant work - we would hate for your time to be wasted. - -To send us a pull request, please: - -1. Fork the repository. -2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change. -3. Ensure local tests pass. -4. Commit to your fork using clear commit messages. -5. Send us a pull request, answering any default questions in the pull request interface. -6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. - -GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and -[creating a pull request](https://help.github.com/articles/creating-a-pull-request/). - - -## Finding contributions to work on -Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any ['help wanted'](https://github.com/opendistro-for-elasticsearch/security/labels/help%20wanted) issues is a great place to start. - -## Code of Conduct - -This project has adopted an [Open Source Code of Conduct](CODE_OF_CONDUCT.md). - -## Developer Certificate of Origin - -OpenSearch is an open source product released under the Apache 2.0 license (see either [the Apache site](https://www.apache.org/licenses/LICENSE-2.0) or the [LICENSE file](./LICENSE)). The Apache 2.0 license allows you to freely use, modify, distribute, and sell your own products that include Apache 2.0 licensed software. - -We respect intellectual property rights of others and we want to make sure all incoming contributions are correctly attributed and licensed. A Developer Certificate of Origin (DCO) is a lightweight mechanism to do that. - -The DCO is a declaration attached to every contribution made by every developer. In the commit message of the contribution, the developer simply adds a `Signed-off-by` statement and thereby agrees to the DCO, which you can find below or at [DeveloperCertificate.org](http://developercertificate.org/). - -``` -Developer's Certificate of Origin 1.1 - -By making a contribution to this project, I certify that: - -(a) The contribution was created in whole or in part by me and I - have the right to submit it under the open source license - indicated in the file; or - -(b) The contribution is based upon previous work that, to the - best of my knowledge, is covered under an appropriate open - source license and I have the right under that license to - submit that work with modifications, whether created in whole - or in part by me, under the same open source license (unless - I am permitted to submit under a different license), as - Indicated in the file; or - -(c) The contribution was provided directly to me by some other - person who certified (a), (b) or (c) and I have not modified - it. - -(d) I understand and agree that this project and the contribution - are public and that a record of the contribution (including - all personal information I submit with it, including my - sign-off) is maintained indefinitely and may be redistributed - consistent with this project or the open source license(s) - involved. - ``` -We require that every contribution to OpenSearch is signed with a Developer Certificate of Origin. Additionally, please use your real name. We do not accept anonymous contributors nor those utilizing pseudonyms. - -Each commit must include a DCO which looks like this - -``` -Signed-off-by: Jane Smith -``` -You may type this line on your own when writing your commit messages. However, if your user.name and user.email are set in your git configs, you can use `-s` or `– – signoff` to add the `Signed-off-by` line to the end of the commit message. - -## Security issue notifications - -If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public GitHub issue. - - -## Licensing - -See the [LICENSE](./LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. +## Contributing to this Project +OpenSearch is a community project that is built and maintained by people just like **you**. +[This document](https://github.com/opensearch-project/.github/blob/main/CONTRIBUTING.md) explains how you can contribute to this and related projects. \ No newline at end of file diff --git a/DEVELOPER_GUIDE.md b/DEVELOPER_GUIDE.md new file mode 100644 index 0000000000..b53261dbe1 --- /dev/null +++ b/DEVELOPER_GUIDE.md @@ -0,0 +1,37 @@ +- [Developer Guide](#developer-guide) + - [Forking and Cloning](#forking-and-cloning) + - [Install Prerequisites](#install-prerequisites) + - [JDK 14](#jdk-14) + - [Building](#building) + - [Using IntelliJ IDEA](#using-intellij-idea) + - [Submitting Changes](#submitting-changes) + +## Developer Guide + +So you want to contribute code to this project? Excellent! We're glad you're here. Here's what you need to do. + +### Forking and Cloning + +Fork this repository on GitHub, and clone locally with `git clone`. + +### Install Prerequisites + +#### JDK 14 + +OpenSearch components build using Java 14 at a minimum. This means you must have a JDK 14 installed with the environment variable `JAVA_HOME` referencing the path to Java home for your JDK 14 installation, e.g. `JAVA_HOME=/usr/lib/jvm/jdk-14`. + +### Building + +To build from the command line, + +``` +mvn clean package -Padvanced -DskipTests +``` + +### Using IntelliJ IDEA + +Launch Intellij IDEA, choose **Import Project**, and select the `pom.xml` file in the root of this package. + +### Submitting Changes + +See [CONTRIBUTING](CONTRIBUTING.md). \ No newline at end of file diff --git a/LICENSE b/LICENSE.txt similarity index 100% rename from LICENSE rename to LICENSE.txt diff --git a/MAINTAINERS.md b/MAINTAINERS.md index d09bda97ee..584d3e99f9 100644 --- a/MAINTAINERS.md +++ b/MAINTAINERS.md @@ -3,10 +3,12 @@ ## Maintainers | Maintainer | GitHub ID | Affiliation | | --------------- | --------- | ----------- | +| afazel | [afazel](https://github.com/afazel) | Amazon | | Andy | [andy840314](https://github.com/andy840314) | Amazon | | Chang Liu | [cliu123](https://github.com/cliu123) | Amazon | -| Debjani Banerjee | [debjanibnrj](https://github.com/debjanibnrj) | Amazon | +| hardik-k-shah | [hardik-k-shah](https://github.com/hardik-k-shah) | Amazon | | hsiang9431-amzn | [hsiang9431-amzn](https://github.com/hsiang9431-amzn) | Amazon | | lukkoor | [lukkoor](https://github.com/lukkoor) | Amazon | -| Sujith Vadakkepat | [sujithvm](https://github.com/sujithvm) | Amazon | +| Palash Hedau | [palashhedau](https://github.com/palashhedau) | Amazon | | Vlad Rozov | [vrozov](https://github.com/vrozov) | Amazon | +| vengadanathan-s | [vengadanathan-s](https://github.com/vengadanathan-s) | Amazon | diff --git a/README.md b/README.md index 3f7c16d992..eb73bb7df5 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,22 @@ [![CI](https://github.com/opensearch-project/security/workflows/CI/badge.svg?branch=main)](https://github.com/opensearch-project/security/actions) [![codecov](https://codecov.io/gh/opensearch-project/security/branch/main/graph/badge.svg)](https://codecov.io/gh/opensearch-project/security) -# OpenSearch Security + + +- [OpenSearch Security](#opensearch-security) +- [Features provided by Security](#features-provided-by-security) +- [Documentation](#documentation) +- [Quick Start](#quick-start) +- [Test and Build](#test-and-build) +- [Config hot reloading](#config-hot-reloading) +- [Contributing](#contributing) +- [Getting Help](#getting-help) +- [Code of Conduct](#code-of-conduct) +- [Security](#security) +- [License](#license) +- [Copyright](#copyright) + +## OpenSearch Security OpenSearch Security is an OpenSearch plugin that offers encryption, authentication, and authorization. When combined with OpenSearch Security-Advanced Modules, it supports authentication via Active Directory, LDAP, Kerberos, JSON web tokens, SAML, OpenID and more. It includes fine grained role-based access control to indices, documents and fields. It also provides multi-tenancy support in OpenSearch Dashboards. @@ -41,8 +56,6 @@ OpenSearch Security is an OpenSearch plugin that offers encryption, authenticati ### OpenSearch Dashboards multi-tenancy * True OpenSearch Dashboards multi-tenancy - - ## Documentation Please refer to the [technical documentation](https://docs-beta.opensearch.org/docs/security/configuration/) for detailed information on installing and configuring opensearch-security plugin. @@ -66,8 +79,7 @@ Please refer to the [technical documentation](https://docs-beta.opensearch.org/d * Test the installation by visiting ``https://localhost:9200``. When prompted, use admin/admin as username and password. This user has full access to the cluster. -* Display information about the currently logged in user by visiting ``https://localhost:9200/_opendistro/_security/authinfo``. - +* Display information about the currently logged in user by visiting ``https://localhost:9200/_plugins/_security/authinfo``. ## Test and Build @@ -85,7 +97,6 @@ artifact_zip=`ls $(pwd)/target/releases/opensearch-security-*.zip | grep -v admi ./gradlew build buildDeb buildRpm --no-daemon -ParchivePath=$artifact_zip -Dbuild.snapshot=false ``` - ## Config hot reloading The Security Plugin Configuration is stored in a dedicated index in OpenSearch itself. Changes to the configuration are pushed to this index via the command line tool. This will trigger a reload of the configuration on all nodes automatically. This has several advantages over configuration via opensearch.yml: @@ -95,6 +106,23 @@ The Security Plugin Configuration is stored in a dedicated index in OpenSearch i * Configuration changes do not require a restart * Configuration changes take effect immediately +## Contributing + +See [developer guide](DEVELOPER_GUIDE.md) and [how to contribute to this project](CONTRIBUTING.md). + +## Getting Help + +If you find a bug, or have a feature request, please don't hesitate to open an issue in this repository. + +For more information, see [project website](https://opensearch.org/) and [documentation](https://docs-beta.opensearch.org/). If you need help and are unsure where to open an issue, try [forums](https://discuss.opendistrocommunity.dev/). + +## Code of Conduct + +This project has adopted the [Amazon Open Source Code of Conduct](CODE_OF_CONDUCT.md). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq), or contact [opensource-codeofconduct@amazon.com](mailto:opensource-codeofconduct@amazon.com) with any additional questions or comments. + +## Security + +If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public GitHub issue. ## License @@ -102,5 +130,5 @@ This code is licensed under the Apache 2.0 License. ## Copyright -Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. +Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/RELEASING.md b/RELEASING.md new file mode 100644 index 0000000000..6903e716ff --- /dev/null +++ b/RELEASING.md @@ -0,0 +1 @@ +This project follows the [OpenSearch release process](https://github.com/opensearch-project/.github/blob/main/RELEASING.md). \ No newline at end of file diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..0b85ca04ed --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,3 @@ +## Reporting a Vulnerability + +If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to aws-security@amazon.com. Please do **not** create a public GitHub issue. \ No newline at end of file