Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updates sample cert and admin keystore #1806

Merged
merged 1 commit into from
Mar 26, 2024
Merged

Updates sample cert and admin keystore #1806

merged 1 commit into from
Mar 26, 2024

Conversation

DarshitChanpura
Copy link
Member

Description

Downstream change coming from security plugin: opensearch-project/security#4061

Check List

  • New functionality includes testing.
    • All tests pass, including unit test, integration test and doctest
  • New functionality has been documented.
    • New functionality has javadoc added
    • New functionality has user manual doc added
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@DarshitChanpura
Copy link
Member Author

should be merged post opensearch-project/security#4061 is merged

derek-ho
derek-ho requested changes Feb 21, 2024
View reviewed changes
Copy link
Collaborator

@derek-ho derek-ho left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@DarshitChanpura can you leave some comments as to why this change is needed? Is CI failing somewhere? Can you provide a mechanism to pull these in via security plugin? I have seen you made PRs in all repos before and it feels like its better to pull it from one place and not hard code them everywhere

@DarshitChanpura
Copy link
Member Author

DarshitChanpura commented Feb 21, 2024
edited
Loading

can you leave some comments as to why this change is needed?

Downstream change coming from security plugin: opensearch-project/security#4061
CI will start failing because of certificate mismatch, since the public certificates used are updated, thus sample.pem will not be verifiable since it has old certs

Can you provide a mechanism to pull these in via security plugin?

This is left onto maintainers to refactor build.gradle to pull artifacts from security repository. Refer to k-NN's build.gradle.

These certificates should not be hardcoded in individual plugin repos instead they should be pulled from security-plugin as needed. Even better solution would be to generate own certificates and setup the configuration as required, thus avoiding any dependency on security plugin's certificates.

derek-ho
derek-ho reviewed Feb 22, 2024
View reviewed changes
Copy link
Collaborator

@derek-ho derek-ho left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removing the block but not approving until upstream change is merged and CI is green

derek-ho
derek-ho reviewed Feb 22, 2024
View reviewed changes
Copy link
Collaborator

@derek-ho derek-ho left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks

@gaiksaya
Copy link
Member

gaiksaya commented Mar 25, 2024
edited
Loading

Hello reviewers,

This could be potential reason for failing tests with security atleast at the distribution level for 2.13.0.
Please review and merge.
Looks like it would need backport to 2.x and 2.13?

Thanks!

@ps48 ps48 merged commit 11aa920 into opensearch-project:main Mar 26, 2024
15 of 20 checks passed
opensearch-trigger-bot bot pushed a commit that referenced this pull request Mar 26, 2024
@github-actions
Updates sample cert and admin keystore (#1806)
65c65b2 
Signed-off-by: Darshit Chanpura <[email protected]>
(cherry picked from commit 11aa920)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Mar 26, 2024
Merged
opensearch-trigger-bot bot pushed a commit that referenced this pull request Mar 26, 2024
@github-actions
Updates sample cert and admin keystore (#1806)
c64ee1b 
Signed-off-by: Darshit Chanpura <[email protected]>
(cherry picked from commit 11aa920)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Mar 26, 2024
Merged
ps48 pushed a commit that referenced this pull request Mar 26, 2024
@opensearch-trigger-bot @github-actions
Updates sample cert and admin keystore (#1806) (#1816)
a488b1f 
(cherry picked from commit 11aa920)

Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
ps48 pushed a commit that referenced this pull request Mar 26, 2024
@opensearch-trigger-bot @github-actions
Updates sample cert and admin keystore (#1806) (#1815)
d676af8 
(cherry picked from commit 11aa920)

Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@derek-ho derek-ho derek-ho approved these changes

@ps48 ps48 ps48 approved these changes

@kavithacm kavithacm Awaiting requested review from kavithacm kavithacm is a code owner

@joshuali925 joshuali925 Awaiting requested review from joshuali925 joshuali925 is a code owner

@dai-chen dai-chen Awaiting requested review from dai-chen dai-chen is a code owner

@YANG-DB YANG-DB Awaiting requested review from YANG-DB YANG-DB is a code owner

@rupal-bq rupal-bq Awaiting requested review from rupal-bq

@mengweieric mengweieric Awaiting requested review from mengweieric mengweieric is a code owner

@vamsi-amazon vamsi-amazon Awaiting requested review from vamsi-amazon vamsi-amazon is a code owner

@Swiddis Swiddis Awaiting requested review from Swiddis Swiddis is a code owner

@penghuo penghuo Awaiting requested review from penghuo penghuo is a code owner

@seankao-az seankao-az Awaiting requested review from seankao-az seankao-az is a code owner

@anirudha anirudha Awaiting requested review from anirudha anirudha is a code owner

Assignees
No one assigned
Labels
backport 2.x backport 2.13 maintenance
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@DarshitChanpura @gaiksaya @ps48 @derek-ho