From 9f046359ce9cdecd6375d5c55ba0fbcab7da691b Mon Sep 17 00:00:00 2001
From: Chang Liu <lc12251109@gmail.com>
Date: Fri, 6 Aug 2021 18:25:25 -0700
Subject: [PATCH] Build OpenSearch in CD workflow in order to build security
 plugin (#1364)

---
 .github/workflows/cd.yml | 55 ++++++++++------------------------------
 1 file changed, 13 insertions(+), 42 deletions(-)

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 441d727761..5f9a379aa4 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -11,13 +11,17 @@ jobs:
 
     steps:
 
-    - name: Set up JDK 11
+    - name: Set up JDK 14
       uses: actions/setup-java@v1
       with:
-        java-version: 11.0.x
-        server-id: sonatype-nexus-staging
-        server-username: SONATYPE_USER
-        server-password: SONATYPE_PASSWORD
+        java-version: 14.0.x
+
+    - name: Checkout OpenSearch
+      uses: actions/checkout@v2
+      with:
+        repository: 'opensearch-project/OpenSearch'
+        path: OpenSearch
+        ref: '1.0'
 
     - name: Checkout security
       uses: actions/checkout@v2
@@ -29,6 +33,10 @@ jobs:
         key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
         restore-keys: ${{ runner.os }}-m2
 
+    - name: Build OpenSearch
+      working-directory: ./OpenSearch
+      run: ./gradlew publishToMavenLocal -Dbuild.snapshot=false
+
     - name: Build
       run: |
         mvn -B clean package -Padvanced -DskipTests
@@ -41,43 +49,6 @@ jobs:
         zip -r artifacts.zip artifacts
         echo "TAG_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
 
-    - name: Configure AWS Credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_STAGING_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_STAGING_SECRET_ACCESS_KEY }}
-        aws-region: us-west-2
-
-    - name: Upload Artifacts to S3
-      run: |
-        zip=`ls artifacts/*.zip`
-        rpm=`ls artifacts/*.rpm`
-        deb=`ls artifacts/*.deb`
-
-        # Inject the build number before the suffix
-        zip_outfile=`basename ${zip%.zip}-build-${GITHUB_RUN_NUMBER}.zip`
-        rpm_outfile=`basename ${rpm%.rpm}-build-${GITHUB_RUN_NUMBER}.rpm`
-        deb_outfile=`basename ${deb%.deb}-build-${GITHUB_RUN_NUMBER}.deb`
-
-        s3_prefix="s3://staging.artifacts.opendistroforelasticsearch.amazon.com/snapshots/elasticsearch-plugins/security/"
-
-        echo "Copying ${zip} to ${s3_prefix}${zip_outfile}"
-        aws s3 cp --quiet $zip ${s3_prefix}${zip_outfile}
-
-        echo "Copying ${rpm} to ${s3_prefix}${rpm_outfile}"
-        aws s3 cp --quiet $rpm ${s3_prefix}${rpm_outfile}
-
-        echo "Copying ${deb} to ${s3_prefix}${deb_outfile}"
-        aws s3 cp --quiet $deb ${s3_prefix}${deb_outfile}
-
-    - name: Upload Artifacts to Maven Central
-      env:
-        SONATYPE_USER: ${{ secrets.SONATYPE_USER }}
-        SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
-      run: |
-        gpg --batch --import --no-tty <(echo -e "${{ secrets.PGP_PRIVATE_KEY }}")
-        mvn -B deploy -Padvanced -Prelease -DskipTests -Dgpg.passphrase=${{ secrets.PGP_PASSPHRASE }}
-
     - name: Create Github Draft Release
       id: create_release
       uses: actions/create-release@v1.0.0