Remove TransportClient auth/auth #1701
Conversation
…1578) Signed-off-by: Jochen Kressin <jkressin@floragunn.com>
Signed-off-by: Jochen Kressin <jkressin@floragunn.com>
| @@ -195,7 +193,7 @@ protected boolean categoriesPresentInLog(String result, AuditCategory... categor | |||
| } | |||
|
|
|||
| protected void logAll(AuditLog auditLog) { | |||
| //11 requests | |||
| //10 requests | |||
There was a problem hiding this comment.
I'm curious, what does this comment mean?
There was a problem hiding this comment.
The comment was in there before, and I think it just states the obvious ;-) namely, we log/generate 10 events in this method. Agreed, it's unnecessary and I can remove it if needed.
There was a problem hiding this comment.
If you have an opportunity to remove lets do it, or we will filter comments like this out over time
Signed-off-by: Jochen Kressin <jkressin@floragunn.com>
|
@jochenkressin There're 10 test failures. Could you please take a look? |
|
@jochenkressin Before looking into the test failures I recommend rebasing, we've dropped support for JDK14 and speed up the runtime for the tests that should give you better results sooner |
|
There was indeed an issue where the privileges check for the injected user on the transport layer was not executed. The last commit fixes this. In the logs I found two other test failures that are IMHO unrelated to the changes: DlsTest#testDlsWithMinDocCountZeroAggregations BasicAuditlogTest#testRestMethod |
|
@jochenkressin Would you please rebase and resolved the conflicts? |
Seeing as this change is very close to being merged, I'll take over making sure we can get it in for the 2.0.0 release. Thanks @jochenkressin |
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Signed-off-by: Peter Nied <petern@amazon.com>
Codecov Report
@@ Coverage Diff @@
## main #1701 +/- ##
============================================
+ Coverage 60.42% 60.73% +0.30%
+ Complexity 3196 3179 -17
============================================
Files 253 253
Lines 18093 17905 -188
Branches 3245 3198 -47
============================================
- Hits 10933 10874 -59
+ Misses 5579 5453 -126
+ Partials 1581 1578 -3
Continue to review full report at Codecov.
|
|
@opensearch-project/security Could we get a second reviewer to take a look? |
* Remove code related to TransportClient auth/auth (opensearch-project#1578) Signed-off-by: Jochen Kressin <jkressin@floragunn.com>
Description
With OpenSearch 2.0 the TransportClient is being removed. This means that there is no need for TransportClient auth/auth code anymore, or audit log categories that are connected with TansportLayer auth/auth. This PR removes the obsolete code and fixes some tests audit log unit tests.
Issues Resolved
#1578
Is this a backport? If so, please add backport PR # and/or commits #
No
Testing
Ran the complete test suite, adapted tests that involved TransportClient auth/auth or obsolete audit log categories
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.