Add native plugin validation framework #5529
Conversation
Divyaasm
requested review from
gaiksaya,
peterzhuamazon,
prudhvigodithi,
rishabh6788,
tianleh and
zelinh
as code owners
| plugin_list = [i["name"] for i in response if i["name"] not in installed_plugins_list] | ||
| plugin_list.remove("examples") | ||
| plugin_list.remove("build.gradle") | ||
| plugin_list.remove("identity-shiro") # Assuming security plugin enabled in the artifacts |
There was a problem hiding this comment.
@Divyaasm can you add some more details like since identity-shiro is also an identity plugin and 2 similar identity plugins cannot be installed.
Signed-off-by: Divya Madala <[email protected]>
Signed-off-by: Divya Madala <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
❌ Your project status has failed because the head coverage (0.00%) is below the target coverage (80.00%). You can increase the head coverage or adjust the target coverage. Additional details and impacted files@@ Coverage Diff @@
## main #5529 +/- ##
============================
============================
☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
| native_plugins_list = self.get_native_plugin_list(self.tmp_dir.name) | ||
| for container in ["opensearch-node1", "opensearch-node2"]: | ||
| for native_plugin in native_plugins_list: | ||
| command = f'docker exec -it {container} sh .' + os.sep + 'bin' + os.sep + f'opensearch-plugin install --batch {native_plugin}' |
There was a problem hiding this comment.
Why not add RUN/CMD opensearch-plugin install --batch {native_plugin} in the docker compose file.
This is not how user might be doint it right?
There was a problem hiding this comment.
This can be done in both ways! I have opted this as it seemed straight-forward, we have container details to run the command and we restart docker compose file after installing plugins. So we should be good AFAIK.
For the approach you have suggested, Existing compose file needs to be modified, we will need to update the docker-compose file dynamically and bring docker up!
There was a problem hiding this comment.
That's how the users will do it. Add the required plugins in the docker-compose files for their set up. I believe its the right way to go than executing a command against container.
There was a problem hiding this comment.
I think we should not change dockerfile or dockercomposefiles especially the latter one is now the official docker compose files on our website since the WP migration.
I am ok with having cmd in py to do this test as it is just a test, not related to functionalities of dockerfile and dockercomposefiles.
Thanks.
| try: | ||
| self.filename = os.path.basename(self.args.file_path.get(project)) | ||
| execute('mkdir ' + os.path.join(self.tmp_dir.path, project) + ' | tar -xzf ' + os.path.join(str(self.tmp_dir.path), self.filename) + ' -C ' + os.path.join(self.tmp_dir.path, project) + ' --strip-components=1', ".", True, False) # noqa: E501 | ||
| if self.args.validate_native_plugin: |
There was a problem hiding this comment.
We want to test everytime no matter the arg right? Wondering why we have if condition here.
There was a problem hiding this comment.
Agree. I think we should always test native plugin installation as part of validation workflow.
Or maybe we could have an argument to pass in specific native plugin we want to test on instead of the whole lists. By default, it would test the entire list. I think it could be helpful. WDYT? @gaiksaya @prudhvigodithi @rishabh6788
There was a problem hiding this comment.
I assumed that, this will be an argument passed from jenkins. We can set it to true/false by default based on our requirement.
There was a problem hiding this comment.
I believe its better to pass the whole list. I know discovery-ec2 and repository-s3 are some of the commonly used plugins but better to test everything while we are in there. It's just installation so should be fast.
| plugin_list = [i["name"] for i in response if i["name"] not in installed_plugins_list] | ||
| plugin_list.remove("examples") | ||
| plugin_list.remove("build.gradle") | ||
| plugin_list.remove("identity-shiro") # Since the security plugin is enabled in the artifacts and identity-shiro is also an identity plugin, we cannot have both the plugins installed together. # noqa: E501 |
There was a problem hiding this comment.
| plugin_list.remove("identity-shiro") # Since the security plugin is enabled in the artifacts and identity-shiro is also an identity plugin, we cannot have both the plugins installed together. # noqa: E501 | |
| # Since the security plugin is enabled in the artifacts and identity-shiro is also an identity plugin, we cannot have both the plugins installed together. | |
| plugin_list.remove("identity-shiro") # noqa: E501 |
There was a problem hiding this comment.
Can you also update our README file since we will be introducing new functionality?
https://github.com/opensearch-project/opensearch-build/blob/main/src/validation_workflow/README.md
| try: | ||
| self.filename = os.path.basename(self.args.file_path.get(project)) | ||
| execute('mkdir ' + os.path.join(self.tmp_dir.path, project) + ' | tar -xzf ' + os.path.join(str(self.tmp_dir.path), self.filename) + ' -C ' + os.path.join(self.tmp_dir.path, project) + ' --strip-components=1', ".", True, False) # noqa: E501 | ||
| if self.args.validate_native_plugin: |
There was a problem hiding this comment.
Agree. I think we should always test native plugin installation as part of validation workflow.
Or maybe we could have an argument to pass in specific native plugin we want to test on instead of the whole lists. By default, it would test the entire list. I think it could be helpful. WDYT? @gaiksaya @prudhvigodithi @rishabh6788
| path = os.path.exists(os.path.join(work_dir, "plugins", "opensearch-security")) | ||
| return path | ||
|
|
||
| def install_native_plugin(self, path: str) -> None: |
There was a problem hiding this comment.
Wonder how do we validate the cluster can be exit gracefully after native plugin installation. I think we saw an issue when exiting previously.
There was a problem hiding this comment.
At the end of validation, cleanup() method stops the cluster before finishing the job, if there is any issue an exception is raised.
Thanks @gaiksaya , I think just listing the repo |
| native_plugins_list = self.get_native_plugin_list(self.tmp_dir.name) | ||
| for container in ["opensearch-node1", "opensearch-node2"]: | ||
| for native_plugin in native_plugins_list: | ||
| command = f'docker exec -it {container} sh .' + os.sep + 'bin' + os.sep + f'opensearch-plugin install --batch {native_plugin}' |
There was a problem hiding this comment.
I think we should not change dockerfile or dockercomposefiles especially the latter one is now the official docker compose files on our website since the WP migration.
I am ok with having cmd in py to do this test as it is just a test, not related to functionalities of dockerfile and dockercomposefiles.
Thanks.
| def get_native_plugin_list(self, workdir: str) -> list: | ||
| bundle_manifest = BundleManifest.from_path(os.path.join(workdir, "manifest.yml")) | ||
| commit_id = bundle_manifest.components["OpenSearch"].commit_id | ||
| plugin_url = f"https://api.github.com/repos/opensearch-project/OpenSearch/contents/plugins?ref={commit_id}" |
There was a problem hiding this comment.
Is the native plugin list not in manifest that you have to retrieve from github api?
There was a problem hiding this comment.
The github api returns the plugin(native plugins list) folder based on the commit id from the bundle manifest.
There was a problem hiding this comment.
Yeah but build manifest at least include all the plugin names without the need to go online again.
I am not sure about the bundle manifest tho.
There was a problem hiding this comment.
Yes, but we need native-pugins list https://github.com/opensearch-project/OpenSearch/tree/main/plugins, not the os plugins which are in the manifest.
There was a problem hiding this comment.
No, if you check bundle manifest under opensearch core section, there are core-plugins key that contains all the core plugins.
| subprocess.run(f'docker cp opensearch-node1:/usr/share/opensearch/plugins {self.tmp_dir.name}/plugins', | ||
| shell=True, stdout=PIPE, stderr=PIPE, universal_newlines=True) |
There was a problem hiding this comment.
Can you explain why do you need to copy the plugins folder, unlike other dists?
There was a problem hiding this comment.
Yeah so, the query-insights in 2.x releases is os plugin as well as in native plugin folder. So inorder to restrict installing the plugin twice. I'm removing plugins list in the artifact from the native plugins list retrieved from github api. Which will need plugins folder available locally for the operations. So I've copied it to tmp folder from the container for getting the final list of native plugins which will be later iterated and installed.
There was a problem hiding this comment.
Cant you just get the list and save to a var?
I still couldnt wrap my head around why we need to docker cp the plugin folders again.
Thanks.
Signed-off-by: Divya Madala <[email protected]>
There was a problem hiding this comment.
Thanks @Divyaasm !
Please wrap possible improvements in an issue and attached to this PR.
Before merging, Thanks!
github-project-automation
bot
moved this to 👀 In Review
in Engineering Effectiveness Board
github-project-automation
bot
moved this from 👀 In Review
to ✅ Done
in Engineering Effectiveness Board
6 participants
Description
Add native plugin validation framework for all distributions
Issues Resolved
#2859
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.