Merge branch 'main' into upgrade-cypress

derek-ho · web-flow · commit ecd96366d6c0 · 2025-02-04T11:10:04.000-05:00
diff --git a/.github/actions/download-plugin/action.yml b/.github/actions/download-plugin/action.yml
@@ -25,7 +25,7 @@ runs:
         mvn dependency:get \
         -DremoteRepositories=https://aws.oss.sonatype.org/content/repositories/snapshots/ \
         -Dartifact=org.opensearch.plugin:${{ inputs.plugin-name }}:${{ inputs.plugin-version }}-SNAPSHOT:zip \
-        -Dtransitive=false \
-        -Ddest=${{ inputs.download-location }}.zip
+        -Dtransitive=false
+        cp ~/.m2/repository/org/opensearch/plugin/${{ inputs.plugin-name }}/${{ inputs.plugin-version }}-SNAPSHOT/${{ inputs.plugin-name }}-${{ inputs.plugin-version }}-SNAPSHOT.zip ${{ inputs.download-location }}.zip
       shell: bash
       
diff --git a/.github/workflows/cypress-test-multiauth-e2e.yml b/.github/workflows/cypress-test-multiauth-e2e.yml
@@ -59,7 +59,7 @@ jobs:
                     config:
                       idp:
                         entity_id: urn:example:idp
-                        metadata_url: http://localhost:7000/metadata
+                        metadata_url: http://[::1]:7000/metadata
                       sp:
                         entity_id: https://localhost:9200
                       kibana_url: http://localhost:5601${{ matrix.basePath }}
diff --git a/.github/workflows/cypress-test-saml-e2e.yml b/.github/workflows/cypress-test-saml-e2e.yml
@@ -59,7 +59,7 @@ jobs:
                     config:
                       idp:
                         entity_id: urn:example:idp
-                        metadata_url: http://localhost:7000/metadata
+                        metadata_url: http://[::1]:7000/metadata
                       sp:
                         entity_id: https://localhost:9200
                       kibana_url: http://localhost:5601${{ matrix.basePath }}
diff --git a/release-notes/opensearch-security-dashboards-plugin.release-notes-2.19.0.0.md b/release-notes/opensearch-security-dashboards-plugin.release-notes-2.19.0.0.md
@@ -0,0 +1,10 @@
+## Version 2.19.0 Release Notes
+
+Compatible with OpenSearch and OpenSearch Dashboards version 2.19.0
+
+### Enhancements
+* Add LTR transport actions to cluster permissions list ([#2170](https://github.com/opensearch-project/security-dashboards-plugin/pull/2170))
+
+### Bug Fixes
+* Preserve query in nextUrl during openid login redirect ([#2140](https://github.com/opensearch-project/security-dashboards-plugin/pull/2140))
+* Fix tenant defaulting incorrectly ([#2163](https://github.com/opensearch-project/security-dashboards-plugin/pull/2163))
diff --git a/test/cypress/e2e/saml/saml_auth_test.spec.js b/test/cypress/e2e/saml/saml_auth_test.spec.js
@@ -29,36 +29,70 @@ before(() => {
 
   // Avoid Cypress lock onto the ipv4 range, so fake `visit()` before `request()`.
   // See: https://github.com/cypress-io/cypress/issues/25397#issuecomment-1402556488
-  cy.visit(`http://localhost:5601${basePath}`);
+  if (Cypress.env('loginMethod') === 'saml_multiauth') {
+    cy.visit(`http://localhost:5601${basePath}`);
+  } else {
+    cy.request(`http://localhost:5601${basePath}`);
+  }
 
   cy.createRoleMapping(ALL_ACCESS_ROLE, samlUserRoleMapping);
   cy.clearCookies();
   cy.clearLocalStorage();
 });
 
+beforeEach(() => {
+  cy.intercept('GET', '**/**', (req) => {
+    // Replace [::1] with localhost in the request URL and headers
+    if (req.url.includes('[::1]')) {
+      req.url = req.url.replace(/\[::1\]/g, 'localhost');
+    }
+
+    req.on('response', (res) => {
+      if (res && res.headers) {
+        Object.keys(res.headers).forEach((key) => {
+          if (typeof res.headers[key] === 'string' && res.headers[key].includes('[::1]')) {
+            res.headers[key] = res.headers[key].replace(/\[::1\]/g, 'localhost');
+          }
+        });
+      }
+      return res;
+    });
+  });
+});
+
 afterEach(() => {
   cy.clearCookies();
   cy.clearLocalStorage();
 });
 
 describe('Log in via SAML', () => {
-  const samlLogin = () => {
-    if (Cypress.env('loginMethod') === 'saml_multiauth') {
-      cy.loginWithSamlMultiauth();
-    } else {
-      cy.loginWithSaml();
-    }
+  const loginWithSamlMultiauth = () => {
+    cy.get('a[aria-label="saml_login_button"]').should('be.visible');
+    cy.get('a[aria-label="saml_login_button"]').should('be.visible').click();
+    cy.origin('http://localhost:7000', () => {
+      cy.get('input[id=userName]').should('be.visible');
+      cy.get('button[id=btn-sign-in]').should('be.visible').click();
+    });
   };
 
   it('Login to app/opensearch_dashboards_overview#/ when SAML is enabled', () => {
     localStorage.setItem('opendistro::security::tenant::saved', '"__user__"');
     localStorage.setItem('home:newThemeModal:show', 'false');
 
-    cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
-      failOnStatusCode: false,
-    });
-
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => {
+        cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('#osdOverviewPageHeader__title').should('be.visible');
     cy.getCookie('security_authentication').should('exist');
@@ -68,11 +102,20 @@ describe('Log in via SAML', () => {
     localStorage.setItem('opendistro::security::tenant::saved', '"__user__"');
     localStorage.setItem('home:newThemeModal:show', 'false');
 
-    cy.visit(`http://localhost:5601${basePath}/app/dev_tools#/console`, {
-      failOnStatusCode: false,
-    });
-
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(`http://localhost:5601${basePath}/app/dev_tools#/console`, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => {
+        cy.visit(`http://localhost:5601${basePath}/app/dev_tools#/console`, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('a.euiBreadcrumb--last').contains('Dev Tools');
     cy.getCookie('security_authentication').should('exist');
@@ -84,11 +127,20 @@ describe('Log in via SAML', () => {
 
     const urlWithHash = `http://localhost:5601${basePath}/app/security-dashboards-plugin#/getstarted`;
 
-    cy.visit(urlWithHash, {
-      failOnStatusCode: false,
-    });
-
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(urlWithHash, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { urlWithHash } }, ({ urlWithHash }) => {
+        cy.visit(urlWithHash, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('h1').contains('Get started');
     cy.getCookie('security_authentication').should('exist');
@@ -97,11 +149,20 @@ describe('Log in via SAML', () => {
   it('Tenancy persisted after logout in SAML', () => {
     localStorage.setItem('home:newThemeModal:show', 'false');
 
-    cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
-      failOnStatusCode: false,
-    });
-
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => {
+        cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('#private').should('be.enabled');
     cy.get('#private').click({ force: true });
@@ -114,7 +175,20 @@ describe('Log in via SAML', () => {
 
     cy.get('button[data-test-subj^="log-out-"]').click();
 
-    samlLogin();
+    if (Cypress.env('loginMethod') === 'saml_multiauth') {
+      cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+        failOnStatusCode: false,
+      });
+      loginWithSamlMultiauth();
+    } else {
+      cy.origin('http://localhost:7000', { args: { basePath } }, ({ basePath }) => {
+        cy.visit(`http://localhost:5601${basePath}/app/opensearch_dashboards_overview`, {
+          failOnStatusCode: false,
+        });
+        cy.get('input[id=userName]').should('be.visible');
+        cy.get('button[id=btn-sign-in]').should('be.visible').click();
+      });
+    }
 
     cy.get('#user-icon-btn').should('be.visible');
     cy.get('#user-icon-btn').click();
@@ -131,8 +205,20 @@ describe('Log in via SAML', () => {
       // since the Shorten URL api is return's set-cookie header for admin user.
       cy.clearCookies().then(() => {
         const gotoUrl = `http://localhost:5601${basePath}/goto/${response.urlId}?security_tenant=global`;
-        cy.visit(gotoUrl);
-        samlLogin();
+        if (Cypress.env('loginMethod') === 'saml_multiauth') {
+          cy.visit(gotoUrl, {
+            failOnStatusCode: false,
+          });
+          loginWithSamlMultiauth();
+        } else {
+          cy.origin('http://localhost:7000', { args: { gotoUrl } }, ({ gotoUrl }) => {
+            cy.visit(gotoUrl, {
+              failOnStatusCode: false,
+            });
+            cy.get('input[id=userName]').should('be.visible');
+            cy.get('button[id=btn-sign-in]').should('be.visible').click();
+          });
+        }
         cy.getCookie('security_authentication').should('exist');
       });
     });
diff --git a/test/cypress/support/commands.js b/test/cypress/support/commands.js
@@ -79,18 +79,6 @@ Cypress.Commands.add('createRoleMapping', (roleID, rolemappingJson) => {
   });
 });
 
-Cypress.Commands.add('loginWithSaml', () => {
-  cy.get('input[id=userName]').should('be.visible');
-  cy.get('button[id=btn-sign-in]').should('be.visible').click();
-});
-
-Cypress.Commands.add('loginWithSamlMultiauth', () => {
-  cy.get('a[aria-label="saml_login_button"]').should('be.visible');
-  cy.get('a[aria-label="saml_login_button"]').should('be.visible').click();
-  cy.get('input[id=userName]').should('be.visible');
-  cy.get('button[id=btn-sign-in]').should('be.visible').click();
-});
-
 if (Cypress.env('LOGIN_AS_ADMIN')) {
   // Define custom cy.visit() only if LOGIN_AS_ADMIN is true
   Cypress.Commands.overwrite('visit', (orig, url, options = {}) => {
