Copilot commented on code in PR #2067: URL: https://github.com/apache/nifi-minifi-cpp/pull/2067#discussion_r2533893111
########## extensions/elasticsearch/tests/features/steps/opensearch_container.py: ########## @@ -0,0 +1,51 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import os + +from elastic_base_container import ElasticBaseContainer +from pathlib import Path +from OpenSSL import crypto +from minifi_test_framework.core.ssl_utils import make_server_cert +from minifi_test_framework.containers.file import File +from minifi_test_framework.containers.host_file import HostFile +from minifi_test_framework.core.minifi_test_context import MinifiTestContext + + +class OpensearchContainer(ElasticBaseContainer): + def __init__(self, test_context: MinifiTestContext): + super().__init__(test_context, "opensearchproject/opensearch:2.6.0", f"opensearch-{test_context.scenario_id}") + + admin_pem, admin_key = make_server_cert(self.container_name, test_context.root_ca_cert, test_context.root_ca_key) + + root_ca_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=test_context.root_ca_cert) + self.files.append(File("/usr/share/opensearch/config/root-ca.pem", root_ca_content, permissions=0o644)) + + admin_pem_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=admin_pem) + self.files.append(File("/usr/share/opensearch/config/admin.pem", admin_pem_content, permissions=0o644)) + + admin_key_content = crypto.dump_privatekey(type=crypto.FILETYPE_PEM, pkey=admin_key) + self.files.append(File("/usr/share/opensearch/config/admin-key.pem", admin_key_content, permissions=0o644)) + + features_dir = Path(__file__).resolve().parent.parent + self.host_files.append(HostFile('/usr/share/opensearch/config/opensearch.yml', os.path.join(features_dir, "resources", "opensearch.yml"))) + + def deploy(self): + return super().deploy('Hot-reloading of audit configuration is enabled') + + def add_elastic_user_to_opensearch(self): + (code, output) = self.exec_run(["/bin/bash", "-c", + f'curl -s -u admin:admin -k -XPUT https://{self.container_name}:9200/_plugins/_security/api/internalusers/elastic -H Content-Type:application/json -d\'{{"password":"password","backend_roles":["admin"]}}\'']) Review Comment: [nitpick] The curl command is constructed as a single long string which is difficult to read and maintain. Consider breaking this into multiple lines or using variables for better readability. ```suggestion curl_cmd = [ "curl -s", "-u admin:admin", "-k", "-XPUT", f"https://{self.container_name}:9200/_plugins/_security/api/internalusers/elastic";, "-H 'Content-Type:application/json'", "-d '{\"password\":\"password\",\"backend_roles\":[\"admin\"]}'" ] full_cmd = " ".join(curl_cmd) (code, output) = self.exec_run(["/bin/bash", "-c", full_cmd]) ``` ########## extensions/elasticsearch/tests/features/steps/elasticsearch_container.py: ########## @@ -0,0 +1,65 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import json +import os + +from elastic_base_container import ElasticBaseContainer +from pathlib import Path +from OpenSSL import crypto +from minifi_test_framework.core.ssl_utils import make_server_cert, make_cert_without_extended_usage +from minifi_test_framework.containers.file import File +from minifi_test_framework.containers.host_file import HostFile +from minifi_test_framework.core.minifi_test_context import MinifiTestContext + + +class ElasticsearchContainer(ElasticBaseContainer): + def __init__(self, test_context: MinifiTestContext): + super().__init__(test_context, "elasticsearch:9.1.5", f"elasticsearch-{test_context.scenario_id}") + + http_cert, http_key = make_server_cert(self.container_name, test_context.root_ca_cert, test_context.root_ca_key) + transport_cert, transport_key = make_cert_without_extended_usage(self.container_name, test_context.root_ca_cert, test_context.root_ca_key) + + root_ca_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=test_context.root_ca_cert) + self.files.append(File("/usr/share/elasticsearch/config/certs/root_ca.crt", root_ca_content, permissions=0o644)) + + http_cert_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=http_cert) + self.files.append(File("/usr/share/elasticsearch/config/certs/elastic_http.crt", http_cert_content, permissions=0o644)) + + http_key_content = crypto.dump_privatekey(type=crypto.FILETYPE_PEM, pkey=http_key) + self.files.append(File("/usr/share/elasticsearch/config/certs/elastic_http.key", http_key_content, permissions=0o644)) + + transport_cert_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=transport_cert) + self.files.append(File("/usr/share/elasticsearch/config/certs/elastic_transport.crt", transport_cert_content, permissions=0o644)) + + transport_key_content = crypto.dump_privatekey(type=crypto.FILETYPE_PEM, pkey=transport_key) + self.files.append(File("/usr/share/elasticsearch/config/certs/elastic_transport.key", transport_key_content, permissions=0o644)) + + features_dir = Path(__file__).resolve().parent.parent + self.host_files.append(HostFile('/usr/share/elasticsearch/config/elasticsearch.yml', os.path.join(features_dir, "resources", "elasticsearch.yml"))) + + self.environment.append("ELASTIC_PASSWORD=password") + + def deploy(self): + return super().deploy('"current.health":"GREEN"') + + def elastic_generate_apikey(self): + (code, output) = self.exec_run(["/bin/bash", "-c", + "curl -s -u elastic:password -k -XPOST https://localhost:9200/_security/api_key -H Content-Type:application/json -d'{\"name\":\"my-api-key\",\"expiration\":\"1d\",\"role_descriptors\":{\"role-a\": {\"cluster\": [\"all\"],\"index\": [{\"names\": [\"my_index\"],\"privileges\": [\"all\"]}]}}}'"]) Review Comment: [nitpick] The curl command is constructed as a single long string which is difficult to read and maintain. Consider breaking this into multiple lines or using variables for better readability. ```suggestion api_url = "https://localhost:9200/_security/api_key"; api_user = "elastic:password" api_headers = "Content-Type:application/json" api_data = ( '{"name":"my-api-key",' '"expiration":"1d",' '"role_descriptors":{"role-a": {' '"cluster": ["all"],' '"index": [{"names": ["my_index"],"privileges": ["all"]}]' '}}}' ) curl_cmd = ( f"curl -s -u {api_user} -k -XPOST {api_url} " f"-H {api_headers} " f"-d'{api_data}'" ) (code, output) = self.exec_run(["/bin/bash", "-c", curl_cmd]) ``` ########## extensions/elasticsearch/tests/features/steps/steps.py: ########## @@ -0,0 +1,79 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +from behave import step, given, then + +from minifi_test_framework.steps import checking_steps # noqa: F401 +from minifi_test_framework.steps import configuration_steps # noqa: F401 +from minifi_test_framework.steps import core_steps # noqa: F401 Review Comment: Import of 'core_steps' is not used. ########## extensions/elasticsearch/tests/features/steps/steps.py: ########## @@ -0,0 +1,79 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +from behave import step, given, then + +from minifi_test_framework.steps import checking_steps # noqa: F401 Review Comment: Import of 'checking_steps' is not used. ########## extensions/elasticsearch/tests/features/steps/elasticsearch_container.py: ########## @@ -0,0 +1,65 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import json +import os + +from elastic_base_container import ElasticBaseContainer +from pathlib import Path +from OpenSSL import crypto +from minifi_test_framework.core.ssl_utils import make_server_cert, make_cert_without_extended_usage +from minifi_test_framework.containers.file import File +from minifi_test_framework.containers.host_file import HostFile +from minifi_test_framework.core.minifi_test_context import MinifiTestContext + + +class ElasticsearchContainer(ElasticBaseContainer): + def __init__(self, test_context: MinifiTestContext): + super().__init__(test_context, "elasticsearch:9.1.5", f"elasticsearch-{test_context.scenario_id}") + + http_cert, http_key = make_server_cert(self.container_name, test_context.root_ca_cert, test_context.root_ca_key) + transport_cert, transport_key = make_cert_without_extended_usage(self.container_name, test_context.root_ca_cert, test_context.root_ca_key) + + root_ca_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=test_context.root_ca_cert) + self.files.append(File("/usr/share/elasticsearch/config/certs/root_ca.crt", root_ca_content, permissions=0o644)) + + http_cert_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=http_cert) + self.files.append(File("/usr/share/elasticsearch/config/certs/elastic_http.crt", http_cert_content, permissions=0o644)) + + http_key_content = crypto.dump_privatekey(type=crypto.FILETYPE_PEM, pkey=http_key) + self.files.append(File("/usr/share/elasticsearch/config/certs/elastic_http.key", http_key_content, permissions=0o644)) + + transport_cert_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=transport_cert) + self.files.append(File("/usr/share/elasticsearch/config/certs/elastic_transport.crt", transport_cert_content, permissions=0o644)) + + transport_key_content = crypto.dump_privatekey(type=crypto.FILETYPE_PEM, pkey=transport_key) + self.files.append(File("/usr/share/elasticsearch/config/certs/elastic_transport.key", transport_key_content, permissions=0o644)) + + features_dir = Path(__file__).resolve().parent.parent + self.host_files.append(HostFile('/usr/share/elasticsearch/config/elasticsearch.yml', os.path.join(features_dir, "resources", "elasticsearch.yml"))) + + self.environment.append("ELASTIC_PASSWORD=password") + + def deploy(self): + return super().deploy('"current.health":"GREEN"') Review Comment: This method requires 1 positional argument, whereas overridden [ElasticBaseContainer.deploy](1) requires 2. ```suggestion def deploy(self, healthcheck='"current.health":"GREEN"'): return super().deploy(healthcheck) ``` ########## extensions/elasticsearch/tests/features/steps/opensearch_container.py: ########## @@ -0,0 +1,51 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import os + +from elastic_base_container import ElasticBaseContainer +from pathlib import Path +from OpenSSL import crypto +from minifi_test_framework.core.ssl_utils import make_server_cert +from minifi_test_framework.containers.file import File +from minifi_test_framework.containers.host_file import HostFile +from minifi_test_framework.core.minifi_test_context import MinifiTestContext + + +class OpensearchContainer(ElasticBaseContainer): + def __init__(self, test_context: MinifiTestContext): + super().__init__(test_context, "opensearchproject/opensearch:2.6.0", f"opensearch-{test_context.scenario_id}") + + admin_pem, admin_key = make_server_cert(self.container_name, test_context.root_ca_cert, test_context.root_ca_key) + + root_ca_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=test_context.root_ca_cert) + self.files.append(File("/usr/share/opensearch/config/root-ca.pem", root_ca_content, permissions=0o644)) + + admin_pem_content = crypto.dump_certificate(type=crypto.FILETYPE_PEM, cert=admin_pem) + self.files.append(File("/usr/share/opensearch/config/admin.pem", admin_pem_content, permissions=0o644)) + + admin_key_content = crypto.dump_privatekey(type=crypto.FILETYPE_PEM, pkey=admin_key) + self.files.append(File("/usr/share/opensearch/config/admin-key.pem", admin_key_content, permissions=0o644)) + + features_dir = Path(__file__).resolve().parent.parent + self.host_files.append(HostFile('/usr/share/opensearch/config/opensearch.yml', os.path.join(features_dir, "resources", "opensearch.yml"))) + + def deploy(self): + return super().deploy('Hot-reloading of audit configuration is enabled') Review Comment: This method requires 1 positional argument, whereas overridden [ElasticBaseContainer.deploy](1) requires 2. ```suggestion def deploy(self, arg1, arg2): return super().deploy(arg1, arg2) ``` ########## extensions/elasticsearch/tests/features/steps/steps.py: ########## @@ -0,0 +1,79 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +from behave import step, given, then + +from minifi_test_framework.steps import checking_steps # noqa: F401 +from minifi_test_framework.steps import configuration_steps # noqa: F401 Review Comment: Import of 'configuration_steps' is not used. ########## extensions/elasticsearch/tests/features/steps/steps.py: ########## @@ -0,0 +1,79 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +from behave import step, given, then + +from minifi_test_framework.steps import checking_steps # noqa: F401 +from minifi_test_framework.steps import configuration_steps # noqa: F401 +from minifi_test_framework.steps import core_steps # noqa: F401 +from minifi_test_framework.steps import flow_building_steps # noqa: F401 Review Comment: Import of 'flow_building_steps' is not used. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
