Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport 2.13] Make GetTermVersionAction internal #12874

Merged
merged 1 commit into from
Mar 22, 2024
Merged

[Backport 2.13] Make GetTermVersionAction internal #12874

merged 1 commit into from
Mar 22, 2024

Conversation

peternied
Copy link
Member

Description

GetTermVersion action has been added to check if cluster state needs to be updated as a performance improvement on all cluster state checks. The Authorization systems in the Security Plugin check all actions that do not start with internal: for permissions causing users without cluster:monitor/* permissions to start getting 403 exceptions.

This change signals that this action does not require an authorization check by any security systems since it cannot be called via REST APIs.

Related Issues

Check List

  • New functionality includes testing.
    • All tests pass
  • New functionality has been documented.
    • New functionality has javadoc added
  • Failing checks are inspected and point to the corresponding known issue(s) (See: Troubleshooting Failing Builds)
  • Commits are signed per the DCO using --signoff
  • Commit changes are listed out in CHANGELOG.md file (See: Changelog)
  • Public documentation issue/PR created

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@peternied
[Backport 2.13] Make GetTermVersionAction internal
a9894f2 
GetTermVersion action has been added to check if cluster state needs to
be updated as a performance improvement on all cluster state checks.
The Authorization systems in the Security Plugin check all actions that
do not start with `internal:` for permissions causing users without
`cluster:monitor/*` permissions to start getting 403 exceptions.

This change signals that this action does not require an authorization
check by any security systems since it cannot be called via REST APIs.

Signed-off-by: Peter Nied <[email protected]>
@peternied peternied added backport PRs or issues specific to backporting features or enhancments skip-changelog labels Mar 22, 2024
@github-actions GitHub Actions
Copy link
Contributor

Compatibility status:

Checks if related components are compatible with change a9894f2

Incompatible components

Skipped components

Compatible components

Compatible components: [https://github.com/opensearch-project/custom-codecs.git, https://github.com/opensearch-project/flow-framework.git, https://github.com/opensearch-project/neural-search.git, https://github.com/opensearch-project/job-scheduler.git, https://github.com/opensearch-project/cross-cluster-replication.git, https://github.com/opensearch-project/observability.git, https://github.com/opensearch-project/security-analytics.git, https://github.com/opensearch-project/k-nn.git, https://github.com/opensearch-project/geospatial.git, https://github.com/opensearch-project/notifications.git, https://github.com/opensearch-project/asynchronous-search.git, https://github.com/opensearch-project/sql.git, https://github.com/opensearch-project/ml-commons.git, https://github.com/opensearch-project/reporting.git, https://github.com/opensearch-project/common-utils.git, https://github.com/opensearch-project/performance-analyzer-rca.git, https://github.com/opensearch-project/index-management.git, https://github.com/opensearch-project/anomaly-detection.git, https://github.com/opensearch-project/security.git, https://github.com/opensearch-project/alerting.git, https://github.com/opensearch-project/performance-analyzer.git]

@github-actions GitHub Actions
Copy link
Contributor

✅ Gradle check result for a9894f2: SUCCESS

@peternied peternied merged commit 1157e67 into opensearch-project:2.13 Mar 22, 2024
56 of 81 checks passed
@peternied peternied deleted the term-action-name-2.13 branch March 22, 2024 20:10
@peternied peternied added the backport 2.x Backport to 2.x branch label Mar 22, 2024
opensearch-trigger-bot bot pushed a commit that referenced this pull request Mar 22, 2024
@github-actions
[Backport 2.13] Make GetTermVersionAction internal (#12874)
abd8903 
GetTermVersion action has been added to check if cluster state needs to
be updated as a performance improvement on all cluster state checks.
The Authorization systems in the Security Plugin check all actions that
do not start with `internal:` for permissions causing users without
`cluster:monitor/*` permissions to start getting 403 exceptions.

This change signals that this action does not require an authorization
check by any security systems since it cannot be called via REST APIs.

Signed-off-by: Peter Nied <[email protected]>
(cherry picked from commit 1157e67)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Mar 22, 2024
Merged
reta pushed a commit that referenced this pull request Mar 22, 2024
@opensearch-trigger-bot @github-actions
[Backport 2.13] Make GetTermVersionAction internal (#12874) (#12878)
24e25b7 
GetTermVersion action has been added to check if cluster state needs to
be updated as a performance improvement on all cluster state checks.
The Authorization systems in the Security Plugin check all actions that
do not start with `internal:` for permissions causing users without
`cluster:monitor/*` permissions to start getting 403 exceptions.

This change signals that this action does not require an authorization
check by any security systems since it cannot be called via REST APIs.


(cherry picked from commit 1157e67)

Signed-off-by: Peter Nied <[email protected]>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reta reta reta approved these changes

@abbashus abbashus Awaiting requested review from abbashus

@adnapibar adnapibar Awaiting requested review from adnapibar

@anasalkouz anasalkouz Awaiting requested review from anasalkouz anasalkouz is a code owner

@andrross andrross Awaiting requested review from andrross andrross is a code owner

@Bukhtawar Bukhtawar Awaiting requested review from Bukhtawar Bukhtawar is a code owner

@CEHENKLE CEHENKLE Awaiting requested review from CEHENKLE CEHENKLE is a code owner

@dblock dblock Awaiting requested review from dblock dblock is a code owner

@dbwiddis dbwiddis Awaiting requested review from dbwiddis dbwiddis is a code owner

@dreamer-89 dreamer-89 Awaiting requested review from dreamer-89 dreamer-89 is a code owner

@gbbafna gbbafna Awaiting requested review from gbbafna gbbafna is a code owner

@kotwanikunal kotwanikunal Awaiting requested review from kotwanikunal kotwanikunal is a code owner

@mch2 mch2 Awaiting requested review from mch2 mch2 is a code owner

@msfroh msfroh Awaiting requested review from msfroh msfroh is a code owner

@nknize nknize Awaiting requested review from nknize nknize is a code owner

@owaiskazi19 owaiskazi19 Awaiting requested review from owaiskazi19 owaiskazi19 is a code owner

@Rishikesh1159 Rishikesh1159 Awaiting requested review from Rishikesh1159 Rishikesh1159 is a code owner

@ryanbogan ryanbogan Awaiting requested review from ryanbogan

@sachinpkale sachinpkale Awaiting requested review from sachinpkale sachinpkale is a code owner

@saratvemulapalli saratvemulapalli Awaiting requested review from saratvemulapalli saratvemulapalli is a code owner

@shwetathareja shwetathareja Awaiting requested review from shwetathareja shwetathareja is a code owner

@sohami sohami Awaiting requested review from sohami sohami is a code owner

@tlfeng tlfeng Awaiting requested review from tlfeng tlfeng is a code owner

@VachaShah VachaShah Awaiting requested review from VachaShah VachaShah is a code owner

Assignees
No one assigned
Labels
backport PRs or issues specific to backporting features or enhancments backport 2.x Backport to 2.x branch skip-changelog
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@peternied @reta