Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RELEASE] Release version 1.2.4 #1417

Closed
38 tasks done
github-actions bot opened this issue Dec 29, 2021 · 19 comments
Closed
38 tasks done

[RELEASE] Release version 1.2.4 #1417

github-actions bot opened this issue Dec 29, 2021 · 19 comments
Assignees
@abhinavGupta16 @peterzhuamazon
Labels
release v1.2.4

Comments

@github-actions
Copy link
Contributor

github-actions bot commented Dec 29, 2021
edited by abhinavGupta16
Loading

Release OpenSearch 1.2.4

We have incremented the versions on 1.2 branches to 1.2.4 right after the 1.2.3 release to save time in the event we need a 1.2.4 release. We'll continue doing so after every release. At the time of writing this main = OpenSearch 2.0, 1.x = 1.3.0, 1.2 = 1.2.4. Plugins usually have main = 1.3.0 and 1.2 = 1.2.4.

Scope of the release

We are planning to release OpenSearch 1.2.4 on January 18 2022. The release will include the below CVE fixes.

CVE List

Repos CVE Id CVE Severity
alerting CVE-2021-41269 🔴 High
anomaly-detection WS-2021-0419 🔴 High
reports-scheduler WS-2021-0419 🔴 High
index-management
job-scheduler CVE-2021-41269 🔴 High
k-NN
sql CVE-2021-44832, WS-2021-0419 🔴 High
opensearch-observability WS-2021-0419 🔴 High
asynchronous-search
cross-cluster-replication CVE-2021-44832 🟡 Medium
performance-analyzer CVE-2021-44832
performance-analyzer-rca CVE-2021-44832
security CVE-2021-44832 🟡 Medium
opensearch CVE-2021-44832, CVE-2021-43797, CVE-2020-15522 🟡 Medium
common-utils
opensearch-java

Preparation

  • Assign this issue to a release owner.
  • Document any new quality requirements or changes.
  • Create a version label in each component repo for this, and the next minor release.
    ghi label 'v1.2.4' -c '#0052cc'
  • Confirm that OpenSearch-Dashboards does not need an updated manifest

Development Completion Date Jan 14th

  • Run Integration Tests

Issue tracking

State Total Bug Enhancement
Open 2 1 0
Closed 25 5 1

Release Completion Date Jan 18th

Post Release
@github-actions github-actions bot added release untriaged Issues that have not yet been triaged v{{ env.VERSION }} labels Dec 29, 2021
This was referenced Dec 29, 2021
Merged
Merged
Closed
Closed
Closed
Merged
Merged
Closed
Merged
Merged
Merged
Merged
Merged
Closed
Closed
Closed
Merged
Merged
Closed
Merged
@gaiksaya gaiksaya removed the untriaged Issues that have not yet been triaged label Jan 3, 2022
@peternied peternied pinned this issue Jan 5, 2022
@dblock dblock mentioned this issue Jan 11, 2022
Merged
1 task
@abhinavGupta16
Copy link
Contributor

abhinavGupta16 commented Jan 12, 2022
edited
Loading

outdated

OpenSearch 1.2.4 Release issue - Release candidate testing instructions

  • Use Docker-Compose to setup a cluster
    • Download this gist as docker-compose.yml on your machine
    • Get latest image versions docker-compose pull
    • Start the cluster docker-compose up
  • OpenSearch docker
    • Start without security
      • Docker command docker pull opensearchstaging/opensearch:1.2.4 && docker run -it -p 9200:9200 -e "discovery.type=single-node" -e "DISABLE_SECURITY_PLUGIN=true" opensearchstaging/opensearch:1.2.4
      • Connect command curl https://localhost:9200
    • Start with security
      • Docker command docker pull opensearchstaging/opensearch:1.2.4 && docker run -it -p 9200:9200 -e "discovery.type=single-node" opensearchstaging/opensearch:1.2.4
      • Connect command curl --insecure https://admin:admin@localhost:9200
  • Use TARs to deploy OpenSearch Manually

As for dashboards, you can just use the 1.2.0 version of it as we do not have any changes.

From Docker Release

@davidlago
Copy link

Created #1454 , please tag with 1.2.4 as it is blocking the release

@peterzhuamazon
Copy link
Member

Created #1454 , please tag with 1.2.4 as it is blocking the release

Fixed.

@abhinavGupta16
Copy link
Contributor

abhinavGupta16 commented Jan 13, 2022
edited
Loading

Created opensearch-project/anomaly-detection#359 with anamoly-detection for build failure due missing apache lib. This is blocking the release.

@amitgalitz
Copy link
Member

Just an FYI if other plugins are wondering no changes need to be made on any dashboard plugins for 1.2.4

@amitgalitz
Copy link
Member

Created opensearch-project/anomaly-detection#359 with anamoly-detection for build failure due missing apache lib. This is blocking the release.

Fixed

@abhinavGupta16
Copy link
Contributor

abhinavGupta16 commented Jan 13, 2022
edited
Loading

Outdated

We have new Artifacts built and ready for testing -

OpenSearch 1.2.4 Release issue - Release candidate testing instructions

  • Use Docker-Compose to setup a cluster
    • Download this gist as docker-compose.yml on your machine
    • Get latest image versions docker-compose pull
    • Start the cluster docker-compose up
  • OpenSearch docker
    • Start without security
      • Docker command docker pull opensearchstaging/opensearch:1.2.4 && docker run -it -p 9200:9200 -e "discovery.type=single-node" -e "DISABLE_SECURITY_PLUGIN=true" opensearchstaging/opensearch:1.2.4
      • Connect command curl https://localhost:9200
    • Start with security
      • Docker command docker pull opensearchstaging/opensearch:1.2.4 && docker run -it -p 9200:9200 -e "discovery.type=single-node" opensearchstaging/opensearch:1.2.4
      • Connect command curl --insecure https://admin:admin@localhost:9200
  • Use TARs to deploy OpenSearch Manually (Updated 01/13/2022 15:47 PST)

As for dashboards, you can just use the 1.2.0 version of it as we do not have any changes.

From Docker Release

@abhinavGupta16
Copy link
Contributor

abhinavGupta16 commented Jan 14, 2022
edited by gaiksaya
Loading

Seeing issues in current built tarball and docker with the following error:

java.lang.NoClassDefFoundError: org/apache/commons/lang3/tuple/Pair
	at org.opensearch.ad.rest.RestSearchAnomalyDetectorAction.<init>(RestSearchAnomalyDetectorAction.java:35)
	at org.opensearch.ad.AnomalyDetectorPlugin.getRestHandlers(AnomalyDetectorPlugin.java:282)

Created #1477, since this is blocking the release.

@abhinavGupta16
Copy link
Contributor

Seeing issues in current built tarball and docker with the following error:

java.lang.NoClassDefFoundError: org/apache/commons/lang3/tuple/Pair
	at org.opensearch.ad.rest.RestSearchAnomalyDetectorAction.<init>(RestSearchAnomalyDetectorAction.java:35)
	at org.opensearch.ad.AnomalyDetectorPlugin.getRestHandlers(AnomalyDetectorPlugin.java:282)

Created #1477, since this is blocking the release.

This issue is fixed.

@abhinavGupta16
Copy link
Contributor

Latest Artifacts

OpenSearch 1.2.4 Release issue - Release candidate testing instructions

  • Use Docker-Compose to setup a cluster
    • Download this gist as docker-compose.yml on your machine
    • Get latest image versions docker-compose pull
    • Start the cluster docker-compose up
  • OpenSearch docker
    • Start without security
      • Docker command docker pull opensearchstaging/opensearch:1.2.4 && docker run -it -p 9200:9200 -e "discovery.type=single-node" -e "DISABLE_SECURITY_PLUGIN=true" opensearchstaging/opensearch:1.2.4
      • Connect command curl https://localhost:9200
    • Start with security
      • Docker command docker pull opensearchstaging/opensearch:1.2.4 && docker run -it -p 9200:9200 -e "discovery.type=single-node" opensearchstaging/opensearch:1.2.4
      • Connect command curl --insecure https://admin:admin@localhost:9200
  • Use TARs to deploy OpenSearch Manually (Updated 2022/01/13 20:11 PST)

As for dashboards, you can just use the 1.2.0 version of it as we do not have any changes.

From Docker Release

@peterzhuamazon
Copy link
Member

Maven Release:
Screen Shot 2022-01-18 at 12 48 46 PM

@peterzhuamazon
Copy link
Member

Maven released now will appear in this url:
https://repo1.maven.org/maven2/org/opensearch/opensearch/1.2.4/

@peterzhuamazon
Copy link
Member

Docker Release:
https://hub.docker.com/r/opensearchproject/opensearch/tags?page=1&ordering=last_updated&name=1.2.4

@peterzhuamazon
Copy link
Member

Docker arm64 test:


[ec2-user@ip-172-31-24-166 ~]$ curl https://localhost:9200 -u admin:admin -k
{
  "name" : "opensearch-node1",
  "cluster_name" : "opensearch-cluster",
  "cluster_uuid" : "teJylxlBQVKqXt_doKdSxQ",
  "version" : {
    "distribution" : "opensearch",
    "number" : "1.2.4",
    "build_type" : "tar",
    "build_hash" : "e505b10357c03ae8d26d675172402f2f2144ef0f",
    "build_date" : "2022-01-14T03:37:51.375300Z",
    "build_snapshot" : false,
    "lucene_version" : "8.10.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "The OpenSearch Project: https://opensearch.org/"
}

@peterzhuamazon
Copy link
Member

Test native plugins:

arm64:


[ec2-user@ip-172-31-24-166 bin]$ ./opensearch-plugin install repository-azure
-> Installing repository-azure
-> Downloading repository-azure from opensearch
[=================================================] 100%
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@     WARNING: plugin requires additional permissions     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
* java.lang.RuntimePermission accessDeclaredMembers
* java.lang.RuntimePermission setContextClassLoader
* java.lang.RuntimePermission setFactory
* java.lang.reflect.ReflectPermission suppressAccessChecks
* java.net.NetPermission getProxySelector
* java.net.SocketPermission * connect,resolve
See http://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.html
for descriptions of what these permissions allow and the associated risks.

Continue with installation? [y/N]y
-> Installed repository-azure with folder name repository-azure

x64:


$ ./opensearch-plugin install repository-s3
-> Installing repository-s3
-> Downloading repository-s3 from opensearch
[=================================================] 100%
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@     WARNING: plugin requires additional permissions     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
* java.lang.RuntimePermission accessDeclaredMembers
* java.lang.RuntimePermission getClassLoader
* java.lang.reflect.ReflectPermission suppressAccessChecks
* java.net.SocketPermission * connect,resolve
* java.util.PropertyPermission opensearch.allow_insecure_settings read,write
See http://docs.oracle.com/javase/8/docs/technotes/guides/security/permissions.html
for descriptions of what these permissions allow and the associated risks.

Continue with installation? [y/N]y
-> Installed repository-s3 with folder name repository-s3

@peterzhuamazon peterzhuamazon mentioned this issue Jan 18, 2022
Merged
1 task
@julian-alarcon
Copy link

This needs an update too https://opensearch.org/docs/latest/version-history/

@peterzhuamazon peterzhuamazon self-assigned this Jan 18, 2022
@bbarani
Copy link
Member

bbarani commented Jan 24, 2022

@julian-alarcon We have updated the documentation page now. Please take a look at it and let us know if you have any other questions.

@julian-alarcon
Copy link

LGTM!

@abhinavGupta16
Copy link
Contributor

Release is complete.

@gaiksaya gaiksaya unpinned this issue Jan 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@abhinavGupta16 abhinavGupta16

@peterzhuamazon peterzhuamazon

Labels
release v1.2.4
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@dblock @davidlago @abhinavGupta16 @julian-alarcon @gaiksaya @peterzhuamazon @amitgalitz @bbarani