Enhance robustness of InternalOpenSearchSink tests through scenario-driven coverage, refactoring, and regression prevention#6146
Conversation
…Sink Signed-off-by: Pietro Paolo Castagna <PietroPaolo.Castagna@gmail.com>
PR Reviewer Guide 🔍(Review updated until commit 07b2132)Here are some key observations to aid the review process:
|
PR Code Suggestions ✨Latest suggestions up to 07b2132 Explore these optional code suggestions:
Previous suggestionsSuggestions up to commit 20b49f8
Suggestions up to commit 09c4343
Suggestions up to commit f34cc61
Suggestions up to commit b0ed4d2
Suggestions up to commit f345baf
|
…riven coverage, refactoring, and regression prevention: - Add InternalOpenSearchSinkIntegrationTestConcreteIndex: covers the index creation path with a plain concrete date-based index (no alias) - Extract shared tests into AbstractInternalOpenSearchSinkIntegrationTest using Template Method pattern: testPersistsAuditEventsToTarget and testAuditDocumentContainsMandatoryFields now run against both concrete-index and alias variants without duplication - Refactor InternalOpenSearchSinkIntegrationTestAuditAlias: now extends the abstract base, removing 3 duplicate methods (countAuditDocs, generateAuditEvent, testAuditDocumentsViaAliasContainMandatoryFields); retains only the specialized test testRecognizesAuditTargetAsWriteAlias - Add InternalOpenSearchSinkTest unit tests: covers race condition (ResourceAlreadyExistsException), generic cluster failures, and acknowledged=false scenarios that cannot be tested reliably on single-node embedded cluster - Fix resource leak in testCreatesAuditIndexAutomatically Closes opensearch-project#6145 Signed-off-by: Pietro Paolo Castagna <PietroPaolo.Castagna@gmail.com>
e23204b to
f345baf
Compare
|
Persistent review updated to latest commit f345baf |
Signed-off-by: Pietro Paolo Castagna <PietroPaolo.Castagna@gmail.com>
|
Persistent review updated to latest commit b0ed4d2 |
| * <li>{@link InternalOpenSearchSinkIntegrationTestAuditAlias}</li> | ||
| * </ul> | ||
| */ | ||
| @RunWith(MockitoJUnitRunner.class) |
There was a problem hiding this comment.
Can we extend LuceneTestCase instead of using MockitoJUnitRunner here? I've recently been trying to make this repo adhere with the testingConventions check from OpenSearch core. See https://github.com/opensearch-project/security/pull/6205/changes for some examples on how to adapt it.
There was a problem hiding this comment.
Thanks for sharing this. I’ve looked into it and read a bit about LuceneTestCase.
I’ve made the changes accordingly, hope everything looks good now.
Thanks a lot @cwperks !
…oject testing conventions
|
Persistent review updated to latest commit f34cc61 |
|
Persistent review updated to latest commit 09c4343 |
DarshitChanpura
left a comment
There was a problem hiding this comment.
@pCastq Changes look good overall. Left a couple of comments.
For code-hygiene, could you run:
$ ./gradlew spotlessApply
$ ./gradlew checkstyleIntegrationTest -- ensure this passes locally
| import static java.util.concurrent.TimeUnit.MILLISECONDS; | ||
| import static java.util.concurrent.TimeUnit.SECONDS; | ||
| import static org.hamcrest.MatcherAssert.assertThat; | ||
| import static org.hamcrest.Matchers.*; |
There was a problem hiding this comment.
- imports will fail checkStyle scans. Please expand it to individual imports.
| try (Client client = cluster().getInternalNodeClient()) { | ||
| long before = countAuditDocs(client); | ||
|
|
||
| generateAuditEvent("_cluster/health"); |
There was a problem hiding this comment.
can we add couple more events and test with "atleast" convention here.
|
Persistent review updated to latest commit 20b49f8 |
20b49f8 to
07b2132
Compare
|
Persistent review updated to latest commit 07b2132 |
Summary
Adds integration and unit tests covering previously untested branches in
InternalOpenSearchSink,and refactors test classes to eliminate duplication using the Template Method pattern.
This improves overall robustness and helps prevent regressions.
Problem & Solution
Existing State
The codebase contains
InternalOpenSearchSinkIntegrationTestAuditAlias, an integration testthat covers the
metadata.hasAlias() == truebranch with a real cluster configured with a write alias.Coverage Gap
The complementary path—where the sink must create a concrete index with automatic date-based naming—
was not tested. Additionally, cluster-level failure scenarios (race conditions, acknowledged=false,
generic exceptions) could not be reliably reproduced on a single-node embedded cluster.
Solution
Three coordinated changes eliminate duplication and complete coverage:
New integration test:
InternalOpenSearchSinkIntegrationTestConcreteIndexexercises index creation on a plain cluster without aliases, covering the default path where
indices follow the
security-auditlog-YYYY.MM.ddpattern.Extract commonality:
AbstractInternalOpenSearchSinkIntegrationTestholds the shared test methods (
testPersistsAuditEventsToTarget,testAuditDocumentContainsMandatoryFields)that are valid regardless of cluster configuration. Both concrete-index and alias variants
inherit and reuse these tests through method overrides (
cluster(),auditTarget()),eliminating 68 lines of duplicate code.
Unit test hard-to-reproduce scenarios:
InternalOpenSearchSinkTestuses Mockito to cover branches that cannot be reliably triggered on an embedded cluster:
ResourceAlreadyExistsExceptionmust be treated as successChanges
New Test Classes
InternalOpenSearchSinkIntegrationTestConcreteIndex:
covers the index creation path with a plain, unaliased cluster; verifies that indices
are created with the default date-based pattern (security-auditlog-YYYY.MM.dd)
InternalOpenSearchSinkTest:
unit tests with Mockito covering non-reproducible cluster scenarios:
race conditions (ResourceAlreadyExistsException), generic cluster failures,
and unacknowledged responses
Refactored Test Classes
AbstractInternalOpenSearchSinkIntegrationTest:
extracted shared integration tests that work against both concrete-index and alias variants;
subclasses override
cluster()andauditTarget()to inject their configuration.Eliminates duplication; each variant now contributes only its specialized behavior.
InternalOpenSearchSinkIntegrationTestAuditAlias:
refactored to extend the abstract base; removed 3 duplicate methods
(countAuditDocs, generateAuditEvent, testAuditDocumentsViaAliasContainMandatoryFields);
now focuses solely on its unique test:
testRecognizesAuditTargetAsWriteAliasTesting
All existing tests continue to pass. New tests provide complete branch coverage
for
InternalOpenSearchSink.createIndexIfAbsent().Issues Resolved
Closes #6145
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.