Merge branch 'main' into transform-debug-log

.github/CODEOWNERS

@@ -1 +1 @@
-*   @bowenlan-amzn @getsaurabh02 @lezzago @praveensameneni @xluo-aws @gaobinlong @Hailong-am @amsiglan @sbcd90 @eirsep @AWSHurneyt @jowg-amazon @r1walz @vikasvb90
+*   @bowenlan-amzn @Hailong-am @vikasvb90 @tandonks @shiv0408 @soosinha

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,9 +1,16 @@
-*Issue #, if available:*
+### Description
+[Describe what this change achieves]
 
-*Description of changes:*
+### Related Issues
+Resolves #[Issue number to be closed when this PR is merged]
+<!-- List any other related issues here -->
 
-*CheckList:*
-- [ ] Commits are signed per the DCO using --signoff
+### Check List
+- [ ] New functionality includes testing.
+- [ ] New functionality has been documented.
+- [ ] API changes companion pull request [created](https://github.com/opensearch-project/opensearch-api-specification/blob/main/DEVELOPER_GUIDE.md).
+- [ ] Commits are signed per the DCO using `--signoff`.
+- [ ] Public documentation issue/PR [created](https://github.com/opensearch-project/documentation-website/issues/new/choose).
 
 By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
 For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/index-management/blob/main/CONTRIBUTING.md#developer-certificate-of-origin).

.github/dependabot.yml

@@ -0,0 +1,18 @@
+version: 2
+updates:
+  - package-ecosystem: "gradle"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    commit-message:
+      prefix: "dependabot:"
+    ignore:
+      # For all packages, ignore all major versions to minimize breaking issues
+      - dependency-name: "*"
+        update-types: ["version-update:semver-major"]
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    commit-message:
+      prefix: "dependabot:"

.github/workflows/bwc-test-workflow.yml

@@ -17,7 +17,7 @@ jobs:
         uses: actions/setup-java@v2
         with:
           distribution: temurin # Temurin is a distribution of adoptium
-          java-version: 17
+          java-version: 21
       # index-management
       - name: Checkout Branch
         uses: actions/checkout@v2
@@ -26,8 +26,9 @@ jobs:
           echo "Running backwards compatibility tests..."
           ./gradlew bwcTestSuite
       - name: Upload failed logs
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         if: failure()
         with:
           name: logs
+          overwrite: 'true'
           path: build/testclusters/indexmanagementBwcCluster*/logs/*

.github/workflows/docker-security-test-workflow.yml

@@ -16,7 +16,7 @@ jobs:
         uses: actions/setup-java@v2
         with:
           distribution: temurin # Temurin is a distribution of adoptium
-          java-version: 17
+          java-version: 21
       - name: Checkout Branch
         uses: actions/checkout@v2
       - name: Build Index Management
@@ -84,10 +84,11 @@ jobs:
             echo "Security plugin is NOT available skipping this run as tests without security have already been run"
           fi
       - name: Upload failed logs
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         if: failure()
         with:
           name: logs
+          overwrite: 'true'
           path: build/testclusters/integTest-*/logs/*
       - name: Collect docker logs on failure
         uses: jwalton/gh-docker-logs@v2
@@ -96,8 +97,9 @@ jobs:
       - name: Tar logs
         run: tar cvzf ./logs.tgz ./logs
       - name: Upload logs to GitHub
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         if: failure()
         with:
           name: logs.tgz
+          overwrite: 'true'
           path: ./logs.tgz

.github/workflows/maven-publish.yml

@@ -20,7 +20,7 @@ jobs:
       - uses: actions/setup-java@v3
         with:
           distribution: temurin # Temurin is a distribution of adoptium
-          java-version: 11
+          java-version: 21
       - uses: actions/checkout@v3
       - uses: aws-actions/configure-aws-credentials@v1
         with:
@@ -32,4 +32,5 @@ jobs:
           export SONATYPE_PASSWORD=$(aws secretsmanager get-secret-value --secret-id maven-snapshots-password --query SecretString --output text)
           echo "::add-mask::$SONATYPE_USERNAME"
           echo "::add-mask::$SONATYPE_PASSWORD"
-          ./gradlew publishPluginZipPublicationToSnapshotsRepository
+          ./gradlew publishPluginZipPublicationToSnapshotsRepository
+          ./gradlew publishShadowPublicationToSnapshotsRepository

.github/workflows/multi-node-test-workflow.yml

@@ -33,26 +33,28 @@ jobs:
       # using the same image which is used by opensearch-build team to build the OpenSearch Distribution
       # this image tag is subject to change as more dependencies and updates will arrive over time
       image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
-      # need to switch to root so that github actions can install runner binary on container without permission issues.
-      options: --user root
+      options: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-options }}
 
     steps:
+      - name: Run start commands
+        run: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-command }}
       # This step uses the setup-java Github action: https://github.com/actions/setup-java
       - name: Set Up JDK
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v4
         with:
           distribution: temurin # Temurin is a distribution of adoptium
-          java-version: 17
+          java-version: 21
       # index-management
       - name: Checkout Branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       - name: Run integration tests with multi node config
         run: |
           chown -R 1000:1000 `pwd`
           su `id -un 1000` -c "./gradlew integTest -PnumNodes=3 ${{ env.TEST_FILTER }}"
       - name: Upload failed logs
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         if: failure()
         with:
           name: logs
+          overwrite: 'true'
           path: build/testclusters/integTest-*/logs/*

.github/workflows/security-test-workflow.yml

@@ -22,26 +22,28 @@ jobs:
       # using the same image which is used by opensearch-build team to build the OpenSearch Distribution
       # this image tag is subject to change as more dependencies and updates will arrive over time
       image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
-      # need to switch to root so that github actions can install runner binary on container without permission issues.
-      options: --user root
+      options: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-options }}
 
     steps:
+      - name: Run start commands
+        run: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-command }}
       # This step uses the setup-java Github action: https://github.com/actions/setup-java
       - name: Set Up JDK
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v4
         with:
           distribution: temurin # Temurin is a distribution of adoptium
-          java-version: 17
+          java-version: 21
       # index-management
       - name: Checkout Branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       - name: Run integration tests
         run: | 
           chown -R 1000:1000 `pwd`
-          su `id -un 1000` -c "./gradlew integTest -Dsecurity=true -Dhttps=true --tests '*SecurityBehaviorIT'"
+          su `id -un 1000` -c "./gradlew integTest -Dsecurity=true -Dhttps=true --tests '*IT'"
       - name: Upload failed logs
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         if: failure()
         with:
           name: logs
+          overwrite: 'true'
           path: build/testclusters/integTest-*/logs/*

.github/workflows/test-and-build-workflow.yml

@@ -22,7 +22,7 @@ jobs:
       fail-fast: false
       # This starts three jobs, setting these environment variables uniquely for the different jobs
       matrix:
-        java: [11, 17, 21]
+        java: [21]
         feature: [ism, non-ism]
         include:
           - feature: ism
@@ -34,45 +34,49 @@ jobs:
       # using the same image which is used by opensearch-build team to build the OpenSearch Distribution
       # this image tag is subject to change as more dependencies and updates will arrive over time
       image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
-      # need to switch to root so that github actions can install runner binary on container without permission issues.
-      options: --user root
+      options: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-options }}
 
     steps:
+      - name: Run start commands
+        run: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-command }}
       # This step uses the setup-java Github action: https://github.com/actions/setup-java
       - name: Set Up JDK ${{ matrix.java }}
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v4
         with:
           distribution: temurin # Temurin is a distribution of adoptium
           java-version: ${{ matrix.java }}
       # build index management
       - name: Checkout Branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       # This is a hack, but this step creates a link to the X: mounted drive, which makes the path
       # short enough to work on Windows
       - name: Build with Gradle
         run: |
           chown -R 1000:1000 `pwd`
           su `id -un 1000` -c "./gradlew build ${{ env.TEST_FILTER }}"
       - name: Upload failed logs
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         if: ${{ failure() }}
         with:
-          name: logs
+          name: logs-${{ matrix.java }}-${{ matrix.feature }}
           path: build/testclusters/integTest-*/logs/*
+          overwrite: 'true'
       - name: Create Artifact Path
         run: |
           mkdir -p index-management-artifacts
           cp ./build/distributions/*.zip index-management-artifacts
       - name: Uploads coverage
-        uses: codecov/codecov-action@v1
+        uses: codecov/codecov-action@v4
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
       # This step uses the upload-artifact Github action: https://github.com/actions/upload-artifact
       - name: Upload Artifacts
-        uses: actions/upload-artifact@v1
+        # v4 requires node.js 20 which is not supported
+        uses: actions/upload-artifact@v4
         with:
-          name: index-management-plugin-ubuntu-latest
+          name: index-management-plugin-ubuntu-latest-${{ matrix.java }}
           path: index-management-artifacts
+          overwrite: 'true'
 
   test-and-build-windows-macos:
     env:
@@ -84,7 +88,7 @@ jobs:
       fail-fast: false
       # This starts three jobs, setting these environment variables uniquely for the different jobs
       matrix:
-        java: [11, 17, 21]
+        java: [21]
         os: [windows-latest, macos-latest]
         feature: [ism, non-ism]
         include:
@@ -102,13 +106,13 @@ jobs:
     steps:
       # This step uses the setup-java Github action: https://github.com/actions/setup-java
       - name: Set Up JDK ${{ matrix.java }}
-        uses: actions/setup-java@v2
+        uses: actions/setup-java@v4
         with:
           distribution: temurin # Temurin is a distribution of adoptium
           java-version: ${{ matrix.java }}
       # build index management
       - name: Checkout Branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       # This is a hack, but this step creates a link to the X: mounted drive, which makes the path
       # short enough to work on Windows
       - name: Shorten Path
@@ -125,7 +129,8 @@ jobs:
           cp ./build/distributions/*.zip index-management-artifacts
       # This step uses the upload-artifact Github action: https://github.com/actions/upload-artifact
       - name: Upload Artifacts
-        uses: actions/upload-artifact@v1
+        uses: actions/upload-artifact@v4
         with:
-          name: index-management-plugin-${{ matrix.os }}
+          name: index-management-plugin-${{ matrix.os }}-${{ matrix.java }}
           path: index-management-artifacts
+          overwrite: 'true'

DEVELOPER_GUIDE.md

@@ -1,7 +1,7 @@
 - [Developer Guide](#developer-guide)
     - [Forking and Cloning](#forking-and-cloning)
     - [Install Prerequisites](#install-prerequisites)
-        - [JDK 11](#jdk-11)
+        - [JDK 21](#jdk-21)
     - [Setup](#setup)  
     - [Build](#build)
         - [Building from the command line](#building-from-the-command-line)
@@ -19,17 +19,17 @@ Fork this repository on GitHub, and clone locally with `git clone`.
 
 ### Install Prerequisites
 
-#### JDK 11
+#### JDK 21
 
-OpenSearch components build using Java 11 at a minimum. This means you must have a JDK 11 installed with the environment variable `JAVA_HOME` referencing the path to Java home for your JDK 11 installation, e.g. `JAVA_HOME=/usr/lib/jvm/jdk-11`.
+OpenSearch components build using Java 21 at a minimum. This means you must have a JDK 21 installed with the environment variable `JAVA_HOME` referencing the path to Java home for your JDK 21 installation, e.g. `JAVA_HOME=/usr/lib/jvm/jdk-21`.
 
-Download Java 11 from [here](https://adoptium.net/releases.html?variant=openjdk11).
+Download Java 21 from [here](https://adoptium.net/releases.html?variant=openjdk21).
 
 ## Setup
 
 1. Check out this package from version control.
 2. Launch Intellij IDEA, choose **Import Project**, and select the `settings.gradle` file in the root of this package.
-3. To build from the command line, set `JAVA_HOME` to point to a JDK >= 11 before running `./gradlew`.
+3. To build from the command line, set `JAVA_HOME` to point to a JDK >= 21 before running `./gradlew`.
 - Unix System
     1. `export JAVA_HOME=jdk-install-dir`: Replace `jdk-install-dir` with the JAVA_HOME directory of your system.
     2. `export PATH=$JAVA_HOME/bin:$PATH`

MAINTAINERS.md

@@ -6,17 +6,25 @@ This document contains a list of maintainers in this repo. See [opensearch-proje
 
 | Maintainer            | GitHub ID                                             | Affiliation |
 |-----------------------|-------------------------------------------------------| ----------- |
-| Ashish Agrawal        | [lezzago](https://github.com/lezzago)                 | Amazon      |
+| Vikas Bansal          | [vikasvb90](https://github.com/vikasvb90)             | Amazon      |
 | Bowen Lan             | [bowenlan-amzn](https://github.com/bowenlan-amzn)     | Amazon      |
-| Praveen Sameneni      | [praveensameneni](https://github.com/praveensameneni) | Amazon      |
-| Saurabh Singh         | [getsaurabh02](https://github.com/getsaurabh02/)      | Amazon      |
-| Xuesong Luo           | [xluo-aws](https://github.com/xluo-aws)               | Amazon      |
 | Hailong Cui           | [Hailong-am](https://github.com/Hailong-am)           | Amazon      |
-| Binlong Gao           | [gaobinlong](https://github.com/gaobinlong)           | Amazon      |
+| Kshitij Tandon | [tandonks](https://github.com/tandonks) | Amazon |
+| Shivansh Arora | [shiv0408](https://github.com/shiv0408) | Amazon |
+| Sooraj Sinha | [soosinha](https://github.com/soosinha) | Amazon |
+
+## Emeritus
+
+| Maintainer            | GitHub ID                                             | Affiliation |
+|-----------------------|-------------------------------------------------------| ----------- |
 | Amardeepsingh Siglani | [amsiglan](https://github.com/amsiglan)               | Amazon      |
+| Binlong Gao           | [gaobinlong](https://github.com/gaobinlong)           | Amazon      |
+| Ashish Agrawal        | [lezzago](https://github.com/lezzago)                 | Amazon      |
+| Joanne Wang           | [jowg-amazon](https://github.com/jowg-amazon)         | Amazon      |
+| Praveen Sameneni      | [praveensameneni](https://github.com/praveensameneni) | Amazon      |
+| Saurabh Singh         | [getsaurabh02](https://github.com/getsaurabh02/)      | Amazon      |
 | Subhobrata Dey        | [sbcd90](https://github.com/sbcd90)                   | Amazon      |
 | Surya Sashank Nistala | [eirsep](https://github.com/eirsep)                   | Amazon      |
 | Thomas Hurney         | [AWSHurneyt](https://github.com/AWSHurneyt)           | Amazon      |
-| Joanne Wang           | [jowg-amazon](https://github.com/jowg-amazon)         | Amazon      |
-| Rohit Ashiwal         | [r1walz](https://github.com/r1walz)                   | Amazon      |
-| Vikas Bansal          | [vikasvb90](https://github.com/vikasvb90)             | Amazon      |
+| Xuesong Luo           | [xluo-aws](https://github.com/xluo-aws)               | Amazon      |
+| Rohit Ashiwal         | [r1walz](https://github.com/r1walz)                   | Independent |

README.md

@@ -67,7 +67,7 @@ This project has adopted the [Amazon Open Source Code of Conduct](CODE_OF_CONDUC
 
 ## Security
 
-If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public GitHub issue.
+If you discover a potential security issue in this project we ask that you notify OpenSearch Security directly via email to security@opensearch.org. Please do **not** create a public GitHub issue.
 
 ## License
 

SECURITY.md

@@ -1,3 +1,3 @@
 ## Reporting a Vulnerability
 
-If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to aws-security@amazon.com. Please do **not** create a public GitHub issue. 
+If you discover a potential security issue in this project we ask that you notify OpenSearch Security directly via email to security@opensearch.org. Please do **not** create a public GitHub issue.