Getting started modifying Dashboards security plugin

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
Dashboards 2.16 with the security plugin installed in the plugins folder

Describe the issue:
I’m new to the React framework and trying to get started contributing to OpenSearch Dashboards. I have the Dashboards and security plugin repos cloned, and OpenSearch and Dashboards running fine. Now I make a change that results in an error, but I can’t see what it is. I just get this error in the browser (and none in the OSD logs):

Error: Minified React error #301; visit https://reactjs.org/docs/error-decoder.html?invariant=301 for the full message or use the non-minified dev environment for full errors and additional helpful warnings.

That link takes me to a page that says the error means this:

Too many re-renders. React limits the number of renders to prevent an infinite loop.

What is the “non-minified dev environment” and how do I use it? Or is there something else I should enable for a better debugging experience?

Hey @merlinz01 , what steps are you using to setup and start OpenSearch Dashboards?

This video about dev setup for security-dashboards-plugin may help: https://www.youtube.com/watch?v=MiUKp5apRpE

Here’s basically what I did so far:

git clone https://github.com/opensearch-project/Opensearch-Dashboards
cd Opensearch-Dashboards
git checkout 2.16
nvm use
npm i -g corepack
corepack install
yarn osd bootstrap
yarn opensearch snapshot --download-only
cd .opensearch/2.16.0
bin/opensearch-plugin install org.opensearch.plugin:opensearch-security:2.16.0.0
chmod +x plugins/opensearch-security/tools/install_demo_configuration.sh
OPENSEARCH_INITIAL_ADMIN_PASSWORD="xxxxx" plugins/opensearch-security/tools/install_demo_configuration.sh
nano config/opensearch-security/config.yml
bin/opensearch

# New terminal in repo dir
cd .opensearch/2.16.0
chmod +x plugins/opensearch-security/tools/securityadmin.sh
plugins/opensearch-security/tools/securityadmin.sh -cd config/opensearch-security -icl -key config/kirk-key.pem -cert config/kirk.pem -cacert config/root-ca.pem -nhnv
cd ../..
step certificate create localhost config/cert.pem config/key.pem --profile self-signed --subtle --no-password --insecure
cat >> config/opensearch_dashboards.yml << EOF
# Demo config
server.host: "localhost"
opensearch.hosts: ["https://localhost:9200"]
opensearch.ssl.verificationMode: none
opensearch.username: "kibanaserver"
opensearch.password: "kibanaserver"
opensearch.requestHeadersWhitelist: [ authorization, securitytenant ]
opensearch_security.multitenancy.enabled: true
opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"]
opensearch_security.readonly_mode.roles: ["kibana_read_only"]
opensearch_security.cookie.secure: true
server.ssl.enabled: true
server.ssl.certificate: config/cert.pem
server.ssl.key: config/key.pem
EOF
git clone https://github.com/opensearch-project/security-dashboards-plugin plugins/security-dashboards-plugin
cd plugins/security-dashboards-plugin
nvm use
yarn install
yarn build
cd ../..
yarn osd bootstrap
yarn start --no-base-path

Which gave me a working Opensearch+Dashboards setup.

Now I’ve made a change in the security Dashboards plugin and am trying to debug my change, but all I find is opaque error IDs and minified sources.

Can you share a patchfile with the change or raise a Draft PR?

Thanks for raising a draft! What are the settings you are running with in openseach_dashboards.yml? Are you only enabling JWT, or are you enabling other auth types as well?

There may be an issue with multi-auth and auth types like proxy or JWT which do not require the log in screen. Can you try configuring basic auth in addition to JWT?

I have basic auth configured in addition to JWT. I’m trying to implement the possibility of having those two configured together. What I need most is info on how to improve the debugging experience so that I can continue with development, since all I’m seeing is opaque errors.

Here’s my dashboards config:

server.host: "localhost"
opensearch.hosts: ["https://localhost:9200"]
opensearch.ssl.verificationMode: none
opensearch.username: "kibanaserver"
opensearch.password: "kibanaserver"
opensearch.requestHeadersWhitelist: [ authorization, securitytenant ]
opensearch_security.multitenancy.enabled: true
opensearch_security.multitenancy.tenants.preferred: ["Private", "Global"]
opensearch_security.readonly_mode.roles: ["kibana_read_only"]
opensearch_security.cookie.secure: true
server.ssl.enabled: true
server.ssl.certificate: config/cert.pem
server.ssl.key: config/key.pem
opensearch_security.auth.multiple_auth_enabled: true
opensearch_security.jwt.url_param: "auth_token"
opensearch_security.auth.type: ["basicauth", "jwt"]

After I make the changes, I get a blank page, and these errors:

image897×758 125 KB

@merlinz01 I think you are going to need a block similar to this one for Proxy: Add Proxy Auth to Multi Auth Options by stephen-crawford · Pull Request #2076 · opensearch-project/security-dashboards-plugin · GitHub

OK, I’m not sure what I did that changed it, but now I have sourcemaps and better error information.

I think I had better switch to the main branch instead of 2.16 for best results. I had installed the (not Dashboards) security plugin in Opensearch from maven central, but trying to install version 3.0.0.0 that way doesn’t work. How do I install the latest version of the security plugin in the Opensearch snapshot?

You can find the snapshots here: Index of /repositories/snapshots/org/opensearch/plugin/opensearch-security

Thanks @cwperks!

I switched to the main branch on both repos, and now I’m getting this error when I run yarn osd bootstrap:

husky - Git hooks installed

ERROR [single_version_dependencies] Multiple version ranges for the same dependency
      were found declared across different package.json files. Please consolidate
      those to match across all package.json files. Different versions for the
      same dependency is not supported.

      If you have questions about this please reach out to the operations team.

      The conflicting dependencies are:

        cypress
          9.5.4 => opensearch-dashboards
          ^13.6.0 => opensearch-security-dashboards
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

Also this error when running yarn build in the plugin repo:

 info deleting the build and target directories
 info running @osd/optimizer
 │ERROR UNHANDLED ERROR
 │ERROR Error: Function yaml.safeLoad is removed in js-yaml 4. Use yaml.load instead, which is now safe by default.
 │          at Object.safeLoad (/home/merlin/Projects/Opensearch-Dashboards/node_modules/js-yaml/index.js:10:11)
 │          at readLimits (/home/merlin/Projects/Opensearch-Dashboards/packages/osd-optimizer/src/limits.ts:54:23)
 │          at Function.create (/home/merlin/Projects/Opensearch-Dashboards/packages/osd-optimizer/src/optimizer/optimizer_config.ts:262:17)
 │          at Object.optimize (/home/merlin/Projects/Opensearch-Dashboards/packages/osd-plugin-helpers/src/tasks/optimize.ts:51:34)
 │          at Object.run (/home/merlin/Projects/Opensearch-Dashboards/packages/osd-plugin-helpers/src/cli.ts:114:21)
 │          at /home/merlin/Projects/Opensearch-Dashboards/packages/osd-dev-utils/target/run/run_with_commands.js:112:17
 │          at Object.withProcRunner (/home/merlin/Projects/Opensearch-Dashboards/packages/osd-dev-utils/target/proc_runner/with_proc_runner.js:45:9)
 │          at RunWithCommands.execute (/home/merlin/Projects/Opensearch-Dashboards/packages/osd-dev-utils/target/run/run_with_commands.js:101:13)
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

Use yarn osd bootstrap --single-version=loose