From ccf54d08fb6873615206412219ae2e5bc24bfcaf Mon Sep 17 00:00:00 2001 From: phact Date: Tue, 7 Oct 2025 15:26:07 -0400 Subject: [PATCH] more verbose --- Makefile | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 203ab17b..9ef0da3d 100644 --- a/Makefile +++ b/Makefile @@ -211,6 +211,10 @@ test-ci: for i in $$(seq 1 60); do \ docker exec openrag-backend curl -s http://localhost:8000/.well-known/openid-configuration >/dev/null 2>&1 && break || sleep 2; \ done; \ + echo "Checking if OpenSearch security config was applied..."; \ + docker exec os ls -la /usr/share/opensearch/setup-security.sh 2>/dev/null || echo "setup-security.sh not found in container"; \ + echo "Checking OpenSearch security config:"; \ + docker exec os curl -k -u admin:$${OPENSEARCH_PASSWORD} https://localhost:9200/_opendistro/_security/api/securityconfig 2>/dev/null | head -50; \ echo "Checking key files..."; \ ls -la keys/; \ echo "Public key hash (host):"; \ @@ -227,8 +231,11 @@ test-ci: JWT_AUTH_READY=false; \ for i in $$(seq 1 60); do \ if curl -k -s https://localhost:9200 -u admin:$${OPENSEARCH_PASSWORD} >/dev/null 2>&1; then \ - if curl -k -s -H "Authorization: Bearer $$TEST_TOKEN" -H "Content-Type: application/json" https://localhost:9200/documents/_search -d '{"query":{"match_all":{}}}' 2>&1 | grep -v "Unauthorized" >/dev/null; then \ - echo "✓ OpenSearch JWT auth working after $$((i*2)) seconds"; \ + RESPONSE=$$(curl -k -s -H "Authorization: Bearer $$TEST_TOKEN" https://localhost:9200/documents/_search -d '{"query":{"match_all":{}}}' 2>&1); \ + echo "Attempt $$i response: $$RESPONSE"; \ + if echo "$$RESPONSE" | grep -v "Unauthorized" >/dev/null; then \ + echo "✓ OpenSearch JWT check passed after $$((i*2)) seconds"; \ + echo "Full response: $$RESPONSE"; \ JWT_AUTH_READY=true; \ break; \ fi; \ @@ -252,6 +259,9 @@ test-ci: echo "------------------------------------------------------------------------"; \ echo ""; \ exit 1; \ + else \ + echo "Dumping OpenSearch logs to verify OIDC is working:"; \ + docker logs os 2>&1 | grep -E "OIDC|openid|JWT|authenticat" | tail -20; \ fi; \ echo "Waiting for Langflow..."; \ for i in $$(seq 1 60); do \