SRCH-6424 Create the LegacyOpensearch search engine#1983
Merged
YaritzaGarcia merged 6 commits intomainfrom Mar 10, 2026
Merged
Conversation
- Add LEGACY_OPENSEARCH_INDEX - Add engine
YaritzaGarcia
changed the title
Contributor
luisgmetzger
left a comment
luisgmetzger
left a comment
There was a problem hiding this comment.
Hey Yaritza, nice work on this -- the structure follows the existing OpenSearch::Engine pattern well which makes it easy to follow. A few things I noticed:
Bug -- VALID_SEARCH_ENGINES value is off by an underscore
In app/jobs/bulk_affiliate_search_engine_update_job.rb, the new entry is legacyopensearch, but the actual enum key is legacy_opensearch (with an underscore between "legacy" and "opensearch"). This is because of the inflect.acronym 'OpenSearch' rule in config/initializers/inflections.rb -- "LegacyOpenSearch".underscore gives "legacy_opensearch", not "legacyopensearch". The existing opensearch entry is fine since "OpenSearch".underscore happens to be just "opensearch".
Should be:
VALID_SEARCH_ENGINES = %w[bing_v7 search_gov search_elastic opensearch legacy_opensearch].freezeOtherwise bulk CSV engine updates targeting LegacyOpenSearch would fail validation silently.
Bug -- .env.test index name has wrong prefix
Line 18 in .env.test:
LEGACY_OPENSEARCH_INDEX=development-i14y-documents-searchgov-legacy
This is the test env file but the index name starts with development-. For reference, the existing SEARCHELASTIC_INDEX in .env.test uses test-i14y-documents-searchgov. Should probably be test-i14y-documents-searchgov-legacy.
Minor stuff
-
Both
app/models/legacy_opensearch/engine.rbandapp/models/legacy_opensearch/api_engine.rbare missing the# frozen_string_literal: truepragma and the trailing newline at end of file. Every other file in the repo has both. -
In
spec/models/legacy_opensearch/engine_spec.rb, thesearch_resultsdouble is set up with named methods viadouble('results', results: ..., total: ...)and then immediately re-allowed withallow(results).to receive(:results), etc. The second layer is redundant -- the double already responds to those methods from the constructor args.
Looks good overall, just the VALID_SEARCH_ENGINES typo and the test env prefix are the ones I'd want fixed before merging.
- Fix constant naming for LegacyOpenSearch - Fix duplication in engine_spec.rb - Added mossing spaces and missing pragma.
luisgmetzger
approved these changes
Mar 10, 2026
YaritzaGarcia
deleted the
SRCH-6424-Create-the-Legacy-Opensearch-search-engine
branch
luisgmetzger
added a commit
that referenced
this pull request
Mar 12, 2026
* Verify index template parity between SearchElastic::Template and i14y Documents (#1982) * Add specs to verify index template parity between search-gov and i14y Compares SearchElastic::Template against the i14y Documents template to confirm our template can safely serve queries against migrated Elasticsearch data in the new OpenSearch index. - template_spec: validates body structure, all field mappings, analyzers, tokenizers, and dynamic templates - template_parity_spec: loads i14y fixture and asserts search-gov is a superset (fields, analyzers, stemmers, dynamic templates) - index_create_spec: covers create/update flows with mocked client - i14y fixture: point-in-time snapshot of Documents.new.body Made-with: Cursor * Fix Cucumber search_elastic test by refreshing index after indexing The test was racing ahead before Elasticsearch made the document searchable. Adding an explicit refresh call ensures the document is available immediately. Made-with: Cursor --------- Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6424 Create the LegacyOpensearch search engine (#1983) * - Update SEARCH_ENGINES and VALID_SEARCH_ENGINES - Add LEGACY_OPENSEARCH_INDEX - Add engine * Add LegacyOpenSearch support in SearchesController, implement ApiEngine and tests. * Add spec for searches_controller * Fix case in LegacyOpenSearch constant * - Update environment variables - Fix constant naming for LegacyOpenSearch - Fix duplication in engine_spec.rb - Added mossing spaces and missing pragma. --------- Co-authored-by: Luis Metzger <luismetzger@me.com> Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov>
amian-gsa
pushed a commit
that referenced
this pull request
Mar 17, 2026
* - Update SEARCH_ENGINES and VALID_SEARCH_ENGINES - Add LEGACY_OPENSEARCH_INDEX - Add engine * Add LegacyOpenSearch support in SearchesController, implement ApiEngine and tests. * Add spec for searches_controller * Fix case in LegacyOpenSearch constant * - Update environment variables - Fix constant naming for LegacyOpenSearch - Fix duplication in engine_spec.rb - Added mossing spaces and missing pragma.
amian-gsa
added a commit
that referenced
this pull request
Mar 17, 2026
* SRCH-6338 Triggering build. * SRCH-6338 Triggering build. * fix(deploy): add ApplicationStop hook to clean up Capistrano repo directory - Add cleanup_deployment.sh script to remove /home/search/searchgov/repo - Update appspec.yml to include ApplicationStop lifecycle hook - Prevents CodeDeploy failure caused by existing non-empty repo directory from Capistrano - Resolves conflict between Capistrano and CodeDeploy deployment methods * SRCH-6338 Fixed the issue of existing cached repo folder. * fix(deploy): clean up Git state instead of removing repo directory - Update cleanup_deployment.sh to clean Git locks and stale refs - Prevents 'cannot lock ref' errors during Capistrano deployment - Preserves repo directory while resetting Git state to clean condition - Removes .lock files, packed-refs, and prunes stale remote branches * fix(deploy): add dual-layer protection against repo directory conflicts Option A: Pre-build cleanup - Add SSH-based cleanup in buildspec pre_build phase - Remove repo directories on all target servers before Capistrano runs - Prevents 'already exists and is not an empty directory' errors Option B: Capistrano configuration improvements - Enable git_shallow_clone for faster, lighter clones - Set git_keep_meta to false to reduce repo bloat - Improves Capistrano's handling of existing repositories This combination ensures repo cleanup happens at the right time (before Capistrano) and configures Capistrano to handle repos more efficiently. * fix(deploy): remove git_shallow_clone setting causing shallow file errors - Remove git_shallow_clone and git_keep_meta from deploy.rb - These settings caused 'fatal: shallow file has changed since we read it' errors - Keep only the pre-build cleanup in buildspec which is the primary fix - Pre-build cleanup (Option A) is sufficient to resolve repo directory conflicts * fix(deploy): clean Git refs instead of removing repo directory - Update buildspec pre_build to clean Git state rather than delete directory - Remove all Git lock files, packed-refs, and branch refs - Prevents 'cannot lock ref' errors caused by stale Git references - Preserves repo directory structure while resetting Git state - Addresses concurrent deployment scenarios (e.g., Ansible pipeline) This approach prevents conflicts when multiple deployment processes (buildspec, Ansible, etc.) interact with the same repo directory. * fix(deploy): use aggressive repo directory removal to prevent ref locking - Completely remove /home/search/searchgov/repo directory before Capistrano - Add chmod -R u+w to handle any permission issues before removal - Ensures fresh clone without any Git state conflicts - Previous approaches (ref cleanup, Git state cleanup) insufficient for race conditions This is the most reliable approach to prevent 'cannot lock ref' errors when multiple deployments or processes interact with the same repo. * fix(deploy): clean repo on ALL server groups (APP, CRON, RESQUE) Critical fix: Previous cleanup only targeted APP_SERVER_ADDRESSES, but Capistrano deploys to multiple server groups in parallel (app, cron, resque servers). Changes: - Combine APP_SERVER_ADDRESSES, CRON_SERVER_ADDRESSES, RESQUE_SERVER_ADDRESSES - Use jq to create unique list of all target servers - Clean repo directory on every server before Capistrano starts - Prevents ref locking errors caused by inconsistent Git state across server groups This resolves the persistent 'cannot lock ref' errors by ensuring ALL servers have clean Git state before parallel deployment begins. * debug(deploy): add comprehensive logging to pre-build cleanup Added detailed logging to diagnose why repo cleanup isn't preventing ref locking: Logging includes: - All environment variables (server addresses, paths) - Complete server list with count - Per-server SSH connection details (verbose) - Directory existence checks and contents - Step-by-step cleanup process - Success/failure tracking with exit codes - Summary statistics (successful vs failed cleanups) This will help identify: 1. If SSH connections are reaching all servers 2. If repo directories are being found 3. If removal is actually succeeding 4. Which specific servers might be failing 5. Any permission or timing issues Next step: Run pipeline and review pre_build logs to see what's happening. * SRCH-6338 Removed the cleanup and added flock based lock instead to avoid race conditions. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Using code deploy based deployment. * SRCH-6338 Using code deploy based deployment. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Added pem file content to dev env. * SRCH-6338 Removed KMS related logic. * SRCH-6338 Removed KMS related logic. * SRCH-6338 Added missing compilation step. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Made changes to set vars and fix precompile issues. * SRCH-6338 Made changes to set vars and fix precompile issues. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Added setting to resolve 403 error. * SRCH-6338 Updated documentation. * SRCH-6338 Added .idea to .gitignore * Fix extra invalid OpenSearch requests caused by double-slash URLs (#1977) The elasticsearch-ruby transport constructs URLs that can produce "host:port//" in two scenarios: 1. When the parsed host path is "/" or "" (truthy in Ruby), combined with the "/" prefix before the API path 2. When the API path itself starts with "/" (e.g. NewRelic's cluster name check calls perform_request('GET', '/')) Adds a Rails initializer that monkey-patches three methods in the transport to normalize host paths and prevent double slashes in request URLs. Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6331 Improve UX for the inactive affiliate message in the Admin Center (#1961) * Remove old inactive affiliate banner. * Add a banner below the Display Name banner. NEEDS TO BE IMPROVED. * Improve UX for inactive affiliate message in Admin Center. - Updated variables to have an inactive value and an active value. - Updated views to add the inactive class to change the height. - Updated the inactive banner * Add inactive class to the site nav * Add USWDS styling and improve overall banner. * Add USWDS Warning icon. * Adding the Warning icon before the banner text. Needs to be fixed. Position is not right. * Adjust height. * Improve inactive affiliate banner styles and update tests for accurate selector usage * Update test. * Update inactive site header. * Bump Node.js from 20.10.0 to 20.20.0 for January 2026 security release (#1978) Addresses CVE-2025-55130, CVE-2025-55131, CVE-2025-55132, CVE-2025-59465, CVE-2025-59466. Co-authored-by: Luis Metzger <luismetzger@me.com> Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov> * Verify index template parity between SearchElastic::Template and i14y Documents (#1982) * Add specs to verify index template parity between search-gov and i14y Compares SearchElastic::Template against the i14y Documents template to confirm our template can safely serve queries against migrated Elasticsearch data in the new OpenSearch index. - template_spec: validates body structure, all field mappings, analyzers, tokenizers, and dynamic templates - template_parity_spec: loads i14y fixture and asserts search-gov is a superset (fields, analyzers, stemmers, dynamic templates) - index_create_spec: covers create/update flows with mocked client - i14y fixture: point-in-time snapshot of Documents.new.body Made-with: Cursor * Fix Cucumber search_elastic test by refreshing index after indexing The test was racing ahead before Elasticsearch made the document searchable. Adding an explicit refresh call ensures the document is available immediately. Made-with: Cursor --------- Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6424 Create the LegacyOpensearch search engine (#1983) * - Update SEARCH_ENGINES and VALID_SEARCH_ENGINES - Add LEGACY_OPENSEARCH_INDEX - Add engine * Add LegacyOpenSearch support in SearchesController, implement ApiEngine and tests. * Add spec for searches_controller * Fix case in LegacyOpenSearch constant * - Update environment variables - Fix constant naming for LegacyOpenSearch - Fix duplication in engine_spec.rb - Added mossing spaces and missing pragma. * Add LegacyOpenSearch indexer and rake task for index creation (#1985) * SRCH-6433: Add Achtung icon to Inactive Affiliate banner (#1987) * Fix the warning icon URL. * Delete commented code. --------- Co-authored-by: amian-fearless <amian@fearless.com> Co-authored-by: Luis Metzger <148913056+luisgmetzger@users.noreply.github.com> Co-authored-by: Luis Metzger <luismetzger@me.com> Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov>
Merged
YaritzaGarcia
added a commit
that referenced
this pull request
Mar 19, 2026
* Change the default search engine to OpenSearch. * Srch 6338 ubuntu upgrade artifact deploy azhar (#1990) * SRCH-6338 Triggering build. * SRCH-6338 Triggering build. * fix(deploy): add ApplicationStop hook to clean up Capistrano repo directory - Add cleanup_deployment.sh script to remove /home/search/searchgov/repo - Update appspec.yml to include ApplicationStop lifecycle hook - Prevents CodeDeploy failure caused by existing non-empty repo directory from Capistrano - Resolves conflict between Capistrano and CodeDeploy deployment methods * SRCH-6338 Fixed the issue of existing cached repo folder. * fix(deploy): clean up Git state instead of removing repo directory - Update cleanup_deployment.sh to clean Git locks and stale refs - Prevents 'cannot lock ref' errors during Capistrano deployment - Preserves repo directory while resetting Git state to clean condition - Removes .lock files, packed-refs, and prunes stale remote branches * fix(deploy): add dual-layer protection against repo directory conflicts Option A: Pre-build cleanup - Add SSH-based cleanup in buildspec pre_build phase - Remove repo directories on all target servers before Capistrano runs - Prevents 'already exists and is not an empty directory' errors Option B: Capistrano configuration improvements - Enable git_shallow_clone for faster, lighter clones - Set git_keep_meta to false to reduce repo bloat - Improves Capistrano's handling of existing repositories This combination ensures repo cleanup happens at the right time (before Capistrano) and configures Capistrano to handle repos more efficiently. * fix(deploy): remove git_shallow_clone setting causing shallow file errors - Remove git_shallow_clone and git_keep_meta from deploy.rb - These settings caused 'fatal: shallow file has changed since we read it' errors - Keep only the pre-build cleanup in buildspec which is the primary fix - Pre-build cleanup (Option A) is sufficient to resolve repo directory conflicts * fix(deploy): clean Git refs instead of removing repo directory - Update buildspec pre_build to clean Git state rather than delete directory - Remove all Git lock files, packed-refs, and branch refs - Prevents 'cannot lock ref' errors caused by stale Git references - Preserves repo directory structure while resetting Git state - Addresses concurrent deployment scenarios (e.g., Ansible pipeline) This approach prevents conflicts when multiple deployment processes (buildspec, Ansible, etc.) interact with the same repo directory. * fix(deploy): use aggressive repo directory removal to prevent ref locking - Completely remove /home/search/searchgov/repo directory before Capistrano - Add chmod -R u+w to handle any permission issues before removal - Ensures fresh clone without any Git state conflicts - Previous approaches (ref cleanup, Git state cleanup) insufficient for race conditions This is the most reliable approach to prevent 'cannot lock ref' errors when multiple deployments or processes interact with the same repo. * fix(deploy): clean repo on ALL server groups (APP, CRON, RESQUE) Critical fix: Previous cleanup only targeted APP_SERVER_ADDRESSES, but Capistrano deploys to multiple server groups in parallel (app, cron, resque servers). Changes: - Combine APP_SERVER_ADDRESSES, CRON_SERVER_ADDRESSES, RESQUE_SERVER_ADDRESSES - Use jq to create unique list of all target servers - Clean repo directory on every server before Capistrano starts - Prevents ref locking errors caused by inconsistent Git state across server groups This resolves the persistent 'cannot lock ref' errors by ensuring ALL servers have clean Git state before parallel deployment begins. * debug(deploy): add comprehensive logging to pre-build cleanup Added detailed logging to diagnose why repo cleanup isn't preventing ref locking: Logging includes: - All environment variables (server addresses, paths) - Complete server list with count - Per-server SSH connection details (verbose) - Directory existence checks and contents - Step-by-step cleanup process - Success/failure tracking with exit codes - Summary statistics (successful vs failed cleanups) This will help identify: 1. If SSH connections are reaching all servers 2. If repo directories are being found 3. If removal is actually succeeding 4. Which specific servers might be failing 5. Any permission or timing issues Next step: Run pipeline and review pre_build logs to see what's happening. * SRCH-6338 Removed the cleanup and added flock based lock instead to avoid race conditions. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Using code deploy based deployment. * SRCH-6338 Using code deploy based deployment. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Added pem file content to dev env. * SRCH-6338 Removed KMS related logic. * SRCH-6338 Removed KMS related logic. * SRCH-6338 Added missing compilation step. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Made changes to set vars and fix precompile issues. * SRCH-6338 Made changes to set vars and fix precompile issues. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Added setting to resolve 403 error. * SRCH-6338 Updated documentation. * SRCH-6338 Added .idea to .gitignore * Fix extra invalid OpenSearch requests caused by double-slash URLs (#1977) The elasticsearch-ruby transport constructs URLs that can produce "host:port//" in two scenarios: 1. When the parsed host path is "/" or "" (truthy in Ruby), combined with the "/" prefix before the API path 2. When the API path itself starts with "/" (e.g. NewRelic's cluster name check calls perform_request('GET', '/')) Adds a Rails initializer that monkey-patches three methods in the transport to normalize host paths and prevent double slashes in request URLs. Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6331 Improve UX for the inactive affiliate message in the Admin Center (#1961) * Remove old inactive affiliate banner. * Add a banner below the Display Name banner. NEEDS TO BE IMPROVED. * Improve UX for inactive affiliate message in Admin Center. - Updated variables to have an inactive value and an active value. - Updated views to add the inactive class to change the height. - Updated the inactive banner * Add inactive class to the site nav * Add USWDS styling and improve overall banner. * Add USWDS Warning icon. * Adding the Warning icon before the banner text. Needs to be fixed. Position is not right. * Adjust height. * Improve inactive affiliate banner styles and update tests for accurate selector usage * Update test. * Update inactive site header. * Bump Node.js from 20.10.0 to 20.20.0 for January 2026 security release (#1978) Addresses CVE-2025-55130, CVE-2025-55131, CVE-2025-55132, CVE-2025-59465, CVE-2025-59466. Co-authored-by: Luis Metzger <luismetzger@me.com> Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov> * Verify index template parity between SearchElastic::Template and i14y Documents (#1982) * Add specs to verify index template parity between search-gov and i14y Compares SearchElastic::Template against the i14y Documents template to confirm our template can safely serve queries against migrated Elasticsearch data in the new OpenSearch index. - template_spec: validates body structure, all field mappings, analyzers, tokenizers, and dynamic templates - template_parity_spec: loads i14y fixture and asserts search-gov is a superset (fields, analyzers, stemmers, dynamic templates) - index_create_spec: covers create/update flows with mocked client - i14y fixture: point-in-time snapshot of Documents.new.body Made-with: Cursor * Fix Cucumber search_elastic test by refreshing index after indexing The test was racing ahead before Elasticsearch made the document searchable. Adding an explicit refresh call ensures the document is available immediately. Made-with: Cursor --------- Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6424 Create the LegacyOpensearch search engine (#1983) * - Update SEARCH_ENGINES and VALID_SEARCH_ENGINES - Add LEGACY_OPENSEARCH_INDEX - Add engine * Add LegacyOpenSearch support in SearchesController, implement ApiEngine and tests. * Add spec for searches_controller * Fix case in LegacyOpenSearch constant * - Update environment variables - Fix constant naming for LegacyOpenSearch - Fix duplication in engine_spec.rb - Added mossing spaces and missing pragma. * Add LegacyOpenSearch indexer and rake task for index creation (#1985) * SRCH-6433: Add Achtung icon to Inactive Affiliate banner (#1987) * Fix the warning icon URL. * Delete commented code. --------- Co-authored-by: amian-fearless <amian@fearless.com> Co-authored-by: Luis Metzger <148913056+luisgmetzger@users.noreply.github.com> Co-authored-by: Luis Metzger <luismetzger@me.com> Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov> * Update Spec test. * Fix cucumber test. * Revert "Srch 6338 ubuntu upgrade artifact deploy azhar (#1990)" This reverts commit 4acf0bf. --------- Co-authored-by: Azhar Mian <166759132+amian-gsa@users.noreply.github.com> Co-authored-by: amian-fearless <amian@fearless.com> Co-authored-by: Luis Metzger <148913056+luisgmetzger@users.noreply.github.com> Co-authored-by: Luis Metzger <luismetzger@me.com>
luisgmetzger
added a commit
that referenced
this pull request
Mar 20, 2026
* SRCH-6442 Change the default search engine to OpenSearch (#1991) * Change the default search engine to OpenSearch. * Srch 6338 ubuntu upgrade artifact deploy azhar (#1990) * SRCH-6338 Triggering build. * SRCH-6338 Triggering build. * fix(deploy): add ApplicationStop hook to clean up Capistrano repo directory - Add cleanup_deployment.sh script to remove /home/search/searchgov/repo - Update appspec.yml to include ApplicationStop lifecycle hook - Prevents CodeDeploy failure caused by existing non-empty repo directory from Capistrano - Resolves conflict between Capistrano and CodeDeploy deployment methods * SRCH-6338 Fixed the issue of existing cached repo folder. * fix(deploy): clean up Git state instead of removing repo directory - Update cleanup_deployment.sh to clean Git locks and stale refs - Prevents 'cannot lock ref' errors during Capistrano deployment - Preserves repo directory while resetting Git state to clean condition - Removes .lock files, packed-refs, and prunes stale remote branches * fix(deploy): add dual-layer protection against repo directory conflicts Option A: Pre-build cleanup - Add SSH-based cleanup in buildspec pre_build phase - Remove repo directories on all target servers before Capistrano runs - Prevents 'already exists and is not an empty directory' errors Option B: Capistrano configuration improvements - Enable git_shallow_clone for faster, lighter clones - Set git_keep_meta to false to reduce repo bloat - Improves Capistrano's handling of existing repositories This combination ensures repo cleanup happens at the right time (before Capistrano) and configures Capistrano to handle repos more efficiently. * fix(deploy): remove git_shallow_clone setting causing shallow file errors - Remove git_shallow_clone and git_keep_meta from deploy.rb - These settings caused 'fatal: shallow file has changed since we read it' errors - Keep only the pre-build cleanup in buildspec which is the primary fix - Pre-build cleanup (Option A) is sufficient to resolve repo directory conflicts * fix(deploy): clean Git refs instead of removing repo directory - Update buildspec pre_build to clean Git state rather than delete directory - Remove all Git lock files, packed-refs, and branch refs - Prevents 'cannot lock ref' errors caused by stale Git references - Preserves repo directory structure while resetting Git state - Addresses concurrent deployment scenarios (e.g., Ansible pipeline) This approach prevents conflicts when multiple deployment processes (buildspec, Ansible, etc.) interact with the same repo directory. * fix(deploy): use aggressive repo directory removal to prevent ref locking - Completely remove /home/search/searchgov/repo directory before Capistrano - Add chmod -R u+w to handle any permission issues before removal - Ensures fresh clone without any Git state conflicts - Previous approaches (ref cleanup, Git state cleanup) insufficient for race conditions This is the most reliable approach to prevent 'cannot lock ref' errors when multiple deployments or processes interact with the same repo. * fix(deploy): clean repo on ALL server groups (APP, CRON, RESQUE) Critical fix: Previous cleanup only targeted APP_SERVER_ADDRESSES, but Capistrano deploys to multiple server groups in parallel (app, cron, resque servers). Changes: - Combine APP_SERVER_ADDRESSES, CRON_SERVER_ADDRESSES, RESQUE_SERVER_ADDRESSES - Use jq to create unique list of all target servers - Clean repo directory on every server before Capistrano starts - Prevents ref locking errors caused by inconsistent Git state across server groups This resolves the persistent 'cannot lock ref' errors by ensuring ALL servers have clean Git state before parallel deployment begins. * debug(deploy): add comprehensive logging to pre-build cleanup Added detailed logging to diagnose why repo cleanup isn't preventing ref locking: Logging includes: - All environment variables (server addresses, paths) - Complete server list with count - Per-server SSH connection details (verbose) - Directory existence checks and contents - Step-by-step cleanup process - Success/failure tracking with exit codes - Summary statistics (successful vs failed cleanups) This will help identify: 1. If SSH connections are reaching all servers 2. If repo directories are being found 3. If removal is actually succeeding 4. Which specific servers might be failing 5. Any permission or timing issues Next step: Run pipeline and review pre_build logs to see what's happening. * SRCH-6338 Removed the cleanup and added flock based lock instead to avoid race conditions. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Using code deploy based deployment. * SRCH-6338 Using code deploy based deployment. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Added pem file content to dev env. * SRCH-6338 Removed KMS related logic. * SRCH-6338 Removed KMS related logic. * SRCH-6338 Added missing compilation step. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Made changes to set vars and fix precompile issues. * SRCH-6338 Made changes to set vars and fix precompile issues. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Added setting to resolve 403 error. * SRCH-6338 Updated documentation. * SRCH-6338 Added .idea to .gitignore * Fix extra invalid OpenSearch requests caused by double-slash URLs (#1977) The elasticsearch-ruby transport constructs URLs that can produce "host:port//" in two scenarios: 1. When the parsed host path is "/" or "" (truthy in Ruby), combined with the "/" prefix before the API path 2. When the API path itself starts with "/" (e.g. NewRelic's cluster name check calls perform_request('GET', '/')) Adds a Rails initializer that monkey-patches three methods in the transport to normalize host paths and prevent double slashes in request URLs. Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6331 Improve UX for the inactive affiliate message in the Admin Center (#1961) * Remove old inactive affiliate banner. * Add a banner below the Display Name banner. NEEDS TO BE IMPROVED. * Improve UX for inactive affiliate message in Admin Center. - Updated variables to have an inactive value and an active value. - Updated views to add the inactive class to change the height. - Updated the inactive banner * Add inactive class to the site nav * Add USWDS styling and improve overall banner. * Add USWDS Warning icon. * Adding the Warning icon before the banner text. Needs to be fixed. Position is not right. * Adjust height. * Improve inactive affiliate banner styles and update tests for accurate selector usage * Update test. * Update inactive site header. * Bump Node.js from 20.10.0 to 20.20.0 for January 2026 security release (#1978) Addresses CVE-2025-55130, CVE-2025-55131, CVE-2025-55132, CVE-2025-59465, CVE-2025-59466. Co-authored-by: Luis Metzger <luismetzger@me.com> Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov> * Verify index template parity between SearchElastic::Template and i14y Documents (#1982) * Add specs to verify index template parity between search-gov and i14y Compares SearchElastic::Template against the i14y Documents template to confirm our template can safely serve queries against migrated Elasticsearch data in the new OpenSearch index. - template_spec: validates body structure, all field mappings, analyzers, tokenizers, and dynamic templates - template_parity_spec: loads i14y fixture and asserts search-gov is a superset (fields, analyzers, stemmers, dynamic templates) - index_create_spec: covers create/update flows with mocked client - i14y fixture: point-in-time snapshot of Documents.new.body Made-with: Cursor * Fix Cucumber search_elastic test by refreshing index after indexing The test was racing ahead before Elasticsearch made the document searchable. Adding an explicit refresh call ensures the document is available immediately. Made-with: Cursor --------- Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6424 Create the LegacyOpensearch search engine (#1983) * - Update SEARCH_ENGINES and VALID_SEARCH_ENGINES - Add LEGACY_OPENSEARCH_INDEX - Add engine * Add LegacyOpenSearch support in SearchesController, implement ApiEngine and tests. * Add spec for searches_controller * Fix case in LegacyOpenSearch constant * - Update environment variables - Fix constant naming for LegacyOpenSearch - Fix duplication in engine_spec.rb - Added mossing spaces and missing pragma. * Add LegacyOpenSearch indexer and rake task for index creation (#1985) * SRCH-6433: Add Achtung icon to Inactive Affiliate banner (#1987) * Fix the warning icon URL. * Delete commented code. --------- Co-authored-by: amian-fearless <amian@fearless.com> Co-authored-by: Luis Metzger <148913056+luisgmetzger@users.noreply.github.com> Co-authored-by: Luis Metzger <luismetzger@me.com> Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov> * Update Spec test. * Fix cucumber test. * Revert "Srch 6338 ubuntu upgrade artifact deploy azhar (#1990)" This reverts commit 4acf0bf. --------- Co-authored-by: Azhar Mian <166759132+amian-gsa@users.noreply.github.com> Co-authored-by: amian-fearless <amian@fearless.com> Co-authored-by: Luis Metzger <148913056+luisgmetzger@users.noreply.github.com> Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6448: Port i14y Serde serialize_hash into search-gov (#1993) * SRCH-6448: Port i14y Serde serialize_hash into search-gov Add String#extract_array to make Serde.serialize_hash functional in search-gov. The Serde module was already copied from i14y but the serialize path was never wired up because indexing went through the i14y HTTP API. The only missing piece was the extract_array String extension used by serialize_array_fields. Add comprehensive spec coverage for serialize_hash, deserialize_hash, and uri_params_hash including edge cases for multiple languages, HTML sanitization, missing fields, and various URL formats. Made-with: Cursor * Fix extract_array specs to match Ruby split behavior Ruby's String#split(',') returns [] for an empty string and drops trailing empty elements, so the expectations were wrong. Made-with: Cursor --------- Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6449: Build OpenSearch document indexing service (#1994) * SRCH-6448: Port i14y Serde serialize_hash into search-gov Add String#extract_array to make Serde.serialize_hash functional in search-gov. The Serde module was already copied from i14y but the serialize path was never wired up because indexing went through the i14y HTTP API. The only missing piece was the extract_array String extension used by serialize_array_fields. Add comprehensive spec coverage for serialize_hash, deserialize_hash, and uri_params_hash including edge cases for multiple languages, HTML sanitization, missing fields, and various URL formats. Made-with: Cursor * SRCH-6449: Build OpenSearch document indexing service Add LegacyOpenSearch::DocumentIndexer that writes documents directly to OpenSearch, bypassing the i14y HTTP API. This is the second step toward retiring Elasticsearch and the i14y application. The service accepts the same params shape as SearchgovUrl#i14y_params, runs Serde.serialize_hash for field transformations (language-suffix renaming, HTML sanitization, array conversion, URI extraction), then indexes directly via OPENSEARCH_CLIENT. Key design decisions: - Uses client.index() as an upsert instead of separate create/update - Wraps params in HashWithIndifferentAccess to match i14y's behavior - Injects created_at default to replicate i14y Document model - Accepts handle: kwarg on delete for backward compatibility Made-with: Cursor * Fix extract_array specs to match Ruby split behavior Ruby's String#split(',') returns [] for an empty string and drops trailing empty elements, so the expectations were wrong. Made-with: Cursor --------- Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6450: Update SearchgovUrl to index directly to OpenSearch (#1995) * SRCH-6448: Port i14y Serde serialize_hash into search-gov Add String#extract_array to make Serde.serialize_hash functional in search-gov. The Serde module was already copied from i14y but the serialize path was never wired up because indexing went through the i14y HTTP API. The only missing piece was the extract_array String extension used by serialize_array_fields. Add comprehensive spec coverage for serialize_hash, deserialize_hash, and uri_params_hash including edge cases for multiple languages, HTML sanitization, missing fields, and various URL formats. Made-with: Cursor * SRCH-6449: Build OpenSearch document indexing service Add LegacyOpenSearch::DocumentIndexer that writes documents directly to OpenSearch, bypassing the i14y HTTP API. This is the second step toward retiring Elasticsearch and the i14y application. The service accepts the same params shape as SearchgovUrl#i14y_params, runs Serde.serialize_hash for field transformations (language-suffix renaming, HTML sanitization, array conversion, URI extraction), then indexes directly via OPENSEARCH_CLIENT. Key design decisions: - Uses client.index() as an upsert instead of separate create/update - Wraps params in HashWithIndifferentAccess to match i14y's behavior - Injects created_at default to replicate i14y Document model - Accepts handle: kwarg on delete for backward compatibility Made-with: Cursor * Fix extract_array specs to match Ruby split behavior Ruby's String#split(',') returns [] for an empty string and drops trailing empty elements, so the expectations were wrong. Made-with: Cursor * SRCH-6450: Update SearchgovUrl to index directly to OpenSearch Replace I14yDocument calls with LegacyOpenSearch::DocumentIndexer so the crawler writes directly to OpenSearch, bypassing the broken i14y HTTP API. index_document: the indexed? ternary (create vs update) is replaced by a single DocumentIndexer.index upsert call. OpenSearch overwrites by document ID, so the distinction is unnecessary. delete_document: swaps I14yDocument.delete for DocumentIndexer.delete. The new service already handles NotFound gracefully. Specs updated to use the new service (~25 mock replacements) plus new coverage for DocumentIndexerError handling, upsert behavior, params shape contract, and silent NotFound on delete. Made-with: Cursor * Fix searchgov:promote spec to expect DocumentIndexer.index The promote rake task calls searchgov_url.fetch, which now goes through LegacyOpenSearch::DocumentIndexer.index instead of I14yDocument.create. Made-with: Cursor --------- Co-authored-by: Luis Metzger <luismetzger@me.com> --------- Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov> Co-authored-by: Azhar Mian <166759132+amian-gsa@users.noreply.github.com> Co-authored-by: amian-fearless <amian@fearless.com> Co-authored-by: Luis Metzger <148913056+luisgmetzger@users.noreply.github.com> Co-authored-by: Luis Metzger <luismetzger@me.com>
YaritzaGarcia
added a commit
that referenced
this pull request
Mar 26, 2026
* Refactor sub-nav-heading class for inactive sites - Updated the sub-nav-heading class to conditionally apply "--is-inactive" based on the active status of the site across multiple views, enhancing the user interface by visually indicating inactive sites. * Srch 6338 ubuntu upgrade artifact deploy azhar (#1990) * SRCH-6338 Triggering build. * SRCH-6338 Triggering build. * fix(deploy): add ApplicationStop hook to clean up Capistrano repo directory - Add cleanup_deployment.sh script to remove /home/search/searchgov/repo - Update appspec.yml to include ApplicationStop lifecycle hook - Prevents CodeDeploy failure caused by existing non-empty repo directory from Capistrano - Resolves conflict between Capistrano and CodeDeploy deployment methods * SRCH-6338 Fixed the issue of existing cached repo folder. * fix(deploy): clean up Git state instead of removing repo directory - Update cleanup_deployment.sh to clean Git locks and stale refs - Prevents 'cannot lock ref' errors during Capistrano deployment - Preserves repo directory while resetting Git state to clean condition - Removes .lock files, packed-refs, and prunes stale remote branches * fix(deploy): add dual-layer protection against repo directory conflicts Option A: Pre-build cleanup - Add SSH-based cleanup in buildspec pre_build phase - Remove repo directories on all target servers before Capistrano runs - Prevents 'already exists and is not an empty directory' errors Option B: Capistrano configuration improvements - Enable git_shallow_clone for faster, lighter clones - Set git_keep_meta to false to reduce repo bloat - Improves Capistrano's handling of existing repositories This combination ensures repo cleanup happens at the right time (before Capistrano) and configures Capistrano to handle repos more efficiently. * fix(deploy): remove git_shallow_clone setting causing shallow file errors - Remove git_shallow_clone and git_keep_meta from deploy.rb - These settings caused 'fatal: shallow file has changed since we read it' errors - Keep only the pre-build cleanup in buildspec which is the primary fix - Pre-build cleanup (Option A) is sufficient to resolve repo directory conflicts * fix(deploy): clean Git refs instead of removing repo directory - Update buildspec pre_build to clean Git state rather than delete directory - Remove all Git lock files, packed-refs, and branch refs - Prevents 'cannot lock ref' errors caused by stale Git references - Preserves repo directory structure while resetting Git state - Addresses concurrent deployment scenarios (e.g., Ansible pipeline) This approach prevents conflicts when multiple deployment processes (buildspec, Ansible, etc.) interact with the same repo directory. * fix(deploy): use aggressive repo directory removal to prevent ref locking - Completely remove /home/search/searchgov/repo directory before Capistrano - Add chmod -R u+w to handle any permission issues before removal - Ensures fresh clone without any Git state conflicts - Previous approaches (ref cleanup, Git state cleanup) insufficient for race conditions This is the most reliable approach to prevent 'cannot lock ref' errors when multiple deployments or processes interact with the same repo. * fix(deploy): clean repo on ALL server groups (APP, CRON, RESQUE) Critical fix: Previous cleanup only targeted APP_SERVER_ADDRESSES, but Capistrano deploys to multiple server groups in parallel (app, cron, resque servers). Changes: - Combine APP_SERVER_ADDRESSES, CRON_SERVER_ADDRESSES, RESQUE_SERVER_ADDRESSES - Use jq to create unique list of all target servers - Clean repo directory on every server before Capistrano starts - Prevents ref locking errors caused by inconsistent Git state across server groups This resolves the persistent 'cannot lock ref' errors by ensuring ALL servers have clean Git state before parallel deployment begins. * debug(deploy): add comprehensive logging to pre-build cleanup Added detailed logging to diagnose why repo cleanup isn't preventing ref locking: Logging includes: - All environment variables (server addresses, paths) - Complete server list with count - Per-server SSH connection details (verbose) - Directory existence checks and contents - Step-by-step cleanup process - Success/failure tracking with exit codes - Summary statistics (successful vs failed cleanups) This will help identify: 1. If SSH connections are reaching all servers 2. If repo directories are being found 3. If removal is actually succeeding 4. Which specific servers might be failing 5. Any permission or timing issues Next step: Run pipeline and review pre_build logs to see what's happening. * SRCH-6338 Removed the cleanup and added flock based lock instead to avoid race conditions. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Added deployment level lock to capistrano. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Fixed syntax error issue. * SRCH-6338 Using code deploy based deployment. * SRCH-6338 Using code deploy based deployment. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Fixed error getting at BeforeInstall hook. * SRCH-6338 Added pem file content to dev env. * SRCH-6338 Removed KMS related logic. * SRCH-6338 Removed KMS related logic. * SRCH-6338 Added missing compilation step. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Added missing compilation steps from dockerfile. * SRCH-6338 Made changes to set vars and fix precompile issues. * SRCH-6338 Made changes to set vars and fix precompile issues. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed buildsepec errors and refactored other scripts to remove unnecessary processes to save time. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Fixed missing assets issue. * SRCH-6338 Added setting to resolve 403 error. * SRCH-6338 Updated documentation. * SRCH-6338 Added .idea to .gitignore * Fix extra invalid OpenSearch requests caused by double-slash URLs (#1977) The elasticsearch-ruby transport constructs URLs that can produce "host:port//" in two scenarios: 1. When the parsed host path is "/" or "" (truthy in Ruby), combined with the "/" prefix before the API path 2. When the API path itself starts with "/" (e.g. NewRelic's cluster name check calls perform_request('GET', '/')) Adds a Rails initializer that monkey-patches three methods in the transport to normalize host paths and prevent double slashes in request URLs. Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6331 Improve UX for the inactive affiliate message in the Admin Center (#1961) * Remove old inactive affiliate banner. * Add a banner below the Display Name banner. NEEDS TO BE IMPROVED. * Improve UX for inactive affiliate message in Admin Center. - Updated variables to have an inactive value and an active value. - Updated views to add the inactive class to change the height. - Updated the inactive banner * Add inactive class to the site nav * Add USWDS styling and improve overall banner. * Add USWDS Warning icon. * Adding the Warning icon before the banner text. Needs to be fixed. Position is not right. * Adjust height. * Improve inactive affiliate banner styles and update tests for accurate selector usage * Update test. * Update inactive site header. * Bump Node.js from 20.10.0 to 20.20.0 for January 2026 security release (#1978) Addresses CVE-2025-55130, CVE-2025-55131, CVE-2025-55132, CVE-2025-59465, CVE-2025-59466. Co-authored-by: Luis Metzger <luismetzger@me.com> Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov> * Verify index template parity between SearchElastic::Template and i14y Documents (#1982) * Add specs to verify index template parity between search-gov and i14y Compares SearchElastic::Template against the i14y Documents template to confirm our template can safely serve queries against migrated Elasticsearch data in the new OpenSearch index. - template_spec: validates body structure, all field mappings, analyzers, tokenizers, and dynamic templates - template_parity_spec: loads i14y fixture and asserts search-gov is a superset (fields, analyzers, stemmers, dynamic templates) - index_create_spec: covers create/update flows with mocked client - i14y fixture: point-in-time snapshot of Documents.new.body Made-with: Cursor * Fix Cucumber search_elastic test by refreshing index after indexing The test was racing ahead before Elasticsearch made the document searchable. Adding an explicit refresh call ensures the document is available immediately. Made-with: Cursor --------- Co-authored-by: Luis Metzger <luismetzger@me.com> * SRCH-6424 Create the LegacyOpensearch search engine (#1983) * - Update SEARCH_ENGINES and VALID_SEARCH_ENGINES - Add LEGACY_OPENSEARCH_INDEX - Add engine * Add LegacyOpenSearch support in SearchesController, implement ApiEngine and tests. * Add spec for searches_controller * Fix case in LegacyOpenSearch constant * - Update environment variables - Fix constant naming for LegacyOpenSearch - Fix duplication in engine_spec.rb - Added mossing spaces and missing pragma. * Add LegacyOpenSearch indexer and rake task for index creation (#1985) * SRCH-6433: Add Achtung icon to Inactive Affiliate banner (#1987) * Fix the warning icon URL. * Delete commented code. --------- Co-authored-by: amian-fearless <amian@fearless.com> Co-authored-by: Luis Metzger <148913056+luisgmetzger@users.noreply.github.com> Co-authored-by: Luis Metzger <luismetzger@me.com> Co-authored-by: Yaritza M. Garcia Chaparro <yaritza.garcia@gsa.gov> * Revert "Srch 6338 ubuntu upgrade artifact deploy azhar (#1990)" This reverts commit 4acf0bf. --------- Co-authored-by: Azhar Mian <166759132+amian-gsa@users.noreply.github.com> Co-authored-by: amian-fearless <amian@fearless.com> Co-authored-by: Luis Metzger <148913056+luisgmetzger@users.noreply.github.com> Co-authored-by: Luis Metzger <luismetzger@me.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR includes the following changes:
SEARCH_ENGINESconstant.LEGACY_OPENSEARCH_INDEX.app/models/legacy_opensearch/engine.rb.app/models/legacy_opensearch/api_engine.rb.BulkAffiliateSearchEngineUpdateJob::VALID_SEARCH_ENGINES.spec/controllers/searches_controller_spec.rbspec/models/legacy_opensearch/engine_spec.rbChecklist
Please ensure you have addressed all concerns below before marking a PR "ready for review" or before requesting a re-review. If you cannot complete an item below, replace the checkbox with the⚠️
:warning:emoji and explain why the step was not completed.Functionality Checks
You have merged the latest changes from the target branch (usually
main) into your branch.Your primary commit message is of the format SRCH-#### <description> matching the associated Jira ticket.
PR title is either of the format SRCH-#### <description> matching the associated Jira ticket (i.e. "SRCH-123 implement feature X"), or Release - SRCH-####, SRCH-####, SRCH-#### matching the Jira ticket numbers in the release.
Automated checks pass. If Code Climate checks do not pass, explain reason for failures:
Process Checks