[AUTO] Incremented version to 2.19.5.

.codecov.yml

@@ -0,0 +1,12 @@
+codecov:
+  require_ci_to_pass: yes
+
+coverage:
+  precision: 2
+  round: down
+  range: "75...100"
+  status:
+    project:
+      default:
+        target: 75%    # the required coverage value
+        threshold: 1%  # the leniency in hitting the target

.github/CODEOWNERS

@@ -1,2 +1 @@
-# This should match the owning team set up in https://github.com/orgs/opensearch-project/teams
-*   @opensearch-project/security-analytics
+* @amsiglan @AWSHurneyt @getsaurabh02 @lezzago @praveensameneni @sbcd90 @eirsep @jowg-amazon @engechas @goyamegh @riysaxen-amzn @toepkerd

.github/ISSUE_TEMPLATE/config.yml

@@ -4,4 +4,4 @@ contact_links:
     about: Please ask and answer questions here.
   - name: AWS/Amazon Security
     url: https://aws.amazon.com/security/vulnerability-reporting/
-    about: Please report security vulnerabilities here.
+    about: Please report security vulnerabilities here.

.github/ISSUE_TEMPLATE/office_hours.md

@@ -0,0 +1,18 @@
+---
+name: 🎆 Office Hours
+about: Discuss project issues, feature requests/ enhancements, PRs
+title: '[OFFICE HOURS]'
+labels: 'office hours, untriaged'
+assignees: ''
+---
+**Is your  topic  related to a problem?**
+A clear and concise description of what the problem is, e.g. _I'm always frustrated when [...]_
+
+**What would you like to review?**
+A clear and concise description of what you want to happen.
+
+**What alternatives have you considered?**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Do you have any additional context?**
+Add any other context or screenshots about the topic here.

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,15 +1,16 @@
 ### Description
 [Describe what this change achieves]
-
-### Issues Resolved
-[List any issues this PR will resolve]
-
+
+### Related Issues
+Resolves #[Issue number to be closed when this PR is merged]
+<!-- List any other related issues here -->
+
 ### Check List
 - [ ] New functionality includes testing.
-  - [ ] All tests pass
 - [ ] New functionality has been documented.
-  - [ ] New functionality has javadoc added
-- [ ] Commits are signed per the DCO using --signoff 
+- [ ] API changes companion pull request [created](https://github.com/opensearch-project/opensearch-api-specification/blob/main/DEVELOPER_GUIDE.md).
+- [ ] Commits are signed per the DCO using `--signoff`.
+- [ ] Public documentation issue/PR [created](https://github.com/opensearch-project/documentation-website/issues/new/choose).
 
 By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
-For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin).
+For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/security-analytics/blob/main/CONTRIBUTING.md#developer-certificate-of-origin).

.github/workflows/add-untriaged.yml

@@ -0,0 +1,19 @@
+name: Apply 'untriaged' label during issue lifecycle
+
+on:
+  issues:
+    types: [opened, reopened, transferred]
+
+jobs:
+  apply-label:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/github-script@v6
+        with:
+          script: |
+            github.rest.issues.addLabels({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: ['untriaged']
+            })

.github/workflows/backport.yml

@@ -0,0 +1,31 @@
+
+name: Backport
+on:
+  pull_request_target:
+    types:
+      - closed
+      - labeled
+
+jobs:
+  backport:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    name: Backport
+    steps:
+      - name: GitHub App token
+        id: github_app_token
+        uses: tibdex/github-app-token@v1.5.0
+        with:
+          app_id: ${{ secrets.APP_ID }}
+          private_key: ${{ secrets.APP_PRIVATE_KEY }}
+          installation_id: 22958780
+
+      - name: Backport
+        uses: VachaShah/backport@v2.2.0
+        with:
+          github_token: ${{ steps.github_app_token.outputs.token }}
+          branch_name: backport/backport-${{ github.event.number }}
+          labels_template: "<%= JSON.stringify([...labels, 'autocut']) %>"
+          failure_labels: "failed backport"

.github/workflows/ci.yml

@@ -8,34 +8,95 @@ on:
       - "*"
 
 jobs:
-  build:
+  Get-CI-Image-Tag:
+    uses: opensearch-project/opensearch-build/.github/workflows/get-ci-image-tag.yml@main
+    with:
+      product: opensearch
+
+  build-linux:
+    needs: Get-CI-Image-Tag
+    strategy:
+      # This setting says that all jobs should finish, even if one fails
+      fail-fast: false
+      matrix:
+        java: [21, 25]
+        os:
+          - ubuntu-24.04-arm  # arm64-preview
+          - ubuntu-24.04  # x64
+
+    name: Build and Test security-analytics with JDK ${{ matrix.java }} on ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    container:
+      # using the same image which is used by opensearch-build team to build the OpenSearch Distribution
+      # this image tag is subject to change as more dependencies and updates will arrive over time
+      image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
+      # need to switch to root so that github actions can install runner binary on container without permission issues.
+      options: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-options }}
+
+    steps:
+      - name: Run start commands
+        run: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-start-command }}
+
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Java ${{ matrix.java }}
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin # Temurin is a distribution of adoptium
+          java-version: ${{ matrix.java }}
+
+      - name: Build and Test
+        run: |
+          chown -R 1000:1000 `pwd`
+          su `id -un 1000` -c "whoami && java -version && ./gradlew build"
+
+      - name: Create Artifact Path
+        run: |
+          mkdir -p security-analytics-artifacts
+          cp ./build/distributions/*.zip security-analytics-artifacts
+
+      - name: Upload Coverage Report
+        uses: codecov/codecov-action@v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Upload failed logs
+        uses: actions/upload-artifact@v4
+        if: failure()
+        with:
+          name: logs-ubuntu
+          path: build/testclusters/integTest-*/logs/*
+          overwrite: true
+
+      - name: Upload Artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: security-analytics-plugin-${{ matrix.os }}-${{ matrix.java }}
+          path: security-analytics-artifacts
+          overwrite: true
+
+  build-windows-macos:
     env:
       BUILD_ARGS: ${{ matrix.os_build_args }}
       WORKING_DIR: ${{ matrix.working_directory }}.
     strategy:
       matrix:
-        java: [11, 17]
-        os: [ ubuntu-latest, windows-latest, macos-latest ]
+        java: [21, 25]
+        os: [ windows-latest, macos-latest ]
         include:
           - os: windows-latest
-            os_build_args: -x integTest -x jacocoTestReport
-            working_directory: X:\
+            os_build_args: -x integTest
             os_java_options: -Xmx4096M
           - os: macos-latest
-            os_build_args: -x integTest -x jacocoTestReport
+            os_build_args: -x jacocoTestReport
 
     name: Build and Test security-analytics with JDK ${{ matrix.java }} on ${{ matrix.os }}
     runs-on: ${{ matrix.os }}
 
     steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-
-      # This is a hack, but this step creates a link to the X: mounted drive, which makes the path
-      # short enough to work on Windows
-      - name: Shorten Path
-        if: ${{ matrix.os == 'windows-latest' }}
-        run: subst 'X:' .
+      - name: Checkout Branch
+        uses: actions/checkout@v4
 
       - name: Setup Java ${{ matrix.java }}
         uses: actions/setup-java@v1
@@ -53,14 +114,25 @@ jobs:
           mkdir -p security-analytics-artifacts
           cp ./build/distributions/*.zip security-analytics-artifacts
 
-      - name: Upload Coverage Report
-        if: ${{ matrix.os == 'ubuntu-latest' }}
-        uses: codecov/codecov-action@v1
+      - name: Upload failed logs
+        uses: actions/upload-artifact@v4
+        if: ${{ failure() && matrix.os == 'macos-latest' }}
         with:
-          token: ${{ secrets.CODECOV_TOKEN }}
+          name: logs-mac
+          path: build/testclusters/integTest-*/logs/*
+          overwrite: true
+
+      - name: Upload failed logs
+        uses: actions/upload-artifact@v4
+        if: ${{ failure() && matrix.os == 'windows-latest' }}
+        with:
+          name: logs-windows
+          path: build\testclusters\integTest-*\logs\*
+          overwrite: true
 
       - name: Upload Artifacts
-        uses: actions/upload-artifact@v1
+        uses: actions/upload-artifact@v4
         with:
-          name: security-analytics-plugin-${{ matrix.os }}
-          path: security-analytics-artifacts
+          name: security-analytics-plugin-${{ matrix.os }}-${{ matrix.java }}
+          path: security-analytics-artifacts
+          overwrite: true

.github/workflows/delete_backport_branch.yml

@@ -0,0 +1,20 @@
+##
+# Copyright OpenSearch Contributors
+# SPDX-License-Identifier: Apache-2.0
+##
+
+name: Delete merged branch of the backport PRs
+on:
+  pull_request:
+    types:
+      - closed
+
+jobs:
+  delete-branch:
+    runs-on: ubuntu-latest
+    if: startsWith(github.event.pull_request.head.ref,'backport/')
+    steps:
+      - name: Delete merged branch
+        uses: SvanBoxel/delete-merged-branch@main
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/maven-publish.yml

@@ -0,0 +1,47 @@
+name: Publish snapshots to maven
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'main'
+      - '[0-9]+.[0-9]+'
+      - '[0-9]+.x'
+
+jobs:
+  build-and-publish-snapshots:
+    strategy:
+      fail-fast: false
+    if: github.repository == 'opensearch-project/security-analytics'
+    runs-on: ubuntu-latest
+
+    permissions:
+      id-token: write
+      contents: write
+
+    steps:
+      - uses: actions/setup-java@v3
+        with:
+          distribution: temurin # Temurin is a distribution of adoptium
+          java-version: 21
+      - uses: actions/checkout@v4
+
+      - name: Load secret
+        uses: 1password/load-secrets-action@v2
+        with:
+          # Export loaded secrets as environment variables
+          export-env: true
+        env:
+          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
+          MAVEN_SNAPSHOTS_S3_REPO: op://opensearch-infra-secrets/maven-snapshots-s3/repo
+          MAVEN_SNAPSHOTS_S3_ROLE: op://opensearch-infra-secrets/maven-snapshots-s3/role
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v5
+        with:
+          role-to-assume: ${{ env.MAVEN_SNAPSHOTS_S3_ROLE }}
+          aws-region: us-east-1
+
+      - name: publish snapshots to maven
+        run: |
+          ./gradlew publishPluginZipPublicationToSnapshotsRepository