honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack/qa/saml-idp-tests/build.gradle

87 lines
3.7 KiB
Groovy
Raw Normal View History

Build: Replace references to x-pack-elasticsearch paths with helper methods (elastic/x-pack-elasticsearch#3748) In order to more easily integrate xpack once it moves into the elasticsearch repo, references to the existing x-pack-elasticsearch need to be reduced. This commit introduces a few helper "methods" available to any project within xpack (through gradle project extension properties, as closures). All refeerences to project paths now use these helper methods, except for those pertaining to bwc, which will be handled in a followup. Original commit: elastic/x-pack-elasticsearch@850668744c7188f3ca8d6ff561c99fbd8995288e
2018-01-27 00:48:30 -05:00
Project idpFixtureProject = xpackProject("test:idp-fixture")
evaluationDependsOn(idpFixtureProject.path)
[Security] Add SAML authentication support (elastic/x-pack-elasticsearch#3646) Introduces: - SAML Realm - REST & Transport actions to support SAML single signon / signout - Tests for above - More XML than you ever wanted to see. Original commit: elastic/x-pack-elasticsearch@b0fe7bb6528e02de11dce392e498efb8dde150a4
2018-01-20 17:43:00 -05:00
apply plugin: 'elasticsearch.vagrantsupport'
Switch SAML QA test to use a standalone cluster (elastic/x-pack-elasticsearch#3743) Introduce a healthy dose of reality into the SAML integration tests. Switches the test class from *Tests to *IT, and updates the build to run it during integTest Original commit: elastic/x-pack-elasticsearch@edd2538e5fb8486c557a657ec5d503c3d1c73ab0
2018-01-30 07:03:04 -05:00
apply plugin: 'elasticsearch.standalone-rest-test'
apply plugin: 'elasticsearch.rest-test'
[Security] Add SAML authentication support (elastic/x-pack-elasticsearch#3646) Introduces: - SAML Realm - REST & Transport actions to support SAML single signon / signout - Tests for above - More XML than you ever wanted to see. Original commit: elastic/x-pack-elasticsearch@b0fe7bb6528e02de11dce392e498efb8dde150a4
2018-01-20 17:43:00 -05:00
dependencies {
Build: Shadow x-pack:protocol into x-pack:plugin:core (#32240) This bundles the x-pack:protocol project into the x-pack:plugin:core project because we'd like folks to consider it an implementation detail of our build rather than a separate artifact to be managed and depended on. It is now bundled into both x-pack:plugin:core and client:rest-high-level. To make this work I had to fix a few things. Firstly, I had to make PluginBuildPlugin work with the shadow plugin. In that case we have to bundle only the `shadow` dependencies and the shadow jar. Secondly, every reference to x-pack:plugin:core has to use the `shadow` configuration. Without that the reference is missing all of the un-shadowed dependencies. I tried to make it so that applying the shadow plugin automatically redefines the `default` configuration to mirror the `shadow` configuration which would allow us to use bare project references to the x-pack:plugin:core project but I couldn't make it work. It'd *look* like it works but then fail for transitive dependencies anyway. I think it is still a good thing to do but I don't have the willpower to do it now. Finally, I had to fix an issue where Eclipse and IntelliJ didn't properly reference shadowed transitive dependencies. Neither IDE supports shadowing natively so they have to reference the shadowed projects. We fix this by detecting `shadow` dependencies when in "Intellij mode" or "Eclipse mode" and adding `runtime` dependencies to the same target. This convinces IntelliJ and Eclipse to play nice.
2018-07-24 11:53:04 -04:00
testCompile project(path: xpackModule('core'), configuration: 'shadow')
Build: Replace references to x-pack-elasticsearch paths with helper methods (elastic/x-pack-elasticsearch#3748) In order to more easily integrate xpack once it moves into the elasticsearch repo, references to the existing x-pack-elasticsearch need to be reduced. This commit introduces a few helper "methods" available to any project within xpack (through gradle project extension properties, as closures). All refeerences to project paths now use these helper methods, except for those pertaining to bwc, which will be handled in a followup. Original commit: elastic/x-pack-elasticsearch@850668744c7188f3ca8d6ff561c99fbd8995288e
2018-01-27 00:48:30 -05:00
testCompile project(path: xpackModule('core'), configuration: 'testArtifacts')
testCompile project(path: xpackModule('security'), configuration: 'testArtifacts')
[Security] Add SAML authentication support (elastic/x-pack-elasticsearch#3646) Introduces: - SAML Realm - REST & Transport actions to support SAML single signon / signout - Tests for above - More XML than you ever wanted to see. Original commit: elastic/x-pack-elasticsearch@b0fe7bb6528e02de11dce392e498efb8dde150a4
2018-01-20 17:43:00 -05:00
testCompile 'com.google.jimfs:jimfs:1.1'
}
task idpFixture {
Build: Replace references to x-pack-elasticsearch paths with helper methods (elastic/x-pack-elasticsearch#3748) In order to more easily integrate xpack once it moves into the elasticsearch repo, references to the existing x-pack-elasticsearch need to be reduced. This commit introduces a few helper "methods" available to any project within xpack (through gradle project extension properties, as closures). All refeerences to project paths now use these helper methods, except for those pertaining to bwc, which will be handled in a followup. Original commit: elastic/x-pack-elasticsearch@850668744c7188f3ca8d6ff561c99fbd8995288e
2018-01-27 00:48:30 -05:00
dependsOn "vagrantCheckVersion", "virtualboxCheckVersion", idpFixtureProject.up
[Security] Add SAML authentication support (elastic/x-pack-elasticsearch#3646) Introduces: - SAML Realm - REST & Transport actions to support SAML single signon / signout - Tests for above - More XML than you ever wanted to see. Original commit: elastic/x-pack-elasticsearch@b0fe7bb6528e02de11dce392e498efb8dde150a4
2018-01-20 17:43:00 -05:00
}
Build: move generated-resources to build (#30366) This commit moves the generated-resources directory to be within the build directory for the openldap-tests and saml-idp-tests projects. Both projects create a generated-resources directory that should have been in the build directory but were instead at the same level as the build directory.
2018-05-10 09:35:23 -04:00
String outputDir = "${project.buildDir}/generated-resources/${project.name}"
Switch SAML QA test to use a standalone cluster (elastic/x-pack-elasticsearch#3743) Introduce a healthy dose of reality into the SAML integration tests. Switches the test class from *Tests to *IT, and updates the build to run it during integTest Original commit: elastic/x-pack-elasticsearch@edd2538e5fb8486c557a657ec5d503c3d1c73ab0
2018-01-30 07:03:04 -05:00
task copyIdpCertificate(type: Copy) {
[TEST] QA resources should not need vagrant provision (elastic/x-pack-elasticsearch#3851) For the idp-fixture (OpenLDAP + SAML), we have been generating the CA as part of the provisioning steps for the VM and then adding it to the test resources for the gradle project. This meant that test-resources were dependent on vagrant provision, and as a consequence vagrant would download and provision the box during precommit. A bad thing (TM) This change introduces a pre-generated CA, which is supplied to the VM instead so the tests only depend on fixed resources. (The SAML integration test still uses the generated IdP Metadata file, but it copies it as part integ-test cluster setup, and doesn't treat it as a gradle "test resource") Original commit: elastic/x-pack-elasticsearch@a352bf2a1fe0389d80ea53e279e0d47412bdc15a
2018-02-07 19:42:25 -05:00
from idpFixtureProject.file('src/main/resources/certs/ca.crt');
Switch SAML QA test to use a standalone cluster (elastic/x-pack-elasticsearch#3743) Introduce a healthy dose of reality into the SAML integration tests. Switches the test class from *Tests to *IT, and updates the build to run it during integTest Original commit: elastic/x-pack-elasticsearch@edd2538e5fb8486c557a657ec5d503c3d1c73ab0
2018-01-30 07:03:04 -05:00
into outputDir
}
[Security] Add SAML authentication support (elastic/x-pack-elasticsearch#3646) Introduces: - SAML Realm - REST & Transport actions to support SAML single signon / signout - Tests for above - More XML than you ever wanted to see. Original commit: elastic/x-pack-elasticsearch@b0fe7bb6528e02de11dce392e498efb8dde150a4
2018-01-20 17:43:00 -05:00
if (project.rootProject.vagrantSupported) {
Switch SAML QA test to use a standalone cluster (elastic/x-pack-elasticsearch#3743) Introduce a healthy dose of reality into the SAML integration tests. Switches the test class from *Tests to *IT, and updates the build to run it during integTest Original commit: elastic/x-pack-elasticsearch@edd2538e5fb8486c557a657ec5d503c3d1c73ab0
2018-01-30 07:03:04 -05:00
project.sourceSets.test.output.dir(outputDir, builtBy: copyIdpCertificate)
integTestCluster.dependsOn idpFixture, copyIdpCertificate
integTest.finalizedBy idpFixtureProject.halt
[Security] Add SAML authentication support (elastic/x-pack-elasticsearch#3646) Introduces: - SAML Realm - REST & Transport actions to support SAML single signon / signout - Tests for above - More XML than you ever wanted to see. Original commit: elastic/x-pack-elasticsearch@b0fe7bb6528e02de11dce392e498efb8dde150a4
2018-01-20 17:43:00 -05:00
} else {
Switch SAML QA test to use a standalone cluster (elastic/x-pack-elasticsearch#3743) Introduce a healthy dose of reality into the SAML integration tests. Switches the test class from *Tests to *IT, and updates the build to run it during integTest Original commit: elastic/x-pack-elasticsearch@edd2538e5fb8486c557a657ec5d503c3d1c73ab0
2018-01-30 07:03:04 -05:00
integTest.enabled = false
[Security] Add SAML authentication support (elastic/x-pack-elasticsearch#3646) Introduces: - SAML Realm - REST & Transport actions to support SAML single signon / signout - Tests for above - More XML than you ever wanted to see. Original commit: elastic/x-pack-elasticsearch@b0fe7bb6528e02de11dce392e498efb8dde150a4
2018-01-20 17:43:00 -05:00
}
Switch SAML QA test to use a standalone cluster (elastic/x-pack-elasticsearch#3743) Introduce a healthy dose of reality into the SAML integration tests. Switches the test class from *Tests to *IT, and updates the build to run it during integTest Original commit: elastic/x-pack-elasticsearch@edd2538e5fb8486c557a657ec5d503c3d1c73ab0
2018-01-30 07:03:04 -05:00
integTestCluster {
use generated license in qa test, see elastic/x-pack-elasticsearch#3878 Original commit: elastic/x-pack-elasticsearch@9a32eab685dc795eae59183f1e202fb911084d73
2018-02-13 06:16:53 -05:00
setting 'xpack.license.self_generated.type', 'trial'
Disable security for trial licenses by default (elastic/x-pack-elasticsearch#4120) This change disables security for trial licenses unless security is explicitly enabled in the settings. This is done to facilitate users getting started and not having to deal with some of the complexities involved in getting security configured. In order to do this and avoid disabling security for existing users that have gold or platinum licenses, we have to disable security after cluster formation so that the license can be retrieved. relates elastic/x-pack-elasticsearch#4078 Original commit: elastic/x-pack-elasticsearch@96bdb889fc74d4871c43df71354a21549cc53a3e
2018-03-21 23:09:44 -04:00
setting 'xpack.security.enabled', 'true'
Switch SAML QA test to use a standalone cluster (elastic/x-pack-elasticsearch#3743) Introduce a healthy dose of reality into the SAML integration tests. Switches the test class from *Tests to *IT, and updates the build to run it during integTest Original commit: elastic/x-pack-elasticsearch@edd2538e5fb8486c557a657ec5d503c3d1c73ab0
2018-01-30 07:03:04 -05:00
setting 'xpack.security.http.ssl.enabled', 'false'
setting 'xpack.security.authc.token.enabled', 'true'
setting 'xpack.security.authc.realms.file.type', 'file'
setting 'xpack.security.authc.realms.file.order', '0'
setting 'xpack.security.authc.realms.shibboleth.type', 'saml'
setting 'xpack.security.authc.realms.shibboleth.order', '1'
setting 'xpack.security.authc.realms.shibboleth.idp.entity_id', 'https://test.shibboleth.elastic.local/'
setting 'xpack.security.authc.realms.shibboleth.idp.metadata.path', 'idp-metadata.xml'
setting 'xpack.security.authc.realms.shibboleth.sp.entity_id', 'http://mock.http.elastic.local/'
// The port in the ACS URL is fake - the test will bind the mock webserver
// to a random port and then whenever it needs to connect to a URL on the
// mock webserver it will replace 54321 with the real port
setting 'xpack.security.authc.realms.shibboleth.sp.acs', 'http://localhost:54321/saml/acs'
setting 'xpack.security.authc.realms.shibboleth.attributes.principal', 'uid'
setting 'xpack.security.authc.realms.shibboleth.attributes.name', 'urn:oid:2.5.4.3'
setting 'xpack.ml.enabled', 'false'
extraConfigFile 'idp-metadata.xml', idpFixtureProject.file("src/main/resources/provision/generated/idp-metadata.xml")
setupCommand 'setupTestAdmin',
Rename users This commit renames users to elasticsearch-users.
2018-04-11 11:36:12 -04:00
'bin/elasticsearch-users', 'useradd', "test_admin", '-p', 'x-pack-test-password', '-r', "superuser"
Switch SAML QA test to use a standalone cluster (elastic/x-pack-elasticsearch#3743) Introduce a healthy dose of reality into the SAML integration tests. Switches the test class from *Tests to *IT, and updates the build to run it during integTest Original commit: elastic/x-pack-elasticsearch@edd2538e5fb8486c557a657ec5d503c3d1c73ab0
2018-01-30 07:03:04 -05:00
waitCondition = { node, ant ->
File tmpFile = new File(node.cwd, 'wait.success')
ant.get(src: "http://${node.httpUri()}/_cluster/health?wait_for_nodes=>=${numNodes}&wait_for_status=yellow",
dest: tmpFile.toString(),
username: 'test_admin',
password: 'x-pack-test-password',
ignoreerrors: true,
retries: 10)
return tmpFile.exists()
}
[Security] Add SAML authentication support (elastic/x-pack-elasticsearch#3646) Introduces: - SAML Realm - REST & Transport actions to support SAML single signon / signout - Tests for above - More XML than you ever wanted to see. Original commit: elastic/x-pack-elasticsearch@b0fe7bb6528e02de11dce392e498efb8dde150a4
2018-01-20 17:43:00 -05:00
}
forbiddenPatterns {
exclude '**/*.der'
exclude '**/*.p12'
exclude '**/*.key'
}
thirdPartyAudit.excludes = [
Fix format of third party audit in saml-idp-tests The formatting here was off since it contains tabs and tabs are evil. Original commit: elastic/x-pack-elasticsearch@fadbb021571bbe5dbfe01402f5f81ccdb7d6ca09
2018-01-20 19:53:26 -05:00
// uses internal java api: sun.misc.Unsafe
'com.google.common.cache.Striped64',
'com.google.common.cache.Striped64$1',
'com.google.common.cache.Striped64$Cell',
'com.google.common.primitives.UnsignedBytes$LexicographicalComparatorHolder$UnsafeComparator',
'com.google.common.primitives.UnsignedBytes$LexicographicalComparatorHolder$UnsafeComparator$1',
'com.google.common.util.concurrent.AbstractFuture$UnsafeAtomicHelper',
'com.google.common.util.concurrent.AbstractFuture$UnsafeAtomicHelper$1',
// missing
'com.ibm.icu.lang.UCharacter'
[Security] Add SAML authentication support (elastic/x-pack-elasticsearch#3646) Introduces: - SAML Realm - REST & Transport actions to support SAML single signon / signout - Tests for above - More XML than you ever wanted to see. Original commit: elastic/x-pack-elasticsearch@b0fe7bb6528e02de11dce392e498efb8dde150a4
2018-01-20 17:43:00 -05:00
]