honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack/qa/third-party/active-directory/build.gradle

48 lines
1.5 KiB
Groovy
Raw Normal View History

Run active directory tests against a samba4 fixture (elastic/x-pack-elasticsearch#4067) This commit adds a Samba4 test fixture that acts as a domain controller and has the same contents as the cloud active directory instance that we previously used for tests. The tests also support reading information from environment variables so that they can be run against a real active directory instance in our CI builds. In addition, this commit also fixes a few issues that surfaced when making this change. The first is a change in the base DN that is searched when performing down-level authentication. The base DN is now the configuration object instead of the domain DN. This change was required due to the original producing unnecessary referrals, which we cannot easily follow when running against this test figure. Referrals cannot easily be followed as they are returned by the ldap server with an unresolvable DNS name unless the host points to the samba4 instance for DNS. The port returned in the referral url is the one samba is bound to, which differs from the port that is forwarded to the host by the test fixture. The other issue that is resolved by this change is the addition of settings that allow specifying non-standard ports for active directory. This is needed for down-level authentication as we may need to query the regular port of active directory instead of the global catalog port as the configuration object is not replicated to the global catalog. relates elastic/x-pack-elasticsearch#185 Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@883c742fbae425c70fbe3cb5a64b913336d344a1
2018-03-16 12:44:23 -04:00
Project smbFixtureProject = xpackProject("test:smb-fixture")
evaluationDependsOn(smbFixtureProject.path)
apply plugin: 'elasticsearch.vagrantsupport'
Cleanup: Move tests calling external services into QA projects (elastic/x-pack-elasticsearch#3869) This also moves the hipchat/pagerduty/slack tests to REST tests which put real watches and also check the history. Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@fce08d9cb7c3eb097a4102c58e2a9476cd4ad145
2018-02-23 07:31:28 -05:00
apply plugin: 'elasticsearch.standalone-test'
dependencies {
testCompile project(xpackModule('security'))
testCompile project(path: xpackModule('security'), configuration: 'testArtifacts')
}
Run active directory tests against a samba4 fixture (elastic/x-pack-elasticsearch#4067) This commit adds a Samba4 test fixture that acts as a domain controller and has the same contents as the cloud active directory instance that we previously used for tests. The tests also support reading information from environment variables so that they can be run against a real active directory instance in our CI builds. In addition, this commit also fixes a few issues that surfaced when making this change. The first is a change in the base DN that is searched when performing down-level authentication. The base DN is now the configuration object instead of the domain DN. This change was required due to the original producing unnecessary referrals, which we cannot easily follow when running against this test figure. Referrals cannot easily be followed as they are returned by the ldap server with an unresolvable DNS name unless the host points to the samba4 instance for DNS. The port returned in the referral url is the one samba is bound to, which differs from the port that is forwarded to the host by the test fixture. The other issue that is resolved by this change is the addition of settings that allow specifying non-standard ports for active directory. This is needed for down-level authentication as we may need to query the regular port of active directory instead of the global catalog port as the configuration object is not replicated to the global catalog. relates elastic/x-pack-elasticsearch#185 Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@883c742fbae425c70fbe3cb5a64b913336d344a1
2018-03-16 12:44:23 -04:00
// add test resources from security, so tests can use example certs
Cleanup: Move tests calling external services into QA projects (elastic/x-pack-elasticsearch#3869) This also moves the hipchat/pagerduty/slack tests to REST tests which put real watches and also check the history. Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@fce08d9cb7c3eb097a4102c58e2a9476cd4ad145
2018-02-23 07:31:28 -05:00
sourceSets.test.resources.srcDirs(project(xpackModule('security')).sourceSets.test.resources.srcDirs)
Run active directory tests against a samba4 fixture (elastic/x-pack-elasticsearch#4067) This commit adds a Samba4 test fixture that acts as a domain controller and has the same contents as the cloud active directory instance that we previously used for tests. The tests also support reading information from environment variables so that they can be run against a real active directory instance in our CI builds. In addition, this commit also fixes a few issues that surfaced when making this change. The first is a change in the base DN that is searched when performing down-level authentication. The base DN is now the configuration object instead of the domain DN. This change was required due to the original producing unnecessary referrals, which we cannot easily follow when running against this test figure. Referrals cannot easily be followed as they are returned by the ldap server with an unresolvable DNS name unless the host points to the samba4 instance for DNS. The port returned in the referral url is the one samba is bound to, which differs from the port that is forwarded to the host by the test fixture. The other issue that is resolved by this change is the addition of settings that allow specifying non-standard ports for active directory. This is needed for down-level authentication as we may need to query the regular port of active directory instead of the global catalog port as the configuration object is not replicated to the global catalog. relates elastic/x-pack-elasticsearch#185 Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@883c742fbae425c70fbe3cb5a64b913336d344a1
2018-03-16 12:44:23 -04:00
compileTestJava.options.compilerArgs << "-Xlint:-deprecation,-rawtypes,-serial,-try,-unchecked"
Cleanup: Move tests calling external services into QA projects (elastic/x-pack-elasticsearch#3869) This also moves the hipchat/pagerduty/slack tests to REST tests which put real watches and also check the history. Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@fce08d9cb7c3eb097a4102c58e2a9476cd4ad145
2018-02-23 07:31:28 -05:00
Run active directory tests against a samba4 fixture (elastic/x-pack-elasticsearch#4067) This commit adds a Samba4 test fixture that acts as a domain controller and has the same contents as the cloud active directory instance that we previously used for tests. The tests also support reading information from environment variables so that they can be run against a real active directory instance in our CI builds. In addition, this commit also fixes a few issues that surfaced when making this change. The first is a change in the base DN that is searched when performing down-level authentication. The base DN is now the configuration object instead of the domain DN. This change was required due to the original producing unnecessary referrals, which we cannot easily follow when running against this test figure. Referrals cannot easily be followed as they are returned by the ldap server with an unresolvable DNS name unless the host points to the samba4 instance for DNS. The port returned in the referral url is the one samba is bound to, which differs from the port that is forwarded to the host by the test fixture. The other issue that is resolved by this change is the addition of settings that allow specifying non-standard ports for active directory. This is needed for down-level authentication as we may need to query the regular port of active directory instead of the global catalog port as the configuration object is not replicated to the global catalog. relates elastic/x-pack-elasticsearch#185 Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@883c742fbae425c70fbe3cb5a64b913336d344a1
2018-03-16 12:44:23 -04:00
// we have to repeat these patterns because the security test resources are effectively in the src of this project
Cleanup: Move tests calling external services into QA projects (elastic/x-pack-elasticsearch#3869) This also moves the hipchat/pagerduty/slack tests to REST tests which put real watches and also check the history. Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@fce08d9cb7c3eb097a4102c58e2a9476cd4ad145
2018-02-23 07:31:28 -05:00
forbiddenPatterns {
exclude '**/*.key'
exclude '**/*.p12'
exclude '**/*.der'
}
test {
/*
* We have to disable setting the number of available processors as tests in the same JVM randomize processors and will step on each
* other if we allow them to set the number of available processors as it's set-once in Netty.
*/
systemProperty 'es.set.netty.runtime.available.processors', 'false'
Run active directory tests against a samba4 fixture (elastic/x-pack-elasticsearch#4067) This commit adds a Samba4 test fixture that acts as a domain controller and has the same contents as the cloud active directory instance that we previously used for tests. The tests also support reading information from environment variables so that they can be run against a real active directory instance in our CI builds. In addition, this commit also fixes a few issues that surfaced when making this change. The first is a change in the base DN that is searched when performing down-level authentication. The base DN is now the configuration object instead of the domain DN. This change was required due to the original producing unnecessary referrals, which we cannot easily follow when running against this test figure. Referrals cannot easily be followed as they are returned by the ldap server with an unresolvable DNS name unless the host points to the samba4 instance for DNS. The port returned in the referral url is the one samba is bound to, which differs from the port that is forwarded to the host by the test fixture. The other issue that is resolved by this change is the addition of settings that allow specifying non-standard ports for active directory. This is needed for down-level authentication as we may need to query the regular port of active directory instead of the global catalog port as the configuration object is not replicated to the global catalog. relates elastic/x-pack-elasticsearch#185 Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@883c742fbae425c70fbe3cb5a64b913336d344a1
2018-03-16 12:44:23 -04:00
include '**/*IT.class'
include '**/*Tests.class'
Cleanup: Move tests calling external services into QA projects (elastic/x-pack-elasticsearch#3869) This also moves the hipchat/pagerduty/slack tests to REST tests which put real watches and also check the history. Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@fce08d9cb7c3eb097a4102c58e2a9476cd4ad145
2018-02-23 07:31:28 -05:00
}
// these are just tests, no need to audit
thirdPartyAudit.enabled = false
Run active directory tests against a samba4 fixture (elastic/x-pack-elasticsearch#4067) This commit adds a Samba4 test fixture that acts as a domain controller and has the same contents as the cloud active directory instance that we previously used for tests. The tests also support reading information from environment variables so that they can be run against a real active directory instance in our CI builds. In addition, this commit also fixes a few issues that surfaced when making this change. The first is a change in the base DN that is searched when performing down-level authentication. The base DN is now the configuration object instead of the domain DN. This change was required due to the original producing unnecessary referrals, which we cannot easily follow when running against this test figure. Referrals cannot easily be followed as they are returned by the ldap server with an unresolvable DNS name unless the host points to the samba4 instance for DNS. The port returned in the referral url is the one samba is bound to, which differs from the port that is forwarded to the host by the test fixture. The other issue that is resolved by this change is the addition of settings that allow specifying non-standard ports for active directory. This is needed for down-level authentication as we may need to query the regular port of active directory instead of the global catalog port as the configuration object is not replicated to the global catalog. relates elastic/x-pack-elasticsearch#185 Relates elastic/x-pack-elasticsearch#3800 Original commit: elastic/x-pack-elasticsearch@883c742fbae425c70fbe3cb5a64b913336d344a1
2018-03-16 12:44:23 -04:00
task smbFixture {
dependsOn "vagrantCheckVersion", "virtualboxCheckVersion", smbFixtureProject.up
}
if (project.rootProject.vagrantSupported) {
if (project.hasProperty('useExternalAD') == false) {
test.dependsOn smbFixture
test.finalizedBy smbFixtureProject.halt
}
} else {
test.enabled = false
}