2019-11-01 14:33:11 -04:00
|
|
|
import org.elasticsearch.gradle.info.BuildParams
|
|
|
|
|
2015-10-29 14:40:19 -04:00
|
|
|
/*
|
|
|
|
* Licensed to Elasticsearch under one or more contributor
|
|
|
|
* license agreements. See the NOTICE file distributed with
|
|
|
|
* this work for additional information regarding copyright
|
|
|
|
* ownership. Elasticsearch licenses this file to you under
|
|
|
|
* the Apache License, Version 2.0 (the "License"); you may
|
|
|
|
* not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing,
|
|
|
|
* software distributed under the License is distributed on an
|
|
|
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
|
|
* KIND, either express or implied. See the License for the
|
|
|
|
* specific language governing permissions and limitations
|
|
|
|
* under the License.
|
|
|
|
*/
|
2020-07-06 15:16:26 -04:00
|
|
|
apply plugin: 'elasticsearch.rest-resources'
|
2015-10-29 14:40:19 -04:00
|
|
|
|
|
|
|
esplugin {
|
|
|
|
description 'The EC2 discovery plugin allows to use AWS API for the unicast discovery mechanism.'
|
2017-04-06 02:51:49 -04:00
|
|
|
classname 'org.elasticsearch.discovery.ec2.Ec2DiscoveryPlugin'
|
2015-10-29 14:40:19 -04:00
|
|
|
}
|
|
|
|
|
2015-11-10 17:58:46 -05:00
|
|
|
versions << [
|
2020-03-23 10:31:29 -04:00
|
|
|
'aws': '1.11.749'
|
2015-11-10 17:58:46 -05:00
|
|
|
]
|
|
|
|
|
2015-10-29 14:40:19 -04:00
|
|
|
dependencies {
|
2020-06-30 09:57:41 -04:00
|
|
|
api "com.amazonaws:aws-java-sdk-ec2:${versions.aws}"
|
|
|
|
api "com.amazonaws:aws-java-sdk-core:${versions.aws}"
|
|
|
|
api "org.apache.httpcomponents:httpclient:${versions.httpclient}"
|
|
|
|
api "org.apache.httpcomponents:httpcore:${versions.httpcore}"
|
|
|
|
api "commons-logging:commons-logging:${versions.commonslogging}"
|
|
|
|
api "org.apache.logging.log4j:log4j-1.2-api:${versions.log4j}"
|
|
|
|
api "commons-codec:commons-codec:${versions.commonscodec}"
|
|
|
|
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
|
|
|
|
api "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
|
2015-10-29 14:40:19 -04:00
|
|
|
}
|
|
|
|
|
2020-03-19 13:28:59 -04:00
|
|
|
restResources {
|
|
|
|
restApi {
|
|
|
|
includeCore '_common', 'cluster', 'nodes'
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-06-18 02:15:50 -04:00
|
|
|
tasks.named("dependencyLicenses").configure {
|
2015-10-29 14:40:19 -04:00
|
|
|
mapping from: /aws-java-sdk-.*/, to: 'aws-java-sdk'
|
|
|
|
mapping from: /jackson-.*/, to: 'jackson'
|
|
|
|
}
|
|
|
|
|
2016-09-03 06:41:07 -04:00
|
|
|
bundlePlugin {
|
|
|
|
from('config/discovery-ec2') {
|
|
|
|
into 'config'
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-05 09:02:09 -05:00
|
|
|
task writeTestJavaPolicy {
|
|
|
|
doLast {
|
|
|
|
final File tmp = file("${buildDir}/tmp")
|
|
|
|
if (tmp.exists() == false && tmp.mkdirs() == false) {
|
|
|
|
throw new GradleException("failed to create temporary directory [${tmp}]")
|
|
|
|
}
|
|
|
|
final File javaPolicy = file("${tmp}/java.policy")
|
2020-05-15 11:10:45 -04:00
|
|
|
if (BuildParams.inFipsJvm) {
|
|
|
|
javaPolicy.write(
|
|
|
|
[
|
|
|
|
"grant {",
|
|
|
|
" permission java.security.SecurityPermission \"putProviderProperty.BCFIPS\";",
|
|
|
|
" permission java.security.SecurityPermission \"putProviderProperty.BCJSSE\";",
|
|
|
|
" permission java.lang.RuntimePermission \"getProtectionDomain\";",
|
|
|
|
" permission java.util.PropertyPermission \"java.runtime.name\", \"read\";",
|
|
|
|
" permission org.bouncycastle.crypto.CryptoServicesPermission \"tlsAlgorithmsEnabled\";",
|
|
|
|
" permission java.lang.RuntimePermission \"accessClassInPackage.sun.security.internal.spec\";",
|
|
|
|
" permission java.lang.RuntimePermission \"accessDeclaredMembers\";",
|
|
|
|
" permission java.util.PropertyPermission \"intellij.debug.agent\", \"read\";",
|
|
|
|
" permission java.util.PropertyPermission \"intellij.debug.agent\", \"write\";",
|
|
|
|
" permission org.bouncycastle.crypto.CryptoServicesPermission \"exportSecretKey\";",
|
|
|
|
" permission org.bouncycastle.crypto.CryptoServicesPermission \"exportPrivateKey\";",
|
|
|
|
" permission java.io.FilePermission \"\${javax.net.ssl.trustStore}\", \"read\";",
|
|
|
|
" permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
|
|
|
|
"};"
|
|
|
|
].join("\n")
|
|
|
|
)
|
|
|
|
} else {
|
|
|
|
javaPolicy.write(
|
|
|
|
[
|
|
|
|
"grant {",
|
|
|
|
" permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
|
|
|
|
"};"
|
|
|
|
].join("\n"))
|
|
|
|
}
|
2018-11-05 09:02:09 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-04-09 14:52:50 -04:00
|
|
|
test {
|
2018-11-05 09:02:09 -05:00
|
|
|
dependsOn writeTestJavaPolicy
|
2015-10-29 14:40:19 -04:00
|
|
|
// this is needed for insecure plugins, remove if possible!
|
2016-06-01 16:44:39 -04:00
|
|
|
systemProperty 'tests.artifact', project.name
|
2019-11-14 06:01:23 -05:00
|
|
|
|
2020-05-15 11:10:45 -04:00
|
|
|
// Setting a custom policy to manipulate com.amazonaws.sdk.ec2MetadataServiceEndpointOverride system property
|
2018-11-05 09:02:09 -05:00
|
|
|
// it is better rather disable security manager at all with `systemProperty 'tests.security.manager', 'false'`
|
2020-05-15 11:10:45 -04:00
|
|
|
if (BuildParams.inFipsJvm){
|
|
|
|
// Using the key==value format to override default JVM security settings and policy
|
|
|
|
// see also: https://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html
|
|
|
|
systemProperty 'java.security.policy', "=file://${buildDir}/tmp/java.policy"
|
|
|
|
} else {
|
|
|
|
systemProperty 'java.security.policy', "file://${buildDir}/tmp/java.policy"
|
|
|
|
}
|
2015-10-29 14:40:19 -04:00
|
|
|
}
|
2015-12-16 16:38:16 -05:00
|
|
|
|
2018-06-15 09:49:14 -04:00
|
|
|
check {
|
|
|
|
// also execute the QA tests when testing the plugin
|
|
|
|
dependsOn 'qa:amazon-ec2:check'
|
|
|
|
}
|
|
|
|
|
2019-11-14 06:01:23 -05:00
|
|
|
thirdPartyAudit.ignoreMissingClasses(
|
2015-12-28 22:38:55 -05:00
|
|
|
// classes are missing
|
2017-09-12 04:34:12 -04:00
|
|
|
'com.amazonaws.jmespath.JmesPathEvaluationVisitor',
|
|
|
|
'com.amazonaws.jmespath.JmesPathExpression',
|
|
|
|
'com.amazonaws.jmespath.JmesPathField',
|
|
|
|
'com.amazonaws.jmespath.JmesPathFlatten',
|
|
|
|
'com.amazonaws.jmespath.JmesPathIdentity',
|
|
|
|
'com.amazonaws.jmespath.JmesPathLengthFunction',
|
|
|
|
'com.amazonaws.jmespath.JmesPathLiteral',
|
|
|
|
'com.amazonaws.jmespath.JmesPathProjection',
|
|
|
|
'com.amazonaws.jmespath.JmesPathSubExpression',
|
|
|
|
'com.amazonaws.jmespath.ObjectMapperSingleton',
|
|
|
|
'com.amazonaws.jmespath.OpGreaterThan',
|
|
|
|
'software.amazon.ion.IonReader',
|
|
|
|
'software.amazon.ion.IonSystem',
|
|
|
|
'software.amazon.ion.IonType',
|
|
|
|
'software.amazon.ion.IonWriter',
|
|
|
|
'software.amazon.ion.Timestamp',
|
|
|
|
'software.amazon.ion.system.IonBinaryWriterBuilder',
|
|
|
|
'software.amazon.ion.system.IonSystemBuilder',
|
|
|
|
'software.amazon.ion.system.IonTextWriterBuilder',
|
|
|
|
'software.amazon.ion.system.IonWriterBuilder',
|
2019-11-14 06:01:23 -05:00
|
|
|
'javax.servlet.ServletContextEvent',
|
|
|
|
'javax.servlet.ServletContextListener',
|
|
|
|
'org.apache.avalon.framework.logger.Logger',
|
|
|
|
'org.apache.log.Hierarchy',
|
2019-01-07 10:24:19 -05:00
|
|
|
'org.apache.log.Logger'
|
|
|
|
)
|
2018-01-16 22:59:29 -05:00
|
|
|
|
2020-03-23 18:30:10 -04:00
|
|
|
if (BuildParams.runtimeJavaVersion > JavaVersion.VERSION_1_8) {
|
|
|
|
thirdPartyAudit.ignoreMissingClasses(
|
|
|
|
'javax.xml.bind.DatatypeConverter',
|
|
|
|
'javax.xml.bind.JAXBContext'
|
|
|
|
)
|
2018-01-16 22:59:29 -05:00
|
|
|
}
|