honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/client/rest-high-level/build.gradle

150 lines
5.9 KiB
Groovy
Raw Normal View History

Remove random when using HLRC sync and async calls (#48211) This commit removes the randomization used by every execute call in the high level rest tests. Previously every execute call, which can be many calls per single test, would rely on a random boolean to determine if they should use the sync or async methods provided to the execute method. This commit runs the tests twice, using two different clusters, both of them providing the value one time via a sysprop. This ensures that the whole suite of tests is run using the sync and async code paths. Closes #39667
2019-10-24 10:04:57 -04:00
import org.elasticsearch.gradle.test.RestIntegTestTask
add REST high level client gradle submodule and first simple method The RestHighLevelClient class takes as as an argument a low level client instance RestClient. The first method added is ping, which returns true if the call to HEAD / went ok and false if an IOException was thrown. Any other exception gets bubbled up. There are two kinds of tests, a unit test (RestHighLevelClientTests) that verifies the interaction between high level and low level client, and an integration test (MainActionIT) which relies on an externally started es cluster to send requests to.
2016-12-29 12:16:04 -05:00
/*
* Licensed to Elasticsearch under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
apply plugin: 'elasticsearch.testclusters'
add REST high level client gradle submodule and first simple method The RestHighLevelClient class takes as as an argument a low level client instance RestClient. The first method added is ping, which returns true if the call to HEAD / went ok and false if an IOException was thrown. Any other exception gets bubbled up. There are two kinds of tests, a unit test (RestHighLevelClientTests) that verifies the interaction between high level and low level client, and an integration test (MainActionIT) which relies on an externally started es cluster to send requests to.
2016-12-29 12:16:04 -05:00
apply plugin: 'elasticsearch.build'
apply plugin: 'elasticsearch.rest-test'
Rename client artifacts (#25693) It was brought up that our current client artifacts have generic names like 'rest' that may cause conflicts with other artifacts. This commit renames: - rest -> elasticsearch-rest-client - sniffer -> elasticsearch-rest-client-sniffer - rest-high-level -> elasticsearch-rest-high-level-client A couple of small changes are also preparing the high level client for its first release. Closes #20248
2017-07-13 03:44:25 -04:00
apply plugin: 'nebula.maven-base-publish'
apply plugin: 'nebula.maven-scm'
add REST high level client gradle submodule and first simple method The RestHighLevelClient class takes as as an argument a low level client instance RestClient. The first method added is ping, which returns true if the call to HEAD / went ok and false if an IOException was thrown. Any other exception gets bubbled up. There are two kinds of tests, a unit test (RestHighLevelClientTests) that verifies the interaction between high level and low level client, and an integration test (MainActionIT) which relies on an externally started es cluster to send requests to.
2016-12-29 12:16:04 -05:00
group = 'org.elasticsearch.client'
Rename client artifacts (#25693) It was brought up that our current client artifacts have generic names like 'rest' that may cause conflicts with other artifacts. This commit renames: - rest -> elasticsearch-rest-client - sniffer -> elasticsearch-rest-client-sniffer - rest-high-level -> elasticsearch-rest-high-level-client A couple of small changes are also preparing the high level client for its first release. Closes #20248
2017-07-13 03:44:25 -04:00
archivesBaseName = 'elasticsearch-rest-high-level-client'
Build: Add back setting artifact id of pom for rest high level client (#32731) This commit adds back the publishing section that sets the artifact id of the generated pom file for the high level rest client. This was accidentally removed during a consolidationo of the shadow plugin logic.
2018-08-09 13:11:08 -04:00
publishing {
publications {
nebula {
artifactId = archivesBaseName
}
}
}
Upgrade to Gradle 5.0 (#34263)
2018-12-05 07:06:11 -05:00
configurations {
restSpec
}
idea {
module {
Apply 2-space indent to all gradle scripts (#49071) Backport of #48849. Update `.editorconfig` to make the Java settings the default for all files, and then apply a 2-space indent to all `*.gradle` files. Then reformat all the files.
2019-11-14 06:01:23 -05:00
if (scopes.TEST != null) {
scopes.TEST.plus.add(project.configurations.restSpec)
}
Upgrade to Gradle 5.0 (#34263)
2018-12-05 07:06:11 -05:00
}
}
Check that client methods match API defined in the REST spec (#31825) We have been encountering name mismatches between API defined in our REST spec and method names that have been added to the high-level REST client. We should check this automatically to prevent furher mismatches, and correct all the current ones. This commit adds a test for this and corrects the issues found by it.
2018-07-17 05:26:28 -04:00
add REST high level client gradle submodule and first simple method The RestHighLevelClient class takes as as an argument a low level client instance RestClient. The first method added is ping, which returns true if the call to HEAD / went ok and false if an IOException was thrown. Any other exception gets bubbled up. There are two kinds of tests, a unit test (RestHighLevelClientTests) that verifies the interaction between high level and low level client, and an integration test (MainActionIT) which relies on an externally started es cluster to send requests to.
2016-12-29 12:16:04 -05:00
dependencies {
[Backport] Remove dependency substitutions 7.x (#42866) * Remove unnecessary usage of Gradle dependency substitution rules (#42773) (cherry picked from commit 12d583dbf6f7d44f00aa365e34fc7e937c3c61f7)
2019-06-04 16:50:23 -04:00
compile project(':server')
compile project(':client:rest')
Add mapper-extras and the RankFeatureQuery in the hlrc (#43713) This change adds the support for the RankFeatureQuery in the HLRC by providing an extra dependency on mapper-extras-client. It also removes the dependency on lang-painless in mapper-extras which is not needed anymore since the move of the vector field into a dedicated module. Closes #43634
2019-08-14 03:52:49 -04:00
compile project(':modules:mapper-extras')
[Backport] Remove dependency substitutions 7.x (#42866) * Remove unnecessary usage of Gradle dependency substitution rules (#42773) (cherry picked from commit 12d583dbf6f7d44f00aa365e34fc7e937c3c61f7)
2019-06-04 16:50:23 -04:00
compile project(':modules:parent-join')
compile project(':modules:aggs-matrix-stats')
compile project(':modules:rank-eval')
compile project(':modules:lang-mustache')
add REST high level client gradle submodule and first simple method The RestHighLevelClient class takes as as an argument a low level client instance RestClient. The first method added is ping, which returns true if the call to HEAD / went ok and false if an IOException was thrown. Any other exception gets bubbled up. There are two kinds of tests, a unit test (RestHighLevelClientTests) that verifies the interaction between high level and low level client, and an integration test (MainActionIT) which relies on an externally started es cluster to send requests to.
2016-12-29 12:16:04 -05:00
[Backport] Remove dependency substitutions 7.x (#42866) * Remove unnecessary usage of Gradle dependency substitution rules (#42773) (cherry picked from commit 12d583dbf6f7d44f00aa365e34fc7e937c3c61f7)
2019-06-04 16:50:23 -04:00
testCompile project(':client:test')
testCompile project(':test:framework')
add REST high level client gradle submodule and first simple method The RestHighLevelClient class takes as as an argument a low level client instance RestClient. The first method added is ping, which returns true if the call to HEAD / went ok and false if an IOException was thrown. Any other exception gets bubbled up. There are two kinds of tests, a unit test (RestHighLevelClientTests) that verifies the interaction between high level and low level client, and an integration test (MainActionIT) which relies on an externally started es cluster to send requests to.
2016-12-29 12:16:04 -05:00
testCompile "com.carrotsearch.randomizedtesting:randomizedtesting-runner:${versions.randomizedrunner}"
testCompile "junit:junit:${versions.junit}"
Check that client methods match API defined in the REST spec (#31825) We have been encountering name mismatches between API defined in our REST spec and method names that have been added to the high-level REST client. We should check this automatically to prevent furher mismatches, and correct all the current ones. This commit adds a test for this and corrects the issues found by it.
2018-07-17 05:26:28 -04:00
//this is needed to make RestHighLevelClientTests#testApiNamingConventions work from IDEs
[Backport] Remove dependency substitutions 7.x (#42866) * Remove unnecessary usage of Gradle dependency substitution rules (#42773) (cherry picked from commit 12d583dbf6f7d44f00aa365e34fc7e937c3c61f7)
2019-06-04 16:50:23 -04:00
testCompile project(":rest-api-spec")
// Needed for serialization tests:
Revert "Revert "Change HLRC CCR response tests to use AbstractResponseTestCase base class. (#40257)"" (#40971) This reverts commit df91237a94fd3d3ae954eb1845c434dda692d087.
2019-04-09 03:46:05 -04:00
// (In order to serialize a server side class to a client side class or the other way around)
Remove eclipse conditionals (#44075) * Remove eclipse conditionals We used to have some meta projects with a `-test` prefix because historically eclipse could not distinguish between test and main source-sets and could only use a single classpath. This is no longer the case for the past few Eclipse versions. This PR adds the necessary configuration to correctly categorize source folders and libraries. With this change eclipse can import projects, and the visibility rules are correct e.x. auto compete doesn't offer classes from test code or `testCompile` dependencies when editing classes in `main`. Unfortunately the cyclic dependency detection in Eclipse doesn't seem to take the difference between test and non test source sets into account, but since we are checking this in Gradle anyhow, it's safe to set to `warning` in the settings. Unfortunately there is no setting to ignore it. This might cause problems when building since Eclipse will probably not know the right order to build things in so more wirk might be necesarry.
2019-10-03 03:50:46 -04:00
testCompile(project(':x-pack:plugin:core')) {
Apply 2-space indent to all gradle scripts (#49071) Backport of #48849. Update `.editorconfig` to make the Java settings the default for all files, and then apply a 2-space indent to all `*.gradle` files. Then reformat all the files.
2019-11-14 06:01:23 -05:00
exclude group: 'org.elasticsearch', module: 'elasticsearch-rest-high-level-client'
Remove eclipse conditionals (#44075) * Remove eclipse conditionals We used to have some meta projects with a `-test` prefix because historically eclipse could not distinguish between test and main source-sets and could only use a single classpath. This is no longer the case for the past few Eclipse versions. This PR adds the necessary configuration to correctly categorize source folders and libraries. With this change eclipse can import projects, and the visibility rules are correct e.x. auto compete doesn't offer classes from test code or `testCompile` dependencies when editing classes in `main`. Unfortunately the cyclic dependency detection in Eclipse doesn't seem to take the difference between test and non test source sets into account, but since we are checking this in Gradle anyhow, it's safe to set to `warning` in the settings. Unfortunately there is no setting to ignore it. This might cause problems when building since Eclipse will probably not know the right order to build things in so more wirk might be necesarry.
2019-10-03 03:50:46 -04:00
}
Upgrade to Gradle 5.0 (#34263)
2018-12-05 07:06:11 -05:00
[Backport] Remove dependency substitutions 7.x (#42866) * Remove unnecessary usage of Gradle dependency substitution rules (#42773) (cherry picked from commit 12d583dbf6f7d44f00aa365e34fc7e937c3c61f7)
2019-06-04 16:50:23 -04:00
restSpec project(':rest-api-spec')
Upgrade to Gradle 5.0 (#34263)
2018-12-05 07:06:11 -05:00
}
//we need to copy the yaml spec so we can check naming (see RestHighlevelClientTests#testApiNamingConventions)
processTestResources {
Simplify usage of Gradle Shadow plugin (#48478) (#48597) This commit simplifies and standardizes our usage of the Gradle Shadow plugin to conform more to plugin conventions. The custom "bundle" plugin has been removed as it's not necessary and performs the same function as the Shadow plugin's default behavior with existing configurations. Additionally, this removes unnecessary creation of a "nodeps" artifact, which is unnecessary because by default project dependencies will in fact use the non-shadowed JAR unless explicitly depending on the "shadow" configuration. Finally, we've cleaned up the logic used for unit testing, so we are now correctly testing against the shadow JAR when the plugin is applied. This better represents a real-world scenario for consumers and provides better test coverage for incorrectly declared dependencies. (cherry picked from commit 3698131109c7e78bdd3a3340707e1c7b4740d310)
2019-10-28 15:11:55 -04:00
dependsOn configurations.restSpec // so that configurations resolve
Upgrade to Gradle 5.0 (#34263)
2018-12-05 07:06:11 -05:00
from({ zipTree(configurations.restSpec.singleFile) }) {
include 'rest-api-spec/api/**'
}
PKI realm authentication delegation (#45906) This commit introduces PKI realm delegation. This feature supports the PKI authentication feature in Kibana. In essence, this creates a new API endpoint which Kibana must call to authenticate clients that use certificates in their TLS connection to Kibana. The API call passes to Elasticsearch the client's certificate chain. The response contains an access token to be further used to authenticate as the client. The client's certificates are validated by the PKI realms that have been explicitly configured to permit certificates from the proxy (Kibana). The user calling the delegation API must have the delegate_pki privilege. Closes #34396
2019-08-27 07:42:46 -04:00
from(project(':client:rest-high-level').file('src/test/resources'))
add REST high level client gradle submodule and first simple method The RestHighLevelClient class takes as as an argument a low level client instance RestClient. The first method added is ping, which returns true if the call to HEAD / went ok and false if an IOException was thrown. Any other exception gets bubbled up. There are two kinds of tests, a unit test (RestHighLevelClientTests) that verifies the interaction between high level and low level client, and an integration test (MainActionIT) which relies on an externally started es cluster to send requests to.
2016-12-29 12:16:04 -05:00
}
dependencyLicenses {
// Don't check licenses for dependency that are part of the elasticsearch project
// But any other dependency should have its license/notice/sha1
dependencies = project.configurations.runtime.fileCollection {
it.group.startsWith('org.elasticsearch') == false
}
}
Enforce Content-Type requirement on the rest layer and remove deprecated methods (#23146) This commit enforces the requirement of Content-Type for the REST layer and removes the deprecated methods in transport requests and their usages. While doing this, it turns out that there are many places where *Entity classes are used from the apache http client libraries and many of these usages did not specify the content type. The methods that do not specify a content type explicitly have been added to forbidden apis to prevent more of these from entering our code base. Relates #19388
2017-02-17 14:45:41 -05:00
forbiddenApisMain {
// core does not depend on the httpclient for compile so we add the signatures here. We don't add them for test as they are already
// specified
Run forbidden api checks with runtimeJavaVersion (#32947) Run forbidden APIs checks with runtime hava version
2018-08-22 02:05:22 -04:00
addSignatureFiles 'http-signatures'
signaturesFiles += files('src/main/resources/forbidden/rest-high-level-signatures.txt')
Add rank-eval module to transport client and HL client dependencies
2017-12-13 10:26:47 -05:00
}
Remove eclipse conditionals (#44075) * Remove eclipse conditionals We used to have some meta projects with a `-test` prefix because historically eclipse could not distinguish between test and main source-sets and could only use a single classpath. This is no longer the case for the past few Eclipse versions. This PR adds the necessary configuration to correctly categorize source folders and libraries. With this change eclipse can import projects, and the visibility rules are correct e.x. auto compete doesn't offer classes from test code or `testCompile` dependencies when editing classes in `main`. Unfortunately the cyclic dependency detection in Eclipse doesn't seem to take the difference between test and non test source sets into account, but since we are checking this in Gradle anyhow, it's safe to set to `warning` in the settings. Unfortunately there is no setting to ignore it. This might cause problems when building since Eclipse will probably not know the right order to build things in so more wirk might be necesarry.
2019-10-03 03:50:46 -04:00
HLRC: Get SSL Certificates API (#34135) This change adds support for the get SSL certificate API to the high level rest client.
2018-10-15 12:20:34 -04:00
File nodeCert = file("./testnode.crt")
File nodeTrustStore = file("./testnode.jks")
PKI realm authentication delegation (#45906) This commit introduces PKI realm delegation. This feature supports the PKI authentication feature in Kibana. In essence, this creates a new API endpoint which Kibana must call to authenticate clients that use certificates in their TLS connection to Kibana. The API call passes to Elasticsearch the client's certificate chain. The response contains an access token to be further used to authenticate as the client. The client's certificates are validated by the PKI realms that have been explicitly configured to permit certificates from the proxy (Kibana). The user calling the delegation API must have the delegate_pki privilege. Closes #34396
2019-08-27 07:42:46 -04:00
File pkiTrustCert = file("./src/test/resources/org/elasticsearch/client/security/delegate_pki/testRootCA.crt")
Rest HL client: Add put watch action (#32026) Relates #29827 This implementation behaves like the current transport client, that you basically cannot configure a Watch POJO representation as an argument to the put watch API, but only a bytes reference. You can use the the `WatchSourceBuilder` from the `org.elasticsearch.plugin:x-pack-core` dependency to build watches. This commit also changes the license type to trial, so that watcher is available in high level rest client tests. /cc @hub-cap
2018-07-19 04:40:54 -04:00
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
integTest.runner {
Remove random when using HLRC sync and async calls (#48211) This commit removes the randomization used by every execute call in the high level rest tests. Previously every execute call, which can be many calls per single test, would rely on a random boolean to determine if they should use the sync or async methods provided to the execute method. This commit runs the tests twice, using two different clusters, both of them providing the value one time via a sysprop. This ensures that the whole suite of tests is run using the sync and async code paths. Closes #39667
2019-10-24 10:04:57 -04:00
systemProperty 'tests.rest.async', 'false'
HLRest: add put user API (#32332) This commit adds a security client to the high level rest client, which includes an implementation for the put user api. As part of these changes, a new request and response class have been added that are specific to the high level rest client. One change here is that the response was previously wrapped inside a user object. The plan is to remove this wrapping and this PR adds an unwrapped response outside of the user object so we can remove the user object later on. See #29827
2018-09-05 12:56:30 -04:00
systemProperty 'tests.rest.cluster.username', System.getProperty('tests.rest.cluster.username', 'test_user')
systemProperty 'tests.rest.cluster.password', System.getProperty('tests.rest.cluster.password', 'test-password')
}
Remove random when using HLRC sync and async calls (#48211) This commit removes the randomization used by every execute call in the high level rest tests. Previously every execute call, which can be many calls per single test, would rely on a random boolean to determine if they should use the sync or async methods provided to the execute method. This commit runs the tests twice, using two different clusters, both of them providing the value one time via a sysprop. This ensures that the whole suite of tests is run using the sync and async code paths. Closes #39667
2019-10-24 10:04:57 -04:00
RestIntegTestTask asyncIntegTest = tasks.create("asyncIntegTest", RestIntegTestTask) {
runner {
systemProperty 'tests.rest.async', 'true'
systemProperty 'tests.rest.cluster.username', System.getProperty('tests.rest.cluster.username', 'test_user')
systemProperty 'tests.rest.cluster.password', System.getProperty('tests.rest.cluster.password', 'test-password')
}
}
check.dependsOn(asyncIntegTest)
testClusters.all {
Convert testclusters to use distro download plugin (#44253) (#44362) Test clusters currently has its own set of logic for dealing with finding different versions of Elasticsearch, downloading them, and extracting them. This commit converts testclusters to use the DistributionDownloadPlugin.
2019-07-15 20:53:05 -04:00
testDistribution = 'DEFAULT'
HLRC: Documentation examples cleanup (#34009) * Replace deprecated field `code` with `source` for stored scripts (#25127) * Replace examples using the deprecated endpoint `{index}/{type}/_search` with `{index}/_search` (#29468) * Use a system property to avoid deprecation warnings after the Update Scripts have been moved to their own context (#32096)
2018-10-16 10:46:14 -04:00
systemProperty 'es.scripting.update.ctx_in_params', 'false'
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
setting 'reindex.remote.whitelist', '[ "[::1]:*", "127.0.0.1:*" ]'
Rest HL client: Add put watch action (#32026) Relates #29827 This implementation behaves like the current transport client, that you basically cannot configure a Watch POJO representation as an argument to the put watch API, but only a bytes reference. You can use the the `WatchSourceBuilder` from the `org.elasticsearch.plugin:x-pack-core` dependency to build watches. This commit also changes the license type to trial, so that watcher is available in high level rest client tests. /cc @hub-cap
2018-07-19 04:40:54 -04:00
setting 'xpack.license.self_generated.type', 'trial'
HLRest: add put user API (#32332) This commit adds a security client to the high level rest client, which includes an implementation for the put user api. As part of these changes, a new request and response class have been added that are specific to the high level rest client. One change here is that the response was previously wrapped inside a user object. The plan is to remove this wrapping and this PR adds an unwrapped response outside of the user object so we can remove the user object later on. See #29827
2018-09-05 12:56:30 -04:00
setting 'xpack.security.enabled', 'true'
HLRC: Add security Create Token API (#34791) This adds the Create Token API (POST /_xpack/security/oauth2/token) to the High Level Rest Client. Relates: #29827
2018-10-29 02:17:56 -04:00
setting 'xpack.security.authc.token.enabled', 'true'
Add support for API keys to access Elasticsearch (#38291) X-Pack security supports built-in authentication service `token-service` that allows access tokens to be used to access Elasticsearch without using Basic authentication. The tokens are generated by `token-service` based on OAuth2 spec. The access token is a short-lived token (defaults to 20m) and refresh token with a lifetime of 24 hours, making them unsuitable for long-lived or recurring tasks where the system might go offline thereby failing refresh of tokens. This commit introduces a built-in authentication service `api-key-service` that adds support for long-lived tokens aka API keys to access Elasticsearch. The `api-key-service` is consulted after `token-service` in the authentication chain. By default, if TLS is enabled then `api-key-service` is also enabled. The service can be disabled using the configuration setting. The API keys:- - by default do not have an expiration but expiration can be configured where the API keys need to be expired after a certain amount of time. - when generated will keep authentication information of the user that generated them. - can be defined with a role describing the privileges for accessing Elasticsearch and will be limited by the role of the user that generated them - can be invalidated via invalidation API - information can be retrieved via a get API - that have been expired or invalidated will be retained for 1 week before being deleted. The expired API keys remover task handles this. Following are the API key management APIs:- 1. Create API Key - `PUT/POST /_security/api_key` 2. Get API key(s) - `GET /_security/api_key` 3. Invalidate API Key(s) `DELETE /_security/api_key` The API keys can be used to access Elasticsearch using `Authorization` header, where the auth scheme is `ApiKey` and the credentials, is the base64 encoding of API key Id and API key separated by a colon. Example:- ``` curl -H "Authorization: ApiKey YXBpLWtleS1pZDphcGkta2V5" http://localhost:9200/_cluster/health ``` Closes #34383
2019-02-04 22:21:57 -05:00
setting 'xpack.security.authc.api_key.enabled', 'true'
Deprecate misconfigured SSL server config (#49280) This commit adds a deprecation warning when starting a node where either of the server contexts (xpack.security.transport.ssl and xpack.security.http.ssl) meet either of these conditions: 1. The server lacks a certificate/key pair (i.e. neither ssl.keystore.path not ssl.certificate are configured) 2. The server has some ssl configuration, but ssl.enabled is not specified. This new validation does not care whether ssl.enabled is true or false (though other validation might), it simply makes it an error to configure server SSL without being explicit about whether to enable that configuration. Backport of: #45892
2019-11-21 20:14:55 -05:00
setting 'xpack.security.http.ssl.enabled', 'false'
setting 'xpack.security.transport.ssl.enabled', 'false'
HLRC: Get SSL Certificates API (#34135) This change adds support for the get SSL certificate API to the high level rest client.
2018-10-15 12:20:34 -04:00
// Truststore settings are not used since TLS is not enabled. Included for testing the get certificates API
Security: remove SSL settings fallback (#36846) This commit removes the fallback for SSL settings. While this may be seen as a non user friendly change, the intention behind this change is to simplify the reasoning needed to understand what is actually being used for a given SSL configuration. Each configuration now needs to be explicitly specified as there is no global configuration or fallback to some other configuration. Closes #29797
2019-01-14 16:06:22 -05:00
setting 'xpack.security.http.ssl.certificate_authorities', 'testnode.crt'
HLRC: Get SSL Certificates API (#34135) This change adds support for the get SSL certificate API to the high level rest client.
2018-10-15 12:20:34 -04:00
setting 'xpack.security.transport.ssl.truststore.path', 'testnode.jks'
PKI realm authentication delegation (#45906) This commit introduces PKI realm delegation. This feature supports the PKI authentication feature in Kibana. In essence, this creates a new API endpoint which Kibana must call to authenticate clients that use certificates in their TLS connection to Kibana. The API call passes to Elasticsearch the client's certificate chain. The response contains an access token to be further used to authenticate as the client. The client's certificates are validated by the PKI realms that have been explicitly configured to permit certificates from the proxy (Kibana). The user calling the delegation API must have the delegate_pki privilege. Closes #34396
2019-08-27 07:42:46 -04:00
setting 'xpack.security.authc.realms.file.default_file.order', '0'
setting 'xpack.security.authc.realms.native.default_native.order', '1'
setting 'xpack.security.authc.realms.pki.pki1.order', '2'
setting 'xpack.security.authc.realms.pki.pki1.certificate_authorities', '[ "testRootCA.crt" ]'
setting 'xpack.security.authc.realms.pki.pki1.delegation.enabled', 'true'
Inject Unfollow before Rollover and Shrink (#37625) We inject an Unfollow action before Shrink because the Shrink action cannot be safely used on a following index, as it may not be fully caught up with the leader index before the "original" following index is deleted and replaced with a non-following Shrunken index. The Unfollow action will verify that 1) the index is marked as "complete", and 2) all operations up to this point have been replicated from the leader to the follower before explicitly disconnecting the follower from the leader. Injecting an Unfollow action before the Rollover action is done mainly as a convenience: This allow users to use the same lifecycle policy on both the leader and follower cluster without having to explictly modify the policy to unfollow the index, while doing what we expect users to want in most cases.
2019-01-28 16:09:12 -05:00
setting 'indices.lifecycle.poll_interval', '1000ms'
[7.x] Add ILM histore store index (#50287) (#50345) * Add ILM histore store index (#50287) * Add ILM histore store index This commit adds an ILM history store that tracks the lifecycle execution state as an index progresses through its ILM policy. ILM history documents store output similar to what the ILM explain API returns. An example document with ALL fields (not all documents will have all fields) would look like: ```json { "@timestamp": 1203012389, "policy": "my-ilm-policy", "index": "index-2019.1.1-000023", "index_age":123120, "success": true, "state": { "phase": "warm", "action": "allocate", "step": "ERROR", "failed_step": "update-settings", "is_auto-retryable_error": true, "creation_date": 12389012039, "phase_time": 12908389120, "action_time": 1283901209, "step_time": 123904107140, "phase_definition": "{\"policy\":\"ilm-history-ilm-policy\",\"phase_definition\":{\"min_age\":\"0ms\",\"actions\":{\"rollover\":{\"max_size\":\"50gb\",\"max_age\":\"30d\"}}},\"version\":1,\"modified_date_in_millis\":1576517253463}", "step_info": "{... etc step info here as json ...}" }, "error_details": "java.lang.RuntimeException: etc\n\tcaused by:etc etc etc full stacktrace" } ``` These documents go into the `ilm-history-1-00000N` index to provide an audit trail of the operations ILM has performed. This history storage is enabled by default but can be disabled by setting `index.lifecycle.history_index_enabled` to `false.` Resolves #49180 * Make ILMHistoryStore.putAsync truly async (#50403) This moves the `putAsync` method in `ILMHistoryStore` never to block. Previously due to the way that the `BulkProcessor` works, it was possible for `BulkProcessor#add` to block executing a bulk request. This was bad as we may be adding things to the history store in cluster state update threads. This also moves the index creation to be done prior to the bulk request execution, rather than being checked every time an operation was added to the queue. This lessens the chance of the index being created, then deleted (by some external force), and then recreated via a bulk indexing request. Resolves #50353
2019-12-20 14:33:36 -05:00
setting 'index.lifecycle.history_index_enabled', 'false'
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
keystore 'xpack.security.transport.ssl.truststore.secure_password', 'testnode'
Fix security origin for TokenService#findActiveTokensFor... (#47418) (#48280) All internal searches (triggered by APIs) across the .security index must be performed while "under the security origin". Otherwise, the search is performed in the context of the caller which most likely does not have privileges to search .security (hopefully). This commit fixes this in the case of two methods in the TokenService and corrects an overly done such context switch in the ApiKeyService. In addition, this makes all tests from the client/rest-high-level module execute as an all mighty administrator, but not a literal superuser. Closes #47151
2019-10-21 06:15:05 -04:00
extraConfigFile 'roles.yml', file('roles.yml')
Remove random when using HLRC sync and async calls (#48211) This commit removes the randomization used by every execute call in the high level rest tests. Previously every execute call, which can be many calls per single test, would rely on a random boolean to determine if they should use the sync or async methods provided to the execute method. This commit runs the tests twice, using two different clusters, both of them providing the value one time via a sysprop. This ensures that the whole suite of tests is run using the sync and async code paths. Closes #39667
2019-10-24 10:04:57 -04:00
user username: System.getProperty('tests.rest.cluster.username', 'test_user'),
Apply 2-space indent to all gradle scripts (#49071) Backport of #48849. Update `.editorconfig` to make the Java settings the default for all files, and then apply a 2-space indent to all `*.gradle` files. Then reformat all the files.
2019-11-14 06:01:23 -05:00
password: System.getProperty('tests.rest.cluster.password', 'test-password'),
role: System.getProperty('tests.rest.cluster.role', 'admin')
Remove random when using HLRC sync and async calls (#48211) This commit removes the randomization used by every execute call in the high level rest tests. Previously every execute call, which can be many calls per single test, would rely on a random boolean to determine if they should use the sync or async methods provided to the execute method. This commit runs the tests twice, using two different clusters, both of them providing the value one time via a sysprop. This ensures that the whole suite of tests is run using the sync and async code paths. Closes #39667
2019-10-24 10:04:57 -04:00
user username: 'admin_user', password: 'admin-password'
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
HLRC: Get SSL Certificates API (#34135) This change adds support for the get SSL certificate API to the high level rest client.
2018-10-15 12:20:34 -04:00
extraConfigFile nodeCert.name, nodeCert
extraConfigFile nodeTrustStore.name, nodeTrustStore
PKI realm authentication delegation (#45906) This commit introduces PKI realm delegation. This feature supports the PKI authentication feature in Kibana. In essence, this creates a new API endpoint which Kibana must call to authenticate clients that use certificates in their TLS connection to Kibana. The API call passes to Elasticsearch the client's certificate chain. The response contains an access token to be further used to authenticate as the client. The client's certificates are validated by the PKI realms that have been explicitly configured to permit certificates from the proxy (Kibana). The user calling the delegation API must have the delegate_pki privilege. Closes #34396
2019-08-27 07:42:46 -04:00
extraConfigFile pkiTrustCert.name, pkiTrustCert
Rest HL client: Add put watch action (#32026) Relates #29827 This implementation behaves like the current transport client, that you basically cannot configure a Watch POJO representation as an argument to the put watch API, but only a bytes reference. You can use the the `WatchSourceBuilder` from the `org.elasticsearch.plugin:x-pack-core` dependency to build watches. This commit also changes the license type to trial, so that watcher is available in high level rest client tests. /cc @hub-cap
2018-07-19 04:40:54 -04:00
}