honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack/plugin/build.gradle

165 lines
6.5 KiB
Groovy
Raw Normal View History

Test: use TLS for plugin integ tests Original commit: elastic/x-pack-elasticsearch@99971d72566b85a3a04314f908089a8ce3048a2d
2017-09-14 17:57:28 -04:00
import org.elasticsearch.gradle.LoggedExec
[7.x] Introduce type-safe and consistent pattern for handling build globals (#48818) This commit introduces a consistent, and type-safe manner for handling global build parameters through out our build logic. Primarily this replaces the existing usages of extra properties with static accessors. It also introduces and explicit API for initialization and mutation of any such parameters, as well as better error handling for uninitialized or eager access of parameter values. Closes #42042
2019-11-01 14:33:11 -04:00
import org.elasticsearch.gradle.info.BuildParams
Add check for feature aware implementations (#31081) This commit adds a check that any class in X-Pack that is a feature aware custom also implements the appropriate mix-in interface in X-Pack. These interfaces provide a default implementation of FeatureAware#getRequiredFeature that returns that x-pack is the required feature. By implementing this interface, this gives a consistent way for X-Pack feature aware customs to return the appopriate required feature and this check enforces that all such feature aware customs return the appropriate required feature.
2018-06-05 19:56:22 -04:00
import org.elasticsearch.gradle.plugin.PluginBuildPlugin
Convert remaining compilerJavaHome reference
2020-05-27 20:04:04 -04:00
import org.gradle.internal.jvm.Jvm
Watcher: Add JIRA action (elastic/elasticsearch#4014) closes elastic/elasticsearch#493 Original commit: elastic/x-pack-elasticsearch@6b7387d3e4c1d5d3a62a72b782fda4a378e055f1
2016-11-21 04:52:55 -05:00
Moved directories around Original commit: elastic/x-pack-elasticsearch@2018bb5f9fe306e67418627851b2d712d6fcba8c
2016-09-29 06:03:14 -04:00
import java.nio.charset.StandardCharsets
Build: Turn on license header checks This is dependent on elastic/elasticsearchelastic/elasticsearch#19589. It also fixes the existing files that either were missing the license header or had the open source license header. Original commit: elastic/x-pack-elasticsearch@2642c20381ddfecd6d602ad8426f197ba4e4f002
2016-07-25 20:09:54 -04:00
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
apply plugin: 'elasticsearch.testclusters'
Make xpack modules instead of a meta plugin (#30589) This commit removes xpack from being a meta-plugin-as-a-module. It also fixes a couple tests which were missing task dependencies, which failed once the gradle execution order changed.
2018-05-16 18:35:57 -04:00
apply plugin: 'elasticsearch.standalone-rest-test'
apply plugin: 'elasticsearch.rest-test'
[7.x] Validate REST specs against schema (#55117) (#55563) A JSON schema was recently introduced for the REST API specification. #54252 This PR introduces a 3rd party validation tool to ensure that the REST specification conforms to the schema. The task is applied to the 3 projects that contain REST API specifications. The plugin wires this task into the precommit commit task, and should be considered as part of the public API for the build tools for any plugin developer to contribute their plugin's specification. An ignore parameter has been introduced for the task to allow specific file to be ignored from the validation. The ignored files in this PR will soon get issues logged and a link so they can be fixed. Closes #54314
2020-04-22 15:14:03 -04:00
apply plugin: 'elasticsearch.validate-rest-spec'
Moved directories around Original commit: elastic/x-pack-elasticsearch@2018bb5f9fe306e67418627851b2d712d6fcba8c
2016-09-29 06:03:14 -04:00
Build: Remove x-pack-api jar (elastic/x-pack-elasticsearch#3864) The api jar was added for xpack extensions. However, extensions have been removed in favor of using SPI, and the individual xpack jars like core and security are published to enable this. This commit removes the api jar, and switches the transport client to use the core jar (which the api jar was just a rename of). Original commit: elastic/x-pack-elasticsearch@58e069e66ca4712aa842f59195e78815319c0d37
2018-02-07 22:21:43 -05:00
archivesBaseName = 'x-pack'
Moved directories around Original commit: elastic/x-pack-elasticsearch@2018bb5f9fe306e67418627851b2d712d6fcba8c
2016-09-29 06:03:14 -04:00
Split up xpack plugins into their own modules (elastic/x-pack-elasticsearch#3643) Thanks to some great work by a bunch of amazing people, the chuck norris xpack split is a go! Original commit: elastic/x-pack-elasticsearch@dad98e28f4043f805907af2ad441908f64ca6c70
2018-01-20 00:30:17 -05:00
dependencies {
Remove deprecated usage of testCompile configuration (#57921) (#58083) * Remove usage of deprecated testCompile configuration * Replace testCompile usage by testImplementation * Make testImplementation non transitive by default (as we did for testCompile) * Update CONTRIBUTING about using testImplementation for test dependencies * Fail on testCompile configuration usage
2020-06-14 16:30:44 -04:00
testImplementation project(xpackModule('core')) // this redundant dependency is here to make IntelliJ happy
testImplementation project(path: xpackModule('core'), configuration: 'testArtifacts')
Fix LDAP Authc connections deadlock (elastic/x-pack-elasticsearch#2587) Do not execute bind on on the LDAP reader thread Each LDAP connection has a single associated thread, executing the handlers for async requests; this is managed by the LDAP library. The bind operation is blocking for the connection. It is a deadlock to call bind, if on the LDAP reader thread for the same connection, because waiting for the bind response blocks the thread processing responses (for this connection). This will execute the bind operation (and the subsequent runnable) on a thread pool after checking for the conflict above. Closes: elastic/x-pack-elasticsearch#2570, elastic/x-pack-elasticsearch#2620 Original commit: elastic/x-pack-elasticsearch@404a3d873782c590a9043ae08c45db0b463968cd
2017-10-09 06:06:12 -04:00
}
Add check for feature aware implementations (#31081) This commit adds a check that any class in X-Pack that is a feature aware custom also implements the appropriate mix-in interface in X-Pack. These interfaces provide a default implementation of FeatureAware#getRequiredFeature that returns that x-pack is the required feature. By implementing this interface, this gives a consistent way for X-Pack feature aware customs to return the appopriate required feature and this check enforces that all such feature aware customs return the appropriate required feature.
2018-06-05 19:56:22 -04:00
subprojects {
afterEvaluate {
if (project.plugins.hasPlugin(PluginBuildPlugin)) {
// see the root Gradle file for additional logic regarding this configuration
project.configurations.create('featureAwarePlugin')
project.dependencies.add('featureAwarePlugin', project.configurations.compileClasspath)
[Backport] Remove dependency substitutions 7.x (#42866) * Remove unnecessary usage of Gradle dependency substitution rules (#42773) (cherry picked from commit 12d583dbf6f7d44f00aa365e34fc7e937c3c61f7)
2019-06-04 16:50:23 -04:00
project.dependencies.add('featureAwarePlugin', project(':x-pack:test:feature-aware'))
Add check for feature aware implementations (#31081) This commit adds a check that any class in X-Pack that is a feature aware custom also implements the appropriate mix-in interface in X-Pack. These interfaces provide a default implementation of FeatureAware#getRequiredFeature that returns that x-pack is the required feature. By implementing this interface, this gives a consistent way for X-Pack feature aware customs to return the appopriate required feature and this check enforces that all such feature aware customs return the appropriate required feature.
2018-06-05 19:56:22 -04:00
project.dependencies.add('featureAwarePlugin', project.sourceSets.main.output.getClassesDirs())
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
File successMarker = file("$buildDir/markers/featureAware")
task featureAwareCheck(type: LoggedExec) {
Add check for feature aware implementations (#31081) This commit adds a check that any class in X-Pack that is a feature aware custom also implements the appropriate mix-in interface in X-Pack. These interfaces provide a default implementation of FeatureAware#getRequiredFeature that returns that x-pack is the required feature. By implementing this interface, this gives a consistent way for X-Pack feature aware customs to return the appopriate required feature and this check enforces that all such feature aware customs return the appropriate required feature.
2018-06-05 19:56:22 -04:00
description = "Runs FeatureAwareCheck on main classes."
dependsOn project.configurations.featureAwarePlugin
outputs.file(successMarker)
Convert remaining compilerJavaHome reference
2020-05-27 20:04:04 -04:00
executable = "${Jvm.current().javaHome}/bin/java"
Add check for feature aware implementations (#31081) This commit adds a check that any class in X-Pack that is a feature aware custom also implements the appropriate mix-in interface in X-Pack. These interfaces provide a default implementation of FeatureAware#getRequiredFeature that returns that x-pack is the required feature. By implementing this interface, this gives a consistent way for X-Pack feature aware customs to return the appopriate required feature and this check enforces that all such feature aware customs return the appropriate required feature.
2018-06-05 19:56:22 -04:00
// default to main class files if such a source set exists
final List files = []
if (project.sourceSets.findByName("main")) {
Fix gradle4.8 deprecation warnings (#31654) * remove explicit wrapper task It's created by Gradle and triggers a deprecation warning Simplify configuration * Upgrade shadow plugin to get rid of Gradle deprecation * Move compile configuration to base plugin Solves Gradle deprecation warning from earlier Gradle versions * Enable stable publishing in the Gradle build * Replace usage of deprecated property * bump Gradle version in build compare
2018-06-29 15:17:19 -04:00
files.add(project.sourceSets.main.output.classesDirs)
Add check for feature aware implementations (#31081) This commit adds a check that any class in X-Pack that is a feature aware custom also implements the appropriate mix-in interface in X-Pack. These interfaces provide a default implementation of FeatureAware#getRequiredFeature that returns that x-pack is the required feature. By implementing this interface, this gives a consistent way for X-Pack feature aware customs to return the appopriate required feature and this check enforces that all such feature aware customs return the appropriate required feature.
2018-06-05 19:56:22 -04:00
dependsOn project.tasks.classes
}
// filter out non-existent classes directories from empty source sets
final FileCollection classDirectories = project.files(files).filter { it.exists() }
doFirst {
SQL: Fix build on Java 10 Due to a runtime classpath clash, featureAware task was failing on JVMs higher than 1.8 (since the ASM version from Painless was used instead which does not recognized Java 9 or 10 bytecode) causing the task to fail. This commit excludes the ASM dependency (since it's not used by SQL itself).
2018-06-14 11:07:29 -04:00
args('-cp', project.configurations.featureAwarePlugin.asPath, 'org.elasticsearch.xpack.test.feature_aware.FeatureAwareCheck')
Add check for feature aware implementations (#31081) This commit adds a check that any class in X-Pack that is a feature aware custom also implements the appropriate mix-in interface in X-Pack. These interfaces provide a default implementation of FeatureAware#getRequiredFeature that returns that x-pack is the required feature. By implementing this interface, this gives a consistent way for X-Pack feature aware customs to return the appopriate required feature and this check enforces that all such feature aware customs return the appropriate required feature.
2018-06-05 19:56:22 -04:00
classDirectories.each { args it.getAbsolutePath() }
}
doLast {
successMarker.parentFile.mkdirs()
successMarker.setText("", 'UTF-8')
}
}
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
project.precommit.dependsOn featureAwareCheck
Add check for feature aware implementations (#31081) This commit adds a check that any class in X-Pack that is a feature aware custom also implements the appropriate mix-in interface in X-Pack. These interfaces provide a default implementation of FeatureAware#getRequiredFeature that returns that x-pack is the required feature. By implementing this interface, this gives a consistent way for X-Pack feature aware customs to return the appopriate required feature and this check enforces that all such feature aware customs return the appropriate required feature.
2018-06-05 19:56:22 -04:00
}
}
}
Split up xpack plugins into their own modules (elastic/x-pack-elasticsearch#3643) Thanks to some great work by a bunch of amazing people, the chuck norris xpack split is a go! Original commit: elastic/x-pack-elasticsearch@dad98e28f4043f805907af2ad441908f64ca6c70
2018-01-20 00:30:17 -05:00
configurations {
testArtifacts.extendsFrom testRuntime
Remove deprecated usage of testCompile configuration (#57921) (#58083) * Remove usage of deprecated testCompile configuration * Replace testCompile usage by testImplementation * Make testImplementation non transitive by default (as we did for testCompile) * Update CONTRIBUTING about using testImplementation for test dependencies * Fail on testCompile configuration usage
2020-06-14 16:30:44 -04:00
testArtifacts.extendsFrom testImplementation
[7.x] Smarter copying of the rest specs and tests (#52114) (#52798) * Smarter copying of the rest specs and tests (#52114) This PR addresses the unnecessary copying of the rest specs and allows for better semantics for which specs and tests are copied. By default the rest specs will get copied if the project applies `elasticsearch.standalone-rest-test` or `esplugin` and the project has rest tests or you configure the custom extension `restResources`. This PR also removes the need for dozens of places where the x-pack specs were copied by supporting copying of the x-pack rest specs too. The plugin/task introduced here can also copy the rest tests to the local project through a similar configuration. The new plugin/task allows a user to minimize the surface area of which rest specs are copied. Per project can be configured to include only a subset of the specs (or tests). Configuring a project to only copy the specs when actually needed should help with build cache hit rates since we can better define what is actually in use. However, project level optimizations for build cache hit rates are not included with this PR. Also, with this PR you can no longer use the includePackaged flag on integTest task. The following items are included in this PR: * new plugin: `elasticsearch.rest-resources` * new tasks: CopyRestApiTask and CopyRestTestsTask - performs the copy * new extension 'restResources' ``` restResources { restApi { includeCore 'foo' , 'bar' //will include the core specs that start with foo and bar includeXpack 'baz' //will include x-pack specs that start with baz } restTests { includeCore 'foo', 'bar' //will include the core tests that start with foo and bar includeXpack 'baz' //will include the x-pack tests that start with baz } } ```
2020-02-26 09:13:41 -05:00
}
artifacts {
restXpackSpecs(new File(projectDir, "src/test/resources/rest-api-spec/api"))
restXpackTests(new File(projectDir, "src/test/resources/rest-api-spec/test"))
[ML] Include C++ 3rd party notices in X-Pack combined NOTICES file (elastic/x-pack-elasticsearch#953) relates elastic/x-pack-elasticsearch#620 Original commit: elastic/x-pack-elasticsearch@5d73bd340c28cb074c8e702e68e9383e41d6ee56
2017-04-10 07:40:07 -04:00
}
Split up xpack plugins into their own modules (elastic/x-pack-elasticsearch#3643) Thanks to some great work by a bunch of amazing people, the chuck norris xpack split is a go! Original commit: elastic/x-pack-elasticsearch@dad98e28f4043f805907af2ad441908f64ca6c70
2018-01-20 00:30:17 -05:00
task testJar(type: Jar) {
appendix 'test'
from sourceSets.test.output
Build: Assert jar LICENSE and NOTICE files match Adds tasks that check that the all jars that we build have LICENSE.txt and NOTICE.txt files and that the files are correct. Sets check to depend on these task. This is mostly there for extra parnoia because we automatically configure all Jar tasks to include the LICENSE.txt and NOTICE.txt files anyway. But it is quite possible to add configuration to those tasks that would override either file. This causes check to depend on several more things than it used to. Take, for example, javadoc: check depends on the new verifyJavadocJarNotice which depends on extractJavadocJar which depends on javadocJar which depends on javadoc, this check now depends on javadoc.
2018-04-25 09:38:31 -04:00
/*
* Stick the license and notice file in the jar. This isn't strictly
* needed because we don't publish it but it makes our super-paranoid
* tests happy.
*/
metaInf {
from(project.licenseFile.parent) {
include project.licenseFile.name
rename { 'LICENSE.txt' }
}
from(project.noticeFile.parent) {
include project.noticeFile.name
}
}
Opt some files out of 140 character line length If elasticsearch merges https://github.com/elastic/elasticsearch/pull/16413 then the build will fail catastrophically without this. The goal here is to opt these files out of the line length checks while they don't pass and we can get them passing as time permits and opt them back in. In the mean time all files that pass the line length check will have the check enforced. This also gives you a spot to add x-plugins opt outs for core's checkstyle rules in case you have generated files or something like that. Original commit: elastic/x-pack-elasticsearch@63a1ad2f79658cb973a2dee555cba488c61432a4
2016-02-03 11:21:55 -05:00
}
Split up xpack plugins into their own modules (elastic/x-pack-elasticsearch#3643) Thanks to some great work by a bunch of amazing people, the chuck norris xpack split is a go! Original commit: elastic/x-pack-elasticsearch@dad98e28f4043f805907af2ad441908f64ca6c70
2018-01-20 00:30:17 -05:00
artifacts {
testArtifacts testJar
Moved directories around Original commit: elastic/x-pack-elasticsearch@2018bb5f9fe306e67418627851b2d712d6fcba8c
2016-09-29 06:03:14 -04:00
}
Allow Integ Tests to run in a FIPS-140 JVM (#31989) * Complete changes for running IT in a fips JVM - Mute :x-pack:qa:sql:security:ssl:integTest as it cannot run in FIPS 140 JVM until the SQL CLI supports key/cert. - Set default JVM keystore/truststore password in top level build script for all integTest tasks in a FIPS 140 JVM - Changed top level x-pack build script to use keys and certificates for trust/key material when spinning up clusters for IT
2018-07-24 05:48:14 -04:00
// location for keys and certificates
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
File keystoreDir = file("$buildDir/keystore")
Allow Integ Tests to run in a FIPS-140 JVM (#31989) * Complete changes for running IT in a fips JVM - Mute :x-pack:qa:sql:security:ssl:integTest as it cannot run in FIPS 140 JVM until the SQL CLI supports key/cert. - Set default JVM keystore/truststore password in top level build script for all integTest tasks in a FIPS 140 JVM - Changed top level x-pack build script to use keys and certificates for trust/key material when spinning up clusters for IT
2018-07-24 05:48:14 -04:00
File nodeKey = file("$keystoreDir/testnode.pem")
File nodeCert = file("$keystoreDir/testnode.crt")
// Add key and certs to test classpath: it expects them there
// User cert and key PEM files instead of a JKS Keystore for the cluster's trust material so that
// it can run in a FIPS 140 JVM
// TODO: Remove all existing uses of cross project file references when the new approach for referencing static files is available
// https://github.com/elastic/elasticsearch/pull/32201
task copyKeyCerts(type: Copy) {
from(project(':x-pack:plugin:core').file('src/test/resources/org/elasticsearch/xpack/security/transport/ssl/certs/simple/')) {
include 'testnode.crt', 'testnode.pem'
Apply 2-space indent to all gradle scripts (#49071) Backport of #48849. Update `.editorconfig` to make the Java settings the default for all files, and then apply a 2-space indent to all `*.gradle` files. Then reformat all the files.
2019-11-14 06:01:23 -05:00
}
Allow Integ Tests to run in a FIPS-140 JVM (#31989) * Complete changes for running IT in a fips JVM - Mute :x-pack:qa:sql:security:ssl:integTest as it cannot run in FIPS 140 JVM until the SQL CLI supports key/cert. - Set default JVM keystore/truststore password in top level build script for all integTest tasks in a FIPS 140 JVM - Changed top level x-pack build script to use keys and certificates for trust/key material when spinning up clusters for IT
2018-07-24 05:48:14 -04:00
into keystoreDir
Test: use TLS for plugin integ tests Original commit: elastic/x-pack-elasticsearch@99971d72566b85a3a04314f908089a8ce3048a2d
2017-09-14 17:57:28 -04:00
}
// Add keystores to test classpath: it expects it there
sourceSets.test.resources.srcDir(keystoreDir)
Allow Integ Tests to run in a FIPS-140 JVM (#31989) * Complete changes for running IT in a fips JVM - Mute :x-pack:qa:sql:security:ssl:integTest as it cannot run in FIPS 140 JVM until the SQL CLI supports key/cert. - Set default JVM keystore/truststore password in top level build script for all integTest tasks in a FIPS 140 JVM - Changed top level x-pack build script to use keys and certificates for trust/key material when spinning up clusters for IT
2018-07-24 05:48:14 -04:00
processTestResources.dependsOn(copyKeyCerts)
Test: use TLS for plugin integ tests Original commit: elastic/x-pack-elasticsearch@99971d72566b85a3a04314f908089a8ce3048a2d
2017-09-14 17:57:28 -04:00
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
integTest.runner {
/*
* We have to disable setting the number of available processors as tests in the same JVM randomize processors and will step on each
* other if we allow them to set the number of available processors as it's set-once in Netty.
*/
systemProperty 'es.set.netty.runtime.available.processors', 'false'
// TODO: fix this rest test to not depend on a hardcoded port!
def blacklist = ['getting_started/10_monitor_cluster_health/*']
Formalize build snapshot (#51484) Today we are repeatedly checking if the current build is a snapshot build or not by reading the system property build.snapshot. This commit formalizes this by adding a build parameter to indicate whether or not the current build is a snapshot build.
2020-01-27 16:48:40 -05:00
if (BuildParams.isSnapshotBuild() == false) {
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
// these tests attempt to install basic/internal licenses signed against the dev/public.key
// Since there is no infrastructure in place (anytime soon) to generate licenses using the production
Skip enterprise license tests in release build (#50182) The release builds use a production license key, and our rest test load licenses that are signed by the dev license key. This change adds the new enterprise license Rest tests to the blacklist on release builds. Backport of: #50163
2019-12-15 18:11:21 -05:00
// private key, these tests are blacklisted in non-snapshot test runs
blacklist.addAll(['xpack/15_basic/*', 'license/20_put_license/*', 'license/30_enterprise_license/*'])
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
}
systemProperty 'tests.rest.blacklist', blacklist.join(',')
Allow Integ Tests to run in a FIPS-140 JVM (#31989) * Complete changes for running IT in a fips JVM - Mute :x-pack:qa:sql:security:ssl:integTest as it cannot run in FIPS 140 JVM until the SQL CLI supports key/cert. - Set default JVM keystore/truststore password in top level build script for all integTest tasks in a FIPS 140 JVM - Changed top level x-pack build script to use keys and certificates for trust/key material when spinning up clusters for IT
2018-07-24 05:48:14 -04:00
dependsOn copyKeyCerts
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
}
testClusters.integTest {
Convert testclusters to use distro download plugin (#44253) (#44362) Test clusters currently has its own set of logic for dealing with finding different versions of Elasticsearch, downloading them, and extracting them. This commit converts testclusters to use the DistributionDownloadPlugin.
2019-07-15 20:53:05 -04:00
testDistribution = 'DEFAULT' // this is important since we use the reindex module in ML
Build: Convert integ test dsl to new split cluster/runner dsl This is the xpack side of elastic/elasticsearch#23304 Original commit: elastic/x-pack-elasticsearch@8eddd7fb0d5caca252a49662fc91ce5de36b15f5
2017-02-22 03:56:52 -05:00
setting 'xpack.ml.enabled', 'true'
Disable security for trial licenses by default (elastic/x-pack-elasticsearch#4120) This change disables security for trial licenses unless security is explicitly enabled in the settings. This is done to facilitate users getting started and not having to deal with some of the complexities involved in getting security configured. In order to do this and avoid disabling security for existing users that have gold or platinum licenses, we have to disable security after cluster formation so that the license can be retrieved. relates elastic/x-pack-elasticsearch#4078 Original commit: elastic/x-pack-elasticsearch@96bdb889fc74d4871c43df71354a21549cc53a3e
2018-03-21 23:09:44 -04:00
setting 'xpack.security.enabled', 'true'
[7.x] Refactor watcher tests (#52799) (#52844) This PR moves the majority of the Watcher REST tests under the Watcher x-pack plugin. Specifically, moves the Watcher tests from: x-pack/plugin/test x-pack/qa/smoke-test-watcher x-pack/qa/smoke-test-watcher-with-security x-pack/qa/smoke-test-monitoring-with-watcher to: x-pack/plugin/watcher/qa/rest (/test and /qa/smoke-test-watcher) x-pack/plugin/watcher/qa/with-security x-pack/plugin/watcher/qa/with-monitoring Additionally, this disables Watcher from the main x-pack test cluster and consolidates the stop/start logic for the tests listed. No changes to the tests (beyond moving them) are included. 3rd party tests and doc tests (which also touch Watcher) are not included in the changes here.
2020-02-26 16:57:10 -05:00
setting 'xpack.watcher.enabled', 'false'
[Test] Reenable Monitoring Bulk tests (elastic/x-pack-elasticsearch#908) This commit reenables the Monitoring Bulk Api REST tests. The XPackRestIT now enables/disables the local default exporter before executing the monitoring tests, and also waits for the monitoring service to be started before executing the test. Original commit: elastic/x-pack-elasticsearch@10b696198c8790da86b7ad9aa075d5606c171959
2017-04-04 08:44:40 -04:00
// Integration tests are supposed to enable/disable exporters before/after each test
setting 'xpack.monitoring.exporters._local.type', 'local'
setting 'xpack.monitoring.exporters._local.enabled', 'false'
TOKEN_SERVICE_ENABLED_SETTING enabled if HTTP_SSL_ENABLED (elastic/x-pack-elasticsearch#2321) `authc.token.enabled` is true unless `http.ssl.enabled` is `false` and `http.enabled` is `true`. * TokenService default enabled if HTTP_ENABLED == false * Fixed tests that need TokenService explicitly enabled * [DOC] Default value for `xpack.security.authc.token.enabled` Original commit: elastic/x-pack-elasticsearch@bd154d16eb0da6b77029f5f678a6d35aae7418ac
2017-08-23 06:21:30 -04:00
setting 'xpack.security.authc.token.enabled', 'true'
Add support for API keys to access Elasticsearch (#38291) X-Pack security supports built-in authentication service `token-service` that allows access tokens to be used to access Elasticsearch without using Basic authentication. The tokens are generated by `token-service` based on OAuth2 spec. The access token is a short-lived token (defaults to 20m) and refresh token with a lifetime of 24 hours, making them unsuitable for long-lived or recurring tasks where the system might go offline thereby failing refresh of tokens. This commit introduces a built-in authentication service `api-key-service` that adds support for long-lived tokens aka API keys to access Elasticsearch. The `api-key-service` is consulted after `token-service` in the authentication chain. By default, if TLS is enabled then `api-key-service` is also enabled. The service can be disabled using the configuration setting. The API keys:- - by default do not have an expiration but expiration can be configured where the API keys need to be expired after a certain amount of time. - when generated will keep authentication information of the user that generated them. - can be defined with a role describing the privileges for accessing Elasticsearch and will be limited by the role of the user that generated them - can be invalidated via invalidation API - information can be retrieved via a get API - that have been expired or invalidated will be retained for 1 week before being deleted. The expired API keys remover task handles this. Following are the API key management APIs:- 1. Create API Key - `PUT/POST /_security/api_key` 2. Get API key(s) - `GET /_security/api_key` 3. Invalidate API Key(s) `DELETE /_security/api_key` The API keys can be used to access Elasticsearch using `Authorization` header, where the auth scheme is `ApiKey` and the credentials, is the base64 encoding of API key Id and API key separated by a colon. Example:- ``` curl -H "Authorization: ApiKey YXBpLWtleS1pZDphcGkta2V5" http://localhost:9200/_cluster/health ``` Closes #34383
2019-02-04 22:21:57 -05:00
setting 'xpack.security.authc.api_key.enabled', 'true'
Test: use TLS for plugin integ tests Original commit: elastic/x-pack-elasticsearch@99971d72566b85a3a04314f908089a8ce3048a2d
2017-09-14 17:57:28 -04:00
setting 'xpack.security.transport.ssl.enabled', 'true'
Allow Integ Tests to run in a FIPS-140 JVM (#31989) * Complete changes for running IT in a fips JVM - Mute :x-pack:qa:sql:security:ssl:integTest as it cannot run in FIPS 140 JVM until the SQL CLI supports key/cert. - Set default JVM keystore/truststore password in top level build script for all integTest tasks in a FIPS 140 JVM - Changed top level x-pack build script to use keys and certificates for trust/key material when spinning up clusters for IT
2018-07-24 05:48:14 -04:00
setting 'xpack.security.transport.ssl.key', nodeKey.name
setting 'xpack.security.transport.ssl.certificate', nodeCert.name
Test: use TLS for plugin integ tests Original commit: elastic/x-pack-elasticsearch@99971d72566b85a3a04314f908089a8ce3048a2d
2017-09-14 17:57:28 -04:00
setting 'xpack.security.transport.ssl.verification_mode', 'certificate'
Remove InternalClient and InternalSecurityClient (elastic/x-pack-elasticsearch#3054) This change removes the InternalClient and the InternalSecurityClient. These are replaced with usage of the ThreadContext and a transient value, `action.origin`, to indicate which component the request came from. The security code has been updated to look for this value and ensure the request is executed as the proper user. This work comes from elastic/x-pack-elasticsearch#2808 where @s1monw suggested that we do this. While working on this, I came across index template registries and rather than updating them to use the new method, I replaced the ML one with the template upgrade framework so that we could remove this template registry. The watcher template registry is still needed as the template must be updated for rolling upgrades to work (see elastic/x-pack-elasticsearch#2950). Original commit: elastic/x-pack-elasticsearch@7dbf2f263e73331f380fd5101188483cd5abe5ba
2017-11-22 10:35:18 -05:00
setting 'xpack.security.audit.enabled', 'true'
Default to basic license at startup (elastic/x-pack-elasticsearch#3878) This is related to elastic/x-pack-elasticsearch#3877. This commit modifies the license settings to default to self generating a basic license. Original commit: elastic/x-pack-elasticsearch@cd6ee8e06f17c213544ae1c06cfe8ebfa85b9f68
2018-02-12 14:57:04 -05:00
setting 'xpack.license.self_generated.type', 'trial'
Disable ILM history in x-pack rest tests (#52868) The ILM history index can be delayed created from one test into the next, which can cause issues for tests using `_all`. Closes #52209
2020-02-27 11:19:58 -05:00
// disable ILM history, since it disturbs tests using _all
setting 'indices.lifecycle.history_index_enabled', 'false'
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
keystore 'bootstrap.password', 'x-pack-test-password'
keystore 'xpack.security.transport.ssl.secure_key_passphrase', 'testnode'
Require elastic password be bootstrapped (elastic/x-pack-elasticsearch#1962) This is related to elastic/x-pack-elasticsearch#1217. This commit requires that the elastic password be bootstrapped for the user to be authenticated. As a result it removes the special "setup" mode that allowed the user to be authenticated from localhost. Additionally, this commit updates the tests to work with this functionality. Original commit: elastic/x-pack-elasticsearch@d0d5d697a757dc74d00d2b368b48c721655a836c
2017-07-13 20:59:50 -04:00
Testclusters: conver remaining x-pack (#43335) Convert x-pack tests
2019-06-20 02:21:29 -04:00
user username: "x_pack_rest_user", password: "x-pack-test-password"
Allow _cat indices & aliases to use indices options (#53248) This commit adjusts the _cat/indices and _cat/aliases APIs to allow specifying indices options, so that these APIs can handle hidden indices/aliases in the same way as other APIs. Also adds the hidden option to the expand_wildcards parameter in the YAML spec for every API that accepts it.
2020-03-16 13:25:05 -04:00
user username: "cat_test_user", password: "cat-test-password", role: "cat_test_role"
Allow Integ Tests to run in a FIPS-140 JVM (#31989) * Complete changes for running IT in a fips JVM - Mute :x-pack:qa:sql:security:ssl:integTest as it cannot run in FIPS 140 JVM until the SQL CLI supports key/cert. - Set default JVM keystore/truststore password in top level build script for all integTest tasks in a FIPS 140 JVM - Changed top level x-pack build script to use keys and certificates for trust/key material when spinning up clusters for IT
2018-07-24 05:48:14 -04:00
extraConfigFile nodeKey.name, nodeKey
extraConfigFile nodeCert.name, nodeCert
Allow _cat indices & aliases to use indices options (#53248) This commit adjusts the _cat/indices and _cat/aliases APIs to allow specifying indices options, so that these APIs can handle hidden indices/aliases in the same way as other APIs. Also adds the hidden option to the expand_wildcards parameter in the YAML spec for every API that accepts it.
2020-03-16 13:25:05 -04:00
extraConfigFile 'roles.yml', file('src/test/resources/roles.yml')
Backport: enable searchable snapshots feature flag for xpack rest tests. Backport of: #56569 A data stream test, which tests data stream resolvability in xpack apis failed in release builds. A invocation of a searchable snapshot api failed, because the corresponding feature flag wasn't enabled for xpack rest tests. Closes #56531
2020-05-12 06:18:24 -04:00
if (BuildParams.isSnapshotBuild() == false) {
systemProperty 'es.searchable_snapshots_feature_enabled', 'true'
}
Add support for switching distribution for all integration tests (#30874) * remove left-over comment * make sure of the property for plugins * skip installing modules if these exist in the distribution * Log the distrbution being ran * Don't allow running with integ-tests-zip passed externally * top level x-pack/qa can't run with oss distro * Add support for matching objects in lists Makes it possible to have a key that points to a list and assert that a certain object is present in the list. All keys have to be present and values have to match. The objects in the source list may have additional fields. example: ``` match: { 'nodes.$master.plugins': { name: ingest-attachment } } ``` * Update plugin and module tests to work with other distributions Some of the tests expected that the integration tests will always be ran with the `integ-test-zip` distribution so that there will be no other plugins loaded. With this change, we check for the presence of the plugin without assuming exclusivity. * Allow modules to run on other distros as well To match the behavior of tets.distributions * Add and use a new `contains` assertion Replaces the previus changes that caused `match` to do a partial match. * Implement PR review comments
2018-06-26 09:49:03 -04:00
}
[7.x] json spec: allow null for documentation url (#55749) (#56625) This commit allows the JSON schema's documentation.url property to have a null value. This can useful for cases where a feature is under development, and does not have documentation published yet. This commit also adds a documentation.url for two ml resources.
2020-05-12 15:49:02 -04:00