add qa project for running ILM tests against security (#32218)
This is a bare-bones skeleton for running existing yaml tests with security enabled. Additional tests which test users and roles should follow
This commit is contained in:
parent
5f696e15ea
commit
1a1ae5de1e
|
@ -0,0 +1,46 @@
|
||||||
|
apply plugin: 'elasticsearch.standalone-rest-test'
|
||||||
|
apply plugin: 'elasticsearch.rest-test'
|
||||||
|
|
||||||
|
dependencies {
|
||||||
|
testCompile project(path: xpackProject('plugin').path, configuration: 'testArtifacts')
|
||||||
|
}
|
||||||
|
|
||||||
|
// bring in ILM rest test suite
|
||||||
|
task copyILMRestTests(type: Copy) {
|
||||||
|
into project.sourceSets.test.output.resourcesDir
|
||||||
|
from xpackProject('plugin').sourceSets.test.resources.srcDirs
|
||||||
|
include 'rest-api-spec/test/index_lifecycle/**'
|
||||||
|
}
|
||||||
|
|
||||||
|
def clusterCredentials = [username: System.getProperty('tests.rest.cluster.username', 'test_user'),
|
||||||
|
password: System.getProperty('tests.rest.cluster.password', 'x-pack-test-password')]
|
||||||
|
|
||||||
|
integTestRunner {
|
||||||
|
systemProperty 'tests.rest.cluster.username', clusterCredentials.username
|
||||||
|
systemProperty 'tests.rest.cluster.password', clusterCredentials.password
|
||||||
|
}
|
||||||
|
|
||||||
|
integTestCluster {
|
||||||
|
dependsOn copyILMRestTests
|
||||||
|
setting 'xpack.index_lifecycle.enabled', 'true'
|
||||||
|
setting 'xpack.security.enabled', 'true'
|
||||||
|
setting 'xpack.watcher.enabled', 'false'
|
||||||
|
setting 'xpack.monitoring.enabled', 'false'
|
||||||
|
setting 'xpack.ml.enabled', 'false'
|
||||||
|
setting 'xpack.license.self_generated.type', 'trial'
|
||||||
|
setupCommand 'setupDummyUser',
|
||||||
|
'bin/elasticsearch-users',
|
||||||
|
'useradd', clusterCredentials.username,
|
||||||
|
'-p', clusterCredentials.password,
|
||||||
|
'-r', 'superuser'
|
||||||
|
waitCondition = { node, ant ->
|
||||||
|
File tmpFile = new File(node.cwd, 'wait.success')
|
||||||
|
ant.get(src: "http://${node.httpUri()}/_cluster/health?wait_for_nodes=>=${numNodes}&wait_for_status=yellow",
|
||||||
|
dest: tmpFile.toString(),
|
||||||
|
username: clusterCredentials.username,
|
||||||
|
password: clusterCredentials.password,
|
||||||
|
ignoreerrors: true,
|
||||||
|
retries: 10)
|
||||||
|
return tmpFile.exists()
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,47 @@
|
||||||
|
/*
|
||||||
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
||||||
|
* or more contributor license agreements. Licensed under the Elastic License;
|
||||||
|
* you may not use this file except in compliance with the Elastic License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.elasticsearch.xpack.security;
|
||||||
|
|
||||||
|
import com.carrotsearch.randomizedtesting.annotations.Name;
|
||||||
|
import com.carrotsearch.randomizedtesting.annotations.ParametersFactory;
|
||||||
|
import com.carrotsearch.randomizedtesting.annotations.TimeoutSuite;
|
||||||
|
import org.apache.lucene.util.TimeUnits;
|
||||||
|
import org.elasticsearch.common.settings.SecureString;
|
||||||
|
import org.elasticsearch.common.settings.Settings;
|
||||||
|
import org.elasticsearch.common.util.concurrent.ThreadContext;
|
||||||
|
import org.elasticsearch.test.rest.yaml.ClientYamlTestCandidate;
|
||||||
|
import org.elasticsearch.test.rest.yaml.ESClientYamlSuiteTestCase;
|
||||||
|
|
||||||
|
import java.util.Objects;
|
||||||
|
|
||||||
|
import static org.elasticsearch.xpack.core.security.authc.support.UsernamePasswordToken.basicAuthHeaderValue;
|
||||||
|
|
||||||
|
@TimeoutSuite(millis = 30 * TimeUnits.MINUTE) // as default timeout seems not enough on the jenkins VMs
|
||||||
|
public class IndexLifecycleWithSecurityClientYamlTestSuiteIT extends ESClientYamlSuiteTestCase {
|
||||||
|
|
||||||
|
private static final String USER = Objects.requireNonNull(System.getProperty("tests.rest.cluster.username"));
|
||||||
|
private static final String PASS = Objects.requireNonNull(System.getProperty("tests.rest.cluster.password"));
|
||||||
|
|
||||||
|
public IndexLifecycleWithSecurityClientYamlTestSuiteIT(@Name("yaml") ClientYamlTestCandidate testCandidate) {
|
||||||
|
super(testCandidate);
|
||||||
|
}
|
||||||
|
|
||||||
|
@ParametersFactory
|
||||||
|
public static Iterable<Object[]> parameters() throws Exception {
|
||||||
|
return ESClientYamlSuiteTestCase.createParameters();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected Settings restClientSettings() {
|
||||||
|
String token = basicAuthHeaderValue(USER, new SecureString(PASS.toCharArray()));
|
||||||
|
return Settings.builder()
|
||||||
|
.put(super.restClientSettings())
|
||||||
|
.put(ThreadContext.PREFIX + ".Authorization", token)
|
||||||
|
.build();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue