SecureSettings ignored by customAuditIndexSettings (elastic/x-pack-elasticsearch#2748)

customAuditIndexSettings does not submit SecureSettings with putIndexMapping.

relates elastic/x-pack-elasticsearch#2705

* Randomize SecureSetting in testcase

* Apply feedback

Original commit: elastic/x-pack-elasticsearch@1a5414b057
This commit is contained in:
Albert Zaharovits 2017-10-24 13:50:35 +03:00 committed by GitHub
parent 6f437c973a
commit 403912b8a2
2 changed files with 16 additions and 4 deletions

View File

@ -827,7 +827,7 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
Settings customAuditIndexSettings(Settings nodeSettings) {
Settings newSettings = Settings.builder()
.put(INDEX_SETTINGS.get(nodeSettings))
.put(INDEX_SETTINGS.get(nodeSettings), false)
.build();
if (newSettings.names().isEmpty()) {
return Settings.EMPTY;

View File

@ -22,6 +22,8 @@ import org.elasticsearch.cluster.service.ClusterService;
import org.elasticsearch.common.Priority;
import org.elasticsearch.common.network.NetworkAddress;
import org.elasticsearch.common.network.NetworkModule;
import org.elasticsearch.common.settings.KeyStoreWrapper;
import org.elasticsearch.common.settings.MockSecureSettings;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.plugins.Plugin;
@ -275,11 +277,11 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
return remoteIndexing ? remoteCluster.client() : client();
}
private void initialize() throws IOException, InterruptedException {
private void initialize() throws Exception {
initialize(null, null);
}
private void initialize(String[] includes, String[] excludes) throws IOException, InterruptedException {
private void initialize(String[] includes, String[] excludes) throws Exception {
rollover = randomFrom(HOURLY, DAILY, WEEKLY, MONTHLY);
numReplicas = numberOfReplicas();
numShards = numberOfShards();
@ -288,8 +290,18 @@ public class IndexAuditTrailTests extends SecurityIntegTestCase {
if (remoteIndexing) {
builder.put(remoteSettings);
}
builder.put(settings(rollover, includes, excludes));
// IndexAuditTrail should ignore secure settings
// they are merged on the master node creating the audit index
if (randomBoolean()) {
MockSecureSettings ignored = new MockSecureSettings();
if (randomBoolean()) {
ignored.setString(KeyStoreWrapper.SEED_SETTING.getKey(), "non-empty-secure-settings");
}
builder.setSecureSettings(ignored);
}
Settings settings = builder.build();
Settings settings = builder.put(settings(rollover, includes, excludes)).build();
logger.info("--> settings: [{}]", settings);
DiscoveryNode localNode = mock(DiscoveryNode.class);
when(localNode.getHostAddress()).thenReturn(remoteAddress.getAddress());