Converte to strict settings infrastructure elastic/elasticsearchelastic/elasticsearch#16365

Original commit: elastic/x-pack-elasticsearch@c877a21e2d
This commit is contained in:
Simon Willnauer 2016-02-03 11:22:33 +01:00
parent 4d30dadba9
commit 422163445e
17 changed files with 134 additions and 34 deletions

View File

@ -13,7 +13,9 @@ import org.elasticsearch.common.component.LifecycleComponent;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.inject.Module;
import org.elasticsearch.common.network.NetworkModule;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsModule;
import org.elasticsearch.license.plugin.action.delete.DeleteLicenseAction;
import org.elasticsearch.license.plugin.action.delete.TransportDeleteLicenseAction;
import org.elasticsearch.license.plugin.action.get.GetLicenseAction;
@ -93,4 +95,9 @@ public class LicensePlugin extends Plugin {
}
return Collections.emptyList();
}
public void onModule(SettingsModule module) {
// TODO convert this wildcard to a real setting
module.registerSetting(Setting.groupSetting("license.", false, Setting.Scope.CLUSTER));
}
}

View File

@ -60,7 +60,6 @@ public class LicensesServiceClusterTests extends AbstractLicensesIntegrationTest
.put(super.nodeSettings(nodeOrdinal))
.put("plugins.load_classpath_plugins", false)
.put("node.data", true)
.put("format", "json")
// this setting is only used in tests
.put("_trial_license_duration_in_seconds", 9)
// this setting is only used in tests

View File

@ -8,7 +8,9 @@ package org.elasticsearch.license.plugin.consumer;
import org.elasticsearch.client.Client;
import org.elasticsearch.cluster.node.DiscoveryNode;
import org.elasticsearch.common.component.LifecycleComponent;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsModule;
import org.elasticsearch.plugins.Plugin;
import java.util.ArrayList;
@ -47,6 +49,15 @@ public abstract class TestConsumerPluginBase extends Plugin {
return services;
}
public void onModule(SettingsModule module) {
try {
module.registerSetting(Setting.simpleString("_trial_license_duration_in_seconds", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("_grace_duration_in_seconds", false, Setting.Scope.CLUSTER));
} catch (IllegalArgumentException ex) {
// already loaded
}
}
public abstract Class<? extends TestPluginServiceBase> service();
protected abstract String pluginName();

View File

@ -137,5 +137,8 @@ public class MarvelPlugin extends Plugin {
module.registerSetting(CleanerService.HISTORY_SETTING);
module.registerSetting(INDEX_MARVEL_VERSION_SETTING);
module.registerSetting(INDEX_MARVEL_TEMPLATE_VERSION_SETTING);
// TODO convert these settings to where they belong
module.registerSetting(Setting.simpleString("marvel.agent.exporter.es.ssl.truststore.password", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.boolSetting("marvel.enabled", false, false, Setting.Scope.CLUSTER));
}
}

View File

@ -10,6 +10,7 @@ import org.elasticsearch.client.Client;
import org.elasticsearch.common.component.LifecycleComponent;
import org.elasticsearch.common.inject.Module;
import org.elasticsearch.common.network.NetworkModule;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsModule;
import org.elasticsearch.common.util.concurrent.ThreadContext;
@ -168,7 +169,7 @@ public class ShieldPlugin extends Plugin {
Settings.Builder settingsBuilder = Settings.settingsBuilder();
settingsBuilder.put(NetworkModule.TRANSPORT_TYPE_KEY, ShieldPlugin.NAME);
settingsBuilder.put(NetworkModule.TRANSPORT_SERVICE_TYPE_KEY, ShieldPlugin.NAME);
settingsBuilder.put(NetworkModule.HTTP_TYPE_KEY, ShieldPlugin.NAME);
settingsBuilder.put(NetworkModule.HTTP_TYPE_SETTING.getKey(), ShieldPlugin.NAME);
addUserSettings(settingsBuilder);
addTribeSettings(settingsBuilder);
addQueryCacheSettings(settingsBuilder);
@ -182,6 +183,9 @@ public class ShieldPlugin extends Plugin {
settingsModule.registerSetting(IPFilter.HTTP_FILTER_DENY_SETTING);
settingsModule.registerSetting(IPFilter.TRANSPORT_FILTER_ALLOW_SETTING);
settingsModule.registerSetting(IPFilter.TRANSPORT_FILTER_DENY_SETTING);
settingsModule.registerSetting(Setting.boolSetting("plugins.load_classpath_plugins", true, false, Setting.Scope.CLUSTER));
// TODO add real settings for this wildcard here
settingsModule.registerSetting(Setting.groupSetting("shield.", false, Setting.Scope.CLUSTER));
}
@Override

View File

@ -42,6 +42,7 @@ import org.elasticsearch.common.xcontent.XContentBuilder;
import org.elasticsearch.common.xcontent.XContentBuilderString;
import org.elasticsearch.common.xcontent.XContentFactory;
import org.elasticsearch.gateway.GatewayService;
import org.elasticsearch.node.Node;
import org.elasticsearch.rest.RestRequest;
import org.elasticsearch.shield.InternalClient;
import org.elasticsearch.shield.SystemUser;
@ -703,11 +704,11 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl
if (hostPortPairs.size() == 0) {
throw new ElasticsearchException("no valid host:port pairs specified for setting [shield.audit.index.client.hosts]");
}
final Settings theClientSetting = clientSettings.filter((s) -> s.startsWith("hosts") == false); // hosts is not a valid setting
final TransportClient transportClient = TransportClient.builder()
.settings(Settings.builder()
.put("name", DEFAULT_CLIENT_NAME + "-" + settings.get("name"))
.put(clientSettings))
.put("node.name", DEFAULT_CLIENT_NAME + "-" + Node.NODE_NAME_SETTING.get(settings))
.put(theClientSetting))
.addPlugin(XPackPlugin.class)
.build();
for (Tuple<String, Integer> pair : hostPortPairs) {

View File

@ -63,7 +63,6 @@ public class ClusterPrivilegeTests extends AbstractPrivilegeTestCase {
protected Settings nodeSettings(int nodeOrdinal) {
return Settings.builder().put(super.nodeSettings(nodeOrdinal))
.put(NetworkModule.HTTP_ENABLED.getKey(), true)
.put("action.disable_shutdown", true)
.put("path.repo", repositoryLocation)
.build();
}

View File

@ -8,12 +8,15 @@ package org.elasticsearch.integration;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.elasticsearch.common.network.NetworkModule;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsModule;
import org.elasticsearch.common.xcontent.XContentBuilder;
import org.elasticsearch.common.xcontent.XContentParser;
import org.elasticsearch.common.xcontent.json.JsonXContent;
import org.elasticsearch.http.HttpServerTransport;
import org.elasticsearch.node.Node;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.shield.authc.support.SecuredString;
import org.elasticsearch.shield.authc.support.UsernamePasswordToken;
import org.elasticsearch.shield.ssl.AbstractSSLService;
@ -25,8 +28,10 @@ import org.elasticsearch.test.rest.client.http.HttpResponse;
import org.junit.After;
import java.io.IOException;
import java.lang.reflect.Array;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
@ -45,6 +50,36 @@ public class SettingsFilterTests extends ShieldIntegTestCase {
httpClient.close();
}
@Override
protected Collection<Class<? extends Plugin>> nodePlugins() {
Collection<Class<? extends Plugin>> classes = super.nodePlugins();
ArrayList<Class<? extends Plugin>> newClasses = new ArrayList<>(classes);
newClasses.add(TestPlugin.class);
return newClasses;
}
public static class TestPlugin extends Plugin {
public TestPlugin() {}
@Override
public String name() {
return "test_settings_adder";
}
@Override
public String description() {
return "adds some settings this test uses";
}
public void onModule(SettingsModule module) {
module.registerSetting(Setting.simpleString("foo.bar", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("foo.baz", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("bar.baz", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("baz.foo", false, Setting.Scope.CLUSTER));
}
}
@Override
protected Settings nodeSettings(int nodeOrdinal) {
int clientProfilePort = randomIntBetween(49000, 65400);

View File

@ -10,6 +10,7 @@ import org.elasticsearch.common.inject.Guice;
import org.elasticsearch.common.inject.Injector;
import org.elasticsearch.common.network.NetworkModule;
import org.elasticsearch.common.network.NetworkService;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsFilter;
import org.elasticsearch.common.settings.SettingsModule;
@ -34,7 +35,9 @@ public class AuditTrailModuleTests extends ESTestCase {
.put("client.type", "node")
.put("shield.audit.enabled", false)
.build();
Injector injector = Guice.createInjector(new SettingsModule(settings, new SettingsFilter(settings)), new AuditTrailModule(settings));
SettingsModule settingsModule = new SettingsModule(settings, new SettingsFilter(settings));
settingsModule.registerSetting(Setting.boolSetting("shield.audit.enabled", true, false, Setting.Scope.CLUSTER));
Injector injector = Guice.createInjector(settingsModule, new AuditTrailModule(settings));
AuditTrail auditTrail = injector.getInstance(AuditTrail.class);
assertThat(auditTrail, is(AuditTrail.NOOP));
}
@ -54,8 +57,10 @@ public class AuditTrailModuleTests extends ESTestCase {
.build();
ThreadPool pool = new ThreadPool("testLogFile");
try {
SettingsModule settingsModule = new SettingsModule(settings, new SettingsFilter(settings));
settingsModule.registerSetting(Setting.boolSetting("shield.audit.enabled", true, false, Setting.Scope.CLUSTER));
Injector injector = Guice.createInjector(
new SettingsModule(settings, new SettingsFilter(settings)),
settingsModule,
new NetworkModule(new NetworkService(settings), settings, false, null) {
@Override
protected void configure() {
@ -84,8 +89,11 @@ public class AuditTrailModuleTests extends ESTestCase {
.put("shield.audit.outputs" , "foo")
.put("client.type", "node")
.build();
SettingsModule settingsModule = new SettingsModule(settings, new SettingsFilter(settings));
settingsModule.registerSetting(Setting.boolSetting("shield.audit.enabled", true, false, Setting.Scope.CLUSTER));
settingsModule.registerSetting(Setting.simpleString("shield.audit.outputs", false, Setting.Scope.CLUSTER));
try {
Guice.createInjector(new SettingsModule(settings, new SettingsFilter(settings)), new AuditTrailModule(settings));
Guice.createInjector(settingsModule, new AuditTrailModule(settings));
fail("Expect initialization to fail when an unknown audit trail output is configured");
} catch (Throwable t) {
// expected

View File

@ -13,6 +13,7 @@ import org.elasticsearch.common.transport.InetSocketTransportAddress;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.test.ShieldIntegTestCase;
import org.elasticsearch.transport.Transport;
import org.elasticsearch.xpack.XPackPlugin;
import java.net.InetSocketAddress;
import java.nio.file.Files;
@ -74,7 +75,7 @@ public class SslHostnameVerificationTests extends ShieldIntegTestCase {
.put(ShieldNettyTransport.HOSTNAME_VERIFICATION_SETTING, true)
.build();
try (TransportClient client = TransportClient.builder().settings(settings).build()) {
try (TransportClient client = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
client.addTransportAddress(new InetSocketTransportAddress(inetSocketAddress.getAddress(), inetSocketAddress.getPort()));
client.admin().cluster().prepareHealth().get();
fail("Expected a NoNodeAvailableException due to hostname verification failures");

View File

@ -28,6 +28,7 @@ import org.elasticsearch.shield.transport.netty.ShieldNettyHttpServerTransport;
import org.elasticsearch.test.ShieldIntegTestCase;
import org.elasticsearch.test.ShieldSettingsSource;
import org.elasticsearch.transport.Transport;
import org.elasticsearch.xpack.XPackPlugin;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
@ -58,9 +59,9 @@ public class SslIntegrationTests extends ShieldIntegTestCase {
// no SSL exception as this is the exception is returned when connecting
public void testThatUnconfiguredCiphersAreRejected() {
try (TransportClient transportClient = TransportClient.builder().settings(settingsBuilder()
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settingsBuilder()
.put(transportClientSettings())
.put("name", "programmatic_transport_client")
.put("node.name", "programmatic_transport_client")
.put("cluster.name", internalCluster().getClusterName())
.putArray("shield.ssl.ciphers", new String[]{"TLS_ECDH_anon_WITH_RC4_128_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA"})
.build()).build()) {
@ -77,9 +78,9 @@ public class SslIntegrationTests extends ShieldIntegTestCase {
// no SSL exception as this is the exception is returned when connecting
public void testThatTransportClientUsingSSLv3ProtocolIsRejected() {
try(TransportClient transportClient = TransportClient.builder().settings(settingsBuilder()
try(TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settingsBuilder()
.put(transportClientSettings())
.put("name", "programmatic_transport_client")
.put("node.name", "programmatic_transport_client")
.put("cluster.name", internalCluster().getClusterName())
.putArray("shield.ssl.supported_protocols", new String[]{"SSLv3"})
.build()).build()) {

View File

@ -85,7 +85,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
private TransportClient createTransportClient(Settings additionalSettings) {
Settings settings = settingsBuilder().put(transportClientSettings())
.put("name", "programmatic_transport_client")
.put("node.name", "programmatic_transport_client")
.put("cluster.name", internalCluster().getClusterName())
.put(additionalSettings)
.build();
@ -232,7 +232,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("shield.user", DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
.put("cluster.name", internalCluster().getClusterName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(randomFrom(internalCluster().getInstance(Transport.class).boundAddress().boundAddresses()));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");
@ -250,7 +250,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("shield.user", DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
.put("cluster.name", internalCluster().getClusterName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");
@ -268,7 +268,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("shield.user", DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD)
.put("cluster.name", internalCluster().getClusterName())
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_client_auth")));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");
@ -310,7 +310,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("shield.ssl.truststore.path", getDataPath("/org/elasticsearch/shield/transport/ssl/certs/simple/truststore-testnode-only.jks"))
.put("shield.ssl.truststore.password", "truststore-testnode-only")
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");
@ -333,7 +333,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("shield.ssl.truststore.path", getDataPath("/org/elasticsearch/shield/transport/ssl/certs/simple/truststore-testnode-only.jks"))
.put("shield.ssl.truststore.password", "truststore-testnode-only")
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(randomFrom(internalCluster().getInstance(Transport.class).boundAddress().boundAddresses()));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");
@ -355,7 +355,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("shield.ssl.truststore.path", getDataPath("/org/elasticsearch/shield/transport/ssl/certs/simple/truststore-testnode-only.jks"))
.put("shield.ssl.truststore.password", "truststore-testnode-only")
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl")));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");
@ -375,7 +375,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("cluster.name", internalCluster().getClusterName())
.put("shield.transport.ssl", true)
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(randomFrom(internalCluster().getInstance(Transport.class).boundAddress().boundAddresses()));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");
@ -395,7 +395,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("cluster.name", internalCluster().getClusterName())
.put("shield.transport.ssl", true)
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client")));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");
@ -415,7 +415,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("cluster.name", internalCluster().getClusterName())
.put("shield.transport.ssl", true)
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_client_auth")));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");
@ -435,7 +435,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase {
.put("cluster.name", internalCluster().getClusterName())
.put("shield.transport.ssl", true)
.build();
try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) {
try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) {
transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl")));
assertGreenClusterState(transportClient);
fail("Expected NoNodeAvailableException");

View File

@ -123,6 +123,7 @@ public class XPackPlugin extends Plugin {
shieldPlugin.onModule(module);
marvelPlugin.onModule(module);
watcherPlugin.onModule(module);
licensePlugin.onModule(module);
}
public void onModule(NetworkModule module) {

View File

@ -17,10 +17,10 @@ import org.elasticsearch.common.logging.Loggers;
import org.elasticsearch.common.logging.support.LoggerMessageFormat;
import org.elasticsearch.common.network.NetworkModule;
import org.elasticsearch.common.regex.Regex;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.settings.SettingsModule;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.script.ScriptEngineRegistry;
import org.elasticsearch.script.ScriptModule;
import org.elasticsearch.watcher.actions.WatcherActionModule;
import org.elasticsearch.watcher.actions.email.service.EmailService;
@ -49,6 +49,7 @@ import org.elasticsearch.watcher.rest.action.RestPutWatchAction;
import org.elasticsearch.watcher.rest.action.RestWatchServiceAction;
import org.elasticsearch.watcher.rest.action.RestWatcherInfoAction;
import org.elasticsearch.watcher.rest.action.RestWatcherStatsAction;
import org.elasticsearch.watcher.shield.ShieldSecretService;
import org.elasticsearch.watcher.shield.WatcherShieldModule;
import org.elasticsearch.watcher.support.WatcherIndexTemplateRegistry.TemplateConfig;
import org.elasticsearch.watcher.support.clock.ClockModule;
@ -191,6 +192,31 @@ public class WatcherPlugin extends Plugin {
module.registerSetting(InternalEmailService.EMAIL_ACCOUNT_SETTING);
module.registerSetting(InternalHipChatService.HIPCHAT_ACCOUNT_SETTING);
module.registerSetting(InternalPagerDutyService.PAGERDUTY_ACCOUNT_SETTING);
module.registerSetting(Setting.intSetting("watcher.execution.scroll.size", 0, false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.intSetting("watcher.watch.scroll.size", 0, false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.boolSetting("watcher.enabled", false, false, Setting.Scope.CLUSTER));
module.registerSetting(ShieldSecretService.ENCRYPT_SENSITIVE_DATA_SETTING);
// TODO add real settings for these
module.registerSetting(Setting.simpleString("resource.reload.interval", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("resource.reload.enabled", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("resource.reload.interval.low", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("resource.reload.interval.medium", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.internal.ops.search.default_timeout", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.internal.ops.bulk.default_timeout", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.internal.ops.index.default_timeout", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.execution.default_throttle_period", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.http.default_read_timeout", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.groupSetting("watcher.http.ssl.", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.groupSetting("watcher.http.proxy.", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.actions.index.default_timeout", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.index.rest.direct_access", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.trigger.schedule.engine", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.input.search.default_timeout", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.transform.search.default_timeout", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.trigger.schedule.ticker.tick_interval", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.execution.scroll.timeout", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.start_immediately", false, Setting.Scope.CLUSTER));
module.registerSetting(Setting.simpleString("watcher.http.default_connection_timeout", false, Setting.Scope.CLUSTER));
}
public void onModule(NetworkModule module) {

View File

@ -7,6 +7,7 @@ package org.elasticsearch.watcher.shield;
import org.elasticsearch.common.component.AbstractComponent;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.shield.crypto.CryptoService;
import org.elasticsearch.watcher.support.secret.SecretService;
@ -18,11 +19,11 @@ public class ShieldSecretService extends AbstractComponent implements SecretServ
private final CryptoService cryptoService;
private final boolean encryptSensitiveData;
public static final Setting<Boolean> ENCRYPT_SENSITIVE_DATA_SETTING = Setting.boolSetting("watcher.shield.encrypt_sensitive_data", false, false, Setting.Scope.CLUSTER);
@Inject
public ShieldSecretService(Settings settings, CryptoService cryptoService) {
super(settings);
this.encryptSensitiveData = settings.getAsBoolean("watcher.shield.encrypt_sensitive_data", false);
this.encryptSensitiveData = ENCRYPT_SENSITIVE_DATA_SETTING.get(settings);
this.cryptoService = cryptoService;
}

View File

@ -127,12 +127,12 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase
logger.info("using schedule engine [" + scheduleImplName + "]");
return Settings.builder()
.put(super.nodeSettings(nodeOrdinal))
//TODO: for now lets isolate watcher tests from marvel (randomize this later)
.put("marvel.enabled", false)
// we do this by default in core, but for watcher this isn't needed and only adds noise.
.put("index.store.mock.check_index_on_close", false)
.put("scroll.size", randomIntBetween(1, 100))
.put("watcher.execution.scroll.size", randomIntBetween(1, 100))
.put("watcher.watch.scroll.size", randomIntBetween(1, 100))
.put(ShieldSettings.settings(shieldEnabled))
.put("watcher.trigger.schedule.engine", scheduleImplName)
.build();

View File

@ -86,10 +86,13 @@ public class HttpSecretsIntegrationTests extends AbstractWatcherIntegrationTestC
if (encryptSensitiveData == null) {
encryptSensitiveData = shieldEnabled() && randomBoolean();
}
return Settings.builder()
.put(super.nodeSettings(nodeOrdinal))
.put("watcher.shield.encrypt_sensitive_data", encryptSensitiveData)
.build();
if (encryptSensitiveData) {
return Settings.builder()
.put(super.nodeSettings(nodeOrdinal))
.put("watcher.shield.encrypt_sensitive_data", encryptSensitiveData)
.build();
}
return super.nodeSettings(nodeOrdinal);
}
public void testHttpInput() throws Exception {