diff --git a/elasticsearch/x-pack/license-plugin/src/main/java/org/elasticsearch/license/plugin/LicensePlugin.java b/elasticsearch/x-pack/license-plugin/src/main/java/org/elasticsearch/license/plugin/LicensePlugin.java index 2ac1b4f2d90..c10893c9329 100644 --- a/elasticsearch/x-pack/license-plugin/src/main/java/org/elasticsearch/license/plugin/LicensePlugin.java +++ b/elasticsearch/x-pack/license-plugin/src/main/java/org/elasticsearch/license/plugin/LicensePlugin.java @@ -13,7 +13,9 @@ import org.elasticsearch.common.component.LifecycleComponent; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.inject.Module; import org.elasticsearch.common.network.NetworkModule; +import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.common.settings.SettingsModule; import org.elasticsearch.license.plugin.action.delete.DeleteLicenseAction; import org.elasticsearch.license.plugin.action.delete.TransportDeleteLicenseAction; import org.elasticsearch.license.plugin.action.get.GetLicenseAction; @@ -93,4 +95,9 @@ public class LicensePlugin extends Plugin { } return Collections.emptyList(); } + + public void onModule(SettingsModule module) { + // TODO convert this wildcard to a real setting + module.registerSetting(Setting.groupSetting("license.", false, Setting.Scope.CLUSTER)); + } } diff --git a/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/LicensesServiceClusterTests.java b/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/LicensesServiceClusterTests.java index a034f4544e7..51f7403e0dd 100644 --- a/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/LicensesServiceClusterTests.java +++ b/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/LicensesServiceClusterTests.java @@ -60,7 +60,6 @@ public class LicensesServiceClusterTests extends AbstractLicensesIntegrationTest .put(super.nodeSettings(nodeOrdinal)) .put("plugins.load_classpath_plugins", false) .put("node.data", true) - .put("format", "json") // this setting is only used in tests .put("_trial_license_duration_in_seconds", 9) // this setting is only used in tests diff --git a/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/consumer/TestConsumerPluginBase.java b/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/consumer/TestConsumerPluginBase.java index 400e46c136e..b176e93567c 100644 --- a/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/consumer/TestConsumerPluginBase.java +++ b/elasticsearch/x-pack/license-plugin/src/test/java/org/elasticsearch/license/plugin/consumer/TestConsumerPluginBase.java @@ -8,7 +8,9 @@ package org.elasticsearch.license.plugin.consumer; import org.elasticsearch.client.Client; import org.elasticsearch.cluster.node.DiscoveryNode; import org.elasticsearch.common.component.LifecycleComponent; +import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.common.settings.SettingsModule; import org.elasticsearch.plugins.Plugin; import java.util.ArrayList; @@ -47,6 +49,15 @@ public abstract class TestConsumerPluginBase extends Plugin { return services; } + public void onModule(SettingsModule module) { + try { + module.registerSetting(Setting.simpleString("_trial_license_duration_in_seconds", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("_grace_duration_in_seconds", false, Setting.Scope.CLUSTER)); + } catch (IllegalArgumentException ex) { + // already loaded + } + } + public abstract Class service(); protected abstract String pluginName(); diff --git a/elasticsearch/x-pack/marvel/src/main/java/org/elasticsearch/marvel/MarvelPlugin.java b/elasticsearch/x-pack/marvel/src/main/java/org/elasticsearch/marvel/MarvelPlugin.java index 1892196c9ef..b57e9fd80d0 100644 --- a/elasticsearch/x-pack/marvel/src/main/java/org/elasticsearch/marvel/MarvelPlugin.java +++ b/elasticsearch/x-pack/marvel/src/main/java/org/elasticsearch/marvel/MarvelPlugin.java @@ -137,5 +137,8 @@ public class MarvelPlugin extends Plugin { module.registerSetting(CleanerService.HISTORY_SETTING); module.registerSetting(INDEX_MARVEL_VERSION_SETTING); module.registerSetting(INDEX_MARVEL_TEMPLATE_VERSION_SETTING); + // TODO convert these settings to where they belong + module.registerSetting(Setting.simpleString("marvel.agent.exporter.es.ssl.truststore.password", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.boolSetting("marvel.enabled", false, false, Setting.Scope.CLUSTER)); } } diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/ShieldPlugin.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/ShieldPlugin.java index b5853744d69..3dbbf192962 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/ShieldPlugin.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/ShieldPlugin.java @@ -10,6 +10,7 @@ import org.elasticsearch.client.Client; import org.elasticsearch.common.component.LifecycleComponent; import org.elasticsearch.common.inject.Module; import org.elasticsearch.common.network.NetworkModule; +import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.SettingsModule; import org.elasticsearch.common.util.concurrent.ThreadContext; @@ -168,7 +169,7 @@ public class ShieldPlugin extends Plugin { Settings.Builder settingsBuilder = Settings.settingsBuilder(); settingsBuilder.put(NetworkModule.TRANSPORT_TYPE_KEY, ShieldPlugin.NAME); settingsBuilder.put(NetworkModule.TRANSPORT_SERVICE_TYPE_KEY, ShieldPlugin.NAME); - settingsBuilder.put(NetworkModule.HTTP_TYPE_KEY, ShieldPlugin.NAME); + settingsBuilder.put(NetworkModule.HTTP_TYPE_SETTING.getKey(), ShieldPlugin.NAME); addUserSettings(settingsBuilder); addTribeSettings(settingsBuilder); addQueryCacheSettings(settingsBuilder); @@ -182,6 +183,9 @@ public class ShieldPlugin extends Plugin { settingsModule.registerSetting(IPFilter.HTTP_FILTER_DENY_SETTING); settingsModule.registerSetting(IPFilter.TRANSPORT_FILTER_ALLOW_SETTING); settingsModule.registerSetting(IPFilter.TRANSPORT_FILTER_DENY_SETTING); + settingsModule.registerSetting(Setting.boolSetting("plugins.load_classpath_plugins", true, false, Setting.Scope.CLUSTER)); + // TODO add real settings for this wildcard here + settingsModule.registerSetting(Setting.groupSetting("shield.", false, Setting.Scope.CLUSTER)); } @Override diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/audit/index/IndexAuditTrail.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/audit/index/IndexAuditTrail.java index 865ea4531f6..e10e9a6e615 100644 --- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/audit/index/IndexAuditTrail.java +++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/audit/index/IndexAuditTrail.java @@ -42,6 +42,7 @@ import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentBuilderString; import org.elasticsearch.common.xcontent.XContentFactory; import org.elasticsearch.gateway.GatewayService; +import org.elasticsearch.node.Node; import org.elasticsearch.rest.RestRequest; import org.elasticsearch.shield.InternalClient; import org.elasticsearch.shield.SystemUser; @@ -703,11 +704,11 @@ public class IndexAuditTrail extends AbstractComponent implements AuditTrail, Cl if (hostPortPairs.size() == 0) { throw new ElasticsearchException("no valid host:port pairs specified for setting [shield.audit.index.client.hosts]"); } - + final Settings theClientSetting = clientSettings.filter((s) -> s.startsWith("hosts") == false); // hosts is not a valid setting final TransportClient transportClient = TransportClient.builder() .settings(Settings.builder() - .put("name", DEFAULT_CLIENT_NAME + "-" + settings.get("name")) - .put(clientSettings)) + .put("node.name", DEFAULT_CLIENT_NAME + "-" + Node.NODE_NAME_SETTING.get(settings)) + .put(theClientSetting)) .addPlugin(XPackPlugin.class) .build(); for (Tuple pair : hostPortPairs) { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClusterPrivilegeTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClusterPrivilegeTests.java index 8682093c0b9..dcc6637acd8 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClusterPrivilegeTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClusterPrivilegeTests.java @@ -63,7 +63,6 @@ public class ClusterPrivilegeTests extends AbstractPrivilegeTestCase { protected Settings nodeSettings(int nodeOrdinal) { return Settings.builder().put(super.nodeSettings(nodeOrdinal)) .put(NetworkModule.HTTP_ENABLED.getKey(), true) - .put("action.disable_shutdown", true) .put("path.repo", repositoryLocation) .build(); } diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/SettingsFilterTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/SettingsFilterTests.java index fe69177d498..e73930c8ea5 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/SettingsFilterTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/SettingsFilterTests.java @@ -8,12 +8,15 @@ package org.elasticsearch.integration; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.elasticsearch.common.network.NetworkModule; +import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.common.settings.SettingsModule; import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentParser; import org.elasticsearch.common.xcontent.json.JsonXContent; import org.elasticsearch.http.HttpServerTransport; import org.elasticsearch.node.Node; +import org.elasticsearch.plugins.Plugin; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.shield.authc.support.UsernamePasswordToken; import org.elasticsearch.shield.ssl.AbstractSSLService; @@ -25,8 +28,10 @@ import org.elasticsearch.test.rest.client.http.HttpResponse; import org.junit.After; import java.io.IOException; +import java.lang.reflect.Array; import java.nio.charset.StandardCharsets; import java.util.ArrayList; +import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Map; @@ -45,6 +50,36 @@ public class SettingsFilterTests extends ShieldIntegTestCase { httpClient.close(); } + @Override + protected Collection> nodePlugins() { + Collection> classes = super.nodePlugins(); + ArrayList> newClasses = new ArrayList<>(classes); + newClasses.add(TestPlugin.class); + return newClasses; + } + + public static class TestPlugin extends Plugin { + + public TestPlugin() {} + + @Override + public String name() { + return "test_settings_adder"; + } + + @Override + public String description() { + return "adds some settings this test uses"; + } + + public void onModule(SettingsModule module) { + module.registerSetting(Setting.simpleString("foo.bar", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("foo.baz", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("bar.baz", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("baz.foo", false, Setting.Scope.CLUSTER)); + } + } + @Override protected Settings nodeSettings(int nodeOrdinal) { int clientProfilePort = randomIntBetween(49000, 65400); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/audit/AuditTrailModuleTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/audit/AuditTrailModuleTests.java index c0adb8bade1..3877bfe3af8 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/audit/AuditTrailModuleTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/audit/AuditTrailModuleTests.java @@ -10,6 +10,7 @@ import org.elasticsearch.common.inject.Guice; import org.elasticsearch.common.inject.Injector; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.network.NetworkService; +import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.SettingsFilter; import org.elasticsearch.common.settings.SettingsModule; @@ -34,7 +35,9 @@ public class AuditTrailModuleTests extends ESTestCase { .put("client.type", "node") .put("shield.audit.enabled", false) .build(); - Injector injector = Guice.createInjector(new SettingsModule(settings, new SettingsFilter(settings)), new AuditTrailModule(settings)); + SettingsModule settingsModule = new SettingsModule(settings, new SettingsFilter(settings)); + settingsModule.registerSetting(Setting.boolSetting("shield.audit.enabled", true, false, Setting.Scope.CLUSTER)); + Injector injector = Guice.createInjector(settingsModule, new AuditTrailModule(settings)); AuditTrail auditTrail = injector.getInstance(AuditTrail.class); assertThat(auditTrail, is(AuditTrail.NOOP)); } @@ -54,8 +57,10 @@ public class AuditTrailModuleTests extends ESTestCase { .build(); ThreadPool pool = new ThreadPool("testLogFile"); try { + SettingsModule settingsModule = new SettingsModule(settings, new SettingsFilter(settings)); + settingsModule.registerSetting(Setting.boolSetting("shield.audit.enabled", true, false, Setting.Scope.CLUSTER)); Injector injector = Guice.createInjector( - new SettingsModule(settings, new SettingsFilter(settings)), + settingsModule, new NetworkModule(new NetworkService(settings), settings, false, null) { @Override protected void configure() { @@ -84,8 +89,11 @@ public class AuditTrailModuleTests extends ESTestCase { .put("shield.audit.outputs" , "foo") .put("client.type", "node") .build(); + SettingsModule settingsModule = new SettingsModule(settings, new SettingsFilter(settings)); + settingsModule.registerSetting(Setting.boolSetting("shield.audit.enabled", true, false, Setting.Scope.CLUSTER)); + settingsModule.registerSetting(Setting.simpleString("shield.audit.outputs", false, Setting.Scope.CLUSTER)); try { - Guice.createInjector(new SettingsModule(settings, new SettingsFilter(settings)), new AuditTrailModule(settings)); + Guice.createInjector(settingsModule, new AuditTrailModule(settings)); fail("Expect initialization to fail when an unknown audit trail output is configured"); } catch (Throwable t) { // expected diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/netty/SslHostnameVerificationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/netty/SslHostnameVerificationTests.java index 41646cfc646..db914862215 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/netty/SslHostnameVerificationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/netty/SslHostnameVerificationTests.java @@ -13,6 +13,7 @@ import org.elasticsearch.common.transport.InetSocketTransportAddress; import org.elasticsearch.common.transport.TransportAddress; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.transport.Transport; +import org.elasticsearch.xpack.XPackPlugin; import java.net.InetSocketAddress; import java.nio.file.Files; @@ -74,7 +75,7 @@ public class SslHostnameVerificationTests extends ShieldIntegTestCase { .put(ShieldNettyTransport.HOSTNAME_VERIFICATION_SETTING, true) .build(); - try (TransportClient client = TransportClient.builder().settings(settings).build()) { + try (TransportClient client = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { client.addTransportAddress(new InetSocketTransportAddress(inetSocketAddress.getAddress(), inetSocketAddress.getPort())); client.admin().cluster().prepareHealth().get(); fail("Expected a NoNodeAvailableException due to hostname verification failures"); diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslIntegrationTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslIntegrationTests.java index 9b205dc50d9..32e7789b61a 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslIntegrationTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslIntegrationTests.java @@ -28,6 +28,7 @@ import org.elasticsearch.shield.transport.netty.ShieldNettyHttpServerTransport; import org.elasticsearch.test.ShieldIntegTestCase; import org.elasticsearch.test.ShieldSettingsSource; import org.elasticsearch.transport.Transport; +import org.elasticsearch.xpack.XPackPlugin; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLHandshakeException; @@ -58,9 +59,9 @@ public class SslIntegrationTests extends ShieldIntegTestCase { // no SSL exception as this is the exception is returned when connecting public void testThatUnconfiguredCiphersAreRejected() { - try (TransportClient transportClient = TransportClient.builder().settings(settingsBuilder() + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settingsBuilder() .put(transportClientSettings()) - .put("name", "programmatic_transport_client") + .put("node.name", "programmatic_transport_client") .put("cluster.name", internalCluster().getClusterName()) .putArray("shield.ssl.ciphers", new String[]{"TLS_ECDH_anon_WITH_RC4_128_SHA", "SSL_RSA_WITH_3DES_EDE_CBC_SHA"}) .build()).build()) { @@ -77,9 +78,9 @@ public class SslIntegrationTests extends ShieldIntegTestCase { // no SSL exception as this is the exception is returned when connecting public void testThatTransportClientUsingSSLv3ProtocolIsRejected() { - try(TransportClient transportClient = TransportClient.builder().settings(settingsBuilder() + try(TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settingsBuilder() .put(transportClientSettings()) - .put("name", "programmatic_transport_client") + .put("node.name", "programmatic_transport_client") .put("cluster.name", internalCluster().getClusterName()) .putArray("shield.ssl.supported_protocols", new String[]{"SSLv3"}) .build()).build()) { diff --git a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslMultiPortTests.java b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslMultiPortTests.java index 9ab7f4738f7..6771456823d 100644 --- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslMultiPortTests.java +++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslMultiPortTests.java @@ -85,7 +85,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { private TransportClient createTransportClient(Settings additionalSettings) { Settings settings = settingsBuilder().put(transportClientSettings()) - .put("name", "programmatic_transport_client") + .put("node.name", "programmatic_transport_client") .put("cluster.name", internalCluster().getClusterName()) .put(additionalSettings) .build(); @@ -232,7 +232,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("shield.user", DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD) .put("cluster.name", internalCluster().getClusterName()) .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(randomFrom(internalCluster().getInstance(Transport.class).boundAddress().boundAddresses())); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); @@ -250,7 +250,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("shield.user", DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD) .put("cluster.name", internalCluster().getClusterName()) .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client"))); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); @@ -268,7 +268,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("shield.user", DEFAULT_USER_NAME + ":" + DEFAULT_PASSWORD) .put("cluster.name", internalCluster().getClusterName()) .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_client_auth"))); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); @@ -310,7 +310,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("shield.ssl.truststore.path", getDataPath("/org/elasticsearch/shield/transport/ssl/certs/simple/truststore-testnode-only.jks")) .put("shield.ssl.truststore.password", "truststore-testnode-only") .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client"))); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); @@ -333,7 +333,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("shield.ssl.truststore.path", getDataPath("/org/elasticsearch/shield/transport/ssl/certs/simple/truststore-testnode-only.jks")) .put("shield.ssl.truststore.password", "truststore-testnode-only") .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(randomFrom(internalCluster().getInstance(Transport.class).boundAddress().boundAddresses())); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); @@ -355,7 +355,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("shield.ssl.truststore.path", getDataPath("/org/elasticsearch/shield/transport/ssl/certs/simple/truststore-testnode-only.jks")) .put("shield.ssl.truststore.password", "truststore-testnode-only") .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl"))); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); @@ -375,7 +375,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("cluster.name", internalCluster().getClusterName()) .put("shield.transport.ssl", true) .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(randomFrom(internalCluster().getInstance(Transport.class).boundAddress().boundAddresses())); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); @@ -395,7 +395,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("cluster.name", internalCluster().getClusterName()) .put("shield.transport.ssl", true) .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("client"))); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); @@ -415,7 +415,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("cluster.name", internalCluster().getClusterName()) .put("shield.transport.ssl", true) .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_client_auth"))); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); @@ -435,7 +435,7 @@ public class SslMultiPortTests extends ShieldIntegTestCase { .put("cluster.name", internalCluster().getClusterName()) .put("shield.transport.ssl", true) .build(); - try (TransportClient transportClient = TransportClient.builder().settings(settings).build()) { + try (TransportClient transportClient = TransportClient.builder().addPlugin(XPackPlugin.class).settings(settings).build()) { transportClient.addTransportAddress(new InetSocketTransportAddress(InetAddress.getLoopbackAddress(), getProfilePort("no_ssl"))); assertGreenClusterState(transportClient); fail("Expected NoNodeAvailableException"); diff --git a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/XPackPlugin.java b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/XPackPlugin.java index 0d6f91fd307..8f16b84b28d 100644 --- a/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/XPackPlugin.java +++ b/elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/XPackPlugin.java @@ -123,6 +123,7 @@ public class XPackPlugin extends Plugin { shieldPlugin.onModule(module); marvelPlugin.onModule(module); watcherPlugin.onModule(module); + licensePlugin.onModule(module); } public void onModule(NetworkModule module) { diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/watcher/WatcherPlugin.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/watcher/WatcherPlugin.java index da5ad267f7d..8b523738515 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/watcher/WatcherPlugin.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/watcher/WatcherPlugin.java @@ -17,10 +17,10 @@ import org.elasticsearch.common.logging.Loggers; import org.elasticsearch.common.logging.support.LoggerMessageFormat; import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.regex.Regex; +import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.settings.SettingsModule; import org.elasticsearch.plugins.Plugin; -import org.elasticsearch.script.ScriptEngineRegistry; import org.elasticsearch.script.ScriptModule; import org.elasticsearch.watcher.actions.WatcherActionModule; import org.elasticsearch.watcher.actions.email.service.EmailService; @@ -49,6 +49,7 @@ import org.elasticsearch.watcher.rest.action.RestPutWatchAction; import org.elasticsearch.watcher.rest.action.RestWatchServiceAction; import org.elasticsearch.watcher.rest.action.RestWatcherInfoAction; import org.elasticsearch.watcher.rest.action.RestWatcherStatsAction; +import org.elasticsearch.watcher.shield.ShieldSecretService; import org.elasticsearch.watcher.shield.WatcherShieldModule; import org.elasticsearch.watcher.support.WatcherIndexTemplateRegistry.TemplateConfig; import org.elasticsearch.watcher.support.clock.ClockModule; @@ -191,6 +192,31 @@ public class WatcherPlugin extends Plugin { module.registerSetting(InternalEmailService.EMAIL_ACCOUNT_SETTING); module.registerSetting(InternalHipChatService.HIPCHAT_ACCOUNT_SETTING); module.registerSetting(InternalPagerDutyService.PAGERDUTY_ACCOUNT_SETTING); + module.registerSetting(Setting.intSetting("watcher.execution.scroll.size", 0, false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.intSetting("watcher.watch.scroll.size", 0, false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.boolSetting("watcher.enabled", false, false, Setting.Scope.CLUSTER)); + module.registerSetting(ShieldSecretService.ENCRYPT_SENSITIVE_DATA_SETTING); + // TODO add real settings for these + module.registerSetting(Setting.simpleString("resource.reload.interval", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("resource.reload.enabled", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("resource.reload.interval.low", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("resource.reload.interval.medium", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.internal.ops.search.default_timeout", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.internal.ops.bulk.default_timeout", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.internal.ops.index.default_timeout", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.execution.default_throttle_period", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.http.default_read_timeout", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.groupSetting("watcher.http.ssl.", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.groupSetting("watcher.http.proxy.", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.actions.index.default_timeout", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.index.rest.direct_access", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.trigger.schedule.engine", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.input.search.default_timeout", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.transform.search.default_timeout", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.trigger.schedule.ticker.tick_interval", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.execution.scroll.timeout", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.start_immediately", false, Setting.Scope.CLUSTER)); + module.registerSetting(Setting.simpleString("watcher.http.default_connection_timeout", false, Setting.Scope.CLUSTER)); } public void onModule(NetworkModule module) { diff --git a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/watcher/shield/ShieldSecretService.java b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/watcher/shield/ShieldSecretService.java index 880db47d5fc..2bd596fdd4c 100644 --- a/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/watcher/shield/ShieldSecretService.java +++ b/elasticsearch/x-pack/watcher/src/main/java/org/elasticsearch/watcher/shield/ShieldSecretService.java @@ -7,6 +7,7 @@ package org.elasticsearch.watcher.shield; import org.elasticsearch.common.component.AbstractComponent; import org.elasticsearch.common.inject.Inject; +import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.shield.crypto.CryptoService; import org.elasticsearch.watcher.support.secret.SecretService; @@ -18,11 +19,11 @@ public class ShieldSecretService extends AbstractComponent implements SecretServ private final CryptoService cryptoService; private final boolean encryptSensitiveData; - + public static final Setting ENCRYPT_SENSITIVE_DATA_SETTING = Setting.boolSetting("watcher.shield.encrypt_sensitive_data", false, false, Setting.Scope.CLUSTER); @Inject public ShieldSecretService(Settings settings, CryptoService cryptoService) { super(settings); - this.encryptSensitiveData = settings.getAsBoolean("watcher.shield.encrypt_sensitive_data", false); + this.encryptSensitiveData = ENCRYPT_SENSITIVE_DATA_SETTING.get(settings); this.cryptoService = cryptoService; } diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/AbstractWatcherIntegrationTestCase.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/AbstractWatcherIntegrationTestCase.java index 6f57152cea4..f63a589d2b0 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/AbstractWatcherIntegrationTestCase.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/AbstractWatcherIntegrationTestCase.java @@ -127,12 +127,12 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase logger.info("using schedule engine [" + scheduleImplName + "]"); return Settings.builder() .put(super.nodeSettings(nodeOrdinal)) - //TODO: for now lets isolate watcher tests from marvel (randomize this later) .put("marvel.enabled", false) // we do this by default in core, but for watcher this isn't needed and only adds noise. .put("index.store.mock.check_index_on_close", false) - .put("scroll.size", randomIntBetween(1, 100)) + .put("watcher.execution.scroll.size", randomIntBetween(1, 100)) + .put("watcher.watch.scroll.size", randomIntBetween(1, 100)) .put(ShieldSettings.settings(shieldEnabled)) .put("watcher.trigger.schedule.engine", scheduleImplName) .build(); diff --git a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/integration/HttpSecretsIntegrationTests.java b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/integration/HttpSecretsIntegrationTests.java index 55e794169c6..4f225b107d3 100644 --- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/integration/HttpSecretsIntegrationTests.java +++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/watcher/test/integration/HttpSecretsIntegrationTests.java @@ -86,10 +86,13 @@ public class HttpSecretsIntegrationTests extends AbstractWatcherIntegrationTestC if (encryptSensitiveData == null) { encryptSensitiveData = shieldEnabled() && randomBoolean(); } - return Settings.builder() - .put(super.nodeSettings(nodeOrdinal)) - .put("watcher.shield.encrypt_sensitive_data", encryptSensitiveData) - .build(); + if (encryptSensitiveData) { + return Settings.builder() + .put(super.nodeSettings(nodeOrdinal)) + .put("watcher.shield.encrypt_sensitive_data", encryptSensitiveData) + .build(); + } + return super.nodeSettings(nodeOrdinal); } public void testHttpInput() throws Exception {