Bump master version to 7.0.0-alpha1 (elastic/x-pack-elasticsearch#2135)

This is the xpack side of
https://github.com/elastic/elasticsearch/pull/25876

Original commit: elastic/x-pack-elasticsearch@c86ea25009

plugin/src/main/plugin-metadata/plugin-security.policy

@@ -32,7 +32,7 @@ grant {
   permission java.io.FilePermission "\\\\.\\pipe\\*", "read,write";
 };
 
-grant codeBase "${codebase.elasticsearch-rest-client-6.0.0-beta1-SNAPSHOT.jar}" {
+grant codeBase "${codebase.elasticsearch-rest-client-7.0.0-alpha1-SNAPSHOT.jar}" {
   // rest client uses system properties which gets the default proxy
   permission java.net.NetPermission "getProxySelector";
 };

qa/rolling-upgrade/build.gradle

@@ -127,12 +127,17 @@ subprojects {
       dependsOn copyTestNodeKeystore
       extraConfigFile 'testnode.jks', new File(outputDir + '/testnode.jks')
       if (withSystemKey) {
-        if (version.onOrAfter('5.1.0')) {
+        if (version.onOrAfter('5.1.0') && version.before('6.0.0')) {
           // The setting didn't exist until 5.1.0
           setting 'xpack.security.system_key.required', 'true'
         }
-        extraConfigFile 'x-pack/system_key',
+        if (version.onOrAfter('6.0.0')) {
+            setupCommand 'create-elasticsearch-keystore', 'bin/elasticsearch-keystore', 'create'
+            setupCommand 'add-key-elasticsearch-keystore', 'bin/elasticsearch-keystore', 'add-file', 'xpack.watcher.encryption_key',
                     "${mainProject.projectDir}/src/test/resources/system_key"
+        } else {
+            extraConfigFile 'x-pack/system_key', "${mainProject.projectDir}/src/test/resources/system_key"
+        }
         setting 'xpack.watcher.encrypt_sensitive_data', 'true'
       }
     }

qa/rolling-upgrade/src/test/resources/rest-api-spec/test/old_cluster/20_security.yml

@@ -73,11 +73,3 @@
       xpack.security.get_user:
         username: "logstash_system"
   - match: { logstash_system.enabled: true }
-
-  # run the upgrade API once all the old cluster actions are done,
-  # prior to moving to the mixed cluster
-  - do:
-      headers:
-        Authorization: "Basic ZWxhc3RpYzpjaGFuZ2VtZQ=="   # corresponds to elastic:changeme
-      xpack.migration.upgrade:
-        index: ".security"

qa/rolling-upgrade/src/test/resources/rest-api-spec/test/upgraded_cluster/20_security.yml

@@ -23,33 +23,3 @@
   - match: { native_role.indices.0.names.0: "test_index" }
   - match: { native_role.indices.0.privileges.0:  "all" }
 
----
-"Verify default password migration results in upgraded cluster":
-  - skip:
-      version: " - 5.1.1"
-      reason: "the rest enabled action used by the old cluster test trips an assertion. see https://github.com/elastic/x-pack/pull/4443"
-  - do:
-      headers:
-        Authorization: "Basic bmF0aXZlX3VzZXI6eC1wYWNrLXRlc3QtcGFzc3dvcmQ="
-      cluster.health:
-        wait_for_status: green
-        wait_for_nodes: 2
-        # wait for long enough that we give delayed unassigned shards to stop being delayed
-        timeout: 70s
-  - match: { timed_out: false }
-
-  - do:
-      get:
-        index: ".security"
-        type: "reserved-user"
-        id: "kibana"
-  - match: { _source.password: "" }
-  - match: { _source.enabled: false }
-
-  - do:
-      get:
-        index: ".security"
-        type: "reserved-user"
-        id: "logstash_system"
-  - match: { _source.password: "/^\\$2a\\$10\\$[a-zA-Z0-9/.]{53}$/" }
-  - match: { _source.enabled: true }

qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestMonitoringWithSecurityIT.java

@@ -71,6 +71,7 @@ public class SmokeTestMonitoringWithSecurityIT extends ESIntegTestCase {
         assertAcked(client().admin().cluster().prepareUpdateSettings().setTransientSettings(exporterSettings));
     }
 
+    @AwaitsFix(bugUrl = "https://github.com/elastic/x-pack-elasticsearch/issues/2077")
     public void testHTTPExporterWithSSL() throws Exception {
         // Checks that the monitoring index templates have been installed
         assertBusy(() -> {