From 7ed4ea56b21fab4ed51ac5ae18534ccb22456c35 Mon Sep 17 00:00:00 2001 From: Robert Muir Date: Tue, 24 Nov 2015 23:19:04 -0500 Subject: [PATCH] re-enable smoke-test-plugins with ssl Note, its a bit crazy/hackish, but it works. Original commit: elastic/x-pack-elasticsearch@377113c1c209bd9edbd9d8ad9f4da977525810cb --- qa/smoke-test-plugins-ssl/build.gradle | 88 ++++++++++++++++++ .../integration-tests.xml | 90 ------------------- .../smoketest/SmokeTestPluginsSslIT.java | 3 + .../test/smoke_test_plugins_ssl/10_basic.yaml | 6 +- 4 files changed, 94 insertions(+), 93 deletions(-) create mode 100644 qa/smoke-test-plugins-ssl/build.gradle delete mode 100644 qa/smoke-test-plugins-ssl/integration-tests.xml rename qa/smoke-test-plugins-ssl/{ => src/test/resources}/rest-api-spec/test/smoke_test_plugins_ssl/10_basic.yaml (60%) diff --git a/qa/smoke-test-plugins-ssl/build.gradle b/qa/smoke-test-plugins-ssl/build.gradle new file mode 100644 index 00000000000..1d4728c4be3 --- /dev/null +++ b/qa/smoke-test-plugins-ssl/build.gradle @@ -0,0 +1,88 @@ +apply plugin: 'elasticsearch.rest-test' + +dependencies { + testCompile project(path: ':x-plugins:shield', configuration: 'runtime') +} + +// ssl setup, it reuses the ssl-setup.xml from ant, for now. + +// location of target keystore +File keystore = new File(project.buildDir, 'keystore/test-node.jks') + +// we touch keystore because otherwise it fails, extraConfigFile does not exist +// this tricks some broken compile-time check into just moving along: we nuke this stuff before we actually generate +keystore.parentFile.mkdirs() +keystore.createNewFile() + +// add keystore to test classpath: it expects it there +sourceSets.test.resources.srcDir(keystore.parentFile) + +configurations { + antcontrib { + description = 'ant-contrib' + transitive = false + } +} + +dependencies { + antcontrib "ant-contrib:ant-contrib:1.0b3" +} + +// this loop must be outside of a configuration closure, otherwise it may get executed multiple times +for (Project subproj : project.rootProject.subprojects) { + if (subproj.path.startsWith(':plugins:')) { + // need to get a non-decorated project object, so must re-lookup the project by path + integTest.clusterConfig.plugin(subproj.name, project(subproj.path)) + } +} + +// we should be able to taskdef, but gradle has *the worst* classloader management +// so just do a hack, jam ant-contrib directly into gradle's ant's classloader +ClassLoader antClassLoader = org.apache.tools.ant.Project.class.classLoader +configurations.antcontrib.each { File f -> + antClassLoader.addURL(f.toURI().toURL()) +} + +// suck in ssl-setup.xml, defining matching tasks in gradle +ant.property(name: 'integ.scratch', location: project.buildDir) +ant.property(name: 'keystore.path', keystore) +ant.importBuild 'ssl-setup.xml' + +// clean all intermediate/keystore files before regenerating it +task cleanKeystore(type: Delete) { + delete new File(project.buildDir, 'keystore'), + new File(project.buildDir, 'cert'), + new File(project.buildDir, 'ca') +} + +// wipe and regenerate keystore so its available as a test dep +processTestResources.dependsOn('cleanKeystore') +processTestResources.dependsOn('generate-keystore') + +integTest { + cluster { + // TODO: use some variable here for port number + systemProperty 'es.marvel.agent.exporter.es.hosts', 'https://marvel_export:changeme@localhost:9400' + systemProperty 'es.marvel.agent.exporter.es.ssl.truststore.path', 'test-node.jks' + systemProperty 'es.marvel.agent.exporter.es.ssl.truststore.password', 'keypass' + systemProperty 'es.shield.transport.ssl', 'true' + systemProperty 'es.shield.http.ssl', 'true' + systemProperty 'es.shield.ssl.keystore.path', 'test-node.jks' + systemProperty 'es.shield.ssl.keystore.password', 'keypass' + plugin 'licence', project(':x-plugins:license:plugin') + plugin 'shield', project(':x-plugins:shield') + plugin 'watcher', project(':x-plugins:watcher') + plugin 'marvel-agent', project(':x-plugins:marvel') + + // copy keystore into config/ + extraConfigFile 'test-node.jks', keystore + setupCommand 'setupTestUser', + 'bin/shield/esusers', 'useradd', 'test_user', '-p', 'changeme', '-r', 'admin' + setupCommand 'setupMarvelUser', + 'bin/shield/esusers', 'useradd', 'marvel_export', '-p', 'changeme', '-r', 'marvel_agent' + waitCondition = { node, ant -> + // we just return true, doing an https check is tricky here + return true + } + } +} diff --git a/qa/smoke-test-plugins-ssl/integration-tests.xml b/qa/smoke-test-plugins-ssl/integration-tests.xml deleted file mode 100644 index a23691500ec..00000000000 --- a/qa/smoke-test-plugins-ssl/integration-tests.xml +++ /dev/null @@ -1,90 +0,0 @@ - - - - - - - - - - - - - Waiting for elasticsearch to become available on port @{port}... - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Setting up Shield auth - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Checking we can connect with basic auth on port ${integ.http.port}... - - - - - - diff --git a/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestPluginsSslIT.java b/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestPluginsSslIT.java index 65ad838e67e..f33264fb239 100644 --- a/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestPluginsSslIT.java +++ b/qa/smoke-test-plugins-ssl/src/test/java/org/elasticsearch/smoketest/SmokeTestPluginsSslIT.java @@ -11,11 +11,14 @@ import java.io.IOException; import java.net.URISyntaxException; import java.nio.file.Files; import java.nio.file.Path; +import java.util.Collection; +import java.util.Collections; import org.elasticsearch.ElasticsearchException; import org.elasticsearch.client.support.Headers; import org.elasticsearch.common.io.PathUtils; import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.plugins.Plugin; import org.elasticsearch.shield.ShieldPlugin; import org.elasticsearch.shield.authc.support.SecuredString; import org.elasticsearch.test.rest.ESRestTestCase; diff --git a/qa/smoke-test-plugins-ssl/rest-api-spec/test/smoke_test_plugins_ssl/10_basic.yaml b/qa/smoke-test-plugins-ssl/src/test/resources/rest-api-spec/test/smoke_test_plugins_ssl/10_basic.yaml similarity index 60% rename from qa/smoke-test-plugins-ssl/rest-api-spec/test/smoke_test_plugins_ssl/10_basic.yaml rename to qa/smoke-test-plugins-ssl/src/test/resources/rest-api-spec/test/smoke_test_plugins_ssl/10_basic.yaml index c1454200368..6ae125ab28b 100644 --- a/qa/smoke-test-plugins-ssl/rest-api-spec/test/smoke_test_plugins_ssl/10_basic.yaml +++ b/qa/smoke-test-plugins-ssl/src/test/resources/rest-api-spec/test/smoke_test_plugins_ssl/10_basic.yaml @@ -11,6 +11,6 @@ nodes.info: {} - match: { nodes.$master.plugins.15.name: license } - - match: { nodes.$master.plugins.18.name: marvel-agent } - - match: { nodes.$master.plugins.21.name: shield } - - match: { nodes.$master.plugins.24.name: watcher } + - match: { nodes.$master.plugins.19.name: marvel-agent } + - match: { nodes.$master.plugins.22.name: shield } + - match: { nodes.$master.plugins.25.name: watcher }