Setup password tool builds default URL from settings (elastic/x-pack-elasticsearch#2146)
This change makes the setup password tool build the default URL from the settings provided by the environment. This will ease the amount of work a user would have to do in order to run the tool as http vs https will be selected automatically and the port/host will as well. Original commit: elastic/x-pack-elasticsearch@79affe4a79
This commit is contained in:
parent
45a55d16cf
commit
a35234de56
|
@ -7,12 +7,17 @@ package org.elasticsearch.xpack.security.authc.esnative.tool;
|
||||||
|
|
||||||
import org.bouncycastle.util.io.Streams;
|
import org.bouncycastle.util.io.Streams;
|
||||||
import org.elasticsearch.common.Nullable;
|
import org.elasticsearch.common.Nullable;
|
||||||
|
import org.elasticsearch.common.Strings;
|
||||||
import org.elasticsearch.common.SuppressForbidden;
|
import org.elasticsearch.common.SuppressForbidden;
|
||||||
import org.elasticsearch.common.lease.Releasables;
|
import org.elasticsearch.common.lease.Releasables;
|
||||||
|
import org.elasticsearch.common.network.NetworkService;
|
||||||
import org.elasticsearch.common.settings.SecureString;
|
import org.elasticsearch.common.settings.SecureString;
|
||||||
import org.elasticsearch.common.settings.Settings;
|
import org.elasticsearch.common.settings.Settings;
|
||||||
|
import org.elasticsearch.common.transport.PortsRange;
|
||||||
import org.elasticsearch.common.xcontent.XContentType;
|
import org.elasticsearch.common.xcontent.XContentType;
|
||||||
import org.elasticsearch.env.Environment;
|
import org.elasticsearch.env.Environment;
|
||||||
|
import org.elasticsearch.http.HttpTransportSettings;
|
||||||
|
import org.elasticsearch.xpack.XPackSettings;
|
||||||
import org.elasticsearch.xpack.common.socket.SocketAccess;
|
import org.elasticsearch.xpack.common.socket.SocketAccess;
|
||||||
import org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken;
|
import org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken;
|
||||||
import org.elasticsearch.xpack.ssl.SSLService;
|
import org.elasticsearch.xpack.ssl.SSLService;
|
||||||
|
@ -27,7 +32,10 @@ import java.net.URL;
|
||||||
import java.nio.charset.StandardCharsets;
|
import java.nio.charset.StandardCharsets;
|
||||||
import java.security.AccessController;
|
import java.security.AccessController;
|
||||||
import java.security.PrivilegedAction;
|
import java.security.PrivilegedAction;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
import static org.elasticsearch.http.HttpTransportSettings.SETTING_HTTP_PUBLISH_HOST;
|
||||||
|
import static org.elasticsearch.http.HttpTransportSettings.SETTING_HTTP_PUBLISH_PORT;
|
||||||
import static org.elasticsearch.xpack.security.Security.setting;
|
import static org.elasticsearch.xpack.security.Security.setting;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -94,4 +102,13 @@ public class CommandLineHttpClient {
|
||||||
conn.disconnect();
|
conn.disconnect();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String getDefaultURL() {
|
||||||
|
final String scheme = XPackSettings.HTTP_SSL_ENABLED.get(settings) ? "https" : "http";
|
||||||
|
List<String> httpPublishHost = SETTING_HTTP_PUBLISH_HOST.get(settings);
|
||||||
|
final String host =
|
||||||
|
(httpPublishHost.isEmpty() ? NetworkService.GLOBAL_NETWORK_PUBLISHHOST_SETTING.get(settings) : httpPublishHost).get(0);
|
||||||
|
final int port = SETTING_HTTP_PUBLISH_PORT.get(settings);
|
||||||
|
return scheme + "://" + host + ":" + port;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -187,7 +187,7 @@ public class SetupPasswordTool extends MultiCommand {
|
||||||
client = clientFunction.apply(env);
|
client = clientFunction.apply(env);
|
||||||
KeyStoreWrapper keyStore = keyStoreFunction.apply(env);
|
KeyStoreWrapper keyStore = keyStoreFunction.apply(env);
|
||||||
String providedUrl = urlOption.value(options);
|
String providedUrl = urlOption.value(options);
|
||||||
url = providedUrl == null ? "http://localhost:9200" : providedUrl;
|
url = providedUrl == null ? client.getDefaultURL() : providedUrl;
|
||||||
setShouldPrompt(options);
|
setShouldPrompt(options);
|
||||||
|
|
||||||
// TODO: We currently do not support keystore passwords
|
// TODO: We currently do not support keystore passwords
|
||||||
|
|
|
@ -53,6 +53,7 @@ public class SetupPasswordToolTests extends CommandTestCase {
|
||||||
this.keyStore = mock(KeyStoreWrapper.class);
|
this.keyStore = mock(KeyStoreWrapper.class);
|
||||||
this.httpClient = mock(CommandLineHttpClient.class);
|
this.httpClient = mock(CommandLineHttpClient.class);
|
||||||
when(keyStore.getString(ReservedRealm.BOOTSTRAP_ELASTIC_PASSWORD.getKey())).thenReturn(bootstrapPassword);
|
when(keyStore.getString(ReservedRealm.BOOTSTRAP_ELASTIC_PASSWORD.getKey())).thenReturn(bootstrapPassword);
|
||||||
|
when(httpClient.getDefaultURL()).thenReturn("http://localhost:9200");
|
||||||
|
|
||||||
terminal.addSecretInput(ep);
|
terminal.addSecretInput(ep);
|
||||||
terminal.addSecretInput(ep);
|
terminal.addSecretInput(ep);
|
||||||
|
|
Loading…
Reference in New Issue