diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/SecurityClusterClientYamlTestCase.java b/plugin/src/test/java/org/elasticsearch/xpack/security/SecurityClusterClientYamlTestCase.java new file mode 100644 index 00000000000..92096474e76 --- /dev/null +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/SecurityClusterClientYamlTestCase.java @@ -0,0 +1,81 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ +package org.elasticsearch.xpack.security; + +import org.apache.http.HttpEntity; +import org.apache.http.util.EntityUtils; +import org.elasticsearch.client.Response; +import org.elasticsearch.test.rest.yaml.ClientYamlTestCandidate; +import org.elasticsearch.test.rest.yaml.ESClientYamlSuiteTestCase; +import org.elasticsearch.test.rest.yaml.ObjectPath; +import org.junit.Before; + +import java.nio.charset.StandardCharsets; +import java.util.Map; + +import static org.elasticsearch.xpack.security.SecurityLifecycleService.SECURITY_TEMPLATE_NAME; +import static org.hamcrest.Matchers.greaterThanOrEqualTo; + +/** + * A base {@link ESClientYamlSuiteTestCase} test class for the security module, + * which depends on security template and mappings being up to date before any writes + * to the {@code .security} index can take place. + */ +public abstract class SecurityClusterClientYamlTestCase extends ESClientYamlSuiteTestCase { + + public SecurityClusterClientYamlTestCase(ClientYamlTestCandidate testCandidate) { + super(testCandidate); + } + + @Before + public void waitForSecuritySetup() throws Exception { + String masterNode = null; + HttpEntity entity = client().performRequest("GET", "/_cat/nodes?h=id,master").getEntity(); + String catNodesResponse = EntityUtils.toString(entity, StandardCharsets.UTF_8); + for (String line : catNodesResponse.split("\n")) { + int indexOfStar = line.indexOf('*'); // * in the node's output denotes it is master + if (indexOfStar != -1) { + masterNode = line.substring(0, indexOfStar).trim(); + break; + } + } + assertNotNull(masterNode); + final String masterNodeId = masterNode; + + assertBusy(() -> { + try { + Response nodeDetailsResponse = client().performRequest("GET", "/_nodes"); + ObjectPath path = ObjectPath.createFromResponse(nodeDetailsResponse); + Map nodes = path.evaluate("nodes"); + String masterVersion = null; + for (String key : nodes.keySet()) { + // get the ES version number master is on + if (key.startsWith(masterNodeId)) { + masterVersion = path.evaluate("nodes." + key + ".version"); + break; + } + } + assertNotNull(masterVersion); + final String masterTemplateVersion = masterVersion; + + Response response = client().performRequest("GET", "/_cluster/state/metadata"); + ObjectPath objectPath = ObjectPath.createFromResponse(response); + String mappingsPath = "metadata.templates." + SECURITY_TEMPLATE_NAME + ".mappings"; + Map mappings = objectPath.evaluate(mappingsPath); + assertNotNull(mappings); + assertThat(mappings.size(), greaterThanOrEqualTo(1)); + for (String key : mappings.keySet()) { + String templatePath = mappingsPath + "." + key + "._meta.security-version"; + String templateVersion = objectPath.evaluate(templatePath); + assertEquals(masterTemplateVersion, templateVersion); + } + } catch (Exception e) { + throw new AssertionError("failed to get cluster state", e); + } + }); + } + +} diff --git a/qa/rolling-upgrade/build.gradle b/qa/rolling-upgrade/build.gradle index 47f28043b01..880291898b1 100644 --- a/qa/rolling-upgrade/build.gradle +++ b/qa/rolling-upgrade/build.gradle @@ -124,6 +124,7 @@ check.dependsOn(integTest) dependencies { testCompile project(path: ':x-pack-elasticsearch:plugin', configuration: 'runtime') + testCompile project(path: ':x-pack-elasticsearch:plugin', configuration: 'testArtifacts') } // copy x-pack plugin info so it is on the classpath and security manager has the right permissions diff --git a/qa/rolling-upgrade/src/test/java/org/elasticsearch/upgrades/UpgradeClusterClientYamlTestSuiteIT.java b/qa/rolling-upgrade/src/test/java/org/elasticsearch/upgrades/UpgradeClusterClientYamlTestSuiteIT.java index b2b0f94373e..38311ae5657 100644 --- a/qa/rolling-upgrade/src/test/java/org/elasticsearch/upgrades/UpgradeClusterClientYamlTestSuiteIT.java +++ b/qa/rolling-upgrade/src/test/java/org/elasticsearch/upgrades/UpgradeClusterClientYamlTestSuiteIT.java @@ -7,75 +7,18 @@ package org.elasticsearch.upgrades; import com.carrotsearch.randomizedtesting.annotations.ParametersFactory; import com.carrotsearch.randomizedtesting.annotations.TimeoutSuite; -import org.apache.http.util.EntityUtils; import org.apache.lucene.util.TimeUnits; -import org.elasticsearch.client.Response; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.test.rest.yaml.ClientYamlTestCandidate; -import org.elasticsearch.test.rest.yaml.ESClientYamlSuiteTestCase; -import org.elasticsearch.test.rest.yaml.ObjectPath; -import org.junit.Before; +import org.elasticsearch.xpack.security.SecurityClusterClientYamlTestCase; import java.io.IOException; import java.nio.charset.StandardCharsets; import java.util.Base64; -import java.util.Map; - -import static org.elasticsearch.xpack.security.SecurityLifecycleService.SECURITY_TEMPLATE_NAME; -import static org.hamcrest.Matchers.greaterThanOrEqualTo; @TimeoutSuite(millis = 5 * TimeUnits.MINUTE) // to account for slow as hell VMs -public class UpgradeClusterClientYamlTestSuiteIT extends ESClientYamlSuiteTestCase { - - @Before - public void waitForSecuritySetup() throws Exception { - String masterNode = null; - String catNodesResponse = EntityUtils.toString( - client().performRequest("GET", "/_cat/nodes?h=id,master").getEntity(), StandardCharsets.UTF_8 - ); - for (String line : catNodesResponse.split("\n")) { - int indexOfStar = line.indexOf('*'); // * in the node's output denotes it is master - if (indexOfStar != -1) { - masterNode = line.substring(0, indexOfStar).trim(); - break; - } - } - assertNotNull(masterNode); - final String masterNodeId = masterNode; - - assertBusy(() -> { - try { - Response nodeDetailsResponse = client().performRequest("GET", "/_nodes"); - ObjectPath path = ObjectPath.createFromResponse(nodeDetailsResponse); - Map nodes = path.evaluate("nodes"); - assertThat(nodes.size(), greaterThanOrEqualTo(2)); - String masterVersion = null; - for (String key : nodes.keySet()) { - // get the ES version number master is on - if (key.startsWith(masterNodeId)) { - masterVersion = path.evaluate("nodes." + key + ".version"); - break; - } - } - assertNotNull(masterVersion); - final String masterTemplateVersion = masterVersion; - - Response response = client().performRequest("GET", "/_cluster/state/metadata"); - ObjectPath objectPath = ObjectPath.createFromResponse(response); - final String mappingsPath = "metadata.templates." + SECURITY_TEMPLATE_NAME + ".mappings"; - Map mappings = objectPath.evaluate(mappingsPath); - assertNotNull(mappings); - assertThat(mappings.size(), greaterThanOrEqualTo(1)); - for (String key : mappings.keySet()) { - String templateVersion = objectPath.evaluate(mappingsPath + "." + key + "._meta.security-version"); - assertEquals(masterTemplateVersion, templateVersion); - } - } catch (Exception e) { - throw new AssertionError("failed to get cluster state", e); - } - }); - } +public class UpgradeClusterClientYamlTestSuiteIT extends SecurityClusterClientYamlTestCase { @Override protected boolean preserveIndicesUponCompletion() { diff --git a/qa/smoke-test-security-with-mustache/build.gradle b/qa/smoke-test-security-with-mustache/build.gradle index 770fd426f9e..c7c441bf277 100644 --- a/qa/smoke-test-security-with-mustache/build.gradle +++ b/qa/smoke-test-security-with-mustache/build.gradle @@ -3,6 +3,7 @@ apply plugin: 'elasticsearch.rest-test' dependencies { testCompile project(path: ':x-pack-elasticsearch:plugin', configuration: 'runtime') + testCompile project(path: ':x-pack-elasticsearch:plugin', configuration: 'testArtifacts') testCompile project(path: ':modules:lang-mustache', configuration: 'runtime') } diff --git a/qa/smoke-test-security-with-mustache/src/test/java/org/elasticsearch/smoketest/SmokeTestSecurityWithMustacheClientYamlTestSuiteIT.java b/qa/smoke-test-security-with-mustache/src/test/java/org/elasticsearch/smoketest/SmokeTestSecurityWithMustacheClientYamlTestSuiteIT.java index ac353dc852d..91400eeb926 100644 --- a/qa/smoke-test-security-with-mustache/src/test/java/org/elasticsearch/smoketest/SmokeTestSecurityWithMustacheClientYamlTestSuiteIT.java +++ b/qa/smoke-test-security-with-mustache/src/test/java/org/elasticsearch/smoketest/SmokeTestSecurityWithMustacheClientYamlTestSuiteIT.java @@ -12,13 +12,14 @@ import org.elasticsearch.common.settings.Settings; import org.elasticsearch.common.util.concurrent.ThreadContext; import org.elasticsearch.test.rest.yaml.ClientYamlTestCandidate; import org.elasticsearch.test.rest.yaml.ESClientYamlSuiteTestCase; +import org.elasticsearch.xpack.security.SecurityClusterClientYamlTestCase; import org.elasticsearch.xpack.security.authc.support.SecuredString; import java.io.IOException; import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken.basicAuthHeaderValue; -public class SmokeTestSecurityWithMustacheClientYamlTestSuiteIT extends ESClientYamlSuiteTestCase { +public class SmokeTestSecurityWithMustacheClientYamlTestSuiteIT extends SecurityClusterClientYamlTestCase { private static final String BASIC_AUTH_VALUE = basicAuthHeaderValue("test_admin", new SecuredString("changeme".toCharArray()));