Watcher: Run tests without security enabled (elastic/x-pack-elasticsearch#3060)

In order to support the repository split, this changes the
`AbstractWatcherIntegrationTestCase` to not run with security enabled.

We have a dedicated QA project called `smoke-test-watcher-with-security`,
where tests that explicitely need security should be running.

This commit removes the possibility to enable security as part of the
test case. In addition some tests have been moved over to the dedicated
project.

In addition the `timewarp` functionality cannot be configured with a
system property anymore. This would not have worked anyway, because
tests were already dependent on that  functionality and did not have any
other means of running. A bit of redundant code was removed due to this.

Relates elastic/x-pack-elasticsearch#2925

Original commit: elastic/x-pack-elasticsearch@b24b365ad1
This commit is contained in:
Alexander Reelsen 2017-11-28 13:11:49 +01:00 committed by GitHub
parent 3e52e0ba48
commit cdb85d8317
32 changed files with 96 additions and 715 deletions

View File

@ -21,10 +21,6 @@ import static org.elasticsearch.xpack.watcher.trigger.schedule.Schedules.interva
import static org.hamcrest.Matchers.is;
public class ActionErrorIntegrationTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true; // to have control over the execution
}
/**
* This test makes sure that when an action encounters an error it should

View File

@ -35,16 +35,6 @@ import static org.hamcrest.Matchers.is;
"org.elasticsearch.xpack.watcher.WatcherIndexingListener:TRACE")
public class TimeThrottleIntegrationTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true;
}
@Override
protected boolean enableSecurity() {
return true;
}
public void testTimeThrottle() throws Exception {
String id = randomAlphaOfLength(20);
PutWatchResponse putWatchResponse = watcherClient().preparePutWatch()
@ -73,7 +63,7 @@ public class TimeThrottleIntegrationTests extends AbstractWatcherIntegrationTest
public void testTimeThrottleDefaults() throws Exception {
String id = randomAlphaOfLength(30);
PutWatchResponse putWatchResponse = watcherClientWithWatcherUser().preparePutWatch()
PutWatchResponse putWatchResponse = watcherClient().preparePutWatch()
.setId(id)
.setSource(watchBuilder()
.trigger(schedule(interval("1s")))

View File

@ -168,7 +168,6 @@ public class EmailAttachmentTests extends AbstractWatcherIntegrationTestCase {
tmpBuilder.startObject();
emailAttachments.toXContent(tmpBuilder, ToXContent.EMPTY_PARAMS);
tmpBuilder.endObject();
logger.info("TMP BUILDER {}", tmpBuilder.string());
EmailTemplate.Builder emailBuilder = EmailTemplate.builder().from("_from").to("_to").subject("Subject");
WatchSourceBuilder watchSourceBuilder = watchBuilder()
@ -177,7 +176,6 @@ public class EmailAttachmentTests extends AbstractWatcherIntegrationTestCase {
.condition(AlwaysCondition.INSTANCE)
.addAction("_email", emailAction(emailBuilder).setAuthentication(EmailServer.USERNAME, EmailServer.PASSWORD.toCharArray())
.setAttachments(emailAttachments));
logger.info("TMP WATCHSOURCE {}", watchSourceBuilder.build().getBytes().utf8ToString());
watcherClient.preparePutWatch("_test_id")
.setSource(watchSourceBuilder)

View File

@ -9,18 +9,18 @@ import org.elasticsearch.ElasticsearchException;
import org.elasticsearch.common.unit.TimeValue;
import org.elasticsearch.common.xcontent.XContentFactory;
import org.elasticsearch.common.xcontent.XContentType;
import org.elasticsearch.xpack.watcher.common.http.HttpMethod;
import org.elasticsearch.xpack.watcher.common.http.HttpRequestTemplate;
import org.elasticsearch.xpack.watcher.common.text.TextTemplate;
import org.elasticsearch.xpack.watcher.notification.email.EmailTemplate;
import org.elasticsearch.xpack.watcher.actions.Action;
import org.elasticsearch.xpack.watcher.actions.email.EmailAction;
import org.elasticsearch.xpack.watcher.actions.index.IndexAction;
import org.elasticsearch.xpack.watcher.actions.logging.LoggingAction;
import org.elasticsearch.xpack.watcher.actions.webhook.WebhookAction;
import org.elasticsearch.xpack.watcher.client.WatchSourceBuilder;
import org.elasticsearch.xpack.watcher.common.http.HttpMethod;
import org.elasticsearch.xpack.watcher.common.http.HttpRequestTemplate;
import org.elasticsearch.xpack.watcher.common.text.TextTemplate;
import org.elasticsearch.xpack.watcher.execution.ActionExecutionMode;
import org.elasticsearch.xpack.watcher.execution.ExecutionState;
import org.elasticsearch.xpack.watcher.notification.email.EmailTemplate;
import org.elasticsearch.xpack.watcher.support.xcontent.ObjectPath;
import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import org.elasticsearch.xpack.watcher.transport.actions.execute.ExecuteWatchRequestBuilder;
@ -51,11 +51,6 @@ import static org.hamcrest.Matchers.equalTo;
public class ActionThrottleTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true;
}
public void testSingleActionAckThrottle() throws Exception {
WatchSourceBuilder watchSourceBuilder = watchBuilder()
.trigger(schedule(interval("60m")));
@ -185,9 +180,7 @@ public class ActionThrottleTests extends AbstractWatcherIntegrationTestCase {
watcherClient().putWatch(new PutWatchRequest("_id", watchSourceBuilder)).actionGet();
refresh(Watch.INDEX);
if (timeWarped()) {
timeWarp().clock().setTime(new DateTime(DateTimeZone.UTC));
}
timeWarp().clock().setTime(new DateTime(DateTimeZone.UTC));
ExecuteWatchResponse executeWatchResponse = watcherClient().prepareExecuteWatch("_id")
.setTriggerEvent(new ManualTriggerEvent("execute_id",
@ -199,9 +192,7 @@ public class ActionThrottleTests extends AbstractWatcherIntegrationTestCase {
String status = ObjectPath.eval("result.actions.0.status", executeWatchResponse.getRecordSource().getAsMap());
assertThat(status, equalTo("simulated"));
if (timeWarped()) {
timeWarp().clock().fastForwardSeconds(1);
}
timeWarp().clock().fastForwardSeconds(1);
executeWatchResponse = watcherClient().prepareExecuteWatch("_id")
.setTriggerEvent(new ManualTriggerEvent("execute_id",
@ -212,9 +203,7 @@ public class ActionThrottleTests extends AbstractWatcherIntegrationTestCase {
status = ObjectPath.eval("result.actions.0.status", executeWatchResponse.getRecordSource().getAsMap());
assertThat(status, equalTo("throttled"));
if (timeWarped()) {
timeWarp().clock().fastForwardSeconds(5);
}
timeWarp().clock().fastForwardSeconds(5);
assertBusy(() -> {
try {
@ -243,9 +232,7 @@ public class ActionThrottleTests extends AbstractWatcherIntegrationTestCase {
watcherClient().putWatch(new PutWatchRequest("_id", watchSourceBuilder)).actionGet();
refresh(Watch.INDEX);
if (timeWarped()) {
timeWarp().clock().setTime(new DateTime(DateTimeZone.UTC));
}
timeWarp().clock().setTime(new DateTime(DateTimeZone.UTC));
ExecuteWatchResponse executeWatchResponse = watcherClient().prepareExecuteWatch("_id")
.setTriggerEvent(new ManualTriggerEvent("execute_id",
@ -256,9 +243,7 @@ public class ActionThrottleTests extends AbstractWatcherIntegrationTestCase {
String status = ObjectPath.eval("result.actions.0.status", executeWatchResponse.getRecordSource().getAsMap());
assertThat(status, equalTo("simulated"));
if (timeWarped()) {
timeWarp().clock().fastForwardSeconds(1);
}
timeWarp().clock().fastForwardSeconds(1);
executeWatchResponse = watcherClient().prepareExecuteWatch("_id")
.setTriggerEvent(new ManualTriggerEvent("execute_id",
@ -269,9 +254,8 @@ public class ActionThrottleTests extends AbstractWatcherIntegrationTestCase {
status = ObjectPath.eval("result.actions.0.status", executeWatchResponse.getRecordSource().getAsMap());
assertThat(status, equalTo("throttled"));
if (timeWarped()) {
timeWarp().clock().fastForwardSeconds(20);
}
timeWarp().clock().fastForwardSeconds(20);
assertBusy(() -> {
try {
//Since the default throttle period is 5 seconds but we have overridden the period in the watch this should trigger

View File

@ -11,13 +11,13 @@ import org.elasticsearch.env.Environment;
import org.elasticsearch.index.query.QueryBuilders;
import org.elasticsearch.test.http.MockResponse;
import org.elasticsearch.test.http.MockWebServer;
import org.elasticsearch.xpack.ssl.TestsSSLService;
import org.elasticsearch.xpack.watcher.actions.ActionBuilders;
import org.elasticsearch.xpack.watcher.common.http.HttpMethod;
import org.elasticsearch.xpack.watcher.common.http.HttpRequestTemplate;
import org.elasticsearch.xpack.watcher.common.http.Scheme;
import org.elasticsearch.xpack.watcher.common.http.auth.basic.BasicAuth;
import org.elasticsearch.xpack.watcher.common.text.TextTemplate;
import org.elasticsearch.xpack.ssl.TestsSSLService;
import org.elasticsearch.xpack.watcher.actions.ActionBuilders;
import org.elasticsearch.xpack.watcher.condition.AlwaysCondition;
import org.elasticsearch.xpack.watcher.history.WatchRecord;
import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource;
@ -81,10 +81,8 @@ public class WebhookHttpsIntegrationTests extends AbstractWatcherIntegrationTest
.addAction("_id", ActionBuilders.webhookAction(builder)))
.get();
if (timeWarped()) {
timeWarp().trigger("_id");
refresh();
}
timeWarp().trigger("_id");
refresh();
assertWatchWithMinimumPerformedActionsCount("_id", 1, false);
assertThat(webServer.requests(), hasSize(1));
@ -122,10 +120,8 @@ public class WebhookHttpsIntegrationTests extends AbstractWatcherIntegrationTest
.addAction("_id", ActionBuilders.webhookAction(builder)))
.get();
if (timeWarped()) {
timeWarp().trigger("_id");
refresh();
}
timeWarp().trigger("_id");
refresh();
assertWatchWithMinimumPerformedActionsCount("_id", 1, false);
assertThat(webServer.requests(), hasSize(1));

View File

@ -11,14 +11,15 @@ import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.http.HttpServerTransport;
import org.elasticsearch.index.query.QueryBuilders;
import org.elasticsearch.test.SecuritySettingsSource;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.test.http.MockResponse;
import org.elasticsearch.test.http.MockWebServer;
import org.elasticsearch.transport.Netty4Plugin;
import org.elasticsearch.xpack.watcher.actions.ActionBuilders;
import org.elasticsearch.xpack.watcher.common.http.HttpMethod;
import org.elasticsearch.xpack.watcher.common.http.HttpRequestTemplate;
import org.elasticsearch.xpack.watcher.common.http.auth.basic.BasicAuth;
import org.elasticsearch.xpack.watcher.common.text.TextTemplate;
import org.elasticsearch.xpack.watcher.actions.ActionBuilders;
import org.elasticsearch.xpack.watcher.condition.AlwaysCondition;
import org.elasticsearch.xpack.watcher.history.WatchRecord;
import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource;
@ -26,6 +27,9 @@ import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import org.junit.After;
import org.junit.Before;
import java.util.ArrayList;
import java.util.Collection;
import static org.elasticsearch.test.hamcrest.ElasticsearchAssertions.assertAcked;
import static org.elasticsearch.test.hamcrest.ElasticsearchAssertions.assertExists;
import static org.elasticsearch.test.hamcrest.ElasticsearchAssertions.assertNoFailures;
@ -50,8 +54,10 @@ public class WebhookIntegrationTests extends AbstractWatcherIntegrationTestCase
}
@Override
protected boolean enableSecurity() {
return true;
protected Collection<Class<? extends Plugin>> nodePlugins() {
ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
plugins.add(Netty4Plugin.class); // for http
return plugins;
}
@Before
@ -71,6 +77,7 @@ public class WebhookIntegrationTests extends AbstractWatcherIntegrationTestCase
.putParam("param1", new TextTemplate("value1"))
.putParam("watch_id", new TextTemplate("_id"))
.body(new TextTemplate("_body"))
.auth(new BasicAuth("user", "pass".toCharArray()))
.method(HttpMethod.POST);
watcherClient().preparePutWatch("_id")
@ -81,10 +88,8 @@ public class WebhookIntegrationTests extends AbstractWatcherIntegrationTestCase
.addAction("_id", ActionBuilders.webhookAction(builder)))
.get();
if (timeWarped()) {
timeWarp().trigger("_id");
refresh();
}
timeWarp().trigger("_id");
refresh();
assertWatchWithMinimumPerformedActionsCount("_id", 1, false);
assertThat(webServer.requests(), hasSize(1));
@ -123,10 +128,8 @@ public class WebhookIntegrationTests extends AbstractWatcherIntegrationTestCase
.addAction("_id", ActionBuilders.webhookAction(builder)))
.get();
if (timeWarped()) {
timeWarp().trigger("_id");
refresh();
}
timeWarp().trigger("_id");
refresh();
assertWatchWithMinimumPerformedActionsCount("_id", 1, false);
@ -147,7 +150,6 @@ public class WebhookIntegrationTests extends AbstractWatcherIntegrationTestCase
HttpRequestTemplate.Builder builder = HttpRequestTemplate.builder(host, publishAddress.getPort())
.path(new TextTemplate("/%3Clogstash-%7Bnow%2Fd%7D%3E/log/1"))
.body(new TextTemplate("{\"foo\":\"bar\"}"))
.auth(new BasicAuth("test", SecuritySettingsSource.TEST_PASSWORD.toCharArray()))
.putHeader("Content-Type", new TextTemplate("application/json"))
.method(HttpMethod.PUT);

View File

@ -31,11 +31,6 @@ import static org.mockito.Mockito.when;
public class CompareConditionSearchTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean enableSecurity() {
return true;
}
public void testExecuteWithAggs() throws Exception {
client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:00").get();
client().prepareIndex("my-index", "my-type").setSource("@timestamp", "2005-01-01T00:10").get();

View File

@ -81,16 +81,6 @@ public class HistoryActionConditionTests extends AbstractWatcherIntegrationTestC
}
@Override
protected boolean timeWarped() {
return true; // just to have better control over the triggers
}
@Override
protected boolean enableSecurity() {
return false; // remove security noise from this test
}
/**
* A hard failure is where an exception is thrown by the script condition.
*/

View File

@ -10,10 +10,10 @@ import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.search.aggregations.Aggregations;
import org.elasticsearch.search.aggregations.bucket.terms.Terms;
import org.elasticsearch.test.junit.annotations.TestLogging;
import org.elasticsearch.xpack.watcher.notification.email.EmailTemplate;
import org.elasticsearch.xpack.watcher.notification.email.support.EmailServer;
import org.elasticsearch.xpack.watcher.condition.AlwaysCondition;
import org.elasticsearch.xpack.watcher.execution.ExecutionState;
import org.elasticsearch.xpack.watcher.notification.email.EmailTemplate;
import org.elasticsearch.xpack.watcher.notification.email.support.EmailServer;
import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import org.elasticsearch.xpack.watcher.transport.actions.put.PutWatchResponse;
import org.junit.After;
@ -49,11 +49,6 @@ public class HistoryTemplateEmailMappingsTests extends AbstractWatcherIntegratio
server.stop();
}
@Override
protected boolean timeWarped() {
return true;
}
@Override
protected Settings nodeSettings(int nodeOrdinal) {
return Settings.builder()

View File

@ -63,16 +63,6 @@ public class HistoryTemplateHttpMappingsTests extends AbstractWatcherIntegration
webServer.close();
}
@Override
protected boolean timeWarped() {
return true; // just to have better control over the triggers
}
@Override
protected boolean enableSecurity() {
return false; // remove security noise from this test
}
public void testHttpFields() throws Exception {
PutWatchResponse putWatchResponse = watcherClient().preparePutWatch("_id").setSource(watchBuilder()
.trigger(schedule(interval("5s")))
@ -84,7 +74,6 @@ public class HistoryTemplateHttpMappingsTests extends AbstractWatcherIntegration
.body("_body"))))
.get();
// one for the input, one for the webhook
webServer.enqueue(new MockResponse().setResponseCode(200).setBody("{}"));
webServer.enqueue(new MockResponse().setResponseCode(200).setBody("{}"));

View File

@ -26,15 +26,6 @@ import static org.hamcrest.Matchers.notNullValue;
* not analyzed so they can be used in aggregations
*/
public class HistoryTemplateIndexActionMappingsTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true; // just to have better control over the triggers
}
@Override
protected boolean enableSecurity() {
return false; // remove security noise from this test
}
public void testIndexActionFields() throws Exception {
String index = "the-index";

View File

@ -32,16 +32,6 @@ import static org.hamcrest.Matchers.notNullValue;
*/
public class HistoryTemplateSearchInputMappingsTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true; // just to have better control over the triggers
}
@Override
protected boolean enableSecurity() {
return false; // remove security noise from this test
}
public void testHttpFields() throws Exception {
String index = "the-index";
String type = "the-type";

View File

@ -15,7 +15,6 @@ import org.elasticsearch.xpack.watcher.execution.ExecutionState;
import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import org.elasticsearch.xpack.watcher.transport.actions.put.PutWatchResponse;
import java.io.IOException;
import java.util.Map;
import static org.elasticsearch.common.xcontent.support.XContentMapValues.extractValue;
@ -31,15 +30,6 @@ import static org.hamcrest.Matchers.notNullValue;
* This test makes sure that the different time fields in the watch_record are mapped as date types
*/
public class HistoryTemplateTimeMappingsTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true; // just to have better control over the triggers
}
@Override
protected boolean enableSecurity() {
return false; // remove security noise from this test
}
public void testTimeFields() throws Exception {
PutWatchResponse putWatchResponse = watcherClient().preparePutWatch("_id").setSource(watchBuilder()

View File

@ -11,17 +11,14 @@ import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.xcontent.XContentType;
import org.elasticsearch.index.IndexNotFoundException;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.test.SecuritySettingsSource;
import org.elasticsearch.transport.Netty4Plugin;
import org.elasticsearch.xpack.watcher.common.http.HttpRequestTemplate;
import org.elasticsearch.xpack.watcher.common.http.auth.basic.BasicAuth;
import org.elasticsearch.xpack.watcher.input.http.HttpInput;
import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import java.net.InetSocketAddress;
import java.util.ArrayList;
import java.util.Collection;
import java.util.concurrent.TimeUnit;
import static org.elasticsearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE;
import static org.elasticsearch.common.xcontent.XContentFactory.jsonBuilder;
@ -60,9 +57,8 @@ public class ChainIntegrationTests extends AbstractWatcherIntegrationTestCase {
InetSocketAddress address = internalCluster().httpAddresses()[0];
HttpInput.Builder httpInputBuilder = httpInput(HttpRequestTemplate.builder(address.getHostString(), address.getPort())
.path("/" + index + "/_search")
.body(jsonBuilder().startObject().field("size", 1).endObject().string())
.auth(securityEnabled() ? new BasicAuth("test", SecuritySettingsSource.TEST_PASSWORD.toCharArray()) : null));
.path("/" + index + "/_search")
.body(jsonBuilder().startObject().field("size", 1).endObject().string()));
ChainInput.Builder chainedInputBuilder = chainInput()
.add("first", simpleInput("url", "/" + index + "/_search"))
@ -75,12 +71,8 @@ public class ChainIntegrationTests extends AbstractWatcherIntegrationTestCase {
.addAction("indexAction", indexAction("my-index", "my-type")))
.get();
if (timeWarped()) {
timeWarp().trigger("_name");
refresh();
} else {
assertBusy(() -> assertWatchExecuted(), 9, TimeUnit.SECONDS);
}
timeWarp().trigger("_name");
refresh();
assertWatchWithMinimumPerformedActionsCount("_name", 1, false);
}

View File

@ -12,13 +12,11 @@ import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.xcontent.XContentBuilder;
import org.elasticsearch.common.xcontent.XContentType;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.test.SecuritySettingsSource;
import org.elasticsearch.test.junit.annotations.TestLogging;
import org.elasticsearch.transport.Netty4Plugin;
import org.elasticsearch.xpack.watcher.common.http.HttpRequestTemplate;
import org.elasticsearch.xpack.watcher.common.http.auth.basic.BasicAuth;
import org.elasticsearch.xpack.watcher.common.text.TextTemplate;
import org.elasticsearch.xpack.watcher.client.WatcherClient;
import org.elasticsearch.xpack.watcher.common.http.HttpRequestTemplate;
import org.elasticsearch.xpack.watcher.common.text.TextTemplate;
import org.elasticsearch.xpack.watcher.condition.CompareCondition;
import org.elasticsearch.xpack.watcher.history.HistoryStore;
import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource;
@ -54,11 +52,6 @@ public class HttpInputIntegrationTests extends AbstractWatcherIntegrationTestCas
.build();
}
@Override
protected boolean timeWarped() {
return true;
}
@Override
protected Collection<Class<? extends Plugin>> nodePlugins() {
ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
@ -77,9 +70,7 @@ public class HttpInputIntegrationTests extends AbstractWatcherIntegrationTestCas
.input(httpInput(HttpRequestTemplate.builder(address.getHostString(), address.getPort())
.path("/index/_search")
.body(jsonBuilder().startObject().field("size", 1).endObject().string())
.putHeader("Content-Type", new TextTemplate("application/json"))
.auth(securityEnabled() ? new BasicAuth("test", SecuritySettingsSource.TEST_PASSWORD.toCharArray())
: null)))
.putHeader("Content-Type", new TextTemplate("application/json"))))
.condition(new CompareCondition("ctx.payload.hits.total", CompareCondition.Op.EQ, 1L))
.addAction("_id", loggingAction("anything")))
.get();
@ -94,10 +85,7 @@ public class HttpInputIntegrationTests extends AbstractWatcherIntegrationTestCas
PutWatchResponse putWatchResponse = watcherClient().preparePutWatch("_name")
.setSource(watchBuilder()
.trigger(schedule(interval("1s")))
.input(httpInput(HttpRequestTemplate.builder(address.getHostString(), address.getPort())
.path("/_cluster/stats")
.auth(securityEnabled() ? new BasicAuth("test", SecuritySettingsSource.TEST_PASSWORD.toCharArray())
: null)))
.input(httpInput(HttpRequestTemplate.builder(address.getHostString(), address.getPort()).path("/_cluster/stats")))
.condition(new CompareCondition("ctx.payload.nodes.count.total", CompareCondition.Op.GTE, 1L))
.addAction("_id", loggingAction("anything")))
.get();
@ -122,9 +110,6 @@ public class HttpInputIntegrationTests extends AbstractWatcherIntegrationTestCas
HttpRequestTemplate.Builder requestBuilder = HttpRequestTemplate.builder(address.getHostString(), address.getPort())
.path(new TextTemplate("/idx/_search"))
.body(body.string());
if (securityEnabled()) {
requestBuilder.auth(new BasicAuth("test", SecuritySettingsSource.TEST_PASSWORD.toCharArray()));
}
watcherClient.preparePutWatch("_name1")
.setSource(watchBuilder()

View File

@ -1,149 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
package org.elasticsearch.xpack.watcher.security;
import org.elasticsearch.test.SecuritySettingsSource;
import org.elasticsearch.xpack.watcher.WatcherState;
import org.elasticsearch.xpack.watcher.client.WatcherClient;
import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import org.elasticsearch.xpack.watcher.transport.actions.delete.DeleteWatchResponse;
import org.elasticsearch.xpack.watcher.transport.actions.execute.ExecuteWatchResponse;
import org.elasticsearch.xpack.watcher.transport.actions.get.GetWatchResponse;
import org.elasticsearch.xpack.watcher.transport.actions.put.PutWatchResponse;
import org.elasticsearch.xpack.watcher.transport.actions.stats.WatcherStatsResponse;
import org.elasticsearch.xpack.watcher.trigger.TriggerEvent;
import org.elasticsearch.xpack.watcher.trigger.schedule.IntervalSchedule;
import org.elasticsearch.xpack.watcher.trigger.schedule.ScheduleTriggerEvent;
import org.joda.time.DateTime;
import java.util.Collections;
import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken
.BASIC_AUTH_HEADER;
import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken
.basicAuthHeaderValue;
import static org.elasticsearch.xpack.watcher.client.WatchSourceBuilders.watchBuilder;
import static org.elasticsearch.xpack.watcher.trigger.TriggerBuilders.schedule;
import static org.elasticsearch.xpack.watcher.trigger.schedule.Schedules.interval;
import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.core.Is.is;
import static org.joda.time.DateTimeZone.UTC;
public class BasicSecurityTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean enableSecurity() {
return true;
}
public void testNoAuthorization() throws Exception {
String basicAuth = basicAuthHeaderValue("transport_client", SecuritySettingsSource.TEST_PASSWORD_SECURE_STRING);
WatcherClient watcherClient = watcherClient().filterWithHeader(Collections.singletonMap(BASIC_AUTH_HEADER, basicAuth));
Exception e = expectThrows(Exception.class, () -> watcherClient.prepareWatcherStats().get());
assertThat(e.getMessage(),
equalTo("action [cluster:monitor/xpack/watcher/stats/dist] is unauthorized for user [transport_client]"));
}
public void testWatcherMonitorRole() throws Exception {
// stats and get watch apis require at least monitor role:
String token = basicAuthHeaderValue("test", SecuritySettingsSource.TEST_PASSWORD_SECURE_STRING);
try {
watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token)).prepareWatcherStats()
.get();
fail("authentication failure should have occurred");
} catch (Exception e) {
assertThat(e.getMessage(), equalTo("action [cluster:monitor/xpack/watcher/stats/dist] is unauthorized for user [test]"));
}
try {
watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token)).prepareGetWatch("_id")
.get();
fail("authentication failure should have occurred");
} catch (Exception e) {
assertThat(e.getMessage(), equalTo("action [cluster:monitor/xpack/watcher/watch/get] is unauthorized for user [test]"));
}
// stats and get watch are allowed by role monitor:
token = basicAuthHeaderValue("monitor", SecuritySettingsSource.TEST_PASSWORD_SECURE_STRING);
WatcherStatsResponse statsResponse = watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token))
.prepareWatcherStats().get();
boolean watcherStarted = statsResponse.getNodes().stream().anyMatch(node -> node.getWatcherState() == WatcherState.STARTED);
assertThat(watcherStarted, is(true));
GetWatchResponse getWatchResponse = watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token))
.prepareGetWatch("_id").get();
assertThat(getWatchResponse.isFound(), is(false));
// but put watch isn't allowed by monitor:
try {
watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token)).preparePutWatch("_id")
.setSource(watchBuilder().trigger(schedule(interval(5, IntervalSchedule.Interval.Unit.SECONDS))))
.get();
fail("authentication failure should have occurred");
} catch (Exception e) {
assertThat(e.getMessage(), equalTo("action [cluster:admin/xpack/watcher/watch/put] is unauthorized for user [monitor]"));
}
}
public void testWatcherAdminRole() throws Exception {
// put, execute and delete watch apis requires watcher admin role:
String token = basicAuthHeaderValue("test", SecuritySettingsSource.TEST_PASSWORD_SECURE_STRING);
try {
watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token)).preparePutWatch("_id")
.setSource(watchBuilder().trigger(schedule(interval(5, IntervalSchedule.Interval.Unit.SECONDS))))
.get();
fail("authentication failure should have occurred");
} catch (Exception e) {
assertThat(e.getMessage(), equalTo("action [cluster:admin/xpack/watcher/watch/put] is unauthorized for user [test]"));
}
TriggerEvent triggerEvent = new ScheduleTriggerEvent(new DateTime(UTC), new DateTime(UTC));
try {
watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token)).prepareExecuteWatch("_id")
.setTriggerEvent(triggerEvent)
.get();
fail("authentication failure should have occurred");
} catch (Exception e) {
assertThat(e.getMessage(), equalTo("action [cluster:admin/xpack/watcher/watch/execute] is unauthorized for user [test]"));
}
try {
watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token)).prepareDeleteWatch("_id")
.get();
fail("authentication failure should have occurred");
} catch (Exception e) {
assertThat(e.getMessage(), equalTo("action [cluster:admin/xpack/watcher/watch/delete] is unauthorized for user [test]"));
}
// put, execute and delete watch apis are allowed by role admin:
token = basicAuthHeaderValue("admin", SecuritySettingsSource.TEST_PASSWORD_SECURE_STRING);
PutWatchResponse putWatchResponse = watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token))
.preparePutWatch("_id")
.setSource(watchBuilder().trigger(schedule(interval(5, IntervalSchedule.Interval.Unit.SECONDS))))
.get();
assertThat(putWatchResponse.getVersion(), equalTo(1L));
ExecuteWatchResponse executeWatchResponse = watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token))
.prepareExecuteWatch("_id")
.setTriggerEvent(triggerEvent)
.get();
DeleteWatchResponse deleteWatchResponse = watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token))
.prepareDeleteWatch("_id")
.get();
assertThat(deleteWatchResponse.getVersion(), equalTo(2L));
assertThat(deleteWatchResponse.isFound(), is(true));
// stats and get watch are also allowed by role monitor:
token = basicAuthHeaderValue("admin",SecuritySettingsSource.TEST_PASSWORD_SECURE_STRING);
WatcherStatsResponse statsResponse = watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token))
.prepareWatcherStats()
.get();
boolean watcherStarted = statsResponse.getNodes().stream().anyMatch(node -> node.getWatcherState() == WatcherState.STARTED);
assertThat(watcherStarted, is(true));
GetWatchResponse getWatchResponse = watcherClient().filterWithHeader(Collections.singletonMap("Authorization", token))
.prepareGetWatch("_id")
.get();
assertThat(getWatchResponse.isFound(), is(false));
}
}

View File

@ -5,7 +5,6 @@
*/
package org.elasticsearch.xpack.watcher.test;
import io.netty.util.internal.SystemPropertyUtil;
import org.elasticsearch.action.admin.indices.alias.Alias;
import org.elasticsearch.action.admin.indices.create.CreateIndexResponse;
import org.elasticsearch.action.admin.indices.template.get.GetIndexTemplatesResponse;
@ -13,18 +12,14 @@ import org.elasticsearch.action.search.SearchRequestBuilder;
import org.elasticsearch.action.search.SearchResponse;
import org.elasticsearch.action.support.IndicesOptions;
import org.elasticsearch.analysis.common.CommonAnalysisPlugin;
import org.elasticsearch.client.Client;
import org.elasticsearch.client.node.NodeClient;
import org.elasticsearch.cluster.ClusterState;
import org.elasticsearch.cluster.metadata.IndexNameExpressionResolver;
import org.elasticsearch.cluster.routing.IndexRoutingTable;
import org.elasticsearch.cluster.service.ClusterService;
import org.elasticsearch.common.bytes.BytesReference;
import org.elasticsearch.common.collect.Tuple;
import org.elasticsearch.common.io.Streams;
import org.elasticsearch.common.network.NetworkModule;
import org.elasticsearch.common.settings.ClusterSettings;
import org.elasticsearch.common.settings.SecureString;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.unit.TimeValue;
import org.elasticsearch.common.xcontent.XContentHelper;
@ -41,8 +36,6 @@ import org.elasticsearch.search.builder.SearchSourceBuilder;
import org.elasticsearch.test.ESIntegTestCase;
import org.elasticsearch.test.ESIntegTestCase.ClusterScope;
import org.elasticsearch.test.InternalTestCluster;
import org.elasticsearch.test.SecuritySettingsSource;
import org.elasticsearch.test.TestCluster;
import org.elasticsearch.test.disruption.ServiceDisruptionScheme;
import org.elasticsearch.test.store.MockFSIndexStore;
import org.elasticsearch.test.transport.MockTransportService;
@ -52,8 +45,6 @@ import org.elasticsearch.xpack.XPackPlugin;
import org.elasticsearch.xpack.XPackSettings;
import org.elasticsearch.xpack.ml.MachineLearning;
import org.elasticsearch.xpack.security.Security;
import org.elasticsearch.xpack.security.authc.file.FileRealm;
import org.elasticsearch.xpack.security.authc.support.Hasher;
import org.elasticsearch.xpack.template.TemplateUtils;
import org.elasticsearch.xpack.watcher.WatcherState;
import org.elasticsearch.xpack.watcher.client.WatcherClient;
@ -74,16 +65,8 @@ import org.hamcrest.Matcher;
import org.joda.time.DateTime;
import org.joda.time.DateTimeZone;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.OutputStream;
import java.io.UncheckedIOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.time.Clock;
import java.util.ArrayList;
import java.util.Arrays;
@ -96,14 +79,12 @@ import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.stream.Collectors;
import static org.elasticsearch.index.query.QueryBuilders.boolQuery;
import static org.elasticsearch.index.query.QueryBuilders.matchQuery;
import static org.elasticsearch.test.ESIntegTestCase.Scope.SUITE;
import static org.elasticsearch.test.hamcrest.ElasticsearchAssertions.assertAcked;
import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken.basicAuthHeaderValue;
import static org.elasticsearch.xpack.watcher.support.WatcherIndexTemplateRegistry.HISTORY_TEMPLATE_NAME;
import static org.elasticsearch.xpack.watcher.support.WatcherIndexTemplateRegistry.TRIGGERED_TEMPLATE_NAME;
import static org.elasticsearch.xpack.watcher.support.WatcherIndexTemplateRegistry.WATCHES_TEMPLATE_NAME;
@ -120,66 +101,33 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase
public static final String WATCHER_LANG = Script.DEFAULT_SCRIPT_LANG;
private static final boolean timeWarpEnabled = SystemPropertyUtil.getBoolean("tests.timewarp", true);
private TimeWarp timeWarp;
private static Boolean securityEnabled;
@Override
protected TestCluster buildTestCluster(Scope scope, long seed) throws IOException {
if (securityEnabled == null) {
securityEnabled = enableSecurity();
}
return super.buildTestCluster(scope, seed);
}
@Override
protected Settings nodeSettings(int nodeOrdinal) {
return Settings.builder()
.put(super.nodeSettings(nodeOrdinal))
//TODO: for now lets isolate watcher tests from monitoring (randomize this later)
.put(XPackSettings.MONITORING_ENABLED.getKey(), false)
.put(XPackSettings.SECURITY_ENABLED.getKey(), false)
// we do this by default in core, but for watcher this isn't needed and only adds noise.
.put("index.store.mock.check_index_on_close", false)
// watcher settings that should work despite randomization
.put("xpack.watcher.execution.scroll.size", randomIntBetween(1, 100))
.put("xpack.watcher.watch.scroll.size", randomIntBetween(1, 100))
.put(SecuritySettings.settings(securityEnabled))
// Disable native ML autodetect_process as the c++ controller won't be available
.put(MachineLearning.AUTODETECT_PROCESS.getKey(), false)
//.put(NetworkModule.TRANSPORT_TYPE_KEY, Security.NAME4)
//.put(NetworkModule.HTTP_TYPE_KEY, Security.NAME4)
.build();
}
@Override
protected Path nodeConfigPath(final int nodeOrdinal) {
if (!securityEnabled) {
return null;
}
final Path conf = createTempDir().resolve("watcher_security");
final Path xpackConf = conf.resolve(XPackPlugin.NAME);
try {
Files.createDirectories(xpackConf);
writeFile(xpackConf, "users", SecuritySettings.USERS);
writeFile(xpackConf, "users_roles", SecuritySettings.USER_ROLES);
writeFile(xpackConf, "roles.yml", SecuritySettings.ROLES);
} catch (final IOException e) {
throw new UncheckedIOException(e);
}
return conf;
}
private static void writeFile(final Path folder, final String name, final String content) throws IOException {
final Path file = folder.resolve(name);
try (BufferedWriter stream = Files.newBufferedWriter(file, StandardCharsets.UTF_8)) {
Streams.copy(content, stream);
}
}
public static void writeFile(final Path folder, final String name, final byte[] content) throws IOException {
final Path file = folder.resolve(name);
try (OutputStream stream = Files.newOutputStream(file)) {
Streams.copy(content, stream);
}
protected Settings transportClientSettings() {
return Settings.builder()
.put("client.transport.sniff", false)
.put(NetworkModule.TRANSPORT_TYPE_KEY, Security.NAME4)
.put(NetworkModule.HTTP_TYPE_KEY, Security.NAME4)
.build();
}
@Override
@ -211,23 +159,6 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase
return nodePlugins();
}
@Override
protected Function<Client,Client> getClientWrapper() {
if (securityEnabled == false) {
return Function.identity();
}
Map<String, String> headers = Collections.singletonMap("Authorization",
basicAuthHeaderValue(SecuritySettings.TEST_USERNAME, new SecureString(SecuritySettings.TEST_PASSWORD.toCharArray())));
// we need to wrap node clients because we do not specify a user for nodes and all requests will use the system
// user. This is ok for internal n2n stuff but the test framework does other things like wiping indices, repositories, etc
// that the system user cannot do. so we wrap the node client with a user that can do these things since the client() calls
// are randomized to return both node clients and transport clients
// transport clients do not need to be wrapped since we specify the xpack.security.user setting that sets the default user to be
// used for the transport client. If we did not set a default user then the transport client would not even be allowed
// to connect
return client -> (client instanceof NodeClient) ? client.filterWithHeader(headers) : client;
}
protected List<Class<? extends Plugin>> pluginTypes() {
List<Class<? extends Plugin>> types = new ArrayList<>();
if (timeWarped()) {
@ -246,26 +177,15 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase
* this method can be overridden.
*/
protected boolean timeWarped() {
return timeWarpEnabled;
}
/**
* @return whether security has been enabled
*/
protected final boolean securityEnabled() {
return securityEnabled;
}
/**
* Override and returns {@code false} to force running without security
*/
protected boolean enableSecurity() {
return randomBoolean();
return true;
}
@Before
public void _setup() throws Exception {
setupTimeWarp();
if (timeWarped()) {
timeWarp = new TimeWarp(internalCluster().getInstances(ScheduleTriggerEngineMock.class),
(ClockMock)getInstanceFromMaster(Clock.class));
}
startWatcherIfNodesExist();
createWatcherIndicesOrAliases();
}
@ -277,32 +197,6 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase
stopWatcher();
}
@AfterClass
public static void _cleanupClass() {
securityEnabled = null;
}
@Override
protected Settings transportClientSettings() {
if (securityEnabled == false) {
return super.transportClientSettings();
}
return Settings.builder()
.put("client.transport.sniff", false)
.put(Security.USER_SETTING.getKey(), "admin:" + SecuritySettingsSource.TEST_PASSWORD)
.put(NetworkModule.TRANSPORT_TYPE_KEY, Security.NAME4)
.put(NetworkModule.HTTP_TYPE_KEY, Security.NAME4)
.build();
}
private void setupTimeWarp() throws Exception {
if (timeWarped()) {
timeWarp = new TimeWarp(internalCluster().getInstances(ScheduleTriggerEngineMock.class),
(ClockMock)getInstanceFromMaster(Clock.class));
}
}
private void startWatcherIfNodesExist() throws Exception {
if (internalCluster().size() > 0) {
ensureLicenseEnabled();
@ -435,27 +329,10 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase
}
protected WatcherClient watcherClient() {
Client client = securityEnabled ? internalCluster().transportClient() : client();
return randomBoolean() ? new XPackClient(client).watcher() : new WatcherClient(client);
return randomBoolean() ? new XPackClient(client()).watcher() : new WatcherClient(client());
}
/**
* This watcher client needs to be used whenenver an index action is about to be called in a watch
* as otherwise there is no permission to index data with the default transport client user called admin
* This is important if the watch is executed, as the watch is run as the user who stored the watch
* when security is enabled
*/
protected WatcherClient watcherClientWithWatcherUser() {
if (securityEnabled) {
return watcherClient()
.filterWithHeader(Collections.singletonMap("Authorization",
basicAuthHeaderValue("watcher_test", new SecureString(SecuritySettings.TEST_PASSWORD.toCharArray()))));
} else {
return watcherClient();
}
}
protected IndexNameExpressionResolver indexNameExpressionResolver() {
private IndexNameExpressionResolver indexNameExpressionResolver() {
return internalCluster().getInstance(IndexNameExpressionResolver.class);
}
@ -681,74 +558,6 @@ public abstract class AbstractWatcherIntegrationTestCase extends ESIntegTestCase
}
}
/** Security related settings */
public static class SecuritySettings {
public static final String TEST_USERNAME = "test";
public static final String TEST_PASSWORD = SecuritySettingsSource.TEST_PASSWORD;
private static final String TEST_PASSWORD_HASHED = new String(Hasher.BCRYPT.hash(new SecureString(TEST_PASSWORD.toCharArray())));
static boolean auditLogsEnabled = SystemPropertyUtil.getBoolean("tests.audit_logs", true);
public static final String USERS =
"transport_client:" + TEST_PASSWORD_HASHED + "\n" +
TEST_USERNAME + ":" + TEST_PASSWORD_HASHED + "\n" +
"admin:" + TEST_PASSWORD_HASHED + "\n" +
"watcher_test:" + TEST_PASSWORD_HASHED + "\n" +
"monitor:" + TEST_PASSWORD_HASHED;
public static final String USER_ROLES =
"transport_client:transport_client\n" +
"test:test\n" +
"admin:admin\n" +
"monitor:monitor\n" +
"watcher_test:watcher_test,watcher_admin,watcher_user\n";
public static final String ROLES =
"test:\n" + // a user for the test infra.
" cluster: [ 'cluster:monitor/nodes/info', 'cluster:monitor/state', 'cluster:monitor/health', 'cluster:monitor/stats'," +
" 'cluster:admin/settings/update', 'cluster:admin/repository/delete', 'cluster:monitor/nodes/liveness'," +
" 'indices:admin/template/get', 'indices:admin/template/put', 'indices:admin/template/delete'," +
" 'cluster:admin/script/put', 'cluster:monitor/task' ]\n" +
" indices:\n" +
" - names: '*'\n" +
" privileges: [ all ]\n" +
"\n" +
"admin:\n" +
" cluster: [ 'manage' ]\n" +
"\n" +
"monitor:\n" +
" cluster: [ 'monitor' ]\n" +
"\n" +
"watcher_test:\n" +
" cluster: [ 'manage_watcher', 'cluster:admin/xpack/watcher/watch/put' ]\n" +
" indices:\n" +
" - names: 'my_watcher_index'\n" +
" privileges: [ all ]\n"
;
public static Settings settings(boolean enabled) {
Settings.Builder builder = Settings.builder();
if (!enabled) {
return builder.put("xpack.security.enabled", false).build();
}
builder.put("xpack.security.enabled", true)
.put("xpack.security.authc.realms.esusers.type", FileRealm.TYPE)
.put("xpack.security.authc.realms.esusers.order", 0)
.put("xpack.security.audit.enabled", auditLogsEnabled);
/*
* Security should always use one of its transports so if it is enabled explicitly declare one otherwise a local transport could
* be used.
*/
builder.put(NetworkModule.TRANSPORT_TYPE_KEY, Security.NAME4);
builder.put(NetworkModule.HTTP_TYPE_KEY, Security.NAME4);
return builder.build();
}
}
/**
* A disruption that prevents time from advancing on nodes. This is needed to allow time sensitive tests
* to have full control of time. This disruption requires {@link ClockMock} being available on the nodes.

View File

@ -63,16 +63,6 @@ import static org.hamcrest.Matchers.notNullValue;
"org.elasticsearch.xpack.watcher.WatcherIndexingListener:TRACE")
public class BasicWatcherTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean enableSecurity() {
return false;
}
@Override
protected boolean timeWarped() {
return true;
}
public void testIndexWatch() throws Exception {
WatcherClient watcherClient = watcherClient();
createIndex("idx");
@ -114,11 +104,9 @@ public class BasicWatcherTests extends AbstractWatcherIntegrationTestCase {
client().prepareIndex("idx", "type").setSource("field", "value").get();
refresh();
if (timeWarped()) {
timeWarp().clock().fastForwardSeconds(5);
timeWarp().trigger("_name");
refresh();
}
timeWarp().clock().fastForwardSeconds(5);
timeWarp().trigger("_name");
refresh();
assertWatchWithMinimumPerformedActionsCount("_name", 1);
}

View File

@ -63,11 +63,6 @@ public class BootStrapTests extends AbstractWatcherIntegrationTestCase {
return false;
}
@Override
protected boolean enableSecurity() {
return false;
}
@Before
public void deleteAllWatchHistoryIndices() {
assertAcked(client().admin().indices().prepareDelete(HistoryStore.INDEX_PREFIX + "*"));

View File

@ -36,11 +36,6 @@ import static org.hamcrest.Matchers.notNullValue;
public class ExecutionVarsIntegrationTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true;
}
@Override
protected List<Class<? extends Plugin>> pluginTypes() {
List<Class<? extends Plugin>> types = super.pluginTypes();

View File

@ -42,12 +42,6 @@ import static org.hamcrest.Matchers.nullValue;
public class HistoryIntegrationTests extends AbstractWatcherIntegrationTestCase {
// FOR TESTING
@Override
protected boolean enableSecurity() {
return false;
}
// issue: https://github.com/elastic/x-plugins/issues/2338
public void testThatHistoryIsWrittenWithChainedInput() throws Exception {
XContentBuilder xContentBuilder = jsonBuilder().startObject().startObject("inner").field("date", "2015-06-06").endObject()

View File

@ -9,12 +9,12 @@ import org.elasticsearch.action.search.SearchResponse;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.test.junit.annotations.Network;
import org.elasticsearch.xpack.watcher.actions.pagerduty.PagerDutyAction;
import org.elasticsearch.xpack.watcher.condition.AlwaysCondition;
import org.elasticsearch.xpack.watcher.notification.pagerduty.IncidentEvent;
import org.elasticsearch.xpack.watcher.notification.pagerduty.IncidentEventContext;
import org.elasticsearch.xpack.watcher.notification.pagerduty.PagerDutyAccount;
import org.elasticsearch.xpack.watcher.notification.pagerduty.PagerDutyService;
import org.elasticsearch.xpack.watcher.notification.pagerduty.SentEvent;
import org.elasticsearch.xpack.watcher.condition.AlwaysCondition;
import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import org.elasticsearch.xpack.watcher.transport.actions.put.PutWatchResponse;
import org.elasticsearch.xpack.watcher.watch.Payload;
@ -35,16 +35,6 @@ import static org.hamcrest.Matchers.notNullValue;
@Network
public class PagerDutyServiceTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true;
}
@Override
protected boolean enableSecurity() {
return false;
}
@Override
protected Settings nodeSettings(int nodeOrdinal) {
return Settings.builder()

View File

@ -12,13 +12,13 @@ import org.elasticsearch.common.xcontent.XContentFactory;
import org.elasticsearch.common.xcontent.XContentType;
import org.elasticsearch.search.SearchHit;
import org.elasticsearch.test.junit.annotations.Network;
import org.elasticsearch.xpack.watcher.actions.slack.SlackAction;
import org.elasticsearch.xpack.watcher.condition.AlwaysCondition;
import org.elasticsearch.xpack.watcher.notification.slack.SentMessages;
import org.elasticsearch.xpack.watcher.notification.slack.SlackAccount;
import org.elasticsearch.xpack.watcher.notification.slack.SlackService;
import org.elasticsearch.xpack.watcher.notification.slack.message.Attachment;
import org.elasticsearch.xpack.watcher.notification.slack.message.SlackMessage;
import org.elasticsearch.xpack.watcher.actions.slack.SlackAction;
import org.elasticsearch.xpack.watcher.condition.AlwaysCondition;
import org.elasticsearch.xpack.watcher.support.xcontent.XContentSource;
import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import org.elasticsearch.xpack.watcher.transport.actions.put.PutWatchResponse;
@ -42,15 +42,6 @@ import static org.hamcrest.Matchers.nullValue;
@Network
public class SlackServiceTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true;
}
@Override
protected boolean enableSecurity() {
return false;
}
@Override
protected Settings nodeSettings(int nodeOrdinal) {

View File

@ -52,16 +52,6 @@ public class WatchAckTests extends AbstractWatcherIntegrationTestCase {
private String id = randomAlphaOfLength(10);
@Override
protected boolean timeWarped() {
return true;
}
@Override
protected boolean enableSecurity() {
return false;
}
@Before
public void indexTestDocument() {
IndexResponse eventIndexResponse = client().prepareIndex("events", "event", id)

View File

@ -56,12 +56,7 @@ public class WatchMetadataTests extends AbstractWatcherIntegrationTestCase {
.metadata(metadata))
.get();
if (timeWarped()) {
timeWarp().trigger("_name");
} else {
// Wait for a no action entry to be added. (the condition search request will not match, because there are no docs in my-index)
assertWatchWithNoActionNeeded("_name", 1);
}
timeWarp().trigger("_name");
refresh();
SearchResponse searchResponse = client().prepareSearch(HistoryStore.INDEX_PREFIX_WITH_TEMPLATE + "*")

View File

@ -1,82 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
package org.elasticsearch.xpack.watcher.test.integration;
import org.apache.http.Header;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicHeader;
import org.elasticsearch.client.Response;
import org.elasticsearch.common.network.NetworkModule;
import org.elasticsearch.common.settings.SecureString;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.xcontent.json.JsonXContent;
import org.elasticsearch.common.xcontent.support.XContentMapValues;
import org.elasticsearch.plugins.Plugin;
import org.elasticsearch.transport.Netty4Plugin;
import org.elasticsearch.xpack.monitoring.test.MonitoringIntegTestCase;
import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import org.junit.After;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Map;
import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken.BASIC_AUTH_HEADER;
import static org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken.basicAuthHeaderValue;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.hamcrest.Matchers.is;
public class WatcherSettingsFilterTests extends AbstractWatcherIntegrationTestCase {
private CloseableHttpClient httpClient = HttpClients.createDefault();
@After
public void cleanup() throws IOException {
httpClient.close();
}
@Override
protected Settings nodeSettings(int nodeOrdinal) {
return Settings.builder()
.put(super.nodeSettings(nodeOrdinal))
.put(NetworkModule.HTTP_ENABLED.getKey(), true)
.put("xpack.notification.email.account._email.smtp.host", "host.domain")
.put("xpack.notification.email.account._email.smtp.port", 587)
.put("xpack.notification.email.account._email.smtp.user", "_user")
.put("xpack.notification.email.account._email.smtp.password", "_passwd")
.build();
}
@Override
protected Collection<Class<? extends Plugin>> nodePlugins() {
ArrayList<Class<? extends Plugin>> plugins = new ArrayList<>(super.nodePlugins());
plugins.add(Netty4Plugin.class); // for http
return plugins;
}
public void testGetSettingsSmtpPassword() throws Exception {
Header[] headers;
if (securityEnabled()) {
headers = new Header[] {
new BasicHeader(BASIC_AUTH_HEADER,
basicAuthHeaderValue(MonitoringIntegTestCase.SecuritySettings.TEST_USERNAME,
new SecureString(MonitoringIntegTestCase.SecuritySettings.TEST_PASSWORD.toCharArray())))};
} else {
headers = new Header[0];
}
Response response = getRestClient().performRequest("GET", "/_nodes/settings", headers);
Map<String, Object> responseMap = createParser(JsonXContent.jsonXContent, response.getEntity().getContent()).map();
Map<String, Object> nodes = (Map<String, Object>) responseMap.get("nodes");
for (Object node : nodes.values()) {
Map<String, Object> settings = (Map<String, Object>) ((Map<String, Object>) node).get("settings");
assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.user", settings),
is((Object) "_user"));
assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.password", settings),
nullValue());
}
}
}

View File

@ -54,16 +54,6 @@ import static org.hamcrest.Matchers.is;
@TestLogging("org.elasticsearch.xpack.watcher:DEBUG,org.elasticsearch.xpack.watcher.WatcherIndexingListener:TRACE")
public class TransformIntegrationTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true;
}
@Override
protected boolean enableSecurity() {
return false;
}
@Override
protected Collection<Class<? extends Plugin>> nodePlugins() {
List<Class<? extends Plugin>> types = super.pluginTypes();
@ -146,11 +136,9 @@ public class TransformIntegrationTests extends AbstractWatcherIntegrationTestCas
.get();
assertThat(putWatchResponse.isCreated(), is(true));
if (timeWarped()) {
timeWarp().trigger("_id1");
timeWarp().trigger("_id2");
refresh();
}
timeWarp().trigger("_id1");
timeWarp().trigger("_id2");
refresh();
assertWatchWithMinimumPerformedActionsCount("_id1", 1, false);
assertWatchWithMinimumPerformedActionsCount("_id2", 1, false);
@ -195,11 +183,9 @@ public class TransformIntegrationTests extends AbstractWatcherIntegrationTestCas
).get();
assertThat(putWatchResponse.isCreated(), is(true));
if (timeWarped()) {
timeWarp().trigger("_id1");
timeWarp().trigger("_id2");
refresh();
}
timeWarp().trigger("_id1");
timeWarp().trigger("_id2");
refresh();
assertWatchWithMinimumPerformedActionsCount("_id1", 1, false);
assertWatchWithMinimumPerformedActionsCount("_id2", 1, false);
@ -241,11 +227,9 @@ public class TransformIntegrationTests extends AbstractWatcherIntegrationTestCas
.get();
assertThat(putWatchResponse.isCreated(), is(true));
if (timeWarped()) {
timeWarp().trigger("_id1");
timeWarp().trigger("_id2");
refresh();
}
timeWarp().trigger("_id1");
timeWarp().trigger("_id2");
refresh();
assertWatchWithMinimumPerformedActionsCount("_id1", 1, false);
assertWatchWithMinimumPerformedActionsCount("_id2", 1, false);

View File

@ -47,11 +47,6 @@ public class ActivateWatchTests extends AbstractWatcherIntegrationTestCase {
return false;
}
@Override
protected boolean enableSecurity() {
return false;
}
// FIXME not to be sleep based
public void testDeactivateAndActivate() throws Exception {
PutWatchResponse putWatchResponse = watcherClient().preparePutWatch()

View File

@ -16,7 +16,6 @@ import org.elasticsearch.xpack.watcher.test.AbstractWatcherIntegrationTestCase;
import org.elasticsearch.xpack.watcher.transport.actions.ack.AckWatchRequestBuilder;
import org.elasticsearch.xpack.watcher.transport.actions.ack.AckWatchResponse;
import org.elasticsearch.xpack.watcher.transport.actions.execute.ExecuteWatchResponse;
import org.elasticsearch.xpack.watcher.transport.actions.get.GetWatchResponse;
import org.elasticsearch.xpack.watcher.transport.actions.put.PutWatchResponse;
import org.elasticsearch.xpack.watcher.watch.WatchStatus;
@ -26,7 +25,6 @@ import static org.elasticsearch.xpack.watcher.input.InputBuilders.simpleInput;
import static org.elasticsearch.xpack.watcher.trigger.TriggerBuilders.schedule;
import static org.elasticsearch.xpack.watcher.trigger.schedule.Schedules.cron;
import static org.elasticsearch.xpack.watcher.trigger.schedule.Schedules.interval;
import static org.hamcrest.Matchers.equalTo;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.notNullValue;
@ -111,15 +109,7 @@ public class ExecuteWatchTests extends AbstractWatcherIntegrationTestCase {
// but forcing will ignore the throttling
// lets wait for the watch to be ackable
if (timeWarped()) {
timeWarp().trigger("_id");
} else {
assertBusy(() -> {
GetWatchResponse getWatchResponse = watcherClient.prepareGetWatch("_id").get();
assertThat(getWatchResponse.getStatus().actionStatus("log").ackStatus().state(),
equalTo(ActionStatus.AckStatus.State.ACKABLE));
});
}
timeWarp().trigger("_id");
String[] actionIds = randomFrom(
new String[] { "_all" },

View File

@ -24,11 +24,6 @@ import static org.hamcrest.Matchers.notNullValue;
public class WatchStatusIntegrationTests extends AbstractWatcherIntegrationTestCase {
@Override
protected boolean timeWarped() {
return true;
}
public void testThatStatusGetsUpdated() throws Exception {
WatcherClient watcherClient = watcherClient();
watcherClient.preparePutWatch("_name")

View File

@ -23,6 +23,11 @@ integTestCluster {
setting 'xpack.monitoring.enabled', 'false'
setting 'xpack.ml.enabled', 'false'
setting 'logger.level', 'DEBUG'
// settings to test settings filtering on
setting 'xpack.notification.email.account._email.smtp.host', 'host.domain'
setting 'xpack.notification.email.account._email.smtp.port', '587'
setting 'xpack.notification.email.account._email.smtp.user', '_user'
setting 'xpack.notification.email.account._email.smtp.password', '_passwd'
plugin ':x-pack-elasticsearch:plugin'
extraConfigFile 'x-pack/roles.yml', 'roles.yml'
setupCommand 'setupTestAdminUser',

View File

@ -0,0 +1,13 @@
---
"Test watcher settings filter is applied":
- do:
cluster.state: {}
- set: { master_node: master }
- do:
nodes.info:
metric: settings
- is_true: nodes.$master.settings.xpack.notification.email.account._email.smtp.host
- is_true: nodes.$master.settings.xpack.notification.email.account._email.smtp.port
- is_true: nodes.$master.settings.xpack.notification.email.account._email.smtp.user
- is_false: nodes.$master.settings.xpack.notification.email.account._email.smtp.password