Commit Graph

51789 Commits

Author SHA1 Message Date
markharwood 1d74549d7f
Wildcard field - add support for null field with test (#57047) (#57139)
Backport of #57047
2020-05-26 16:07:49 +01:00
Christoph Büscher 56625e35b7 Fix `bool` query behaviour on null value (#56817)
Until 7.7 we used to ignore `null` values for `bool`queries `minimum_should_match`,
parameters and also for the `must`,  `must_not`, `should` and `filter` clauses.
An internal refactoring has changed this so now we get a parsing error. While `null` 
should not a common value here, we should restore the old behaviour for bwc for now.

Closes #56812
2020-05-26 16:23:40 +02:00
Russ Cam 8fd73d1e4f [DOCS] Add .NET client link to Bulk API docs (#57095)
This commit adds a link in the Bulk API documentation to
the .NET client's BulkAllObservable type and associated methods.
2020-05-26 09:12:57 -04:00
David Kyle 571477d0ad
[7.x] Fix delete_expired_data/nightly maintenance when many model snapshots need deleting (#57041) (#57136)
Fix delete_expired_data/nightly maintenance when 
many model snapshots need deleting (#57041)

The queries performed by the expired data removers pull back entire 
documents when only a few fields are required. For ModelSnapshots in 
particular this is a problem as they contain quantiles which may be 
100s of KB and the search size is set to 10,000.

This change makes the search more efficient by only requesting the 
fields needed to work out which expired data should be deleted.
2020-05-26 10:56:42 +01:00
Ioannis Kakavas 6984b3ef6f
Adjust reload keystore test to pass in FIPS (#57050) (#57133)
In KeystoreWrapper class we determine if the error to decrypt a
given keystore is caused by a wrong password based on the exception
that the SunJCE implementation of AES is throwing
(AEADBadTagException). Other implementations from other Security
Providers might cause decryption to fail in a different way and cause
us to throw a generic error message.
We handle this in this test by matching both possible
exception messages.

Relates: #56889
2020-05-26 11:21:50 +03:00
Ioannis Kakavas 1e03de4999
Fix key usage in SamlAuthenticatorTests (#57124) (#57129)
In #51089 where SamlAuthenticatorTests were refactored, we missed
to update one test case which meant that a single key would be
used both for signing and encryption in the same run. As explained
in #51089, and due to FIPS 140 requirements, BouncyCastle FIPS
provider will block RSA keys that have been used for signing from
being used for encryption and vice versa

This commit changes testNoAttributesReturnedWhenTheyCannotBeDecrypted
to always use the specific keys we have added for encryption.
2020-05-26 10:51:47 +03:00
Jim Ferenczi 52443d41cf Stop async search maintenance service on restart (#56982)
This change ensures that we stop the maintenance service on all nodes
when a data node is restarted. This ensures that we don't send
update_by_query requests on the node that is restarted.
This commit also raises the log level to trace for some packages
in order to investigate the failures to acquire a shard lock
after a restart.

Relates #56765
2020-05-26 09:30:33 +02:00
Armin Braun 184338ed61
Fix Snapshot Javadoc Issues (#57083) (#57122)
Fixing some incorrect JavaDoc and a typo.

Co-authored-by: jinwook han <jin942002@naver.com>
2020-05-25 18:05:01 +02:00
Francisco Fernández Castaño 42a15c9b80
Track PUT/PUT_BLOCK operations on AzureBlobStore. (#57121)
Backport of #56936
2020-05-25 17:24:34 +02:00
Dan Hermann c5f61fe24c
Handle exceptions when building _cat/indices response 2020-05-25 09:59:24 -05:00
Armin Braun dde75b0f64
Fix Confusing Exception on Shard Snapshot Abort (#57116) (#57117)
If a partial snapshot has some of its shards aborted because an index got deleted, this can lead to confusing `IllegalStateExceptions` when trying to increment the ref count of the already closed `Store`.
Refactored this a little to throw the same exception for aborted shards no matter the timing of the store close and assert that the concurrent store close can in fact only happen when the shard snapshot has already been aborted.
2020-05-25 16:50:11 +02:00
Nhat Nguyen 4511611802 Fix testTrackingChannelTask (#57061)
A task might not be canceled on disconnection if it is completed before the cancellation
is started. We need to relax the assertion in this test.

Closes #56746
2020-05-25 09:53:50 -04:00
Przemysław Witek ea2012778e
Mute failing test (#57112) (#57113) 2020-05-25 14:06:29 +02:00
Ioannis Kakavas 174af2bb1a
[7.x] Refactor SamlAuthenticatorTests (#51089) (#57105)
- Use opensaml to sign and encrypt responses/assertions/attributes
instead of doing this manually
- Use opensaml to build response and assertion objects instead of
parsing xml strings
- Always use different keys for signing and encryption. Due to FIPS
140 requirements, BouncyCastle FIPS provider will block
RSA keys that have been used for signing from being used for
encryption and vice versa. This change adds new encryption specific
 keys to be used throughout the tests.
2020-05-25 14:09:42 +03:00
Ioannis Kakavas 6c832fe4e3
Don't run IDP tests in FIPS 140 mode (#57048) (#57098)
We don't support this for now so there is no need to handle all
the test logic/exceptions to run this in FIPS 140 mode.
2020-05-25 14:08:48 +03:00
Armin Braun 5569137ae3
Flatten ReleaseableBytesReference Object Trees (#57092) (#57109)
When slicing a releasable bytes reference we would create a new counter
every time and pass the original reference chain to the new slice on every
slice invocation. This would lead to extremely deep reference chains and
needlessly uses a dedicated counter for every slice when all the slices
eventually just refer to the same underlying bytes and `Releasable`.
This commit tracks the ref count wrapper with its releasable in a separate
object that can be passed around on every slicing, making the slices' tree
as flat as the original releasable bytes reference.

Also, we were needlessly creating a redundant releasable bytes reference from
a releasable bytes-stream-output that we never actually used for releasing (all code
that uses it just releases the stream itself instead).
2020-05-25 13:00:37 +02:00
Armin Braun 56401d3f66
Release HTTP Request Body Earlier (#57094) (#57110)
We don't need to hold on to the request body past the beginning of sending
the response. There is no need to keep a reference to it until after the response
has been sent fully and we can eagerly release it here.
Note, this can be optimized further to release the contents even earlier but for now
this is an easy increment to saving some memory on the IO pool.
2020-05-25 13:00:19 +02:00
Armin Braun 9fa60f7367
Add History UUID Index Setting (#56930) (#57104)
Pre-requesite for #50278 to be able to uniquely identify index metadata by
its version fields and UUIDs when restoring into closed indices.
2020-05-25 11:26:03 +02:00
Armin Braun a4eb3edf46
Fix GCS Repository YAML Test Build (#57073) (#57101)
A few relatively obvious issues here:

* We cannot run the different IT runs (large blob setting one and normal integ run) concurrently
* We need to set the dependency tasks up correctly for the large blob run so that it works in isolation
* We can't use the `localAddress` for the location header of the resumable upload
(this breaks in YAML tests because GCS is using a loopback port forward for the initial request and the
local address will be chosen as the actual Docker container host)

Closes #57026
2020-05-25 11:10:39 +02:00
Rene Groeschke 28920a45f1
Improvement usage of gradle task avoidance api (#56627) (#56981)
Use gradle task avoidance api wherever it is possible as a drop in replacement in the es build
2020-05-25 09:37:33 +02:00
István Zoltán Szabó 47bf95cee3 [DOCS] Improves navigation between forecast APIs and adds short description. (#57035) 2020-05-25 09:11:00 +02:00
Armin Braun 05c019585e
Fix Test Failure from Incorrect Mapping Conflict Assertion (#57085) (#57088)
I think this is a left-over from #56915 where a change in assertion
message didn't make it to this very rare-case assertion.
2020-05-24 09:16:28 +02:00
Marios Trivyzas b91bae30b1
SQL: [Tests] Move JDBC integration tests to new module (#56872) (#57072)
Move the JDBC functionality integration tests from `:sql:qa` to a separate
module `:sql:qa:jdbc`. This way the tests are isolated from the rest of the
integration tests and they only depend to the `:sql:jdbc` module, thus
removing the danger of accidentally pulling in some dependency that may
hide bugs.

Moreover this is a preparation for #56722, so that we can run those tests
between different JDBC and ES node versions and ensure forward
compatibility.

Move the rest of existing tests inside a new `:sql:qa:server` project, so that
the `:sql:qa` becomes the parent project for both and one can run all the integration
tests by using this parent project.

(cherry picked from commit c09f4a04484b8a43934fe58fbc41bd90b7dbcc76)
2020-05-22 17:49:36 +02:00
Nhat Nguyen d8165a3439
Turn off translog retention only when shard started (#57063)
We should only turn off the translog retention when a shard is started; 
otherwise, we can issue unnecessary warn logs.
2020-05-22 09:05:05 -04:00
Jack Conradson 35c546b388
Backports for _source bug fix in scripting (#57068)
* Update DeprecationMap to DynamicMap (#56149)

This renames DeprecationMap to DynamicMap, and changes the deprecation
messages Map to accept a Map of String (keys) to Functions (updated values)
instead. This creates more flexibility in either logging or updating values from
params within a script. This change is required to fix (#52103) in a future PR.

* Fix Source Return Bug in Scripting (#56831)

This change ensures that when a user returns _source directly no matter where 
accessed within scripting, the value is a Map of the converted source as 
opposed to a SourceLookup.
2020-05-21 17:07:38 -07:00
Mayya Sharipova 4cf49bc05e Don't run sort optimization on size=0 (#57044)
Sort optimization creates TopFieldCollector that errors
when size=0. This ensures that sort optimization is not
run when size=0.

Closes #56923
2020-05-21 14:52:28 -04:00
James Rodewig b3426dd558
[DOCS] Add delete snapshot repo API docs (#57043)
Changes:

* Adds API reference docs for the delete snapshot repo API.

* Corrects an error in the delete snapshot repo API spec. Comma-separated
repository names are not supported.

* Relocates the existing delete snapshot repo API example docs.
2020-05-21 14:47:07 -04:00
James Rodewig a2de43d468
[DOCS] Reformat `shingle` token filter (#57040)
Changes:

* Rewrites description and adds Lucene link
* Adds analyze example
* Rewrites parameter documentation
* Updates custom analyzer and filter examples
* Adds anchor to `index.max_shingle_diff` index-level setting
2020-05-21 13:56:54 -04:00
Ioannis Kakavas 6c90727166
Fix custom policy in plugins in FIPS 140 (#52046) (#57049)
Our FIPS 140 testing depends on setting the appropriate java policy
in order to configure the JVM in FIPS mode. Some tests (
discovery-ec2 and ccr qa ) also needed to set a custom policy file
to grant a specific permission, which overwrote the FIPS related
policy and tests would fail. This change ensures that when a
custom policy needs to be set in these tests, the permissions that
are necessary for FIPS are also set.

Resolves: #51685, #52034
2020-05-21 19:26:56 +03:00
István Zoltán Szabó 9b7356d6af [DOCS] Removes the Jobs section from the ML anomaly detection APIs page. (#57031) 2020-05-21 17:32:07 +02:00
James Rodewig 9455bc84d8 [DOCS] Fix anchor in put snapshot repo API docs 2020-05-21 09:36:49 -04:00
Benjamin Trent f00dfb2d5f
[ML] adds WKT support in filestructurefinder (#57014) (#57032)
Field mapping detection is done via grok patterns. 
This commit adds well-known text (WKT) formatted geometry detection.

If everything is a `POINT`, then a `geo_point` mapping is preferred. 
Otherwise, if all the fields are WKT geometries a `geo_shape` mapping is preferred.

This does **NOT** detect other types of formatted geometries (geohash, comma delimited points, etc.)

closes https://github.com/elastic/elasticsearch/issues/56967
2020-05-21 08:22:51 -04:00
Andrei Dan 9af31109fa
Change "apply create index" log level to DEBUG (#56947) (#57028)
These log statements are also logged by every "simulate adding this index"
functionality. One of them is the rollover action in ILM which executes
rollover dry-runs until the conditions are met, when the actual rollover
is executed.

This changes the statements log level to DEBUG and changes the phrasing
from V1/V2 to legacy/composable templates.

(cherry picked from commit 7cc8e1fe7f9731213ac4869fe99853564fbaaba9)
Signed-off-by: Andrei Dan <andrei.dan@elastic.co>
2020-05-21 12:14:53 +01:00
markharwood eb8cb31d46
Update Lucene version to 8.6.0-snapshot-9d6c738ffce (#57024)
Same version as master
2020-05-21 11:28:16 +01:00
David Turner 1dabdd9a20
Close channel on handshake error with old version (#56989) (#57025)
Today a transport response uses the same wire format version as the
corresponding request. This mostly works since we mostly know we are
communicating with a node with a compatible version. TCP handshakes don't have
this guarantee since they use `Version.CURRENT.minimumCompatibilityVersion()`
to let us handshake with older nodes. This results in the strange situation of
a node of major version `N` responding to a node of major version `N-1` using a
wire format of version `N-2`.

We put extra effort into the longer BWC requirements for successful responses,
but we do not offer the same guarantees for error responses since they may be
rather complicated to serialize. This can result in the request sender
misinterpreting the response which may have unpredictable consequences.

Rather than strengthening the guarantees in this area, this commit simply logs
the exception and closes the connection on a handshake error with a node that
uses an incompatible wire format.

Closes #54337
2020-05-21 11:00:22 +01:00
David Turner 99f7115f22 Revert "Close channel on handshake error with old version (#56989)"
This reverts commit c81a189da9.
2020-05-21 09:43:28 +01:00
David Turner c81a189da9 Close channel on handshake error with old version (#56989)
Today a transport response uses the same wire format version as the
corresponding request. This mostly works since we mostly know we are
communicating with a node with a compatible version. TCP handshakes don't have
this guarantee since they use `Version.CURRENT.minimumCompatibilityVersion()`
to let us handshake with older nodes. This results in the strange situation of
a node of major version `N` responding to a node of major version `N-1` using a
wire format of version `N-2`.

We put extra effort into the longer BWC requirements for successful responses,
but we do not offer the same guarantees for error responses since they may be
rather complicated to serialize. This can result in the request sender
misinterpreting the response which may have unpredictable consequences.

Rather than strengthening the guarantees in this area, this commit simply logs
the exception and closes the connection on a handshake error with a node that
uses an incompatible wire format.

Closes #54337
2020-05-21 09:00:08 +01:00
Ryan Ernst 94062df77c
Make internalClusterTest run after unit tests (#57016)
This commit adds an ordering rule to ensure unit tests are run first
when running a higher level task like check.
2020-05-20 19:23:34 -07:00
Ryan Ernst 33ca5ba44b
Add individual precommit task plugins (#56926) (#57015)
Each precommit task is currently registered inside the shared
PrecommitTasks class. Having a single class with all precommit tasks
makes individualizing which precommit tasks are needed based on type of
project difficult, where we often just disable somet tasks eg for all qa
projects. This commit creates plugins for each precommit task, and moves
the configuration of the task into each plugin. PrecommitTasks remains
for now, and just delegates to each plugin, but will be removed in a
future change.
2020-05-20 14:12:36 -07:00
James Rodewig 37e2bb7057
[DOCS] Add watcher multi-doc index ex (#52040) (#57011)
Adds an example snippet for creating a `_doc` payload field with the
Watcher `index` action.

Co-authored-by: Luiz Guilherme Pais dos Santos <luiz.santos@elastic.co>
2020-05-20 16:57:45 -04:00
Julie Tibshirani fb000d6cf4 Simplify range query methods for range types. (#56976)
For me this is easier to follow. It also avoids parsing the query bounds twice.
2020-05-20 12:02:27 -07:00
James Rodewig 5cb34d9a6e
[DOCS] Reformat `hunspell` token filter (#56955)
Changes:

* Rewrites description and adds Lucene link
* Adds analyze example
* Rewrites parameter documentation
* Updates custom analyzer example
* Rewrites related setting documentation
2020-05-20 14:47:53 -04:00
Brandon Morelli ec41d36c62
docs: update links to beats security docs (#56875) (#56953) 2020-05-20 11:28:39 -07:00
Bogdan Pintea ec4a6aa1c6 SQL: JDBC: fix temporary directory locked test errors in Windows (#56917)
* Fix temp dir locked errors

The tests involving a temporary directory (containing the JDBC JAR) fail
on Windows because they can't be deleted, due to still being in use.
This commit forces a premature closing of the JAR file, which mitigates
the failure by giving the JVM more time to collect any open FDs.
(Calling the System.gc() in the tests is another working alternative
fix.)

The stream-based JAR access is taken care by disabling the cache usage

(cherry picked from commit 04f97333a015404a68e8f19223f33aadeb396687)
2020-05-20 19:46:57 +02:00
Ryan Ernst acfa2e4241
Split dependenciesInfo task to its own plugin (#56957)
The dependenciesInfo task is used to gather information about all
dependencies in elasticsearch. This commit separates it into its own
gradle plugin.
2020-05-20 10:26:05 -07:00
James Rodewig b7c6f0d02f
[DOCS] Fix default for `http.compression` setting (#56899) (#57002)
Elasticsearch enables HTTP compression by default. However, to mitigate
potential security risks like the BREACH attack, compression is disabled by
default if HTTPS is enabled.

This updates the `http.compression` setting definition accordingly and adds
additional context.

Co-authored-by: Leaf-Lin <39002973+Leaf-Lin@users.noreply.github.com>
2020-05-20 12:12:05 -04:00
Ryan Ernst 381ed235e9
Re-enable plugin and upgrade bats tests (#51565) (#56999)
While the tests remained in place, the execution of these tests were
lost when creating the DistroTestPlugin. This commit restores executing
them.
2020-05-20 08:34:05 -07:00
Ryan Ernst 79224a9a4a
Do not daemonize when testing error output in packaging tests (#56971) (#56997)
The packaging tests start elasticsearch in various ways. All of these
currently expect it is started asynchronously, yet some tests expect it
will fail to start and want to check the error output. This commit adds
a daemonize flag to the utility methods to start elasticsearch for such
cases, so that when the start method returns, all the error output
should already be available since the process will have exited.

relates #51716
2020-05-20 07:56:48 -07:00
Florian Kelbert edada6bc39 [Docs] Insert missing colon (#56980) 2020-05-20 15:49:17 +02:00
Albert Zaharovits fd54ed328c DOCS Correct audit emit_node_id default value as false (#56995)
Since version 7, the `xpack.security.audit.logfile.emit_node_id` setting defaults
to `false`, yet the docs say otherwise. This commit fixes that.
2020-05-20 16:35:30 +03:00