Commit Graph

209 Commits

Author SHA1 Message Date
Boaz Leskes 16d7f0c999 Introduce dedicated master nodes in testing infrastructure (elastic/elasticsearch#2314)
This is a companion commit to elastic/elasticsearchelastic/elasticsearch#18514, fixing issues introduced by adding dedicated master nodes to the test infra

Original commit: elastic/x-pack-elasticsearch@8c0571f2de
2016-05-27 08:45:54 +02:00
Robert Muir 21b2494c5b ScriptException -> GeneralScriptException (https://github.com/elastic/elasticsearch/pull/18600)
Original commit: elastic/x-pack-elasticsearch@0536fe9222
2016-05-26 17:51:46 -04:00
Tanguy Leroux b25c401b3c Add integration test for Delete-By-Query and Security
Closes elastic/elasticsearch#2287

Original commit: elastic/x-pack-elasticsearch@4bbb2a6f73
2016-05-25 09:39:23 +02:00
Adrien Grand 6860944f07 Use Java's Base64 instead of elasticsearch's. elastic/elasticsearch#2282
Original commit: elastic/x-pack-elasticsearch@c2e748d732
2016-05-23 11:25:31 +02:00
jaymode d552574016 test: set logger level differently after removal of support for es.* system properties
Original commit: elastic/x-pack-elasticsearch@fcaa9bbcff
2016-05-20 08:11:26 -04:00
Tanguy Leroux 5161b540a9 Move unneeded log info messages to debug
closes  elastic/elasticsearch#2228, elastic/elasticsearch#2227

Original commit: elastic/x-pack-elasticsearch@558751c424
2016-05-19 17:28:20 +02:00
Chris Earle 87c085d857 Better approach to skipping license check for subprojects
Original commit: elastic/x-pack-elasticsearch@8624ab08cc
2016-05-19 02:41:03 -04:00
Chris Earle 93ca4db1ce Remove duped plugin application from Gradle script.
Original commit: elastic/x-pack-elasticsearch@6745b39c82
2016-05-19 02:20:55 -04:00
Chris Earle c94a326f1d Split monitoring smoke tests into separate smoke tests
There is a race condition between the smoke tests that get run because of the teardown conditions of
REST tests. By splitting them, we can avoid the unrealistic scenario/race condition.

Original commit: elastic/x-pack-elasticsearch@f95ae0e595
2016-05-19 02:08:33 -04:00
Lee Hinman 91f2e94ac7 Fix scripting engines for singular type
Original commit: elastic/x-pack-elasticsearch@ed014cefc3
2016-05-13 09:29:37 -06:00
Robert Muir 3a2cfabc4d use painless syntax improvements in watcher tests and docs
Original commit: elastic/x-pack-elasticsearch@27ef31efac
2016-05-11 21:24:43 -04:00
Chris Earle 080000a595 Updating with array changed to list.
Original commit: elastic/x-pack-elasticsearch@552227458f
2016-05-06 12:26:10 -04:00
Alexander Reelsen a243647ea1 Watcher: Move urls from _watcher to _xpack/watcher
This moves the watcher base URL to _xpack/watcher. This includes
code, tests, rest-api-spec and the documentation.

Relates elastic/elasticsearch#1760

Original commit: elastic/x-pack-elasticsearch@0a44aec022
2016-05-04 09:39:47 +02:00
Alexander Reelsen 1aedda3627 X-Pack: Create notification module
In order to move things from watcher to x-pack this created a notification module in x-pack.
This also means that the HTTPClient was moved up and settings have changed from
`xpack.watcher.http` to just `xpack.http`.

Further things done:

* Move http under o.e.xpack.common
* Moved secret service to o.e.xpack.common, initializing in XpackPlugin
* Moved text template to o.e.xpack.common.text
* Moved http client initialization into xpack plugin
* Renamed xpack.watcher.encrypt_sensitive_data setting, moved into Watch class
* Moved script service proxy to common

Original commit: elastic/x-pack-elasticsearch@41eb6e6946
2016-05-04 08:53:29 +02:00
Alexander Reelsen 74edbe6332 Watcher: Refactoring, move to org.elasticsearch.xpack
This refactors the org.elasticsearch.watcher over to
org.elasticsearch.xpack.watcher

This also adds all watcher actions to the KnownActionsTests,
as watcher actions had not been taken care of until here.

Original commit: elastic/x-pack-elasticsearch@a046dc7c6a
2016-05-02 10:58:34 +02:00
jaymode 773876caee security: ssl by default on the transport layer
This commit adds the necessary changes to make SSL work on the transport layer by default. A large
portion of the SSL configuration/settings was re-worked with this change. Some notable highlights
include support for PEM cert/keys, reloadable SSL configuration, separate HTTP ssl configuration, and
separate LDAP configuration.

The following is a list of specific items addressed:

* `SSLSettings` renamed to `SSLConfiguration`
* `KeyConfig` and `TrustConfig` abstractions created. These hide the details of how `KeyManager[]` and `TrustManager[]` are loaded. These are also responsible for settings validation (ie keystore password is not null)
* Configuration fallback is changed. Previously any setting would fallback to the "global" value (`xpack.security.ssl.*`). Now a keystore path, key path, ca paths, or truststore path must be specified otherwise the configuration for that key/trust will fallback to the global configuration. In other words if you want to change part of a keystore or truststore in a profile you need to supply all the information. This could be considered breaking if a user relied on the old fallback
* JDK trusted certificates (`cacerts`) are trusted by default (breaking change). This can be disabled via a setting.
* We now monitor the SSL files for changes and enable dynamic reloading of the configuration. This will make it easier for users when they are getting set up with certificates so they do not need to restart every time. This can be disabled via a setting
* LDAP realms can now have their own SSL configurations
* HTTP can now have its own SSL configuration
* SSL is enabled by default on the transport layer only. Hostname verification is enabled as well. On startup if no global SSL settings are present and SSL is configured to be used, we auto generate one based on the default CA that is shipped. This process includes a best effort attempt to generate the subject alternative names.
* `xpack.security.ssl.hostname_verification` is deprecated in favor of `xpack.security.ssl.hostname_verification.enabled`
* added Bouncy Castle info to NOTICE
* consolidated NOTICE and LICENSE files

Closes elastic/elasticsearch#14
Closes elastic/elasticsearch#34
Closes elastic/elasticsearch#1483
Closes elastic/elasticsearch#1933
Addresses security portion of elastic/elasticsearch#673

Original commit: elastic/x-pack-elasticsearch@7c359db90b
2016-04-29 12:50:07 -04:00
Alexander Reelsen 27f0a68a28 X-Pack Notification: Settings refactoring, removed 'service'
The service part is now obsolete with moving to `xpack.notification`.

Original commit: elastic/x-pack-elasticsearch@a7907f24a5
2016-04-29 09:02:36 +02:00
jaymode 91943318bf security: cleanup authentication service
This commit removes duplicated code in the authentication service by combining
the authentication logic for rest and transport requests. As part of this we no longer
cache the authentication token since we put the user in the context and serialize the
user.

Additionally we now pass the thread context to the AuthenticationFailureHandler to
restore access to the headers and context.

Original commit: elastic/x-pack-elasticsearch@79e2375a13
2016-04-28 07:59:16 -04:00
Alexander Reelsen 91242f3a98 Tests: Increase logging for tests for randomly failing tests
Relates elastic/elasticsearch#2090

Original commit: elastic/x-pack-elasticsearch@4051354f45
2016-04-25 17:46:09 +02:00
Alexander Reelsen b47d161b9e X-Pack: Porting watcher notifications to xpack notifications (elastic/elasticsearch#2056)
This mainly moves packages over to the x-pack directory and renames the settings
from `xpack.watcher.actions.` to `xpack.notification.`

Moved services include pagerduty, hipchat, slack and email.

Closes elastic/elasticsearch#1998

Original commit: elastic/x-pack-elasticsearch@40c16fe123
2016-04-22 15:57:34 +02:00
Martijn van Groningen 358fa38cf6 test: fix id, script_lang mix up
Original commit: elastic/x-pack-elasticsearch@7c4a3152ba
2016-04-22 15:12:35 +02:00
Martijn van Groningen 4650592150 Remove LazyInitializable from ScriptServiceProxy
Closes elastic/elasticsearch#2062

Original commit: elastic/x-pack-elasticsearch@4eaf323158
2016-04-22 14:31:02 +02:00
Martijn van Groningen b9515357fa Migrated from indexed scripts to store scripts
Original commit: elastic/x-pack-elasticsearch@a0218f1c9e
2016-04-22 13:43:55 +02:00
Alexander Reelsen 98feb695ff Tests: Fixing failing history transform tests after mapping changes
Original commit: elastic/x-pack-elasticsearch@b1b13c52b0
2016-04-19 13:56:50 +02:00
Alexander Reelsen 99cff6f3b9 Watcher: Create module to test with painless scripting language
Also changed some documentation to use painless instead of groovy
to get people used to it.

Original commit: elastic/x-pack-elasticsearch@92a007cc0d
2016-04-18 09:14:31 +02:00
uboness 8aa48ffaff Introduced the X-Pack Info API
- Removed Shield's Info API
- Removed Watcher's Info API

Closes elastic/elasticsearch#2014

Original commit: elastic/x-pack-elasticsearch@6910cb1d6e
2016-04-17 13:38:19 +02:00
jaymode e4cb1f1b24 test: add missing date math to blacklist
Original commit: elastic/x-pack-elasticsearch@85fae58d74
2016-04-15 10:10:01 -04:00
Alexander Reelsen 1ef246adab Watcher: Fall back on default format color in hipchat action
Our documentation states that we have default attributes for
message.format and message.color, which in fact we do not have
as an NPE was triggered in that case.

This commit falls back to unset defaults and allows for hipchat messages
to be sent without having to configure color/format in the action
or the account.

Closes elastic/elasticsearch#1666

Original commit: elastic/x-pack-elasticsearch@bfb7e35112
2016-04-14 09:03:55 +02:00
Nik Everett 120e13148b Handle core search refactoring
Original commit: elastic/x-pack-elasticsearch@fb512063ca
2016-04-12 15:24:19 -04:00
Alexander Reelsen a1f7fff901 Watcher: Cut settings over to xpack.watcher (elastic/elasticsearch#1909)
This cuts over all settings from `watcher.` to `xpack.watcher` as
part of the settings cleanup for 5.0.

Relates elastic/elasticsearch#1441

Original commit: elastic/x-pack-elasticsearch@c82483bf25
2016-04-12 10:34:23 +02:00
Adrien Grand 5b57727b34 Replace usage of settingsBuilder with just builder.
Original commit: elastic/x-pack-elasticsearch@fe038bbc49
2016-04-08 18:09:02 +02:00
Chris Earle daa875db11 Remove hostname from NetworkAddress.format (x-plugins side)
This removes the old usage of NetworkAddress.formatAddress in favor of the updated version, which is just
the method renamed to NetworkAddress.format (replacing the old version of that method).

There is no impact to x-plugins beyond making the build work because all places were currently using that
method variant already.

Original commit: elastic/x-pack-elasticsearch@05f0dcfa90
2016-04-07 17:29:14 -04:00
jaymode 8049a82953 security: add support for main action
This commit adds support for the change in elasticsearch where the `/` rest
endpoint now delegates to an action and can be authorized.

Original commit: elastic/x-pack-elasticsearch@8ef38ce50f
2016-04-07 09:25:21 -04:00
jaymode d08446e221 security: add reserved roles and users
This commit adds reserved or built-in user and role support to x-pack. The reserved roles
cannot be modified by users. The reserved users also cannot be modified with the exception
of changing the password for a user.

In order to change the password for a user, a new API has been added. This API only supports
changing passwords for native and reserved users.

To support allowing a user to change their own password, a default role has been added to grant
access. This default role only grants access to user operations that pertain to the user that is
being authorized. In other words, the default role grants `joe` the ability to change their own password
but does not allow them to change the password of a different user.

Additionally, the authenticate API was made a transport action and is granted by the default role.

Closes elastic/elasticsearch#1727
Closes elastic/elasticsearch#1185
Closes elastic/elasticsearch#1158

Original commit: elastic/x-pack-elasticsearch@1a6689d90f
2016-04-06 18:23:18 -04:00
jaymode f888082ce6 security: remove the use of shield in settings
This commit migrates all of the `shield.` settings to `xpack.security.` and makes changes to
use the new Settings infrastructure in core.

As a cleanup, this commit also renames Shield to Security since this class is only in master
and will not affect 2.x.

See elastic/elasticsearch#1441

Original commit: elastic/x-pack-elasticsearch@a5a9798b1b
2016-04-06 14:00:46 -04:00
Tanguy Leroux c9392183d2 Monitoring: Add smoke test for Monitoring with Security
Original commit: elastic/x-pack-elasticsearch@9dc800ebcc
2016-04-01 11:17:39 +02:00
Chris Earle 6c8ec7be28 Removing test logger now that fix is in
Original commit: elastic/x-pack-elasticsearch@8d80b59ddd
2016-03-31 12:53:20 -04:00
Tanguy Leroux 4007ff44b7 Monitoring: Fix synchronization in Exporters
This commit fixes an issue in synchronization in Exporters class. The export() method is synchronized and when used with LocalExport can provoke a deadlock. LocalExporter exports data locally using bulk requests that can trigger cluster state updates for mapping updates. If a exporters settings update sneaks in, the settings update waits for the export to terminate but the export waits for the settings to be updated... and boom.

This commit removes the synchronized and refactor Exporters/LocalExporter to use state and dedicated instance of LocalBulk for each export so that synchronizing methods is not necessary anymore.

It also lower down some random settings in MonitoringBulkTests because the previous settings almost always fill the bulk thread pool.

closes elastic/elasticsearch#1769

Original commit: elastic/x-pack-elasticsearch@f50c916f8b
2016-03-31 13:47:53 +02:00
javanna 02751ffff8 Merge branch 'master' into enhancement/discovery_node_one_getter
Original commit: elastic/x-pack-elasticsearch@cf4c5bc630
2016-03-30 17:26:02 +02:00
javanna 9f87fd5fc7 Remove DiscoveryNodes#localNode in favour of existing DiscoveryNodes#getLocalNode
Original commit: elastic/x-pack-elasticsearch@fd85aa2325
2016-03-30 15:40:14 +02:00
Adrien Grand 216874881f Don't rely on fielddata being enabled by default.
See elastic/elasticsearchelastic/elasticsearch#17386.

Original commit: elastic/x-pack-elasticsearch@361af3931a
2016-03-30 14:34:54 +02:00
Alexander Reelsen e0fcbcbb51 Elasticsearch: Rename plugin from 'xpack' to 'x-pack'
This is just to be consistent with out naming, which is
supposed to be `x-pack`.

Closes elastic/elasticsearch#1759

Original commit: elastic/x-pack-elasticsearch@0697f70855
2016-03-30 09:48:46 +02:00
Chris Earle 793a6138a3 Adding logger to catch test failure. See elastic/elasticsearch#1769
Original commit: elastic/x-pack-elasticsearch@ab47c05739
2016-03-29 17:59:48 -04:00
jaymode 5ab407b2e0 test: handle update-by-query to update_by_query rename
Original commit: elastic/x-pack-elasticsearch@72ba860f3f
2016-03-29 06:34:04 -04:00
jaymode 0d1f3da353 security: rename ESUsersRealm to FileRealm
This commit is the forward port of renaming the type for esusers to file. There is no
backwards compatibility maintained here. Additionally, a few other renames and
cleanups have been made:

* `esusers` commands is now `users`
* org.elasticsearch.shield.authc.esusers -> org.elasticsearch.shield.authc.file
* Validation.ESUsers -> Validation.Users
* ESUsersTool -> UsersTool
* ESUsersToolTests -> UsersToolTests
* ESNativeUsersStore -> NativeUsersStore
* ESNativeRolesStore -> NativeRolesStore.
* org.elasticsearch.shield.authz.esnative collapsed to org.elasticsearch.shield.authz.store
*  ESNativeTests -> NativeRealmIntegTests

Closes elastic/elasticsearch#1793

Original commit: elastic/x-pack-elasticsearch@d2a0c136f3
2016-03-28 06:18:57 -04:00
Jim Ferenczi 9c6aa6353e Make xpack extensible:
* Add XPackExtension: an api class (like Plugin in core) for what a x-pack extension can do.
* Add XPackExtensionCli: a cli tool for adding, removing and listing extensions for x-pack.
* Add XPackExtensionService: loading of jars from pluginsdir/x-pack/extensions, into child classloader.
* Add bin/x-pack/extension script, similar to plugin cli, which installs an extension into pluginsdir/x-pack/extensions.
* Add XPack extension integration test.

Fixed elastic/elasticsearch#1515

Original commit: elastic/x-pack-elasticsearch@130ba03270
2016-03-22 11:41:38 +01:00
jaymode 2872acd742 remove watcher and graph privileges. manage does not include security
Original commit: elastic/x-pack-elasticsearch@da250ed842
2016-03-17 14:31:03 -04:00
jaymode cf0fd986e1 rename graph actions
Original commit: elastic/x-pack-elasticsearch@70a71d6bd6
2016-03-17 14:31:03 -04:00
jaymode a22539aca0 shield: add support for new privilege naming
This commit adds support for the privilege naming defined in elastic/elasticsearch#1342 and removes the
support for the privileges that were deprecated in 2.3. This change also includes
updates to the documentation to account for the new roles format.

Original commit: elastic/x-pack-elasticsearch@98e9afd409
2016-03-17 14:29:26 -04:00
jaymode 9e08579d4f security: file parsing only supports the new format
This commit remove the pre-existing file parsing code and replaces it with the updated
code in the RoleDescriptor class. This unifies the parsing for the files and API for roles.

Closes elastic/elasticsearch#1596

Original commit: elastic/x-pack-elasticsearch@9e0b58fcf1
2016-03-16 12:33:05 -04:00
Tanguy Leroux 1161edca2c Monitoring: Do not expose sensitive settings
Original commit: elastic/x-pack-elasticsearch@25d81bb7b6
2016-03-16 17:14:40 +01:00
Ali Beyad 7d8149cb86 Suggester refactoring requires a Suggester to parse X-Content to Builder
As part of the search refactoring effort, we need to pass a Suggester
to the methods that parse X-Content to a SuggestBuilder in every
instance where we are parsing search/suggest requests.

Original commit: elastic/x-pack-elasticsearch@7f815c617a
2016-03-16 10:27:29 -04:00
Jason Tedor 69b69f7af1 Use setting in integration test cluster config
This commit modifies using system properties to configure an integration
test cluster and instead use settings in the generated Elasticsearch
config file.

Original commit: elastic/x-pack-elasticsearch@65211b93d0
2016-03-15 20:01:01 -04:00
Ryan Ernst 1b21f20e5b Lazily generate san string for certificates
The san string used by certificate generation for ssl tests currently
runs at gradle configuration time. This takes several seconds, and
significantly slows down gradle configuration on every invocation.
This change wraps the code into a lazy evaluator that will be invoked at
runtime, and cache the string once it is generated.

Original commit: elastic/x-pack-elasticsearch@812036f416
2016-03-14 17:55:22 -07:00
markharwood 925afa3cab Graph - port of 2.x graph API and kibana UI plugin
Closes X-plugins issue 518

Original commit: elastic/x-pack-elasticsearch@6c6371ed74
2016-03-11 14:22:31 +00:00
Nik Everett 016b9d017c Add reindex tests to shield
Original commit: elastic/x-pack-elasticsearch@fe00f317b3
2016-03-10 10:17:46 -05:00
Martijn van Groningen a3a7acd934 tests: mute ingest/70_bulk test suite for now
Original commit: elastic/x-pack-elasticsearch@5fa15106f3
2016-03-10 15:00:14 +01:00
Tanguy Leroux 146f91f730 Watcher: Rename ClientProxy to WatcherClientProxy
Original commit: elastic/x-pack-elasticsearch@84c17d1bc0
2016-03-08 14:28:39 +01:00
jaymode 2612edf4cb test: blacklist the ingest default processors rest test
This test assumes no modules are installed but the shield rest tests run with the modules
installed.

Original commit: elastic/x-pack-elasticsearch@2ba47fcd0f
2016-03-07 12:15:06 -05:00
jaymode 46cae1b2b1 test: remove check for bound addresses that fails on mac
Original commit: elastic/x-pack-elasticsearch@85c7f158ff
2016-03-04 17:47:38 -05:00
Tanguy Leroux 66e49a0546 Marvel: Add integration test for Marvel+Shield with SSL
closes elastic/elasticsearch#1467

Original commit: elastic/x-pack-elasticsearch@9dd6bf9629
2016-03-04 16:55:35 +01:00
Nik Everett 507e9ede59 Rename unit test so it looks like a unit test
Original commit: elastic/x-pack-elasticsearch@d2d39ad50b
2016-03-01 08:09:25 -05:00
Nik Everett c7796d5cb7 Rename more tests to match naming conventions
Original commit: elastic/x-pack-elasticsearch@d76c217bd9
2016-02-25 15:20:41 -05:00
jaymode 0522127924 Test: remove use of network.host in smoke test ssl plugins
This removes the use of a specific address in smoke test ssl plugins and instead generates
the certificate with all of the IP addresses and DNS names of the system as subject
alternative names. This required duplication and modification of some code from core's
NetworkUtils.

Original commit: elastic/x-pack-elasticsearch@576824376f
2016-02-25 13:56:46 -05:00
jaymode d9ca4e0ce3 fix shield settings to not rely on iteration order
This removes the use of group setting for `shield.` and introduces some individual settings
and some group settings that should not overlap and cause issues when iteration order
changes.

See elastic/elasticsearch#1520

Original commit: elastic/x-pack-elasticsearch@193e937193
2016-02-21 10:10:52 -08:00
Colin Goodheart-Smithe 77ffdbcbb4 Merge pull request elastic/elasticsearch#1519 from colings86/refactor/aggRefactoringChanges
X-Plugin changes due to the changes in the Aggregations Java API

Original commit: elastic/x-pack-elasticsearch@524be093de
2016-02-15 11:33:42 +00:00
jaymode 8337832405 test: skip discovery ec2 in smoke-test-plugins*
Until we can fix the shield settings, we have bugs where we depend on the iteration
order of a map and discovery ec2 settings provoke this (most likely through a map
resize).

See elastic/elasticsearch#1520

Original commit: elastic/x-pack-elasticsearch@fbc32cf069
2016-02-12 10:40:27 -05:00
Colin Goodheart-Smithe 197b8fe56f X-Plugin changes due to the changes in the Aggregations Java API
Original commit: elastic/x-pack-elasticsearch@b983d0a00f
2016-02-12 12:06:06 +00:00
Simon Willnauer ec76d3bce0 Fix imports
Original commit: elastic/x-pack-elasticsearch@79e4535040
2016-02-12 10:52:48 +01:00
uboness ffe339ae31 Refactoring for 5.0 - phase 5
- Moved all settings in Marvel from `marvel.*` to `xpack.monitoring.*`
- Cleaned up marvel settings in general - they're all now under `MarvelSettings` class
- fixed some integration tests along the way (they were configured wrong and never actually tested anything)
- Updated the docs accordingly
- Added `migration-5_0.asciidoc` under the Marvel docs to explain how to migrate from Marvel 2.x to XPack 5.0.
- Replaced all `marvel` mentions in the logs to `monitoring`
- Removed the `xpack.monitoring.template.version` setting from the templates
- renamed the templates to `monitoring-es-data.json` and `monitoring-es.json`
- monitoring indices are now `.monitoring-es-<version>-data` and `.monitoring-es-<version>-<timestamp>`

Original commit: elastic/x-pack-elasticsearch@17f2abe17d
2016-02-11 21:34:38 +01:00
uboness 42c9eead60 Refactoring for 5.0 - phase 4
- renaming `ShieldPlugin` to `Shield` (it's no longer a plugin)
 - renaming `WatcherPlugin` to `Watcher` (it's no longer a plugin)
 - renaming `MarvelPlugin` to `Marvel` (it's no longer a plugin)
 - renaming `LicensePlugin` to `Licensing` (it's no longer a plugin)
 - renamed setting:`watcher.enabled` -> `xpack.watcher.enabled`
 - renamed setting:`marvel.enabled` -> `xpack.marvel.enabled`

Original commit: elastic/x-pack-elasticsearch@35a6540b11
2016-02-10 11:15:35 +01:00
uboness 3a6a1d5dc2 Shield refactoring for 5.0 - phase 3
- Consolidated the `bin` and `config` directories of watcher, shield and marvel under a single `config/xpack` and `bin/xpack` directories.

 - updated docs accordingly

Original commit: elastic/x-pack-elasticsearch@c2aa6132fa
2016-02-09 16:06:49 +01:00
uboness 92f027159a Shield refactoring for 5.0 - phase 2
- Started to move configuration under the `xpack` name
 - Cleaned up `ShieldPlugin`
 - renamed `ShieldClient` to `SecurityClient`
 - Introduced `XPackClient` that wraps security and watcher clients

Original commit: elastic/x-pack-elasticsearch@f05be0c180
2016-02-09 14:32:33 +01:00
Alexander Reelsen e8ad8cbb36 Watcher: Load versioned index template for watch history
This loads an index template for the watch history to make sure,
that field changes are taken into account.

Also, the dynamic mapping for the watch history template has been
changed from strict to false.

This means that new fields can be included in a document, but they
will not indexed and are not searchable.

In addition the index names have been changed from .watch_history-$date to
.watcher-history-$template-$date - using dashes to be more consistent.

Closes elastic/elasticsearch#1299

Original commit: elastic/x-pack-elasticsearch@794f982234
2016-02-09 09:39:07 +01:00
jaymode aa2eb15f31 fixes to allow bad apple tests to pass
This commit fixes the bad apple tests that failed when running them. The
IndexAuditTrailEnabledTest was removed and the test was folded into the
IndexAuditIT. Some watcher tests that relied on mustache were moved
into the QA tests with the mustache plugin.

Additionally, fixing these tests uncovered a issue with the privileges needed
for writing data into an index. If the mappings need to be updated because
of a write, then the update mapping action gets executed. In 2.x this was
handled by the system user, but now is executed under the user's context,
which is the correct thing to do. The update mapping action is now added to
the read, index, crud, and write privileges for an index.

Original commit: elastic/x-pack-elasticsearch@30711f9625
2016-02-08 09:48:10 -05:00
Alexander Reelsen e6784d5c7d Checkstyle: Adhere to checkstyle in all xpack .java files
In elastic/elasticsearch#1442 checkstyle checks were added, but also some files were freed from this.
If we have support for checkstyle, we should check this for all files and not allow
exceptions. This commit removes the file list to ignore any files and fixes all the
java files.

Original commit: elastic/x-pack-elasticsearch@99e6cbc5be
2016-02-05 16:57:41 +01:00
Martijn van Groningen 3bf5dc14f9 revert change: 'test: fix tests to not use mustache' and instead moved these test to qa module
Original commit: elastic/x-pack-elasticsearch@502d877c24
2016-02-03 12:56:54 +01:00
Martijn van Groningen e617d8365f watcher: Removed custom xmustache script and use mustache script engine in lang-mustache module
The lang-mustache module has been extended to meet Watcher's needs:
* The ability to refer the specific slots in arrays.
* An `content_type` option controls whether json string escaping is used. Otherwise there is no escaping.

Closes elastic/elasticsearch#1116

Other changes:
* I changed tests that were just using mustache just because it was around to not use mustache
* I moved tests to `test-xpack-with-mustache` module that were testing mustache with Watcher
* added smoke test for watcher and mustache
* moved some tests around
* instead of using DefaultTextTemplateEngine in watcher tests use MockTextTemplateEngine
* added a mock mustache script engine
* Cleanup some messy tests to not rely on mustache and move them back into xpack module
* moved array access test to smoke test watcher with mustache module
* test: simplified the condition search test to take the time component out of it, while still simulation a condition
* removed the mustache dependency in the messy-test-watcher-with-groovy module

Original commit: elastic/x-pack-elasticsearch@6a2a4e885f
2016-02-03 09:18:50 +01:00
Jason Tedor e13a5e695a Uppercase ells ('L') in long literals
This commit removes all lowercase ells ('l') in long literals because
they are often hard to distinguish from the digit representing one
('1').

Closes elastic/elasticsearch#1414

Original commit: elastic/x-pack-elasticsearch@98b38705fb
2016-01-30 22:18:02 -05:00
Boaz Leskes dfb9068e33 Update Index usage to elasticsearchelastic/elasticsearch#16217
elasticsearchelastic/elasticsearch#16217 changed the Index class to also include index UUIDs . This commit adapts the code for it.

Closes elastic/elasticsearch#1377

Original commit: elastic/x-pack-elasticsearch@87c909c15a
2016-01-28 08:38:44 +01:00
jaymode e82c969959 migrate from ContextAndHeaders to ThreadContext
This change migrates all of the xpack code to use the new ThreadContext when
dealing with headers and context data. For the most part this is a simple
cutover, but there are some things that required special casing. The internal
actions that executed by a user's requests need to forcefully drop the context
and set the system user. The workaround for this will be improved in a followup.
Additionally, the RequestContext still lives on due to the OptOutQueryCache,
which requires some core changes to fix this issue.

Original commit: elastic/x-pack-elasticsearch@87d2966d93
2016-01-27 08:02:01 -05:00
Jason Tedor 8eb97c5509 Script settings
This commit is the x-plugins side of the refactoring of script settings.

Relates elastic/elasticsearchelastic/elasticsearch#16197

Original commit: elastic/x-pack-elasticsearch@4c429933b9
2016-01-26 21:13:29 -05:00
Jason Tedor 19c87bd143 Add Groovy closure Watcher test
This commit adds an integration test for Watcher that tests Groovy
closures.

Closes elastic/elasticsearch#1362, relates elastic/elasticsearchelastic/elasticsearch#16196

Original commit: elastic/x-pack-elasticsearch@1a6b1a3e07
2016-01-26 13:04:36 -05:00
Simon Willnauer a30c6c2780 Add generic type and suppress warnings to test
Original commit: elastic/x-pack-elasticsearch@b454af89bd
2016-01-20 09:21:05 +01:00
Robert Muir e24dfe2c3e don't depend on localhost
Original commit: elastic/x-pack-elasticsearch@e3c03fcb27
2016-01-18 19:51:00 -08:00
Ryan Ernst 80617ab39e Test: Make rest tests extend ESTestCase
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#16070.

Original commit: elastic/x-pack-elasticsearch@57d1a9108b
2016-01-18 16:44:56 -08:00
Lee Hinman da3d7177be Add Shield HTTP APIs for users and roles
Relates to elastic/elasticsearch#33

Original commit: elastic/x-pack-elasticsearch@a0942c9334
2016-01-18 16:21:22 -07:00
javanna 389b2be08a [TEST] blacklist get aliases test against closed indices
Shield expands wildcards to concrete names (aliases or indices) before each request gets executed in es core. It never resolves aliases to concrete indices though, as permissions may be set against aliases rather than indices. During this resolution, it also looks at the state of the indices and the current indices options (expand_wildcards) to expand only to indices with the relevant state. When it comes to aliases though, they may point to multiple indices each one having a different state, so it always expands ignoring expand_wildcards. At that point the request will contain the explicit name of the alias, no wildcards, thus the expand_wildcards option will have no effect in core. ignore_unavailable could be used instead when interacting with shield, which would affect how aliases are resolved to multiple indices. In this case we can only blacklist the test in shield, as it will return both the closed index and the open one.

Original commit: elastic/x-pack-elasticsearch@54c11dfc31
2016-01-14 17:20:23 +01:00
Alexander Reelsen 75ab4f9470 Watcher: Allow for external email attachments
This feature is mainly done for the integration with the commercial reporting, but can be used
for anything else as well.

This adds a `attachments` to the email configuration, which can be used like this

```
"attachments" : {
  "some_id" : {
    "http" : {
      "request" : {
        "url" : "http://example.org/foo.pdf"
      }
    }
  },
  "other_id" : {
    "data" : {
      "format" : "json"
    }
  }
}
```

The main reason to pick this format is extensibility. If we would like to support another
attachment type, like an file reader, we could do so easily from an API point of view.

Closes elastic/elasticsearch#870

Original commit: elastic/x-pack-elasticsearch@66d14be965
2016-01-07 10:49:13 +01:00
Ryan Ernst c86e8b9c2e Remove wildcard imports
Original commit: elastic/x-pack-elasticsearch@65b2fee336
2015-12-18 14:15:06 -08:00
Robert Muir 114184b5dd disable license headers check for x-plugins, until we figure out what it should do
Original commit: elastic/x-pack-elasticsearch@48bc84865c
2015-12-18 13:27:52 -05:00
Zachary Tong 9db8c73025 Fix compile due to change in InternalSearchResponse signature
Original commit: elastic/x-pack-elasticsearch@a442dc5efe
2015-12-17 16:24:15 -05:00
Adrien Grand a14dc4c5bf Fix compilation.
Original commit: elastic/x-pack-elasticsearch@f9c3fe924f
2015-12-17 18:56:52 +01:00
Robert Muir d85bb59d57 fix smoke-test-plugins-ssl to work when ::1 does not resolve at all.
My previous change only fixed it when it resolves to something different than localhost.
But in some cases, it does not resolve at all, we must specify the IP.

Original commit: elastic/x-pack-elasticsearch@547eb4c42f
2015-12-15 01:04:37 -05:00
Robert Muir fb22b54202 fix smoke-test-plugins-ssl to work with ip6-localhost
Original commit: elastic/x-pack-elasticsearch@747714b0d1
2015-12-14 22:48:56 -05:00
Tanguy Leroux f6fdc1a7ad Watcher: Ignore REST test "Getting started - Monitor cluster health"
Test is blacklisted until it can work with dynamic port number

Original commit: elastic/x-pack-elasticsearch@5990e9436a
2015-12-14 12:09:00 +01:00
Ryan Ernst 5739d4d921 Fixes for integ tests not using hardcoded ports
Original commit: elastic/x-pack-elasticsearch@9cc86da9e0
2015-12-11 18:23:01 -08:00
Robert Muir 5c480e118c fix x-pack compile/tests to work with https://github.com/elastic/elasticsearch/pull/15328
Squashed commit of the following:

commit 54de841112778b01e817e465d2f59840970bb4f3
Author: Robert Muir <rmuir@apache.org>
Date:   Thu Dec 10 08:47:12 2015 -0500

    see exactly how far MessyTestPlugin can go (unit tests depend on both groovy and mustache!)

commit 743b5a4e0cc9a05e307339dfcb4569feed31f337
Author: Robert Muir <rmuir@apache.org>
Date:   Thu Dec 10 08:35:03 2015 -0500

    fix x-pack compile/tests to work with https://github.com/elastic/elasticsearch/pull/15328

Original commit: elastic/x-pack-elasticsearch@4307bb163b
2015-12-10 08:47:55 -05:00
Ryan Ernst b6ce09a361 Switch messy watcher+groovy tests to messy-test plugin
Original commit: elastic/x-pack-elasticsearch@8163f0f129
2015-12-08 19:52:22 -08:00
Ryan Ernst 4bbd4c25b0 Enable security manager for messy groovy tests
Original commit: elastic/x-pack-elasticsearch@4b2b256a04
2015-12-08 17:26:53 -08:00
jaymode 68e3c0a08e test: disable marvel for watcher with groovy tests
This commit disables marvel when running the watcher with groovy tests. Marvel creates
indices and expect the cluster to be green, which won't happen with the marvel indices
existing and expecting a replica.

See elastic/elasticsearch#1087

Original commit: elastic/x-pack-elasticsearch@8d163a53b7
2015-12-07 06:39:33 -05:00
Robert Muir f3fd72c9d0 Use Date instead of System in groovy script... its absurd to expect scripts can use System
Original commit: elastic/x-pack-elasticsearch@9b32e621c7
2015-12-05 22:13:50 -05:00
Ryan Ernst 3e9d29d9b9 Update plugins smoke test to use correct plugin count for xpack
Original commit: elastic/x-pack-elasticsearch@40f464acbd
2015-12-04 11:52:31 -08:00
Ryan Ernst 2521e567f1 Merge branch 'master' into jigsaw
Original commit: elastic/x-pack-elasticsearch@c7534cfcf0
2015-12-04 11:39:33 -08:00
jaymode a039acf578 more fixes for the combined plugin
* move static initialization hack for UnboundID Debug to XPackPlugin
* cleanup bundlePlugin calls in build file
* properly disable watcher and marvel for shield core tests

Original commit: elastic/x-pack-elasticsearch@2b89cf2225
2015-12-03 14:56:12 -05:00
jaymode 9b2dd0c11d fixes after rebase
Original commit: elastic/x-pack-elasticsearch@6896b88829
2015-12-03 16:24:40 +01:00
jaymode 628febf3f7 fix integration tests after reorganization
This commit fixes the integration tests and qa test after the reorganization to be
packaged as a single plugin.

Original commit: elastic/x-pack-elasticsearch@d6f488627f
2015-12-03 16:24:40 +01:00
Ryan Ernst 7ef87632ab Moved shield, watcher, marvel and license plugin into common x-pack
project, and combined their gradle builds. Everything builds, but many
many tests fail.

Original commit: elastic/x-pack-elasticsearch@d18d4614aa
2015-12-03 16:24:40 +01:00
jaymode e5b0e7f5cb reorganize directory layout
See elastic/elasticsearch#1022

Original commit: elastic/x-pack-elasticsearch@3ee8761312
2015-12-03 16:22:37 +01:00