This commit adds new settings for the ssl keystore (not the ES keystore)
passphrase settings. New setting names are used, instead of trying to
support the existing names in both yml and the ES keystore, so that
there does not need to be complicated logic between the two. Note that
the old settings remain the only way to set the ssl passphrases for the
transport client, but the Settings object for transport clients are
created in memory by users, so they are already as "secure" as having a
loaded ES keystore. Also note that in the long term future (6.x
timeframe?) these settings should be deprecated and the keys/certs
themselves should be moved into the ES keystore, so there will be no
need for separate keystores/passphrases.
relates elastic/elasticsearch#22475
Original commit: elastic/x-pack-elasticsearch@be5275fa3d
* The TriggeredWatchStore now only has one method to put triggered
watches
* All code is async in TriggeredWatchStore, locking has been removed
* The dedicated WatchRecord.Fields interface has been removed
* TriggeredWatchTests integration test has been moved to a unit test
Original commit: elastic/x-pack-elasticsearch@bc4b5820fb
`index.mapper.single_type` will be removed in master. While there is still
one usage in the security template that we are working on, this change
will remove the remaining usage.
Original commit: elastic/x-pack-elasticsearch@6e7f63b9e0
I don't want to dig too closely into the ES integration yet because
it being fixed by Costin so instead I'll make an example for round
trip testing.
Original commit: elastic/x-pack-elasticsearch@4d8fbc571e
This is just a workaround at the moment, but allows to use
mustache if you only provide the `url` part of a request,
instead of scheme, port, path, host, etc.
Original commit: elastic/x-pack-elasticsearch@3a4aa26665
Turned on checkstyle but turned off line length for sql because
now is not the time. That caught a few things like redundant
modifiers, out of order modifiers, and multiple top level classes
per file. Fixing them gave me a great little tour. So I'm going to
go and do the same in the plugin code now.
Original commit: elastic/x-pack-elasticsearch@8b52d8845d
Big change here is that we start to use ES's base test clases for
testing. This should give us access to randomized testing and makes
sure that the reproduction lines are correct.
Original commit: elastic/x-pack-elasticsearch@bcab64a028
Make the projects more like the rest of Elasticsearch:
* Move integration tests from `itest` to `test`
* Make a build file per sql subproject
* Make sql work properly with elasticsearch-extra
Original commit: elastic/x-pack-elasticsearch@6fbb794f68
Every cluster state update resulted in a log message, that watcher
pauses execution. This has been fixed to only log, if there was an
actual state switch from executing to pausing, but do nothing if
there are no local shards anyway.
This will reduce the logging noise in tests a lot.
Original commit: elastic/x-pack-elasticsearch@32ab86610c
* Give kill a chance to kill the process before closing input
* Remove variable that can be refactored out
Original commit: elastic/x-pack-elasticsearch@42f7a3cece
The graph API needs to be able to search in remote indices. Although it uses the Search API to perform the search and so doesn’t need to deal with remote indexes directly, the security feature needs to know it can be used with remote indexes so it knows to include remote indices in the list of indices accessible from the API for index level security
Original commit: elastic/x-pack-elasticsearch@e3cd84963e
This change removes all local security checks against remote cluster names.
Any user is allowed to attempt a cross-cluster search, and it is the responsibility of the remote cluster to authorise the search (or not).
This includes support for remote searches even if you have _no_ local search privileges.
Original commit: elastic/x-pack-elasticsearch@1620c3a8fa
