40428 Commits

Author SHA1 Message Date
Jay Modi
5d9c270608
Token API supports the client_credentials grant (#33106)
This change adds support for the client credentials grant type to the
token api. The client credentials grant allows for a client to
authenticate with the authorization server and obtain a token to access
as itself. Per RFC 6749, a refresh token should not be included with
the access token and as such a refresh token is not issued when the
client credentials grant is used.

The addition of the client credentials grant will allow users
authenticated with mechanisms such as kerberos or PKI to obtain a token
that can be used for subsequent access.
2018-08-27 10:56:21 -06:00
Jay Modi
309fb22181
Build: forked compiler max memory matches jvmArgs (#33138)
This commit removes the setting of the fork options maximum memory size
in our build plugin and instead adds the value in the gradle.properties
file to be alongside the value set in jvmArgs.

This change is necessary when using parallel compilation as 512m is not
sufficient for parallel compilation on some machines.
2018-08-27 10:26:25 -06:00
Jason Tedor
2aef7e0900
Introduce mapping version to index metadata (#33147)
This commit introduces mapping version to index metadata. This value is
monotonically increasing and is updated on mapping updates. This will be
useful in cross-cluster replication so that we can request mapping
updates from the leader only when there is a mapping update as opposed
to the strategy we employ today which is to request a mapping update any
time there is an index metadata update. As index metadata updates can
occur for many reasons other than mapping updates, this leads to some
unnecessary requests and work in cross-cluster replication.
2018-08-27 12:21:11 -04:00
Andrei Stefan
3d9ca4baee
SQL: Enable aggregations to create a separate bucket for missing values (#32832)
Enable aggregations to create a separate bucket for missing values.
2018-08-27 17:56:28 +03:00
Jason Tedor
c41c614527
Fix grammar in contributing docs
This commit fixes an instance of odd comma placement in the contributing
docs.
2018-08-27 10:17:42 -04:00
Armin Braun
f7a9186372
SECURITY: Fix Compile Error in ReservedRealmTests (#33166)
* This was broken by #32515 since the 5.x versions
were removed between PR creation and merge
2018-08-27 15:08:27 +02:00
Shaunak Kashyap
1779d3376a
APM server monitoring (#32515)
* Adding new MonitoredSystem for APM server

* Teaching Monitoring template utils about APM server monitoring indices

* Documenting new monitoring index for APM server

* Adding monitoring index template for APM server

* Copy pasta typo

* Removing metrics.libbeat.config section from mapping

* Adding built-in user and role for APM server user

* Actually define the role :)

* Adding missing import

* Removing index template and system ID for apm server

* Shortening line lengths

* Updating expected number of built-in users in integration test

* Removing "system" from role and user names

* Rearranging users to make tests pass
2018-08-27 08:42:40 -04:00
Mikita Karaliou
f1f6d4ed33 Support only string format in date, root object & date range (#28117)
Limit date `format` attribute to String values only.

Closes #23650
2018-08-27 12:24:51 +02:00
Tanguy Leroux
e1e8cf382f
[Rollup] Move toBuilders() methods out of rollup config objects (#32585) 2018-08-27 09:18:26 +02:00
Alpar Torok
974f839093
Fix forbiddenapis on java 11 (#33116)
Cap forbiddenapis to java version 10
2018-08-27 08:47:42 +03:00
Alpar Torok
30c3b36395
Apply publishing to genreate pom (#33094) 2018-08-27 08:44:06 +03:00
Daniel Mitterdorfer
06c0055c0f
Have circuit breaker succeed on unknown mem usage
With this commit we implement a workaround for
https://bugs.openjdk.java.net/browse/JDK-8207200 which is a race
condition in the JVM that results in `IllegalArgumentException` to be
thrown in rare cases when we determine memory usage via `MemoryMXBean`.
As we do not want to fail requests in those cases we always return zero
memory usage.

Relates #31767
Relates #33125
2018-08-27 07:09:27 +02:00
Jason Tedor
143cd9bbaa
Do not lose default mapper on metadata updates (#33153)
When applying index metadata updates we run through the mappings
updating them if needed. Today if there is not an update to the default
mapper, we can lose the default mapping. This means that, for example,
if we apply a settings update to an index we will lose the default
mapper. This happens because we were not guarding updating the default
mapping with a check that the default mapping was updated in the
metadata update. When there is no update in the metadata update, we need
to continue to preserve the previous default mapping. This commit
achieves this by moving the updating of the default mapping under the
same guard that we use for updating the default mapping source. We add a
test that fails before putting the update under a guard and now passes
after moving the update under the guard.
2018-08-26 15:57:52 -04:00
Jason Tedor
f8b07a0d84
Fix a mappings update test (#33146)
This commit fixes a mappings update test. The test is broken in the
sense that it passes, but for the wrong reason. The test here is testing
that if we make a mapping update but do not commit that mapping update
then the mapper service still maintains the previous document
mapper. This was not the case long, long ago when a mapping update would
update the in-memory state before the cluster state update was
committed. This test was passing, but it was passing because the mapping
update was never even updated. It was never even updated because it was
encountering a null pointer exception. Of course the in-memory state is
not going to be updated in that case, we are simply going to end up with
a failed cluster state update. Fixing that leads to another issue which
is that the mapping source does not even parse so again we would, of
course, end up with the in-memory state not being modified. We fix these
issues, assert that the result cluster state task completed
successfully, and finally that the in-memory state was not updated since
we never committed the resulting cluster state.
2018-08-26 09:36:17 -04:00
Albert Zaharovits
fbe609d589
Reload Secure Settings REST specs & docs (#32990)
This is a minimal REST API spec and docs for the REST handler
for the `_nodes/reload_secure_settings endpoint`.

Relates #29135
2018-08-26 14:49:32 +03:00
Albert Zaharovits
c567ec4a0f
Refactor CachingUsernamePassword realm (#32646)
Refactors the logic of authentication and lookup caching in
`CachingUsernamePasswordRealm`. Nothing changed about
the single-inflight-request or positive caching.
2018-08-26 14:09:23 +03:00
Simon Willnauer
3376922e8b
Add proxy support to RemoteClusterConnection (#33062)
This adds support for connecting to a remote cluster through
a tcp proxy. A remote cluster can configured with an additional
`search.remote.$clustername.proxy` setting. This proxy will be used
to connect to remote nodes for every node connection established.
We still try to sniff the remote clsuter and connect to nodes directly
through the proxy which has to support some kind of routing to these nodes.
Yet, this routing mechanism requires the handshake request to include some
kind of information where to route to which is not yet implemented. The effort
to use the hostname and an optional node attribute for routing is tracked
in #32517

Closes #31840
2018-08-25 20:41:32 +02:00
Nhat Nguyen
9dad82ece8
TEST: Skip assertSeqNos for closed shards (#33130)
If a shard was closed, we return null for SeqNoStats. Therefore the
assertion assertSeqNos will hit NPE when it verifies a closed shard.

This commit skips closed shards in assertSeqNos and enables this
assertion in AbstractDisruptionTestCase.
2018-08-24 21:02:13 -04:00
Nhat Nguyen
739a8d3d44
TEST: resync operation on replica should acquire shard permit (#33103)
This change makes sure that resync operations on replicas in the test
framework are executed under shard permits as the production code.
2018-08-24 20:25:13 -04:00
Nik Everett
1e9144d8e6
Switch remaining x-pack tests to new style Requests (#33108)
In #29623 we added `Request` object flavored requests to the low level
REST client and in #30315 we deprecated the old `performRequest`s. This
changes all calls in the `x-pack/qa/saml-idp-tests` and
`x-pack/qa/security-setup-password-tests` projects to use the new
versions.
2018-08-24 16:39:08 -04:00
Nik Everett
dd4a8dc444
Switch remaining tests to new style Requests (#33109)
In #29623 we added `Request` object flavored requests to the low level
REST client and in #30315 we deprecated the old `performRequest`s. This
changes all calls in the `client` and `distribution` projects to use
the new versions.
2018-08-24 16:37:25 -04:00
Nik Everett
8bee6b3a92
Switch remaining ml tests to new style Requests (#33107)
In #29623 we added `Request` object flavored requests to the low level
REST client and in #30315 we deprecated the old `performRequest`s. This
changes all calls in the `x-pack/plugin/ml/qa/native-multi-node-tests`,
`x-pack/plugin/ml/qa/single-node-tests` projects to use the new
versions.
2018-08-24 16:36:40 -04:00
Nik Everett
a9a66a09dc Build: Line up IDE detection logic
The IDE detection logic in build.gradle and settings.gradle has to match
or else Eclipse users will have a bad time. But in this case I think it
mostly just hits folks who use the Eclipse compiler server like me.
2018-08-24 16:11:07 -04:00
Jay Modi
b86dad22ce
Security index expands to a single replica (#33131)
This change removes the use of 0-all for auto expand replicas for the
security index. The use of 0-all causes some unexpected behavior with
certain allocation settings. This change allows us to avoid these with
a default install. If necessary, the number of replicas can be tuned by
the user.

Closes #29933
Closes #29712
2018-08-24 12:51:22 -06:00
Benjamin Trent
52cf57ee2d
HLRC: request/response homogeneity and JavaDoc improvements (#33133) 2018-08-24 13:18:50 -05:00
Nik Everett
a023e64801 Checkstyle!
Catching your unused imports since 2001.
2018-08-24 14:13:13 -04:00
Jim Ferenczi
70030c18f1 [Test] Fix sporadic failure in MembershipActionTests
Rewrite test that require Version.V_5 constants.
2018-08-24 18:40:04 +02:00
Mayya Sharipova
6f1ee76443 Revert "Do NOT allow termvectors on nested fields (#32728)"
This reverts commit fdff8f3db0093fa15cfa161f7dec80b715a48a43.
2018-08-24 10:12:16 -04:00
Tanguy Leroux
7e5efad929
[Rollup] Move toAggCap() methods out of rollup config objects (#32583) 2018-08-24 15:31:41 +02:00
Jason Tedor
9fddf7e6a3
Fix race condition in scheduler engine test
This commit addresses a race condition in the scheduler engine test that
a listener that throws an exception does not cause other listeners to be
skipped. The race here is that we were counting down a latch, and then
throwing an exception yet an assertion that expected the exception to
have been thrown already could execute after the latch was counted down
for the final time but before the exception was thrown and acted upon by
the scheduler engine. This commit addresses this by moving the counting
down of the latch to definitely be after the exception was acted upon by
the scheduler engine.
2018-08-24 07:45:16 -04:00
Jason Tedor
619e0b28b9
Add hook to skip asserting x-content equivalence (#33114)
This commit adds a hook to AbstractSerializingTestCase to enable
skipping asserting that the x-content of the test instance and an
instance parsed from the x-content of the test instance are the
same. While we usually expect these to be the same, they will not be the
same when exceptions are involved because the x-content there is lossy.
2018-08-24 06:53:44 -04:00
Andrei Stefan
a2f0a1a0cb Merge branch 'master' of https://github.com/elastic/elasticsearch 2018-08-24 13:14:37 +03:00
Andrei Stefan
1d8745036f Muted testListenersThrowingExceptionsDoNotCauseOtherListenersToBeSkipped 2018-08-24 13:14:03 +03:00
Tanguy Leroux
879a90b999
[Rollup] Move getMetadata() methods out of rollup config objects (#32579)
This committ removes the getMetadata() methods from the DateHistoGroupConfig 
and HistoGroupConfig objects. This way the configuration objects do not rely on RollupField.formatMetaField() anymore and do not expose a getMetadata() 
method that is tighlty coupled to the rollup indexer.
2018-08-24 11:57:46 +02:00
Andrei Stefan
66e458b78b Muted testEmptyAuthorizedIndicesSearchForAllDisallowNoIndices 2018-08-24 12:36:23 +03:00
Tanguy Leroux
c5e5a97a34
Update Google Cloud Storage Library for Java (#32940)
This commit updated the google-cloud-storage library from version 1.28.0
 to version 1.40.0.
2018-08-24 10:55:23 +02:00
Jim Ferenczi
f4e9729d64
Remove unsupported Version.V_5_* (#32937)
This change removes the es 5x version constants and their usages.
2018-08-24 09:51:21 +02:00
Tim Vernum
a211d24bda [DOCS] Add docs for Application Privileges (#32635) 2018-08-23 18:04:02 -07:00
Michael Basnight
8f16696fe1 Add versions 5.6.12 and 6.4.1 2018-08-23 15:49:14 -05:00
Mayya Sharipova
fdff8f3db0
Do NOT allow termvectors on nested fields (#32728)
Requesting _termvectors on a nested field or any sub-fields of a nested field
returns empty results.

Closes #21625
2018-08-23 16:46:47 -04:00
Zachary Tong
8f8d3a5556
[Rollup] Return empty response when aggs are missing (#32796)
If a search request doesn't contain aggs (or an empty agg object),
we should just retun an empty response.  This is how the normal search
API works if you specify zero hits and empty aggs.

The existing behavior throws an exception because it tries to send
an empty msearch.

Closes #32256
2018-08-23 16:15:37 -04:00
Zachary Tong
0da981a6a9
[TEST] Add some ACL yaml tests for Rollup (#33035)
These two tests compliment the existing unit tests which check Rollup's
ACL/security integration.

The first test creates to indices, puts a document in each one, and then
assigns a role to the test user that can only access one of the indices.
A rollup job is created with a pattern that would match both indices,
and we verify that only the allowed document was rolled up (e.g. verifying
that the unpermissioned index stays hidden).

The second test creates a single index with two documents tagged by
the keyword "public"/"private".  An attribute-based role is created
that only allows viewing "public" documents.  We then verify the rollup
job only rolled the "public" doc, and not the "private" one.
2018-08-23 11:43:48 -04:00
Michael Basnight
644c0de5ec
Move non duplicated actions back into xpack core (#32952)
Most actions' request and response were moved from xpack core into
protocol. We have decided to instead duplicate the actions in the HLRC
instead of trying to reuse them. This commit moves the non duplicated
actions back into xpack core and severs the tie between xpack core and
protocol so no other actions can be moved and not duplicated.
2018-08-23 09:48:53 -05:00
markharwood
f860e589a6 Test fix - GraphExploreResponseTests should not randomise array elements
Closes #33086
2018-08-23 15:00:30 +01:00
Simon Willnauer
f3cfd4504f Use addIfAbsent instead of checking if an element is contained
Relates to #32988
2018-08-23 13:43:23 +02:00
Armin Braun
917e5a8c94
TESTS: Fix Random Fail in MockTcpTransportTests (#33061)
* `foobar.txGet()` appears to return before `serviceB.stop()` returns, causing `ServiceB.close()` to run concurrently with the `stop` call and running into a race codition
* Closes #32863
2018-08-23 13:19:21 +02:00
Armin Braun
61f5c188e0 HLRC: Fix Compile Error From Missing Throws (#33083)
* 50441f97ae745814db96c262e99d0f465aca5b2c#diff-53a95fe7ded21313483f1b2f15977395L72 removed the throws breaking compilation here
2018-08-23 11:24:32 +01:00
Albert Zaharovits
07cce95305 [DOCS] Remove reload password from docs cf. #32889
Reload call `_nodes/reload_secure_settings` is not requiring
an empty password anymore (#32889). Reflect this in docs.
2018-08-23 12:11:39 +03:00
Dimitris Athanasiou
50441f97ae
HLRC: Add ML Get Buckets API (#33056)
Relates #29827
2018-08-23 09:35:06 +01:00
lipsill
f84ed14294 Watcher: Improve error messages for CronEvalTool (#32800)
CronEvalTool prints an error only for cron expressions that result in
no upcoming time events.

If a cron expression results in less than the specified count
(default 10) time events, now all the coming times are printed
without displaying error message.

Closes #32735
2018-08-23 10:07:59 +02:00