This adds all of the security tests I think SQL is going to need for the initial release. SQL is still missing an entire scenario though: SSL enabled. Either way, this removes some `NOCOMMIT`s in `qa/sql/security`. Adding the SSL testing can come later.
Original commit: elastic/x-pack-elasticsearch@851620b606
We don't need to blindly skip all of these tasks. We don't have
NOCOMMITs everywhere, just lots of places....
Original commit: elastic/x-pack-elasticsearch@d772cb1b96
This commit fixes a typo in the CI script, the command-line flag for
setting tests.badapples had a typo.
Original commit: elastic/x-pack-elasticsearch@c67a620485
This commit adds an option for running the intake build from the CI
scripts. The intake build differs from check in that it runs compilation
and pre-commit checks before running tests so that common build failures
causes will happen earlier than otherwise.
Relates elastic/x-pack-elasticsearch#2420
Original commit: elastic/x-pack-elasticsearch@b179ce1087
This shuffles all of SQL's QA tests into the `qa/sql` directory, moving
some shared resources into the new `qa:sql` project. It also rigs up
testing of the rest SQL interface in all the sql qa configurations:
without security, with security, and against multiple nodes.
I've had to make some modifications to how we handle the audit log
because it has gotten pretty slow. If these modifications turn out to
not be fast enough then I'll change the test to querying the log files
and drop the audit log index entirely but the index seems to be holding
out for now.
Original commit: elastic/x-pack-elasticsearch@ff3b5a74c1
SQL relies on being able to fetch information about fields from
the cluster state and it'd be disasterous if that information
wasn't available. This should catch that.
Original commit: elastic/x-pack-elasticsearch@1a62747332
Running the sql rest action test inside the server caused a dependency
loop which was failing the build.
Original commit: elastic/x-pack-elasticsearch@43283671d8
Add some basic security testing/integration.
The good news:
1. Basic security now works. Users without access to an index can't run sql queries against it. Without this change they could.
2. Document level security works! At least so far as I can tell.
The work left to do:
1. Field level security doesn't work properly. I mean, it kind of works in that the field's values don't leak but it just looks like they all have null values.
2. We will need to test scrolling.
3. I've only added tests for the rest sql action. I'll need to add tests for jdbc and the CLI as well.
4. I've only added tests for `SELECT` and have ignored stuff like `DESCRIBE` and `SHOW TABLES`.
Original commit: elastic/x-pack-elasticsearch@b9909bbda0
This should allow creation of a ci build to smoke test sql which
should be faster but less complete than the normal build on the
sql branch.
Original commit: elastic/x-pack-elasticsearch@87748b37f9
Needed because I hacked around branch selection because we don't have
a `feature/sql` branch in the public elasticsearch repo.
Original commit: elastic/x-pack-elasticsearch@3fc1084588
This is to allow bwcTest to be run by ci. This commit also fixes the
existing packagingTest target, which was never updated after the xpack
repo split.
Original commit: elastic/x-pack-elasticsearch@f4696c1899
WIth the addition of building the backcompat version in elasticsearch, a
shallow clone no longer works, as we need to have eg 5.x branch
available. This change removes the depth argument from cloning
elasticsearch.
Original commit: elastic/x-pack-elasticsearch@3d89fe92ec
The output `Checked out Elasticsearch revision: ...` shows which revision of elasticsearch was included in the CI build. This makes it easier to diagnose and resolve x-pack build failures.
Original commit: elastic/x-pack-elasticsearch@8c39aafc2d
The special `-Dtests.jvm.argline` params needed for jdk-9 builds do not
get passed correctly if enclosed within single quotes.
Fix jdk9 target for `dev-tools/ci` script to correctly pass the
-Dtests.jvm.argline parameters.
Relates: elastic/elasticsearch#4428
Original commit: elastic/x-pack-elasticsearch@6cd329b8da
* Build: Convert xplugins to use new extra projects setup
This change makes the gradle initialization for xplugins look in the
correct location for elasticsearch, which is now as a sibling of an
elasticsearch-extra directory, with x-plugins as a child of the extra
directory.
The elasticsearch side of this change is
elastic/elasticsearchelastic/elasticsearch#21773. This change will enable renaming x-plugins
to x-pack, see elastic/elasticsearch#3643.
Original commit: elastic/x-pack-elasticsearch@09398aea5a
The ci script checks out elasticsearch for x-plugins to use. However, it
always checks out the master branch. This change makes the script look
for the source branch of a PR (falling back to GIT_BRANCH which is provided by jenkins for non PR CI jobs) and checks if that branch exists in elasticsearch. If it does not, it falls back to the target branch for the PR.
Original commit: elastic/x-pack-elasticsearch@73146bb3b3
Since there is no hard requirement for a strict POSIX shell
implementation, we can switch to /bin/bash.
Clean up left over break statements and consistently use $() for command
substitutions.
Original commit: elastic/x-pack-elasticsearch@0a33dfed56
Remove duplicate definition of GRADLE_OPT_TEST and rename arguments as
discussed in
https://github.com/elastic/x-plugins/pull/4137#discussion_r89660620
Default to `check` if no argument is passed, but exit with error in an
unsupported parameter is provided.
Also ensure the pipefail option is only set when the executing shell
is *really* bash as opposed to POSIX sh which doesn't support it.
Original commit: elastic/x-pack-elasticsearch@64bd740295
We prefer just passing a single cli argument that allows the script to
choose the corresponding gradle command from a preset list of
choices. For now, valid options are `packagingtests` or `tests`. The
script defaults to `tests` if no argument is supplied.
Original commit: elastic/x-pack-elasticsearch@f6315b1ad5
Prevent the ci script from going to infinite loop if the user provides a
non POSIX style command line argument (not prefixed with - or --)
Original commit: elastic/x-pack-elasticsearch@e0eb0e6df7
This updates the CI script to be POSIX shell compatible so that it can run under
both dash and bash. Also, no arguments should be needed; this should run what
is run in CI.
Original commit: elastic/x-pack-elasticsearch@4cd87e48a6