Commit Graph

40466 Commits

Author SHA1 Message Date
debadair 93ada98eb5
[DOCS] Fixing cross doc link to Stack Overview security topic. 2018-08-15 15:09:41 -07:00
Jay Modi 1a45b27d8b
Move CharArrays to core lib (#32851)
This change cleans up some methods in the CharArrays class from x-pack, which
includes the unification of char[] to utf8 and utf8 to char[] conversions that
intentionally do not use strings. There was previously an implementation in
x-pack and in the reloading of secure settings. The method from the reloading
of secure settings was adopted as it handled more scenarios related to the
backing byte and char buffers that were used to perform the conversions. The
cleaned up class is moved into libs/core to allow it to be used by requests
that will be migrated to the high level rest client.

Relates #32332
2018-08-15 15:26:00 -06:00
Jason Tedor 364ccc36d6
Fix global checkpoint listeners test
This commit fixes a global checkpoint listeners test wherein we were
expecting an executor to have been used even if there were no
listeners. This is silliness, so this commit adjusts the assertion to
verify that the executor never fires if there are no listeners, and
fires exactly once if there is one or more listeners.
2018-08-15 15:53:15 -04:00
Benjamin Trent f90f06ede1
HLRC: adding machine learning open job (#32860)
* HLRC: adding machine learning open job

HLRC: adding ML open job API call

* Addressing @droberts195 comments and fixing minor style issue
2018-08-15 13:19:41 -05:00
David Roberts 5ba04e23fc
[ML] Add log structure finder functionality (#32788)
This change adds a library to ML that can be used to deduce a log
file's structure given only a sample of the log file.

Eventually this will be used to add an endpoint to ML to make the
functionality available to end users, but this will follow in a
separate change.

The functionality is split into a library so that it can also be
used by a command line tool without requiring the command line
tool to include all server code.
2018-08-15 18:04:21 +01:00
Armin Braun 986c55b830
INGEST: Add Configuration Except. Data to Metdata (#32322)
* closes #27728
2018-08-15 19:02:19 +02:00
Alpar Torok bb3eacf384
Revert "cluster formation DSL - Gradle integration - part 2 (#32028)" (#32876)
This reverts commit e680a64434.
2018-08-15 19:17:46 +03:00
Alpar Torok e680a64434
cluster formation DSL - Gradle integration - part 2 (#32028)
* Implement Version in java

- This allows to move all  all .java files from .groovy.
- Will prevent eclipse from tangling up in this setup
- make it possible to use Version from Java

* PR review comments

* Cluster formation plugin with reference counting

```
> Task :plugins:ingest-user-agent:listElasticSearchClusters
Starting cluster: myTestCluster
   * myTestCluster: /home/alpar/work/elastic/elasticsearch/plugins/ingest-user-agent/foo
Asked to unClaimAndStop myTestCluster, since cluster still has 1 claim it will not be stopped

> Task :plugins:ingest-user-agent:testme UP-TO-DATE
Stopping myTestCluster, since no of claims is 0
```

- Meant to auto manage the clusters lifecycle
- Add integration test for cluster formation

* Fix rebase

* Change to `useCluster` method on task
2018-08-15 19:16:10 +03:00
Jason Tedor 068d03f56b
Introduce global checkpoint listeners (#32696)
This commit introduces the ability for global checkpoint listeners to be
registered at the shard level. These listeners are notified when the
global checkpoint is updated, and also when the shard closes. To
encapsulate these listeners, we introduce a shard-level component that
handles synchronization of notification and modifications to the
collection of listeners.
2018-08-15 12:04:24 -04:00
Tim Brooks 2464b68613
Move connection profile into connection manager (#32858)
This is related to #31835. It moves the default connection profile into
the ConnectionManager class. The will allow us to have different
connection managers with different profiles.
2018-08-15 09:08:33 -06:00
Ed Savage 51cece1900 [ML] Temporarily disabling rolling-upgrade tests
BWC tests disabled while backporting https://github.com/elastic/elasticsearch/pull/32816
2018-08-15 15:48:50 +01:00
Lee Hinman 48281ac5bc
Use generic AcknowledgedResponse instead of extended classes (#32859)
This removes custom Response classes that extend `AcknowledgedResponse` and do nothing, these classes are not needed and we can directly use the non-abstract super-class instead.

While this appears to be a large PR, no code has actually changed, only class names have been changed and entire classes removed.
2018-08-15 08:06:14 -06:00
Ed Savage 8ce1ab3ed9
[ML] Removing old per-partition normalization code (#32816)
[ML] Removing old per-partition normalization code

Per-partition normalization is an old, undocumented feature that was
never used by clients. It has been superseded by per-partition maximum
scoring.

To maintain communication compatibility with nodes prior to 6.5 it is
necessary to maintain/cope with the old wire format
2018-08-15 13:13:32 +01:00
Jason Tedor 7ff37ae232
Use JDK 10 for 6.4 BWC builds (#32866)
The 6.4 release will officially be built with JDK 10. We should push JDK
10 down to the BWC builds for the 6.4 branch then too.
2018-08-15 08:01:15 -04:00
markharwood eb812c8b7d Removed flaky test. Looks like randomisation makes these assertions unreliable.
This test is superfluous - it was added to address #32770 but it later turned out there was an existing test that just required a fix to provide the missing test coverage.

Closes #32855
2018-08-15 10:06:39 +01:00
Andy Bristol a1cff86012 [test] mute IndexShardTests.testDocStats
For #32766
2018-08-14 18:21:59 -07:00
Jake Landis be62092060
Introduce the dissect library (#32297)
The dissect library will be used for the ingest node as an alternative
to Grok to split a string based on a pattern. Dissect differs from
Grok such that regular expressions are not used to split the string.
Note - Regular expressions are used during construction of the
objects, but not in the hot path.

A dissect pattern takes the form of: '%{a} %{b},%{c}' which is
composed of 3 keys (a,b,c) and two delimiters (space and comma).
This dissect pattern will match a string of the form: 'foo bar,baz'
and will result a key/value pairing of 'a=foo, b=bar, and c=baz'.
See the comments in DissectParser for a full explanation.

This commit does not include the ingest node processor that will consume
it. However, the consumption should be a trivial mapping between the
key/value pairing returned by the parser and the key/value pairing
needed for the IngestDocument.
2018-08-14 17:08:55 -07:00
Jay Modi ac5ef8c389
Security: remove password hash bootstrap check (#32440)
This change removes the PasswordHashingBootstrapCheck and replaces it
with validation on the setting itself. This ensures we always get a
valid value from the setting when it is used.
2018-08-14 13:34:22 -06:00
Jay Modi 7d8a64d703
Move validation to server for put user requests (#32471)
This change moves the validation for values of usernames and passwords
from the request to the transport action. This is done to prevent
the need to move more classes into protocol once we add this API to the
high level rest client. Additionally, this resolves an issue where
validation depends on settings and we always pass empty settings
instead of the actual settings.

Relates #32332
2018-08-14 13:18:07 -06:00
David Roberts c985f500f4
[ML] Add high level REST client docs for ML put job endpoint (#32843)
Relates #29827
Relates #32726
2018-08-14 19:52:54 +01:00
Ryan Ernst 0158b59a5a
Test: Fix forbidden uses in test framework (#32824)
This commit fixes existing uses of forbidden apis in the test framework
and re-enables the forbidden apis check. It was previously completely
disabled and had missed a rename of the forbidden apis signatures files.

closes #32772
2018-08-14 11:35:09 -07:00
Jack Conradson ab7e7508f5
Painless: Change fqn_only to no_import (#32817)
This changes the whitelist parameter fqn_only to no_import when specifying that a 
whitelisted class must have the fully-qualified-name instead of a shortcut name. This more 
closely correlates with Java imports, hence the rename.
2018-08-14 11:17:15 -07:00
Andy Bristol 84aa87f638 [test] mute testSearchWithSignificantTermsAgg
For #32855
2018-08-14 10:59:44 -07:00
Michael Basnight 6fde9e5c2f
Watcher: Remove unused hipchat render method (#32211)
The HipChatMessage#render is no longer used, and instead the
HipChatAccount#render is used in the ExecutableHipChatAction. Only a
test that validated the HttpProxy used this render method still. This
commit cleans it up.
2018-08-14 11:07:58 -05:00
Michael Basnight e1206a6272
Watcher: Remove extraneous auth classes (#32300)
The auth.basic package was an example of a single implementation
interface that leaked into many different classes. In order to clean
this up, the HttpAuth interface, factories, and Registries all were
removed and the single implementation, BasicAuth, was substituted in all
cases. This removes some dependenies between Auth and the Templates,
which can now use static methods on BasicAuth. BasicAuth was also moved
into the http package and all of the other classes were removed.
2018-08-14 11:06:46 -05:00
Michael Basnight 4c90a61a35
Watcher: migrate PagerDuty v1 events API to v2 API (#32285)
The PagerDuty v1 API is EOL and will stop accepting new accounts
shortly. This commit swaps out the watcher use of the v1 API with the
new v2 API. It does not change anything about the existing watcher
API.

Closes #32243
2018-08-14 11:06:18 -05:00
Yannick Welsch cd0de16089
[TEST] Select free port for Minio (#32837)
Minio does not support dynamic ports. The workaround here is to scan for a free port first. This is
not foolproof, but as we don't expect too many of these builds to run at once on the same machine,
this should do the trick.

Closes #32701
Closes #32208
2018-08-14 16:36:37 +02:00
Armin Braun 27e64e7251
MINOR: Remove `IndexTemplateFilter` (#32841)
* This isn't used anywhere anymore ever since `00c123b59f8ba11eb260e6b70acf7be80bccc949` and `dc166c5dc6bcf4abb7f25c6f4143f07d8176333d`
2018-08-14 16:01:33 +02:00
Alexander Reelsen 87481a0e34
Core: Add java time version of rounding classes (#32641)
This commit adds a java time version of the existing rounding classes, which features the same test suite and a small test class to check if serialization works as expected.
2018-08-14 13:52:55 +02:00
markharwood e5ab09f708
Aggregations/HL Rest client fix: missing scores (#32774)
Significance score doubles were being parsed as long. Existing tests did not catch this because SignificantLongTermsTests and SignificantStringTermsTests did not set the score. Fixed these and also added integration test.

Thanks for the report/fix, Blakko

Closes #32770
2018-08-14 11:14:47 +01:00
Yannick Welsch 00b006f033
HLRC: Add Delete License API (#32586)
Relates to #29827
2018-08-14 11:55:54 +02:00
Armin Braun 124c1f1358
INGEST: Create Index Before Pipeline Execute (#32786)
* INGEST: Create Index Before Pipeline Execute

* Ensures that indices are created before the default pipeline setting is read to correcly handle the case of an index template containing a default pipeline (without the fix the first document does not get the pipeline applied as explained in #32758)
* closes #32758
2018-08-14 11:27:08 +02:00
Yannick Welsch a8bfa466b2
Fix NOOP bulk updates (#32819)
#31821 introduced an unreleased bug where NOOP updates were incorrectly mutating the bulk
shard request, inserting null item to be replicated, which would result in NullPointerExceptions when
serializing the request to be shipped to the replicas.

Closes #32808
2018-08-14 08:20:35 +02:00
Tim Brooks 10fddb62ee
Remove client connections from TcpTransport (#31886)
This is related to #31835. This commit adds a connection manager that
manages client connections to other nodes. This means that the
TcpTransport no longer maintains a map of nodes that it is connected
to.
2018-08-13 16:44:09 -06:00
Nhat Nguyen 8a003e1281 Increase logging testRetentionPolicyChangeDuringRecovery
Relates #32089
2018-08-13 16:29:34 -04:00
Nhat Nguyen cba7fceb53 AwaitsFix case-functions.sql-spec
Relates #32589
2018-08-13 15:06:33 -04:00
Ioannis Kakavas 06758f579c
Mute security-cli tests in FIPS JVM (#32812)
All Unit tests in this module are muted in FIPS 140 JVMs and
 as such the CI run fails. This commit disables test task for the
module in a  FIPS JVM and reverts adding a dummy test in 
4cbcc1.
2018-08-13 21:27:06 +03:00
Armin Braun d412230cda
SCRIPTING: Support BucketAggScript return null (#32811)
* As explained in #32790, `BucketAggregationScript` must support `null` as a return value
* Closes #32790
2018-08-13 20:08:26 +02:00
Ioannis Kakavas 106a4a6a48
Unmute WildFly tests in FIPS JVM (#32814)
WildflyIT test fails in a FIPS JVM due to the amount of output in stderr. The excessive stderr output is due to https://bugs.openjdk.java.net/browse/JDK-8202893 and is not an indication of a failure that should be tracked.
This commit adjusts the limit to something more lenient that would allow the test to succeed.
Reverts #32543
2018-08-13 21:08:10 +03:00
Zachary Tong 4da0b52a19
[TEST] Force a stop to save rollup state before continuing (#32787)
We only upgrade the ID when the state is saved in one of four scenarios:

- when we reach a checkpoint (every 50 pages)
- when we run out of data
- when explicitly stopped
- on failure

The test was relying on the pre-upgrade to finish, save state and then
the post-upgrade to start, hit the end of data and upgrade ID.  THEN
get the new doc and apply the new ID.

But I think this is vulnerable to timing issues. If the pre-upgrade
portion shutdown before it saved the state, when restarting we would run
through all the data from the beginning with the old ID, meaning both
docs would still have the old scheme.

This change makes the pre-upgrade wait for the job to go back to STARTED
so that we know it persisted the end point.  Post-upgrade, it stops and
restarts the job to ensure the state was persisted and the ID upgraded.

That _should_ rule out the above timing issue.

Closes #32773
2018-08-13 12:53:22 -04:00
Andy Bristol 0b601c6631 [test] disable packaging tests for suse boxes 2018-08-13 08:56:50 -07:00
Nhat Nguyen cb2273b02a Mute IndicesRequestIT#testBulk
Tracked at #32808
2018-08-13 10:10:33 -04:00
Dimitris Athanasiou 4d2144a2a0
[ML][DOCS] Refer to rules feature as custom rules (#32785) 2018-08-13 14:51:13 +01:00
Ed Savage d147cd72cc
[ML] Partition-wise maximum scores (#32748)
Added infrastructure to push through the 'person name field value' to
the normalizer process. This is required by the normalizer to retrieve
the maximum scores for individual partitions.
2018-08-13 10:31:17 +01:00
Morten Segelvik 4d20e69b83 [DOCS] XContentBuilder#bytes method removed, using BytesReference.bytes(docBuilder) (#32771) 2018-08-13 11:29:18 +02:00
Luca Cavanna 3e692c3f3d
HLRC: migration get assistance API (#32744)
The request and response classes have been extracted from `IndexUpgradeInfoAction` into top-level classes, and moved to the protocol jar. The `UpgradeActionRequired` enum is also moved.

Relates to #29827
2018-08-13 11:05:27 +02:00
Alpar Torok 02f2fad57b
Add a task to run forbiddenapis using cli (#32076)
* Add a task to run forbiddenapis using cli

Add a task that offers an equivalent check to the forbidden APIs plugin,
but runs it using the forbiddenAPIs CLI instead.

This isn't wired into precommit first, and doesn't work for projects
that require specific signatures, etc. It's meant to show how this can
be used. The next step is to make a custom task type and configure it
based on the project extension from the pugin and make some minor
adjustments to some build scripts as we can't  bee 100% compatible with
that at least due to how additional signatures are passed.

Notes:
- there's no `--target` for the CLI version so we have to pass in
specific bundled signature names
- the cli task already wires to `runtimeJavaHome`
- no equivalent for `failOnUnsupportedJava = false` but doesn't seem to
be a problem. Tested with Java 8 to 11
- there's no way to pass additional signatures as URL, these will have
to be on the file system, and can't be resources on the cp unless we
rely on how forbiddenapis is implemented and mimic them as boundled
signatures.
- the average of 3 runs is 4% slower using the CLI for :server.
( `./gradlew clean :server:forbiddenApis` vs `./gradlew clean
:server:forbiddenApisCli`)
- up-to-date checks don't work on the cli task yet, that will happen
with the custom task.

See also: #31715
2018-08-13 08:52:16 +03:00
Yogesh Gaikwad 8114646e12
[Kerberos] Add debug log statement for exceptions (#32663)
This commit adds missing debug log statements for exceptions
that occur during ticket validation. I thought these
get logged somewhere else in authentication chain
but even after enabling trace logs I could not see them
logged. As the Kerberos exception messages are cryptic
adding full stack trace would help debugging faster.
2018-08-12 00:49:08 +10:00
Tim Brooks 38ec0ff6ca
Make x-pack core pull transport-nio (#32757)
The security nio transports depend on transport-nio. This commit
modifies x-pack core to include the transport-nio jar into the x-pack
core module.
2018-08-10 17:36:29 -06:00
Jack Conradson 47d2bcc3c4
Painless: Clean Up Whitelist Names (#32791)
Renames variables in the whitelists to match the current naming scheme. Mechanical change.
2018-08-10 14:46:31 -07:00