This change moves all license related code in xpack under
org.elasticsearch.license. Some classes become package private (more can
become package private later with further deguicing). It also adds
package level javadocs. Note, I did not move anything from the actual
licensing jar. This should be cleaned up in a followup.
Original commit: elastic/x-pack-elasticsearch@2413c4f288
This change removes guice from construction of monitoring classes.
Additionally, it removes disk threshold watermark and enabled setting
from node stats collector. These were not node stats, just cluster
settings. If we want to add back actual percentage of disk threshold
used, it should be in node stats directly.
Original commit: elastic/x-pack-elasticsearch@4cd49557cf
If the result of a search actions fails (i.e. because the index you queried does not exist yet),
the watch record failed to store into the Watch History because of a mapping issue, as the
template path match regular expression did not match properly.
Closeselastic/elasticsearch#2913
Original commit: elastic/x-pack-elasticsearch@3c2d4b3ca9
This is dependent on elastic/elasticsearchelastic/elasticsearch#19589. It also fixes the
existing files that either were missing the license header or had the
open source license header.
Original commit: elastic/x-pack-elasticsearch@2642c20381
The response status code was stored in the result of an http input,
but inaccessible in the payload itself and could not be used in
scripts.
This puts the status code in the payload under the name '_status_code',
similar to the '_headers' variable, which already stores the headers.
Original commit: elastic/x-pack-elasticsearch@dff2a39535
Background: When a watch has been acked, but the condition evaluates to false again,
the watch must be marked as dirty - which means it needs to be persisted to the watches
index - so in case of a master node switch this information is not lost.
This commit fixes the setting of the `dirty` field in the watch status, in case
the condition is not met, but some actions have been acked.
Original commit: elastic/x-pack-elasticsearch@1a55a45b14
The license code currently has a Licensee implementation per feature,
which is updated by the license service. This meant maintaining a
listener type feature for the license service, and having an abstract
listener and such. The licensee class also mixed in stuff only needed by
the license service (acknowledgement messages).
This change collapses all the methods from licensees into
XPackLicenseState. The naming was inconsistent across licensee
implementations, so here it is standardized on `is*Allowed()`. There are
also a number of tests which should be consolidated for testing the
license service but that is left for a future change. I also removed
collector tests that were testing license: that is better left for the
direct tests of the license state in XPackLicenseStateTests.
Original commit: elastic/x-pack-elasticsearch@734871e870
The LicenseState class exists to distinguish when a license is enabled,
vs being inside its grace period. However, the consumers of this state
do not care whether the license is in the grace period, they view that
and an active license as the same thing. The only part that cares about
the grace period is in the license service which logs a warning when a
license begins its grace period.
This change removes the LicenseState enum in favor of a simple boolean
indicating whether the license is active.
Original commit: elastic/x-pack-elasticsearch@5a90a0e3d4
As the specified integration tests were better suited as REST tests, I changed them into
those and removed the (partially already unused) java classes.
Original commit: elastic/x-pack-elasticsearch@f26d8d94e8
We only have one license in 5.x. This change renames the service that
mantains the license state on each node to reflect that fact.
Original commit: elastic/x-pack-elasticsearch@bb241b30cb
This change removes guice from most of the rest of security. It also
converts the last use of onModule in xpack extensions to a pull based
extension.
Original commit: elastic/x-pack-elasticsearch@9de072550e
Both AuthenticationService and AuthorizationService are currently
interfaces with single implementations. This is unnecessary, and makes
it harder to deguice. This change removes the abstractions and leaves
just AuthenticationService and AuthorizationService.
Original commit: elastic/x-pack-elasticsearch@d04c897ae4
AuditTrailService
We currently have a number of actions and components which try to write
to the audit trail. But they do so by expecting a bound AuditTrail
object. In reality, this should always be AuditTrailService, except when
security is disabled. This change removes the use of the AuditTrail
interface for that purpose, and instead makes the AuditTrailService
allow an empty list of trails, so that it is always bound when running
on a node.
Original commit: elastic/x-pack-elasticsearch@9559dbd6c1
This commit removes the SelfReschedulingRunnable and changes the native stores
to use the threadpool for scheduling again since we have now fixed the issue in core.
Original commit: elastic/x-pack-elasticsearch@50030e31ff
This is useful if an index is shared with many small customers, which are to small to have their own index or shard,
and in order to share an index safely they will need to use document level security. This processor can then automatically
add the username or roles of the current authenticated user to the documents being indexed, so that the DLS query can be simple. (`username: abc` only return data inserted by user abc)
Closeselastic/elasticsearch#2738
Original commit: elastic/x-pack-elasticsearch@f4df2f6d6f
Currently the security context is an object passed around to code
needing to check the user for the current request. Like recent
InternalClient changes, it current depends on the AuthenticationService,
but can be simplified by only knowing about the thread context and
crypto service. This change makes SecurityContext a class, instead of an
interface, and removes the dependency on AuthenticationService.
Original commit: elastic/x-pack-elasticsearch@b8af75e8cb
Followup of elastic/elasticsearchelastic/elasticsearch#19435
Relates to elastic/elasticsearchelastic/elasticsearch#19412
Original commit: elastic/x-pack-elasticsearch@60f7047ea9
This commit is a combination of enhancements and fixes to the active directory
and ldap realms. The active directory realm has been enhanced to add support
for authentication against multiple domains in a forest. The ldap realm has
been updated so that:
* attributes required for group resolution are loaded eagerly if possible
* user search can now be executed using unpooled connections
* the default search filter for groups now includes posixGroup and memberUid
to avoid users needed to understand ldap filters
Finally, the UnboundID LDAP SDK was upgraded to the latest version and some
long standing AwaitsFix were addressed.
Closeselastic/elasticsearch#20Closeselastic/elasticsearch#26Closeselastic/elasticsearch#1950Closeselastic/elasticsearch#2145Closeselastic/elasticsearch#2363
Original commit: elastic/x-pack-elasticsearch@63c9be2337
This commit adds the ability to define metadata for roles. This metadata is currently
only used for the API and to indicate that a role is reserved. We can continue passing
on the metadata as needed, when necessary.
Closeselastic/elasticsearch#2036
Original commit: elastic/x-pack-elasticsearch@8b5f606138
This commit adds a CLI tool that can be used to generate a CA and signed certificates in PEM
format. The tool only requires a name of an instance to be provided by the user; ip and dns values
are supported but optional. By default, the tool is interactive and will prompt the user for input but
an option exists to provide a yaml file that contains the necessary information to generate certificates
or signing requests.
The output is in the form of a zip file with subfolders for each instance. Neither the zip file or the PEM
files are encrypted as some parts of our stack do not support encrypted PEM files.
Original commit: elastic/x-pack-elasticsearch@3dc0f8d495
When a HTTP input has a configured response content, then this should
always be treated as preferred over the content type that is returned
by the server in order to give the user the power to decide.
This also refactors the code a bit to make it more readable.
Closeselastic/elasticsearch#2211
Original commit: elastic/x-pack-elasticsearch@ecdb4f931c
ScriptServiceProxy is a thin wrapper around the ScriptService which does
a runAs the xpack user when compiling. But script services know nothing
about xpack users, so this has no real effect. I believe this is a
remnant of when we had indexed scripts, where the compilation may have
done a get on the scripts index.
This change removes the ScriptServiceProxy. It also renames Script in
watcher to WatcherScript, to remove confusion between elasticsearch's
Script and watchers Script.
Original commit: elastic/x-pack-elasticsearch@4e2fdbc518
This change makes the internal realms factories, as well as those added
by extensions, constructed directly instead of via guice. Adding realms
in extensions is now pull based. Finally, all of the generics for realms
and realm factories have been removed.
Original commit: elastic/x-pack-elasticsearch@f0de9d2340
"cloud_internal" license type enables dynamically updating license operation mode via a config file.
When the installed license is "cloud_internal", the node level operation mode can be updated by writing
a `license_mode` file in the x-pack config directory (config/x-pack/license_mode). The file is expected
to have a string representing the desired license mode (e.g. "gold", "basic"). In case of a failure to
read a valid license mode from the `license_mode` file, the operation mode for "cloud_internal" license
defaults to PLATINUM.
This change also ensures that the correct operation mode is reported via the _xpack endpoint.
closeselastic/elasticsearch#2042
Original commit: elastic/x-pack-elasticsearch@6a2d788e45
This is the xplugins side of elastic/elasticsearchelastic/elasticsearch#19440. It adds a
getter on XPackExtension for extensions that add custom rest headers, in
addition to the headers registered for xpack itself.
Original commit: elastic/x-pack-elasticsearch@bd142b88c6
This commit moves an awaits fix from
MonitoringIndexNameResolverTestCase#testResolver to
MonitoringIndexNameResolverTestCase#testSource as the previous commit
elastic/x-pack@98e76642ea marked the incorrect test as
awaits fix.
Original commit: elastic/x-pack-elasticsearch@62e9aaa628
The InternalClient is used by xpack code making requests to other nodes,
to add the xpack user to the thread context. To do this, it uses has a
dependency on the AuthenticationService, which in turn transitively
depends on InternalClient (eg IndexAuditTrail). But to add the xpack
user, the full authentication service is not necessary. Only having the
crypto service is needed in order to encrypt the header.
This change simplifes construction of InternalClient both making it a
real class instead of an interface, and removing the dependency on the
AuthenticationService. It also removes the use of
Provider<InternalClient> in users of the client.
Original commit: elastic/x-pack-elasticsearch@10f633bdf3
Both logfile and index audit trails currently depend on injection of
Transport in order to find the bound address of the local node. However,
the ClusterService provides access to information about the local node,
including the bound addresses. This change makes the audit trails use
the cluster service, and also makes the logging audit trail not use a
lifecycle.
Original commit: elastic/x-pack-elasticsearch@d747d64ee1
This provides the same -- more useful -- index memory chart to the index page, instead of just "Lucene Memory", it now breaks down what it shows just like the Node page as as more generalized "Index Memory" chart. It also rolls Fielddata into the Index Memory. With Fielddata now in the Index Memory chart, I decided to add the Segment Count chart to the Index page.
Original commit: elastic/x-pack-elasticsearch@4e3490ce9c
elastic/elasticsearchelastic/elasticsearch#19428 removes `node.mode` and `node.local` this PR
fixes xplugins to configure networking explicitly.
Original commit: elastic/x-pack-elasticsearch@ee8daa36dd
This change removes some of the complexity around licensing classes in
xpack. It removes the interfaces for registration and management so the
remaining LicensesService class is the thing that components wanting to
interact with the license should use. It also removes complexity around
the Licensee interface, removing generics and the registration at
construction time, as well as making the licensees no longer have a
lifecycle. There is still more to be done with simplification of license
classes construction, but this is a step towards a simpler world.
Original commit: elastic/x-pack-elasticsearch@5307d67b5b
This makes use of the registerAsDeprecatedHandler method to automatically warn users when they're using deprecated functionality.
This will also automatically provide a Warning header for anyone using HTTP clients (though they have to be looking for it...).
- This also adds deprecated `/_licenses` variants of the endpoint. Users are consistently making that mistake, and it's easy enough to support this way. Can remove it if people disagree though.
License portion only
Original commit: elastic/x-pack-elasticsearch@431c871fcf
This makes use of the registerAsDeprecatedHandler method to automatically warn users when they're using deprecated functionality.
This will also automatically provide a Warning header for anyone using HTTP clients (though they have to be looking for it...).
- This also changes from PUT _start, _restart, _stop (Watcher endpoints) to POST _start, _restart, _stop
- The deprecated variant still honors PUT
- Nothing about the hijack endpoints was deprecated because they did not change from 2.x
Watcher portion only
Original commit: elastic/x-pack-elasticsearch@36f87a6526
When the monitoring tests are run in isolation, they succeed. However, when the whole suite of
REST tests is being run at the same time, the "Bulk indexing of monitoring data" intermittently
fails with a timeout. Therefore, a timeout of 60 seconds has been added.
Closeselastic/elasticsearch#2809
Original commit: elastic/x-pack-elasticsearch@d11dc7a2be
This particular test requires Elasticsearch to run on port 9400, which is not
guaranteed if the clients run their own tests, as it is a matter of configuration
in gradle.
Therefore these tests need to run in their project.
Original commit: elastic/x-pack-elasticsearch@da38407766
The callback replaces the ability to fully replace the http client instance. By doing that, one used to lose any default that the RestClient had set for the underlying http client. Given that you'd usually override one or two things only, like a couple of timeout values, the ssl factory or the default credentials providers, it is not uder friendly if by doing that users end up replacing the whole http client instance and lose any default set by us.
Original commit: elastic/x-pack-elasticsearch@03adca6f62
Currently each node monitors the cluster state for a license, and if it
does not find one, it sends a request to the master to generate a trial
license. However, the master node has this same logic. Since the master
node is the only thing that can change the cluster state, we know that
once some node becomes master, it will notice the lack of license,
generate a trial license, and send a cluster state update. The trigger
from every node telling the master to generate the trial license is not
needed.
This change removes the register_trial_license action that the non
master nodes used. It removes the need for the TransportService in the
LicensesService, which will help with deguicing.
Original commit: elastic/x-pack-elasticsearch@a71656847e
This is the first deguicing for xplugins to use the new
createComponents(). The removal was very straightforward. One thing to
note is HttpAuthFactory only has one implementation (basic auth), but I
kept the registry and such for now. Also, HttpRequest.Parser is only
used in 2 tests, not at all in main code, it should probably be removed.
Original commit: elastic/x-pack-elasticsearch@839e7e4900
Since the "Should throw 404 after license deletion" test deletes the license,
a subsequent test run fails for many tests in other components.
This patch adds a `teardown` section to install back a trial development license.
Closeselastic/elasticsearch#2782
Original commit: elastic/x-pack-elasticsearch@45ec5d4244
This change creates the CryptoService during xpack plugin construction,
and also collapses the only implementation of CryptoService into a
class instead of an interface.
Original commit: elastic/x-pack-elasticsearch@7f00a5d6ef
The delete test has been relying on the license already being installed
in the cluster from the other test. However, many runners run tests
in arbitrary order, so it has been failing.
This patch adds a "Trial Development" license as the first action
in the test.
Related: elastic/elasticsearch#2777Closeselastic/elasticsearch#2778
Original commit: elastic/x-pack-elasticsearch@cd198cf67a
The actions in the `do` sections of tests definitions have not been indented, which
confused the Ruby YAML parser.
Also, the calls to `license.*` have not been prefixed with the `xpack` API.
Related: elastic/elasticsearch#2777
Original commit: elastic/x-pack-elasticsearch@b2da7d2703
The check is failing, because even when the document is deleted before
the test, the version of the document in Elasticsearch sticks around
for a while.
I have changed the test to use the `is_true` operator to check for
the presence of the field only.
Original commit: elastic/x-pack-elasticsearch@308ffe34f0
The shorthand format has been failing in the Ruby runner. Not sure if
this is particular to the Ruby YAML library, but I think there's no
harm in making the syntax standard.
Original commit: elastic/x-pack-elasticsearch@d753cad64a
This changes the xpack.monitoring.agent.* settings so that they fall under xpack.monitoring.collection.*.
- This also changes Kibana's equivalent data_collection to collection.
Original commit: elastic/x-pack-elasticsearch@a69bc18055
Added missing IOException and simplified filtering out mock transports
for security integration tests.
Relates to elastic/elasticseachelastic/elasticsearch#19332
Original commit: elastic/x-pack-elasticsearch@8a5c015c3d
The SecretService implements a subset of the api provided by the
CryptoService. Currently the CryptoService is simply bound to null when
in the transport client or when security is disabled. This change
converts all users of the SecretService to the CryptoService, and any
tests using SecretService.Insecure to simply using null.
Original commit: elastic/x-pack-elasticsearch@8251c65ffe
The CryptoService currently has a lot of variations of methods that are
unused. It really only uses sign/unsign, encrypt/decrypt. This change
trims the api down to those needed methods.
Original commit: elastic/x-pack-elasticsearch@92e83efeb7
The Clock interface, which basically allows testing in watcher to "time
warp" is currently constructed using guice. This change constructs it
using a protected method on XPackPlugin which can be overriden in tests.
This allows removing the ClockModule. For now, the Clock still needs to
be bound in guice, but this at least removes one guice construction, and
shows how other things can be overriden for tests.
Original commit: elastic/x-pack-elasticsearch@7addaea086
This makes use of the registerAsDeprecatedHandler method to automatically warn users when they're using deprecated functionality.
This will also automatically provide a Warning header for anyone using HTTP clients (though they have to be looking for it...).
Security portion only
Original commit: elastic/x-pack-elasticsearch@ab1a50fe06
This adds the following stats to the usage stats
* Across all active watches
* Number of triggers per type
* Number of inputs per type
* Number of transforms per type
* Number of conditions per type
* Number of actions per type
* Total number of watches
* Total number of active watches
* Per action
* Execution time total
* Execution time mean
* Invocation count
* Total use of watch metadata
Internally this uses a `Counters` helper class, so that creating counters does not require
you to decide about the map structure.
Relates elastic/elasticsearch#2210
Original commit: elastic/x-pack-elasticsearch@e6f95ba290
This changes the way that Kibana (and future applications) send their monitoring stats to Elasticsearch.
Instead of sending their payloads with the System ID (e.g., "kibana") and System Version (e.g., "5.0.0-alpha4"), it now expects the System ID and System _API_ Version (e.g., "2"). This means a few things:
- Future releases are automatically compatible with previous releases as long as the API version doesn't change.
- Users don't have to update Kibana at the exact same time as their cluster (which technically means rolling updates were temporarily blockers of Kibana monitoring before).
- We can accept old API versions (if we need to make a breaking change) and automatically up-convert them to the latest API version. (We are in full control of how far back we choose to accept)
In general, this change implies that users should be updating their Monitoring cluster before their _monitored_ cluster(s) to get the best opportunity of monitoring backwards compatibility. That way if any API change does occur, then it can up-convert as needed. Then, any ES node should be updated, and only then should Kibana be updated. This is not required in any way, but it will give the smoothest experience.
Original commit: elastic/x-pack-elasticsearch@d3c24936e1
While testing another PR, I noticed that when Security is disabled, the _xpack/usage API throws a NullPointerException.
This checks for null before using it, and adds tests to verify behavior.
Original commit: elastic/x-pack-elasticsearch@6474af6569
When a painless exception is raised in the script condition, it was not bubbled up due to
catching exceptions on during execution. This removes the different catching of exceptions
and allows the watch record construct to contain an exception that is also serialized correctly
so that it can be stored in the watch history but also returned in the execute watch API.
This also updates the watch history template, so that exceptions are not indexed, but logged.
Relates elastic/elasticsearch#2587
Original commit: elastic/x-pack-elasticsearch@4dffb672bf
The top-level class Throwable represents all errors and exceptions in
Java. This hierarchy is divided into Error and Exception, the former
being serious problems that applications should not try to catch and the
latter representing exceptional conditions that an application might
want to catch and handle. This commit renames
org.elasticsearch.cli.UserError to org.elasticsearch.UserException to
make its name consistent with where it falls in this hierarchy.
Relates elastic/elasticsearch#2701
Original commit: elastic/x-pack-elasticsearch@589e159ec0
Today throughout the codebase, catch throwable is used with reckless
abandon. This is dangerous because the throwable could be a fatal
virtual machine error resulting from an internal error in the JVM, or an
out of memory error or a stack overflow error that leaves the virtual
machine in an unstable and unpredictable state. This commit removes
catch throwable from the codebase and removes the temptation to use it
by modifying listener APIs to receive instances of Exception instead of
the top-level Throwable.
Relates elastic/elasticsearch#2694
Original commit: elastic/x-pack-elasticsearch@7ecdd7d978
This looks like it predates settings validation in core, and only had a
single use inside the watcher ExecutionService. This change moves the
settings inside ExecutionService to be validated settings, and removes
the watcher specific validation.
Original commit: elastic/x-pack-elasticsearch@82843ce56c
When a license exception is raised, we returned 401 as HTTP error code
in there. However this seems to have triggered some browsers to actually
ask for login credentials, which wont have any impact here.
Closeselastic/elasticsearch#1863
Original commit: elastic/x-pack-elasticsearch@cc63abdac8
We are going to parse the body anyways whenever it's in json format as it is going to be stashed. It is not useful to lazily parse it anymore. Also this allows us to not rely on automatic detection of the xcontent type based on the content of the response, but rather read the content type from the response headers.
Original commit: elastic/x-pack-elasticsearch@11be4684ae
The internal representation of the object that JsonPath gives access to is a map. That is independent of the initial input format, which is json but could also be yaml etc.
This commit renames JsonPath to ObjectPath and adds a static method to create an ObjectPath from an XContent
Original commit: elastic/x-pack-elasticsearch@bc84c68161
Currently, the REST tests for security (and possibly others) don't clean up the environment
after they have run, eg. they don't delete the users and roles they create. This leads to
test failures, because in a subsequent run, a user or role already exists, so eg. a test
like `match: { role: { created: true } }` fails.
This patch adds a `teardown` section to the test, with `do` actions which are to be
executed _after_ the test runs.
This patch assumes that REST tests runners for all languages support the `teardown` directive
in a xUnimt nomenclature -- similarly to the `setup` directive, which they already support.
Original commit: elastic/x-pack-elasticsearch@70d0ff4ee9
This is the xplugins side of moving the client dependency for rest
handlers to the handleRequest method
Original commit: elastic/x-pack-elasticsearch@ce66e35e7b