- Disabled the search request body/template fields as they're too volatile to have mappings (applied for both for `search` input and transform)
- Disabled watch level transform result payload
Original commit: elastic/x-pack-elasticsearch@f69b237234
Holds the name of the version as it is defined in the `pom.xml` (different than the version number that is automatically generated by `WatcherVersion`)
Original commit: elastic/x-pack-elasticsearch@b6cf221f63
This change adds a check to make sure that the license is enabled when starting watcher in the tests.
This avoids a race-condition where a test might run before the license manager had a chance to start.
Original commit: elastic/x-pack-elasticsearch@0b9d0da5d4
I think the escaping done in XMustacheFactory (and by extension JsonEscapingMustacheFactory in core) is broken.
You cannot just escape any control character by sticking a '\' in front of it. For example a new line character it '\n' but this will be rendered as a line break. Simply prepending a '\' to this just results in a '\' and then a new line !
Added support for different escaping strategies based on the XContentType of a template for XMustacheEngine.
Currently only JSON escaping is supported using jackson.JsonStringEncoder.
Templates will be prepended with __<contentType>__:: when the content type is set. If this is set to JSON we will json escape the content.
Fixes: elastic/elasticsearch#404
Original commit: elastic/x-pack-elasticsearch@1400cba659
A truststore should not be required as the default system truststore can be used
to validate certificates that have been signed by most commercial CAs.
Additionally, the HttpClient is now a lifecycle component to prevent out of memory
exceptions when starting up with a bad configuration; when an exception is thrown
in the constructor, Guice will continue to try to create the object until the system runs
out of memory.
Closeselastic/elasticsearch#476
Original commit: elastic/x-pack-elasticsearch@2333e47ac1
Transform results may product different payloads per watch/execution. It means that if the resulted transformed payload is mapped and indexed, there's a high chance for mapping conflicts and thus failures.
For this reason, this commit disables the mapping of all `transform` results (on both the watch and the action levels).
This commit also changes the field name of the transform result from `transform_result` to just `transform` (aligned with other result field names - `input`, `condition` and `actions`)
Fixeselastic/elasticsearch#472
Original commit: elastic/x-pack-elasticsearch@2c6d4f5182
This change makes the license plugin compatible with elasticseach-2.0.0-SNAPSHOT. This project
now uses the elasticsearch-parent pom to standardize the build with core. As part of this, the
Java security manager is enabled and all tests pass with the security manager enabled.
Closeselastic/elasticsearch#46
Original commit: elastic/x-pack-elasticsearch@5f471ea298
Until now you always needed to define the `actions` in a watch. Even if you didn't want any actions, you had to define and empty objects there.
Now, the `actions` is an optional field. When missing, we default to "no actions"
Original commit: elastic/x-pack-elasticsearch@3d1a961232
Move deduping to `validMonthTimes`
This change dedups the `MonthTimes` in `validMonthTimes` to support this two new methods on `MonthTimes` are added `contains(int,DayTime)` which detects if a given day and DayTime combination is contained in the MonthTime and `intersects(MonthTimes)` which detects if a `MonthTimes` has any day/DayTime combinations contained in this `MonthTimes`.
Original commit: elastic/x-pack-elasticsearch@f68039bc39
Code:
- renamed 'executed_request` back to `request` in the search input/transform result (makes more sense in the context of the overall response structure
- renamed `sent_request` back to `request` in the http input result (makes more sense in the context of the overall response structure)
- renamed `http_status` to `status` in the http input result (makes more sense in the context of the overall response structure)
Docs:
- fixed indentations
- fixed wrong example in put-watch docs (`actions` was shown as an array)
- changed action ids to be lowercased & underscored
Original commit: elastic/x-pack-elasticsearch@6ded0936d5
- Renamed `watch_execution` to `execution_result`
- Renamed `actions_results` to `actions`
- Renamed `input_result` to `input`
- Renamed `condition_result` to `condition`
- Updated the `watch_history.json` template to reflect the changes, also added concrete mappings for action types (such that field that should not be analized will be mapped as `not_analyzed`
- Fixed a bug in `WatchUtils.createSearchRequestFromPrototype` where the document types were ignored.
Also, changed the `actions` (fka `actions_results`) from an object to an array. the action id is not part of the action objects (indicated by the `id` field). For example:
```
{
"actions" : [
{
"id" : "my_email",
"email" : {
...
}
}
]
}
```
The reason for this change is to make the path to the action fields predictable deterministic. With the object structure, where the actions were keyed by their `id`, the path to the action fields depended on the action id, which is unpredictable and continuously changing from one action to another. This made it impossible to properly analyze the action data using aggregations (as aggs require full path into the aggregated fields).
With this change, the mappings of `watch_record` changed as well where the `actions` are not defined as nested type, yet it is still configured to include all the fields in the root object. We do this so in the future, when appropriate support will be added to kibana, it'll be able to apply nested aggregations on the actions, enabling correct/safe multi-dimensional aggregations. In the mean time however, while kibana doesn't support nested aggregations, we still need to have all the fields indexed on the root, so at least a single dimensional aggregations can be safely applied.
Also, change the `input` and `condition` objects in the `watch_record` such that their mappings are disabled. The main reason for this is the fact that a lot of the inputs use elements that can be configured in many ways, but the mappings are too strict to accept it. For example, a template can be configured as a `string` or as an `object`.
Original commit: elastic/x-pack-elasticsearch@83464a0c71
This change adds a method to WatcherTestUtils to compare two json structures since order is not guaranteed in template parameters.
The Inline template tests in SearchInputTests and SearchTransformTests now use this instead of string comparision.
Original commit: elastic/x-pack-elasticsearch@c433545128
Also the WatcherUtils now always use the search template support from core and never uses ScriptService:
* A template is re-parsed and extended with the watch context variables.
* A normal request body is converted into a search template and watch context variables are used as template params.
Original commit: elastic/x-pack-elasticsearch@16bacaf094
The following node setting will disable watcher (it's enabled by default).
```
watcher.enabled: false
```
Original commit: elastic/x-pack-elasticsearch@1d0541a924
This change adds a force paramter to delete to allow the forcing of a delete to happen ignoring locking.
This means that watch executions may fail when they go to update the watch. Watches executing from the scheduler will fail fast if the watch they are supposed to execute has been removed.
Also move the history store updates outside of the watch locks.
Fixes: elastic/elasticsearch#405
Original commit: elastic/x-pack-elasticsearch@57561b6f85
moved from `text_body` and `html_body` to a more structured `body` object as follows:
```
{
"body" : {
"text" : "the text body",
"html" : "the html body"
}
}
```
`body` can also accpet a string, in which case it will default to the text body of the email:
```
{
"body" : "the text body of the email"
}
```
the above is a syntactic sugar for the following:
```
{
"body" : {
"text" : "the text body of the email"
}
}
```
Original commit: elastic/x-pack-elasticsearch@92406ac2a1
Some of the non java clients don't return the body on an ignore: 404 so we must use catch missing instead.
Original commit: elastic/x-pack-elasticsearch@a10582691c
Bye default, when `attach_data` is set to `true` we attache the watch execution data as a `yaml` file. Now it's possible to configure the format of the file by setting the `attach_data` to an object with a `format` field (can either be set to `yaml` or `json`). Example:
```
"attach_data" : {
"format" : "json"
}
```
Original commit: elastic/x-pack-elasticsearch@5cab59a676
Scripts and Templates are very much alike. There are only two main differences between them when it comes to watcher:
1. The template doesn't have a language type - it's always mustache.
2. Templates are often used to render xcontent (json/yaml). So there's build in support for content type in it
Traditionally, in es core, the configuration of the scripts and templates was always a bit of a mess. There was no consistency between the two and when it comes to the templates configuration, they're even not future proof (future additions to the search requests body can break the templates).
After a long discussion, we've decided that we need to change the way users configure templates & scripts in es core... and align the two. These changes will only come in es 2.0. That said, it's important that watcher will be aligned with es core in how templates and scripts are configured and therefore we need to change it for that purpose.
Watcher will come with support for the scripts & templates configuration format of es 2.0. We want to future proof the configuration from day one.
here are the configuration:
Inline:
```
{
"inline" : "script here",
"lang" : "lang here",
"params" : { parameters here }
}
```
File:
```
{
"file" : "file name here",
"lang" : "language here",
"params" : { parameters here }
}
```
Indexed:
```
{
"id" : "template id here",
"lang" : "language here",
"params" : { parameters here }
}
```
For templates it's the same configuration except there is no `lang` field. Also, for templates, there's native support for xcontent:
```
{
"inline" : { "key" : "{{param1}}" },
"params" : { "param1" : "value1" }
}
}
```
Original commit: elastic/x-pack-elasticsearch@4a31114f35
This change changes how the ScheduledTriggerEvent is parsed to parse using DateMath instead of just as a date. This will allow the execute API to use such constructs as
```
POST _watcher/watch/test_watch/_execute
{
"ignore_throttle" : true,
"trigger_event" : {
"schedule" : {
"triggered_time": "now-5h",
"scheduled_time": "now"
}
}
}
```
Fixes: elastic/elasticsearch#374
Original commit: elastic/x-pack-elasticsearch@fa286b217e
This change adds the parameter `master_timeout` to the rest requests that can write to a watch PUT, ACK and DELETE.
Also add support in the rest tests to verify that this is accepted.
Fixes: elastic/elasticsearch#416
Original commit: elastic/x-pack-elasticsearch@4cc1c50f2c
This change renames the hijack test name from "Test Hijack api" to "Test Hijack and Block Direct Access to Internal Indices".
Original commit: elastic/x-pack-elasticsearch@118ac18132