Commit Graph

39551 Commits

Author SHA1 Message Date
Martijn van Groningen 16d593b22f
Set analyzer version in PreBuiltAnalyzerProviderFactory (#31202)
instead of lamda that creates the analyzer
2018-06-13 07:25:19 +02:00
Tim Brooks 56ffe553e5
Modify pipelining handlers to require full requests (#31280)
Currently the http pipelining handlers seem to support chunked http
content. However, this does not make sense. There is a content
aggregator in the pipeline before the pipelining handler. This means the
pipelining handler should only see full http messages. Additionally, the
request handler immediately after the pipelining handler only supports
full messages.

This commit modifies both nio and netty4 pipelining handlers to assert
that an inbound message is a full http message. Additionally it removes
the tests for chunked content.
2018-06-12 23:15:24 -06:00
Jason Tedor 0bfd18cc8b
Revert upgrade to Netty 4.1.25.Final (#31282)
This reverts upgrading to Netty 4.1.25.Final until we have a cleaner
solution to dealing with the object cleaner thread.
2018-06-12 19:26:18 -04:00
Jason Tedor 905663a942
Use armored input stream for reading public key (#31229)
This was silly; Bouncy Castle has an armored input stream for reading
keys in ASCII armor format. This means that we do not need to strip the
header ourselves and base64 decode the key. This had problems anyway
because of discrepancies in the padding that Bouncy Castle would produce
and the JDK base64 decoder was expecting. Now that we armor input/output
the whole way during tests, we fix all random failures in test cases
too.
2018-06-12 19:13:02 -04:00
James Baiera f88b9e83cf Fix Netty 4 Server Transport tests. Again. 2018-06-12 15:07:17 -04:00
Luca Cavanna bd51b6b96a
REST hl client: adjust wait_for_active_shards param in cluster health (#31266)
The default wait_for_active_shards is NONE for cluster health, which
differs from all the other API in master, hence we need to make sure to
set the parameter whenever it differs from NONE (0). The test around
this also had a bug, which is why this was not originally uncovered.

Relates to #29331
2018-06-12 21:00:33 +02:00
Luca Cavanna 92eb324776
REST high-level Client: remove deprecated API methods (#31200)
This commit removes all the API methods that accept a `Header` varargs
argument, in favour of the newly introduced API methods that accept a
`RequestOptions` argument.

Relates to #31069
2018-06-12 21:00:06 +02:00
Costin Leau bd81b95e95 [DOCS] Mark SQL feature as experimental 2018-06-12 19:46:08 +03:00
Lisa Cawley ff0f4ece2f
[DOCS] Updates machine learning custom URL screenshots (#31222) 2018-06-12 08:57:11 -07:00
Jason Tedor 666997830e
Fix naming conventions check for XPackTestCase
This class needs to be abstract or it fails the naming convention check.
2018-06-12 11:34:40 -04:00
Jason Tedor f738b7d9f8
Fix security Netty 4 transport tests
This test suite needs to filter out the object cleaner thread too so
this commit does that.
2018-06-12 11:31:43 -04:00
Jason Tedor a36543531b
Fix race in clear scroll (#31259)
Here is the problem: if two threads are racing and one hits a failure
freeing a context and the other succeeded, we can expose the value of
the has failure marker to the succeeding thread before the failing
thread has had a chance to set the failure marker. This is a problem if
the failing thread counted down the expected number of operations, then
be put to sleep by a gentle lullaby from the OS, and then the other
thread could count down to zero. Since the failing thread did not get to
set the failure marker, the succeeding thread would respond that the
clear scroll succeeded and that makes that thread a liar. This commit
addresses by first setting the failure marker before we potentially
expose its value to another thread.
2018-06-12 10:17:41 -04:00
Albert Zaharovits e988ace5f7
[DOCS] Clarify audit index settings when remote indexing (#30923) 2018-06-12 16:19:43 +03:00
Yuri Tceretian ef453b31b4
Delete typos in SAML docs (#31199)
* Delete typos in SAML docs saml-guide.asciidoc
2018-06-12 14:45:27 +03:00
Van0SS d5e8a5cd69 REST high-level client: add Cluster Health API (#29331)
Relates to #27205
2018-06-12 13:34:06 +02:00
Dimitris Athanasiou 5f84e18c72
[ML][TEST] Mute tests using rules (#31204)
This is in preparation of pushing the new
rules design in the `ml-cpp` side. These
tests will be switched on again after merging
in the new rules implementation.
2018-06-12 11:36:26 +01:00
Ioannis Kakavas b2e48c9fa7
Support RequestedAuthnContext (#31238)
* Support RequestedAuthnContext

This implements limited support for RequestedAuthnContext by :
- Allowing SP administrators to define a list of authnContextClassRef
to be included in the RequestedAuthnContext of a SAML Authn Request
- Veirifying that the authnContext in the incoming SAML Asertion's
AuthnStatement contains one of the requested authnContextClassRef
- Only EXACT comparison is supported as the semantics of validating
the incoming authnContextClassRef are deployment dependant and
require pre-established rules for MINIMUM, MAXIMUM and BETTER

Also adds necessary AuthnStatement validation as indicated by [1] and
[2]

[1] https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
    3.4.1.4, line 2250-2253
[2] https://kantarainitiative.github.io/SAMLprofiles/saml2int.html
    [SDP-IDP10]
2018-06-12 12:23:40 +03:00
Luca Cavanna 113c1916ee
SyncedFlushResponse to implement ToXContentObject (#31155)
The response currently implements ToXContentFragment although the only time it's used
it is supposed to print out a complete object rather than a fragment. Note that this
is the client version of the response, used only in the high-level client.
2018-06-12 10:27:51 +02:00
olcbean 7d7ead95b2 Add Get Aliases API to the high-level REST client (#28799)
Given the weirdness of the response returned by the get alias API, we went for a client specific response, which allows us to hold the error message, exception and status returned as part of the response together with aliases. See #30536 .

Relates to #27205
2018-06-12 10:26:17 +02:00
Christoph Büscher a178290b60
Remove some line length supressions (#31209) 2018-06-12 10:03:51 +02:00
Aditya Dhulipala 72f8199279 Validate xContentType in PutWatchRequest. (#31088)
Trying to post a new watch without any body currently results in a 
NullPointerException. This change fixes that by validating that 
Post and Put requests always have a body.

Closes #30057
2018-06-12 09:53:36 +02:00
Martijn van Groningen 6030d4be1e
[INGEST] Interrupt the current thread if evaluation grok expressions take too long (#31024)
This adds a thread interrupter that allows us to encapsulate calls to org.joni.Matcher#search()
This method can hang forever if the regex expression is too complex.

The thread interrupter in the background checks every 3 seconds whether there are threads
execution the org.joni.Matcher#search() method for longer than 5 seconds and
if so interrupts these threads.

Joni has checks that that for every 30k iterations it checks if the current thread is interrupted and
if so returns org.joni.Matcher#INTERRUPTED

Closes #28731
2018-06-12 07:49:03 +02:00
Jason Tedor 1dbe554e5e
Suppress extras FS on caching directory tests
This filesystem needs to be suppressed during these tests because it
adds random files to the directory upon directory creation. That means
that the size of these directories is off from what we expect them to
be. Rather than loosening the assertion which could hide bugs on real
directories, this commit suppresses this file system in this test suite.
2018-06-11 22:19:19 -04:00
Jason Tedor 32cbbc2ecf
Revert "[DOCS] Added 6.3 info & updated the upgrade table. (#30940)"
This reverts commit 40d31d2ae0.
2018-06-11 22:04:36 -04:00
Jason Tedor 0e6589f489
Revert "Fix snippets in upgrade docs"
This reverts commit 955542a50a.
2018-06-11 22:04:30 -04:00
Jason Tedor 955542a50a
Fix snippets in upgrade docs
The upgrade docs were using the json language tag but console wants
these to be js for proper formatting. This commit addresses that.
2018-06-11 21:32:39 -04:00
debadair 40d31d2ae0 [DOCS] Added 6.3 info & updated the upgrade table. (#30940) 2018-06-11 15:55:58 -07:00
Nik Everett 0d9b78834f
LLClient: Support host selection (#30523)
Allows users of the Low Level REST client to specify which hosts a
request should be run on. They implement the  `NodeSelector` interface
or reuse a built in selector like `NOT_MASTER_ONLY` to chose which nodes
are valid. Using it looks like:
```
Request request = new Request("POST", "/foo/_search");
RequestOptions options = request.getOptions().toBuilder();
options.setNodeSelector(NodeSelector.NOT_MASTER_ONLY);
request.setOptions(options);
...
```

This introduces a new `Node` object which contains a `HttpHost` and the
metadata about the host. At this point that metadata is just `version`
and `roles` but I plan to add node attributes in a followup. The
canonical way to **get** this metadata is to use the `Sniffer` to pull
the information from the Elasticsearch cluster.

I've marked this as "breaking-java" because it breaks custom
implementations of `HostsSniffer` by renaming the interface to
`NodesSniffer` and by changing it from returning a `List<HttpHost>` to a
`List<Node>`. It *shouldn't* break anyone else though.

Because we expect to find it useful, this also implements `host_selector`
support to `do` statements in the yaml tests. Using it looks a little
like:

```
---
"example test":
  - skip:
      features: host_selector
  - do:
      host_selector:
        version: " - 7.0.0" # same syntax as skip
      apiname:
        something: true
```

The `do` section parses the `version` string into a host selector that
uses the same version comparison logic as the `skip` section. When the
`do` section is executed it passed the off to the `RestClient`, using
the `ElasticsearchHostsSniffer` to sniff the required metadata.

The idea is to use this in mixed version tests to target a specific
version of Elasticsearch so we can be sure about the deprecation
logging though we don't currently have any examples that need it. We do,
however, have at least one open pull request that requires something
like this to properly test it.

Closes #21888
2018-06-11 17:07:27 -04:00
Jason Tedor 563141c6c9
Upgrade to Netty 4.1.25.Final (#31232)
This commit upgrades us to Netty 4.1.25. This upgrade is more
challenging than past upgrades, all because of a new object cleaner
thread that they have added. This thread requires an additional security
permission (set context class loader, needed to avoid leaks in certain
scenarios). Additionally, there is not a clean way to shutdown this
thread which means that the thread can fail thread leak control during
tests. As such, we have to filter this thread from thread leak control.
2018-06-11 16:55:07 -04:00
Jason Tedor cb952bd9ec
Enable custom credentials for core REST tests (#31235)
The core REST tests with security currently use a hardcoded username and
password. This is not amenable to running these tests in scenarios where
the user controls the creation of the cluster and owns the credentials
for this cluster. This commit enables running the core REST tests with
security with a custom username and password.
2018-06-11 16:53:40 -04:00
Nhat Nguyen dda56fc0fc
Move ESIndexLevelReplicationTestCase to test framework (#31243)
Other components might benefit from the testing infra provided by
ESIndexLevelReplicationTestCase. This commit moves it to the test
framework.
2018-06-11 12:47:38 -04:00
Lee Hinman c064b507df
Encapsulate Translog in Engine (#31220)
This removes the abstract `getTranslog` method in `Engine`, instead leaving it
to the abstract implementations of the other methods that use the translog. This
allows future Engines not to have a Translog, as instead they must implement the
methods that use the translog pieces to return necessary values.
2018-06-11 09:44:50 -06:00
Nhat Nguyen 99e04582de
HLRest: Add get index templates API (#31161)
Relates #27205
2018-06-11 11:06:28 -04:00
Tanguy Leroux bf58660482
Remove all unused imports and fix CRLF (#31207)
The X-Pack opening and the recent other refactorings left a lot of 
unused imports in the codebase. This commit removes them all.
2018-06-11 15:12:12 +02:00
Tanguy Leroux a1916658a9 [Tests] Fix self-referencing tests
This commit adapts some test after #31044 has been merged.
2018-06-11 12:45:27 +02:00
Yannick Welsch f9e8afd357 [TEST] Fix testRecoveryAfterPrimaryPromotion
This test was failing from time to time due to a ConcurrentModificationException, which
was triggered due to the primary-replica resync running concurrently with shards being
removed.

Closes #30767
2018-06-11 11:09:45 +02:00
Tanguy Leroux 42608881b0
[Docs] Remove mention pattern files in Grok processor (#31170)
Pattern files have been removed in 
16fa3e546e
2018-06-11 09:32:12 +02:00
Yannick Welsch 467ea50c4e
Use stronger write-once semantics for Azure repository (#30437)
There's no need for an extra blobExists() call when writing a blob to the Azure service. Azure
provides an option (with stronger consistency guarantees) on the upload method that guarantees
that the blob that's uploaded does not already exist. This saves one network roundtrip.

Relates to #19749
2018-06-11 09:12:44 +02:00
Yannick Welsch 4e9b554948
Don't swallow exceptions on replication (#31179)
Swallowing these exceptions is dangerous as they can result in replicas going out-of-sync with the primary.

Follow-up to #28571
2018-06-11 09:09:23 +02:00
Simon Willnauer f825a530b8
Limit the number of concurrent requests per node (#31206)
With `max_concurrent_shard_requests` we used to throttle / limit
the number of concurrent shard requests a high level search request
can execute per node. This had several problems since it limited the
number on a global level based on the number of nodes. This change
now throttles the number of concurrent requests per node while still
allowing concurrency across multiple nodes.

Closes #31192
2018-06-11 08:49:18 +02:00
rationull 85c26d682a Call ensureNoSelfReferences() on _agg state variable after scripted metric agg script executions (#31044)
Previously this was called for the combine script only. This change checks for self references for
init, map, and reduce scripts as well, and adds unit test coverage for the init, map, and combine cases.
2018-06-11 08:39:05 +02:00
Ryan Ernst bd5c1a4590 Move java version checker back to its own jar (#30708)
The java version checker requires being written with java 7 APIs.
In order to use java 8 apis in other launcher utilities, this commit
moves the java version checker back to its own jar.
2018-06-10 20:03:21 -04:00
Andy Bristol f8cbc81258 [test] add fix for rare virtualbox error (#31212)
See the vagrant issue mentioned in this commit for details. This error
has happened a couple times in packaging test CI builds with workers
using virtualbox 5.2.10r122088
2018-06-10 11:12:46 -04:00
Jason Tedor aa8aa0d9e0
Move default location of dependencies report (#31228)
This commit moves the default location of the full dependencies report
to be under the reports directory to align it with the location for the
dependenciesInfo task output.
2018-06-09 09:50:36 -04:00
Jason Tedor 1d840f9348
Remove dependencies report task dependencies (#31227)
A previous commit tried to add task dependencies for the
:distribution:generateDependenciesReport task so that a user did not
have to run "dependenciesInfo
:distribution:generateDependenciesReport". However this method did not
reliably add all task dependencies due to task ordering issues in
previous versions of Gradle and our build. This commit removes this for
now and a user will continue to have to run "dependenciesInfo
:distribution:generateDependenciesReport".
2018-06-09 09:50:24 -04:00
Jason Tedor 1082ea57c8
Add recognition of MPL 2.0 (#31226)
This commit adds the ability for the dependencies info check to
recognize version 2.0 of the Mozilla Public License.
2018-06-09 09:46:57 -04:00
Jason Tedor 65c107b47d
Fix unknown licenses (#31223)
The goal of this commit is to address unknown licenses when producing
the dependencies info report. We have two different checks that we run
on licenses. The first check is whether or not we have stashed a copy of
the license text for a dependency in the repository. The second is to
map every dependency to a license type (e.g., BSD 3-clause). The problem
here is that the way we were handling licenses in the second check
differs from how we handle licenses in the first check. The first check
works by finding a license file with the name of the artifact followed
by the text -LICENSE.txt. Yet in some cases we allow mapping an artifact
name to another name used to check for the license (e.g., we map
lucene-.* to lucene, and opensaml-.* to shibboleth. The second check
understood the first way of looking for a license file but not the
second way. So in this commit we teach the second check about the
mappings from artifact names to license names. We do this by copying the
configuration from the dependencyLicenses task to the dependenciesInfo
task and then reusing the code from the first check in the second
check. There were some other challenges here though. For example,
dependenciesInfo was checking too many dependencies. For now, we should
only be checking direct dependencies and leaving transitive dependencies
from another org.elasticsearch artifact to that artifact (we want to do
this differently in a follow-up). We also want to disable
dependenciesInfo for projects that we do not publish, users only care
about licenses they might be exposed to if they use our assembled
products. With all of the changes in this commit we have eliminated all
unknown licenses. A follow-up will enforce that when we add a new
dependency it does not get mapped to unknown, these will be forbidden in
the future. Therefore, with this change and earlier changes are left
having no unknown licenses and two custom licenses; custom here means it
does not map to an SPDX license type. Those two licenses are xz and
ldapsdk. A future change will not allow additional custom licenses
unless they are explicitly whitelisted. This ensures that if a new
dependency is added it is mapped to an SPDX license or mapped to custom
because it does not have an SPDX license.
2018-06-09 07:28:41 -04:00
Jason Tedor 3db1fe7afe
Remove version from license file name for GCS SDK (#31221)
Most of our license file names strip the version off the artifact name
when deducing the license filename. However, the version on the GCS SDK
(google-api-services-storage) does not match the usual format and
instead starts with a vee. This means that the license filename for this
license ended up carrying the version and we should not do that. This
commit adjusts the regex the deduces the license filename to account for
this case, and adjusts the google-api-services-storage license files
accordingly.
2018-06-08 21:19:16 -04:00
Lee Hinman bdb0fb2555
Fully encapsulate LocalCheckpointTracker inside of the engine (#31213)
* Fully encapsulate LocalCheckpointTracker inside of the engine

This makes the Engine interface not expose the `LocalCheckpointTracker`, instead
exposing the pieces needed (like retrieving the local checkpoint) as individual
methods.
2018-06-08 17:19:41 -06:00
Sue Gallagher cdb486ae70
[DOCS] Added 'fail_on_unsupported_field' param to MLT. Closes #28008 (#31160)
* [DOCS] Added 'fail_on_unsupported_field' param to MLT. Closes 28008

* [DOCS] Added 'fail_on_unsupported_field' param to MLT. Closes #28008

* [DOCS] Added 'fail_on_unsupported_field' param to MLT. Closes #28008

* [DOCS] Added 'fail_on_unsupported_field' param to MLT. Closes #28008
2018-06-08 14:41:01 -07:00