We need to start Gradle on the same JVM as runtime Java home to ensure
that certain tasks (e.g., third party audit) are run on all the flavors
of the JDK that we support (without this change it would only run on the
same JVM as Gradle which would usually be compiler Java home).
Relates elastic/x-pack-elasticsearch#3588
Original commit: elastic/x-pack-elasticsearch@d5f6a54fbe
Drop the ssl tests against the java builtin https server. They were
failing and the failures were undebuggable. I still don't know what was
happening because you can't get any logging out of the server.
Add SSL tests against Elasticsearch because that is what actually needs
to work.
relates elastic/x-pack-elasticsearch#2870
Original commit: elastic/x-pack-elasticsearch@284cf7fb58
This adds all of the security tests I think SQL is going to need for the initial release. SQL is still missing an entire scenario though: SSL enabled. Either way, this removes some `NOCOMMIT`s in `qa/sql/security`. Adding the SSL testing can come later.
Original commit: elastic/x-pack-elasticsearch@851620b606
We don't need to blindly skip all of these tasks. We don't have
NOCOMMITs everywhere, just lots of places....
Original commit: elastic/x-pack-elasticsearch@d772cb1b96
This commit fixes a typo in the CI script, the command-line flag for
setting tests.badapples had a typo.
Original commit: elastic/x-pack-elasticsearch@c67a620485
This commit adds an option for running the intake build from the CI
scripts. The intake build differs from check in that it runs compilation
and pre-commit checks before running tests so that common build failures
causes will happen earlier than otherwise.
Relates elastic/x-pack-elasticsearch#2420
Original commit: elastic/x-pack-elasticsearch@b179ce1087
This shuffles all of SQL's QA tests into the `qa/sql` directory, moving
some shared resources into the new `qa:sql` project. It also rigs up
testing of the rest SQL interface in all the sql qa configurations:
without security, with security, and against multiple nodes.
I've had to make some modifications to how we handle the audit log
because it has gotten pretty slow. If these modifications turn out to
not be fast enough then I'll change the test to querying the log files
and drop the audit log index entirely but the index seems to be holding
out for now.
Original commit: elastic/x-pack-elasticsearch@ff3b5a74c1
Removes the line length checkstyle suppression for `sql/jdbc*` and
fixes all the checkstyle violations. Removes a few files that had
violations that were not used.
Original commit: elastic/x-pack-elasticsearch@031c2ba8e3
SQL relies on being able to fetch information about fields from
the cluster state and it'd be disasterous if that information
wasn't available. This should catch that.
Original commit: elastic/x-pack-elasticsearch@1a62747332
Running the sql rest action test inside the server caused a dependency
loop which was failing the build.
Original commit: elastic/x-pack-elasticsearch@43283671d8
Add some basic security testing/integration.
The good news:
1. Basic security now works. Users without access to an index can't run sql queries against it. Without this change they could.
2. Document level security works! At least so far as I can tell.
The work left to do:
1. Field level security doesn't work properly. I mean, it kind of works in that the field's values don't leak but it just looks like they all have null values.
2. We will need to test scrolling.
3. I've only added tests for the rest sql action. I'll need to add tests for jdbc and the CLI as well.
4. I've only added tests for `SELECT` and have ignored stuff like `DESCRIBE` and `SHOW TABLES`.
Original commit: elastic/x-pack-elasticsearch@b9909bbda0
This should allow creation of a ci build to smoke test sql which
should be faster but less complete than the normal build on the
sql branch.
Original commit: elastic/x-pack-elasticsearch@87748b37f9
Needed because I hacked around branch selection because we don't have
a `feature/sql` branch in the public elasticsearch repo.
Original commit: elastic/x-pack-elasticsearch@3fc1084588
Too big. Sorry. Some good things though:
1. Share some code between CLI and JDBC. Probably a good thing
at this point, better as we go on, I think.
2. Add round trip tests for all of proto.
3. Remove the `data` member from `QueryInitResponse` and
`QueryPageResponse` so we response serialization is consistent with
everything else.
Original commit: elastic/x-pack-elasticsearch@c6940a32ed
Turned on checkstyle but turned off line length for sql because
now is not the time. That caught a few things like redundant
modifiers, out of order modifiers, and multiple top level classes
per file. Fixing them gave me a great little tour. So I'm going to
go and do the same in the plugin code now.
Original commit: elastic/x-pack-elasticsearch@8b52d8845d
This is to allow bwcTest to be run by ci. This commit also fixes the
existing packagingTest target, which was never updated after the xpack
repo split.
Original commit: elastic/x-pack-elasticsearch@f4696c1899
We are back to having a 140-column limit. While at some point we will
apply auto-formatting tools to the code base, that is a down-the-road
thing and adjusting the suppressions now shaves minutes off the build
time.
Relates elastic/x-pack-elasticsearch#1260
Original commit: elastic/x-pack-elasticsearch@9a96aec9e6
This commit renames and moves the forked delete by query classes from being ml specific to being a
xpack common class since an upcoming security feature plans to make use of this. Additionally, this
commit fixes a issue where the dbq action was being executed by the calling user instead of the
xpack user for certain requests. This was found when adding a authorization change that restricts
this action's execution to the xpack user only.
Original commit: elastic/x-pack-elasticsearch@d5967e7255
Moves the direct management of the security index from SecurityLifecycleService to IndexLifecycleManager, so that the SecurityLifecycleService can take responsibility for several indices.
Multiple security indices are required as we move away from storing multiple types in a single index.
Original commit: elastic/x-pack-elasticsearch@fde3a42b4d
When the LDAP SDK returns a SearchResult that has a non-success ResultCode, convert it to an exception and call onFailure
A configuration setting controls whether failures in referrals should be fatal (defaults to ignoring errors)
Closes: elastic/x-pack-elasticsearch#717
Original commit: elastic/x-pack-elasticsearch@4159758c2a