Commit Graph

7308 Commits

Author SHA1 Message Date
Areek Zillur 4ba17be1e6 minor edit
Original commit: elastic/x-pack-elasticsearch@da50e65388
2014-11-27 18:54:48 -05:00
Areek Zillur 3bbc666b82 Update Readme for multi-module setup
Original commit: elastic/x-pack-elasticsearch@65895002b5
2014-11-27 18:53:20 -05:00
Areek Zillur 43284305b6 Make elasticsearch-license multi-module:
- core-shaded - has CryptUtils (used by core and can be shared with consumer plugins)
 - core - License data structures & verifier
 - licensor - License Signer along with key-pair and license generation, verification
 - plugin - Enforce licensing on a deployment

Original commit: elastic/x-pack-elasticsearch@041ef3a9f1
2014-11-27 13:14:54 -05:00
Martijn van Groningen 737e9567b9 Alert action manager: Start the queue reader thread with self maintained thread instead of using thread pool.
This gives us more control over interrupting and joining this thread during stopping, so we have a good moment in time to clear the queue.

Original commit: elastic/x-pack-elasticsearch@ed3f85fa75
2014-11-27 17:22:22 +01:00
Martijn van Groningen 0ec1f66c60 Test: Run refresh before the search on metadata occurs.
Original commit: elastic/x-pack-elasticsearch@2097f01458
2014-11-27 17:20:32 +01:00
Martijn van Groningen ac715134b3 Increased logging
Original commit: elastic/x-pack-elasticsearch@39093540fd
2014-11-27 15:46:41 +01:00
Brian Murphy fbec93d941 This adds metadata to alerts that are copied to the action entries for this alert.
Original commit: elastic/x-pack-elasticsearch@0abfc22421
2014-11-27 14:00:28 +00:00
Martijn van Groningen b54aea7c14 Test: We can't be sure how often an alert has been fired, so these asserts should by in the atleast mindset.
Original commit: elastic/x-pack-elasticsearch@d4195eb3c0
2014-11-27 14:27:56 +01:00
Martijn van Groningen c29e3c9611 But we still need to clear if loading fails
Original commit: elastic/x-pack-elasticsearch@69bf786e81
2014-11-27 14:07:20 +01:00
Martijn van Groningen 385ea45b7c If loading or alerts or alert entries fail the alert manager should retry and if the search response are partial alert manager should retry as well.
Original commit: elastic/x-pack-elasticsearch@ea6a5a6372
2014-11-27 13:57:09 +01:00
Martijn van Groningen 6da23d412a When stopping alert manager wait for ongoing operations to complete.
Original commit: elastic/x-pack-elasticsearch@646e534628
2014-11-27 13:36:09 +01:00
javanna 8c1fcb52ea [TEST] delete and recreate config dir if already existing
Original commit: elastic/x-pack-elasticsearch@90af42b95d
2014-11-27 12:34:34 +01:00
Martijn van Groningen 27f83bb621 Clear the queue once the reader thread sees that it needs to stop.
Original commit: elastic/x-pack-elasticsearch@b70a224ff1
2014-11-27 12:14:30 +01:00
Martijn van Groningen 1cd5ae6a31 Added assertion
Original commit: elastic/x-pack-elasticsearch@3aae405242
2014-11-27 11:40:56 +01:00
javanna a995ed9cca [TEST] allow to configure tests.timezone and tests.locale
tests.timezone and tests.locale are values that gets randomized all the time (even without configuring them). They don't get printed yet out with shield failures as this was only recently added to es core, but it makes sense to get ready and allow to configure them for better test repeatability.

Also removed support for es.node.mode and es.node.local as we always use network since we test with unicast discovery only.

Original commit: elastic/x-pack-elasticsearch@d03fa0c162
2014-11-27 11:40:13 +01:00
Martijn van Groningen 29dd1bb888 Removed error log for null values
Original commit: elastic/x-pack-elasticsearch@4477fc1c2a
2014-11-27 10:17:51 +01:00
Martijn van Groningen 775f1cb878 Increased logging
Original commit: elastic/x-pack-elasticsearch@375279fca5
2014-11-27 09:53:10 +01:00
Martijn van Groningen 45ee1d2d9b Test: Added test that uses an agg in a trigger.
Original commit: elastic/x-pack-elasticsearch@ad87b18aa5
2014-11-26 23:31:40 +01:00
Martijn van Groningen 3965cb194c Make sure that the alerts templates get applied and disabled test template since it conflicts with the alerts templates.
Original commit: elastic/x-pack-elasticsearch@ddd178da78
2014-11-26 23:23:15 +01:00
Martijn van Groningen e4d10c58a9 Core: load alert store before the action manager, b/c action depends on alert store
Original commit: elastic/x-pack-elasticsearch@6aa3cb33b0
2014-11-26 22:51:34 +01:00
Martijn van Groningen 56a121109d Simplified getAlertHistoryIndexNameForTime()
Original commit: elastic/x-pack-elasticsearch@08ce6daf75
2014-11-26 22:38:40 +01:00
Martijn van Groningen 4048bfe55c Removed explicit delete index calls, because it redundant and the test framework wipes the clusters between tests.
Original commit: elastic/x-pack-elasticsearch@eebeef3bee
2014-11-26 22:18:19 +01:00
Martijn van Groningen 6b4f68fcb3 Test: made the simple no master node test more useful
Original commit: elastic/x-pack-elasticsearch@4ffc11d702
2014-11-26 22:00:26 +01:00
Martijn van Groningen 168bed9d32 Restored some code and fix the assert trigger methods
Original commit: elastic/x-pack-elasticsearch@7ca18b77b9
2014-11-26 21:56:13 +01:00
Paul Echeverri fff49d9e53 Merge branch 'doc-295' of https://github.com/palecur/elasticsearch-shield
Original commit: elastic/x-pack-elasticsearch@e63e3db412
2014-11-26 11:54:27 -08:00
Brian Murphy 871274adbd Add back in the exists checks for the alert history indices.
Original commit: elastic/x-pack-elasticsearch@a170742e56
2014-11-26 18:17:31 +00:00
Brian Murphy 87e056d762 Fix missing index issue by explicitly creating the index if implicit creation fails
This really shouldn't be happening.

Original commit: elastic/x-pack-elasticsearch@7d334ec76f
2014-11-26 18:10:52 +00:00
Brian Murphy 193865925c Properly catch errors on startup and return false from start if we get errors looking for the alert history indices.
Original commit: elastic/x-pack-elasticsearch@9db4691783
2014-11-26 17:27:22 +00:00
Brian Murphy 779e7e83c0 TEST Fix Bootstrap test that got munged by merge.
Original commit: elastic/x-pack-elasticsearch@b0f40fd764
2014-11-26 16:28:11 +00:00
Brian Murphy c55ebc29e2 Merge pull request elastic/elasticsearch#49 from elasticsearch/timebased_histroy
Timebased history index

Original commit: elastic/x-pack-elasticsearch@0be1188599
2014-11-26 16:00:58 +00:00
Brian Murphy f8e26c2f75 Remove dependency on the alert history indices being started in the actions.
Original commit: elastic/x-pack-elasticsearch@a3f0e0fe46
2014-11-26 15:58:52 +00:00
Brian Murphy 713327cee5 TEST : Add bootstrap test to boot strap different history indices.
Original commit: elastic/x-pack-elasticsearch@72c36f6d4d
2014-11-26 15:58:52 +00:00
Brian Murphy aaef7de62d TEST: This test got forgotten when I squash the commits.
Original commit: elastic/x-pack-elasticsearch@5109b4bea6
2014-11-26 15:58:52 +00:00
Brian Murphy 914a5035fd Remove merge conflict in comment.
Original commit: elastic/x-pack-elasticsearch@aa4bb3dab6
2014-11-26 15:58:52 +00:00
Brian Murphy f6027e9a6b Alert History : Make alert history index time based.
This commit makes the alert history index a time based index.
The alert history now is a timebased index prefixed with .alert_history_
with the time fomat YYYY-MM-dd.

This commit makes the alert history index a time based index.

Original commit: elastic/x-pack-elasticsearch@df6d6dee29
2014-11-26 15:58:52 +00:00
Martijn van Groningen 8512dfcb36 Removed enable from Alert.
Original commit: elastic/x-pack-elasticsearch@d65a883f70
2014-11-26 15:30:11 +01:00
Martijn van Groningen b0b3721f84 Added forgotten cluster block check
Original commit: elastic/x-pack-elasticsearch@022be40b54
2014-11-26 14:59:27 +01:00
Martijn van Groningen a34504b45e Test: stabilize the alert stopping during test cluster close and between tests.
Original commit: elastic/x-pack-elasticsearch@f2e7818d86
2014-11-26 12:21:05 +01:00
Areek Zillur 79c8cd8a30 Change pom profile to elasticsearch-private
Original commit: elastic/x-pack-elasticsearch@c6abc409f5
2014-11-25 19:48:53 -05:00
Martijn van Groningen b7dfde7de7 Changed the way alerting gets shut down when the test cluster gets closed.
Original commit: elastic/x-pack-elasticsearch@74c148c025
2014-11-26 00:26:43 +01:00
uboness af74f43aea Introduced realms factories
Today it is possible to configure 3 realms in shield - `esusers`, `ldap` and `active_directory`. These realms are created once based on the configuration. There are several problems with this approach:

- Taking `ldap` as an example, it is currently not possible to have multiple `ldap` realms configured (where one serving as a fallback for the other). While the `ldap` realm itself enables defining multiple ldap URLs, it has the limitation that the fallback LDAP must have the exact same configuration as the primary LDAP (+ there's the limitation that all URLs must either us SSL or not... there cannot be a mix of SSL URL and a normal URL)

- The realms are created and bound internally by guice. This will limit the configurability at runtime of the realms which we might want to introduce in shield 2.0.

This commit changes the way realms are managed & configured. Instead of having guice bind the realms themselves. A new realm factory construct will be introduced. The realm factory will represent a realm type and guice will bind these factories. At load time, we'll read the configuration and based on the types of the configured realms, the relevant factories will create the realms based on the settings. This means that potentially we can expose the realms as a dynamic configuration and rebuild the realm chain at runtime.

A nice side effect of this approach is that the multiple URLs feature that is currently supported by both `ldap` and `active_directory` can be dropped. Instead, the users will just need to configure multiple `ldap`/`active_directory` realms.

Closes: elastic/elasticsearch#370

Original commit: elastic/x-pack-elasticsearch@3232f153bb
2014-11-25 14:31:51 -08:00
Paul Echeverri f178575625 Adds Shield's requirement for disabling multicast discovery and links to the
main ES discovery docs.

Original commit: elastic/x-pack-elasticsearch@1d9742c0ae
2014-11-25 13:59:45 -08:00
Paul Echeverri b2949d76c8 Adds sample logging output to verify a functional Shield installation to Getting Started section.
Original commit: elastic/x-pack-elasticsearch@1b5505090d
2014-11-25 13:54:14 -08:00
Martijn van Groningen 470fb053fd Load quartz job in batch style when starting the scheduler.
Original commit: elastic/x-pack-elasticsearch@9bcf84092a
2014-11-25 21:18:02 +01:00
javanna 706a8fd38d [TEST] move integration tests to use the global cluster and run against multiple nodes
Every test class was previously running against its own SUITE cluster composed of a single node due to misconfiguration.
Also there were some repetitions and bugs in the settings: first of all unicast wasn't properly configured, also the plugin wasn't registered properly in the transport client, thus the "shield.user" settings wasn't properly converted into the basic auth header. For the very same reason the settings used for authc wasn't randomized for transport client.

Extracted out all the needed configuration to the `ShieldSettingsSource` class, that takes care of the unicast configuration, loading of the plugin and all of the configuration files and parameters.
Used the global cluster whenever possible, that has the following characteristics:
- unicast discovery
- ssl configured and enabled at the transport level
- ssl configured but disabled at the http level (REST tests use the same cluster and don't support SSL at this time)
- single user configured with an allow_all role
- auditing enabled or not is randomized
- the setting used to do basic auth is randomized between reuest.headers.Authorization and our own shield.user for both node and transport client

Test classes that need to override defaults settings can do so by declaring scope=SUITE and overriding the nodeSettings method. Also roles, users and users_roles have specialized methods to be overridden that just return the content of the whole file if it differs from the default. Note that given that ssl is properly configured although disabled for http, tests that need it on can just enable it without any additional configuration.

Closes elastic/elasticsearch#31

Original commit: elastic/x-pack-elasticsearch@fa6f162497
2014-11-25 17:34:10 +01:00
javanna a62a11f430 Internal: remove static assert that will trip once we upgrade to 1.4.1 or any new version
Although it is nice to be alerted through assert as soon as we upgrade the es core dependency, this can be done only in test code, in production code it prevents us from supporting any future version once the code gets released.

Replaced the assert with a TODO.

Original commit: elastic/x-pack-elasticsearch@b0d59c2fd3
2014-11-25 16:55:39 +01:00
Martijn van Groningen c9e181e597 Test: Replaced the internal clearing of the alert manager between tests with public stop alert service, delete alerts and alerts history index and start alert service calls.
Original commit: elastic/x-pack-elasticsearch@57c0120eb4
2014-11-25 15:12:00 +01:00
Martijn van Groningen 4b147b8f85 Fixes updating an existing alert works as expected.
Original commit: elastic/x-pack-elasticsearch@236407367a
2014-11-25 13:21:37 +01:00
javanna 22eabc19b2 [TEST] Remove SSLRequireAuthTests as the tested functionality (ssl client auth and settings) was removed
Original commit: elastic/x-pack-elasticsearch@0b646606aa
2014-11-25 12:28:30 +01:00
javanna 2eaa1cb969 Internal: resolve a few compiler warnings
@NotThreadSafe is not a valid standard java annotation. Removed unused method and empty @param javadoc annotation

Original commit: elastic/x-pack-elasticsearch@3583bcfa66
2014-11-25 12:17:28 +01:00