64 lines
2.8 KiB
Groovy
64 lines
2.8 KiB
Groovy
import java.nio.file.Path
|
|
import java.nio.file.Paths
|
|
|
|
apply plugin: 'elasticsearch.testclusters'
|
|
apply plugin: 'elasticsearch.standalone-rest-test'
|
|
apply plugin: 'elasticsearch.rest-test'
|
|
apply plugin: 'elasticsearch.test.fixtures'
|
|
|
|
testFixtures.useFixture ":test:fixtures:krb5kdc-fixture", "peppa"
|
|
|
|
dependencies {
|
|
testImplementation project(':x-pack:plugin:core')
|
|
testImplementation project(path: xpackModule('core'), configuration: 'testArtifacts')
|
|
testImplementation project(path: xpackModule('security'), configuration: 'testArtifacts')
|
|
}
|
|
|
|
testClusters.integTest {
|
|
testDistribution = 'DEFAULT'
|
|
// force localhost IPv4 otherwise it is a chicken and egg problem where we need the keytab for the hostname when starting the cluster
|
|
// but do not know the exact address that is first in the http ports file
|
|
setting 'http.host', '127.0.0.1'
|
|
setting 'xpack.license.self_generated.type', 'trial'
|
|
setting 'xpack.security.enabled', 'true'
|
|
setting 'xpack.security.authc.realms.file.file1.order', '0'
|
|
setting 'xpack.ml.enabled', 'false'
|
|
setting 'xpack.security.audit.enabled', 'true'
|
|
setting 'xpack.security.authc.token.enabled', 'true'
|
|
// Kerberos realm
|
|
setting 'xpack.security.authc.realms.kerberos.kerberos.order', '1'
|
|
setting 'xpack.security.authc.realms.kerberos.kerberos.keytab.path', 'es.keytab'
|
|
setting 'xpack.security.authc.realms.kerberos.kerberos.krb.debug', 'true'
|
|
setting 'xpack.security.authc.realms.kerberos.kerberos.remove_realm_name', 'false'
|
|
|
|
|
|
systemProperty "java.security.krb5.conf", { project(':test:fixtures:krb5kdc-fixture').ext.krb5Conf("peppa").toString() }
|
|
systemProperty "sun.security.krb5.debug", "true"
|
|
|
|
extraConfigFile "es.keytab", project(':test:fixtures:krb5kdc-fixture').ext.krb5Keytabs("peppa", "HTTP_localhost.keytab")
|
|
|
|
user username: "test_admin", password: "x-pack-test-password"
|
|
user username: "test_kibana_user", password: "x-pack-test-password", role: "kibana_system"
|
|
}
|
|
|
|
tasks.register("copyKeytabToGeneratedResources", Copy) {
|
|
from project(':test:fixtures:krb5kdc-fixture').ext.krb5Keytabs("peppa", "peppa.keytab")
|
|
into "$buildDir/generated-resources/keytabs"
|
|
dependsOn project(':test:fixtures:krb5kdc-fixture').postProcessFixture
|
|
}
|
|
|
|
String realm = "BUILD.ELASTIC.CO"
|
|
integTest.runner {
|
|
Path peppaKeytab = Paths.get("${project.buildDir}", "generated-resources", "keytabs", "peppa.keytab")
|
|
nonInputProperties.systemProperty 'test.userkt', "peppa@${realm}"
|
|
nonInputProperties.systemProperty 'test.userkt.keytab', "${peppaKeytab}"
|
|
nonInputProperties.systemProperty 'test.userpwd', "george@${realm}"
|
|
systemProperty 'test.userpwd.password', "dino"
|
|
systemProperty 'tests.security.manager', 'true'
|
|
jvmArgs([
|
|
"-Djava.security.krb5.conf=${project(':test:fixtures:krb5kdc-fixture').ext.krb5Conf("peppa")}",
|
|
"-Dsun.security.krb5.debug=true"
|
|
])
|
|
classpath += copyKeytabToGeneratedResources.outputs.files
|
|
}
|