mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-07 13:38:49 +00:00
7e06888bae
Test clusters currently has its own set of logic for dealing with finding different versions of Elasticsearch, downloading them, and extracting them. This commit converts testclusters to use the DistributionDownloadPlugin.
74 lines
4.4 KiB
Groovy
74 lines
4.4 KiB
Groovy
Project idpFixtureProject = xpackProject("test:idp-fixture")
|
|
|
|
apply plugin: 'elasticsearch.testclusters'
|
|
apply plugin: 'elasticsearch.standalone-rest-test'
|
|
apply plugin: 'elasticsearch.rest-test'
|
|
apply plugin: 'elasticsearch.test.fixtures'
|
|
|
|
dependencies {
|
|
testCompile project(path: xpackModule('core'), configuration: 'default')
|
|
testCompile project(path: xpackModule('core'), configuration: 'testArtifacts')
|
|
testCompile project(path: xpackModule('security'), configuration: 'testArtifacts')
|
|
}
|
|
testFixtures.useFixture ":x-pack:test:idp-fixture"
|
|
|
|
String ephemeralPort;
|
|
task setupPorts {
|
|
// Don't attempt to get ephemeral ports when Docker is not available
|
|
onlyIf { idpFixtureProject.postProcessFixture.enabled }
|
|
dependsOn idpFixtureProject.postProcessFixture
|
|
doLast {
|
|
ephemeralPort = idpFixtureProject.postProcessFixture.ext."test.fixtures.oidc-provider.tcp.8080"
|
|
}
|
|
}
|
|
|
|
integTest.runner {
|
|
dependsOn setupPorts
|
|
}
|
|
|
|
testClusters.integTest {
|
|
testDistribution = 'DEFAULT'
|
|
setting 'xpack.license.self_generated.type', 'trial'
|
|
setting 'xpack.security.enabled', 'true'
|
|
setting 'xpack.security.http.ssl.enabled', 'false'
|
|
setting 'xpack.security.authc.token.enabled', 'true'
|
|
setting 'xpack.security.authc.realms.file.file.order', '0'
|
|
setting 'xpack.security.authc.realms.native.native.order', '1'
|
|
// OpenID Connect Realm 1 configured for authorization grant flow
|
|
setting 'xpack.security.authc.realms.oidc.c2id.order', '2'
|
|
setting 'xpack.security.authc.realms.oidc.c2id.op.issuer', 'http://localhost:8080'
|
|
setting 'xpack.security.authc.realms.oidc.c2id.op.authorization_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id-login" }
|
|
setting 'xpack.security.authc.realms.oidc.c2id.op.token_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id/token" }
|
|
setting 'xpack.security.authc.realms.oidc.c2id.op.userinfo_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id/userinfo" }
|
|
setting 'xpack.security.authc.realms.oidc.c2id.op.jwkset_path', 'op-jwks.json'
|
|
setting 'xpack.security.authc.realms.oidc.c2id.rp.redirect_uri', 'https://my.fantastic.rp/cb'
|
|
setting 'xpack.security.authc.realms.oidc.c2id.rp.client_id', 'https://my.elasticsearch.org/rp'
|
|
keystore 'xpack.security.authc.realms.oidc.c2id.rp.client_secret', 'b07efb7a1cf6ec9462afe7b6d3ab55c6c7880262aa61ac28dded292aca47c9a2'
|
|
setting 'xpack.security.authc.realms.oidc.c2id.rp.response_type', 'code'
|
|
setting 'xpack.security.authc.realms.oidc.c2id.claims.principal', 'sub'
|
|
setting 'xpack.security.authc.realms.oidc.c2id.claims.name', 'name'
|
|
setting 'xpack.security.authc.realms.oidc.c2id.claims.mail', 'email'
|
|
setting 'xpack.security.authc.realms.oidc.c2id.claims.groups', 'groups'
|
|
// OpenID Connect Realm 2 configured for implicit flow
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.order', '3'
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.issuer', 'http://localhost:8080'
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.authorization_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id-login" }
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.token_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id/token" }
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.userinfo_endpoint', { "http://127.0.0.1:${ephemeralPort}/c2id/userinfo" }
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.op.jwkset_path', 'op-jwks.json'
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.rp.redirect_uri', 'https://my.fantastic.rp/cb'
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.rp.client_id', 'elasticsearch-rp'
|
|
keystore 'xpack.security.authc.realms.oidc.c2id-implicit.rp.client_secret', 'b07efb7a1cf6ec9462afe7b6d3ab55c6c7880262aa61ac28dded292aca47c9a2'
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.rp.response_type', 'id_token token'
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.claims.principal', 'sub'
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.claims.name', 'name'
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.claims.mail', 'email'
|
|
setting 'xpack.security.authc.realms.oidc.c2id-implicit.claims.groups', 'groups'
|
|
setting 'xpack.ml.enabled', 'false'
|
|
|
|
extraConfigFile 'op-jwks.json', idpFixtureProject.file("oidc/op-jwks.json")
|
|
|
|
user username: "test_admin", password: "x-pack-test-password"
|
|
}
|
|
|
|
thirdPartyAudit.enabled = false |