mirror of
https://github.com/honeymoose/OpenSearch.git
synced 2025-02-09 22:45:04 +00:00
7e06888bae
Test clusters currently has its own set of logic for dealing with finding different versions of Elasticsearch, downloading them, and extracting them. This commit converts testclusters to use the DistributionDownloadPlugin.
100 lines
4.5 KiB
Groovy
100 lines
4.5 KiB
Groovy
Project idpFixtureProject = xpackProject("test:idp-fixture")
|
|
|
|
apply plugin: 'elasticsearch.testclusters'
|
|
apply plugin: 'elasticsearch.standalone-rest-test'
|
|
apply plugin: 'elasticsearch.rest-test'
|
|
apply plugin: 'elasticsearch.test.fixtures'
|
|
|
|
dependencies {
|
|
testCompile project(path: xpackModule('core'), configuration: 'testArtifacts')
|
|
testCompile 'com.google.jimfs:jimfs:1.1'
|
|
}
|
|
testFixtures.useFixture ":x-pack:test:idp-fixture"
|
|
|
|
|
|
String outputDir = "${project.buildDir}/generated-resources/${project.name}"
|
|
task copyIdpFiles(type: Copy) {
|
|
from idpFixtureProject.files('idp/shibboleth-idp/credentials/idp-browser.pem', 'idp/shibboleth-idp/metadata/idp-metadata.xml');
|
|
into outputDir
|
|
}
|
|
project.sourceSets.test.output.dir(outputDir, builtBy: copyIdpFiles)
|
|
|
|
task setupPorts {
|
|
dependsOn copyIdpFiles, idpFixtureProject.postProcessFixture
|
|
// Don't attempt to get ephemeral ports when Docker is not available
|
|
onlyIf { idpFixtureProject.postProcessFixture.enabled }
|
|
doLast {
|
|
String portString = idpFixtureProject.postProcessFixture.ext."test.fixtures.shibboleth-idp.tcp.4443"
|
|
int ephemeralPort = Integer.valueOf(portString)
|
|
File idpMetaFile = file("$outputDir/idp-metadata.xml")
|
|
List<String> lines = idpMetaFile.readLines("UTF-8")
|
|
StringBuilder content = new StringBuilder()
|
|
for (String line : lines) {
|
|
content.append(line.replace("localhost:4443", "localhost:" + ephemeralPort))
|
|
}
|
|
idpMetaFile.delete()
|
|
idpMetaFile.createNewFile()
|
|
idpMetaFile.write(content.toString(), "UTF-8")
|
|
}
|
|
}
|
|
|
|
|
|
integTest.runner.dependsOn setupPorts
|
|
|
|
testClusters.integTest {
|
|
testDistribution = 'DEFAULT'
|
|
setting 'xpack.license.self_generated.type', 'trial'
|
|
setting 'xpack.security.enabled', 'true'
|
|
setting 'xpack.security.http.ssl.enabled', 'false'
|
|
setting 'xpack.security.authc.token.enabled', 'true'
|
|
setting 'xpack.security.authc.realms.file.file.order', '0'
|
|
// SAML realm 1 (no authorization_realms)
|
|
setting 'xpack.security.authc.realms.saml.shibboleth.order', '1'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth.idp.entity_id', 'https://test.shibboleth.elastic.local/'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth.idp.metadata.path', 'idp-metadata.xml'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth.sp.entity_id', 'http://mock1.http.elastic.local/'
|
|
// The port in the ACS URL is fake - the test will bind the mock webserver
|
|
// to a random port and then whenever it needs to connect to a URL on the
|
|
// mock webserver it will replace 54321 with the real port
|
|
setting 'xpack.security.authc.realms.saml.shibboleth.sp.acs', 'http://localhost:54321/saml/acs1'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth.attributes.principal', 'uid'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth.attributes.name', 'urn:oid:2.5.4.3'
|
|
// SAML realm 2 (uses authorization_realms)
|
|
setting 'xpack.security.authc.realms.saml.shibboleth_native.order', '2'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth_native.idp.entity_id', 'https://test.shibboleth.elastic.local/'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth_native.idp.metadata.path', 'idp-metadata.xml'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth_native.sp.entity_id', 'http://mock2.http.elastic.local/'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth_native.sp.acs', 'http://localhost:54321/saml/acs2'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth_native.attributes.principal', 'uid'
|
|
setting 'xpack.security.authc.realms.saml.shibboleth_native.authorization_realms', 'native'
|
|
setting 'xpack.security.authc.realms.native.native.order', '3'
|
|
|
|
setting 'xpack.ml.enabled', 'false'
|
|
setting 'logger.org.elasticsearch.xpack.security', 'TRACE'
|
|
|
|
extraConfigFile 'idp-metadata.xml', file(outputDir + "/idp-metadata.xml")
|
|
|
|
user username: "test_admin", password: 'x-pack-test-password'
|
|
}
|
|
|
|
forbiddenPatterns {
|
|
exclude '**/*.der'
|
|
exclude '**/*.p12'
|
|
exclude '**/*.key'
|
|
}
|
|
|
|
thirdPartyAudit {
|
|
ignoreViolations (
|
|
// uses internal java api: sun.misc.Unsafe
|
|
'com.google.common.cache.Striped64',
|
|
'com.google.common.cache.Striped64$1',
|
|
'com.google.common.cache.Striped64$Cell',
|
|
'com.google.common.primitives.UnsignedBytes$LexicographicalComparatorHolder$UnsafeComparator',
|
|
'com.google.common.primitives.UnsignedBytes$LexicographicalComparatorHolder$UnsafeComparator$1'
|
|
)
|
|
|
|
ignoreMissingClasses (
|
|
'com.ibm.icu.lang.UCharacter'
|
|
)
|
|
}
|