OpenSearch/qa/smoke-test-plugins-ssl/integration-tests.xml

<?xml version="1.0"?>
<project name="smoke-test-x-plugins-ssl"
         xmlns:ac="antlib:net.sf.antcontrib">

  <import file="${elasticsearch.integ.antfile.default}"/>

  <property name="home" location="${integ.scratch}/elasticsearch-${elasticsearch.version}"/>

  <!-- redefined to work with auth -->
  <macrodef name="waitfor-elasticsearch">
      <attribute name="port"/>
      <attribute name="timeoutproperty"/>
    <sequential>
      <echo>Waiting for elasticsearch to become available on port @{port}...</echo>
      <waitfor maxwait="30" maxwaitunit="second"
               checkevery="500" checkeveryunit="millisecond"
               timeoutproperty="@{timeoutproperty}">
        <socket server="127.0.0.1" port="@{port}"/>
      </waitfor>
    </sequential>
  </macrodef>

  <target name="start-external-cluster-with-plugins" depends="setup-workspace">
    <ac:for list="${xplugins.list}" param="xplugin.name">
      <sequential>
        <fail message="Expected @{xplugin.name}-${version}.zip as a dependency, but could not be found in ${integ.deps}/plugins}">
          <condition>
            <not>
              <available file="${integ.deps}/plugins/@{xplugin.name}-${elasticsearch.version}.zip" />
            </not>
          </condition>
        </fail>
      </sequential>
    </ac:for>

    <ac:for param="file">
      <path>
        <fileset dir="${integ.deps}/plugins"/>
      </path>
      <sequential>
        <local name="plugin.name"/>
        <convert-plugin-name file="@{file}" outputproperty="plugin.name"/>
        <install-plugin name="${plugin.name}" file="@{file}"/>
      </sequential>
    </ac:for>

    <echo>Setting up Shield auth</echo>
    <run-script script="${home}/bin/shield/esusers">
      <nested>
        <arg value="useradd"/>
        <arg value="test_user"/>
        <arg value="-p"/>
        <arg value="changeme"/>
        <arg value="-r"/>
        <arg value="admin"/>
      </nested>
    </run-script>
    <run-script script="${home}/bin/shield/esusers"> 
      <nested>
        <arg value="useradd"/>
        <arg value="marvel_export"/>
        <arg value="-p"/>
        <arg value="changeme"/>
        <arg value="-r"/>
        <arg value="marvel_agent"/>
      </nested>
    </run-script>
    <copy file="${keystore.path}" todir="${home}/config/"/> <!-- move to a dir that the security manager will be happy with -->

    <startup-elasticsearch>
      <additional-args>
        <arg value="-Des.marvel.agent.exporter.es.hosts=https://marvel_export:changeme@localhost:${integ.http.port}"/>
        <arg value="-Des.marvel.agent.exporter.es.ssl.truststore.path=${home}/config/test-node.jks"/>
        <arg value="-Des.marvel.agent.exporter.es.ssl.truststore.password=keypass"/>
        <arg value="-Des.shield.transport.ssl=true"/>
        <arg value="-Des.shield.http.ssl=true"/>
        <arg value="-Des.shield.ssl.keystore.path=${home}/config/test-node.jks"/>
        <arg value="-Des.shield.ssl.keystore.password=keypass"/>
        <arg value="-Des.discovery.zen.ping.multicast.enabled=false"/>
      </additional-args>
    </startup-elasticsearch>

    <echo>Checking we can connect with basic auth on port ${integ.http.port}...</echo>
    <local name="temp.file"/>
    <tempfile property="temp.file" destdir="${java.io.tmpdir}"/>
    <!-- TODO: how to make the get task take a non-default keystore? -->
    <!--<get src="https://127.0.0.1:${integ.http.port}" dest="${temp.file}" 
         username="test_user" password="changeme" verbose="true" retries="10"/>-->
  </target>
</project>