OpenSearch/x-pack/qa/reindex-tests-with-security/build.gradle

69 lines
2.5 KiB
Groovy

import org.elasticsearch.gradle.http.WaitForHttpResource
apply plugin: 'elasticsearch.standalone-rest-test'
apply plugin: 'elasticsearch.rest-test'
dependencies {
testCompile project(path: xpackModule('core'), configuration: 'default')
testCompile project(path: xpackModule('security'), configuration: 'testArtifacts')
testCompile project(path: xpackModule('core'), configuration: 'testArtifacts')
testCompile project(path: ':modules:reindex')
}
forbiddenPatterns {
exclude '**/*.key'
exclude '**/*.pem'
exclude '**/*.p12'
exclude '**/*.jks'
}
File caFile = project.file('src/test/resources/ssl/ca.p12')
integTestCluster {
// Whitelist reindexing from the local node so we can test it.
extraConfigFile 'http.key', project.projectDir.toPath().resolve('src/test/resources/ssl/http.key')
extraConfigFile 'http.crt', project.projectDir.toPath().resolve('src/test/resources/ssl/http.crt')
extraConfigFile 'ca.p12', caFile
setting 'reindex.remote.whitelist', '127.0.0.1:*'
setting 'xpack.ilm.enabled', 'false'
setting 'xpack.security.enabled', 'true'
setting 'xpack.ml.enabled', 'false'
setting 'xpack.license.self_generated.type', 'trial'
setting 'xpack.security.http.ssl.enabled', 'true'
setting 'xpack.security.http.ssl.certificate', 'http.crt'
setting 'xpack.security.http.ssl.key', 'http.key'
setting 'xpack.security.http.ssl.key_passphrase', 'http-password'
setting 'reindex.ssl.truststore.path', 'ca.p12'
setting 'reindex.ssl.truststore.password', 'password'
// Workaround for JDK-8212885
rootProject.globalInfo.ready {
if (project.ext.runtimeJavaVersion.isJava12Compatible() == false) {
setting 'reindex.ssl.supported_protocols', 'TLSv1.2'
}
}
extraConfigFile 'roles.yml', 'roles.yml'
[
test_admin: 'superuser',
powerful_user: 'superuser',
minimal_user: 'minimal',
minimal_with_task_user: 'minimal_with_task',
readonly_user: 'readonly',
dest_only_user: 'dest_only',
can_not_see_hidden_docs_user: 'can_not_see_hidden_docs',
can_not_see_hidden_fields_user: 'can_not_see_hidden_fields',
].each { String user, String role ->
setupCommand 'setupUser#' + user,
'bin/elasticsearch-users', 'useradd', user, '-p', 'x-pack-test-password', '-r', role
}
waitCondition = { node, ant ->
WaitForHttpResource http = new WaitForHttpResource("https", node.httpUri(), numNodes)
http.setTrustStoreFile(caFile)
http.setTrustStorePassword("password")
http.setUsername("test_admin")
http.setPassword("x-pack-test-password")
return http.wait(5000)
}
}