Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add apikey subcommand #3157

Merged
merged 55 commits into from
Jan 14, 2020
Merged

Add apikey subcommand #3157

merged 55 commits into from
Jan 14, 2020

Conversation

axw
Copy link
Member

@axw axw commented Jan 14, 2020

Continuation of #3063

jalvz and others added 30 commits December 17, 2019 15:45
@jalvz
Add apikey subcommand
f75f48d
@jalvz
Fix some tests
3214f42
@jalvz
Some fixes
1d7f204
@jalvz
Revert all the config stuff
2420c35
@jalvz
Add apikey subcommand
4fcbd9d
@jalvz
Fix some tests
32bbcb6
@jalvz
Some fixes
2aaa746
@jalvz
Revert all the config stuff
1c692eb
@graphaelli
key composite literals
5defc03
@graphaelli
Merge branch 'master' into apikey-command
484763a
@graphaelli
some linting
82a0c2f
@jalvz
Merge branch 'apikey-command' of github.com:jalvz/apm-server into api…
58f51a1 
…key-command
@jalvz
round of review comments
fbf9280
@jalvz
require credentials
9e68751
@jalvz
more code review comments
7843321
@jalvz
Merge remote-tracking branch 'elastic/master' into apikey-command
510414f
@jalvz
Add integration tests
653bdd9
@jalvz
return Cobra errors
1c222b0
@jalvz
A few more code review comments
87ab92b
@jalvz
Merge remote-tracking branch 'elastic/master' into apikey-command
302c562
@jalvz
Add a few tests
caefc89
@jalvz
No help
b2bfde0
@jalvz
More renames
e73a09b
@jalvz
query privileges before creating them, and fix issue intruducen in la…
d1123e0 
…st commit
@jalvz
Merge remote-tracking branch 'elastic/master' into apikey-command
11345d1
@jalvz
please the linter
939b9ae
@jalvz
fix unit test
fa827ed
@jalvz
Merge remote-tracking branch 'elastic/master' into apikey-command
5fa3a39
@jalvz
Reset libbeat api key
6f28f3c
@jalvz
make update
0eff8dd
jalvz and others added 12 commits January 13, 2020 10:29
@jalvz
Merge remote-tracking branch 'elastic/master' into apikey-command
8fc8929
@jalvz
more golint && fmt
2d6001d
@jalvz
a bit more code review
82285ca
@jalvz @axw
Update beater/authorization/apikey.go
5c852da 
Co-Authored-By: Andrew Wilkins <[email protected]>
@jalvz @axw
Update cmd/apikey.go
3da1348 
Co-Authored-By: Andrew Wilkins <[email protected]>
@jalvz @axw
Update beater/authorization/apikey.go
a708f59 
Co-Authored-By: Andrew Wilkins <[email protected]>
@jalvz @axw
Update beater/authorization/apikey.go
cef8ef4 
Co-Authored-By: Andrew Wilkins <[email protected]>
@jalvz
fix more errors introduced lately
983714f
@jalvz
Merge branch 'apikey-command' of github.com:jalvz/apm-server into api…
950ca80 
…key-command
@axw
Revert command short descriptions
106f02e
@axw
Minor cosmetic changes
86314a6
@axw
Command fixes
fd909d7 
- Don't print error twice (i.e. by calling printErr and then returning to RunE)
  For now, just use Run and call os.Exit ourselves.
- Update "create" to just pass in the privileges requested for the API Key to
  HasPrivileges, rather than all of them.
- Update "create" to inform the auth'd user of which requested privileges they
  do not have.
@axw axw changed the title Add apikey command Add apikey subcommand Jan 14, 2020
axw added 4 commits January 14, 2020 18:07
@axw
More small things
b4594a1 
- Revert param type change for authorization.NewBuilder
- Add a TODO to stop swallowing all DeletePrivileges errors
@axw
Merge branch 'master' into apikey-command
f592de2
@axw
Merge branch 'master' into apikey-command
32e985e
@axw
Fix info command
b718e63
@codecov-io
Copy link

codecov-io commented Jan 14, 2020
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (master@f592de2). Click here to learn what that means.
The diff coverage is n/a.

@@            Coverage Diff            @@
##             master    #3157   +/-   ##
=========================================
  Coverage          ?   78.89%           
=========================================
  Files             ?      106           
  Lines             ?     5587           
  Branches          ?        0           
=========================================
  Hits              ?     4408           
  Misses            ?     1179           
  Partials          ?        0
Impacted Files Coverage Δ
elasticsearch/security_api.go 0% <ø> (ø)

axw added 4 commits January 14, 2020 18:40
@axw
tests/system: check exit code
5db1862
@axw
Remove Credentials field from elasticsearch type
c1dd163
@axw
tests/system: don't require coverage output
c4d1aed
@axw
cmd: apikey command fixes
04a12a5 
- Don't take value of "json" flag before it's resolved
- If no privilege flags are specified, pass ActionsAll into
  createAPIKeyWithPrivileges, not ActionAny.
@axw axw requested a review from simitt January 14, 2020 11:54
simitt
simitt reviewed Jan 14, 2020
View reviewed changes
testing/docker/elasticsearch/roles.yml
@@ -8,7 +8,7 @@ apm_server:
privileges: ['sourcemap:write','event:write','config_agent:read']
resources: '*'
beats:
cluster: ['manage_index_templates','monitor','manage_ingest_pipelines','manage_ilm']
cluster: ['manage_index_templates','monitor','manage_ingest_pipelines','manage_ilm', 'manage_security','manage_api_key']
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is adding the cluster roles to beats role necessary?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's used by a system test that tests what happens when the user can create API keys, but doesn't have the privilege themself.

I'm not sure if beats_user has those privileges normally (I didn't add that bit). If not, I think maybe we should create a user dynamically for this test. In a follow up, preferably.

simitt
simitt approved these changes Jan 14, 2020
View reviewed changes
Copy link
Contributor

@simitt simitt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think all the major comments were addressed, and we can create a follow up issue for smaller things.

Thanks @jalvz for all the effort you put into that, I think the CLI tool is pretty exhaustive and will be a great support for our users.

@graphaelli graphaelli merged commit 2b02570 into elastic:master Jan 14, 2020
@graphaelli graphaelli mentioned this pull request Jan 14, 2020
Closed
1 task
graphaelli pushed a commit to graphaelli/apm-server that referenced this pull request Jan 14, 2020
@axw @graphaelli
Add apikey subcommand (elastic#3157)
02c3d15
@graphaelli graphaelli mentioned this pull request Jan 14, 2020
Merged
axw added a commit that referenced this pull request Jan 15, 2020
@graphaelli @axw
Add apikey subcommand (#3157) (#3162)
8f071dc 
Co-authored-by: Andrew Wilkins <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simitt simitt simitt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@axw @codecov-io @simitt @graphaelli @jalvz