Add test for HTTP and Transport TLS on basic license #40714
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Always output "ssl" usage, even if security is not enabled - Adds a QA test for running on basic with TLS on transport and http
tvernum
added
>test
|
Pinging @elastic/es-security |
|
Would you mind moving this from |
jaymode
reviewed
Apr 2, 2019
| @@ -0,0 +1,27 @@ | |||
| setup: | |||
There was a problem hiding this comment.
My 2 cents is that a rest test isn't the right thing here. They are harder to debug and unless we'd want these to be run by language clients, I think a Java test is a better alternative.
jkakavas
reviewed
Apr 3, 2019
There was a problem hiding this comment.
@jaymode 's comments seem valid. I don't have a strong opinion on rest vs java tests. I don't see troubleshooting this being too problematic as we need to verify that the cluster started and if not and this will be obvious in either test format and rest responses will be clear enough in case of failures. LGTM after we move to x-pack/plugin/security/qa
| testCompile project(path: xpackModule('core'), configuration: 'default') | ||
| testCompile project(path: xpackModule('security'), configuration: 'testArtifacts') | ||
| testCompile project(path: xpackModule('core'), configuration: 'testArtifacts') | ||
| testCompile project(path: ':modules:reindex') |
There was a problem hiding this comment.
I don't think we need this dependency
| exclude '**/*.key' | ||
| exclude '**/*.pem' | ||
| exclude '**/*.p12' | ||
| exclude '**/*.jks' |
|
I decided that @jaymode was right, and a Java test was clearer. |
jasontedor
added a commit
to jasontedor/elasticsearch
that referenced
this pull request
Apr 6, 2019
* master: (63 commits) Suppress lease background sync failures if stopping (elastic#40902) [DOCS] Added settings page for ILM. (elastic#40880) [Docs] Remove extraneous text (elastic#40914) Move test classes to test root in Painless (elastic#40873) Fix date index name processor default date_formats (elastic#40915) Source additional files correctly in elasticsearch-cli (elastic#40890) Allow AVX-512 on JDK 11+ (elastic#40828) [Docs] Change example to show col headers (elastic#40822) Update apache httpclient to version 4.5.8 (elastic#40875) Update monitoring-kibana.json (elastic#40899) Introduce Delegating ActionListener Wrappers (elastic#40129) Deprecate old transport settings (elastic#40821) Add Kibana application privileges for monitoring and ml reserved roles (elastic#40651) Use Writeable for TransportReplAction derivatives (elastic#40894) Add test for HTTP and Transport TLS on basic license (elastic#40714) Remove unneded cluster config from test (elastic#40856) Make Fuzziness reject illegal values earlier (elastic#33511) Remove test-only customisation from TransReplAct (elastic#40863) Fix dense/sparse vector limit documentation (elastic#40852) Make -try xlint warning disabled by default. (elastic#40833) ...
jasontedor
added a commit
to jasontedor/elasticsearch
that referenced
this pull request
Apr 6, 2019
* master: (77 commits) Suppress lease background sync failures if stopping (elastic#40902) [DOCS] Added settings page for ILM. (elastic#40880) [Docs] Remove extraneous text (elastic#40914) Move test classes to test root in Painless (elastic#40873) Fix date index name processor default date_formats (elastic#40915) Source additional files correctly in elasticsearch-cli (elastic#40890) Allow AVX-512 on JDK 11+ (elastic#40828) [Docs] Change example to show col headers (elastic#40822) Update apache httpclient to version 4.5.8 (elastic#40875) Update monitoring-kibana.json (elastic#40899) Introduce Delegating ActionListener Wrappers (elastic#40129) Deprecate old transport settings (elastic#40821) Add Kibana application privileges for monitoring and ml reserved roles (elastic#40651) Use Writeable for TransportReplAction derivatives (elastic#40894) Add test for HTTP and Transport TLS on basic license (elastic#40714) Remove unneded cluster config from test (elastic#40856) Make Fuzziness reject illegal values earlier (elastic#33511) Remove test-only customisation from TransReplAct (elastic#40863) Fix dense/sparse vector limit documentation (elastic#40852) Make -try xlint warning disabled by default. (elastic#40833) ...
tvernum
added a commit
to tvernum/elasticsearch
that referenced
this pull request
Apr 8, 2019
This adds a new security/qa test for TLS on a basic license. It starts a 2 node cluster with a basic license, and TLS enabled on both HTTP and Transport, and verifies the license type, x-pack SSL usage and SSL certificates API. It also upgrades the cluster to a trial license and performs that same set of checks (to ensure that clusters with basic license and TLS enabled can be upgraded to a higher feature license) Backport of: elastic#40714
tvernum
added a commit
that referenced
this pull request
Apr 8, 2019
This adds a new security/qa test for TLS on a basic license. It starts a 2 node cluster with a basic license, and TLS enabled on both HTTP and Transport, and verifies the license type, x-pack SSL usage and SSL certificates API. It also upgrades the cluster to a trial license and performs that same set of checks (to ensure that clusters with basic license and TLS enabled can be upgraded to a higher feature license) Backport of: #40714
tvernum
added a commit
that referenced
this pull request
Apr 8, 2019
This adds a new security/qa test for TLS on a basic license. It starts a 2 node cluster with a basic license, and TLS enabled on both HTTP and Transport, and verifies the license type and SSL certificates API. It also upgrades the cluster to a trial license and performs that same set of checks (to ensure that clusters with basic license and TLS enabled can be upgraded to a higher feature license) Backport of: #40714
tvernum
added a commit
to tvernum/elasticsearch
that referenced
this pull request
May 23, 2019
This adds a new security/qa test for TLS on a basic license. It starts a 2 node cluster with a basic license, and TLS enabled on both HTTP and Transport, and verifies the license type, x-pack SSL usage and SSL certificates API. It also upgrades the cluster to a trial license and performs that same set of checks (to ensure that clusters with basic license and TLS enabled can be upgraded to a higher feature license) Backport of: elastic#40714
tvernum
added a commit
that referenced
this pull request
May 24, 2019
…42418) This adds a new security/qa test for TLS on a basic license. It starts a 2 node cluster with a basic license, and TLS enabled on both HTTP and Transport, and verifies the license type, x-pack SSL usage and SSL certificates API. It also upgrades the cluster to a trial license and performs that same set of checks (to ensure that clusters with basic license and TLS enabled can be upgraded to a higher feature license) Backport of: #40714 This also enables the "security-basic" QA test, which was previously ignored due to a missing config in build.gradle
gurkankaymak
pushed a commit
to gurkankaymak/elasticsearch
that referenced
this pull request
May 27, 2019
This adds a new security/qa test for TLS on a basic license. It starts a 2 node cluster with a basic license, and TLS enabled on both HTTP and Transport, and verifies the license type, x-pack SSL usage and SSL certificates API. It also upgrades the cluster to a trial license and performs that same set of checks (to ensure that clusters with basic license and TLS enabled can be upgraded to a higher feature license)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds a new x-pack/qa test for TLS on a basic license.
It starts a 2 node cluster with a basic license, and TLS enabled
on both HTTP and Transport, and verifies the license type, SSL
tessting and SSL certificates API.
It also upgrades the cluster to a trial license and performs that
same set of checks (to ensure that clusters with basic license
and TLS enabled can be upgraded to a higher feature license)
Relates: #37433