From 5e8b61fb062e12dba3f17e51512b54776959a379 Mon Sep 17 00:00:00 2001 From: Aleh Zasypkin Date: Fri, 27 Dec 2024 17:51:43 +0100 Subject: [PATCH] fix(tests, interactive setup): switch interactive setup tests config to non-deprecated `secure_password` setting (#205208) ## Summary Switch interactive setup tests config to non-deprecated `secure_password` setting as was flagged in https://github.com/elastic/kibana-team/issues/1173#issuecomment-2545077579 --- packages/kbn-es/src/settings.test.ts | 4 ++++ packages/kbn-es/src/settings.ts | 1 + .../enrollment_flow.config.ts | 2 +- test/interactive_setup_functional/enrollment_token.config.ts | 2 +- 4 files changed, 7 insertions(+), 2 deletions(-) diff --git a/packages/kbn-es/src/settings.test.ts b/packages/kbn-es/src/settings.test.ts index 847d582d56d80..2eeef1e09a375 100644 --- a/packages/kbn-es/src/settings.test.ts +++ b/packages/kbn-es/src/settings.test.ts @@ -14,6 +14,7 @@ const mockSettings = [ 'xpack.security.authc.realms.oidc.oidc1.rp.client_secret=secret', 'xpack.security.authc.realms.oidc.oidc1.rp.client_id=client id', 'xpack.security.authc.realms.jwt.jwt1.client_authentication.shared_secret=jwt_secret', + 'xpack.security.http.ssl.keystore.secure_password=some_password', 'discovery.type=single-node', ]; @@ -23,6 +24,7 @@ test('`parseSettings` parses and returns all settings by default', () => { ['xpack.security.authc.realms.oidc.oidc1.rp.client_secret', 'secret'], ['xpack.security.authc.realms.oidc.oidc1.rp.client_id', 'client id'], ['xpack.security.authc.realms.jwt.jwt1.client_authentication.shared_secret', 'jwt_secret'], + ['xpack.security.http.ssl.keystore.secure_password', 'some_password'], ['discovery.type', 'single-node'], ]); }); @@ -33,6 +35,7 @@ test('`parseSettings` parses and returns all settings with `SettingsFilter.All` ['xpack.security.authc.realms.oidc.oidc1.rp.client_secret', 'secret'], ['xpack.security.authc.realms.oidc.oidc1.rp.client_id', 'client id'], ['xpack.security.authc.realms.jwt.jwt1.client_authentication.shared_secret', 'jwt_secret'], + ['xpack.security.http.ssl.keystore.secure_password', 'some_password'], ['discovery.type', 'single-node'], ]); }); @@ -41,6 +44,7 @@ test('`parseSettings` parses and returns only secure settings with `SettingsFilt expect(parseSettings(mockSettings, { filter: SettingsFilter.SecureOnly })).toEqual([ ['xpack.security.authc.realms.oidc.oidc1.rp.client_secret', 'secret'], ['xpack.security.authc.realms.jwt.jwt1.client_authentication.shared_secret', 'jwt_secret'], + ['xpack.security.http.ssl.keystore.secure_password', 'some_password'], ]); }); diff --git a/packages/kbn-es/src/settings.ts b/packages/kbn-es/src/settings.ts index 845ff36a5c070..91ce33c98c01f 100644 --- a/packages/kbn-es/src/settings.ts +++ b/packages/kbn-es/src/settings.ts @@ -13,6 +13,7 @@ const SECURE_SETTINGS_LIST = [ /^xpack\.security\.authc\.realms\.oidc\.[a-zA-Z0-9_]+\.rp\.client_secret$/, /^xpack\.security\.authc\.realms\.jwt\.[a-zA-Z0-9_]+\.client_authentication\.shared_secret$/, + /^xpack\.security\.http\.ssl\.keystore\.secure_password$/, ]; function isSecureSetting(settingName: string) { diff --git a/test/interactive_setup_api_integration/enrollment_flow.config.ts b/test/interactive_setup_api_integration/enrollment_flow.config.ts index 75f4dcf624de0..54c562d6bb2c0 100644 --- a/test/interactive_setup_api_integration/enrollment_flow.config.ts +++ b/test/interactive_setup_api_integration/enrollment_flow.config.ts @@ -38,7 +38,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { ...manualConfigurationFlowTestsConfig.get('esTestCluster.serverArgs'), 'xpack.security.enrollment.enabled=true', `xpack.security.http.ssl.keystore.path=${caPath}`, - 'xpack.security.http.ssl.keystore.password=storepass', + 'xpack.security.http.ssl.keystore.secure_password=storepass', ], }, diff --git a/test/interactive_setup_functional/enrollment_token.config.ts b/test/interactive_setup_functional/enrollment_token.config.ts index 6e39cf2ef0351..b3e3d8150a382 100644 --- a/test/interactive_setup_functional/enrollment_token.config.ts +++ b/test/interactive_setup_functional/enrollment_token.config.ts @@ -41,7 +41,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { ...manualConfigurationConfig.get('esTestCluster.serverArgs'), 'xpack.security.enrollment.enabled=true', `xpack.security.http.ssl.keystore.path=${caPath}`, - 'xpack.security.http.ssl.keystore.password=storepass', + 'xpack.security.http.ssl.keystore.secure_password=storepass', ], },