Set xpack.security.enabled to true for all licenses#72300
Merged
jkakavas merged 56 commits intoelastic:masterfrom Aug 9, 2021
Merged
Set xpack.security.enabled to true for all licenses#72300jkakavas merged 56 commits intoelastic:masterfrom
jkakavas merged 56 commits intoelastic:masterfrom
Conversation
Contributor
Author
|
@elasticmachine run elasticsearch-ci/packaging-sample-unix |
Contributor
Author
|
@elasticmachine run elasticsearch-ci/packaging-sample-unix |
1 similar comment
Contributor
Author
|
@elasticmachine run elasticsearch-ci/packaging-sample-unix |
Contributor
Author
|
@elasticmachine run elasticsearch-ci/packaging-sample-unix (not running these in vein waiting for the tests to auto-fix themselves, but rather attempting to get some useful logs from the CI workers :) ) |
...ugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java
Show resolved
Hide resolved
x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java
Outdated
Show resolved
Hide resolved
...y/src/main/java/org/elasticsearch/xpack/security/authz/DlsFlsRequestCacheDifferentiator.java
Show resolved
Hide resolved
…nents that are only loaded when security _is_ enabled
jkakavas
commented
Aug 4, 2021
...erTest/java/org/elasticsearch/xpack/security/authz/SecuritySearchOperationListenerTests.java
Show resolved
Hide resolved
jkakavas
commented
Aug 4, 2021
x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/ApiKeyService.java
Outdated
Show resolved
Hide resolved
jkakavas
commented
Aug 4, 2021
x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/TokenService.java
Show resolved
Hide resolved
x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java
Show resolved
Hide resolved
x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java
Show resolved
Hide resolved
albertzaharovits
approved these changes
Aug 4, 2021
Contributor
albertzaharovits
left a comment
There was a problem hiding this comment.
Great effort on this one Ioannis!
Looks like you've almost worked through all the minor points I had in real-time, so I think this is good to merge.
Contributor
Author
|
@elasticmachine run elasticsearch-ci/part-2-fips |
Contributor
Author
|
@albertzaharovits I will merge this as is Monday morning, could you unmute the related Packaging Tests in #76124 ? |
Contributor
|
@jkakavas yes, for sure. |
80 tasks
jkakavas
added a commit
to jkakavas/homebrew-tap
that referenced
this pull request
Sep 5, 2021
During installation, we start elasticsearch a couple of times and check that we can connect to it. Since elastic/elasticsearch#72300 this tests ( and installation for that matter) has been failing since security is enabled by default and we make requests without credentials. This change, as a temporary measure, makes it so that we start elasticsearch with security explicitly disabled temporarily during installation so that we can make the necessary connection test requests without credentials. In a follow-up, we will adjust the Formula to take advantage of newly added functionality, set and show the password for the elastic user during installation (similar to what we do in elastic/elasticsearch#75144). We can then also use this password to make the test requests without needing to disable authN.
mgreau
pushed a commit
to elastic/homebrew-tap
that referenced
this pull request
Sep 7, 2021
* Adjust installation test During installation, we start elasticsearch a couple of times and check that we can connect to it. Since elastic/elasticsearch#72300 this tests ( and installation for that matter) has been failing since security is enabled by default and we make requests without credentials. This change, as a temporary measure, makes it so that we start elasticsearch with security explicitly disabled temporarily during installation so that we can make the necessary connection test requests without credentials. In a follow-up, we will adjust the Formula to take advantage of newly added functionality, set and show the password for the elastic user during installation (similar to what we do in elastic/elasticsearch#75144). We can then also use this password to make the test requests without needing to disable authN. * that other test too
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This change sets the default value for xpack.security.enabled to true
for all licenses. As such the value is read directly from the node's
settings and not from XPackLicenseState which doesn't need to
keep track of it depending on license changes any more.