Adust deprecation criticality and message

elastic · May 4, 2021 · 11c5dc2 · 11c5dc2
1 parent e5e9e2a
commit 11c5dc2
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 17 deletions.
diff --git a/.../deprecation/src/main/java/org/elasticsearch/xpack/deprecation/NodeDeprecationChecks.java b/.../deprecation/src/main/java/org/elasticsearch/xpack/deprecation/NodeDeprecationChecks.java
@@ -129,13 +129,14 @@ static DeprecationIssue checkImplicitlyDisabledSecurityOnBasicAndTrial(final Set
         if ( XPackSettings.SECURITY_ENABLED.exists(settings) == false
             && (licenseState.getOperationMode().equals(License.OperationMode.BASIC)
             || licenseState.getOperationMode().equals(License.OperationMode.TRIAL))) {
-          String details = "The behavior where the value of [xpack.security.enabled] setting is false for " +
-              licenseState.getOperationMode() + " licenses is deprecated and will be changed in a future version." +
-              "See https://www.elastic.co/guide/en/elasticsearch/reference/" + Version.CURRENT.major + "." +
-              Version.CURRENT.minor + "/security-minimal-setup.html to enable security, or explicitly disable security by " +
-              "setting [xpack.security.enabled] to false in elasticsearch.yml";
+          String details = "The default behavior of disabling security on " + licenseState.getOperationMode().description()
+              + " licenses is deprecated. A later version of Elasticsearch will set [xpack.security.enabled] to \"true\" "
+              + "for all licenses and enable security by default."
+              + "See https://www.elastic.co/guide/en/elasticsearch/reference/" + Version.CURRENT.major + "."
+              + Version.CURRENT.minor + "/security-minimal-setup.html to enable security, or explicitly disable security by "
+              + "setting [xpack.security.enabled] to false in elasticsearch.yml";
             return new DeprecationIssue(
-                DeprecationIssue.Level.WARNING,
+                DeprecationIssue.Level.CRITICAL,
                 "Security is enabled by default for all licenses in the next major version.",
                 "https://www.elastic.co/guide/en/elasticsearch/reference/7.14/deprecated-7.14.html#implicitly-disabled-security",
                 details);

diff --git a/...ecation/src/test/java/org/elasticsearch/xpack/deprecation/NodeDeprecationChecksTests.java b/...ecation/src/test/java/org/elasticsearch/xpack/deprecation/NodeDeprecationChecksTests.java
@@ -599,10 +599,10 @@ public void testImplicitlyDisabledSecurityWarning() {
             NodeDeprecationChecks.checkImplicitlyDisabledSecurityOnBasicAndTrial(Settings.EMPTY,
                 null,
                 new XPackLicenseState(Settings.EMPTY, () -> 0));
-        assertThat(issue.getLevel(), equalTo(DeprecationIssue.Level.WARNING));
+        assertThat(issue.getLevel(), equalTo(DeprecationIssue.Level.CRITICAL));
         assertThat(issue.getMessage(), equalTo("Security is enabled by default for all licenses in the next major version."));
         assertNotNull(issue.getDetails());
-        assertThat(issue.getDetails(), containsString("The behavior where the value of [xpack.security.enabled] setting is false for "));
+        assertThat(issue.getDetails(), containsString("The default behavior of disabling security on "));
         assertThat(issue.getUrl(),
             equalTo("https://www.elastic.co/guide/en/elasticsearch/reference/7.14/deprecated-7.14.html#implicitly-disabled-security"));
     }

diff --git a/.../src/main/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListener.java b/.../src/main/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListener.java
@@ -53,11 +53,12 @@ public synchronized void licenseStateChanged() {
                 if (licenseState.getOperationMode().equals(License.OperationMode.BASIC)
                     || licenseState.getOperationMode().equals(License.OperationMode.TRIAL)) {
                     deprecationLogger.deprecate(DeprecationCategory.SECURITY, "security_implicitly_disabled",
-                        "The behavior where the value of [xpack.security.enabled] setting defaults to false for " +
-                            licenseState.getOperationMode() + " licenses is deprecated and will be changed in a future version. " +
-                        "See https://www.elastic.co/guide/en/elasticsearch/reference/" + Version.CURRENT.major + "." +
-                            Version.CURRENT.minor + "/security-minimal-setup.html to enable security, or explicitly disable security by " +
-                            "setting [xpack.security.enabled] to false in elasticsearch.yml");
+                        "The default behavior of disabling security on " + licenseState.getOperationMode().description()
+                            + " licenses is deprecated. A later version of Elasticsearch will set [xpack.security.enabled] to \"true\" "
+                            + "for all licenses and enable security by default."
+                            + "See https://www.elastic.co/guide/en/elasticsearch/reference/" + Version.CURRENT.major + "."
+                            + Version.CURRENT.minor + "/security-minimal-setup.html to enable security, or explicitly disable security by "
+                            + "setting [xpack.security.enabled] to false in elasticsearch.yml");
                 }
             }
             this.securityEnabled = newState;

diff --git a/...test/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListenerTests.java b/...test/java/org/elasticsearch/xpack/security/support/SecurityStatusChangeListenerTests.java
@@ -130,10 +130,11 @@ public void testWarningForImplicitlyDisabledSecurity() {
         when(licenseState.isSecurityEnabled()).thenReturn(false);
         when(licenseState.getOperationMode()).thenReturn(License.OperationMode.TRIAL);
         listener.licenseStateChanged();
-        assertWarnings("The behavior where the value of [xpack.security.enabled] setting defaults to false for TRIAL " +
-            "licenses is deprecated and will be changed in a future version. See " +
-            "https://www.elastic.co/guide/en/elasticsearch/reference/7.14/security-minimal-setup.html to enable security, or explicitly " +
-            "disable security by setting [xpack.security.enabled] to false in elasticsearch.yml");
+        assertWarnings("The default behavior of disabling security on trial"
+            + " licenses is deprecated. A later version of Elasticsearch will set [xpack.security.enabled] to \"true\" "
+            + "for all licenses and enable security by default."
+            + "See https://www.elastic.co/guide/en/elasticsearch/reference/7.14/security-minimal-setup.html to enable security, "
+            + "or explicitly disable security by setting [xpack.security.enabled] to false in elasticsearch.yml");
     }
 
 }