Detect old trial licenses and mimic behaviour #32209
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Preior to 6.3 a trial license default to security enabled. Since 6.3 they default to security disabled. If a cluster is upgraded from <6.3 to >6.3, then we detect this and mimic the old behaviour with respect to security.
- Track trial-security-state in a separate variable - Always propogate trialVersion down, even on non-trial versions
tvernum
added
review
v7.0.0
:Security/Security
|
Pinging @elastic/es-security |
jaymode
approved these changes
Jul 19, 2018
| * May be {@code null} if they have never generated a trial license on this cluster, or the most recent | ||
| * trial was prior to this metadata being tracked (6.1) | ||
| */ | ||
| void update(OperationMode mode, boolean active, @Nullable Version mostRecentTrialVersion) { | ||
| status = new Status(mode, active); | ||
| listeners.forEach(Runnable::run); |
There was a problem hiding this comment.
this should happen after we update isSecurityEnabledByTrialVersion
jkakavas
reviewed
Jul 19, 2018
| // Before 6.3, Trial licenses would default having security enabled. | ||
| // If this license was generated before that version, then treat it as if security is explicitly enabled | ||
| if (mostRecentTrialVersion == null || mostRecentTrialVersion.before(Version.V_6_3_0)) { | ||
| Loggers.getLogger(getClass()).info("Automatically enabling security for older trial license ({})", mostRecentTrialVersion); |
There was a problem hiding this comment.
We could add a default value (.i.e. < 6.1 ) in the parameterized message because
Automatically enabling security for older trial license (null)
might be slightly obscure.
tvernum
added a commit
that referenced
this pull request
Jul 20, 2018
Prior to 6.3 a trial license default to security enabled. Since 6.3 they default to security disabled. If a cluster is upgraded from <6.3 to >6.3, then we detect this and mimic the old behaviour with respect to security.
tvernum
added a commit
that referenced
this pull request
Jul 20, 2018
Prior to 6.3 a trial license default to security enabled. Since 6.3 they default to security disabled. If a cluster is upgraded from <6.3 to >6.3, then we detect this and mimic the old behaviour with respect to security.
martijnvg
added a commit
that referenced
this pull request
Jul 21, 2018
* es/6.x: (24 commits) Fix broken backport Switch full-cluster-restart to new style Requests (#32140) Fix multi level nested sort (#32204) MINOR: Remove unused `IndexDynamicSettings` (#32237) (#32248) [Tests] Remove QueryStringQueryBuilderTests#toQuery class assertions (#32236) Switch rolling restart to new style Requests (#32147) Enhance Parent circuit breaker error message (#32056) [ML] Use default request durability for .ml-state index (#32233) Enable testing in FIPS140 JVM (#31666) (#32231) Remove indices stats timeout from monitoring docs TESTS: Check for Netty resource leaks (#31861) (#32225) Rename ranking evaluation response section (#32166) Dependencies: Upgrade to joda time 2.10 (#32160) Backport SSL context names (#30953) to 6.x (#32223) Require Gradle 4.9 as minimum version (#32200) Detect old trial licenses and mimic behaviour (#32209) Painless: Simplify Naming in Lookup Package (#32177) add support for write index resolution when creating/updating documents (#31520) A replica can be promoted and started in one cluster state update (#32042) Rest test - allow for snapshots to take 0 milliseconds ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Prior to 6.3 a trial license default to security enabled. Since 6.3
they default to security disabled. If a cluster is upgraded from <6.3
to >6.3, then we detect this and mimic the old behaviour with respect
to security.