-
Notifications
You must be signed in to change notification settings - Fork 24.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auto configure TLS for new nodes of new clusters #77231
Merged
albertzaharovits
merged 184 commits into
elastic:master
from
albertzaharovits:config_tls_when_node_starts
Oct 14, 2021
Merged
Changes from 1 commit
Commits
Show all changes
184 commits
Select commit
Hold shift + click to select a range
2795c3a
Attemp TLS config
albertzaharovits bc28f81
Checkstyle
albertzaharovits d0a1122
Crazy typo
albertzaharovits 48c7c80
move does not support attributes
albertzaharovits d0c9270
Archives
albertzaharovits d0ad3c1
Nit
albertzaharovits c75dda6
Spotless
albertzaharovits 71bd34d
Facepalm
albertzaharovits fa4b93e
QA OS Make request with https
albertzaharovits 83d4036
Merge branch 'master' into config_tls_when_node_starts
albertzaharovits cce8094
working on archive tests
albertzaharovits 9c82a71
Archives tests still
albertzaharovits 7afeee2
ArchiveTests test51
albertzaharovits 169b3e7
ArchiveTests still
albertzaharovits a05bb85
Commons io FileUtils
albertzaharovits b66c345
Commons io precommit
albertzaharovits 230a364
Verbose auto-conf pacakging tests
albertzaharovits 26ad69a
More info about why the node doesn't start
albertzaharovits f9b74fd
Remove explicit CLI tool
jkakavas 4360d08
Updates from feedback
jkakavas b0cbdfc
fix cert DN and remove references to deleted CLI tool
jkakavas 1feac33
don't exit with 0 all the time
jkakavas 5dc4258
more packaging
jkakavas c05732d
more packaging2
jkakavas 4dcbc84
remove tripping assertion
jkakavas 4f0a743
Enable nodes running TEST INTEG distribution to call ConfigInitialNod…
jkakavas 3535b00
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas 26e7811
fix keystore management tests
jkakavas 7dcfd2f
test20KeystorePasswordOnStandardInput runs before we ever start the n…
jkakavas f86e6a8
Wait for enough time for ES in docker to complete auto-configuration
jkakavas 11834f1
missing colon that took me 4 hours to spot
jkakavas bdcd267
more test fixes
jkakavas d83fd6c
take TLS autoconfiguration in consideration for ArchiveGenerateInitia…
jkakavas d90104b
guess what
jkakavas 9fd5e77
:/ :(
jkakavas 0ef54aa
Use autoconfigured TLS when needed in Docker, disable it otherwise
jkakavas da5e3de
fix docker (for good ?) and print debug to retain my sanity
jkakavas c29e3e7
what's another commit
jkakavas c8785c4
disable auto-configuration in unrelated docker tests, fix stupid bug …
jkakavas 1498131
On linux too
jkakavas 84046fd
Create user after we verify installation so that upon installation ve…
jkakavas cd8c285
We might not have an elasticsearch.yml file in Docker
jkakavas 182c45d
revert previous unnecessary changes
jkakavas 8ac2890
spotless
jkakavas 1e439a6
more adjustments
jkakavas 48da88c
more adjustments
jkakavas dd5f118
this should fix all in linux
jkakavas 9791b77
plugin and configuration tests
jkakavas 71c934e
some more
jkakavas bc68b30
some more
jkakavas 9cd79e0
config tests
jkakavas 69990d1
add temp debug info
jkakavas 6221408
get the certificate from the right path
jkakavas a754c1e
add support for auto-configuration to windows batch file
jkakavas c150a08
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas 3f1d58a
Docker packaging tests now use auto-configured TLS
jkakavas 73be68f
CertGenCliTests do not need TLS auto-configuration
jkakavas a69986c
cleanup
jkakavas c55d9dd
spotless
jkakavas deafd2d
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas ec3c51f
fix certgen tests
jkakavas 6ccf723
don't sstop on success
jkakavas c1771d8
minor updates
jkakavas 749ba9b
fix
jkakavas 084b2f9
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas a8f7c47
Catch Throwables and amend how we populate SANs for certificates
jkakavas a5baae0
add more tests
jkakavas 28bca9e
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas 90a9022
spotless
jkakavas 90bd0f6
minor fixes
jkakavas 7d2219c
cleanup data dir after test to avoid false positives
jkakavas 4449fd5
test adjustments
jkakavas 9ecc182
spotless
jkakavas 9781eba
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas 9145898
revert fix for local invocation
jkakavas ea5932d
spotless
jkakavas a781149
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas ae591d3
Use legacy MAC algorithm for PKCS12 in tests until we can bump minimu…
jkakavas 1a3220d
call external class properly
jkakavas 42d88e9
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas 6ebcebc
fix elasticsearch-env
jkakavas 405c60d
fix tests for windows
jkakavas c3124d2
typo
jkakavas 125480c
minor fix
jkakavas 8decc71
fix for windows
jkakavas 4a9f987
set read only with attrib on windows
jkakavas 41d6067
undo read only before deletion
jkakavas 1e4648f
test
jkakavas 8ac813e
temp ugly debug
jkakavas a0cd8de
Address feedback related to packaging tests
jkakavas de20c38
adjust test after enabling auto-config
jkakavas ba6720c
windows fixes
jkakavas 6cde022
windows
jkakavas 5798743
add bugurl
jkakavas 38df918
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas ff48940
spotless
jkakavas 7b86021
more spotless
jkakavas 820fd28
wrong password instead of empty
jkakavas b59c55f
Mute on windows the test that I've been trying all morning to fix on …
jkakavas b070178
windows debugging
jkakavas b25cc0a
guess what spotless didn't like
jkakavas f4e784f
deBUG
jkakavas 8fb6362
debugging windows packaging tests
jkakavas 1b2eed3
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas f908c25
path fix
jkakavas c5eeb4f
temp debug
jkakavas d646a3b
test fixes
jkakavas dcb6ee5
spotless
jkakavas b0377e1
moar spotless
jkakavas a33a1da
windows file ownership
jkakavas 6f2be87
test fixes
jkakavas c83160d
Merge remote-tracking branch 'origin/master' into config_tls_when_nod…
jkakavas 4cf3243
remove default from env
jkakavas bc8d9c5
selective mute to check the rest of the tests on windows
jkakavas 1acd0cc
more fixes
jkakavas 8df3cbf
unused import
jkakavas a8337c2
...
jkakavas df561e8
adjustments
jkakavas 514a240
bump leniency
jkakavas ba30af4
temp debugging
jkakavas 4d1658b
fix docker issues on startup
jkakavas dd2f567
additional windows debug temp logging
jkakavas e175b5c
unused imports
jkakavas 99b649c
spotless
jkakavas 178580b
check if FileUtils.deleteDirectory from apache commons does the job o…
jkakavas 99b4ad0
spotless
jkakavas dbf7250
Revert "check if FileUtils.deleteDirectory from apache commons does t…
jkakavas 8bda57f
attempt to explicitly own the dir before removing it
jkakavas 17fb5ee
try
jkakavas b62a84b
Attempt to set Adminstrator to own the installation in windows
jkakavas 64ca0e8
expect new onwer
jkakavas 05a680d
Revert "Attempt to set Adminstrator to own the installation in windows"
jkakavas 1d64bd2
Revert "expect new onwer"
jkakavas ae32a86
re-enable windows tests
jkakavas f6d80e9
can retries be the solution ?
jkakavas b397fbb
Merge branch 'master' into config_tls_when_node_starts
elasticmachine a897e07
Merge branch 'master' into config_tls_when_node_starts
albertzaharovits 09ba3fd
crapshoot #1
albertzaharovits d2294bf
Debug windows owners
albertzaharovits 22abdaf
Debug
albertzaharovits c882489
Timeout start Win Service
albertzaharovits 5212d1c
Where-Object powershell
albertzaharovits c40e627
Merge branch 'master' into config_tls_when_node_starts
albertzaharovits ea1d65e
Unregister event power shell
albertzaharovits fe22d1e
Obscene timeout
albertzaharovits db09ff3
Debug config dir ownership
albertzaharovits 8770dfa
Merge branch 'master' into config_tls_when_node_starts
albertzaharovits d1e5a69
Merge fallout
albertzaharovits 24cdc36
Spotless
albertzaharovits 3b0398b
Update docs/changelog/77231.yaml
albertzaharovits 3005c5f
Remove changelog entry
albertzaharovits c12ef31
Update docs/changelog/77231.yaml
albertzaharovits bd3639c
Remove changelog
albertzaharovits 1c70efd
Update docs/changelog/77231.yaml
albertzaharovits af4f696
Awesome, thanks GH bot!
albertzaharovits 50d3040
Absolutely nothing here
albertzaharovits 4e401b1
More nothing
albertzaharovits aeae7d9
Spotless
albertzaharovits b258dcf
Trash!
albertzaharovits 63e270c
Test mute
albertzaharovits 1a6ff4d
Delete sooner - debug
albertzaharovits ed7c91e
Merge branch 'master' into config_tls_when_node_starts
albertzaharovits 79d276e
Merge branch 'master' into config_tls_when_node_starts
albertzaharovits f773ad8
No chown
albertzaharovits 8fd4fd1
Checkstyle
albertzaharovits 7315dee
Mute some ArchiveTests for debug purposes
albertzaharovits b0cd785
Merge branch 'master' into config_tls_when_node_starts
albertzaharovits 37cd9b9
Spotless
albertzaharovits f544536
Fix file handler leak
albertzaharovits 95ff581
Un-mute the previously muted for debug
albertzaharovits 63740cb
assumeTrue -> assertTrue
albertzaharovits f2817a7
Meh
albertzaharovits e9d33de
Change owner for ConfigurationTests in Windows
albertzaharovits d5c965d
WindowsServiceTests
albertzaharovits 5751777
Spotless
albertzaharovits d35655d
auto config on dir not writable
albertzaharovits eead1b9
Deny Write perm instead of deny modify
albertzaharovits f93df10
Meh
albertzaharovits 774c1f0
Merge branch 'master' into config_tls_when_node_starts
albertzaharovits 1f3b26d
Factor out CA certificate in packaging tests
albertzaharovits 6c79751
Merge branch 'master' into config_tls_when_node_starts
albertzaharovits fd90c01
Fallout from refactoring of CA cert
albertzaharovits 696220e
Close Files list stream
albertzaharovits 8dc98d4
Meh
albertzaharovits File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Use autoconfigured TLS when needed in Docker, disable it otherwise
- Loading branch information
commit 0ef54aab0e10185c7e3b84db095a9e157042b214
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm wondering if it might make sense to add some of these
ServerUtils
methods toPackagingTestCase
that way we have a reference to the installation already and came make this code less verbose. The test case methods can just delegate toServerUtils
, passing the installation for us.