diff --git a/src/cli/dev_ssl.js b/src/cli/dev_ssl.js deleted file mode 100644 index 110f44ee57b7d..0000000000000 --- a/src/cli/dev_ssl.js +++ /dev/null @@ -1,22 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import { resolve } from 'path'; -export const DEV_SSL_CERT_PATH = resolve(__dirname, '../../test/dev_certs/server.crt'); -export const DEV_SSL_KEY_PATH = resolve(__dirname, '../../test/dev_certs/server.key'); diff --git a/src/cli/serve/serve.js b/src/cli/serve/serve.js index be3fc319389d7..29d0fe16ee126 100644 --- a/src/cli/serve/serve.js +++ b/src/cli/serve/serve.js @@ -28,8 +28,6 @@ import { getConfigPath } from '../../core/server/path'; import { bootstrap } from '../../core/server'; import { readKeystore } from './read_keystore'; -import { DEV_SSL_CERT_PATH, DEV_SSL_KEY_PATH } from '../dev_ssl'; - function canRequire(path) { try { require.resolve(path); @@ -90,7 +88,7 @@ function applyConfigOverrides(rawConfig, opts, extraCliOptions) { if (opts.ssl) { // @kbn/dev-utils is part of devDependencies - const { CA_CERT_PATH } = require('@kbn/dev-utils'); + const { CA_CERT_PATH, KBN_KEY_PATH, KBN_CERT_PATH } = require('@kbn/dev-utils'); const customElasticsearchHosts = opts.elasticsearch ? opts.elasticsearch.split(',') : [].concat(get('elasticsearch.hosts') || []); @@ -104,6 +102,7 @@ function applyConfigOverrides(rawConfig, opts, extraCliOptions) { ensureNotDefined('server.ssl.key'); ensureNotDefined('server.ssl.keystore.path'); ensureNotDefined('server.ssl.truststore.path'); + ensureNotDefined('server.ssl.certificateAuthorities'); ensureNotDefined('elasticsearch.ssl.certificateAuthorities'); const elasticsearchHosts = ( @@ -121,10 +120,9 @@ function applyConfigOverrides(rawConfig, opts, extraCliOptions) { }); set('server.ssl.enabled', true); - // TODO: change this cert/key to KBN_CERT_PATH and KBN_KEY_PATH from '@kbn/dev-utils'; will require some work to avoid breaking - // functional tests. Once that is done, the existing test cert/key at DEV_SSL_CERT_PATH and DEV_SSL_KEY_PATH can be deleted. - set('server.ssl.certificate', DEV_SSL_CERT_PATH); - set('server.ssl.key', DEV_SSL_KEY_PATH); + set('server.ssl.certificate', KBN_CERT_PATH); + set('server.ssl.key', KBN_KEY_PATH); + set('server.ssl.certificateAuthorities', CA_CERT_PATH); set('elasticsearch.hosts', elasticsearchHosts); set('elasticsearch.ssl.certificateAuthorities', CA_CERT_PATH); } diff --git a/src/core/server/elasticsearch/elasticsearch_service.test.ts b/src/core/server/elasticsearch/elasticsearch_service.test.ts index 022a03e01d37d..2667859f303d4 100644 --- a/src/core/server/elasticsearch/elasticsearch_service.test.ts +++ b/src/core/server/elasticsearch/elasticsearch_service.test.ts @@ -33,6 +33,9 @@ import { ElasticsearchService } from './elasticsearch_service'; import { elasticsearchServiceMock } from './elasticsearch_service.mock'; import { duration } from 'moment'; +const delay = async (durationMs: number) => + await new Promise(resolve => setTimeout(resolve, durationMs)); + let elasticsearchService: ElasticsearchService; const configService = configServiceMock.create(); const deps = { @@ -42,7 +45,7 @@ configService.atPath.mockReturnValue( new BehaviorSubject({ hosts: ['http://1.2.3.4'], healthCheck: { - delay: duration(2000), + delay: duration(10), }, ssl: { verificationMode: 'none', @@ -125,21 +128,21 @@ describe('#setup', () => { const config = MockClusterClient.mock.calls[0][0]; expect(config).toMatchInlineSnapshot(` -Object { - "healthCheckDelay": "PT2S", - "hosts": Array [ - "http://8.8.8.8", - ], - "logQueries": true, - "requestHeadersWhitelist": Array [ - undefined, - ], - "ssl": Object { - "certificate": "certificate-value", - "verificationMode": "none", - }, -} -`); + Object { + "healthCheckDelay": "PT0.01S", + "hosts": Array [ + "http://8.8.8.8", + ], + "logQueries": true, + "requestHeadersWhitelist": Array [ + undefined, + ], + "ssl": Object { + "certificate": "certificate-value", + "verificationMode": "none", + }, + } + `); }); it('falls back to elasticsearch config if custom config not passed', async () => { const setupContract = await elasticsearchService.setup(deps); @@ -150,24 +153,24 @@ Object { const config = MockClusterClient.mock.calls[0][0]; expect(config).toMatchInlineSnapshot(` -Object { - "healthCheckDelay": "PT2S", - "hosts": Array [ - "http://1.2.3.4", - ], - "requestHeadersWhitelist": Array [ - undefined, - ], - "ssl": Object { - "alwaysPresentCertificate": undefined, - "certificate": undefined, - "certificateAuthorities": undefined, - "key": undefined, - "keyPassphrase": undefined, - "verificationMode": "none", - }, -} -`); + Object { + "healthCheckDelay": "PT0.01S", + "hosts": Array [ + "http://1.2.3.4", + ], + "requestHeadersWhitelist": Array [ + undefined, + ], + "ssl": Object { + "alwaysPresentCertificate": undefined, + "certificate": undefined, + "certificateAuthorities": undefined, + "key": undefined, + "keyPassphrase": undefined, + "verificationMode": "none", + }, + } + `); }); it('does not merge elasticsearch hosts if custom config overrides', async () => { @@ -213,6 +216,45 @@ Object { `); }); }); + + it('esNodeVersionCompatibility$ only starts polling when subscribed to', async done => { + const mockAdminClusterClientInstance = elasticsearchServiceMock.createClusterClient(); + const mockDataClusterClientInstance = elasticsearchServiceMock.createClusterClient(); + MockClusterClient.mockImplementationOnce( + () => mockAdminClusterClientInstance + ).mockImplementationOnce(() => mockDataClusterClientInstance); + + mockAdminClusterClientInstance.callAsInternalUser.mockRejectedValue(new Error()); + + const setupContract = await elasticsearchService.setup(deps); + await delay(10); + + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(0); + setupContract.esNodesCompatibility$.subscribe(() => { + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(1); + done(); + }); + }); + + it('esNodeVersionCompatibility$ stops polling when unsubscribed from', async done => { + const mockAdminClusterClientInstance = elasticsearchServiceMock.createClusterClient(); + const mockDataClusterClientInstance = elasticsearchServiceMock.createClusterClient(); + MockClusterClient.mockImplementationOnce( + () => mockAdminClusterClientInstance + ).mockImplementationOnce(() => mockDataClusterClientInstance); + + mockAdminClusterClientInstance.callAsInternalUser.mockRejectedValue(new Error()); + + const setupContract = await elasticsearchService.setup(deps); + + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(0); + const sub = setupContract.esNodesCompatibility$.subscribe(async () => { + sub.unsubscribe(); + await delay(100); + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(1); + done(); + }); + }); }); describe('#stop', () => { @@ -229,4 +271,27 @@ describe('#stop', () => { expect(mockAdminClusterClientInstance.close).toHaveBeenCalledTimes(1); expect(mockDataClusterClientInstance.close).toHaveBeenCalledTimes(1); }); + + it('stops pollEsNodeVersions even if there are active subscriptions', async done => { + expect.assertions(2); + const mockAdminClusterClientInstance = elasticsearchServiceMock.createCustomClusterClient(); + const mockDataClusterClientInstance = elasticsearchServiceMock.createCustomClusterClient(); + + MockClusterClient.mockImplementationOnce( + () => mockAdminClusterClientInstance + ).mockImplementationOnce(() => mockDataClusterClientInstance); + + mockAdminClusterClientInstance.callAsInternalUser.mockRejectedValue(new Error()); + + const setupContract = await elasticsearchService.setup(deps); + + setupContract.esNodesCompatibility$.subscribe(async () => { + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(1); + + await elasticsearchService.stop(); + await delay(100); + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(1); + done(); + }); + }); }); diff --git a/src/core/server/elasticsearch/elasticsearch_service.ts b/src/core/server/elasticsearch/elasticsearch_service.ts index 9eaf125cc006f..6616b42f136c0 100644 --- a/src/core/server/elasticsearch/elasticsearch_service.ts +++ b/src/core/server/elasticsearch/elasticsearch_service.ts @@ -17,8 +17,17 @@ * under the License. */ -import { ConnectableObservable, Observable, Subscription } from 'rxjs'; -import { filter, first, map, publishReplay, switchMap, take } from 'rxjs/operators'; +import { ConnectableObservable, Observable, Subscription, Subject } from 'rxjs'; +import { + filter, + first, + map, + publishReplay, + switchMap, + take, + shareReplay, + takeUntil, +} from 'rxjs/operators'; import { CoreService } from '../../types'; import { merge } from '../../utils'; @@ -47,13 +56,8 @@ interface SetupDeps { export class ElasticsearchService implements CoreService { private readonly log: Logger; private readonly config$: Observable; - private subscriptions: { - client?: Subscription; - esNodesCompatibility?: Subscription; - } = { - client: undefined, - esNodesCompatibility: undefined, - }; + private subscription: Subscription | undefined; + private stop$ = new Subject(); private kibanaVersion: string; constructor(private readonly coreContext: CoreContext) { @@ -69,7 +73,7 @@ export class ElasticsearchService implements CoreService { - if (this.subscriptions.client !== undefined) { + if (this.subscription !== undefined) { this.log.error('Clients cannot be changed after they are created'); return false; } @@ -100,7 +104,7 @@ export class ElasticsearchService implements CoreService; - this.subscriptions.client = clients$.connect(); + this.subscription = clients$.connect(); const config = await this.config$.pipe(first()).toPromise(); @@ -164,18 +168,7 @@ export class ElasticsearchService implements CoreService).connect(); - - // TODO: Move to Status Service https://github.com/elastic/kibana/issues/41983 - esNodesCompatibility$.subscribe(({ isCompatible, message }) => { - if (!isCompatible && message) { - this.log.error(message); - } - }); + }).pipe(takeUntil(this.stop$), shareReplay({ refCount: true, bufferSize: 1 })); return { legacy: { config$: clients$.pipe(map(clients => clients.config)) }, @@ -195,12 +188,10 @@ export class ElasticsearchService implements CoreService { + if (!isCompatible && message) { + this.logger.error(message); + } + }); + await this.setupDeps!.elasticsearch.esNodesCompatibility$.pipe( filter(nodes => nodes.isCompatible), take(1) diff --git a/test/dev_certs/server.crt b/test/dev_certs/server.crt deleted file mode 100644 index c7a39de4b517a..0000000000000 --- a/test/dev_certs/server.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDMDCCAhgCCQCkOD7fnHiQrTANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJB -VTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0 -cyBQdHkgTHRkMRIwEAYDVQQDEwlsb2NhbGhvc3QwIBcNMTYwMTE5MjExNjQ5WhgP -MjA4NDAyMDYyMTE2NDlaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0 -YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMT -CWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALR63SnR -LW/Dgl0Vuy8gB6KjWwvajRWeXNgvlf6LX56oNsUFREHBLQlC2uT5R26F3tOqCDbs -MFNoyDjMBinXRRFJJ2Sokue7GSsGvBv41LMTHnO/MeCCbEOqghJS/QI89cV+u+Aw -9U+v426KAlCa1sGuE2+3/JvqdBQyheiukmGLiJ0OofpfgpYuFmKi2uYBKU3qzjUx -D01wQ4rCpq5nEnksGhgBeBDnheYmmDsj/wDvnz1exK/WprvTiHQ5MwuIQ4OybwgV -WDF+zv8PXrObrsZvD/ulrjh1cakvnCe2kDYEKMRiHUDesHS2jNJkBUe+FJo4/E3U -pFoYOtdoBe69BIUCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAQhjF91G0R662XJJ7 -jGMudA9VbRVCow8s68I/GWPZmpKxPAxwz0xiv1eFIoiP416LX9amnx3yAmUoN4Wr -Cq0jsgyT1AOiSCdxkvYsqQG3SFVVt5BDLjThH66Vxi7Bach6SyATa1NG588mg7n9 -pPJ4A1rcj+5kZuwnd52kfVLP+535lylwMyoyJa2AskieRPLNSzus2eUDTR6F+9Mb -eLOwp5rMl2nNYfLXUCSqEeC6uPu0yq6Tu0N0SjThfKndd2NU1fk3zyOjxyCIhGPe -G8VhrPY4lkJ9EE9Tuq095jwd1+q9fYzlKZWhOmg+IcOwUMgbgeWpeZTAhUIZAnia -4UH6NA== ------END CERTIFICATE----- diff --git a/test/dev_certs/server.key b/test/dev_certs/server.key deleted file mode 100644 index 5a6dfea9dc7e4..0000000000000 --- a/test/dev_certs/server.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAtHrdKdEtb8OCXRW7LyAHoqNbC9qNFZ5c2C+V/otfnqg2xQVE -QcEtCULa5PlHboXe06oINuwwU2jIOMwGKddFEUknZKiS57sZKwa8G/jUsxMec78x -4IJsQ6qCElL9Ajz1xX674DD1T6/jbooCUJrWwa4Tb7f8m+p0FDKF6K6SYYuInQ6h -+l+Cli4WYqLa5gEpTerONTEPTXBDisKmrmcSeSwaGAF4EOeF5iaYOyP/AO+fPV7E -r9amu9OIdDkzC4hDg7JvCBVYMX7O/w9es5uuxm8P+6WuOHVxqS+cJ7aQNgQoxGId -QN6wdLaM0mQFR74Umjj8TdSkWhg612gF7r0EhQIDAQABAoIBADNwfU6o3vFm4OYV -BofU8jgppQ6I2QNbYoz/axnksXkv6oRXDvBK1cI4+tieL/zRTQQ5ByRYRyHO0JpX -lD4iq/3UQtUOsug3TGIWBlFWp5DulxRYXyflJGRY2b/NRW144HfMulGYwqJWuFTO -IwDEUQdczQ9fejEaLsF+8Omzr+b6+mEDewqoHb4mbr7gXMdkK85FU2tjWRHlUR+N -GMXRhQQE7o76UyYwNRbI418LaZitHcVYMKSsyU/+Uo/ivzD793OFzk5sDR9eThgi -B50yK2ClB+1bUfis18TXMtC4mZZeypTWifJpBzIiVLMBuN7/Y0HrSomIzyPC7ytW -5jZWCOECgYEA4k+AEmYOiIfPajT3YfG3y0Dptoup9x6zkzVNZnde3LgGRfezzJ7S -+lGbLNnIiuxAeHwZnyrptO0cgm0+SOCRwGXqySkl14WzD1P684nRwlQkzKv/50mZ -ZMUjM83SuIzh8mLv3F5xQ9td5R/y2kCw4YgyYHvhp1nLxEdwPbjtttkCgYEAzCgr -wlP0Uu5PlaSMKSbtmC6tHGv+kgTLM89V6o71+HiUTG6TWGmM+6XlT1cfVWE+27np -MsYoFTKI/meAeJwm+0pxEwemHgrgffkdmsWpTByLaOY1t/eNHagaLCGm2ZRu/WK7 -oltV18kPijnmFs1uZLvlBkxmkadrVAj/cw5uZ40CgYBFZt/9xHJ8iDmhdnDPBpO4 -r0V9B8Ot1yp24IfF/qGGyqCR4G6xN5u3zELsNDV99QmoaVZqK3zUUUrG7L2HF+da -u2aPHiFOwN+yuaxh90fucmN+qNinkziJYLN09Y/DrOC1toWcbRILH0DiPTP6npAf -+eaJFDSVX8JPhSD0rLupsQKBgEzILuz/NjyadEQLhstTYLiDlYfC9hNkyifKKr30 -1n2EnAHC9Jej2uoqEnwsgBRUZpes7A+0hw6x2uQTeTXjRKXt8Wj+z3MtFBFMx92V -yX5ene/t5PYznFczCeTfIylhsfyKTZdaUoa9j6Kk8+xPht1L7W7Y/Rp6pNsOJ0TW -gJ9hAoGBAOJDNPkmH1hY64bvR6P0zEyedClhxIclPHgCrntFTlspkMj/QY48K6IP -R8SZ5jDpxAquQDgvpiuZRDYMHBRJkUe2VpHJFYGl1MLTfoBYn1IH401ixUSBYxAW -yfE7/zMDZUov2Uu8Muto5R/yNHEKBMOLGjadkADhRIHbW4WG1yVr ------END RSA PRIVATE KEY----- diff --git a/x-pack/plugins/spaces/server/lib/request_interceptors/on_request_interceptor.test.ts b/x-pack/plugins/spaces/server/lib/request_interceptors/on_request_interceptor.test.ts index 448bc39eb606e..1b673d3418983 100644 --- a/x-pack/plugins/spaces/server/lib/request_interceptors/on_request_interceptor.test.ts +++ b/x-pack/plugins/spaces/server/lib/request_interceptors/on_request_interceptor.test.ts @@ -18,7 +18,8 @@ import { import * as kbnTestServer from '../../../../../../src/test_utils/kbn_server'; import { elasticsearchServiceMock } from 'src/core/server/mocks'; -describe('onRequestInterceptor', () => { +// FAILING: https://github.com/elastic/kibana/issues/58942 +describe.skip('onRequestInterceptor', () => { let root: ReturnType; beforeEach(async () => {