Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move kibana-keystore from data/ to config/ #57856

Merged
merged 28 commits into from
Jul 13, 2020
Merged
Show file tree
Hide file tree
Changes from 27 commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
9443a0a
Move kibana-keystore from data/ to config/
jbudz Feb 18, 2020
f7c5772
Merge branch 'master' into mv/kibana-keystore
jbudz Feb 20, 2020
4255fc3
Merge branch 'master' into mv/kibana-keystore
elasticmachine Mar 19, 2020
f327c59
Merge branch 'mv/kibana-keystore' of github.com:jbudz/kibana into mv/…
jbudz Mar 19, 2020
909eaa5
add breaking changes
jbudz Mar 19, 2020
625b9c3
Merge branch 'master' into mv/kibana-keystore
elasticmachine Mar 19, 2020
fc13d8f
Merge branch 'master' into mv/kibana-keystore
jbudz Mar 30, 2020
f6c5439
update comment
jbudz Mar 30, 2020
2991ba2
Merge branch 'mv/kibana-keystore' of github.com:jbudz/kibana into mv/…
jbudz Mar 30, 2020
cd18ed8
Merge branch 'master' into mv/kibana-keystore
jbudz May 4, 2020
02d35c3
Merge branch 'master' into mv/kibana-keystore
elasticmachine May 14, 2020
027bda7
Merge branch 'master' into mv/kibana-keystore
elasticmachine May 15, 2020
e5f2190
Merge branch 'master' into mv/kibana-keystore
elasticmachine May 20, 2020
105d100
Merge branch 'master' into mv/kibana-keystore
jbudz May 26, 2020
ba87e36
wip
jbudz May 26, 2020
d0ecba2
Merge branch 'master' into mv/kibana-keystore
jbudz Jun 8, 2020
bb887e9
fix docs
jbudz Jun 8, 2020
dd27fab
read from both keystore locations, write priority to non-deprecated
jbudz Jun 8, 2020
beee61f
Merge branch 'master' into mv/kibana-keystore
elasticmachine Jun 12, 2020
6f7621e
Merge branch 'master' into mv/kibana-keystore
elasticmachine Jun 23, 2020
30abff0
Merge branch 'master' into mv/kibana-keystore
elasticmachine Jun 29, 2020
7edcc9d
Merge branch 'master' into mv/kibana-keystore
jbudz Jul 7, 2020
e6fb8e1
note data directory fallback
jbudz Jul 7, 2020
3c36f55
add tests for get_keystore
jbudz Jul 7, 2020
ad92279
Merge branch 'mv/kibana-keystore' of github.com:jbudz/kibana into mv/…
jbudz Jul 7, 2020
5dfce32
Merge branch 'master' into mv/kibana-keystore
jbudz Jul 7, 2020
bb6bc84
Merge branch 'master' into mv/kibana-keystore
elasticmachine Jul 9, 2020
74ab52a
Merge branch 'master' into mv/kibana-keystore
elasticmachine Jul 13, 2020
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion docs/migration/migrate_8_0.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -115,12 +115,17 @@ URL that it derived from the actual server address and `xpack.security.public` s

*Impact:* Any workflow that involved manually clearing generated bundles will have to be updated with the new path.

[float]]
=== kibana.keystore has moved from the `data` folder to the `config` folder
*Details:* By default, kibana.keystore has moved from the configured `path.data` folder to `<root>/config` for archive distributions
tylersmalley marked this conversation as resolved.
Show resolved Hide resolved
and `/etc/kibana` for package distributions. If a pre-existing keystore exists in the data directory that path will continue to be used.

[float]
[[breaking_80_user_role_changes]]
=== User role changes

[float]
==== `kibana_user` role has been removed and `kibana_admin` has been added.
=== `kibana_user` role has been removed and `kibana_admin` has been added.

*Details:* The `kibana_user` role has been removed and `kibana_admin` has been added to better
reflect its intended use. This role continues to grant all access to every
Expand Down
8 changes: 3 additions & 5 deletions src/cli_keystore/cli_keystore.js
Original file line number Diff line number Diff line change
Expand Up @@ -18,20 +18,16 @@
*/

import _ from 'lodash';
import { join } from 'path';

import { pkg } from '../core/server/utils';
import Command from '../cli/command';
import { getDataPath } from '../core/server/path';
import { Keystore } from '../legacy/server/keystore';

const path = join(getDataPath(), 'kibana.keystore');
const keystore = new Keystore(path);

import { createCli } from './create';
import { listCli } from './list';
import { addCli } from './add';
import { removeCli } from './remove';
import { getKeystore } from './get_keystore';

const argv = process.env.kbnWorkerArgv
? JSON.parse(process.env.kbnWorkerArgv)
Expand All @@ -42,6 +38,8 @@ program
.version(pkg.version)
.description('A tool for managing settings stored in the Kibana keystore');

const keystore = new Keystore(getKeystore());

createCli(program, keystore);
listCli(program, keystore);
addCli(program, keystore);
Expand Down
40 changes: 40 additions & 0 deletions src/cli_keystore/get_keystore.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
/*
* Licensed to Elasticsearch B.V. under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch B.V. licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/

import { existsSync } from 'fs';
import { join } from 'path';

import Logger from '../cli_plugin/lib/logger';
import { getConfigDirectory, getDataPath } from '../core/server/path';

export function getKeystore() {
const configKeystore = join(getConfigDirectory(), 'kibana.keystore');
const dataKeystore = join(getDataPath(), 'kibana.keystore');
let keystorePath = null;
if (existsSync(dataKeystore)) {
const logger = new Logger();
logger.log(
`kibana.keystore located in the data folder is deprecated. Future versions will use the config folder.`
);
keystorePath = dataKeystore;
} else {
keystorePath = configKeystore;
}
return keystorePath;
}
57 changes: 57 additions & 0 deletions src/cli_keystore/get_keystore.test.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
/*
* Licensed to Elasticsearch B.V. under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch B.V. licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/

import { getKeystore } from './get_keystore';
import Logger from '../cli_plugin/lib/logger';
import fs from 'fs';
import sinon from 'sinon';

describe('get_keystore', () => {
const sandbox = sinon.createSandbox();

beforeEach(() => {
sandbox.stub(Logger.prototype, 'log');
});

afterEach(() => {
sandbox.restore();
});

it('uses the config directory if there is no pre-existing keystore', () => {
sandbox.stub(fs, 'existsSync').returns(false);
expect(getKeystore()).toContain('config');
expect(getKeystore()).not.toContain('data');
});

it('uses the data directory if there is a pre-existing keystore in the data directory', () => {
sandbox.stub(fs, 'existsSync').returns(true);
expect(getKeystore()).toContain('data');
expect(getKeystore()).not.toContain('config');
});

it('logs a deprecation warning if the data directory is used', () => {
sandbox.stub(fs, 'existsSync').returns(true);
getKeystore();
sandbox.assert.calledOnce(Logger.prototype.log);
sandbox.assert.calledWith(
Logger.prototype.log,
'kibana.keystore located in the data folder is deprecated. Future versions will use the config folder.'
);
});
});
7 changes: 6 additions & 1 deletion src/core/server/path/index.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
*/

import { accessSync, constants } from 'fs';
import { getConfigPath, getDataPath } from './';
import { getConfigPath, getDataPath, getConfigDirectory } from './';

describe('Default path finder', () => {
it('should find a kibana.yml', () => {
Expand All @@ -30,4 +30,9 @@ describe('Default path finder', () => {
const dataPath = getDataPath();
expect(() => accessSync(dataPath, constants.R_OK)).not.toThrow();
});

it('should find a config directory', () => {
const configDirectory = getConfigDirectory();
expect(() => accessSync(configDirectory, constants.R_OK)).not.toThrow();
});
});
15 changes: 13 additions & 2 deletions src/core/server/path/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,10 @@ const CONFIG_PATHS = [
fromRoot('config/kibana.yml'),
].filter(isString);

const CONFIG_DIRECTORIES = [process.env.KIBANA_PATH_CONF, fromRoot('config'), '/etc/kibana'].filter(
isString
);

const DATA_PATHS = [
process.env.DATA_PATH, // deprecated
fromRoot('data'),
Expand All @@ -49,12 +53,19 @@ function findFile(paths: string[]) {
}

/**
* Get the path where the config files are stored
* Get the path of kibana.yml
* @internal
*/
export const getConfigPath = () => findFile(CONFIG_PATHS);

/**
* Get the directory containing configuration files
* @internal
*/
export const getConfigDirectory = () => findFile(CONFIG_DIRECTORIES);

/**
* Get the path where the data can be stored
* Get the directory containing runtime data
* @internal
*/
export const getDataPath = () => findFile(DATA_PATHS);
Expand Down