From 2cd699eeb4a6db7e7060688a55110b50ee592f10 Mon Sep 17 00:00:00 2001 From: Jay Modi Date: Tue, 26 Mar 2019 08:40:00 -0600 Subject: [PATCH] Use ephemeral ports for idp-fixture (#40333) This change removes the use of hardcoded port values for the idp-fixture in favor of the mapped ephemeral ports. This should prevent failures due to port conflicts in CI. --- distribution/bwc/build.gradle | 2 +- .../org/elasticsearch/test/OpenLdapTests.java | 11 ++++++-- x-pack/qa/saml-idp-tests/build.gradle | 28 +++++++++++++++---- .../authc/saml/SamlAuthenticationIT.java | 1 - x-pack/test/idp-fixture/docker-compose.yml | 6 ++-- 5 files changed, 36 insertions(+), 12 deletions(-) diff --git a/distribution/bwc/build.gradle b/distribution/bwc/build.gradle index dedf1ee52ede4..479150f96122d 100644 --- a/distribution/bwc/build.gradle +++ b/distribution/bwc/build.gradle @@ -163,7 +163,7 @@ bwcVersions.forPreviousUnreleased { VersionCollection.UnreleasedVersionInfo unre 'JAVA_HOME', getJavaHome(it, Integer.parseInt( lines - .findAll({ it.startsWith("ES_BUILD_JAVA=")}) + .findAll({ it.startsWith("ES_BUILD_JAVA=") }) .collect({ it.replace("ES_BUILD_JAVA=java", "").trim() }) .collect({ it.replace("ES_BUILD_JAVA=openjdk", "").trim() }) .join("!!") diff --git a/x-pack/qa/openldap-tests/src/test/java/org/elasticsearch/test/OpenLdapTests.java b/x-pack/qa/openldap-tests/src/test/java/org/elasticsearch/test/OpenLdapTests.java index e2efdae994101..a7f7e13bdd880 100644 --- a/x-pack/qa/openldap-tests/src/test/java/org/elasticsearch/test/OpenLdapTests.java +++ b/x-pack/qa/openldap-tests/src/test/java/org/elasticsearch/test/OpenLdapTests.java @@ -52,8 +52,8 @@ public class OpenLdapTests extends ESTestCase { - public static final String OPEN_LDAP_DNS_URL = "ldaps://localhost:60636"; - public static final String OPEN_LDAP_IP_URL = "ldaps://127.0.0.1:60636"; + public static final String OPEN_LDAP_DNS_URL = "ldaps://localhost:" + getFromProperty("636"); + public static final String OPEN_LDAP_IP_URL = "ldaps://127.0.0.1:" + getFromProperty("636"); public static final String PASSWORD = "NickFuryHeartsES"; private static final String HAWKEYE_DN = "uid=hawkeye,ou=people,dc=oldap,dc=test,dc=elasticsearch,dc=com"; @@ -307,4 +307,11 @@ private Map resolve(LDAPConnection connection, LdapMetaDataResol resolver.resolve(connection, HAWKEYE_DN, TimeValue.timeValueSeconds(1), logger, null, future); return future.get(); } + + private static String getFromProperty(String port) { + String key = "test.fixtures.openldap.tcp." + port; + final String value = System.getProperty(key); + assertNotNull("Expected the actual value for port " + port + " to be in system property " + key, value); + return value; + } } diff --git a/x-pack/qa/saml-idp-tests/build.gradle b/x-pack/qa/saml-idp-tests/build.gradle index 33aca42914c32..44a28278636a9 100644 --- a/x-pack/qa/saml-idp-tests/build.gradle +++ b/x-pack/qa/saml-idp-tests/build.gradle @@ -16,12 +16,29 @@ testFixtures.useFixture ":x-pack:test:idp-fixture" String outputDir = "${project.buildDir}/generated-resources/${project.name}" -task copyIdpCertificate(type: Copy) { - from idpFixtureProject.file('idp/shibboleth-idp/credentials/idp-browser.pem'); +task copyIdpFiles(type: Copy) { + from idpFixtureProject.files('idp/shibboleth-idp/credentials/idp-browser.pem', 'idp/shibboleth-idp/metadata/idp-metadata.xml'); into outputDir } -project.sourceSets.test.output.dir(outputDir, builtBy: copyIdpCertificate) -integTestCluster.dependsOn copyIdpCertificate +project.sourceSets.test.output.dir(outputDir, builtBy: copyIdpFiles) + +task setupPorts { + dependsOn copyIdpFiles, idpFixtureProject.postProcessFixture + doLast { + String portString = idpFixtureProject.postProcessFixture.ext."test.fixtures.shibboleth-idp.tcp.4443" + int ephemeralPort = Integer.valueOf(portString) + File idpMetaFile = file(outputDir + '/idp-metadata.xml') + List lines = idpMetaFile.readLines("UTF-8") + StringBuilder content = new StringBuilder() + for (String line : lines) { + content.append(line.replace("localhost:4443", "localhost:" + ephemeralPort)) + } + idpMetaFile.delete() + idpMetaFile.createNewFile() + idpMetaFile.write(content.toString(), "UTF-8") + } +} +integTestCluster.dependsOn setupPorts integTestCluster { setting 'xpack.license.self_generated.type', 'trial' @@ -51,8 +68,9 @@ integTestCluster { setting 'xpack.security.authc.realms.native.native.order', '3' setting 'xpack.ml.enabled', 'false' + setting 'logger.org.elasticsearch.xpack.security', 'TRACE' - extraConfigFile 'idp-metadata.xml', idpFixtureProject.file("idp/shibboleth-idp/metadata/idp-metadata.xml") + extraConfigFile 'idp-metadata.xml', file(outputDir + "/idp-metadata.xml") setupCommand 'setupTestAdmin', 'bin/elasticsearch-users', 'useradd', "test_admin", '-p', 'x-pack-test-password', '-r', "superuser" diff --git a/x-pack/qa/saml-idp-tests/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlAuthenticationIT.java b/x-pack/qa/saml-idp-tests/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlAuthenticationIT.java index 6e432f5260f8f..505ca458aac05 100644 --- a/x-pack/qa/saml-idp-tests/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlAuthenticationIT.java +++ b/x-pack/qa/saml-idp-tests/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlAuthenticationIT.java @@ -637,5 +637,4 @@ private URI getWebServerUri() { throw new ElasticsearchException("Cannot construct URI for httpServer @ {}:{}", e, host, port); } } - } diff --git a/x-pack/test/idp-fixture/docker-compose.yml b/x-pack/test/idp-fixture/docker-compose.yml index 830e04a7bc440..53fb62855164d 100644 --- a/x-pack/test/idp-fixture/docker-compose.yml +++ b/x-pack/test/idp-fixture/docker-compose.yml @@ -4,8 +4,8 @@ services: command: --copy-service --loglevel debug image: "osixia/openldap:1.2.3" ports: - - "30389:389" - - "60636:636" + - "389" + - "636" environment: LDAP_ADMIN_PASSWORD: "NickFuryHeartsES" LDAP_DOMAIN: "oldap.test.elasticsearch.com" @@ -31,7 +31,7 @@ services: - JETTY_BROWSER_SSL_KEYSTORE_PASSWORD=secret - JETTY_BACKCHANNEL_SSL_KEYSTORE_PASSWORD=secret ports: - - "4443:4443" + - "4443" links: - openldap:openldap volumes: