-
Notifications
You must be signed in to change notification settings - Fork 24.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure that azure stream has socket privileges #28751
Conversation
This is related to elastic#28662. It wraps the azure repository inputstream in an inputstream that ensures `read` calls have socket permissions. This is because the azure inputstream internally makes service calls.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The change looks good; is there a failing test we can add?
I'm looking at it. Right now we mock everything at a level higher than where permissions are needed. So it will require some changes. |
Thanks @tbrooks8. |
I modified our tests so that our mock azure client uses a stream that has the proper permissions. And asserts that the permissions are provided. I'm not sure if there is a better way to test this? I looked around to see if the azure lib provides the ability to create a mock service. But I did not immediately find anything that would work. I'm not sure if there is someone more familiar with azure that might have a better idea? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
I'm not familiar with Azure but I'd like to use fixtures to simulate external services like Azure, S3 etc in integration tests. Most of the time the services API are clearly documented so we could reproduce them in fixture using a HTTP server bound to a local port. It will help a lot to catch issues like this and also helps with client libraries updates. I talked to @rjernst about this and I started the work on it for repository-gcs. If it's concluding then I'll take care of the other repository plugins. |
Thanks @tlrx. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
This is related to elastic#28662. It wraps the azure repository inputstream in an inputstream that ensures `read` calls have socket permissions. This is because the azure inputstream internally makes service calls.
* es/master: (143 commits) Revert "Disable BWC tests for build issues" Remove AcknowledgedRestListener in favour of RestToXContentListener (#28724) Build: Consolidate archives and packages configuration (#28760) Skip some plugins service tests on Windows Migrate some *ResponseTests to AbstractStreamableXContentTestCase (#28749) Disable BWC tests for build issues Ensure that azure stream has socket privileges (#28751) [DOCS] Fixed broken link. Pass InputStream when creating XContent parser (#28754) [DOCS] Changed to use transient setting to reenabled allocation. Closes #27677 Delay path expansion on Windows [TEST] replace randomAsciiAlphanumOfLengthBetween with randomAsciiLettersOfLengthBetween [Tests] Extract the testing logic for Google Cloud Storage (#28576) [Docs] Update links to java9 docs (#28750) version set in ingest pipeline (#27573) Revert "Add startup logging for standalone tests" Tests: don't wait for completion while trying to get completed task Add 5.6.9 snapshot version [Docs] Java high-level REST client : clean up (#28703) Updated distribution outputs in contributing docs ...
This is related to elastic#28662. It wraps the azure repository inputstream in an inputstream that ensures `read` calls have socket permissions. This is because the azure inputstream internally makes service calls.
This is related to #28662. It wraps the azure repository inputstream in
an inputstream that ensures
read
calls have socket permissions. Thisis because the azure inputstream internally makes service calls.