Ensure that azure stream has socket privileges #28751
Conversation
This is related to elastic#28662. It wraps the azure repository inputstream in an inputstream that ensures `read` calls have socket permissions. This is because the azure inputstream internally makes service calls.
Tim-Brooks
added
review
:Core/Infra/Plugins
|
I'm looking at it. Right now we mock everything at a level higher than where permissions are needed. So it will require some changes. |
|
Thanks @tbrooks8. |
|
I modified our tests so that our mock azure client uses a stream that has the proper permissions. And asserts that the permissions are provided. I'm not sure if there is a better way to test this? I looked around to see if the azure lib provides the ability to create a mock service. But I did not immediately find anything that would work. I'm not sure if there is someone more familiar with azure that might have a better idea? |
I'm not familiar with Azure but I'd like to use fixtures to simulate external services like Azure, S3 etc in integration tests. Most of the time the services API are clearly documented so we could reproduce them in fixture using a HTTP server bound to a local port. It will help a lot to catch issues like this and also helps with client libraries updates. I talked to @rjernst about this and I started the work on it for repository-gcs. If it's concluding then I'll take care of the other repository plugins. |
|
Thanks @tlrx. |
This is related to elastic#28662. It wraps the azure repository inputstream in an inputstream that ensures `read` calls have socket permissions. This is because the azure inputstream internally makes service calls.
* es/master: (143 commits) Revert "Disable BWC tests for build issues" Remove AcknowledgedRestListener in favour of RestToXContentListener (#28724) Build: Consolidate archives and packages configuration (#28760) Skip some plugins service tests on Windows Migrate some *ResponseTests to AbstractStreamableXContentTestCase (#28749) Disable BWC tests for build issues Ensure that azure stream has socket privileges (#28751) [DOCS] Fixed broken link. Pass InputStream when creating XContent parser (#28754) [DOCS] Changed to use transient setting to reenabled allocation. Closes #27677 Delay path expansion on Windows [TEST] replace randomAsciiAlphanumOfLengthBetween with randomAsciiLettersOfLengthBetween [Tests] Extract the testing logic for Google Cloud Storage (#28576) [Docs] Update links to java9 docs (#28750) version set in ingest pipeline (#27573) Revert "Add startup logging for standalone tests" Tests: don't wait for completion while trying to get completed task Add 5.6.9 snapshot version [Docs] Java high-level REST client : clean up (#28703) Updated distribution outputs in contributing docs ...
This is related to elastic#28662. It wraps the azure repository inputstream in an inputstream that ensures `read` calls have socket permissions. This is because the azure inputstream internally makes service calls.
This is related to #28662. It wraps the azure repository inputstream in
an inputstream that ensures
readcalls have socket permissions. Thisis because the azure inputstream internally makes service calls.