From b658baf012e6a0102f23e475196ae1a8a5b76355 Mon Sep 17 00:00:00 2001 From: Zacqary Adam Xeper Date: Fri, 28 Feb 2020 13:11:34 -0600 Subject: [PATCH 1/7] [Metrics Alerts] Fix alerting on a rate aggregation (#58789) Co-authored-by: Elastic Machine --- .../register_metric_threshold_alert_type.ts | 20 ++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/register_metric_threshold_alert_type.ts b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/register_metric_threshold_alert_type.ts index 9bc54c1a49c8f7..8f1f10ccad5acd 100644 --- a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/register_metric_threshold_alert_type.ts +++ b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/register_metric_threshold_alert_type.ts @@ -6,6 +6,7 @@ import uuid from 'uuid'; import { i18n } from '@kbn/i18n'; import { schema } from '@kbn/config-schema'; +import { networkTraffic } from '../../../../common/inventory_models/shared/metrics/snapshot/network_traffic'; import { MetricThresholdAlertTypeParams, Comparator, @@ -26,6 +27,17 @@ async function getMetric( { metric, aggType, timeUnit, timeSize, indexPattern }: MetricThresholdAlertTypeParams ) { const interval = `${timeSize}${timeUnit}`; + const aggregations = + aggType === 'rate' + ? networkTraffic('aggregatedValue', metric) + : { + aggregatedValue: { + [aggType]: { + field: metric, + }, + }, + }; + const searchBody = { query: { bool: { @@ -50,13 +62,7 @@ async function getMetric( field: '@timestamp', fixed_interval: interval, }, - aggregations: { - aggregatedValue: { - [aggType]: { - field: metric, - }, - }, - }, + aggregations, }, }, }; From 06ebbb3fe0a65c6060d1e915307b715904915dcd Mon Sep 17 00:00:00 2001 From: Zacqary Adam Xeper Date: Fri, 28 Feb 2020 13:11:50 -0600 Subject: [PATCH 2/7] [Metric Alerts] Add backend support for multiple expressions per alert (#58672) * Add support for multiple alert expressions * Rename expressions to criteria Co-authored-by: Elastic Machine --- .../register_metric_threshold_alert_type.ts | 48 ++++++++++++------- .../lib/alerting/metric_threshold/types.ts | 2 +- 2 files changed, 31 insertions(+), 19 deletions(-) diff --git a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/register_metric_threshold_alert_type.ts b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/register_metric_threshold_alert_type.ts index 8f1f10ccad5acd..8785957dbd98ee 100644 --- a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/register_metric_threshold_alert_type.ts +++ b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/register_metric_threshold_alert_type.ts @@ -8,7 +8,7 @@ import { i18n } from '@kbn/i18n'; import { schema } from '@kbn/config-schema'; import { networkTraffic } from '../../../../common/inventory_models/shared/metrics/snapshot/network_traffic'; import { - MetricThresholdAlertTypeParams, + MetricExpressionParams, Comparator, AlertStates, METRIC_THRESHOLD_ALERT_TYPE_ID, @@ -24,7 +24,7 @@ const FIRED_ACTIONS = { async function getMetric( { callCluster }: AlertServices, - { metric, aggType, timeUnit, timeSize, indexPattern }: MetricThresholdAlertTypeParams + { metric, aggType, timeUnit, timeSize, indexPattern }: MetricExpressionParams ) { const interval = `${timeSize}${timeUnit}`; const aggregations = @@ -101,37 +101,49 @@ export async function registerMetricThresholdAlertType(alertingPlugin: PluginSet name: 'Metric Alert - Threshold', validate: { params: schema.object({ - threshold: schema.arrayOf(schema.number()), - comparator: schema.string(), - aggType: schema.string(), - metric: schema.string(), - timeUnit: schema.string(), - timeSize: schema.number(), - indexPattern: schema.string(), + criteria: schema.arrayOf( + schema.object({ + threshold: schema.arrayOf(schema.number()), + comparator: schema.string(), + aggType: schema.string(), + metric: schema.string(), + timeUnit: schema.string(), + timeSize: schema.number(), + indexPattern: schema.string(), + }) + ), }), }, defaultActionGroupId: FIRED_ACTIONS.id, actionGroups: [FIRED_ACTIONS], async executor({ services, params }) { - const { threshold, comparator } = params as MetricThresholdAlertTypeParams; + const { criteria } = params as { criteria: MetricExpressionParams[] }; const alertInstance = services.alertInstanceFactory(alertUUID); - const currentValue = await getMetric(services, params as MetricThresholdAlertTypeParams); - if (typeof currentValue === 'undefined') - throw new Error('Could not get current value of metric'); - const comparisonFunction = comparatorMap[comparator]; + const alertResults = await Promise.all( + criteria.map(({ threshold, comparator }) => + (async () => { + const currentValue = await getMetric(services, params as MetricExpressionParams); + if (typeof currentValue === 'undefined') + throw new Error('Could not get current value of metric'); - const isValueInAlertState = comparisonFunction(currentValue, threshold); + const comparisonFunction = comparatorMap[comparator]; + return { shouldFire: comparisonFunction(currentValue, threshold), currentValue }; + })() + ) + ); - if (isValueInAlertState) { + const shouldAlertFire = alertResults.every(({ shouldFire }) => shouldFire); + + if (shouldAlertFire) { alertInstance.scheduleActions(FIRED_ACTIONS.id, { - value: currentValue, + value: alertResults.map(({ currentValue }) => currentValue), }); } // Future use: ability to fetch display current alert state alertInstance.replaceState({ - alertState: isValueInAlertState ? AlertStates.ALERT : AlertStates.OK, + alertState: shouldAlertFire ? AlertStates.ALERT : AlertStates.OK, }); }, }); diff --git a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/types.ts b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/types.ts index 2618469ff693c7..9bb0d8963ac665 100644 --- a/x-pack/plugins/infra/server/lib/alerting/metric_threshold/types.ts +++ b/x-pack/plugins/infra/server/lib/alerting/metric_threshold/types.ts @@ -23,7 +23,7 @@ export enum AlertStates { export type TimeUnit = 's' | 'm' | 'h' | 'd'; -export interface MetricThresholdAlertTypeParams { +export interface MetricExpressionParams { aggType: MetricsExplorerAggregation; metric: string; timeSize: number; From b46a335f2bf03d6b8ce3ce5cb830bf4e998765b5 Mon Sep 17 00:00:00 2001 From: Kevin Logan <56395104+kevinlog@users.noreply.github.com> Date: Fri, 28 Feb 2020 11:25:36 -0800 Subject: [PATCH 3/7] [Endpoint] Task/add nav bar (#58604) * Add tabs to the Endpoint app. Uses EuiTabs and browser history for integration with react-router Co-authored-by: Paul Tavares <56442535+paul-tavares@users.noreply.github.com> Co-authored-by: Elastic Machine --- .../endpoint/components/header_nav.tsx | 76 +++++++++++++++++++ .../public/applications/endpoint/index.tsx | 2 + .../functional/apps/endpoint/header_nav.ts | 55 ++++++++++++++ x-pack/test/functional/apps/endpoint/index.ts | 1 + 4 files changed, 134 insertions(+) create mode 100644 x-pack/plugins/endpoint/public/applications/endpoint/components/header_nav.tsx create mode 100644 x-pack/test/functional/apps/endpoint/header_nav.ts diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/components/header_nav.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/components/header_nav.tsx new file mode 100644 index 00000000000000..84570fe82ed44d --- /dev/null +++ b/x-pack/plugins/endpoint/public/applications/endpoint/components/header_nav.tsx @@ -0,0 +1,76 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import React, { MouseEvent } from 'react'; +import { i18n } from '@kbn/i18n'; +import { EuiTabs, EuiTab } from '@elastic/eui'; +import { useHistory, useLocation } from 'react-router-dom'; + +export interface NavTabs { + name: string; + id: string; + href: string; +} + +export const navTabs: NavTabs[] = [ + { + id: 'home', + name: i18n.translate('xpack.endpoint.headerNav.home', { + defaultMessage: 'Home', + }), + href: '/', + }, + { + id: 'management', + name: i18n.translate('xpack.endpoint.headerNav.management', { + defaultMessage: 'Management', + }), + href: '/management', + }, + { + id: 'alerts', + name: i18n.translate('xpack.endpoint.headerNav.alerts', { + defaultMessage: 'Alerts', + }), + href: '/alerts', + }, + { + id: 'policies', + name: i18n.translate('xpack.endpoint.headerNav.policies', { + defaultMessage: 'Policies', + }), + href: '/policy', + }, +]; + +export const HeaderNavigation: React.FunctionComponent<{ basename: string }> = React.memo( + ({ basename }) => { + const history = useHistory(); + const location = useLocation(); + + function renderNavTabs(tabs: NavTabs[]) { + return tabs.map((tab, index) => { + return ( + { + event.preventDefault(); + history.push(tab.href); + }} + isSelected={tab.href === location.pathname} + > + {tab.name} + + ); + }); + } + + return {renderNavTabs(navTabs)}; + } +); diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx index c6c032c2735435..7ab66817a08880 100644 --- a/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx +++ b/x-pack/plugins/endpoint/public/applications/endpoint/index.tsx @@ -16,6 +16,7 @@ import { appStoreFactory } from './store'; import { AlertIndex } from './view/alerts'; import { ManagementList } from './view/managing'; import { PolicyList } from './view/policy'; +import { HeaderNavigation } from './components/header_nav'; /** * This module will be loaded asynchronously to reduce the bundle size of your plugin's main bundle. @@ -41,6 +42,7 @@ const AppRoot: React.FunctionComponent = React.memo(({ basename, st + { + const pageObjects = getPageObjects(['common', 'endpoint']); + const testSubjects = getService('testSubjects'); + + describe('Header nav', function() { + this.tags('ciGroup7'); + before(async () => { + await pageObjects.common.navigateToApp('endpoint'); + }); + + it('renders the tabs when the app loads', async () => { + const homeTabText = await testSubjects.getVisibleText('homeEndpointTab'); + const managementTabText = await testSubjects.getVisibleText('managementEndpointTab'); + const alertsTabText = await testSubjects.getVisibleText('alertsEndpointTab'); + const policiesTabText = await testSubjects.getVisibleText('policiesEndpointTab'); + + expect(homeTabText.trim()).to.be('Home'); + expect(managementTabText.trim()).to.be('Management'); + expect(alertsTabText.trim()).to.be('Alerts'); + expect(policiesTabText.trim()).to.be('Policies'); + }); + + it('renders the management page when the Management tab is selected', async () => { + await (await testSubjects.find('managementEndpointTab')).click(); + await testSubjects.existOrFail('managementViewTitle'); + }); + + it('renders the alerts page when the Alerts tab is selected', async () => { + await (await testSubjects.find('alertsEndpointTab')).click(); + await testSubjects.existOrFail('alertListPage'); + }); + + it('renders the policy page when Policy tab is selected', async () => { + await (await testSubjects.find('policiesEndpointTab')).click(); + await testSubjects.existOrFail('policyViewTitle'); + }); + + it('renders the home page when Home tab is selected after selecting another tab', async () => { + await (await testSubjects.find('managementEndpointTab')).click(); + await testSubjects.existOrFail('managementViewTitle'); + + await (await testSubjects.find('homeEndpointTab')).click(); + await testSubjects.existOrFail('welcomeTitle'); + }); + }); +}; diff --git a/x-pack/test/functional/apps/endpoint/index.ts b/x-pack/test/functional/apps/endpoint/index.ts index 818c040f824d9e..0c9179c23ea6cb 100644 --- a/x-pack/test/functional/apps/endpoint/index.ts +++ b/x-pack/test/functional/apps/endpoint/index.ts @@ -11,6 +11,7 @@ export default function({ loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./feature_controls')); loadTestFile(require.resolve('./landing_page')); + loadTestFile(require.resolve('./header_nav')); loadTestFile(require.resolve('./management')); loadTestFile(require.resolve('./policy_list')); loadTestFile(require.resolve('./alert_list')); From 9bdd23a460b31443fa8cf4c656600c659aa268e5 Mon Sep 17 00:00:00 2001 From: Josh Dover Date: Fri, 28 Feb 2020 13:31:59 -0700 Subject: [PATCH 4/7] Do not write UUID file during optimize process (#58899) --- src/core/server/uuid/resolve_uuid.test.ts | 230 +++++++++++++----- src/core/server/uuid/resolve_uuid.ts | 41 +++- src/core/server/uuid/uuid_service.test.ts | 36 ++- src/core/server/uuid/uuid_service.ts | 10 +- src/dev/build/build_distributables.js | 2 + src/dev/build/tasks/index.js | 1 + src/dev/build/tasks/uuid_verification_task.js | 38 +++ 7 files changed, 278 insertions(+), 80 deletions(-) create mode 100644 src/dev/build/tasks/uuid_verification_task.js diff --git a/src/core/server/uuid/resolve_uuid.test.ts b/src/core/server/uuid/resolve_uuid.test.ts index d1332daa020572..efc90c07c1fa6b 100644 --- a/src/core/server/uuid/resolve_uuid.test.ts +++ b/src/core/server/uuid/resolve_uuid.test.ts @@ -19,7 +19,7 @@ import { join } from 'path'; import { readFile, writeFile } from './fs'; -import { resolveInstanceUuid } from './resolve_uuid'; +import { resolveInstanceUuid, UUID_7_6_0_BUG } from './resolve_uuid'; import { configServiceMock } from '../config/config_service.mock'; import { loggingServiceMock } from '../logging/logging_service.mock'; import { BehaviorSubject } from 'rxjs'; @@ -97,58 +97,96 @@ describe('resolveInstanceUuid', () => { }); describe('when file is present and config property is set', () => { - it('writes to file and returns the config uuid if they mismatch', async () => { - const uuid = await resolveInstanceUuid(configService, logger); - expect(uuid).toEqual(DEFAULT_CONFIG_UUID); - expect(writeFile).toHaveBeenCalledWith( - join('data-folder', 'uuid'), - DEFAULT_CONFIG_UUID, - expect.any(Object) - ); - expect(logger.debug).toHaveBeenCalledTimes(1); - expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` - Array [ - "Updating Kibana instance UUID to: CONFIG_UUID (was: FILE_UUID)", - ] - `); + describe('when they mismatch', () => { + describe('when syncToFile is true', () => { + it('writes to file and returns the config uuid', async () => { + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: true }); + expect(uuid).toEqual(DEFAULT_CONFIG_UUID); + expect(writeFile).toHaveBeenCalledWith( + join('data-folder', 'uuid'), + DEFAULT_CONFIG_UUID, + expect.any(Object) + ); + expect(logger.debug).toHaveBeenCalledTimes(1); + expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` + Array [ + "Updating Kibana instance UUID to: CONFIG_UUID (was: FILE_UUID)", + ] + `); + }); + }); + + describe('when syncTofile is false', () => { + it('does not write to file and returns the config uuid', async () => { + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: false }); + expect(uuid).toEqual(DEFAULT_CONFIG_UUID); + expect(writeFile).not.toHaveBeenCalled(); + expect(logger.debug).toHaveBeenCalledTimes(1); + expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` + Array [ + "Updating Kibana instance UUID to: CONFIG_UUID (was: FILE_UUID)", + ] + `); + }); + }); }); - it('does not write to file if they match', async () => { - mockReadFile({ uuid: DEFAULT_CONFIG_UUID }); - const uuid = await resolveInstanceUuid(configService, logger); - expect(uuid).toEqual(DEFAULT_CONFIG_UUID); - expect(writeFile).not.toHaveBeenCalled(); - expect(logger.debug).toHaveBeenCalledTimes(1); - expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` - Array [ - "Kibana instance UUID: CONFIG_UUID", - ] - `); + + describe('when they match', () => { + it('does not write to file', async () => { + mockReadFile({ uuid: DEFAULT_CONFIG_UUID }); + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: true }); + expect(uuid).toEqual(DEFAULT_CONFIG_UUID); + expect(writeFile).not.toHaveBeenCalled(); + expect(logger.debug).toHaveBeenCalledTimes(1); + expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` + Array [ + "Kibana instance UUID: CONFIG_UUID", + ] + `); + }); }); }); describe('when file is not present and config property is set', () => { - it('writes the uuid to file and returns the config uuid', async () => { - mockReadFile({ error: fileNotFoundError }); - const uuid = await resolveInstanceUuid(configService, logger); - expect(uuid).toEqual(DEFAULT_CONFIG_UUID); - expect(writeFile).toHaveBeenCalledWith( - join('data-folder', 'uuid'), - DEFAULT_CONFIG_UUID, - expect.any(Object) - ); - expect(logger.debug).toHaveBeenCalledTimes(1); - expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` - Array [ - "Setting new Kibana instance UUID: CONFIG_UUID", - ] - `); + describe('when syncToFile is true', () => { + it('writes the uuid to file and returns the config uuid', async () => { + mockReadFile({ error: fileNotFoundError }); + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: true }); + expect(uuid).toEqual(DEFAULT_CONFIG_UUID); + expect(writeFile).toHaveBeenCalledWith( + join('data-folder', 'uuid'), + DEFAULT_CONFIG_UUID, + expect.any(Object) + ); + expect(logger.debug).toHaveBeenCalledTimes(1); + expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` + Array [ + "Setting new Kibana instance UUID: CONFIG_UUID", + ] + `); + }); + }); + + describe('when syncToFile is false', () => { + it('does not write the uuid to file and returns the config uuid', async () => { + mockReadFile({ error: fileNotFoundError }); + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: false }); + expect(uuid).toEqual(DEFAULT_CONFIG_UUID); + expect(writeFile).not.toHaveBeenCalled(); + expect(logger.debug).toHaveBeenCalledTimes(1); + expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` + Array [ + "Setting new Kibana instance UUID: CONFIG_UUID", + ] + `); + }); }); }); describe('when file is present and config property is not set', () => { it('does not write to file and returns the file uuid', async () => { configService = getConfigService(undefined); - const uuid = await resolveInstanceUuid(configService, logger); + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: true }); expect(uuid).toEqual(DEFAULT_FILE_UUID); expect(writeFile).not.toHaveBeenCalled(); expect(logger.debug).toHaveBeenCalledTimes(1); @@ -160,23 +198,95 @@ describe('resolveInstanceUuid', () => { }); }); + describe('when file is present with 7.6.0 UUID', () => { + describe('when config property is not set', () => { + it('writes new uuid to file and returns new uuid', async () => { + mockReadFile({ uuid: UUID_7_6_0_BUG }); + configService = getConfigService(undefined); + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: true }); + expect(uuid).not.toEqual(UUID_7_6_0_BUG); + expect(uuid).toEqual('NEW_UUID'); + expect(writeFile).toHaveBeenCalledWith( + join('data-folder', 'uuid'), + 'NEW_UUID', + expect.any(Object) + ); + expect(logger.debug).toHaveBeenCalledTimes(2); + expect(logger.debug.mock.calls).toMatchInlineSnapshot(` + Array [ + Array [ + "UUID from 7.6.0 bug detected, ignoring file UUID", + ], + Array [ + "Setting new Kibana instance UUID: NEW_UUID", + ], + ] + `); + }); + }); + + describe('when config property is set', () => { + it('writes config uuid to file and returns config uuid', async () => { + mockReadFile({ uuid: UUID_7_6_0_BUG }); + configService = getConfigService(DEFAULT_CONFIG_UUID); + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: true }); + expect(uuid).not.toEqual(UUID_7_6_0_BUG); + expect(uuid).toEqual(DEFAULT_CONFIG_UUID); + expect(writeFile).toHaveBeenCalledWith( + join('data-folder', 'uuid'), + DEFAULT_CONFIG_UUID, + expect.any(Object) + ); + expect(logger.debug).toHaveBeenCalledTimes(2); + expect(logger.debug.mock.calls).toMatchInlineSnapshot(` + Array [ + Array [ + "UUID from 7.6.0 bug detected, ignoring file UUID", + ], + Array [ + "Setting new Kibana instance UUID: CONFIG_UUID", + ], + ] + `); + }); + }); + }); + describe('when file is not present and config property is not set', () => { - it('generates a new uuid and write it to file', async () => { - configService = getConfigService(undefined); - mockReadFile({ error: fileNotFoundError }); - const uuid = await resolveInstanceUuid(configService, logger); - expect(uuid).toEqual('NEW_UUID'); - expect(writeFile).toHaveBeenCalledWith( - join('data-folder', 'uuid'), - 'NEW_UUID', - expect.any(Object) - ); - expect(logger.debug).toHaveBeenCalledTimes(1); - expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` - Array [ - "Setting new Kibana instance UUID: NEW_UUID", - ] - `); + describe('when syncToFile is true', () => { + it('generates a new uuid and write it to file', async () => { + configService = getConfigService(undefined); + mockReadFile({ error: fileNotFoundError }); + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: true }); + expect(uuid).toEqual('NEW_UUID'); + expect(writeFile).toHaveBeenCalledWith( + join('data-folder', 'uuid'), + 'NEW_UUID', + expect.any(Object) + ); + expect(logger.debug).toHaveBeenCalledTimes(1); + expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` + Array [ + "Setting new Kibana instance UUID: NEW_UUID", + ] + `); + }); + }); + + describe('when syncToFile is false', () => { + it('generates a new uuid and does not write it to file', async () => { + configService = getConfigService(undefined); + mockReadFile({ error: fileNotFoundError }); + const uuid = await resolveInstanceUuid({ configService, logger, syncToFile: false }); + expect(uuid).toEqual('NEW_UUID'); + expect(writeFile).not.toHaveBeenCalled(); + expect(logger.debug).toHaveBeenCalledTimes(1); + expect(logger.debug.mock.calls[0]).toMatchInlineSnapshot(` + Array [ + "Setting new Kibana instance UUID: NEW_UUID", + ] + `); + }); }); }); @@ -184,7 +294,7 @@ describe('resolveInstanceUuid', () => { it('throws an explicit error for file read errors', async () => { mockReadFile({ error: permissionError }); await expect( - resolveInstanceUuid(configService, logger) + resolveInstanceUuid({ configService, logger, syncToFile: true }) ).rejects.toThrowErrorMatchingInlineSnapshot( `"Unable to read Kibana UUID file, please check the uuid.server configuration value in kibana.yml and ensure Kibana has sufficient permissions to read / write to this file. Error was: EACCES"` ); @@ -192,7 +302,7 @@ describe('resolveInstanceUuid', () => { it('throws an explicit error for file write errors', async () => { mockWriteFile(isDirectoryError); await expect( - resolveInstanceUuid(configService, logger) + resolveInstanceUuid({ configService, logger, syncToFile: true }) ).rejects.toThrowErrorMatchingInlineSnapshot( `"Unable to write Kibana UUID file, please check the uuid.server configuration value in kibana.yml and ensure Kibana has sufficient permissions to read / write to this file. Error was: EISDIR"` ); diff --git a/src/core/server/uuid/resolve_uuid.ts b/src/core/server/uuid/resolve_uuid.ts index 3f5bdc73873928..516357e10d3f7c 100644 --- a/src/core/server/uuid/resolve_uuid.ts +++ b/src/core/server/uuid/resolve_uuid.ts @@ -28,11 +28,21 @@ import { Logger } from '../logging'; const FILE_ENCODING = 'utf8'; const FILE_NAME = 'uuid'; +/** + * This UUID was inadvertantly shipped in the 7.6.0 distributable and should be deleted if found. + * See https://github.com/elastic/kibana/issues/57673 for more info. + */ +export const UUID_7_6_0_BUG = `ce42b997-a913-4d58-be46-bb1937feedd6`; -export async function resolveInstanceUuid( - configService: IConfigService, - logger: Logger -): Promise { +export async function resolveInstanceUuid({ + configService, + syncToFile, + logger, +}: { + configService: IConfigService; + syncToFile: boolean; + logger: Logger; +}): Promise { const [pathConfig, serverConfig] = await Promise.all([ configService .atPath(pathConfigDef.path) @@ -46,7 +56,7 @@ export async function resolveInstanceUuid( const uuidFilePath = join(pathConfig.data, FILE_NAME); - const uuidFromFile = await readUuidFromFile(uuidFilePath); + const uuidFromFile = await readUuidFromFile(uuidFilePath, logger); const uuidFromConfig = serverConfig.uuid; if (uuidFromConfig) { @@ -61,7 +71,7 @@ export async function resolveInstanceUuid( } else { logger.debug(`Updating Kibana instance UUID to: ${uuidFromConfig} (was: ${uuidFromFile})`); } - await writeUuidToFile(uuidFilePath, uuidFromConfig); + await writeUuidToFile(uuidFilePath, uuidFromConfig, syncToFile); return uuidFromConfig; } } @@ -69,7 +79,7 @@ export async function resolveInstanceUuid( const newUuid = uuid.v4(); // no uuid either in config or file, we need to generate and write it. logger.debug(`Setting new Kibana instance UUID: ${newUuid}`); - await writeUuidToFile(uuidFilePath, newUuid); + await writeUuidToFile(uuidFilePath, newUuid, syncToFile); return newUuid; } @@ -77,10 +87,17 @@ export async function resolveInstanceUuid( return uuidFromFile; } -async function readUuidFromFile(filepath: string): Promise { +async function readUuidFromFile(filepath: string, logger: Logger): Promise { try { const content = await readFile(filepath); - return content.toString(FILE_ENCODING); + const decoded = content.toString(FILE_ENCODING); + + if (decoded === UUID_7_6_0_BUG) { + logger.debug(`UUID from 7.6.0 bug detected, ignoring file UUID`); + return undefined; + } else { + return decoded; + } } catch (e) { if (e.code === 'ENOENT') { // non-existent uuid file is ok, we will create it. @@ -94,7 +111,11 @@ async function readUuidFromFile(filepath: string): Promise { } } -async function writeUuidToFile(filepath: string, uuidValue: string) { +async function writeUuidToFile(filepath: string, uuidValue: string, syncToFile: boolean) { + if (!syncToFile) { + return; + } + try { return await writeFile(filepath, uuidValue, { encoding: FILE_ENCODING }); } catch (e) { diff --git a/src/core/server/uuid/uuid_service.test.ts b/src/core/server/uuid/uuid_service.test.ts index 315df7af8aa19f..a61061ff842630 100644 --- a/src/core/server/uuid/uuid_service.test.ts +++ b/src/core/server/uuid/uuid_service.test.ts @@ -23,6 +23,8 @@ import { CoreContext } from '../core_context'; import { loggingServiceMock } from '../logging/logging_service.mock'; import { mockCoreContext } from '../core_context.mock'; +import { Env } from '../config'; +import { getEnvOptions } from '../config/__mocks__/env'; jest.mock('./resolve_uuid', () => ({ resolveInstanceUuid: jest.fn().mockResolvedValue('SOME_UUID'), @@ -31,26 +33,44 @@ jest.mock('./resolve_uuid', () => ({ describe('UuidService', () => { let logger: ReturnType; let coreContext: CoreContext; - let service: UuidService; beforeEach(() => { jest.clearAllMocks(); logger = loggingServiceMock.create(); coreContext = mockCoreContext.create({ logger }); - service = new UuidService(coreContext); }); describe('#setup()', () => { - it('calls manageInstanceUuid with core configuration service', async () => { + it('calls resolveInstanceUuid with core configuration service', async () => { + const service = new UuidService(coreContext); await service.setup(); expect(resolveInstanceUuid).toHaveBeenCalledTimes(1); - expect(resolveInstanceUuid).toHaveBeenCalledWith( - coreContext.configService, - logger.get('uuid') - ); + expect(resolveInstanceUuid).toHaveBeenCalledWith({ + configService: coreContext.configService, + syncToFile: true, + logger: logger.get('uuid'), + }); }); - it('returns the uuid resolved from manageInstanceUuid', async () => { + describe('when cliArgs.optimize is true', () => { + it('calls resolveInstanceUuid with syncToFile: false', async () => { + coreContext = mockCoreContext.create({ + logger, + env: Env.createDefault(getEnvOptions({ cliArgs: { optimize: true } })), + }); + const service = new UuidService(coreContext); + await service.setup(); + expect(resolveInstanceUuid).toHaveBeenCalledTimes(1); + expect(resolveInstanceUuid).toHaveBeenCalledWith({ + configService: coreContext.configService, + syncToFile: false, + logger: logger.get('uuid'), + }); + }); + }); + + it('returns the uuid resolved from resolveInstanceUuid', async () => { + const service = new UuidService(coreContext); const setup = await service.setup(); expect(setup.getInstanceUuid()).toEqual('SOME_UUID'); }); diff --git a/src/core/server/uuid/uuid_service.ts b/src/core/server/uuid/uuid_service.ts index 10104fa7049365..62ed4a19edf5a6 100644 --- a/src/core/server/uuid/uuid_service.ts +++ b/src/core/server/uuid/uuid_service.ts @@ -20,7 +20,7 @@ import { resolveInstanceUuid } from './resolve_uuid'; import { CoreContext } from '../core_context'; import { Logger } from '../logging'; -import { IConfigService } from '../config'; +import { IConfigService, CliArgs } from '../config'; /** * APIs to access the application's instance uuid. @@ -38,15 +38,21 @@ export interface UuidServiceSetup { export class UuidService { private readonly log: Logger; private readonly configService: IConfigService; + private readonly cliArgs: CliArgs; private uuid: string = ''; constructor(core: CoreContext) { this.log = core.logger.get('uuid'); this.configService = core.configService; + this.cliArgs = core.env.cliArgs; } public async setup() { - this.uuid = await resolveInstanceUuid(this.configService, this.log); + this.uuid = await resolveInstanceUuid({ + configService: this.configService, + syncToFile: !this.cliArgs.optimize, + logger: this.log, + }); return { getInstanceUuid: () => this.uuid, diff --git a/src/dev/build/build_distributables.js b/src/dev/build/build_distributables.js index c4f9d7f56554c0..6c2efeebc60c32 100644 --- a/src/dev/build/build_distributables.js +++ b/src/dev/build/build_distributables.js @@ -54,6 +54,7 @@ import { VerifyExistingNodeBuildsTask, PathLengthTask, WriteShaSumsTask, + UuidVerificationTask, } from './tasks'; export async function buildDistributables(options) { @@ -136,6 +137,7 @@ export async function buildDistributables(options) { await run(CleanNodeBuildsTask); await run(PathLengthTask); + await run(UuidVerificationTask); /** * package platform-specific builds into archives diff --git a/src/dev/build/tasks/index.js b/src/dev/build/tasks/index.js index 56e813111279d4..8105fa8a7d5d47 100644 --- a/src/dev/build/tasks/index.js +++ b/src/dev/build/tasks/index.js @@ -38,3 +38,4 @@ export * from './verify_env_task'; export * from './write_sha_sums_task'; export * from './path_length_task'; export * from './build_kibana_platform_plugins'; +export * from './uuid_verification_task'; diff --git a/src/dev/build/tasks/uuid_verification_task.js b/src/dev/build/tasks/uuid_verification_task.js new file mode 100644 index 00000000000000..32c9e73dba9889 --- /dev/null +++ b/src/dev/build/tasks/uuid_verification_task.js @@ -0,0 +1,38 @@ +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { read } from '../lib'; + +export const UuidVerificationTask = { + description: 'Verify that no UUID file is baked into the build', + + async run(config, log, build) { + const uuidFilePath = build.resolvePath('data', 'uuid'); + await read(uuidFilePath).then( + function success() { + throw new Error(`UUID file should not exist at [${uuidFilePath}]`); + }, + function error(err) { + if (err.code !== 'ENOENT') { + throw err; + } + } + ); + }, +}; From 56ba753db0090b7e1109fc14b35eecfaf08719a3 Mon Sep 17 00:00:00 2001 From: Rudolf Meijering Date: Fri, 28 Feb 2020 22:32:58 +0100 Subject: [PATCH 5/7] Don't start pollEsNodesVersion unless someone subscribes (#56923) * Don't start pollEsNodesVersion unless someone subscribes By not polling until subscribed to, we prevent verbose error logs when the optimizer is run (which automatically skips migrations). * Test pollEsNodeVersions behaviour * Cleanup unused code * PR Feedback * Make test more stable Co-authored-by: Elastic Machine --- .../elasticsearch_service.test.ts | 133 +++++++++++++----- .../elasticsearch/elasticsearch_service.ts | 49 +++---- .../saved_objects/saved_objects_service.ts | 8 ++ 3 files changed, 127 insertions(+), 63 deletions(-) diff --git a/src/core/server/elasticsearch/elasticsearch_service.test.ts b/src/core/server/elasticsearch/elasticsearch_service.test.ts index 022a03e01d37df..2667859f303d44 100644 --- a/src/core/server/elasticsearch/elasticsearch_service.test.ts +++ b/src/core/server/elasticsearch/elasticsearch_service.test.ts @@ -33,6 +33,9 @@ import { ElasticsearchService } from './elasticsearch_service'; import { elasticsearchServiceMock } from './elasticsearch_service.mock'; import { duration } from 'moment'; +const delay = async (durationMs: number) => + await new Promise(resolve => setTimeout(resolve, durationMs)); + let elasticsearchService: ElasticsearchService; const configService = configServiceMock.create(); const deps = { @@ -42,7 +45,7 @@ configService.atPath.mockReturnValue( new BehaviorSubject({ hosts: ['http://1.2.3.4'], healthCheck: { - delay: duration(2000), + delay: duration(10), }, ssl: { verificationMode: 'none', @@ -125,21 +128,21 @@ describe('#setup', () => { const config = MockClusterClient.mock.calls[0][0]; expect(config).toMatchInlineSnapshot(` -Object { - "healthCheckDelay": "PT2S", - "hosts": Array [ - "http://8.8.8.8", - ], - "logQueries": true, - "requestHeadersWhitelist": Array [ - undefined, - ], - "ssl": Object { - "certificate": "certificate-value", - "verificationMode": "none", - }, -} -`); + Object { + "healthCheckDelay": "PT0.01S", + "hosts": Array [ + "http://8.8.8.8", + ], + "logQueries": true, + "requestHeadersWhitelist": Array [ + undefined, + ], + "ssl": Object { + "certificate": "certificate-value", + "verificationMode": "none", + }, + } + `); }); it('falls back to elasticsearch config if custom config not passed', async () => { const setupContract = await elasticsearchService.setup(deps); @@ -150,24 +153,24 @@ Object { const config = MockClusterClient.mock.calls[0][0]; expect(config).toMatchInlineSnapshot(` -Object { - "healthCheckDelay": "PT2S", - "hosts": Array [ - "http://1.2.3.4", - ], - "requestHeadersWhitelist": Array [ - undefined, - ], - "ssl": Object { - "alwaysPresentCertificate": undefined, - "certificate": undefined, - "certificateAuthorities": undefined, - "key": undefined, - "keyPassphrase": undefined, - "verificationMode": "none", - }, -} -`); + Object { + "healthCheckDelay": "PT0.01S", + "hosts": Array [ + "http://1.2.3.4", + ], + "requestHeadersWhitelist": Array [ + undefined, + ], + "ssl": Object { + "alwaysPresentCertificate": undefined, + "certificate": undefined, + "certificateAuthorities": undefined, + "key": undefined, + "keyPassphrase": undefined, + "verificationMode": "none", + }, + } + `); }); it('does not merge elasticsearch hosts if custom config overrides', async () => { @@ -213,6 +216,45 @@ Object { `); }); }); + + it('esNodeVersionCompatibility$ only starts polling when subscribed to', async done => { + const mockAdminClusterClientInstance = elasticsearchServiceMock.createClusterClient(); + const mockDataClusterClientInstance = elasticsearchServiceMock.createClusterClient(); + MockClusterClient.mockImplementationOnce( + () => mockAdminClusterClientInstance + ).mockImplementationOnce(() => mockDataClusterClientInstance); + + mockAdminClusterClientInstance.callAsInternalUser.mockRejectedValue(new Error()); + + const setupContract = await elasticsearchService.setup(deps); + await delay(10); + + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(0); + setupContract.esNodesCompatibility$.subscribe(() => { + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(1); + done(); + }); + }); + + it('esNodeVersionCompatibility$ stops polling when unsubscribed from', async done => { + const mockAdminClusterClientInstance = elasticsearchServiceMock.createClusterClient(); + const mockDataClusterClientInstance = elasticsearchServiceMock.createClusterClient(); + MockClusterClient.mockImplementationOnce( + () => mockAdminClusterClientInstance + ).mockImplementationOnce(() => mockDataClusterClientInstance); + + mockAdminClusterClientInstance.callAsInternalUser.mockRejectedValue(new Error()); + + const setupContract = await elasticsearchService.setup(deps); + + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(0); + const sub = setupContract.esNodesCompatibility$.subscribe(async () => { + sub.unsubscribe(); + await delay(100); + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(1); + done(); + }); + }); }); describe('#stop', () => { @@ -229,4 +271,27 @@ describe('#stop', () => { expect(mockAdminClusterClientInstance.close).toHaveBeenCalledTimes(1); expect(mockDataClusterClientInstance.close).toHaveBeenCalledTimes(1); }); + + it('stops pollEsNodeVersions even if there are active subscriptions', async done => { + expect.assertions(2); + const mockAdminClusterClientInstance = elasticsearchServiceMock.createCustomClusterClient(); + const mockDataClusterClientInstance = elasticsearchServiceMock.createCustomClusterClient(); + + MockClusterClient.mockImplementationOnce( + () => mockAdminClusterClientInstance + ).mockImplementationOnce(() => mockDataClusterClientInstance); + + mockAdminClusterClientInstance.callAsInternalUser.mockRejectedValue(new Error()); + + const setupContract = await elasticsearchService.setup(deps); + + setupContract.esNodesCompatibility$.subscribe(async () => { + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(1); + + await elasticsearchService.stop(); + await delay(100); + expect(mockAdminClusterClientInstance.callAsInternalUser).toHaveBeenCalledTimes(1); + done(); + }); + }); }); diff --git a/src/core/server/elasticsearch/elasticsearch_service.ts b/src/core/server/elasticsearch/elasticsearch_service.ts index 9eaf125cc006fc..6616b42f136c04 100644 --- a/src/core/server/elasticsearch/elasticsearch_service.ts +++ b/src/core/server/elasticsearch/elasticsearch_service.ts @@ -17,8 +17,17 @@ * under the License. */ -import { ConnectableObservable, Observable, Subscription } from 'rxjs'; -import { filter, first, map, publishReplay, switchMap, take } from 'rxjs/operators'; +import { ConnectableObservable, Observable, Subscription, Subject } from 'rxjs'; +import { + filter, + first, + map, + publishReplay, + switchMap, + take, + shareReplay, + takeUntil, +} from 'rxjs/operators'; import { CoreService } from '../../types'; import { merge } from '../../utils'; @@ -47,13 +56,8 @@ interface SetupDeps { export class ElasticsearchService implements CoreService { private readonly log: Logger; private readonly config$: Observable; - private subscriptions: { - client?: Subscription; - esNodesCompatibility?: Subscription; - } = { - client: undefined, - esNodesCompatibility: undefined, - }; + private subscription: Subscription | undefined; + private stop$ = new Subject(); private kibanaVersion: string; constructor(private readonly coreContext: CoreContext) { @@ -69,7 +73,7 @@ export class ElasticsearchService implements CoreService { - if (this.subscriptions.client !== undefined) { + if (this.subscription !== undefined) { this.log.error('Clients cannot be changed after they are created'); return false; } @@ -100,7 +104,7 @@ export class ElasticsearchService implements CoreService; - this.subscriptions.client = clients$.connect(); + this.subscription = clients$.connect(); const config = await this.config$.pipe(first()).toPromise(); @@ -164,18 +168,7 @@ export class ElasticsearchService implements CoreService).connect(); - - // TODO: Move to Status Service https://github.com/elastic/kibana/issues/41983 - esNodesCompatibility$.subscribe(({ isCompatible, message }) => { - if (!isCompatible && message) { - this.log.error(message); - } - }); + }).pipe(takeUntil(this.stop$), shareReplay({ refCount: true, bufferSize: 1 })); return { legacy: { config$: clients$.pipe(map(clients => clients.config)) }, @@ -195,12 +188,10 @@ export class ElasticsearchService implements CoreService { + if (!isCompatible && message) { + this.logger.error(message); + } + }); + await this.setupDeps!.elasticsearch.esNodesCompatibility$.pipe( filter(nodes => nodes.isCompatible), take(1) From d55ddd23a149567f98880207d1c8c57ed8a90fae Mon Sep 17 00:00:00 2001 From: spalger Date: Fri, 28 Feb 2020 14:58:32 -0700 Subject: [PATCH 6/7] disable failing suite (#58942) --- .../lib/request_interceptors/on_request_interceptor.test.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/spaces/server/lib/request_interceptors/on_request_interceptor.test.ts b/x-pack/plugins/spaces/server/lib/request_interceptors/on_request_interceptor.test.ts index 448bc39eb606e0..1b673d3418983f 100644 --- a/x-pack/plugins/spaces/server/lib/request_interceptors/on_request_interceptor.test.ts +++ b/x-pack/plugins/spaces/server/lib/request_interceptors/on_request_interceptor.test.ts @@ -18,7 +18,8 @@ import { import * as kbnTestServer from '../../../../../../src/test_utils/kbn_server'; import { elasticsearchServiceMock } from 'src/core/server/mocks'; -describe('onRequestInterceptor', () => { +// FAILING: https://github.com/elastic/kibana/issues/58942 +describe.skip('onRequestInterceptor', () => { let root: ReturnType; beforeEach(async () => { From 100c570219becb3727e31746d957820170881656 Mon Sep 17 00:00:00 2001 From: Patrick Mueller Date: Fri, 28 Feb 2020 17:23:56 -0500 Subject: [PATCH 7/7] change to have kibana --ssl cli option use more recent certs (#57933) * change to have --ssl cli option use more recent certs * also configure 'server.ssl.certificateAuthorities' per PR review * delete theoretically now-unused ssl creds --- src/cli/dev_ssl.js | 22 ---------------------- src/cli/serve/serve.js | 12 +++++------- test/dev_certs/server.crt | 20 -------------------- test/dev_certs/server.key | 27 --------------------------- 4 files changed, 5 insertions(+), 76 deletions(-) delete mode 100644 src/cli/dev_ssl.js delete mode 100644 test/dev_certs/server.crt delete mode 100644 test/dev_certs/server.key diff --git a/src/cli/dev_ssl.js b/src/cli/dev_ssl.js deleted file mode 100644 index 110f44ee57b7d7..00000000000000 --- a/src/cli/dev_ssl.js +++ /dev/null @@ -1,22 +0,0 @@ -/* - * Licensed to Elasticsearch B.V. under one or more contributor - * license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright - * ownership. Elasticsearch B.V. licenses this file to you under - * the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import { resolve } from 'path'; -export const DEV_SSL_CERT_PATH = resolve(__dirname, '../../test/dev_certs/server.crt'); -export const DEV_SSL_KEY_PATH = resolve(__dirname, '../../test/dev_certs/server.key'); diff --git a/src/cli/serve/serve.js b/src/cli/serve/serve.js index be3fc319389d71..29d0fe16ee126a 100644 --- a/src/cli/serve/serve.js +++ b/src/cli/serve/serve.js @@ -28,8 +28,6 @@ import { getConfigPath } from '../../core/server/path'; import { bootstrap } from '../../core/server'; import { readKeystore } from './read_keystore'; -import { DEV_SSL_CERT_PATH, DEV_SSL_KEY_PATH } from '../dev_ssl'; - function canRequire(path) { try { require.resolve(path); @@ -90,7 +88,7 @@ function applyConfigOverrides(rawConfig, opts, extraCliOptions) { if (opts.ssl) { // @kbn/dev-utils is part of devDependencies - const { CA_CERT_PATH } = require('@kbn/dev-utils'); + const { CA_CERT_PATH, KBN_KEY_PATH, KBN_CERT_PATH } = require('@kbn/dev-utils'); const customElasticsearchHosts = opts.elasticsearch ? opts.elasticsearch.split(',') : [].concat(get('elasticsearch.hosts') || []); @@ -104,6 +102,7 @@ function applyConfigOverrides(rawConfig, opts, extraCliOptions) { ensureNotDefined('server.ssl.key'); ensureNotDefined('server.ssl.keystore.path'); ensureNotDefined('server.ssl.truststore.path'); + ensureNotDefined('server.ssl.certificateAuthorities'); ensureNotDefined('elasticsearch.ssl.certificateAuthorities'); const elasticsearchHosts = ( @@ -121,10 +120,9 @@ function applyConfigOverrides(rawConfig, opts, extraCliOptions) { }); set('server.ssl.enabled', true); - // TODO: change this cert/key to KBN_CERT_PATH and KBN_KEY_PATH from '@kbn/dev-utils'; will require some work to avoid breaking - // functional tests. Once that is done, the existing test cert/key at DEV_SSL_CERT_PATH and DEV_SSL_KEY_PATH can be deleted. - set('server.ssl.certificate', DEV_SSL_CERT_PATH); - set('server.ssl.key', DEV_SSL_KEY_PATH); + set('server.ssl.certificate', KBN_CERT_PATH); + set('server.ssl.key', KBN_KEY_PATH); + set('server.ssl.certificateAuthorities', CA_CERT_PATH); set('elasticsearch.hosts', elasticsearchHosts); set('elasticsearch.ssl.certificateAuthorities', CA_CERT_PATH); } diff --git a/test/dev_certs/server.crt b/test/dev_certs/server.crt deleted file mode 100644 index c7a39de4b517a8..00000000000000 --- a/test/dev_certs/server.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDMDCCAhgCCQCkOD7fnHiQrTANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJB -VTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0 -cyBQdHkgTHRkMRIwEAYDVQQDEwlsb2NhbGhvc3QwIBcNMTYwMTE5MjExNjQ5WhgP -MjA4NDAyMDYyMTE2NDlaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0 -YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMT -CWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALR63SnR -LW/Dgl0Vuy8gB6KjWwvajRWeXNgvlf6LX56oNsUFREHBLQlC2uT5R26F3tOqCDbs -MFNoyDjMBinXRRFJJ2Sokue7GSsGvBv41LMTHnO/MeCCbEOqghJS/QI89cV+u+Aw -9U+v426KAlCa1sGuE2+3/JvqdBQyheiukmGLiJ0OofpfgpYuFmKi2uYBKU3qzjUx -D01wQ4rCpq5nEnksGhgBeBDnheYmmDsj/wDvnz1exK/WprvTiHQ5MwuIQ4OybwgV -WDF+zv8PXrObrsZvD/ulrjh1cakvnCe2kDYEKMRiHUDesHS2jNJkBUe+FJo4/E3U -pFoYOtdoBe69BIUCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAQhjF91G0R662XJJ7 -jGMudA9VbRVCow8s68I/GWPZmpKxPAxwz0xiv1eFIoiP416LX9amnx3yAmUoN4Wr -Cq0jsgyT1AOiSCdxkvYsqQG3SFVVt5BDLjThH66Vxi7Bach6SyATa1NG588mg7n9 -pPJ4A1rcj+5kZuwnd52kfVLP+535lylwMyoyJa2AskieRPLNSzus2eUDTR6F+9Mb -eLOwp5rMl2nNYfLXUCSqEeC6uPu0yq6Tu0N0SjThfKndd2NU1fk3zyOjxyCIhGPe -G8VhrPY4lkJ9EE9Tuq095jwd1+q9fYzlKZWhOmg+IcOwUMgbgeWpeZTAhUIZAnia -4UH6NA== ------END CERTIFICATE----- diff --git a/test/dev_certs/server.key b/test/dev_certs/server.key deleted file mode 100644 index 5a6dfea9dc7e41..00000000000000 --- a/test/dev_certs/server.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAtHrdKdEtb8OCXRW7LyAHoqNbC9qNFZ5c2C+V/otfnqg2xQVE -QcEtCULa5PlHboXe06oINuwwU2jIOMwGKddFEUknZKiS57sZKwa8G/jUsxMec78x -4IJsQ6qCElL9Ajz1xX674DD1T6/jbooCUJrWwa4Tb7f8m+p0FDKF6K6SYYuInQ6h -+l+Cli4WYqLa5gEpTerONTEPTXBDisKmrmcSeSwaGAF4EOeF5iaYOyP/AO+fPV7E -r9amu9OIdDkzC4hDg7JvCBVYMX7O/w9es5uuxm8P+6WuOHVxqS+cJ7aQNgQoxGId -QN6wdLaM0mQFR74Umjj8TdSkWhg612gF7r0EhQIDAQABAoIBADNwfU6o3vFm4OYV -BofU8jgppQ6I2QNbYoz/axnksXkv6oRXDvBK1cI4+tieL/zRTQQ5ByRYRyHO0JpX -lD4iq/3UQtUOsug3TGIWBlFWp5DulxRYXyflJGRY2b/NRW144HfMulGYwqJWuFTO -IwDEUQdczQ9fejEaLsF+8Omzr+b6+mEDewqoHb4mbr7gXMdkK85FU2tjWRHlUR+N -GMXRhQQE7o76UyYwNRbI418LaZitHcVYMKSsyU/+Uo/ivzD793OFzk5sDR9eThgi -B50yK2ClB+1bUfis18TXMtC4mZZeypTWifJpBzIiVLMBuN7/Y0HrSomIzyPC7ytW -5jZWCOECgYEA4k+AEmYOiIfPajT3YfG3y0Dptoup9x6zkzVNZnde3LgGRfezzJ7S -+lGbLNnIiuxAeHwZnyrptO0cgm0+SOCRwGXqySkl14WzD1P684nRwlQkzKv/50mZ -ZMUjM83SuIzh8mLv3F5xQ9td5R/y2kCw4YgyYHvhp1nLxEdwPbjtttkCgYEAzCgr -wlP0Uu5PlaSMKSbtmC6tHGv+kgTLM89V6o71+HiUTG6TWGmM+6XlT1cfVWE+27np -MsYoFTKI/meAeJwm+0pxEwemHgrgffkdmsWpTByLaOY1t/eNHagaLCGm2ZRu/WK7 -oltV18kPijnmFs1uZLvlBkxmkadrVAj/cw5uZ40CgYBFZt/9xHJ8iDmhdnDPBpO4 -r0V9B8Ot1yp24IfF/qGGyqCR4G6xN5u3zELsNDV99QmoaVZqK3zUUUrG7L2HF+da -u2aPHiFOwN+yuaxh90fucmN+qNinkziJYLN09Y/DrOC1toWcbRILH0DiPTP6npAf -+eaJFDSVX8JPhSD0rLupsQKBgEzILuz/NjyadEQLhstTYLiDlYfC9hNkyifKKr30 -1n2EnAHC9Jej2uoqEnwsgBRUZpes7A+0hw6x2uQTeTXjRKXt8Wj+z3MtFBFMx92V -yX5ene/t5PYznFczCeTfIylhsfyKTZdaUoa9j6Kk8+xPht1L7W7Y/Rp6pNsOJ0TW -gJ9hAoGBAOJDNPkmH1hY64bvR6P0zEyedClhxIclPHgCrntFTlspkMj/QY48K6IP -R8SZ5jDpxAquQDgvpiuZRDYMHBRJkUe2VpHJFYGl1MLTfoBYn1IH401ixUSBYxAW -yfE7/zMDZUov2Uu8Muto5R/yNHEKBMOLGjadkADhRIHbW4WG1yVr ------END RSA PRIVATE KEY-----