wait for active shards on index creation

x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/test/NativeRealmIntegTestCase.java

@@ -36,8 +36,7 @@ public abstract class NativeRealmIntegTestCase extends SecurityIntegTestCase {
 
     @Before
     public void ensureNativeStoresStarted() throws Exception {
-        createSecurityIndex();
-        assertSecurityIndexActive();
+        createSecurityIndexWithWaitForActiveShards();
         if (shouldSetReservedUserPasswords()) {
             setupReservedPasswords();
         }

x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/security/authc/ApiKeyIntegTests.java

@@ -191,8 +191,7 @@ protected boolean addMockHttpTransport() {
 
     @Before
     public void waitForSecurityIndexWritable() throws Exception {
-        createSecurityIndex();
-        assertSecurityIndexActive();
+        createSecurityIndexWithWaitForActiveShards();
     }
 
     @After

x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/security/authc/TokenAuthIntegTests.java

@@ -783,8 +783,7 @@ public void testAuthenticateWithWrongToken() throws Exception {
 
     @Before
     public void waitForSecurityIndexWritable() throws Exception {
-        createSecurityIndex();
-        assertSecurityIndexActive();
+        createSecurityIndexWithWaitForActiveShards();
     }
 
     @After

x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/security/authz/SecurityScrollTests.java

@@ -31,8 +31,7 @@
 public class SecurityScrollTests extends SecurityIntegTestCase {
 
     public void testScrollIsPerUser() throws Exception {
-        createSecurityIndex();
-        assertSecurityIndexActive();
+        createSecurityIndexWithWaitForActiveShards();
         new PutRoleRequestBuilder(client()).name("scrollable")
             .addIndices(new String[] { randomAlphaOfLengthBetween(4, 12) }, new String[] { "read" }, null, null, null, randomBoolean())
             .get();

x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/security/support/SecurityIndexManagerIntegTests.java

@@ -110,7 +110,7 @@ public void testOnIndexAvailableForSearchIndexCompletesWithinTimeout() throws Ex
         // pick longer wait than in the assertBusy that waits for below to ensure index has had enough time to initialize
         securityIndexManager.onIndexAvailableForSearch((ActionListener<Void>) future, TimeValue.timeValueSeconds(40));
 
-        createSecurityIndex();
+        createSecurityIndexWithWaitForActiveShards();
 
         assertBusy(
             () -> assertThat(securityIndexManager.isAvailable(SecurityIndexManager.Availability.SEARCH_SHARDS), is(true)),
@@ -125,7 +125,7 @@ public void testOnIndexAvailableForSearchIndexCompletesWithinTimeout() throws Ex
 
     @SuppressWarnings("unchecked")
     public void testOnIndexAvailableForSearchIndexAlreadyAvailable() throws Exception {
-        createSecurityIndex();
+        createSecurityIndexWithWaitForActiveShards();
 
         final SecurityIndexManager securityIndexManager = internalCluster().getInstances(NativePrivilegeStore.class)
             .iterator()

x-pack/plugin/security/src/test/java/org/elasticsearch/test/SecurityIntegTestCase.java

@@ -14,6 +14,7 @@
 import org.elasticsearch.action.admin.indices.delete.DeleteIndexRequest;
 import org.elasticsearch.action.admin.indices.get.GetIndexRequest;
 import org.elasticsearch.action.admin.indices.get.GetIndexResponse;
+import org.elasticsearch.action.support.ActiveShardCount;
 import org.elasticsearch.action.support.IndicesOptions;
 import org.elasticsearch.client.RequestOptions;
 import org.elasticsearch.client.internal.Client;
@@ -383,7 +384,9 @@ protected Function<Client, Client> getClientWrapper() {
 
     /**
      * Waits for security index to become available. Note that you must ensure index creation was triggered before calling this method,
-     * either by calling one of the resource creation APIs (e.g., creating a user), or by calling {@link #createSecurityIndex()}.
+     * by calling one of the resource creation APIs (e.g., creating a user).
+     * If you use {@link #createSecurityIndexWithWaitForActiveShards()} to create the index it's not necessary call
+     * {@link #assertSecurityIndexActive} since the create method ensures the index is active.
      */
     public void assertSecurityIndexActive() throws Exception {
         assertSecurityIndexActive(cluster());
@@ -424,7 +427,7 @@ protected void deleteSecurityIndex() {
         }
     }
 
-    protected void createSecurityIndex() {
+    protected void createSecurityIndexWithWaitForActiveShards() {
         final Client client = client().filterWithHeader(
             Collections.singletonMap(
                 "Authorization",
@@ -434,7 +437,8 @@ protected void createSecurityIndex() {
                 )
             )
         );
-        CreateIndexRequest createIndexRequest = new CreateIndexRequest(SECURITY_MAIN_ALIAS);
+        CreateIndexRequest createIndexRequest = new CreateIndexRequest(SECURITY_MAIN_ALIAS).waitForActiveShards(ActiveShardCount.ALL)
+            .masterNodeTimeout(TEST_REQUEST_TIMEOUT);
         client.admin().indices().create(createIndexRequest).actionGet();
     }
 

x-pack/qa/third-party/active-directory/src/test/java/org/elasticsearch/xpack/security/authc/ldap/AbstractAdLdapRealmTestCase.java

@@ -181,8 +181,7 @@ protected Settings buildRealmSettings(
 
     @Before
     public void setupRoleMappings() throws Exception {
-        createSecurityIndex();
-        assertSecurityIndexActive();
+        createSecurityIndexWithWaitForActiveShards();
 
         List<String> content = getRoleMappingContent(RoleMappingEntry::nativeContent);
         if (content.isEmpty()) {