Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] OIDC Realm JWT+JWS related functionality #37272

Closed

Commits on Dec 5, 2018

  1. Configuration menu
    Copy the full SHA
    5af56b9 View commit details
    Browse the repository at this point in the history

Commits on Dec 13, 2018

  1. support state

    jkakavas committed Dec 13, 2018
    Configuration menu
    Copy the full SHA
    c4154f6 View commit details
    Browse the repository at this point in the history

Commits on Dec 14, 2018

  1. Configuration menu
    Copy the full SHA
    8149339 View commit details
    Browse the repository at this point in the history

Commits on Dec 21, 2018

  1. track current changes

    jkakavas committed Dec 21, 2018
    Configuration menu
    Copy the full SHA
    8d54c7c View commit details
    Browse the repository at this point in the history

Commits on Dec 24, 2018

  1. Ongoing oidc work

    - Added Realm settings
    - Added RP/OP configuration classes
    - Added realm configuration tests
    - Completed the Prepare Auethentication API
    jkakavas committed Dec 24, 2018
    Configuration menu
    Copy the full SHA
    cc68f5a View commit details
    Browse the repository at this point in the history

Commits on Dec 27, 2018

  1. Configuration menu
    Copy the full SHA
    72a2dd4 View commit details
    Browse the repository at this point in the history
  2. Fix formatting

    jkakavas committed Dec 27, 2018
    Configuration menu
    Copy the full SHA
    69fb95c View commit details
    Browse the repository at this point in the history
  3. Fix formatting

    jkakavas committed Dec 27, 2018
    Configuration menu
    Copy the full SHA
    12dd9c0 View commit details
    Browse the repository at this point in the history
  4. Fix settings

    jkakavas committed Dec 27, 2018
    Configuration menu
    Copy the full SHA
    6a4cac6 View commit details
    Browse the repository at this point in the history
  5. Correct javadoc

    jkakavas committed Dec 27, 2018
    Configuration menu
    Copy the full SHA
    aeacfc5 View commit details
    Browse the repository at this point in the history
  6. Configuration menu
    Copy the full SHA
    845dc36 View commit details
    Browse the repository at this point in the history

Commits on Dec 28, 2018

  1. Add JWT model and builder

    Being an RP, we won't need to create JWTs but this will be useful
    for testing
    jkakavas committed Dec 28, 2018
    Configuration menu
    Copy the full SHA
    21559dd View commit details
    Browse the repository at this point in the history

Commits on Jan 4, 2019

  1. Add JsonWebToken parser

    - Reworked builder
    - Added parser that deserializes and parses a JWT
    
    TODO: Signature validation
    jkakavas committed Jan 4, 2019
    Configuration menu
    Copy the full SHA
    59f9284 View commit details
    Browse the repository at this point in the history

Commits on Jan 7, 2019

  1. Configuration menu
    Copy the full SHA
    cd03bdf View commit details
    Browse the repository at this point in the history

Commits on Jan 9, 2019

  1. Complement JWS implementation and tests

    - Added support to PemUtils for reading public keys from files
    - Added support for converting signatures from DER to JWS and vice
      versa
    - Added tests
    jkakavas committed Jan 9, 2019
    Configuration menu
    Copy the full SHA
    d70446f View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    ae7a57c View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    8aa1a42 View commit details
    Browse the repository at this point in the history
  4. fix all precommit issues

    jkakavas committed Jan 9, 2019
    Configuration menu
    Copy the full SHA
    0bf371a View commit details
    Browse the repository at this point in the history

Commits on Jan 10, 2019

  1. Configuration menu
    Copy the full SHA
    0400d8a View commit details
    Browse the repository at this point in the history

Commits on Jan 17, 2019

  1. Remove the AbstracLifecycleComponent constructor with Settings (elast…

    …ic#37523)
    
    Adding the migration guide and removing the deprecated in 6.x
    constructor
    
    relates elastic#35560
    relates elastic#34488
    pgomulka authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    b6e5cca View commit details
    Browse the repository at this point in the history
  2. SQL: Rename SQL type DATE to DATETIME (elastic#37395)

    * SQL: Rename SQL data type DATE to DATETIME
    
    SQL data type DATE has only the date part (e.g.: 2019-01-14)
    without any time information. Previously the SQL type DATE was
    referring to the ES DATE which contains also the time part along
    with TZ information. To conform with SQL data types the data type
    `DATE` is renamed to `DATETIME`, since it includes also the time,
    as a new runtime SQL `DATE` data type will be introduced down the road,
    which only contains the date part and meets the SQL standard.
    
    Closes: elastic#36440
    
    * Address comments
    matriv authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    1686c32 View commit details
    Browse the repository at this point in the history
  3. Fix erroneous docstrings for abstract bulk by scroll request (elastic…

    torgeir authored and Christoph Büscher committed Jan 17, 2019
    Configuration menu
    Copy the full SHA
    676e1b1 View commit details
    Browse the repository at this point in the history
  4. Decreased time out in test

    Relates to elastic#37378
    martijnvg committed Jan 17, 2019
    Configuration menu
    Copy the full SHA
    da79930 View commit details
    Browse the repository at this point in the history
  5. Configuration menu
    Copy the full SHA
    6fe2d6d View commit details
    Browse the repository at this point in the history
  6. Configuration menu
    Copy the full SHA
    99b0984 View commit details
    Browse the repository at this point in the history
  7. Fix testRelocateWhileContinuouslyIndexingAndWaitingForRefresh (elasti…

    …c#37560)
    
    This test failed because the refresh at the end of the test is not guaranteed to run before the
    indexing is completed, and therefore there's no guarantee that the refresh will free all operations.
    This triggers an assertion failure in the test clean-up, which asserts that there are no more pending
    operations.
    ywelsch authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    d9fa4e4 View commit details
    Browse the repository at this point in the history
  8. Configuration menu
    Copy the full SHA
    b85bfd3 View commit details
    Browse the repository at this point in the history
  9. Allow field types to optimize phrase prefix queries (elastic#37436)

    This change adds a way to customize how phrase prefix queries should be created
    on field types. The match phrase prefix query is exposed in field types in order
    to allow optimizations based on the options set on the field.
    For instance the text field uses the configured prefix field (if available) to
    build a span near that mixes the original field and the prefix field on the last
    position.
    This change also contains a small refactoring of the match/multi_match query that
    simplifies the interactions between the builders.
    
    Closes elastic#31921
    jimczi authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    4351a5e View commit details
    Browse the repository at this point in the history
  10. Configuration menu
    Copy the full SHA
    20ed3dd View commit details
    Browse the repository at this point in the history
  11. Add set_priority action to ILM (elastic#37397)

    This commit adds a set_priority action to the hot, warm, and cold
    phases for an ILM policy. This action sets the `index.priority`
    on the managed index to allow different priorities between the
    hot, warm, and cold recoveries.
    
    This commit also includes the HLRC and documentation changes.
    
    closes elastic#36905
    jakelandis authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    587034d View commit details
    Browse the repository at this point in the history
  12. Configuration menu
    Copy the full SHA
    a2d9c46 View commit details
    Browse the repository at this point in the history
  13. Propagate Errors in executors to uncaught exception handler (elastic#…

    …36137)
    
    This is a continuation of elastic#28667 and has as goal to convert all executors to propagate errors to the
    uncaught exception handler. Notable missing ones were the direct executor and the scheduler. This
    commit also makes it the property of the executor, not the runnable, to ensure this property. A big
    part of this commit also consists of vastly improving the test coverage in this area.
    ywelsch authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    6d64a2a View commit details
    Browse the repository at this point in the history
  14. Fix assertion at end of forceRefreshes (elastic#37559)

    This commit ensures that we only change refreshListeners to a list if we're actually adding
    something to the list.
    ywelsch authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    68de2ed View commit details
    Browse the repository at this point in the history
  15. Configuration menu
    Copy the full SHA
    6dcb3af View commit details
    Browse the repository at this point in the history
  16. Configuration menu
    Copy the full SHA
    5782a5b View commit details
    Browse the repository at this point in the history
  17. Create specific exception for when snapshots are in progress (elastic…

    …#37550)
    
    delete and close index actions threw IllegalArgumentExceptions
    when attempting to run against an index that has a snapshot
    in progress.
    
    This change introduces a dedicated SnapshotInProgressException
    for these scenarios. This is done to explicitly signal to clients that
    this is the reason the action failed, and it is a retryable error.
    
    relates to elastic#37541.
    talevy authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    a0c504e View commit details
    Browse the repository at this point in the history
  18. Remove Redundant RestoreRequest Class (elastic#37535)

    * Same as elastic#37464 but for the restore side
    original-brownbear authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    381d035 View commit details
    Browse the repository at this point in the history
  19. Implement follower rate limiting for file restore (elastic#37449)

    This is related to elastic#35975. This commit implements rate limiting on the
    follower side using a new class `CombinedRateLimiter`.
    Tim-Brooks authored Jan 17, 2019
    Configuration menu
    Copy the full SHA
    b6f06a4 View commit details
    Browse the repository at this point in the history
  20. Use RestoreSnapshotRequest in CcrRepositoryIT

    Commit elastic#37535 removed an internal restore request in favor of the
    RestoreSnapshotRequest. Commit elastic#37449 added a new test that used the
    internal restore request. This commit modifies the new test to use the
    RestoreSnapshotRequest.
    Tim-Brooks committed Jan 17, 2019
    Configuration menu
    Copy the full SHA
    978c818 View commit details
    Browse the repository at this point in the history

Commits on Jan 18, 2019

  1. Reenable UnicastZenPingTests#testSimplePings

    * This was muted needlessly, the problem in elastic#26701 only applies to `6.x`
    * Relates elastic#26701
    original-brownbear committed Jan 18, 2019
    Configuration menu
    Copy the full SHA
    62ddc8c View commit details
    Browse the repository at this point in the history
  2. Minor docs cleanup (elastic#37595)

    Not all terminals are accessed via SSH.
    cachedout authored and Christoph Büscher committed Jan 18, 2019
    Configuration menu
    Copy the full SHA
    080c073 View commit details
    Browse the repository at this point in the history
  3. Allow indices.get_mapping response parsing without types (elastic#37492)

    This change adds deprecation warning to the indices.get_mapping API in case the
    "inlcude_type_name" parameter is set to "true" and changes the parsing code in
    GetMappingsResponse to parse the type-less response instead of the one
    containing types. As a consequence the HLRC client doesn't need to force
    "include_type_name=true" any more and the GetMappingsResponseTests can be
    adapted to the new format as well. Also removing some "include_type_name"
    parameters in yaml test and docs where not necessary.
    Christoph Büscher authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    2f0e0b2 View commit details
    Browse the repository at this point in the history
  4. Remove include_type_name in asciidoc where possible (elastic#37568)

    The "include_type_name" parameter was temporarily introduced in elastic#37285 to facilitate
    moving the default parameter setting to "false" in many places in the documentation
    code snippets. Most of the places can simply be reverted without causing errors.
    In this change I looked for asciidoc files that contained the
    "include_type_name=true" addition when creating new indices but didn't look
    likey they made use of the "_doc" type for mappings. This is mostly the case
    e.g. in the analysis docs where index creating often only contains settings. I
    manually corrected the use of types in some places where the docs still used an
    explicit type name and not the dummy "_doc" type.
    Christoph Büscher authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    25aac4f View commit details
    Browse the repository at this point in the history
  5. Migrate IndicesExistsIT to Zen2 (elastic#37526)

    This test was actually passing, for the wrong reason: it asserts a
    `MasterNotDiscoveredException` is thrown, expecting this to be due to a failure
    to perform state recovery, but in fact it's thrown because the node is not
    correctly bootstrapped.
    DaveCTurner authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    699d881 View commit details
    Browse the repository at this point in the history
  6. Migrate RecoveryFromGatewayIT to Zen2 (elastic#37520)

    * Fixes `testTwoNodeFirstNodeCleared` by manipulating voting config exclusions.
    
    * Removes `testRecoveryDifferentNodeOrderStartup` since state recovery is now
      handled entirely on the elected master, so the order in which the data nodes
      start is irrelevant.
    DaveCTurner authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    65e76b3 View commit details
    Browse the repository at this point in the history
  7. Fix BulkWithUpdatesIT and CloseIndexIT

    As of today the Close Index API does its best to close indices,
    but closing an index with ongoing recoveries might or might not
    be acknowledged depending of the values of the max seq number
    and global checkpoint at the time the
    TransportVerifyShardBeforeClose action is executed.
    
    These tests failed because they always expect that the index is
    correctly closed on the first try, which is not always the case.
    Instead we need to retry the closing until it succeed.
    
    Closes elastic#37571
    tlrx committed Jan 18, 2019
    Configuration menu
    Copy the full SHA
    29d3a70 View commit details
    Browse the repository at this point in the history
  8. Configuration menu
    Copy the full SHA
    3a96608 View commit details
    Browse the repository at this point in the history
  9. Only update response headers if we have a new one (elastic#37590)

    Currently when adding a response header, we do some de-duplication, and
    maybe drop the header on the floor if we have reached capacity. Yet, we
    still update the thread local tracking the response headers. This is
    really expensive because under the hood there is a shared reference that
    we synchronize on. In the case of a request processed across many shards
    in a tight loop, this contention can be detrimental to performance. We
    can avoid updating the thread local in these cases though, when the
    response header is duplicate of one that we have already seen, or when
    it's dropped on the floor. This commit addresses these performance
    issues by avoiding the unnecessary set.
    jasontedor authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    ed297b7 View commit details
    Browse the repository at this point in the history
  10. Add validation for empty PutPrivilegeRequest (elastic#37569)

    Return an error to the user if the put privilege api is called with
    an empty body (no privileges)
    
    Resolves: elastic#37561
    jkakavas authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    7597b7c View commit details
    Browse the repository at this point in the history
  11. Update Execute Watch to allow unknown fields (elastic#37498)

    ExecuteWatchResponse did not allow unknown fields. This commit fixes the
    test and ConstructingObjectParser such that it does now allow unknown
    fields. It also creates a new client side test for the response.
    
    Relates elastic#36938
    hub-cap authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    604422c View commit details
    Browse the repository at this point in the history
  12. Remove initial_master_nodes on node restart (elastic#37580)

    Some tests (e.g. testRestoreIndexWithShardsMissingInLocalGateway) were split-braining since
    being switched to Zen2 because the bootstrap setting was left around when nodes got restarted
    with data folders wiped.
    
    The test in question here was starting one node (which autobootstrapped to that single node), then
    another node. The first node was then shut down (after excluding it from the voting configuration),
    its data folder wiped, and restarted. After restart, the node had an empty data folder yet
    initial_master_nodes set to itself (i.e. same name). This made the node sometimes form a cluster of
    its own, and not rejoin the existing cluster with the other node.
    ywelsch authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    377d96e View commit details
    Browse the repository at this point in the history
  13. Add ccr follow info api (elastic#37408)

    * Add ccr follow info api
    
    This api returns all follower indices and per follower index
    the provided parameters at put follow / resume follow time and
    whether index following is paused or active.
    
    Closes elastic#37127
    
    * iter
    
    * [DOCS] Edits the get follower info API
    
    * [DOCS] Fixes link to remote cluster
    
    * [DOCS] Clarifies descriptions for configured parameters
    martijnvg authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    6846666 View commit details
    Browse the repository at this point in the history
  14. Add types deprecation to script contexts (elastic#37554)

    This adds deprecation to _type in the script contexts for ingest and update. 
    This adds a DeprecationMap that wraps the ctx Map containing _type for these 
    specific contexts.
    jdconrad authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    de55b4d View commit details
    Browse the repository at this point in the history
  15. Nit in settings.gradle for Eclipse

    Fixes ``./gradlew eclipse` failure introduced in 6d99e79
    albertzaharovits committed Jan 18, 2019
    Configuration menu
    Copy the full SHA
    633bd09 View commit details
    Browse the repository at this point in the history
  16. SQL: fix object extraction from sources (elastic#37502)

    Throws an exception if hit extractor tries to retrieve unsupported
    object. For example, selecting "a" from `{"a": {"b": "c"}}` now throws
    an exception instead of returning null.
    
    Relates to elastic#37364
    imotov authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    54af8a4 View commit details
    Browse the repository at this point in the history
  17. Document the need for JAVA11_HOME (elastic#37589)

    This commit updates the contribution docs to include java11 as a requirement for building and testing Elasticsearch.
    hmcc authored and rjernst committed Jan 18, 2019
    Configuration menu
    Copy the full SHA
    fc1c476 View commit details
    Browse the repository at this point in the history
  18. Fix setting openldap realm ssl config

    This change fixes the setup of the SSL configuration for the test
    openldap realm. The configuration was missing the realm identifier so
    the SSL settings being used were just the default JDK ones that do not
    trust the certificate of the idp fixture.
    
    See elastic#37591
    jaymode committed Jan 18, 2019
    Configuration menu
    Copy the full SHA
    642e45e View commit details
    Browse the repository at this point in the history
  19. Packaging: Update marker used to allow ELASTIC_PASSWORD (elastic#37243)

    This commit updates the file docker's entrypoint script looks for when
    deciding to process the ELASTIC_PASSWORD env var. The x-pack subdir
    of bin no longer exists in 7.0, where the backcompat layer for x-pack
    script locations was removed.
    
    closes elastic#37240
    rjernst authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    a2bdfb9 View commit details
    Browse the repository at this point in the history
  20. [ILM] Add unfollow action (elastic#36970)

    This change adds the unfollow action for CCR follower indices.
    
    This is needed for the shrink action in case an index is a follower index.
    This will give the follower index the opportunity to fully catch up with
    the leader index, pause index following and unfollow the leader index.
    After this the shrink action can safely perform the ilm shrink.
    
    The unfollow action needs to be added to the hot phase and acts as
    barrier for going to the next phase (warm or delete phases), so that
    follower indices are being unfollowed properly before indices are expected
    to go in read-only mode. This allows the force merge action to execute
    its steps safely.
    
    The unfollow action has three steps:
    * `wait-for-indexing-complete` step: waits for the index in question
      to get the `index.lifecycle.indexing_complete` setting be set to `true`
    * `wait-for-follow-shard-tasks` step: waits for all the shard follow tasks
      for the index being handled to report that the leader shard global checkpoint
      is equal to the follower shard global checkpoint.
    * `pause-follower-index` step: Pauses index following, necessary to unfollow
    * `close-follower-index` step: Closes the index, necessary to unfollow
    * `unfollow-follower-index` step: Actually unfollows the index using 
      the CCR Unfollow API
    * `open-follower-index` step: Reopens the index now that it is a normal index
    * `wait-for-yellow` step: Waits for primary shards to be allocated after
      reopening the index to ensure the index is ready for the next step
    
    In the case of the last two steps, if the index in being handled is
    a regular index then the steps acts as a no-op.
    
    Relates to elastic#34648
    
    Co-authored-by: Martijn van Groningen <martijn.v.groningen@gmail.com>
    Co-authored-by: Gordon Brown <gordon.brown@elastic.co>
    martijnvg and gwbrown committed Jan 18, 2019
    Configuration menu
    Copy the full SHA
    a3030c5 View commit details
    Browse the repository at this point in the history
  21. Deprecate types in the put mapping API. (elastic#37280)

    From elastic#29453 and elastic#37285, the `include_type_name` parameter was already present and defaulted to false. This PR makes the following updates:
    - Add deprecation warnings to `RestPutMappingAction`, plus tests in `RestPutMappingActionTests`.
    - Add a typeless 'put mappings' method to the Java HLRC, and deprecate the old typed version. To do this cleanly, I opted to create a new `PutMappingRequest` object that differs from the existing server one.
    jtibshirani authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    8da7a27 View commit details
    Browse the repository at this point in the history
  22. ML: creating ML State write alias and pointing writes there (elastic#…

    …37483)
    
    * ML: creating ML State write alias and pointing writes there
    
    * Moving alias check to openJob method
    
    * adjusting concrete index lookup for ml-state
    benwtrent authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    5384162 View commit details
    Browse the repository at this point in the history
  23. ML: Add support for single bucket aggs in Datafeeds (elastic#37544)

    Single bucket aggs are now supported in datafeed aggregation configurations.
    benwtrent authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    12cdf1c View commit details
    Browse the repository at this point in the history
  24. Remove obsolete deprecation checks (elastic#37510)

    * Remove obsolete deprecation checks
    
    This also updates the old-indices check to be appropriate for the 7.x
    series of releases, and leaves it as the only deprecation check in
    place.
    
    * Add toString to DeprecationIssue
    
    * Bring filterChecks across from 6.x
    
    * License headers
    gwbrown authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    88b9810 View commit details
    Browse the repository at this point in the history
  25. refactor inner geogrid classes to own class files (elastic#37596)

    To make further refactoring of GeoGrid aggregations
    easier (related: elastic#30320), splitting out these inner
    class dependencies into their own files makes it
    easier to map the relationship between classes
    talevy authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    106f900 View commit details
    Browse the repository at this point in the history
  26. Add some deprecation optimizations (elastic#37597)

    This commit optimizes some of the performance issues from using
    deprecation logging:
     - we optimize encoding the deprecation value
     - we optimize formatting the deprecation string
     - we optimize away getting the current time (by using cached startup
       time)
    jasontedor authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    adae233 View commit details
    Browse the repository at this point in the history
  27. Add local session timeouts to leader node (elastic#37438)

    This is related to elastic#35975. This commit adds timeout functionality to
    the local session on a leader node. When a session is started, a timeout
    is scheduled using a repeatable runnable. If the session is not accessed
    in between two runs the session is closed. When the sssion is closed,
    the repeating task is cancelled.
    
    Additionally, this commit moves session uuid generation to the leader
    cluster. And renames the PutCcrRestoreSessionRequest to
    StartCcrRestoreSessionRequest to reflect that change.
    Tim-Brooks authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    cd41289 View commit details
    Browse the repository at this point in the history
  28. Do not add index event listener if CCR disabled (elastic#37432)

    Currently we add the CcrRestoreSourceService as a index event
    listener. However, if ccr is disabled, this service is null and we
    attempt to add a null listener throwing an exception. This commit only
    adds the listener if ccr is enabled.
    Tim-Brooks authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    fe753ee View commit details
    Browse the repository at this point in the history
  29. Update get users to allow unknown fields (elastic#37593)

    The subparser in get users allows for unknown fields. This commit sets
    the value to true for the parser and modifies the test such that it
    accurately tests it.
    
    Relates elastic#36938
    hub-cap authored Jan 18, 2019
    Configuration menu
    Copy the full SHA
    c03308a View commit details
    Browse the repository at this point in the history

Commits on Jan 19, 2019

  1. Configuration menu
    Copy the full SHA
    b4c18a9 View commit details
    Browse the repository at this point in the history
  2. Update jdk used by the docker builds (elastic#37621)

    With the release of 11.0.2, the old URLs no longer work. This exposed a
    few small bugs in the gradle config. One was that --no-cache was not
    present in the docker build command, so it was not failing at
    first. Then once only the ext.expansions was changed and the docker
    build task was not, it was not executing it.
    hub-cap authored Jan 19, 2019
    Configuration menu
    Copy the full SHA
    9b32f57 View commit details
    Browse the repository at this point in the history

Commits on Jan 20, 2019

  1. Add cache cleaning task for ML snapshot (elastic#37505)

    The ML subproject of xpack has a cache for the cpp artifact snapshots
    which is checked on each build. The cache is outside of the build dir so
    that it is not wiped on a typical clean, as the artifacts can be large
    and do not change often. This commit adds a cleanCache task which will
    wipe the cache dir, as over time the size of the directory can become
    bloated.
    rjernst authored Jan 20, 2019
    Configuration menu
    Copy the full SHA
    fc99eb3 View commit details
    Browse the repository at this point in the history
  2. Remove Watcher Account "unsecure" settings (elastic#36736)

    Removes all sensitive settings (passwords, auth tokens, urls, etc...) for
    watcher notifications accounts. These settings were deprecated (and
    herein removed) in favor of their secure sibling that is set inside the
    elasticsearch keystore. For example:
    `xpack.notification.email.account.<id>.smtp.password`
    is no longer a valid setting, and it is replaced by
    `xpack.notification.email.account.<id>.smtp.secure_password`
    albertzaharovits authored Jan 20, 2019
    Configuration menu
    Copy the full SHA
    5308746 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    f843c92 View commit details
    Browse the repository at this point in the history
  4. OpenID Connect Realm base functionality (elastic#37009)

    This commit adds
    
    * An OpenID Connect Realm definition
    * Necessary OpenID Connect Realm settings to support Authorization code
     grant and Implicit grant flows
    * Rest and Transport Action and Request/Response objects for initiating and
     completing the authentication flow
    * Functionality for generating OIDC Authentication Request URIs Unit tests
    
    Notably missing (to be handled in subsequent PRs):
    * The actual implementation of the authentication flows
    * Necessary JW{T,S,E} functionality
    
    Relates: elastic#35339
    jkakavas committed Jan 20, 2019
    Configuration menu
    Copy the full SHA
    63e9e46 View commit details
    Browse the repository at this point in the history