[PURIFY] remove all trace of x-pack security (#16)

This commit removes all trace of the security high level rest client and other reference to x-pack security

Co-authored-by: Rabi Panda <rabipanda@icloud.com>

buildSrc/src/main/java/org/elasticsearch/gradle/testclusters/ElasticsearchCluster.java

@@ -396,23 +396,6 @@ public void nextNodeToNextVersion() {
         node.stop(false);
         node.goToNextVersion();
         commonNodeConfig(node, null, null);
-        // We need to translate these settings there as there's no support to do per version config for testclusters yet
-        if (node.getVersion().onOrAfter("7.0.0")) {
-            if (node.settings.containsKey("xpack.security.authc.realms.file1.type")) {
-                node.settings.remove("xpack.security.authc.realms.file1.type");
-                node.settings.put(
-                    "xpack.security.authc.realms.file.file1.order",
-                    node.settings.remove("xpack.security.authc.realms.file1.order")
-                );
-            }
-            if (node.settings.containsKey("xpack.security.authc.realms.native1.type")) {
-                node.settings.remove("xpack.security.authc.realms.native1.type");
-                node.settings.put(
-                    "xpack.security.authc.realms.native.native1.order",
-                    node.settings.remove("xpack.security.authc.realms.native1.order")
-                );
-            }
-        }
         nodeIndex += 1;
         node.start();
     }
@@ -509,15 +492,12 @@ public ElasticsearchNode singleNode() {
     private void addWaitForClusterHealth() {
         waitConditions.put("cluster health yellow", (node) -> {
             try {
-                boolean httpSslEnabled = getFirstNode().isHttpSslEnabled();
                 WaitForHttpResource wait = new WaitForHttpResource(
-                    httpSslEnabled ? "https" : "http",
+                   "http",
                     getFirstNode().getHttpSocketURI(),
                     nodes.size()
                 );
-                if (httpSslEnabled) {
-                    getFirstNode().configureHttpWait(wait);
-                }
+
                 List<Map<String, String>> credentials = getFirstNode().getCredentials();
                 if (getFirstNode().getCredentials().isEmpty() == false) {
                     wait.setUsername(credentials.get(0).get("useradd"));

buildSrc/src/main/java/org/elasticsearch/gradle/testclusters/ElasticsearchNode.java

@@ -533,12 +533,6 @@ public synchronized void start() {
 
         installModules();
 
-        if (isSettingTrue("xpack.security.enabled")) {
-            if (credentials.isEmpty()) {
-                user(Collections.emptyMap());
-            }
-        }
-
         if (credentials.isEmpty() == false) {
             logToProcessStdout("Setting up " + credentials.size() + " users");
 
@@ -1448,28 +1442,6 @@ private boolean checkPortsFilesExistWithDelay(TestClusterConfiguration node) {
         return Files.exists(httpPortsFile) && Files.exists(transportPortFile);
     }
 
-    @Internal
-    public boolean isHttpSslEnabled() {
-        return Boolean.valueOf(settings.getOrDefault("xpack.security.http.ssl.enabled", "false").toString());
-    }
-
-    void configureHttpWait(WaitForHttpResource wait) {
-        if (settings.containsKey("xpack.security.http.ssl.certificate_authorities")) {
-            wait.setCertificateAuthorities(
-                getConfigDir().resolve(settings.get("xpack.security.http.ssl.certificate_authorities").toString()).toFile()
-            );
-        }
-        if (settings.containsKey("xpack.security.http.ssl.certificate")) {
-            wait.setCertificateAuthorities(getConfigDir().resolve(settings.get("xpack.security.http.ssl.certificate").toString()).toFile());
-        }
-        if (settings.containsKey("xpack.security.http.ssl.keystore.path")) {
-            wait.setTrustStoreFile(getConfigDir().resolve(settings.get("xpack.security.http.ssl.keystore.path").toString()).toFile());
-        }
-        if (keystoreSettings.containsKey("xpack.security.http.ssl.keystore.secure_password")) {
-            wait.setTrustStorePassword(keystoreSettings.get("xpack.security.http.ssl.keystore.secure_password").toString());
-        }
-    }
-
     void setHttpPort(String httpPort) {
         this.httpPort = httpPort;
     }

client/rest-high-level/build.gradle

@@ -81,24 +81,9 @@ testClusters.all {
   testDistribution = 'DEFAULT'
   systemProperty 'es.scripting.update.ctx_in_params', 'false'
   setting 'reindex.remote.whitelist', '[ "[::1]:*", "127.0.0.1:*" ]'
-  setting 'xpack.license.self_generated.type', 'trial'
-  setting 'xpack.security.enabled', 'true'
-  setting 'xpack.security.authc.token.enabled', 'true'
-  setting 'xpack.security.authc.api_key.enabled', 'true'
-  setting 'xpack.security.http.ssl.enabled', 'false'
-  setting 'xpack.security.transport.ssl.enabled', 'false'
-  // Truststore settings are not used since TLS is not enabled. Included for testing the get certificates API
-  setting 'xpack.security.http.ssl.certificate_authorities', 'testnode.crt'
-  setting 'xpack.security.transport.ssl.truststore.path', 'testnode.jks'
-  setting 'xpack.security.authc.realms.file.default_file.order', '0'
-  setting 'xpack.security.authc.realms.native.default_native.order', '1'
-  setting 'xpack.security.authc.realms.pki.pki1.order', '2'
-  setting 'xpack.security.authc.realms.pki.pki1.certificate_authorities', '[ "testRootCA.crt" ]'
-  setting 'xpack.security.authc.realms.pki.pki1.delegation.enabled', 'true'
 
   setting 'indices.lifecycle.poll_interval', '1000ms'
   setting 'indices.lifecycle.history_index_enabled', 'false'
-  keystore 'xpack.security.transport.ssl.truststore.secure_password', 'testnode'
   extraConfigFile 'roles.yml', file('roles.yml')
   user username: System.getProperty('tests.rest.cluster.username', 'test_user'),
     password: System.getProperty('tests.rest.cluster.password', 'test-password'),

client/rest-high-level/src/main/java/org/elasticsearch/client/RequestConverters.java

@@ -53,7 +53,6 @@
 import org.elasticsearch.client.core.MultiTermVectorsRequest;
 import org.elasticsearch.client.core.TermVectorsRequest;
 import org.elasticsearch.client.indices.AnalyzeRequest;
-import org.elasticsearch.client.security.RefreshPolicy;
 import org.elasticsearch.client.tasks.TaskId;
 import org.elasticsearch.cluster.health.ClusterHealthStatus;
 import org.elasticsearch.common.Nullable;
@@ -272,7 +271,6 @@ private static Request getStyleRequest(String method, GetRequest getRequest) {
         Params parameters = new Params();
         parameters.withPreference(getRequest.preference());
         parameters.withRouting(getRequest.routing());
-        parameters.withRefresh(getRequest.refresh());
         parameters.withRealtime(getRequest.realtime());
         parameters.withStoredFields(getRequest.storedFields());
         parameters.withVersion(getRequest.version());
@@ -294,7 +292,6 @@ private static Request sourceRequest(GetSourceRequest getSourceRequest, String h
         Params parameters = new Params();
         parameters.withPreference(getSourceRequest.preference());
         parameters.withRouting(getSourceRequest.routing());
-        parameters.withRefresh(getSourceRequest.refresh());
         parameters.withRealtime(getSourceRequest.realtime());
         parameters.withFetchSourceContext(getSourceRequest.fetchSourceContext());
 
@@ -316,7 +313,6 @@ static Request multiGet(MultiGetRequest multiGetRequest) throws IOException {
         Params parameters = new Params();
         parameters.withPreference(multiGetRequest.preference());
         parameters.withRealtime(multiGetRequest.realtime());
-        parameters.withRefresh(multiGetRequest.refresh());
         request.addParameters(parameters.asMap());
         request.setEntity(createEntity(multiGetRequest, REQUEST_BODY_CONTENT_TYPE));
         return request;
@@ -593,7 +589,6 @@ private static Request prepareReindexRequest(ReindexRequest reindexRequest, bool
         Request request = new Request(HttpPost.METHOD_NAME, endpoint);
         Params params = new Params()
             .withWaitForCompletion(waitForCompletion)
-            .withRefresh(reindexRequest.isRefresh())
             .withTimeout(reindexRequest.getTimeout())
             .withWaitForActiveShards(reindexRequest.getWaitForActiveShards())
             .withRequestsPerSecond(reindexRequest.getRequestsPerSecond())
@@ -614,7 +609,6 @@ private static Request prepareDeleteByQueryRequest(DeleteByQueryRequest deleteBy
         Request request = new Request(HttpPost.METHOD_NAME, endpoint);
         Params params = new Params()
             .withRouting(deleteByQueryRequest.getRouting())
-            .withRefresh(deleteByQueryRequest.isRefresh())
             .withTimeout(deleteByQueryRequest.getTimeout())
             .withWaitForActiveShards(deleteByQueryRequest.getWaitForActiveShards())
             .withRequestsPerSecond(deleteByQueryRequest.getRequestsPerSecond())
@@ -646,7 +640,6 @@ static Request prepareUpdateByQueryRequest(UpdateByQueryRequest updateByQueryReq
         Params params = new Params()
             .withRouting(updateByQueryRequest.getRouting())
             .withPipeline(updateByQueryRequest.getPipeline())
-            .withRefresh(updateByQueryRequest.isRefresh())
             .withTimeout(updateByQueryRequest.getTimeout())
             .withWaitForActiveShards(updateByQueryRequest.getWaitForActiveShards())
             .withRequestsPerSecond(updateByQueryRequest.getRequestsPerSecond())
@@ -916,16 +909,8 @@ Params withRealtime(boolean realtime) {
             return this;
         }
 
-        Params withRefresh(boolean refresh) {
-            if (refresh) {
-                return withRefreshPolicy(RefreshPolicy.IMMEDIATE);
-            }
-            return this;
-        }
-
         /**
-         *  @deprecated If creating a new HLRC ReST API call, use {@link RefreshPolicy}
-         *  instead of {@link WriteRequest.RefreshPolicy} from the server project
+         *  @deprecated
          */
         @Deprecated
         Params withRefreshPolicy(WriteRequest.RefreshPolicy refreshPolicy) {
@@ -935,13 +920,6 @@ Params withRefreshPolicy(WriteRequest.RefreshPolicy refreshPolicy) {
             return this;
         }
 
-        Params withRefreshPolicy(RefreshPolicy refreshPolicy) {
-            if (refreshPolicy != RefreshPolicy.NONE) {
-                return putParam("refresh", refreshPolicy.getValue());
-            }
-            return this;
-        }
-
         Params withRequestsPerSecond(float requestsPerSecond) {
             // the default in AbstractBulkByScrollRequest is Float.POSITIVE_INFINITY,
             // but we don't want to add that to the URL parameters, instead we use -1

client/rest-high-level/src/main/java/org/elasticsearch/client/RestHighLevelClient.java

@@ -262,7 +262,6 @@ public class RestHighLevelClient implements Closeable {
     private final TasksClient tasksClient = new TasksClient(this);
     private final WatcherClient watcherClient = new WatcherClient(this);
     private final MigrationClient migrationClient = new MigrationClient(this);
-    private final SecurityClient securityClient = new SecurityClient(this);
     private final IndexLifecycleClient ilmClient = new IndexLifecycleClient(this);
     private final RollupClient rollupClient = new RollupClient(this);
     private final TransformClient transformClient = new TransformClient(this);
@@ -401,20 +400,6 @@ public MigrationClient migration() {
         return migrationClient;
     }
 
-    /**
-     * Provides methods for accessing the Elastic Licensed Security APIs that
-     * are shipped with the Elastic Stack distribution of Elasticsearch. All of
-     * these APIs will 404 if run against the OSS distribution of Elasticsearch.
-     * <p>
-     * See the <a href="https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api.html">
-     * Security APIs on elastic.co</a> for more information.
-     *
-     * @return the client wrapper for making Security API calls
-     */
-    public SecurityClient security() {
-        return securityClient;
-    }
-
     /**
      * Provides methods for accessing the Elastic Licensed Data Frame APIs that
      * are shipped with the Elastic Stack distribution of Elasticsearch. All of