Example 6 with PluginsService
use of org.opensearch.plugins.PluginsService in project OpenSearch by opensearch-project.
the class SearchCancellationIT method initBlockFactory.
private List<ScriptedBlockPlugin> initBlockFactory() {
List<ScriptedBlockPlugin> plugins = new ArrayList<>();
for (PluginsService pluginsService : internalCluster().getDataNodeInstances(PluginsService.class)) {
plugins.addAll(pluginsService.filterPlugins(ScriptedBlockPlugin.class));
}
for (ScriptedBlockPlugin plugin : plugins) {
plugin.reset();
plugin.enableBlock();
}
return plugins;
}
Also used :
PluginsService(org.opensearch.plugins.PluginsService)
ArrayList(java.util.ArrayList)
Example 7 with PluginsService
use of org.opensearch.plugins.PluginsService in project asynchronous-search by opensearch-project.
the class AsynchronousSearchSingleNodeTestCase method initPluginFactory.
public List<SearchDelayPlugin> initPluginFactory() {
List<SearchDelayPlugin> plugins = new ArrayList<>();
PluginsService pluginsService = getInstanceFromNode(PluginsService.class);
plugins.addAll(pluginsService.filterPlugins(SearchDelayPlugin.class));
enableBlocks(plugins);
return plugins;
}
Also used :
PluginsService(org.opensearch.plugins.PluginsService)
ArrayList(java.util.ArrayList)
Example 8 with PluginsService
use of org.opensearch.plugins.PluginsService in project OpenSearch by opensearch-project.
the class RepositoryCredentialsTests method testReinitSecureCredentials.
public void testReinitSecureCredentials() {
final String clientName = randomFrom("default", "other");
final Settings.Builder repositorySettings = Settings.builder();
final boolean hasInsecureSettings = randomBoolean();
if (hasInsecureSettings) {
// repository settings for credentials override node secure settings
repositorySettings.put(S3Repository.ACCESS_KEY_SETTING.getKey(), "insecure_aws_key");
repositorySettings.put(S3Repository.SECRET_KEY_SETTING.getKey(), "insecure_aws_secret");
} else {
repositorySettings.put(S3Repository.CLIENT_NAME.getKey(), clientName);
}
final String repositoryName = "repo-reinit-creds";
createRepository(repositoryName, repositorySettings.build());
final RepositoriesService repositories = getInstanceFromNode(RepositoriesService.class);
assertThat(repositories.repository(repositoryName), notNullValue());
assertThat(repositories.repository(repositoryName), instanceOf(S3Repository.class));
final S3Repository repository = (S3Repository) repositories.repository(repositoryName);
try (AmazonS3Reference clientReference = ((S3BlobStore) repository.blobStore()).clientReference()) {
final AmazonS3 client = clientReference.client();
assertThat(client, instanceOf(ProxyS3RepositoryPlugin.ClientAndCredentials.class));
final AWSCredentials credentials = ((ProxyS3RepositoryPlugin.ClientAndCredentials) client).credentials.getCredentials();
if (hasInsecureSettings) {
assertThat(credentials.getAWSAccessKeyId(), is("insecure_aws_key"));
assertThat(credentials.getAWSSecretKey(), is("insecure_aws_secret"));
} else if ("other".equals(clientName)) {
assertThat(credentials.getAWSAccessKeyId(), is("secure_other_key"));
assertThat(credentials.getAWSSecretKey(), is("secure_other_secret"));
} else {
assertThat(credentials.getAWSAccessKeyId(), is("secure_default_key"));
assertThat(credentials.getAWSSecretKey(), is("secure_default_secret"));
}
// new settings
final MockSecureSettings newSecureSettings = new MockSecureSettings();
newSecureSettings.setString("s3.client." + clientName + ".access_key", "new_secret_aws_key");
newSecureSettings.setString("s3.client." + clientName + ".secret_key", "new_secret_aws_secret");
final Settings newSettings = Settings.builder().setSecureSettings(newSecureSettings).build();
// reload S3 plugin settings
final PluginsService plugins = getInstanceFromNode(PluginsService.class);
final ProxyS3RepositoryPlugin plugin = plugins.filterPlugins(ProxyS3RepositoryPlugin.class).get(0);
plugin.reload(newSettings);
// check the not-yet-closed client reference still has the same credentials
if (hasInsecureSettings) {
assertThat(credentials.getAWSAccessKeyId(), is("insecure_aws_key"));
assertThat(credentials.getAWSSecretKey(), is("insecure_aws_secret"));
} else if ("other".equals(clientName)) {
assertThat(credentials.getAWSAccessKeyId(), is("secure_other_key"));
assertThat(credentials.getAWSSecretKey(), is("secure_other_secret"));
} else {
assertThat(credentials.getAWSAccessKeyId(), is("secure_default_key"));
assertThat(credentials.getAWSSecretKey(), is("secure_default_secret"));
}
}
// check credentials have been updated
try (AmazonS3Reference clientReference = ((S3BlobStore) repository.blobStore()).clientReference()) {
final AmazonS3 client = clientReference.client();
assertThat(client, instanceOf(ProxyS3RepositoryPlugin.ClientAndCredentials.class));
final AWSCredentials newCredentials = ((ProxyS3RepositoryPlugin.ClientAndCredentials) client).credentials.getCredentials();
if (hasInsecureSettings) {
assertThat(newCredentials.getAWSAccessKeyId(), is("insecure_aws_key"));
assertThat(newCredentials.getAWSSecretKey(), is("insecure_aws_secret"));
} else {
assertThat(newCredentials.getAWSAccessKeyId(), is("new_secret_aws_key"));
assertThat(newCredentials.getAWSSecretKey(), is("new_secret_aws_secret"));
}
}
if (hasInsecureSettings) {
assertWarnings("[secret_key] setting was deprecated in OpenSearch and will be removed in a future release!" + " See the breaking changes documentation for the next major version.", "Using s3 access/secret key from repository settings. Instead store these in named clients and" + " the opensearch keystore for secure settings.", "[access_key] setting was deprecated in OpenSearch and will be removed in a future release!" + " See the breaking changes documentation for the next major version.");
}
}
Also used :
AmazonS3(com.amazonaws.services.s3.AmazonS3)
PluginsService(org.opensearch.plugins.PluginsService)
Matchers.containsString(org.hamcrest.Matchers.containsString)
AWSCredentials(com.amazonaws.auth.AWSCredentials)
MockSecureSettings(org.opensearch.common.settings.MockSecureSettings)
RepositoriesService(org.opensearch.repositories.RepositoriesService)
MockSecureSettings(org.opensearch.common.settings.MockSecureSettings)
RecoverySettings(org.opensearch.indices.recovery.RecoverySettings)
Settings(org.opensearch.common.settings.Settings)
Example 9 with PluginsService
use of org.opensearch.plugins.PluginsService in project OpenSearch by opensearch-project.
the class ReloadSecureSettingsIT method testReloadWhileKeystoreChanged.
public void testReloadWhileKeystoreChanged() throws Exception {
final PluginsService pluginsService = internalCluster().getInstance(PluginsService.class);
final MockReloadablePlugin mockReloadablePlugin = pluginsService.filterPlugins(MockReloadablePlugin.class).stream().findFirst().get();
final Environment environment = internalCluster().getInstance(Environment.class);
final int initialReloadCount = mockReloadablePlugin.getReloadCount();
for (int i = 0; i < randomIntBetween(4, 8); i++) {
// write keystore
final SecureSettings secureSettings = writeEmptyKeystore(environment, new char[0]);
// read seed setting value from the test case (not from the node)
final String seedValue = KeyStoreWrapper.SEED_SETTING.get(Settings.builder().put(environment.settings()).setSecureSettings(secureSettings).build()).toString();
// reload call
successfulReloadCall();
assertThat(mockReloadablePlugin.getSeedValue(), equalTo(seedValue));
assertThat(mockReloadablePlugin.getReloadCount() - initialReloadCount, equalTo(i + 1));
}
}
Also used :
PluginsService(org.opensearch.plugins.PluginsService)
Environment(org.opensearch.env.Environment)
SecureSettings(org.opensearch.common.settings.SecureSettings)
SecureString(org.opensearch.common.settings.SecureString)
Matchers.containsString(org.hamcrest.Matchers.containsString)
Example 10 with PluginsService
use of org.opensearch.plugins.PluginsService in project OpenSearch by opensearch-project.
the class ReloadSecureSettingsIT method testMisbehavingPlugin.
public void testMisbehavingPlugin() throws Exception {
final Environment environment = internalCluster().getInstance(Environment.class);
final PluginsService pluginsService = internalCluster().getInstance(PluginsService.class);
final MockReloadablePlugin mockReloadablePlugin = pluginsService.filterPlugins(MockReloadablePlugin.class).stream().findFirst().get();
// make plugins throw on reload
for (final String nodeName : internalCluster().getNodeNames()) {
internalCluster().getInstance(PluginsService.class, nodeName).filterPlugins(MisbehavingReloadablePlugin.class).stream().findFirst().get().setShouldThrow(true);
}
final AtomicReference<AssertionError> reloadSettingsError = new AtomicReference<>();
final int initialReloadCount = mockReloadablePlugin.getReloadCount();
// "some" keystore should be present
final SecureSettings secureSettings = writeEmptyKeystore(environment, new char[0]);
// read seed setting value from the test case (not from the node)
final String seedValue = KeyStoreWrapper.SEED_SETTING.get(Settings.builder().put(environment.settings()).setSecureSettings(secureSettings).build()).toString();
final CountDownLatch latch = new CountDownLatch(1);
final SecureString emptyPassword = randomBoolean() ? new SecureString(new char[0]) : null;
client().admin().cluster().prepareReloadSecureSettings().setSecureStorePassword(emptyPassword).setNodesIds(Strings.EMPTY_ARRAY).execute(new ActionListener<NodesReloadSecureSettingsResponse>() {
@Override
public void onResponse(NodesReloadSecureSettingsResponse nodesReloadResponse) {
try {
assertThat(nodesReloadResponse, notNullValue());
final Map<String, NodesReloadSecureSettingsResponse.NodeResponse> nodesMap = nodesReloadResponse.getNodesMap();
assertThat(nodesMap.size(), equalTo(cluster().size()));
for (final NodesReloadSecureSettingsResponse.NodeResponse nodeResponse : nodesReloadResponse.getNodes()) {
assertThat(nodeResponse.reloadException(), notNullValue());
assertThat(nodeResponse.reloadException().getMessage(), containsString("If shouldThrow I throw"));
}
} catch (final AssertionError e) {
reloadSettingsError.set(e);
} finally {
latch.countDown();
}
}
@Override
public void onFailure(Exception e) {
reloadSettingsError.set(new AssertionError("Nodes request failed", e));
latch.countDown();
}
});
latch.await();
if (reloadSettingsError.get() != null) {
throw reloadSettingsError.get();
}
// even if one plugin fails to reload (throws Exception), others should be
// unperturbed
assertThat(mockReloadablePlugin.getReloadCount() - initialReloadCount, equalTo(1));
// mock plugin should have been reloaded successfully
assertThat(mockReloadablePlugin.getSeedValue(), equalTo(seedValue));
}
Also used :
PluginsService(org.opensearch.plugins.PluginsService)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
SecureString(org.opensearch.common.settings.SecureString)
Matchers.containsString(org.hamcrest.Matchers.containsString)
CountDownLatch(java.util.concurrent.CountDownLatch)
OpenSearchException(org.opensearch.OpenSearchException)
RemoteTransportException(org.opensearch.transport.RemoteTransportException)
AccessControlException(java.security.AccessControlException)
Environment(org.opensearch.env.Environment)
SecureSettings(org.opensearch.common.settings.SecureSettings)
Map(java.util.Map)
SecureString(org.opensearch.common.settings.SecureString)
NodesReloadSecureSettingsResponse(org.opensearch.action.admin.cluster.node.reload.NodesReloadSecureSettingsResponse)
Aggregations
PluginsService (org.opensearch.plugins.PluginsService)15
SecureString (org.opensearch.common.settings.SecureString)6
Environment (org.opensearch.env.Environment)6
AccessControlException (java.security.AccessControlException)5
ArrayList (java.util.ArrayList)5
CountDownLatch (java.util.concurrent.CountDownLatch)5
AtomicReference (java.util.concurrent.atomic.AtomicReference)5
OpenSearchException (org.opensearch.OpenSearchException)5
NodesReloadSecureSettingsResponse (org.opensearch.action.admin.cluster.node.reload.NodesReloadSecureSettingsResponse)5
RemoteTransportException (org.opensearch.transport.RemoteTransportException)5
Map (java.util.Map)4
Matchers.containsString (org.hamcrest.Matchers.containsString)3
SecureSettings (org.opensearch.common.settings.SecureSettings)2
TransportRequest (org.opensearch.transport.TransportRequest)2
AWSCredentials (com.amazonaws.auth.AWSCredentials)1
AmazonS3 (com.amazonaws.services.s3.AmazonS3)1
InputStream (java.io.InputStream)1
Semaphore (java.util.concurrent.Semaphore)1
DiscoveryNode (org.opensearch.cluster.node.DiscoveryNode)1
MockSecureSettings (org.opensearch.common.settings.MockSecureSettings)1
