mirror of
https://github.com/elastic/elasticsearch.git
synced 2025-04-19 04:45:07 -04:00
13c8aaeffa
Static fields dont do well in Gradle with configuration cache enabled. - Use buildParams extension in build scripts - Keep BuildParams.ci for now for easy serverless migration - Tweak testing doc
136 lines
5.7 KiB
Groovy
136 lines
5.7 KiB
Groovy
import org.elasticsearch.gradle.internal.info.BuildParams
|
|
|
|
/*
|
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
* or more contributor license agreements. Licensed under the "Elastic License
|
|
* 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side
|
|
* Public License v 1"; you may not use this file except in compliance with, at
|
|
* your election, the "Elastic License 2.0", the "GNU Affero General Public
|
|
* License v3.0 only", or the "Server Side Public License, v 1".
|
|
*/
|
|
apply plugin: 'elasticsearch.legacy-yaml-rest-test'
|
|
apply plugin: 'elasticsearch.internal-cluster-test'
|
|
|
|
esplugin {
|
|
description 'The EC2 discovery plugin allows to use AWS API for the unicast discovery mechanism.'
|
|
classname 'org.elasticsearch.discovery.ec2.Ec2DiscoveryPlugin'
|
|
}
|
|
|
|
versions << [
|
|
'aws': '1.12.270'
|
|
]
|
|
|
|
dependencies {
|
|
api "com.amazonaws:aws-java-sdk-ec2:${versions.aws}"
|
|
api "com.amazonaws:aws-java-sdk-core:${versions.aws}"
|
|
api "org.apache.httpcomponents:httpclient:${versions.httpclient}"
|
|
api "org.apache.httpcomponents:httpcore:${versions.httpcore}"
|
|
api "commons-logging:commons-logging:${versions.commonslogging}"
|
|
api "org.apache.logging.log4j:log4j-1.2-api:${versions.log4j}"
|
|
api "commons-codec:commons-codec:${versions.commonscodec}"
|
|
api "com.fasterxml.jackson.core:jackson-core:${versions.jackson}"
|
|
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
|
|
api "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
|
|
api "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:${versions.jackson}"
|
|
api "joda-time:joda-time:2.10.10"
|
|
}
|
|
|
|
restResources {
|
|
restApi {
|
|
include '_common', 'cluster', 'nodes'
|
|
}
|
|
}
|
|
|
|
tasks.named("dependencyLicenses").configure {
|
|
mapping from: /aws-java-sdk-.*/, to: 'aws-java-sdk'
|
|
mapping from: /jackson-.*/, to: 'jackson'
|
|
}
|
|
|
|
esplugin.bundleSpec.from('config/discovery-ec2') {
|
|
into 'config'
|
|
}
|
|
|
|
tasks.register("writeTestJavaPolicy") {
|
|
doLast {
|
|
final File tmp = file("${buildDir}/tmp")
|
|
if (tmp.exists() == false && tmp.mkdirs() == false) {
|
|
throw new GradleException("failed to create temporary directory [${tmp}]")
|
|
}
|
|
final File javaPolicy = file("${tmp}/java.policy")
|
|
if (buildParams.inFipsJvm) {
|
|
javaPolicy.write(
|
|
[
|
|
"grant {",
|
|
"permission java.security.SecurityPermission \"putProviderProperty.BCFIPS\";",
|
|
"permission java.security.SecurityPermission \"putProviderProperty.BCJSSE\";",
|
|
"permission java.lang.RuntimePermission \"getProtectionDomain\";",
|
|
"permission java.util.PropertyPermission \"java.runtime.name\", \"read\";",
|
|
"permission org.bouncycastle.crypto.CryptoServicesPermission \"tlsAlgorithmsEnabled\";",
|
|
"permission java.lang.RuntimePermission \"accessClassInPackage.sun.security.internal.spec\";",
|
|
"permission java.lang.RuntimePermission \"accessDeclaredMembers\";",
|
|
"permission java.util.PropertyPermission \"intellij.debug.agent\", \"read\";",
|
|
"permission java.util.PropertyPermission \"intellij.debug.agent\", \"write\";",
|
|
"permission org.bouncycastle.crypto.CryptoServicesPermission \"exportSecretKey\";",
|
|
"permission org.bouncycastle.crypto.CryptoServicesPermission \"exportPrivateKey\";",
|
|
"permission java.io.FilePermission \"\${javax.net.ssl.trustStore}\", \"read\";",
|
|
"permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
|
|
"permission java.security.SecurityPermission \"getProperty.jdk.tls.disabledAlgorithms\";",
|
|
"permission java.security.SecurityPermission \"getProperty.jdk.certpath.disabledAlgorithms\";",
|
|
"permission java.security.SecurityPermission \"getProperty.keystore.type.compat\";",
|
|
"};"
|
|
].join("\n")
|
|
)
|
|
} else {
|
|
javaPolicy.write(
|
|
[
|
|
"grant {",
|
|
" permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
|
|
"};"
|
|
].join("\n"))
|
|
}
|
|
}
|
|
}
|
|
|
|
tasks.named("test").configure {
|
|
dependsOn "writeTestJavaPolicy"
|
|
// this is needed for insecure plugins, remove if possible!
|
|
systemProperty 'tests.artifact', project.name
|
|
|
|
// this is needed to manipulate com.amazonaws.sdk.ec2MetadataServiceEndpointOverride system property
|
|
// it is better rather disable security manager at all with `systemProperty 'tests.security.manager', 'false'`
|
|
if (buildParams.inFipsJvm){
|
|
nonInputProperties.systemProperty 'java.security.policy', "=file://${buildDir}/tmp/java.policy"
|
|
} else {
|
|
nonInputProperties.systemProperty 'java.security.policy', "file://${buildDir}/tmp/java.policy"
|
|
}
|
|
}
|
|
|
|
tasks.named("check").configure {
|
|
// also execute the QA tests when testing the plugin
|
|
dependsOn 'qa:amazon-ec2:check'
|
|
}
|
|
|
|
tasks.named("thirdPartyAudit").configure {
|
|
ignoreMissingClasses(
|
|
// classes are missing
|
|
'com.amazonaws.jmespath.JmesPathExpression',
|
|
'com.amazonaws.jmespath.ObjectMapperSingleton',
|
|
'software.amazon.ion.IonReader',
|
|
'software.amazon.ion.IonSystem',
|
|
'software.amazon.ion.IonType',
|
|
'software.amazon.ion.IonWriter',
|
|
'software.amazon.ion.Timestamp',
|
|
'software.amazon.ion.system.IonBinaryWriterBuilder',
|
|
'software.amazon.ion.system.IonSystemBuilder',
|
|
'software.amazon.ion.system.IonTextWriterBuilder',
|
|
'software.amazon.ion.system.IonWriterBuilder',
|
|
'javax.servlet.ServletContextEvent',
|
|
'javax.servlet.ServletContextListener',
|
|
'org.apache.avalon.framework.logger.Logger',
|
|
'org.apache.log.Hierarchy',
|
|
'org.apache.log.Logger',
|
|
'javax.jms.Message',
|
|
'javax.xml.bind.DatatypeConverter',
|
|
'javax.xml.bind.JAXBContext'
|
|
)
|
|
}
|