mirror of
https://github.com/elastic/kibana.git
synced 2025-04-20 16:03:20 -04:00
b6287708f6
Updates files outside of x-pack to be triple-licensed under Elastic License 2.0, AGPL 3.0, or SSPL 1.0.
86 lines
3.3 KiB
TypeScript
86 lines
3.3 KiB
TypeScript
/*
|
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
* or more contributor license agreements. Licensed under the "Elastic License
|
|
* 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side
|
|
* Public License v 1"; you may not use this file except in compliance with, at
|
|
* your election, the "Elastic License 2.0", the "GNU Affero General Public
|
|
* License v3.0 only", or the "Server Side Public License, v 1".
|
|
*/
|
|
|
|
import { readFileSync } from 'fs';
|
|
import { CA_CERT_PATH, KBN_CERT_PATH, KBN_KEY_PATH } from '@kbn/dev-utils';
|
|
|
|
type ConfigType = Record<string, any>;
|
|
|
|
/**
|
|
* Enables HTTP2 by adding/changing the appropriate config settings
|
|
*
|
|
* Important: this must be used on "final" (non-reused) configs, otherwise
|
|
* the overrides from the children configs could remove the overrides
|
|
* done in that helper.
|
|
*/
|
|
export const configureHTTP2 = (config: ConfigType): ConfigType => {
|
|
// Add env flag to avoid terminating on NODE_TLS_REJECT_UNAUTHORIZED warning
|
|
process.env.IS_FTR_RUNNER = 'true';
|
|
|
|
// tell native node agents to trust unsafe certificates
|
|
// this is ugly, but unfortunately required, as some libraries (such as supertest)
|
|
// have no real alternatives to accept self-signed certs
|
|
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
|
|
|
|
// tell webdriver browser to accept self-signed certificates
|
|
config.browser = { ...(config.browser ?? {}), acceptInsecureCerts: true };
|
|
|
|
// change the configured kibana server to run on https with the dev CA
|
|
config.servers.kibana = {
|
|
...config.servers.kibana,
|
|
protocol: 'https',
|
|
certificateAuthorities: [readFileSync(CA_CERT_PATH, 'utf-8')],
|
|
};
|
|
|
|
const serverArgs = config.kbnTestServer.serverArgs;
|
|
|
|
// enable http2 on the kibana server
|
|
addOrReplaceKbnServerArg(serverArgs, 'server.protocol', () => 'http2');
|
|
// enable and configure TLS on the kibana server
|
|
addOrReplaceKbnServerArg(serverArgs, 'server.ssl.enabled', () => 'true');
|
|
addOrReplaceKbnServerArg(serverArgs, 'server.ssl.key', () => KBN_KEY_PATH);
|
|
addOrReplaceKbnServerArg(serverArgs, 'server.ssl.certificate', () => KBN_CERT_PATH);
|
|
addOrReplaceKbnServerArg(serverArgs, 'server.ssl.certificateAuthorities', () => CA_CERT_PATH);
|
|
// replace the newsfeed test plugin url to use https
|
|
addOrReplaceKbnServerArg(serverArgs, 'newsfeed.service.urlRoot', (oldValue) => {
|
|
if (!oldValue || !oldValue.includes(config.servers.kibana.hostname)) {
|
|
return undefined;
|
|
}
|
|
return oldValue.replaceAll('http', 'https');
|
|
});
|
|
|
|
return config;
|
|
};
|
|
|
|
/**
|
|
* Set or replace given `arg` in the provided serverArgs list, using the provided replacer function
|
|
*/
|
|
const addOrReplaceKbnServerArg = (
|
|
serverArgs: string[],
|
|
argName: string,
|
|
replacer: (value: string | undefined) => string | undefined
|
|
) => {
|
|
const argPrefix = `--${argName}=`;
|
|
const argIndex = serverArgs.findIndex((value) => value.startsWith(argPrefix));
|
|
|
|
if (argIndex === -1) {
|
|
const newArgValue = replacer(undefined);
|
|
if (newArgValue !== undefined) {
|
|
serverArgs.push(`${argPrefix}${newArgValue}`);
|
|
}
|
|
} else {
|
|
const currentArgValue = serverArgs[argIndex].substring(argPrefix.length);
|
|
const newArgValue = replacer(currentArgValue);
|
|
if (newArgValue !== undefined) {
|
|
serverArgs[argIndex] = `${argPrefix}${newArgValue}`;
|
|
} else {
|
|
serverArgs.splice(argIndex, 1);
|
|
}
|
|
}
|
|
};
|