Previous code was failing to resolve ConfigurationError at runtime,
because there is no ConfigurationError on the lexical scope or included
into the LSCL AST.
Instead of emitting the helpful error intended, it blew up with a
NameError that adds noise to the problem instead of being helpful as
intended.
Fixes#9343
Prior to this a single worker could slurp down multiple shutdown messages, this prevents that from happening by using a flag that can't be overconsumed.
Fixes#9285
This method was creating a ton of expensive objects making execution slow.
In local tests this improved performance massively, at least 5x in one test with the drop filter.
Fixes#9284
When Logstash is package installed (rpm/deb), the cli tool will be installed with root/root, but the service is run as logstash/logstash. Changing to allow global read access to allow the logstash user read the keystore. Documentation will be provided for how to setup the keystore password such that you will need root access to obtain the keystore password, thereby requiring root access to do anything with the keystore as long as the password is set.
Part of #8735Fixes#9006
* Can't create file with POSIX flags, since not all Windows are POSIX
* Can't explicitly lock the underlying file on Windows, since the
keystore already implicity (implementation detail) locks and does not
allow any interactions if locked. This is very similar to the *nix
behavior, except on *nix you can read while locked and need to manually
manage the lock.
Fixes#8938
Fixes#8657
Part 1: API and JavaKeyStore implementation (#8657)
Introduces the API to read/write/delete sensitive data from a secure store and includes a Java KeyStore implementation. Note - this commit does NOT integrate with the Logstash configuration or settings.
Part 2: Secret Store: SecretStoreFactory, SecureConfig, Obfuscation and X-JVM support (#8659)
* Secret Store: SecretStoreFactory, SecureConfig, Obfuscation and X-JVM support
* Introduce a SecretStoreFactory to allow runtime definition of SecretStore implementation.
* Introduce a SecureConfig to allow simple configuration of different SecretStore implementaiton.
* Introduce random default password plus obfuscation. Best attempt at security through obscurity.
* Corrections / better support for x-JVM modification.
Part 3: Secret Store: SecretStore, SecretStoreFactory, JavaKeystore - refacactor (#8745)
* Adds more CRUD like operations for SecretStore API
* SecretStoreFactory Mirror API's CRUD operations
* Adds 'exists' to API to allow command line warning 'Overwrite ?'
* Minor readabiliy
Part 4: Integrate secret store with Logstash core (#8905)
This change introduces the command line tooling and hooks needed to allow Logstash to use the secret store. This change hooks into the same logic that the does the environment variable substitution. The commnad line mirrors the Elasticsearch command line, and is implemented primarily in Java.
Part 5: Hardening and test fixes (this PR)
Fixes#8935
* Created `org.logstash.Logstash` as entrypoint
* Safely handle `Ruby` runtime (which sadly is still a singleton, moving away from that will require a few iterations on top of this)
* Adjusted `bat` and `sh` entry point wrappers
* Verified manually that performance is unchanged (i.e. all Java opts are still loaded properly)
* Flattened `.jar` path to make it a little less bothersome to build the `-cp` string
* Retained ability to load jars from Ruby via the global `$LS_JARS_LOADED` variable hack, to keep plugin specs that load LS as a `.gem` functional (like e.g. the ITs in LS itself)
* No need for the gem jars magic anymore, the downloading and moving into place of jars is now all handled by Gradle
Fixes#8161
This change is purely to help enable debugging purposes by logging the config source (as writting in the configuration) to generated class relationship. It is logged to appear as comments to the generated code.
Fixes#8691
* Compile conditional datasets
* Correctly typecast Dataset implementations in generated code using a custom ClassLoader
* Optimize away redundant calls to get the current Ruby thread context
* Make field naming and typing in generated code automatic
* Modularize code a lot more
* Fix and spec for #8757
* Fixed by caching the result of a filter Dataset correctly, it was missing the boolean flag that triggered just returning the internal cache
Fixes#8691
This will allow users to override the pipeline id from the default, "main", to something else while running pipelines via either the -e or -f options.
Fixes#8868
The old order made no sense since Password / SafeURI objects were not wrapped in their to_s suppressing containers.
Only remove the obsolete params after they've been detected
Fixes#8785
Specifically this change explictly checks for the Array type to merge into and pushes into the array instead of relying only on the + concat.
Fixes#8827Fixes#8831
a 50ms delay helps creating more full batches without practical added latency see #8707
a 64mb page helps PQ perfmance related to a large page size see #8702#8707
add from another LongVector
use timedout read batch and added test for maximization
WIP maximized batch read size
fixes and cleanups
cleanups
use the await returned boolean to assess timeout
remove useless constant
use Callable<Void> and cosmetic fix
