Closed jfreden closed 3 weeks ago
Following you can find the validation results for the APIs you have changed.
API | Status | Request | Response |
---|---|---|---|
security.bulk_put_role |
:red_circle: | 0/1 | 1/1 |
You can validate these APIs yourself by using the make validate
target.
Following you can find the validation results for the APIs you have changed.
API | Status | Request | Response |
---|---|---|---|
security.bulk_put_role |
:red_circle: | 0/1 | 1/1 |
You can validate these APIs yourself by using the make validate
target.
Hey @pquentin ! I've created a new PR here and can't run the failing validation locally because I don't have the needed vault permissions. Thanks!
Hey @jfreden, I'll reach to you privately about this. In the meantime, I can tell you that the error is that Elasticsearch YAML tests call the bulk put role API with a description but that field is missing from the RoleDescriptor class.
Following you can find the validation results for the APIs you have changed.
API | Status | Request | Response |
---|---|---|---|
security.activate_user_profile |
:green_circle: | 9/9 | 9/9 |
security.authenticate |
:green_circle: | 30/30 | 30/30 |
security.bulk_delete_role |
:orange_circle: | Missing type | Missing type |
security.bulk_put_role |
:green_circle: | 1/1 | 1/1 |
security.bulk_update_api_keys |
:orange_circle: | Missing type | Missing type |
security.change_password |
:green_circle: | 9/9 | 9/9 |
security.clear_api_key_cache |
:green_circle: | 13/13 | 13/13 |
security.clear_cached_privileges |
:green_circle: | 3/3 | 3/3 |
security.clear_cached_realms |
:green_circle: | 1/1 | 1/1 |
security.clear_cached_roles |
:green_circle: | 2/2 | 2/2 |
security.clear_cached_service_tokens |
:green_circle: | 4/4 | 4/4 |
security.create_api_key |
:red_circle: | 67/69 | 60/60 |
security.create_cross_cluster_api_key |
:orange_circle: | Missing type | Missing type |
security.create_service_token |
:green_circle: | 3/3 | 3/3 |
security.delete_privileges |
:green_circle: | 6/6 | 6/6 |
security.delete_role_mapping |
:green_circle: | 9/9 | 9/9 |
security.delete_role |
:green_circle: | 8/8 | 8/8 |
security.delete_service_token |
:white_circle: | Missing test | Missing test |
security.delete_user |
:green_circle: | 9/9 | 9/9 |
security.disable_user_profile |
:green_circle: | 1/1 | 1/1 |
security.disable_user |
:green_circle: | 3/3 | 3/3 |
security.enable_user_profile |
:green_circle: | 1/1 | 1/1 |
security.enable_user |
:green_circle: | 4/4 | 4/4 |
security.enroll_kibana |
:white_circle: | Missing test | Missing test |
security.enroll_node |
:white_circle: | Missing test | Missing test |
security.get_api_key |
:red_circle: | 38/38 | 15/38 |
security.get_builtin_privileges |
:red_circle: | 2/2 | 1/2 |
security.get_privileges |
:green_circle: | 12/12 | 12/12 |
security.get_role_mapping |
:red_circle: | 18/18 | 10/18 |
security.get_role |
:red_circle: | 24/24 | 21/24 |
security.get_service_accounts |
:white_circle: | Missing test | Missing test |
security.get_service_credentials |
:green_circle: | 1/1 | 1/1 |
security.get_settings |
:orange_circle: | Missing type | Missing type |
security.get_token |
:green_circle: | 25/25 | 24/24 |
security.get_user_privileges |
:red_circle: | 8/8 | 7/8 |
security.get_user_profile |
:green_circle: | 8/8 | 8/8 |
security.get_user |
:green_circle: | 25/25 | 25/25 |
security.grant_api_key |
:green_circle: | 7/7 | 7/7 |
security.has_privileges_user_profile |
:green_circle: | 3/3 | 3/3 |
security.has_privileges |
:green_circle: | 24/24 | 24/24 |
security.invalidate_api_key |
:green_circle: | 12/12 | 12/12 |
security.invalidate_token |
:green_circle: | 11/11 | 11/11 |
security.oidc_authenticate |
:orange_circle: | Missing type | Missing type |
security.oidc_logout |
:orange_circle: | Missing type | Missing type |
security.oidc_prepare_authentication |
:orange_circle: | Missing type | Missing type |
security.put_privileges |
:green_circle: | 10/10 | 10/10 |
security.put_role_mapping |
:red_circle: | 2/11 | 11/11 |
security.put_role |
:red_circle: | 38/40 | 39/39 |
security.put_user |
:green_circle: | 49/49 | 48/48 |
security.query_api_keys |
:red_circle: | 14/14 | 1/14 |
security.query_role |
:orange_circle: | Missing type | Missing type |
security.query_user |
:orange_circle: | Missing type | Missing type |
security.saml_authenticate |
:white_circle: | Missing test | Missing test |
security.saml_complete_logout |
:white_circle: | Missing test | Missing test |
security.saml_invalidate |
:white_circle: | Missing test | Missing test |
security.saml_logout |
:white_circle: | Missing test | Missing test |
security.saml_prepare_authentication |
:white_circle: | Missing test | Missing test |
security.saml_service_provider_metadata |
:white_circle: | Missing test | Missing test |
security.suggest_user_profiles |
:green_circle: | 1/1 | 1/1 |
security.update_api_key |
:green_circle: | 5/5 | 5/5 |
security.update_cross_cluster_api_key |
:orange_circle: | Missing type | Missing type |
security.update_settings |
:orange_circle: | Missing type | Missing type |
security.update_user_profile_data |
:green_circle: | 1/1 | 1/1 |
You can validate these APIs yourself by using the make validate
target.
Great success! Thanks @pquentin ! I was able to run this locally too. 👍
Following you can find the validation results for the APIs you have changed.
API | Status | Request | Response |
---|---|---|---|
security.activate_user_profile |
:green_circle: | 9/9 | 9/9 |
security.authenticate |
:green_circle: | 30/30 | 30/30 |
security.bulk_delete_role |
:orange_circle: | Missing type | Missing type |
security.bulk_put_role |
:green_circle: | 1/1 | 1/1 |
security.bulk_update_api_keys |
:orange_circle: | Missing type | Missing type |
security.change_password |
:green_circle: | 9/9 | 9/9 |
security.clear_api_key_cache |
:green_circle: | 13/13 | 13/13 |
security.clear_cached_privileges |
:green_circle: | 3/3 | 3/3 |
security.clear_cached_realms |
:green_circle: | 1/1 | 1/1 |
security.clear_cached_roles |
:green_circle: | 2/2 | 2/2 |
security.clear_cached_service_tokens |
:green_circle: | 4/4 | 4/4 |
security.create_api_key |
:red_circle: | 67/69 | 60/60 |
security.create_cross_cluster_api_key |
:orange_circle: | Missing type | Missing type |
security.create_service_token |
:green_circle: | 3/3 | 3/3 |
security.delete_privileges |
:green_circle: | 6/6 | 6/6 |
security.delete_role_mapping |
:green_circle: | 9/9 | 9/9 |
security.delete_role |
:green_circle: | 8/8 | 8/8 |
security.delete_service_token |
:white_circle: | Missing test | Missing test |
security.delete_user |
:green_circle: | 9/9 | 9/9 |
security.disable_user_profile |
:green_circle: | 1/1 | 1/1 |
security.disable_user |
:green_circle: | 3/3 | 3/3 |
security.enable_user_profile |
:green_circle: | 1/1 | 1/1 |
security.enable_user |
:green_circle: | 4/4 | 4/4 |
security.enroll_kibana |
:white_circle: | Missing test | Missing test |
security.enroll_node |
:white_circle: | Missing test | Missing test |
security.get_api_key |
:red_circle: | 38/38 | 15/38 |
security.get_builtin_privileges |
:red_circle: | 2/2 | 1/2 |
security.get_privileges |
:green_circle: | 12/12 | 12/12 |
security.get_role_mapping |
:red_circle: | 18/18 | 10/18 |
security.get_role |
:red_circle: | 24/24 | 21/24 |
security.get_service_accounts |
:white_circle: | Missing test | Missing test |
security.get_service_credentials |
:green_circle: | 1/1 | 1/1 |
security.get_settings |
:orange_circle: | Missing type | Missing type |
security.get_token |
:green_circle: | 25/25 | 24/24 |
security.get_user_privileges |
:red_circle: | 8/8 | 7/8 |
security.get_user_profile |
:green_circle: | 8/8 | 8/8 |
security.get_user |
:green_circle: | 25/25 | 25/25 |
security.grant_api_key |
:green_circle: | 7/7 | 7/7 |
security.has_privileges_user_profile |
:green_circle: | 3/3 | 3/3 |
security.has_privileges |
:green_circle: | 24/24 | 24/24 |
security.invalidate_api_key |
:green_circle: | 12/12 | 12/12 |
security.invalidate_token |
:green_circle: | 11/11 | 11/11 |
security.oidc_authenticate |
:orange_circle: | Missing type | Missing type |
security.oidc_logout |
:orange_circle: | Missing type | Missing type |
security.oidc_prepare_authentication |
:orange_circle: | Missing type | Missing type |
security.put_privileges |
:green_circle: | 10/10 | 10/10 |
security.put_role_mapping |
:red_circle: | 2/11 | 11/11 |
security.put_role |
:red_circle: | 38/40 | 39/39 |
security.put_user |
:green_circle: | 49/49 | 48/48 |
security.query_api_keys |
:red_circle: | 14/14 | 1/14 |
security.query_role |
:orange_circle: | Missing type | Missing type |
security.query_user |
:orange_circle: | Missing type | Missing type |
security.saml_authenticate |
:white_circle: | Missing test | Missing test |
security.saml_complete_logout |
:white_circle: | Missing test | Missing test |
security.saml_invalidate |
:white_circle: | Missing test | Missing test |
security.saml_logout |
:white_circle: | Missing test | Missing test |
security.saml_prepare_authentication |
:white_circle: | Missing test | Missing test |
security.saml_service_provider_metadata |
:white_circle: | Missing test | Missing test |
security.suggest_user_profiles |
:green_circle: | 1/1 | 1/1 |
security.update_api_key |
:green_circle: | 5/5 | 5/5 |
security.update_cross_cluster_api_key |
:orange_circle: | Missing type | Missing type |
security.update_settings |
:orange_circle: | Missing type | Missing type |
security.update_user_profile_data |
:green_circle: | 1/1 | 1/1 |
You can validate these APIs yourself by using the make validate
target.
Following you can find the validation results for the APIs you have changed.
API | Status | Request | Response |
---|---|---|---|
security.activate_user_profile |
:green_circle: | 9/9 | 9/9 |
security.authenticate |
:green_circle: | 30/30 | 30/30 |
security.bulk_delete_role |
:orange_circle: | Missing type | Missing type |
security.bulk_put_role |
:green_circle: | 1/1 | 1/1 |
security.bulk_update_api_keys |
:orange_circle: | Missing type | Missing type |
security.change_password |
:green_circle: | 9/9 | 9/9 |
security.clear_api_key_cache |
:green_circle: | 13/13 | 13/13 |
security.clear_cached_privileges |
:green_circle: | 3/3 | 3/3 |
security.clear_cached_realms |
:green_circle: | 1/1 | 1/1 |
security.clear_cached_roles |
:green_circle: | 2/2 | 2/2 |
security.clear_cached_service_tokens |
:green_circle: | 4/4 | 4/4 |
security.create_api_key |
:red_circle: | 67/69 | 60/60 |
security.create_cross_cluster_api_key |
:orange_circle: | Missing type | Missing type |
security.create_service_token |
:green_circle: | 3/3 | 3/3 |
security.delete_privileges |
:green_circle: | 6/6 | 6/6 |
security.delete_role_mapping |
:green_circle: | 9/9 | 9/9 |
security.delete_role |
:green_circle: | 8/8 | 8/8 |
security.delete_service_token |
:white_circle: | Missing test | Missing test |
security.delete_user |
:green_circle: | 9/9 | 9/9 |
security.disable_user_profile |
:green_circle: | 1/1 | 1/1 |
security.disable_user |
:green_circle: | 3/3 | 3/3 |
security.enable_user_profile |
:green_circle: | 1/1 | 1/1 |
security.enable_user |
:green_circle: | 4/4 | 4/4 |
security.enroll_kibana |
:white_circle: | Missing test | Missing test |
security.enroll_node |
:white_circle: | Missing test | Missing test |
security.get_api_key |
:red_circle: | 38/38 | 15/38 |
security.get_builtin_privileges |
:red_circle: | 2/2 | 1/2 |
security.get_privileges |
:green_circle: | 12/12 | 12/12 |
security.get_role_mapping |
:red_circle: | 18/18 | 10/18 |
security.get_role |
:red_circle: | 24/24 | 21/24 |
security.get_service_accounts |
:white_circle: | Missing test | Missing test |
security.get_service_credentials |
:green_circle: | 1/1 | 1/1 |
security.get_settings |
:orange_circle: | Missing type | Missing type |
security.get_token |
:green_circle: | 25/25 | 24/24 |
security.get_user_privileges |
:red_circle: | 8/8 | 7/8 |
security.get_user_profile |
:green_circle: | 8/8 | 8/8 |
security.get_user |
:green_circle: | 25/25 | 25/25 |
security.grant_api_key |
:green_circle: | 7/7 | 7/7 |
security.has_privileges_user_profile |
:green_circle: | 3/3 | 3/3 |
security.has_privileges |
:green_circle: | 24/24 | 24/24 |
security.invalidate_api_key |
:green_circle: | 12/12 | 12/12 |
security.invalidate_token |
:green_circle: | 11/11 | 11/11 |
security.oidc_authenticate |
:orange_circle: | Missing type | Missing type |
security.oidc_logout |
:orange_circle: | Missing type | Missing type |
security.oidc_prepare_authentication |
:orange_circle: | Missing type | Missing type |
security.put_privileges |
:green_circle: | 10/10 | 10/10 |
security.put_role_mapping |
:red_circle: | 2/11 | 11/11 |
security.put_role |
:red_circle: | 38/40 | 39/39 |
security.put_user |
:green_circle: | 49/49 | 48/48 |
security.query_api_keys |
:red_circle: | 14/14 | 1/14 |
security.query_role |
:orange_circle: | Missing type | Missing type |
security.query_user |
:orange_circle: | Missing type | Missing type |
security.saml_authenticate |
:white_circle: | Missing test | Missing test |
security.saml_complete_logout |
:white_circle: | Missing test | Missing test |
security.saml_invalidate |
:white_circle: | Missing test | Missing test |
security.saml_logout |
:white_circle: | Missing test | Missing test |
security.saml_prepare_authentication |
:white_circle: | Missing test | Missing test |
security.saml_service_provider_metadata |
:white_circle: | Missing test | Missing test |
security.suggest_user_profiles |
:green_circle: | 1/1 | 1/1 |
security.update_api_key |
:green_circle: | 5/5 | 5/5 |
security.update_cross_cluster_api_key |
:orange_circle: | Missing type | Missing type |
security.update_settings |
:orange_circle: | Missing type | Missing type |
security.update_user_profile_data |
:green_circle: | 1/1 | 1/1 |
You can validate these APIs yourself by using the make validate
target.
(Sorry for the noise, I've been testing credential changes with this pull request.)
sorry I know this is again something not strictly related to the PR, but since the cluster
field in RoleDescriptor only accepts cluster privilege values, should we change it from string[] to ClusterPrivilege[]
?
other than that, LGTM!
Following you can find the validation results for the APIs you have changed.
API | Status | Request | Response |
---|---|---|---|
security.activate_user_profile |
:green_circle: | 9/9 | 9/9 |
security.authenticate |
:green_circle: | 30/30 | 30/30 |
security.bulk_delete_role |
:orange_circle: | Missing type | Missing type |
security.bulk_put_role |
:green_circle: | 1/1 | 1/1 |
security.bulk_update_api_keys |
:orange_circle: | Missing type | Missing type |
security.change_password |
:green_circle: | 9/9 | 9/9 |
security.clear_api_key_cache |
:green_circle: | 13/13 | 13/13 |
security.clear_cached_privileges |
:green_circle: | 3/3 | 3/3 |
security.clear_cached_realms |
:green_circle: | 1/1 | 1/1 |
security.clear_cached_roles |
:green_circle: | 2/2 | 2/2 |
security.clear_cached_service_tokens |
:green_circle: | 4/4 | 4/4 |
security.create_api_key |
:red_circle: | 67/69 | 60/60 |
security.create_cross_cluster_api_key |
:orange_circle: | Missing type | Missing type |
security.create_service_token |
:green_circle: | 3/3 | 3/3 |
security.delete_privileges |
:green_circle: | 6/6 | 6/6 |
security.delete_role_mapping |
:green_circle: | 9/9 | 9/9 |
security.delete_role |
:green_circle: | 8/8 | 8/8 |
security.delete_service_token |
:white_circle: | Missing test | Missing test |
security.delete_user |
:green_circle: | 9/9 | 9/9 |
security.disable_user_profile |
:green_circle: | 1/1 | 1/1 |
security.disable_user |
:green_circle: | 3/3 | 3/3 |
security.enable_user_profile |
:green_circle: | 1/1 | 1/1 |
security.enable_user |
:green_circle: | 4/4 | 4/4 |
security.enroll_kibana |
:white_circle: | Missing test | Missing test |
security.enroll_node |
:white_circle: | Missing test | Missing test |
security.get_api_key |
:red_circle: | 38/38 | 15/38 |
security.get_builtin_privileges |
:red_circle: | 2/2 | 1/2 |
security.get_privileges |
:green_circle: | 12/12 | 12/12 |
security.get_role_mapping |
:red_circle: | 18/18 | 10/18 |
security.get_role |
:red_circle: | 24/24 | 21/24 |
security.get_service_accounts |
:white_circle: | Missing test | Missing test |
security.get_service_credentials |
:green_circle: | 1/1 | 1/1 |
security.get_settings |
:orange_circle: | Missing type | Missing type |
security.get_token |
:green_circle: | 25/25 | 24/24 |
security.get_user_privileges |
:red_circle: | 8/8 | 7/8 |
security.get_user_profile |
:green_circle: | 8/8 | 8/8 |
security.get_user |
:green_circle: | 25/25 | 25/25 |
security.grant_api_key |
:green_circle: | 7/7 | 7/7 |
security.has_privileges_user_profile |
:green_circle: | 3/3 | 3/3 |
security.has_privileges |
:green_circle: | 24/24 | 24/24 |
security.invalidate_api_key |
:green_circle: | 12/12 | 12/12 |
security.invalidate_token |
:green_circle: | 11/11 | 11/11 |
security.oidc_authenticate |
:orange_circle: | Missing type | Missing type |
security.oidc_logout |
:orange_circle: | Missing type | Missing type |
security.oidc_prepare_authentication |
:orange_circle: | Missing type | Missing type |
security.put_privileges |
:green_circle: | 10/10 | 10/10 |
security.put_role_mapping |
:red_circle: | 2/11 | 11/11 |
security.put_role |
:red_circle: | 38/40 | 39/39 |
security.put_user |
:green_circle: | 49/49 | 48/48 |
security.query_api_keys |
:red_circle: | 14/14 | 1/14 |
security.query_role |
:green_circle: | 3/3 | 3/3 |
security.query_user |
:orange_circle: | Missing type | Missing type |
security.saml_authenticate |
:white_circle: | Missing test | Missing test |
security.saml_complete_logout |
:white_circle: | Missing test | Missing test |
security.saml_invalidate |
:white_circle: | Missing test | Missing test |
security.saml_logout |
:white_circle: | Missing test | Missing test |
security.saml_prepare_authentication |
:white_circle: | Missing test | Missing test |
security.saml_service_provider_metadata |
:white_circle: | Missing test | Missing test |
security.suggest_user_profiles |
:green_circle: | 1/1 | 1/1 |
security.update_api_key |
:green_circle: | 5/5 | 5/5 |
security.update_cross_cluster_api_key |
:orange_circle: | Missing type | Missing type |
security.update_settings |
:orange_circle: | Missing type | Missing type |
security.update_user_profile_data |
:green_circle: | 1/1 | 1/1 |
You can validate these APIs yourself by using the make validate
target.
Thanks for the review @l-trotta ! I've updated the RoleDescriptor
to use the enum for ClusterPrivilege
.
This adds a new spec for the bulk put roles API added in 8.15 in https://github.com/elastic/elasticsearch/pull/109339.