Skip to content

Commit

Permalink
Handle non-flat yaml settings for demo configuration detection (opens…
Browse files Browse the repository at this point in the history
…earch-project#4793)

Signed-off-by: Derek Ho <[email protected]>
  • Loading branch information
derek-ho authored Oct 8, 2024
1 parent f55f072 commit 5436146
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -106,15 +106,30 @@ public void configureSecuritySettings() throws IOException {
/**
* Checks if security plugin is already configured. If so, the script execution will exit.
*/
@SuppressWarnings("unchecked")
void checkIfSecurityPluginIsAlreadyConfigured() {
// Check if the configuration file contains the 'plugins.security' string
// Check if the configuration file contains security settings
if (installer.OPENSEARCH_CONF_FILE != null && new File(installer.OPENSEARCH_CONF_FILE).exists()) {
try (BufferedReader br = new BufferedReader(new FileReader(installer.OPENSEARCH_CONF_FILE, StandardCharsets.UTF_8))) {
String line;
while ((line = br.readLine()) != null) {
if (line.toLowerCase().contains("plugins.security")) {
System.out.println(installer.OPENSEARCH_CONF_FILE + " seems to be already configured for Security. Quit.");
System.exit(installer.skip_updates);
Yaml yaml = new Yaml();
Map<String, Object> yamlData = yaml.load(br);
if (yamlData != null) {
// Check for flat keys
for (String key : yamlData.keySet()) {
if (key.startsWith("plugins.security")) {
System.out.println(installer.OPENSEARCH_CONF_FILE + " seems to be already configured for Security. Quit.");
System.exit(installer.skip_updates);
}
}
// Check for nested keys
if (yamlData.containsKey("plugins")) {
Map<String, Object> plugins = (Map<String, Object>) yamlData.get("plugins");
for (String key : plugins.keySet()) {
if (key.startsWith("security")) {
System.out.println(installer.OPENSEARCH_CONF_FILE + " seems to be already configured for Security. Quit.");
System.exit(installer.skip_updates);
}
}
}
}
} catch (IOException e) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -363,6 +363,24 @@ public void testCreateSecurityAdminDemoScript_invalidPath() {
}
}

@Test
public void testReadNonFlatYamlAlreadyConfigured() throws IOException {
installer.OPENSEARCH_CONF_FILE = Paths.get("src/test/resources/opensearch-config-non-flat.yaml").toFile().getAbsolutePath();
String expectedMessage = installer.OPENSEARCH_CONF_FILE + " seems to be already configured for Security. Quit.";
try {
System.setSecurityManager(new NoExitSecurityManager());
securitySettingsConfigurer.checkIfSecurityPluginIsAlreadyConfigured();
} catch (SecurityException e) {
assertThat(e.getMessage(), equalTo("System.exit(-1) blocked to allow print statement testing."));
} finally {
System.setSecurityManager(null);
}
verifyStdOutContainsString(expectedMessage);

// reset the file pointer
installer.OPENSEARCH_CONF_FILE = installer.OPENSEARCH_CONF_DIR + "opensearch.yml";
}

@SuppressWarnings("unchecked")
public static void setEnv(String key, String value) throws NoSuchFieldException, IllegalAccessException {
Class<?>[] classes = Collections.class.getDeclaredClasses();
Expand Down
14 changes: 14 additions & 0 deletions src/test/resources/opensearch-config-non-flat.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
plugins:
security:
ssl:
transport:
pemcert_filepath: esnode.pem
pemkey_filepath: esnode-key.pem
pemtrustedcas_filepath: root-ca.pem
enforce_hostname_verification: false
http:
enabled: true
pemcert_filepath: esnode.pem
pemkey_filepath: esnode-key.pem
pemtrustedcas_filepath: root-ca.pem
allow_unsafe_democertificates: true

0 comments on commit 5436146

Please sign in to comment.