From 4dc5afcccec1e0d1c0a8b049be21d427c576e92b Mon Sep 17 00:00:00 2001 From: Nikolaj Volgushev Date: Thu, 7 Nov 2024 10:01:55 +0100 Subject: [PATCH] Only include settings file for working ES versions (#116250) To avoid failed cluster starts due to https://github.com/elastic/elasticsearch/issues/91939 in upgrade tests, we should only include `settings.json` file if we are above the buggy version. I missed "forward-porting" this to main. A follow-up PR will port the suite over to the new parametrized upgrade test class and remove the settings file from the generic upgrade test flow altogether. --- x-pack/qa/rolling-upgrade/build.gradle | 9 ++++++++- .../upgrades/SecurityIndexRoleMappingCleanupIT.java | 7 +++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/x-pack/qa/rolling-upgrade/build.gradle b/x-pack/qa/rolling-upgrade/build.gradle index 38fbf99068a9b..271aadfe4b388 100644 --- a/x-pack/qa/rolling-upgrade/build.gradle +++ b/x-pack/qa/rolling-upgrade/build.gradle @@ -88,7 +88,14 @@ BuildParams.bwcVersions.withWireCompatible { bwcVersion, baseName -> keystore 'xpack.watcher.encryption_key', file("${project.projectDir}/src/test/resources/system_key") setting 'xpack.watcher.encrypt_sensitive_data', 'true' - extraConfigFile 'operator/settings.json', file("${project.projectDir}/src/test/resources/operator_defined_role_mappings.json") + // file-based settings processing had a bug around applying role mappings on an unrecovered index + // this was fixed in 8.7.0 (https://github.com/elastic/elasticsearch/pull/92173). To avoid flakiness + // in the test, we only set a role mappings file for higher versions. + // TODO move this out into a separate test suite, since operator settings are not relevant for most BWC tests + // and have some side-effects + if (bwcVersion.onOrAfter('8.7.0')) { + extraConfigFile 'operator/settings.json', file("${project.projectDir}/src/test/resources/operator_defined_role_mappings.json") + } // Old versions of the code contain an invalid assertion that trips // during tests. Versions 5.6.9 and 6.2.4 have been fixed by removing diff --git a/x-pack/qa/rolling-upgrade/src/test/java/org/elasticsearch/upgrades/SecurityIndexRoleMappingCleanupIT.java b/x-pack/qa/rolling-upgrade/src/test/java/org/elasticsearch/upgrades/SecurityIndexRoleMappingCleanupIT.java index 82d4050c044b1..915122c97d3f1 100644 --- a/x-pack/qa/rolling-upgrade/src/test/java/org/elasticsearch/upgrades/SecurityIndexRoleMappingCleanupIT.java +++ b/x-pack/qa/rolling-upgrade/src/test/java/org/elasticsearch/upgrades/SecurityIndexRoleMappingCleanupIT.java @@ -6,6 +6,7 @@ */ package org.elasticsearch.upgrades; +import org.elasticsearch.Version; import org.elasticsearch.client.Request; import org.elasticsearch.client.Response; import org.elasticsearch.client.RestClient; @@ -24,8 +25,14 @@ import static org.hamcrest.Matchers.containsInAnyOrder; public class SecurityIndexRoleMappingCleanupIT extends AbstractUpgradeTestCase { + private static final Version UPGRADE_FROM_VERSION = Version.fromString(System.getProperty("tests.upgrade_from_version")); public void testCleanupDuplicateMappings() throws Exception { + // see build.gradle where we set operator/settings.json for more details on this skip + assumeTrue( + "Cluster requires version higher than since operator/settings.json is only set then: " + Version.V_8_7_0, + UPGRADE_FROM_VERSION.onOrAfter(Version.V_8_7_0) + ); if (CLUSTER_TYPE == ClusterType.OLD) { // If we're in a state where the same operator-defined role mappings can exist both in cluster state and the native store // (V_8_15_0 transport added to security.role_mapping_cleanup feature added), create a state