Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[pull] main from elastic:main #530

Merged
merged 17 commits into from
Nov 22, 2024
Merged

[pull] main from elastic:main #530

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
6ea3e01
Upgrade Bouncy Castle FIPS dependencies (#112989)
slobodanadamovic Nov 22, 2024
a1247b3
ES|QL: fix validation of SORT by aggregate functions (#117316)
luigidellaquila Nov 22, 2024
bcb29b7
Preserve thread context when waiting for segment generation in RTG (#…
pxsalehi Nov 22, 2024
d26a772
Unmute Categorize VerifierTests and require snapshot on them (#117016)
ivancea Nov 22, 2024
1fe3ed1
Add docs for aggs filtering (#116681)
bpintea Nov 22, 2024
7ac8d63
ESQL: Fix double lookup and HashJoinExec.addedFields (#115616)
jackpan123 Nov 22, 2024
f922353
Enable test-fixture test suites (#117329)
DaveCTurner Nov 22, 2024
09a5338
ESQL: drop RowExec (#117133)
bpintea Nov 22, 2024
bd18787
Change default container image to be based on UBI minimal instead of …
jozala Nov 22, 2024
830c504
Always Emit Inference ID in Semantic Text Mapping (#117294)
Mikep86 Nov 22, 2024
13a51f2
Distinguish `LicensedFeature` by family field (#116809)
n1v0lg Nov 22, 2024
29be961
Search Queries in parallel - part 1 (#116812)
drempapis Nov 22, 2024
bff8ce6
Mute org.elasticsearch.xpack.inference.DefaultEndPointsIT testInferDe…
elasticsearchmachine Nov 22, 2024
f6ac6e1
[Build] Remove deprecated BuildParams (#116984)
breskeby Nov 22, 2024
b455643
Add java version variants of entitlements checker (#116878)
rjernst Nov 22, 2024
0803598
Update test (#117202)
ankikuma Nov 22, 2024
94c3e82
Fixing bug setting index when parsing Google Vertex AI results (#117287)
ymao1 Nov 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 8 additions & 59 deletions .buildkite/pipelines/pull-request/packaging-tests-unix.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,65 +3,9 @@ config:
steps:
- group: packaging-tests-unix
steps:
- label: "{{matrix.image}} / docker / packaging-tests-unix"
key: "packaging-tests-unix-docker"
command: ./.ci/scripts/packaging-test.sh destructiveDistroTest.docker-cloud-ess
timeout_in_minutes: 300
matrix:
setup:
image:
- debian-11
- debian-12
- opensuse-leap-15
- oraclelinux-7
- oraclelinux-8
- sles-12
- sles-15
- ubuntu-1804
- ubuntu-2004
- ubuntu-2204
- rocky-8
- rocky-9
- rhel-7
- rhel-8
- rhel-9
- almalinux-8
agents:
provider: gcp
image: family/elasticsearch-{{matrix.image}}
diskSizeGb: 350
machineType: custom-16-32768
- label: "{{matrix.image}} / packages / packaging-tests-unix"
key: "packaging-tests-unix-packages"
command: ./.ci/scripts/packaging-test.sh destructiveDistroTest.packages
timeout_in_minutes: 300
matrix:
setup:
image:
- debian-11
- debian-12
- opensuse-leap-15
- oraclelinux-7
- oraclelinux-8
- sles-12
- sles-15
- ubuntu-1804
- ubuntu-2004
- ubuntu-2204
- rocky-8
- rocky-9
- rhel-7
- rhel-8
- rhel-9
- almalinux-8
agents:
provider: gcp
image: family/elasticsearch-{{matrix.image}}
diskSizeGb: 350
machineType: custom-16-32768
- label: "{{matrix.image}} / archives / packaging-tests-unix"
key: "packaging-tests-unix-archives"
command: ./.ci/scripts/packaging-test.sh destructiveDistroTest.archives
- label: "{{matrix.image}} / {{matrix.PACKAGING_TASK}} / packaging-tests-unix"
key: "packaging-tests-unix"
command: ./.ci/scripts/packaging-test.sh destructiveDistroTest.{{matrix.PACKAGING_TASK}}
timeout_in_minutes: 300
matrix:
setup:
Expand All @@ -82,6 +26,11 @@ steps:
- rhel-8
- rhel-9
- almalinux-8
PACKAGING_TASK:
- docker
- docker-cloud-ess
- packages
- archives
agents:
provider: gcp
image: family/elasticsearch-{{matrix.image}}
Expand Down
3 changes: 0 additions & 3 deletions ...integTest/groovy/org/elasticsearch/gradle/internal/ElasticsearchJavaPluginFuncTest.groovy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,6 @@ class ElasticsearchJavaPluginFuncTest extends AbstractGradleInternalPluginFuncTe
when:
buildFile.text << """
import org.elasticsearch.gradle.Architecture
import org.elasticsearch.gradle.internal.info.BuildParams
BuildParams.init { it.setMinimumRuntimeVersion(JavaVersion.VERSION_1_10) }

assert tasks.named('compileJava').get().sourceCompatibility == JavaVersion.VERSION_1_10.toString()
assert tasks.named('compileJava').get().targetCompatibility == JavaVersion.VERSION_1_10.toString()
"""
Expand Down
10 changes: 4 additions & 6 deletions build-tools-internal/src/main/groovy/elasticsearch.fips.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,9 @@


import org.elasticsearch.gradle.internal.ExportElasticsearchBuildResourcesTask
import org.elasticsearch.gradle.internal.info.BuildParams
import org.elasticsearch.gradle.internal.test.rest.RestTestBasePlugin
import org.elasticsearch.gradle.testclusters.StandaloneRestIntegTestTask
import org.elasticsearch.gradle.testclusters.TestClustersAware
import org.elasticsearch.gradle.testclusters.TestDistribution

//apply plugin: org.elasticsearch.gradle.internal.info.GlobalBuildInfoPlugin

Expand All @@ -25,12 +23,12 @@ if (buildParams.inFipsJvm) {
File fipsSecurity = new File(fipsResourcesDir, javaSecurityFilename)
File fipsPolicy = new File(fipsResourcesDir, 'fips_java.policy')
File fipsTrustStore = new File(fipsResourcesDir, 'cacerts.bcfks')
def bcFips = dependencies.create('org.bouncycastle:bc-fips:1.0.2.4')
def bcTlsFips = dependencies.create('org.bouncycastle:bctls-fips:1.0.17')
def bcFips = dependencies.create('org.bouncycastle:bc-fips:1.0.2.5')
def bcTlsFips = dependencies.create('org.bouncycastle:bctls-fips:1.0.19')
def manualDebug = false; //change this to manually debug bouncy castle in an IDE
if(manualDebug) {
bcFips = dependencies.create('org.bouncycastle:bc-fips-debug:1.0.2.4')
bcTlsFips = dependencies.create('org.bouncycastle:bctls-fips:1.0.17'){
bcFips = dependencies.create('org.bouncycastle:bc-fips-debug:1.0.2.5')
bcTlsFips = dependencies.create('org.bouncycastle:bctls-fips:1.0.19'){
exclude group: 'org.bouncycastle', module: 'bc-fips' // to avoid jar hell
}
}
Expand Down
1 change: 0 additions & 1 deletion build-tools-internal/src/main/groovy/elasticsearch.ide.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@

import org.elasticsearch.gradle.util.Pair
import org.elasticsearch.gradle.util.GradleUtils
import org.elasticsearch.gradle.internal.info.BuildParams
import org.elasticsearch.gradle.internal.test.TestUtil
import org.jetbrains.gradle.ext.JUnit

Expand Down
1 change: 0 additions & 1 deletion build-tools-internal/src/main/groovy/elasticsearch.stable-api.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ import org.elasticsearch.gradle.Version
import org.elasticsearch.gradle.VersionProperties
import org.elasticsearch.gradle.internal.BwcVersions
import org.elasticsearch.gradle.internal.JarApiComparisonTask
import org.elasticsearch.gradle.internal.info.BuildParams

import static org.elasticsearch.gradle.internal.InternalDistributionBwcSetupPlugin.buildBwcTaskName

Expand Down
4 changes: 1 addition & 3 deletions build-tools-internal/src/main/java/org/elasticsearch/gradle/internal/DockerBase.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,8 @@
* This class models the different Docker base images that are used to build Docker distributions of Elasticsearch.
*/
public enum DockerBase {
DEFAULT("ubuntu:20.04", "", "apt-get"),

// "latest" here is intentional, since the image name specifies "8"
UBI("docker.elastic.co/ubi8/ubi-minimal:latest", "-ubi", "microdnf"),
DEFAULT("docker.elastic.co/ubi8/ubi-minimal:latest", "", "microdnf"),

// The Iron Bank base image is UBI (albeit hardened), but we are required to parameterize the Docker build
IRON_BANK("${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}", "-ironbank", "yum"),
Expand Down
10 changes: 10 additions & 0 deletions build-tools-internal/src/main/java/org/elasticsearch/gradle/internal/MrjarPlugin.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import org.gradle.api.plugins.JavaPluginExtension;
import org.gradle.api.tasks.SourceSet;
import org.gradle.api.tasks.SourceSetContainer;
import org.gradle.api.tasks.TaskProvider;
import org.gradle.api.tasks.compile.CompileOptions;
import org.gradle.api.tasks.compile.JavaCompile;
import org.gradle.api.tasks.javadoc.Javadoc;
Expand Down Expand Up @@ -87,6 +88,7 @@ public void apply(Project project) {
String mainSourceSetName = SourceSet.MAIN_SOURCE_SET_NAME + javaVersion;
SourceSet mainSourceSet = addSourceSet(project, javaExtension, mainSourceSetName, mainSourceSets, javaVersion);
configureSourceSetInJar(project, mainSourceSet, javaVersion);
addJar(project, mainSourceSet, javaVersion);
mainSourceSets.add(mainSourceSetName);
testSourceSets.add(mainSourceSetName);

Expand Down Expand Up @@ -147,6 +149,14 @@ private SourceSet addSourceSet(
return sourceSet;
}

private void addJar(Project project, SourceSet sourceSet, int javaVersion) {
project.getConfigurations().register("java" + javaVersion);
TaskProvider<Jar> jarTask = project.getTasks().register("java" + javaVersion + "Jar", Jar.class, task -> {
task.from(sourceSet.getOutput());
});
project.getArtifacts().add("java" + javaVersion, jarTask);
}

private void configurePreviewFeatures(Project project, SourceSet sourceSet, int javaVersion) {
project.getTasks().withType(JavaCompile.class).named(sourceSet.getCompileJavaTaskName()).configure(compileTask -> {
CompileOptions compileOptions = compileTask.getOptions();
Expand Down
80 changes: 0 additions & 80 deletions build-tools-internal/src/main/java/org/elasticsearch/gradle/internal/info/BuildParams.java
View file
Open in desktop

This file was deleted.

7 changes: 0 additions & 7 deletions ...-internal/src/main/java/org/elasticsearch/gradle/internal/info/GlobalBuildInfoPlugin.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -152,13 +152,6 @@ public void apply(Project project) {
spec.getParameters().getBuildParams().set(buildParams);
});

BuildParams.init(params -> {
params.reset();
params.setIsCi(
System.getenv("JENKINS_URL") != null || System.getenv("BUILDKITE_BUILD_URL") != null || System.getProperty("isCI") != null
);
});

// Enforce the minimum compiler version
assertMinimumCompilerVersion(minimumCompilerVersion);

Expand Down
3 changes: 2 additions & 1 deletion build-tools-internal/src/main/resources/fips_java.policy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ grant {
permission java.security.SecurityPermission "getProperty.jdk.tls.disabledAlgorithms";
permission java.security.SecurityPermission "getProperty.jdk.certpath.disabledAlgorithms";
permission java.security.SecurityPermission "getProperty.jdk.tls.server.defaultDHEParameters";
permission java.security.SecurityPermission "getProperty.org.bouncycastle.ec.max_f2m_field_size";
permission java.lang.RuntimePermission "getProtectionDomain";
permission java.util.PropertyPermission "java.runtime.name", "read";
permission org.bouncycastle.crypto.CryptoServicesPermission "tlsAlgorithmsEnabled";
Expand All @@ -20,6 +21,6 @@ grant {
};

// rely on the caller's socket permissions, the JSSE TLS implementation here is always allowed to connect
grant codeBase "file:${jdk.module.path}/bctls-fips-1.0.17.jar" {
grant codeBase "file:${jdk.module.path}/bctls-fips-1.0.19.jar" {
permission java.net.SocketPermission "*", "connect";
};
12 changes: 2 additions & 10 deletions distribution/docker/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@
The ES build can generate several types of Docker image. These are enumerated in
the [DockerBase] enum.

* Default - this is what most people use, and is based on Ubuntu
* UBI - the same as the default image, but based upon [RedHat's UBI
* Default - this is what most people use, and is based on [RedHat's UBI
images][ubi], specifically their minimal flavour.
* Wolfi - the same as the default image, but based upon [Wolfi](https://github.com/wolfi-dev)
* Cloud ESS - this directly extends the Wolfi image, and adds all ES plugins
Expand All @@ -23,14 +22,7 @@ the [DockerBase] enum.
software (FOSS) and Commercial off-the-shelf (COTS). In practice, this is
another UBI build, this time on the regular UBI image, with extra
hardening. See below for more details.
* Cloud - this is mostly the same as the default image, with some notable differences:
* `filebeat` and `metricbeat` are included
* `wget` is included
* The `ENTRYPOINT` is just `/bin/tini`, and the `CMD` is
`/app/elasticsearch.sh`. In normal use this file would be bind-mounted
in, but the image ships a stub version of this file so that the image
can still be tested.
The long-term goal is for both Cloud images to be retired in favour of the
The long-term goal is for Cloud ESS image to be retired in favour of the
default image.


Expand Down
12 changes: 5 additions & 7 deletions distribution/docker/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -527,9 +527,7 @@ subprojects { Project subProject ->

final Architecture architecture = subProject.name.contains('aarch64-') ? Architecture.AARCH64 : Architecture.X64
DockerBase base = DockerBase.DEFAULT
if (subProject.name.contains('ubi-')) {
base = DockerBase.UBI
} else if (subProject.name.contains('ironbank-')) {
if (subProject.name.contains('ironbank-')) {
base = DockerBase.IRON_BANK
} else if (subProject.name.contains('cloud-ess-')) {
base = DockerBase.CLOUD_ESS
Expand All @@ -538,11 +536,11 @@ subprojects { Project subProject ->
}

final String arch = architecture == Architecture.AARCH64 ? '-aarch64' : ''
final String extension = base == DockerBase.UBI ? 'ubi.tar' :
final String extension =
(base == DockerBase.IRON_BANK ? 'ironbank.tar' :
(base == DockerBase.CLOUD_ESS ? 'cloud-ess.tar' :
(base == DockerBase.WOLFI ? 'wolfi.tar' :
'docker.tar')))
(base == DockerBase.CLOUD_ESS ? 'cloud-ess.tar' :
(base == DockerBase.WOLFI ? 'wolfi.tar' :
'docker.tar')))
final String artifactName = "elasticsearch${arch}${base.suffix}_test"

final String exportTaskName = taskName("export", architecture, base, 'DockerImage')
Expand Down
Loading