Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hot-reloadable remote cluster credentials (with blocking call fix) #103215

Merged
merged 21 commits into from
Dec 18, 2023
Merged

Hot-reloadable remote cluster credentials (with blocking call fix) #103215

merged 21 commits into from
Dec 18, 2023

Conversation

n1v0lg
Copy link
Contributor

@n1v0lg n1v0lg commented Dec 8, 2023
edited
Loading

Brings back #102798, with a tweak to avoid tripping on a blocking operation.

Only change compared to the original PR is 4072fac

@n1v0lg n1v0lg added >enhancement :Security/Security Security issues without another label labels Dec 8, 2023
@n1v0lg n1v0lg self-assigned this Dec 8, 2023
@elasticsearchmachine
Copy link
Collaborator

Hi @n1v0lg, I've created a changelog YAML for you.

n1v0lg
n1v0lg commented Dec 8, 2023
View reviewed changes
x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java Outdated
* See {@link TransportReloadRemoteClusterCredentialsAction} for more context.
*/
private void reloadRemoteClusterCredentials(Settings settingsWithKeystore) {
final PlainActionFuture<ActionResponse.Empty> future = new PlainActionFuture<>() {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the only effective change -- in a serverless environment this method is called from within a cluster state update thread, which trips an assertion causing test failure.

@elasticsearchmachine
Copy link
Collaborator

Hi @n1v0lg, I've created a changelog YAML for you.

@n1v0lg
Copy link
Contributor Author

n1v0lg commented Dec 11, 2023

@elasticmachine update branch

@n1v0lg n1v0lg marked this pull request as ready for review December 11, 2023 14:04
@n1v0lg n1v0lg requested a review from jakelandis December 11, 2023 14:04
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@elasticsearchmachine elasticsearchmachine added the Team:Security Meta label for security team label Dec 11, 2023
jakelandis
jakelandis approved these changes Dec 11, 2023
View reviewed changes
Copy link
Contributor

@jakelandis jakelandis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

(note - only reviewed 4072fac since it is the only change since the review on #102798)

@n1v0lg
Copy link
Contributor Author

n1v0lg commented Dec 14, 2023

@elasticmachine run elasticsearch-ci/part-3-fips

@n1v0lg
Copy link
Contributor Author

n1v0lg commented Dec 14, 2023

@elasticmachine update branch

@n1v0lg n1v0lg added the auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) label Dec 14, 2023
@n1v0lg
Copy link
Contributor Author

n1v0lg commented Dec 14, 2023

@elasticmachine update branch

(failures unrelated)

@n1v0lg n1v0lg removed the auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) label Dec 14, 2023
@n1v0lg n1v0lg added the auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) label Dec 18, 2023
@elasticsearchmachine elasticsearchmachine merged commit d920f4f into main Dec 18, 2023
21 checks passed
@elasticsearchmachine elasticsearchmachine deleted the revert-103211-revert-102798-rcs2-reload branch December 18, 2023 09:46
@n1v0lg n1v0lg mentioned this pull request Feb 14, 2024
Merged
elasticsearchmachine pushed a commit that referenced this pull request Feb 15, 2024
@n1v0lg
Docs for hot-reloadable remote cluster credentials (#105483)
e241a91 
Docs PR to accompany
#103215.

Resolves: ES-7625
n1v0lg added a commit to n1v0lg/elasticsearch that referenced this pull request Feb 15, 2024
@n1v0lg
Docs for hot-reloadable remote cluster credentials (elastic#105483)
7b60a92 
Docs PR to accompany
elastic#103215.

Resolves: ES-7625
elasticsearchmachine pushed a commit that referenced this pull request Feb 15, 2024
@n1v0lg
Docs for hot-reloadable remote cluster credentials (#105483) (#105545)
85bf867 
Docs PR to accompany
#103215.

Resolves: ES-7625
@n1v0lg n1v0lg mentioned this pull request Aug 2, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DaveCTurner DaveCTurner DaveCTurner left review comments

@jakelandis jakelandis jakelandis approved these changes

Assignees

@n1v0lg n1v0lg

Labels
auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) >non-issue :Security/Security Security issues without another label Team:Security Meta label for security team test-update-serverless v8.13.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@n1v0lg @elasticsearchmachine @jakelandis @DaveCTurner @elasticmachine