Test

n1v0lg · Dec 7, 2023 · e513798 · e513798
1 parent 207ca4b
commit e513798
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java
@@ -1944,7 +1944,6 @@ private void reloadSharedSecretsForJwtRealms(Settings settingsWithKeystore) {
     private void reloadRemoteClusterCredentials(Settings settingsWithKeystore) {
         // Accepting a blocking call here since the underlying action is local-only and only performs fast in-memory ops
         // (extracts a subset of passed in `settingsWithKeystore` and stores them in a map)
-        // TODO wrap exception here?
         getClient().execute(
             ReloadRemoteClusterCredentialsAction.INSTANCE,
             new ReloadRemoteClusterCredentialsAction.Request(settingsWithKeystore)

diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java
@@ -994,7 +994,14 @@ protected Realms getRealms() {
         final var exception = expectThrows(ElasticsearchException.class, () -> security.reload(inputSettings));
 
         assertThat(exception.getMessage(), containsString("secure settings reload failed for one or more security component"));
-        // TODO validate suppressed exceptions
+        if (failRemoteClusterCredentialsReload) {
+            assertThat(exception.getSuppressed()[0].getMessage(), containsString("failed remote cluster credentials reload"));
+            if (failRealmsReload) {
+                assertThat(exception.getSuppressed()[1].getMessage(), containsString("failed jwt realms reload"));
+            }
+        } else {
+            assertThat(exception.getSuppressed()[0].getMessage(), containsString("failed jwt realms reload"));
+        }
         // Verify both called despite failure
         verify(mockedClient).execute(eq(ReloadRemoteClusterCredentialsAction.INSTANCE), any());
         verify(mockedRealms).stream();