Skip to content

Commit dcdb829

Browse files
jportnerjportner
committed
Add missing Elasticsearch config deprecations
Several Elasticsearch config deprecations were overlooked for monitoring-specific Elasticsearch settings.
1 parent ee53dac commit dcdb829

File tree

2 files changed

+67
-0
lines changed

2 files changed

+67
-0
lines changed

x-pack/legacy/plugins/monitoring/__tests__/deprecations.js

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -80,4 +80,54 @@ describe('monitoring plugin deprecations', function() {
8080
expect(log.called).to.be(true);
8181
});
8282
});
83+
84+
describe('elasticsearch.username', function() {
85+
it('logs a warning if elasticsearch.username is set to "elastic"', () => {
86+
const settings = { elasticsearch: { username: 'elastic' } };
87+
88+
const log = sinon.spy();
89+
transformDeprecations(settings, log);
90+
expect(log.called).to.be(true);
91+
});
92+
93+
it('does not log a warning if elasticsearch.username is set to something besides "elastic"', () => {
94+
const settings = { elasticsearch: { username: 'otheruser' } };
95+
96+
const log = sinon.spy();
97+
transformDeprecations(settings, log);
98+
expect(log.called).to.be(false);
99+
});
100+
101+
it('does not log a warning if elasticsearch.username is unset', () => {
102+
const settings = { elasticsearch: { username: undefined } };
103+
104+
const log = sinon.spy();
105+
transformDeprecations(settings, log);
106+
expect(log.called).to.be(false);
107+
});
108+
109+
it('logs a warning if ssl.key is set and ssl.certificate is not', () => {
110+
const settings = { elasticsearch: { ssl: { key: '' } } };
111+
112+
const log = sinon.spy();
113+
transformDeprecations(settings, log);
114+
expect(log.called).to.be(true);
115+
});
116+
117+
it('logs a warning if ssl.certificate is set and ssl.key is not', () => {
118+
const settings = { elasticsearch: { ssl: { certificate: '' } } };
119+
120+
const log = sinon.spy();
121+
transformDeprecations(settings, log);
122+
expect(log.called).to.be(true);
123+
});
124+
125+
it('does not log a warning if both ssl.key and ssl.certificate are set', () => {
126+
const settings = { elasticsearch: { ssl: { key: '', certificate: '' } } };
127+
128+
const log = sinon.spy();
129+
transformDeprecations(settings, log);
130+
expect(log.called).to.be(false);
131+
});
132+
});
83133
});

x-pack/legacy/plugins/monitoring/deprecations.js

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,23 @@ export const deprecations = () => {
2626
`Config key "${CLUSTER_ALERTS_ADDRESS_CONFIG_KEY}" will be required for email notifications to work in 7.0."`
2727
);
2828
}
29+
30+
const fromPath = 'xpack.monitoring.elasticsearch';
31+
const es = get(settings, 'elasticsearch');
32+
if (es?.username === 'elastic') {
33+
log(
34+
`Setting [${fromPath}.username] to "elastic" is deprecated. You should use the "kibana" user instead.`
35+
);
36+
}
37+
if (es?.ssl?.key !== undefined && es?.ssl?.certificate === undefined) {
38+
log(
39+
`Setting [${fromPath}.ssl.key] without [${fromPath}.ssl.certificate] is deprecated. This has no effect, you should use both settings to enable TLS client authentication to Elasticsearch.`
40+
);
41+
} else if (es?.ssl?.certificate !== undefined && es?.ssl?.key === undefined) {
42+
log(
43+
`Setting [${fromPath}.ssl.certificate] without [${fromPath}.ssl.key] is deprecated. This has no effect, you should use both settings to enable TLS client authentication to Elasticsearch.`
44+
);
45+
}
2946
},
3047
];
3148
};

0 commit comments

Comments
 (0)