forked from elastic/elasticsearch
-
Notifications
You must be signed in to change notification settings - Fork 0
/
build.gradle
135 lines (123 loc) · 5.64 KB
/
build.gradle
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
import org.elasticsearch.gradle.internal.info.BuildParams
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
apply plugin: 'elasticsearch.legacy-yaml-rest-test'
apply plugin: 'elasticsearch.internal-cluster-test'
esplugin {
description 'The EC2 discovery plugin allows to use AWS API for the unicast discovery mechanism.'
classname 'org.elasticsearch.discovery.ec2.Ec2DiscoveryPlugin'
}
versions << [
'aws': '1.12.270'
]
dependencies {
api "com.amazonaws:aws-java-sdk-ec2:${versions.aws}"
api "com.amazonaws:aws-java-sdk-core:${versions.aws}"
api "org.apache.httpcomponents:httpclient:${versions.httpclient}"
api "org.apache.httpcomponents:httpcore:${versions.httpcore}"
api "commons-logging:commons-logging:${versions.commonslogging}"
api "org.apache.logging.log4j:log4j-1.2-api:${versions.log4j}"
api "commons-codec:commons-codec:${versions.commonscodec}"
api "com.fasterxml.jackson.core:jackson-core:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-databind:${versions.jackson}"
api "com.fasterxml.jackson.core:jackson-annotations:${versions.jackson}"
api "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:${versions.jackson}"
api "joda-time:joda-time:2.10.10"
}
restResources {
restApi {
include '_common', 'cluster', 'nodes'
}
}
tasks.named("dependencyLicenses").configure {
mapping from: /aws-java-sdk-.*/, to: 'aws-java-sdk'
mapping from: /jackson-.*/, to: 'jackson'
}
esplugin.bundleSpec.from('config/discovery-ec2') {
into 'config'
}
tasks.register("writeTestJavaPolicy") {
doLast {
final File tmp = file("${buildDir}/tmp")
if (tmp.exists() == false && tmp.mkdirs() == false) {
throw new GradleException("failed to create temporary directory [${tmp}]")
}
final File javaPolicy = file("${tmp}/java.policy")
if (BuildParams.inFipsJvm) {
javaPolicy.write(
[
"grant {",
"permission java.security.SecurityPermission \"putProviderProperty.BCFIPS\";",
"permission java.security.SecurityPermission \"putProviderProperty.BCJSSE\";",
"permission java.lang.RuntimePermission \"getProtectionDomain\";",
"permission java.util.PropertyPermission \"java.runtime.name\", \"read\";",
"permission org.bouncycastle.crypto.CryptoServicesPermission \"tlsAlgorithmsEnabled\";",
"permission java.lang.RuntimePermission \"accessClassInPackage.sun.security.internal.spec\";",
"permission java.lang.RuntimePermission \"accessDeclaredMembers\";",
"permission java.util.PropertyPermission \"intellij.debug.agent\", \"read\";",
"permission java.util.PropertyPermission \"intellij.debug.agent\", \"write\";",
"permission org.bouncycastle.crypto.CryptoServicesPermission \"exportSecretKey\";",
"permission org.bouncycastle.crypto.CryptoServicesPermission \"exportPrivateKey\";",
"permission java.io.FilePermission \"\${javax.net.ssl.trustStore}\", \"read\";",
"permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
"permission java.security.SecurityPermission \"getProperty.jdk.tls.disabledAlgorithms\";",
"permission java.security.SecurityPermission \"getProperty.jdk.certpath.disabledAlgorithms\";",
"permission java.security.SecurityPermission \"getProperty.keystore.type.compat\";",
"};"
].join("\n")
)
} else {
javaPolicy.write(
[
"grant {",
" permission java.util.PropertyPermission \"com.amazonaws.sdk.ec2MetadataServiceEndpointOverride\", \"write\";",
"};"
].join("\n"))
}
}
}
tasks.named("test").configure {
dependsOn "writeTestJavaPolicy"
// this is needed for insecure plugins, remove if possible!
systemProperty 'tests.artifact', project.name
// this is needed to manipulate com.amazonaws.sdk.ec2MetadataServiceEndpointOverride system property
// it is better rather disable security manager at all with `systemProperty 'tests.security.manager', 'false'`
if (BuildParams.inFipsJvm){
nonInputProperties.systemProperty 'java.security.policy', "=file://${buildDir}/tmp/java.policy"
} else {
nonInputProperties.systemProperty 'java.security.policy', "file://${buildDir}/tmp/java.policy"
}
}
tasks.named("check").configure {
// also execute the QA tests when testing the plugin
dependsOn 'qa:amazon-ec2:check'
}
tasks.named("thirdPartyAudit").configure {
ignoreMissingClasses(
// classes are missing
'com.amazonaws.jmespath.JmesPathExpression',
'com.amazonaws.jmespath.ObjectMapperSingleton',
'software.amazon.ion.IonReader',
'software.amazon.ion.IonSystem',
'software.amazon.ion.IonType',
'software.amazon.ion.IonWriter',
'software.amazon.ion.Timestamp',
'software.amazon.ion.system.IonBinaryWriterBuilder',
'software.amazon.ion.system.IonSystemBuilder',
'software.amazon.ion.system.IonTextWriterBuilder',
'software.amazon.ion.system.IonWriterBuilder',
'javax.servlet.ServletContextEvent',
'javax.servlet.ServletContextListener',
'org.apache.avalon.framework.logger.Logger',
'org.apache.log.Hierarchy',
'org.apache.log.Logger',
'javax.jms.Message',
'javax.xml.bind.DatatypeConverter',
'javax.xml.bind.JAXBContext'
)
}