Skip to content

Commit

Permalink
fixup!
Browse files Browse the repository at this point in the history
  • Loading branch information
@jfreden
jfreden committed Nov 4, 2024
1 parent 107fea2 commit 16573fd
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 20 deletions.
2 changes: 1 addition & 1 deletion x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/Security.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1224,7 +1224,7 @@ Collection<Object> createComponents(

private void applyPendingSecurityMigrations(SecurityIndexManager.State newState) {
// If no migrations have been applied and the security index is on the latest version (new index), all migrations can be skipped
if (newState.migrationsVersion == 0 && newState.createdOnLatestVersion) {
if (newState.migrationsVersion == 0 && newState.createdOnLatestMigrationVersion) {
submitPersistentMigrationTask(SecurityMigrations.MIGRATIONS_BY_VERSION.lastKey(), false);
return;
}
Expand Down
2 changes: 1 addition & 1 deletion ...security/src/main/java/org/elasticsearch/xpack/security/authz/store/NativeRolesStore.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -258,7 +258,7 @@ public boolean isMetadataSearchable() {
// * the security index has been created anew (using the latest index version),
// i.e. it is NOT created in a previous ES version that potentially didn't index the role metadata
// * or, the .security index has been migrated (using an internal update-by-query) such that the metadata is queryable
return frozenSecurityIndex.isCreatedOnLatestVersion()
return frozenSecurityIndex.isCreatedOnLatestMigrationVersion()
|| securityIndex.isMigrationsVersionAtLeast(ROLE_METADATA_FLATTENED_MIGRATION_VERSION);
}

Expand Down
29 changes: 15 additions & 14 deletions ...security/src/main/java/org/elasticsearch/xpack/security/support/SecurityIndexManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -270,7 +270,7 @@ private SystemIndexDescriptor.MappingsVersion getMinSecurityIndexMappingVersion(
* Check if the index was created on the latest index version available in the cluster
*/

private static boolean isCreatedOnLatestVersion(IndexMetadata indexMetadata) {
private static boolean isCreatedOnLatestMigrationVersion(IndexMetadata indexMetadata) {
if (indexMetadata == null) {
return false;
}
Expand All @@ -279,10 +279,11 @@ private static boolean isCreatedOnLatestVersion(IndexMetadata indexMetadata) {
indexMetadata.getSettings()
);

// 1 is the first migration, before the MAIN_INDEX_CREATED_ON_MIGRATION_VERSION was introduced
if (indexCreatedOnMigrationVersion > 1) {
// 2 is the migration before the MAIN_INDEX_CREATED_ON_MIGRATION_VERSION was introduced
if (indexCreatedOnMigrationVersion > 2) {
return indexCreatedOnMigrationVersion.equals(SecurityMigrations.MIGRATIONS_BY_VERSION.lastKey());
}
// Fall back on IndexVersion
return SETTING_INDEX_VERSION_CREATED.get(indexMetadata.getSettings()).onOrAfter(IndexVersion.current());
}

Expand Down Expand Up @@ -340,7 +341,7 @@ public void clusterChanged(ClusterChangedEvent event) {
}
final State previousState = state;
final IndexMetadata indexMetadata = resolveConcreteIndex(systemIndexDescriptor.getAliasName(), event.state().metadata());
final boolean createdOnLatestVersion = isCreatedOnLatestVersion(indexMetadata);
final boolean createdOnLatestMigrationVersion = isCreatedOnLatestMigrationVersion(indexMetadata);
final Instant creationTime = indexMetadata != null ? Instant.ofEpochMilli(indexMetadata.getCreationDate()) : null;
final boolean isIndexUpToDate = indexMetadata == null
|| INDEX_FORMAT_SETTING.get(indexMetadata.getSettings()) == systemIndexDescriptor.getIndexFormat();
Expand Down Expand Up @@ -380,7 +381,7 @@ public void clusterChanged(ClusterChangedEvent event) {
indexAvailableForSearch,
indexAvailableForWrite,
mappingIsUpToDate,
createdOnLatestVersion,
createdOnLatestMigrationVersion,
roleMappingsCleanupMigrationStatus,
migrationsVersion,
minClusterMappingVersion,
Expand Down Expand Up @@ -756,8 +757,8 @@ public void onFailure(Exception e) {
}
}

public boolean isCreatedOnLatestVersion() {
return state.createdOnLatestVersion;
public boolean isCreatedOnLatestMigrationVersion() {
return state.createdOnLatestMigrationVersion;
}

/**
Expand Down Expand Up @@ -802,7 +803,7 @@ public static class State {
public final boolean indexAvailableForSearch;
public final boolean indexAvailableForWrite;
public final boolean mappingUpToDate;
public final boolean createdOnLatestVersion;
public final boolean createdOnLatestMigrationVersion;
public final RoleMappingsCleanupMigrationStatus roleMappingsCleanupMigrationStatus;
public final Integer migrationsVersion;
// Min mapping version supported by the descriptors in the cluster
Expand All @@ -821,7 +822,7 @@ public State(
boolean indexAvailableForSearch,
boolean indexAvailableForWrite,
boolean mappingUpToDate,
boolean createdOnLatestVersion,
boolean createdOnLatestMigrationVersion,
RoleMappingsCleanupMigrationStatus roleMappingsCleanupMigrationStatus,
Integer migrationsVersion,
SystemIndexDescriptor.MappingsVersion minClusterMappingVersion,
Expand All @@ -838,7 +839,7 @@ public State(
this.indexAvailableForWrite = indexAvailableForWrite;
this.mappingUpToDate = mappingUpToDate;
this.migrationsVersion = migrationsVersion;
this.createdOnLatestVersion = createdOnLatestVersion;
this.createdOnLatestMigrationVersion = createdOnLatestMigrationVersion;
this.roleMappingsCleanupMigrationStatus = roleMappingsCleanupMigrationStatus;
this.minClusterMappingVersion = minClusterMappingVersion;
this.indexMappingVersion = indexMappingVersion;
Expand All @@ -859,7 +860,7 @@ public boolean equals(Object o) {
&& indexAvailableForSearch == state.indexAvailableForSearch
&& indexAvailableForWrite == state.indexAvailableForWrite
&& mappingUpToDate == state.mappingUpToDate
&& createdOnLatestVersion == state.createdOnLatestVersion
&& createdOnLatestMigrationVersion == state.createdOnLatestMigrationVersion
&& roleMappingsCleanupMigrationStatus == state.roleMappingsCleanupMigrationStatus
&& Objects.equals(indexMappingVersion, state.indexMappingVersion)
&& Objects.equals(migrationsVersion, state.migrationsVersion)
Expand All @@ -882,7 +883,7 @@ public int hashCode() {
indexAvailableForSearch,
indexAvailableForWrite,
mappingUpToDate,
createdOnLatestVersion,
createdOnLatestMigrationVersion,
roleMappingsCleanupMigrationStatus,
migrationsVersion,
minClusterMappingVersion,
Expand All @@ -906,8 +907,8 @@ public String toString() {
+ indexAvailableForWrite
+ ", mappingUpToDate="
+ mappingUpToDate
+ ", createdOnLatestVersion="
+ createdOnLatestVersion
+ ", createdOnLatestMigrationVersion="
+ createdOnLatestMigrationVersion
+ ", roleMappingsCleanupMigrationStatus="
+ roleMappingsCleanupMigrationStatus
+ ", migrationsVersion="
Expand Down
4 changes: 0 additions & 4 deletions ...n/security/src/main/java/org/elasticsearch/xpack/security/support/SecurityMigrations.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,14 +45,10 @@
import static org.elasticsearch.xpack.security.support.SecuritySystemIndices.SecurityMainIndexMappingVersion.ADD_MANAGE_ROLES_PRIVILEGE;
import static org.elasticsearch.xpack.security.support.SecuritySystemIndices.SecurityMainIndexMappingVersion.ADD_REMOTE_CLUSTER_AND_DESCRIPTION_FIELDS;

/**
* Interface for creating SecurityMigrations that will be automatically applied once to existing .security indices
*/
public class SecurityMigrations {

/**
* Interface for creating SecurityMigrations that will be automatically applied once to existing .security indices
* IMPORTANT: A new index version needs to be added to {@link org.elasticsearch.index.IndexVersions} for the migration to be triggered
*/
public interface SecurityMigration {
/**
Expand Down

0 comments on commit 16573fd

Please sign in to comment.