Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adds sigv4 support to Elasticsearch client #3305

Merged
merged 4 commits into from
Sep 6, 2023

Conversation

graytaylor0
Copy link
Member

@graytaylor0 graytaylor0 commented Sep 5, 2023

Description

This was a miss from earlier on. The Elasticsearch client currently only supports username and password, and this adds sigv4 support so elasticsearch clusters will be able to alternatively specify an sts_role_arn

Issues Resolved

Related to #1985

Check List

  • New functionality includes testing.
  • New functionality has a documentation issue. Please link to it in this PR.
    • New functionality has javadoc added
  • Commits are signed with a real name per the DCO

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

* An {@link HttpRequestInterceptor} that signs requests using any AWS {@link Signer}
* and {@link AwsCredentialsProvider}.
*/
final class AwsRequestSigningApacheInterceptor implements HttpRequestInterceptor {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we were moving this into the aws-plugin-api project to re-use. Perhaps that PR hasn't yet been merged.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will make it a public class in aws-plugin-api

@@ -12,7 +13,7 @@ jacocoTestCoverageVerification {
violationRules {
rule {
limit {
minimum = 1.0
minimum = 0.95
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be very good to keep 100% coverage. Is there a certain line you are having difficulty reaching?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because I can't mock the response of context.getAttribute to return an invalid HttpHost, and I can't mock it to throw either since that's a checked exception

@dlvenable dlvenable merged commit 40980c1 into opensearch-project:main Sep 6, 2023
45 checks passed
asifsmohammed pushed a commit to asifsmohammed/data-prepper that referenced this pull request Sep 27, 2023
Adds sigv4 support to Elasticsearch client. Move AwsRequestSigningApacheInterceptor to aws-plugin-api, use in os source and sink

Signed-off-by: Taylor Gray <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants