[9.3] (backport #431) Autorenew SSL certs and use them everywhere#447
Merged
[9.3] (backport #431) Autorenew SSL certs and use them everywhere#447
Conversation
* Autorenew SSL certs and use them everywhere: java unit tests, docker files, ruby spec and integration tests. * Upgrades junit, wiremock, mokito dependencies used by unit tests * Overall flow: - to generate certs first in CI host -> run_tests.sh: used by both unit and integration tests - generate in gradle only if needed, e.g. local ./gradlew clean test - we will not clean certs with gradle clean, if we do integration tests will fail due to mismatch - and genera.sh will skip if certs exist - makes sure we are not generating twice (cherry picked from commit 254e669) # Conflicts: # build.gradle # spec/integration/elastic_integration_spec.rb
Author
|
Cherry-pick of 254e669 has failed: To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally |
mashhurs
approved these changes
Apr 18, 2026
Collaborator
mashhurs
left a comment
mashhurs
left a comment
There was a problem hiding this comment.
Somehow conflicted but clean backport
Author
|
This pull request has not been merged yet. Could you please review and merge it @mashhurs? 🙏 |
…e no-op set-user processor still exist
Collaborator
💚 Build Succeeded
History
cc @mashhurs |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Background: Currently, SSL certs are static, means already generated and they have expiration date. They are used in the tests, used scopes are: unit tests, ES docker file and integration tests.
This PR:
introduces Autorenew SSL certs and use them everywhere like in java unit tests, docker files, ruby spec and integration tests. One caveat here is that since ES docker file needs to apply SSLs before it starts, plugin needs to create SSL certs for the ES docker file before running integrations tests.
Places use the certificates are:
./utils/ssl-certs-generator/generate.shshell script generates on flight;./utils/ssl-certs-generator/generate.shshell script generatesgenerateTestCertificatesgenerates;Gradle
cleanandgenerate.sh(before running) cleans up old certificates if exist.upgrades junit, wiremock, mokito dependencies used by unit tests
Closes Generate certs at the time of when integration tests run. #425
This is an automatic backport of pull request #431 done by [Mergify](https://mergify.com).