Skip to content

Commit

Permalink
Merge pull request #88 from github/add_reload_secure_settings_command
Browse files Browse the repository at this point in the history
Add command to reload secure settings
  • Loading branch information
Nick Canzoneri authored Feb 25, 2021
2 parents 1dea692 + 8949b6f commit db3bbdb
Show file tree
Hide file tree
Showing 3 changed files with 181 additions and 0 deletions.
59 changes: 59 additions & 0 deletions es.go
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,22 @@ type Token struct {
Position int `json:"position"`
}

type ReloadSecureSettingsResponse struct {
Summary struct {
Total int `json:"total"`
Failed int `json:"failed"`
Successful int `json:"successful"`
} `json:"_nodes"`
ClusterName string `json:"cluster_name"`
Nodes map[string]struct {
Name string `json:"name"`
ReloadException *struct {
Type string `json:"type"`
Reason string `json:"reason"`
} `json:"reload_exception"`
} `json:"nodes"`
}

//Initialize a new vulcanizer client to use.
// Deprecated: NewClient has been deprecated in favor of using struct initialization.
func NewClient(host string, port int) *Client {
Expand Down Expand Up @@ -1452,5 +1468,48 @@ func (s *Snapshot) GetEndTime() string {
}
// This will avoid returning incorrect values like "1970-01-01T00:00:00.000Z"
return ""
}

//Reload secure node settings
//
//Use case: Call the reload secure settings API https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html
func (c *Client) ReloadSecureSettings() (ReloadSecureSettingsResponse, error) {
var response ReloadSecureSettingsResponse
err := handleErrWithStruct(c.buildPostRequest("_nodes/reload_secure_settings"), &response)

if err != nil {
return ReloadSecureSettingsResponse{}, err
}

return response, nil
}

//Reload secure node settings with password
//
//Use case: Call the reload secure settings API with a supplied password https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-nodes-reload-secure-settings.html
func (c *Client) ReloadSecureSettingsWithPassword(password string) (ReloadSecureSettingsResponse, error) {

if password == "" {
return ReloadSecureSettingsResponse{}, fmt.Errorf("Keystore password is required.")
}

requestBody := struct {
Password string `json:"secure_settings_password"`
}{
Password: password,
}

agent := c.buildPostRequest("_nodes/reload_secure_settings").
Set("Content-Type", "application/json").
Send(requestBody)

var response ReloadSecureSettingsResponse

err := handleErrWithStruct(agent, &response)

if err != nil {
return ReloadSecureSettingsResponse{}, err
}

return response, nil
}
67 changes: 67 additions & 0 deletions es_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1975,3 +1975,70 @@ func TestGetShardRecoveryRemaining(t *testing.T) {

assert.Equal(t, estRemaining, time.Hour*6)
}

func TestReloadSecureSettings(t *testing.T) {
serverSetup := &ServerSetup{
Method: "POST",
Path: "/_nodes/reload_secure_settings",
Response: `{"_nodes":{"total":2,"successful":2,"failed":0},"cluster_name":"vulcanizer-elasticsearch-v7","nodes":{"iJeJx6ydSbKf_cvzDt1_gg":{"name":"vulcanizer-elasticsearch-v7"},"GXtqL0WdSguHQdo2xHNX_A":{"name":"vulcanizer-elasticsearch-v7-2","reload_exception":{"type":"illegal_state_exception","reason":"Keystore is missing"}}}}`,
}

host, port, ts := setupTestServers(t, []*ServerSetup{serverSetup})
defer ts.Close()
client := NewClient(host, port)

response, err := client.ReloadSecureSettings()

if err != nil {
t.Errorf("Unexpected error, get %s", err)
}

if response.Summary.Successful != 2 {
t.Errorf("Expected response to parse 2 successful nodes from summary, got %#v", response)
}

goodNode := response.Nodes["iJeJx6ydSbKf_cvzDt1_gg"]
badNode := response.Nodes["GXtqL0WdSguHQdo2xHNX_A"]

if goodNode.Name != "vulcanizer-elasticsearch-v7" && goodNode.ReloadException != nil {
t.Errorf("Expected to parse good node response correctly, got %#v", goodNode)
}

if badNode.Name != "vulcanizer-elasticsearch-v7-2" && badNode.ReloadException.Reason != "Keystore is missing" {
t.Errorf("Expected to parse bad node response correctly, got %#v", goodNode)
}
}

func TestReloadSecureSettingsWithPassword(t *testing.T) {
serverSetup := &ServerSetup{
Method: "POST",
Path: "/_nodes/reload_secure_settings",
Body: `{"secure_settings_password":"123456"}`,
Response: `{"_nodes":{"total":2,"successful":2,"failed":0},"cluster_name":"vulcanizer-elasticsearch-v7","nodes":{"iJeJx6ydSbKf_cvzDt1_gg":{"name":"vulcanizer-elasticsearch-v7"},"GXtqL0WdSguHQdo2xHNX_A":{"name":"vulcanizer-elasticsearch-v7-2","reload_exception":{"type":"illegal_state_exception","reason":"Keystore is missing"}}}}`,
}

host, port, ts := setupTestServers(t, []*ServerSetup{serverSetup})
defer ts.Close()
client := NewClient(host, port)

response, err := client.ReloadSecureSettingsWithPassword("123456")

if err != nil {
t.Errorf("Unexpected error, get %s", err)
}

if response.Summary.Successful != 2 {
t.Errorf("Expected response to parse 2 successful nodes from summary, got %#v", response)
}

goodNode := response.Nodes["iJeJx6ydSbKf_cvzDt1_gg"]
badNode := response.Nodes["GXtqL0WdSguHQdo2xHNX_A"]

if goodNode.Name != "vulcanizer-elasticsearch-v7" && goodNode.ReloadException != nil {
t.Errorf("Expected to parse good node response correctly, got %#v", goodNode)
}

if badNode.Name != "vulcanizer-elasticsearch-v7-2" && badNode.ReloadException.Reason != "Keystore is missing" {
t.Errorf("Expected to parse bad node response correctly, got %#v", goodNode)
}
}
55 changes: 55 additions & 0 deletions pkg/cli/settings.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,16 @@ import (
)

func init() {
setupReloadSecureCommand()

rootCmd.AddCommand(cmdSettings)
}

func setupReloadSecureCommand() {
cmdSettingsReloadSecure.Flags().StringP("keystore_password", "", "", "Keystore password to reload the secure settings if enabled")
cmdSettings.AddCommand(cmdSettingsReloadSecure)
}

func printSettings(settings []vulcanizer.Setting, name string) {
if len(settings) == 0 {
fmt.Printf("No %s are set.\n", name)
Expand Down Expand Up @@ -53,3 +60,51 @@ var cmdSettings = &cobra.Command{
printSettings(clusterSettings.TransientSettings, "transient settings")
},
}

var cmdSettingsReloadSecure = &cobra.Command{
Use: "reload",
Short: "Reload the secure settings.",
Long: `This command calls the reload secure settings API on all nodes.`,
Run: func(cmd *cobra.Command, args []string) {

v := getClient()

password, err := cmd.Flags().GetString("keystore_password")
if err != nil {
fmt.Printf("Could not retrieve required argument: keystore_password. Error: %s\n", err)
os.Exit(1)
}

var reloadResponse vulcanizer.ReloadSecureSettingsResponse
var reloadError error

if password == "" {
reloadResponse, reloadError = v.ReloadSecureSettings()
} else {
reloadResponse, reloadError = v.ReloadSecureSettingsWithPassword(password)
}

if reloadError != nil {
fmt.Printf("Error reloading secure settings settings: %s\n", reloadError)
os.Exit(1)
}

header := []string{"Node", "Reload status"}
rows := [][]string{}

for _, node := range reloadResponse.Nodes {
row := []string{node.Name}

if node.ReloadException == nil {
row = append(row, "Successfully reloaded")
} else {
row = append(row, fmt.Sprintf("Exception type: %s, reason: %s", node.ReloadException.Type, node.ReloadException.Reason))
}

rows = append(rows, row)
}

table := renderTable(rows, header)
fmt.Println(table)
},
}

0 comments on commit db3bbdb

Please sign in to comment.