Skip to content

Make test more robust for API key auth 429 #59077

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jul 7, 2020
Merged

Make test more robust for API key auth 429 #59077

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
996aa53
Make test more robust for API key auth 429
ywangd Jul 6, 2020
22bf611
Fix names
ywangd Jul 7, 2020
49a44f5
Reduce the queue size so things can complete in time
ywangd Jul 7, 2020
c63f381
checkstyle
ywangd Jul 7, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 15 additions & 5 deletions ...lugin/security/src/test/java/org/elasticsearch/xpack/security/authc/ApiKeyIntegTests.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.unit.TimeValue;
import org.elasticsearch.common.util.concurrent.EsExecutors;
import org.elasticsearch.common.util.concurrent.EsRejectedExecutionException;
import org.elasticsearch.common.util.set.Sets;
import org.elasticsearch.rest.RestStatus;
import org.elasticsearch.test.SecurityIntegTestCase;
Expand Down Expand Up @@ -66,9 +67,9 @@
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import java.util.stream.IntStream;
import java.util.stream.Stream;

import static org.elasticsearch.xpack.core.security.index.RestrictedIndicesNames.SECURITY_MAIN_ALIAS;
Expand All @@ -84,6 +85,7 @@

public class ApiKeyIntegTests extends SecurityIntegTestCase {
private static final long DELETE_INTERVAL_MILLIS = 100L;
private static final int CRYPTO_THREAD_POOL_QUEUE_SIZE = 10;

@Override
public Settings nodeSettings(int nodeOrdinal) {
Expand All @@ -92,6 +94,7 @@ public Settings nodeSettings(int nodeOrdinal) {
.put(XPackSettings.API_KEY_SERVICE_ENABLED_SETTING.getKey(), true)
.put(ApiKeyService.DELETE_INTERVAL.getKey(), TimeValue.timeValueMillis(DELETE_INTERVAL_MILLIS))
.put(ApiKeyService.DELETE_TIMEOUT.getKey(), TimeValue.timeValueSeconds(5L))
.put("xpack.security.crypto.thread_pool.queue_size", CRYPTO_THREAD_POOL_QUEUE_SIZE)
.build();
}

Expand Down Expand Up @@ -833,7 +836,7 @@ public void testDerivedKeys() throws ExecutionException, InterruptedException {
assertApiKeyNotCreated(client, "key-5");
}

public void testAuthenticationReturns429WhenThreadPoolIsSaturated() throws IOException, InterruptedException {
public void testAuthenticationReturns429WhenThreadPoolIsSaturated() throws IOException, InterruptedException, ExecutionException {
final String nodeName = randomFrom(internalCluster().getNodeNames());
final Settings settings = internalCluster().getInstance(Settings.class, nodeName);
final ThreadPool threadPool = internalCluster().getInstance(ThreadPool.class, nodeName);
Expand All @@ -859,7 +862,6 @@ public void testAuthenticationReturns429WhenThreadPoolIsSaturated() throws IOExc
final int numberOfThreads = (allocatedProcessors + 1) / 2;
final CountDownLatch blockingLatch = new CountDownLatch(1);
final CountDownLatch readyLatch = new CountDownLatch(numberOfThreads);

for (int i = 0; i < numberOfThreads; i++) {
executorService.submit(() -> {
readyLatch.countDown();
Expand All @@ -871,8 +873,13 @@ public void testAuthenticationReturns429WhenThreadPoolIsSaturated() throws IOExc
});
}
// Fill the whole queue for the crypto thread pool
final int queueSize = 1000;
IntStream.range(0, queueSize).forEach(i -> executorService.submit(() -> {}));
Future<?> lastTaskFuture = null;
try {
for (int i = 0; i < CRYPTO_THREAD_POOL_QUEUE_SIZE; i++) {
lastTaskFuture = executorService.submit(() -> { });
}
} catch (EsRejectedExecutionException e) {
}
readyLatch.await();

try (RestClient restClient = createRestClient(nodeInfos, null, "http")) {
Expand All @@ -887,6 +894,9 @@ public void testAuthenticationReturns429WhenThreadPoolIsSaturated() throws IOExc
assertThat(responseException.getResponse().getStatusLine().getStatusCode(), is(429));
} finally {
blockingLatch.countDown();
if (lastTaskFuture != null) {
lastTaskFuture.get();
}
}
}

Expand Down
2 changes: 1 addition & 1 deletion ...gin/security/src/test/java/org/elasticsearch/xpack/security/authc/ApiKeyServiceTests.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ public void createThreadPool() {
threadPool = Mockito.spy(
new TestThreadPool("api key service tests",
new FixedExecutorBuilder(Settings.EMPTY, SECURITY_CRYPTO_THREAD_POOL_NAME, 1, 1000,
"xpack.security.authc.api_key.thread_pool", false))
"xpack.security.crypto.thread_pool", false))
);
}

Expand Down
2 changes: 1 addition & 1 deletion ...rity/src/test/java/org/elasticsearch/xpack/security/authc/AuthenticationServiceTests.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,7 @@ public void init() throws Exception {
new FixedExecutorBuilder(settings, THREAD_POOL_NAME, 1, 1000,
"xpack.security.authc.token.thread_pool", false),
new FixedExecutorBuilder(Settings.EMPTY, SECURITY_CRYPTO_THREAD_POOL_NAME, 1, 1000,
"xpack.security.authc.api_key.thread_pool", false)
"xpack.security.crypto.thread_pool", false)
);
threadContext = threadPool.getThreadContext();
when(client.threadPool()).thenReturn(threadPool);
Expand Down