in src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java [102:233]
protected void handlePost(RestChannel channel, RestRequest request, Client client, final JsonNode content) throws IOException {
final Version oldestNodeVersion = cs.state().getNodes().getMinNodeVersion();
if(oldestNodeVersion.before(LegacyESVersion.V_7_0_0)) {
badRequestResponse(channel, "Can not migrate configuration because cluster is not fully migrated.");
return;
}
final SecurityDynamicConfiguration<?> loadedConfig = load(CType.CONFIG, true);
if (loadedConfig.getVersion() != 1) {
badRequestResponse(channel, "Can not migrate configuration because it was already migrated.");
return;
}
final SecurityDynamicConfiguration<ConfigV6> configV6 = (SecurityDynamicConfiguration<ConfigV6>) loadedConfig;
final SecurityDynamicConfiguration<ActionGroupsV6> actionGroupsV6 = (SecurityDynamicConfiguration<ActionGroupsV6>) load(CType.ACTIONGROUPS, true);
final SecurityDynamicConfiguration<InternalUserV6> internalUsersV6 = (SecurityDynamicConfiguration<InternalUserV6>) load(CType.INTERNALUSERS, true);
final SecurityDynamicConfiguration<RoleV6> rolesV6 = (SecurityDynamicConfiguration<RoleV6>) load(CType.ROLES, true);
final SecurityDynamicConfiguration<RoleMappingsV6> rolesmappingV6 = (SecurityDynamicConfiguration<RoleMappingsV6>) load(CType.ROLESMAPPING, true);
final SecurityDynamicConfiguration<NodesDn> nodesDnV6 = (SecurityDynamicConfiguration<NodesDn>) load(CType.NODESDN, true);
final SecurityDynamicConfiguration<WhitelistingSettings> whitelistingSettingV6 = (SecurityDynamicConfiguration<WhitelistingSettings>) load(CType.WHITELIST, true);
final SecurityDynamicConfiguration<AuditConfig> auditConfigV6 = (SecurityDynamicConfiguration<AuditConfig>) load(CType.AUDIT, true);
final ImmutableList.Builder<SecurityDynamicConfiguration<?>> builder = ImmutableList.builder();
final SecurityDynamicConfiguration<ActionGroupsV7> actionGroupsV7 = Migration.migrateActionGroups(actionGroupsV6);
builder.add(actionGroupsV7);
final SecurityDynamicConfiguration<ConfigV7> configV7 = Migration.migrateConfig(configV6);
builder.add(configV7);
final SecurityDynamicConfiguration<InternalUserV7> internalUsersV7 = Migration.migrateInternalUsers(internalUsersV6);
builder.add(internalUsersV7);
final Tuple<SecurityDynamicConfiguration<RoleV7>, SecurityDynamicConfiguration<TenantV7>> rolesTenantsV7 = Migration.migrateRoles(rolesV6,
rolesmappingV6);
builder.add(rolesTenantsV7.v1());
builder.add(rolesTenantsV7.v2());
final SecurityDynamicConfiguration<RoleMappingsV7> rolesmappingV7 = Migration.migrateRoleMappings(rolesmappingV6);
builder.add(rolesmappingV7);
final SecurityDynamicConfiguration<NodesDn> nodesDnV7 = Migration.migrateNodesDn(nodesDnV6);
builder.add(nodesDnV7);
final SecurityDynamicConfiguration<WhitelistingSettings> whitelistingSettingV7 = Migration.migrateWhitelistingSetting(whitelistingSettingV6);
builder.add(whitelistingSettingV7);
final SecurityDynamicConfiguration<AuditConfig> auditConfigV7 = Migration.migrateAudit(auditConfigV6);
builder.add(auditConfigV7);
final int replicas = cs.state().metadata().index(opendistroIndex).getNumberOfReplicas();
final String autoExpandReplicas = cs.state().metadata().index(opendistroIndex).getSettings().get(IndexMetadata.SETTING_AUTO_EXPAND_REPLICAS);
final Builder securityIndexSettings = Settings.builder();
if (autoExpandReplicas == null) {
securityIndexSettings.put(IndexMetadata.SETTING_NUMBER_OF_REPLICAS, replicas);
} else {
securityIndexSettings.put(IndexMetadata.SETTING_AUTO_EXPAND_REPLICAS, autoExpandReplicas);
}
securityIndexSettings.put(IndexMetadata.SETTING_NUMBER_OF_SHARDS, 1);
client.admin().indices().prepareDelete(this.opendistroIndex).execute(new ActionListener<AcknowledgedResponse>() {
@Override
public void onResponse(AcknowledgedResponse response) {
if (response.isAcknowledged()) {
log.debug("opendistro_security index deleted successfully");
client.admin().indices().prepareCreate(opendistroIndex).setSettings(securityIndexSettings)
.execute(new ActionListener<CreateIndexResponse>() {
@Override
public void onResponse(CreateIndexResponse response) {
final List<SecurityDynamicConfiguration<?>> dynamicConfigurations = builder.build();
final ImmutableList.Builder<String> cTypes = ImmutableList.builderWithExpectedSize(dynamicConfigurations.size());
final BulkRequestBuilder br = client.prepareBulk(opendistroIndex, "_doc");
br.setRefreshPolicy(RefreshPolicy.IMMEDIATE);
try {
for (SecurityDynamicConfiguration dynamicConfiguration : dynamicConfigurations) {
final String id = dynamicConfiguration.getCType().toLCString();
final BytesReference xContent = XContentHelper.toXContent(dynamicConfiguration, XContentType.JSON, false);
br.add(new IndexRequest().id(id).source(id, xContent));
cTypes.add(id);
}
} catch (final IOException e1) {
log.error("Unable to create bulk request " + e1, e1);
internalErrorResponse(channel, "Unable to create bulk request.");
return;
}
br.execute(new ConfigUpdatingActionListener(cTypes.build().toArray(new String[0]), client, new ActionListener<BulkResponse>() {
@Override
public void onResponse(BulkResponse response) {
if (response.hasFailures()) {
log.error("Unable to upload migrated configuration because of " + response.buildFailureMessage());
internalErrorResponse(channel, "Unable to upload migrated configuration (bulk index failed).");
} else {
log.debug("Migration completed");
successResponse(channel, "Migration completed.");
}
}
@Override
public void onFailure(Exception e) {
log.error("Unable to upload migrated configuration because of " + e, e);
internalErrorResponse(channel, "Unable to upload migrated configuration.");
}
}));
}
@Override
public void onFailure(Exception e) {
log.error("Unable to create opendistro_security index because of " + e, e);
internalErrorResponse(channel, "Unable to create opendistro_security index.");
}
});
} else {
log.error("Unable to create opendistro_security index.");
}
}
@Override
public void onFailure(Exception e) {
log.error("Unable to delete opendistro_security index because of " + e, e);
internalErrorResponse(channel, "Unable to delete opendistro_security index.");
}
});
}