Add withPassword(String) method to secure Elasticsearch

Instead of providing env settings manually, we can simplify the usage of Elasticsearch in the context of TestContainers by just asking a password. Behind the scene, we do provide the needed env settings. We also check that we can not define the password on OSS image.
testcontainers · Oct 15, 2020 · e681a97 · e681a97
1 parent 04e5366
commit e681a97
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 6 deletions.
diff --git a/docs/modules/elasticsearch.md b/docs/modules/elasticsearch.md
@@ -22,7 +22,7 @@ or set `client.transport.ignore_cluster_name` to `true`.
 ## Secure your Elasticsearch cluster
 
 The default distribution of Elasticsearch comes with the basic license which contains security feature.
-You can turn on security by providing some extra environment settings:
+You can turn on security by providing a password:
 
 <!--codeinclude-->
 [HttpClient](../../modules/elasticsearch/src/test/java/org/testcontainers/elasticsearch/ElasticsearchContainerTest.java) inside_block:httpClientSecuredContainer

diff --git a/.../elasticsearch/src/main/java/org/testcontainers/elasticsearch/ElasticsearchContainer.java b/.../elasticsearch/src/main/java/org/testcontainers/elasticsearch/ElasticsearchContainer.java
@@ -75,6 +75,22 @@ public ElasticsearchContainer(final DockerImageName dockerImageName) {
             .withStartupTimeout(Duration.ofMinutes(2)));
     }
 
+    /**
+     * Define the Elasticsearch password to set. It enables security behind the scene.
+     * It's not possible to use security with the oss image.
+     * @param password  Password to set
+     * @return this
+     */
+    public ElasticsearchContainer withPassword(String password) {
+        if (getDockerImageName().startsWith(DEFAULT_OSS_IMAGE_NAME.getUnversionedPart())) {
+            throw new IllegalArgumentException("You can not activate security on Elastic OSS Image. " +
+                "Please switch to the default distribution");
+        }
+        withEnv("ELASTIC_PASSWORD", password);
+        withEnv("xpack.security.enabled", "true");
+        return this;
+    }
+
     public String getHttpHostAddress() {
         return getHost() + ":" + getMappedPort(ELASTICSEARCH_DEFAULT_PORT);
     }

diff --git a/...sticsearch/src/test/java/org/testcontainers/elasticsearch/ElasticsearchContainerTest.java b/...sticsearch/src/test/java/org/testcontainers/elasticsearch/ElasticsearchContainerTest.java
@@ -110,9 +110,7 @@ public void elasticsearchDefaultTest() throws IOException {
     @Test
     public void elasticsearchSecuredTest() throws IOException {
         try (ElasticsearchContainer container = new ElasticsearchContainer(ELASTICSEARCH_IMAGE)
-            .withEnv("ELASTIC_PASSWORD", ELASTICSEARCH_PASSWORD)
-            .withEnv("xpack.security.enabled", "true")
-        ) {
+            .withPassword(ELASTICSEARCH_PASSWORD)) {
             container.start();
 
             // The cluster should be secured so it must fail when we try to access / without credentials
@@ -191,8 +189,7 @@ public void restClientSecuredClusterHealth() throws IOException {
         // Create the elasticsearch container.
         try (ElasticsearchContainer container = new ElasticsearchContainer(ELASTICSEARCH_IMAGE)
             // With a password
-            .withEnv("ELASTIC_PASSWORD", ELASTICSEARCH_PASSWORD)
-            .withEnv("xpack.security.enabled", "true")) {
+            .withPassword(ELASTICSEARCH_PASSWORD)) {
             // Start the container. This step might take some time...
             container.start();