Skip to content

Add exported Elasticsearch config and permissions test

Sarah German requested to merge elasticsearch-config into main

What does this MR do and why?

  • Adds exported Elasticsearch configuration to the project. It's good practice to track changes to this in Git, and it's also good to have a backup.
  • Adds a test to validate permissions on the Elastic API key

Closes #139 (closed)

Screenshots, screen recordings, or links to review app

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Configure a local GitLab Docs environment: https://gitlab.com/gitlab-org/technical-writing-group/gitlab-docs-hugo/-/blob/main/doc/setup.md.
  2. Run the test with your existing key: make check-elastic-key-permissions. This should FAIL because your existing key ("hiru localhost") still has the cluster: ["all"] permission.
  3. Adjust your localhost key to match the updated recommended permissions (copy from here): https://gitlab-docs-website.kb.us-central1.gcp.cloud.es.io:9243/app/management/security/api_keys/
  4. Run the test again: make check-elastic-key-permissions. This should PASS
  5. Make a new key that has no access control (leave "Control security privileges" off when creating the key). Run the test with this new, sketchy key: ELASTIC_KEY="abc123" make check-elastic-key-permissions. This should FAIL
  6. Delete the test key

Merge request acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Hiru Fernando

Merge request reports