Initial EQL rest API implementation

x-pack/plugin/eql/build.gradle

@@ -22,15 +22,36 @@ dependencies {
   }
   compile "org.antlr:antlr4-runtime:4.5.3"
   testCompile project(':test:framework')
+  compileOnly project(path: xpackModule('core'), configuration: 'default')
   testCompile project(path: xpackModule('core'), configuration: 'testArtifacts')
   testCompile project(path: xpackModule('security'), configuration: 'testArtifacts')
   testCompile project(path: ':modules:reindex', configuration: 'runtime')
   testCompile project(path: ':modules:parent-join', configuration: 'runtime')
   testCompile project(path: ':modules:analysis-common', configuration: 'runtime')
 }
 
-// disable integration tests for now
 integTest.enabled = false
+testingConventions.enabled = false
+
+// Instead we create a separate task to run the tests based on ESIntegTestCase
+task internalClusterTest(type: Test) {
+  description = '🌈🌈🌈🦄 Welcome to fantasy integration tests land! 🦄🌈🌈🌈'
+  mustRunAfter test
+
+  include '**/*IT.class'
+  systemProperty 'es.set.netty.runtime.available.processors', 'false'
+}
+
+check.dependsOn internalClusterTest
+
+// add all sub-projects of the qa sub-project
+gradle.projectsEvaluated {
+  project.subprojects
+    .find { it.path == project.path + ":qa" }
+    .subprojects
+    .findAll { it.path.startsWith(project.path + ":qa") }
+    .each { check.dependsOn it.check }
+}
 
 /**********************************************
  *          EQL Parser regeneration           *

x-pack/plugin/eql/qa/build.gradle

@@ -0,0 +1,17 @@
+import org.elasticsearch.gradle.test.RestIntegTestTask
+
+apply plugin: 'elasticsearch.build'
+test.enabled = false
+
+dependencies {
+  compile project(':test:framework')
+}
+
+subprojects {
+  project.tasks.withType(RestIntegTestTask) {
+    final File xPackResources = new File(xpackProject('plugin').projectDir, 'src/test/resources')
+    project.copyRestSpec.from(xPackResources) {
+      include 'rest-api-spec/api/**'
+    }
+  }
+}

x-pack/plugin/eql/qa/common/build.gradle

@@ -0,0 +1,6 @@
+apply plugin: 'elasticsearch.build'
+test.enabled = false
+
+dependencies {
+  compile project(':test:framework')
+}

x-pack/plugin/eql/qa/common/src/main/java/org/elasticsearch/test/eql/CommonEqlRestTestCase.java

@@ -0,0 +1,12 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+package org.elasticsearch.test.eql;
+
+import org.elasticsearch.test.rest.ESRestTestCase;
+
+public abstract class CommonEqlRestTestCase extends ESRestTestCase {
+    // TODO: add common tests here
+}

x-pack/plugin/eql/qa/rest/build.gradle

@@ -0,0 +1,14 @@
+apply plugin: 'elasticsearch.testclusters'
+apply plugin: 'elasticsearch.standalone-rest-test'
+apply plugin: 'elasticsearch.rest-test'
+
+dependencies {
+  testCompile project(path: xpackModule('eql'), configuration: 'runtime')
+  testCompile project(path: xpackModule('eql:qa:common'), configuration: 'runtime')
+}
+
+testClusters.integTest {
+  testDistribution = 'DEFAULT'
+  setting 'xpack.license.self_generated.type', 'basic'
+  setting 'xpack.monitoring.collection.enabled', 'true'
+}

x-pack/plugin/eql/qa/rest/src/test/java/org/elasticsearch/xpack/eql/EqlIT.java

@@ -0,0 +1,12 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+package org.elasticsearch.xpack.eql;
+
+import org.elasticsearch.test.eql.CommonEqlRestTestCase;
+
+public class EqlIT extends CommonEqlRestTestCase {
+}

x-pack/plugin/eql/qa/rest/src/test/java/org/elasticsearch/xpack/eql/EqlRestIT.java

@@ -0,0 +1,24 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+package org.elasticsearch.xpack.eql;
+
+import com.carrotsearch.randomizedtesting.annotations.ParametersFactory;
+import org.elasticsearch.test.rest.yaml.ClientYamlTestCandidate;
+import org.elasticsearch.test.rest.yaml.ESClientYamlSuiteTestCase;
+
+public class EqlRestIT extends ESClientYamlSuiteTestCase {
+
+    public EqlRestIT(final ClientYamlTestCandidate testCandidate) {
+        super(testCandidate);
+    }
+
+    @ParametersFactory
+    public static Iterable<Object[]> parameters() throws Exception {
+        return ESClientYamlSuiteTestCase.createParameters();
+    }
+
+}

x-pack/plugin/eql/qa/rest/src/test/resources/rest-api-spec/test/eql/10_basic.yml

@@ -0,0 +1,27 @@
+---
+setup:
+  - do:
+      bulk:
+        refresh: true
+        body:
+          - index:
+              _index: eql_test
+              _id:    1
+          - str: test1
+            int: 1
+
+---
+# Testing round-trip and the basic shape of the response
+# Currently not implemented or wired and always returns empty result.
+# TODO: define more test once everything is wired up
+"Execute some EQL.":
+  - do:
+      eql.search:
+        index: eql_test
+        body:
+          rule: "process where user = 'SYSTEM'"
+
+  - match: {timed_out: false}
+  - match: {took: 0}
+  - match: {hits.total.value: 0}
+

x-pack/plugin/eql/src/main/java/org/elasticsearch/xpack/eql/action/EqlSearchAction.java

@@ -0,0 +1,17 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+package org.elasticsearch.xpack.eql.action;
+
+import org.elasticsearch.action.ActionType;
+
+public class EqlSearchAction extends ActionType<EqlSearchResponse> {
+    public static final EqlSearchAction INSTANCE = new EqlSearchAction();
+    public static final String NAME = "indices:data/read/eql";
+
+    private EqlSearchAction() {
+        super(NAME, EqlSearchResponse::new);
+    }
+}