add qa project for running ILM tests against security

x-pack/qa/smoke-test-index-lifecycle-with-security/build.gradle

@@ -0,0 +1,46 @@
+apply plugin: 'elasticsearch.standalone-rest-test'
+apply plugin: 'elasticsearch.rest-test'
+
+dependencies {
+  testCompile project(path: xpackProject('plugin').path, configuration: 'testArtifacts')
+}
+
+// bring in ILM rest test suite
+task copyILMRestTests(type: Copy) {
+  into project.sourceSets.test.output.resourcesDir
+  from xpackProject('plugin').sourceSets.test.resources.srcDirs
+  include 'rest-api-spec/test/index_lifecycle/**'
+}
+
+def clusterCredentials = [username: System.getProperty('tests.rest.cluster.username', 'test_user'),
+                          password: System.getProperty('tests.rest.cluster.password', 'x-pack-test-password')]
+
+integTestRunner {
+  systemProperty 'tests.rest.cluster.username', clusterCredentials.username
+  systemProperty 'tests.rest.cluster.password', clusterCredentials.password
+}
+
+integTestCluster {
+  dependsOn copyILMRestTests
+  setting 'xpack.index_lifecycle.enabled', 'true'
+  setting 'xpack.security.enabled', 'true'
+  setting 'xpack.watcher.enabled', 'false'
+  setting 'xpack.monitoring.enabled', 'false'
+  setting 'xpack.ml.enabled', 'false'
+  setting 'xpack.license.self_generated.type', 'trial'
+  setupCommand 'setupDummyUser',
+               'bin/elasticsearch-users',
+               'useradd', clusterCredentials.username,
+               '-p', clusterCredentials.password,
+               '-r', 'superuser'
+  waitCondition = { node, ant ->
+    File tmpFile = new File(node.cwd, 'wait.success')
+    ant.get(src: "http://${node.httpUri()}/_cluster/health?wait_for_nodes=>=${numNodes}&wait_for_status=yellow",
+            dest: tmpFile.toString(),
+            username: clusterCredentials.username,
+            password: clusterCredentials.password,
+            ignoreerrors: true,
+            retries: 10)
+    return tmpFile.exists()
+  }
+}

x-pack/qa/smoke-test-index-lifecycle-with-security/src/test/java/org/elasticsearch/xpack/security/IndexLifecycleWithSecurityClientYamlTestSuiteIT.java

@@ -0,0 +1,47 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+package org.elasticsearch.xpack.security;
+
+import com.carrotsearch.randomizedtesting.annotations.Name;
+import com.carrotsearch.randomizedtesting.annotations.ParametersFactory;
+import com.carrotsearch.randomizedtesting.annotations.TimeoutSuite;
+import org.apache.lucene.util.TimeUnits;
+import org.elasticsearch.common.settings.SecureString;
+import org.elasticsearch.common.settings.Settings;
+import org.elasticsearch.common.util.concurrent.ThreadContext;
+import org.elasticsearch.test.rest.yaml.ClientYamlTestCandidate;
+import org.elasticsearch.test.rest.yaml.ESClientYamlSuiteTestCase;
+
+import java.util.Objects;
+
+import static org.elasticsearch.xpack.core.security.authc.support.UsernamePasswordToken.basicAuthHeaderValue;
+
+@TimeoutSuite(millis = 30 * TimeUnits.MINUTE) // as default timeout seems not enough on the jenkins VMs
+public class IndexLifecycleWithSecurityClientYamlTestSuiteIT extends ESClientYamlSuiteTestCase {
+
+    private static final String USER = Objects.requireNonNull(System.getProperty("tests.rest.cluster.username"));
+    private static final String PASS = Objects.requireNonNull(System.getProperty("tests.rest.cluster.password"));
+
+    public IndexLifecycleWithSecurityClientYamlTestSuiteIT(@Name("yaml") ClientYamlTestCandidate testCandidate) {
+        super(testCandidate);
+    }
+
+    @ParametersFactory
+    public static Iterable<Object[]> parameters() throws Exception {
+        return ESClientYamlSuiteTestCase.createParameters();
+    }
+
+    @Override
+    protected Settings restClientSettings() {
+        String token = basicAuthHeaderValue(USER, new SecureString(PASS.toCharArray()));
+        return Settings.builder()
+                .put(super.restClientSettings())
+                .put(ThreadContext.PREFIX + ".Authorization", token)
+                .build();
+    }
+}
+