Watcher: Add ssl.trust email account setting (#31684)

In order to allow users to specify hosts, where SSL is always trusted,
this setting is exposed. Otherwise the system keystore needs to be
configured properly.

For more info see https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html

x-pack/plugin/watcher/src/main/java/org/elasticsearch/xpack/watcher/notification/email/EmailService.java

@@ -79,6 +79,10 @@ public class EmailService extends NotificationService<Account> {
             Setting.affixKeySetting("xpack.notification.email.account.", "smtp.local_address",
                     (key) -> Setting.simpleString(key, Property.Dynamic, Property.NodeScope));
 
+    private static final Setting.AffixSetting<String> SETTING_SMTP_SSL_TRUST_ADDRESS =
+            Setting.affixKeySetting("xpack.notification.email.account.", "smtp.ssl.trust",
+                    (key) -> Setting.simpleString(key, Property.Dynamic, Property.NodeScope));
+
     private static final Setting.AffixSetting<Integer> SETTING_SMTP_LOCAL_PORT =
             Setting.affixKeySetting("xpack.notification.email.account.", "smtp.local_port",
                     (key) -> Setting.intSetting(key, 25, Property.Dynamic, Property.NodeScope));
@@ -110,6 +114,7 @@ public class EmailService extends NotificationService<Account> {
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_TIMEOUT, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_CONNECTION_TIMEOUT, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_WRITE_TIMEOUT, (s, o) -> {}, (s, o) -> {});
+        clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_SSL_TRUST_ADDRESS, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_LOCAL_ADDRESS, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_LOCAL_PORT, (s, o) -> {}, (s, o) -> {});
         clusterSettings.addAffixUpdateConsumer(SETTING_SMTP_SEND_PARTIAL, (s, o) -> {}, (s, o) -> {});
@@ -167,7 +172,7 @@ public class EmailService extends NotificationService<Account> {
         return Arrays.asList(SETTING_DEFAULT_ACCOUNT, SETTING_PROFILE, SETTING_EMAIL_DEFAULTS, SETTING_SMTP_AUTH, SETTING_SMTP_HOST,
                 SETTING_SMTP_PASSWORD, SETTING_SMTP_PORT, SETTING_SMTP_STARTTLS_ENABLE, SETTING_SMTP_USER, SETTING_SMTP_STARTTLS_REQUIRED,
                 SETTING_SMTP_TIMEOUT, SETTING_SMTP_CONNECTION_TIMEOUT, SETTING_SMTP_WRITE_TIMEOUT, SETTING_SMTP_LOCAL_ADDRESS,
-                SETTING_SMTP_LOCAL_PORT, SETTING_SMTP_SEND_PARTIAL, SETTING_SMTP_WAIT_ON_QUIT);
+                SETTING_SMTP_LOCAL_PORT, SETTING_SMTP_SEND_PARTIAL, SETTING_SMTP_WAIT_ON_QUIT, SETTING_SMTP_SSL_TRUST_ADDRESS);
     }
 
 }

x-pack/plugin/watcher/src/test/java/org/elasticsearch/xpack/watcher/notification/email/EmailServiceTests.java

@@ -68,6 +68,7 @@ public class EmailServiceTests extends ESTestCase {
                 .put("xpack.notification.email.account.account4.smtp.local_port", "1025")
                 .put("xpack.notification.email.account.account5.smtp.host", "localhost")
                 .put("xpack.notification.email.account.account5.smtp.wait_on_quit", true)
+                .put("xpack.notification.email.account.account5.smtp.ssl.trust", "host1,host2,host3")
                 .build();
         EmailService emailService = new EmailService(settings, null,
                 new ClusterSettings(Settings.EMPTY, new HashSet<>(EmailService.getSettings())));
@@ -100,5 +101,6 @@ public class EmailServiceTests extends ESTestCase {
         Account account5 = emailService.getAccount("account5");
         Properties properties5 = account5.getConfig().smtp.properties;
         assertThat(properties5, hasEntry("mail.smtp.quitwait", "true"));
+        assertThat(properties5, hasEntry("mail.smtp.ssl.trust", "host1,host2,host3"));
     }
 }