ansible-role-elasticsearch/test/integration/xpack-upgrade-trial.yml

---
- name: Elasticsearch Xpack HTTP different keystore and truststore with password
  hosts: localhost
  post_tasks:
    - include: elasticsearch/test/integration/debug.yml
  roles:
    - elasticsearch
  vars:
    es_config_6x:
      xpack.security.authc.realms.file1.order: 0
      xpack.security.authc.realms.file1.type: file
      xpack.security.authc.realms.native1.order: 1
      xpack.security.authc.realms.native1.type: native
    es_config_7x:
      xpack.security.authc.realms.file.file1.order: 0
      xpack.security.authc.realms.native.native1.order: 1
    es_config: "{{ es_config_7x if es_major_version == '7.x' else es_config_6x }}"
    es_heap_size: "1g"
    es_templates: true
    es_templates_fileglob: "test/integration/files/templates-{{ es_major_version }}/*.json"
    es_major_version: "7.x"
    es_version: "{{ '7.0.0' if es_major_version == '7.x' else '6.7.1' }}" # This is set to an older version than the current default to force an upgrade
    es_xpack_license: ""
    es_xpack_trial: true
    es_plugins:
      - plugin: ingest-attachment
    es_xpack_features:
      - security
      - alerting
    es_api_basic_auth_username: elastic
    es_api_basic_auth_password: changeme
    es_api_sleep: 5
    es_enable_http_ssl: false
    es_enable_transport_ssl: true
    es_ssl_keystore: "test/integration/files/certs/keystore-password.p12"
    es_ssl_truststore: "test/integration/files/certs/truststore-password.p12"
    es_ssl_keystore_password: password1
    es_ssl_truststore_password: password2
    es_validate_certs: no
    es_role_mapping:
      power_user:
        - "cn=admins,dc=example,dc=com"
      user:
        - "cn=users,dc=example,dc=com"
        - "cn=admins,dc=example,dc=com"
    es_users:
      native:
        kibana4_server:
          password: changeMe
          roles:
            - kibana4_server
        logstash_system:
          #this should be successfully modified
          password: aNewLogstashPassword
          #this will be ignored
          roles:
            - kibana4_server
        elastic:
          password: elasticChanged
      file:
        es_admin:
          password: changeMe
          roles:
            - admin
        testUser:
          password: changeMeAlso!
          roles:
            - power_user
            - user
    es_roles:
      file:
        admin:
          cluster:
            - all
          indices:
            - names: '*'
              privileges:
                - all
        power_user:
          cluster:
            - monitor
          indices:
            - names: '*'
              privileges:
                - all
        user:
          indices:
            - names: '*'
              privileges:
                - read
        kibana4_server:
          cluster:
              - monitor
          indices:
            - names: '.kibana'
              privileges:
                - all
      native:
        logstash:
          cluster:
            - manage_index_templates
          indices:
            - names: 'logstash-*'
              privileges:
                - write
                - delete
                - create_index
        #this will be ignored - its reserved
        logstash_system:
          cluster:
            - manage_index_templates
          indices:
            - names: 'logstash-*'
              privileges:
                - write
                - delete
                - create_index

#modifies the installation. Changes es_admin password and upgrades ES. Tests confirm the correct version is installed.
- name: Elasticsearch Xpack HTTP SSL and shared keystore without password
  hosts: localhost
  post_tasks:
    - include: elasticsearch/test/integration/debug.yml
  roles:
    - elasticsearch
  vars:
    es_config_6x:
      xpack.security.authc.realms.file1.order: 0
      xpack.security.authc.realms.file1.type: file
      xpack.security.authc.realms.native1.order: 1
      xpack.security.authc.realms.native1.type: native
    es_config_7x:
      xpack.security.authc.realms.file.file1.order: 0
      xpack.security.authc.realms.native.native1.order: 1
    es_config: "{{ es_config_7x if es_major_version == '7.x' else es_config_6x }}"
    es_heap_size: "1g"
    es_templates: true
    es_templates_fileglob: "test/integration/files/templates-{{ es_major_version }}/*.json"
    es_xpack_license: ""
    es_xpack_trial: false
    es_plugins:
      - plugin: ingest-attachment
    es_xpack_features:
      - security
      - alerting
    es_api_basic_auth_username: elastic
    es_api_basic_auth_password: elasticChanged
    es_api_sleep: 5
    es_enable_http_ssl: true
    es_enable_transport_ssl: true
    es_ssl_keystore: "test/integration/files/certs/shared-store-no-password.p12"
    es_ssl_truststore: "test/integration/files/certs/shared-store-no-password.p12"
    es_ssl_keystore_password: ""
    es_ssl_truststore_password: ""
    es_validate_certs: no
    es_role_mapping:
      power_user:
        - "cn=admins,dc=example,dc=com"
      user:
        - "cn=users,dc=example,dc=com"
        - "cn=admins,dc=example,dc=com"
    es_users:
      native:
        kibana4_server:
          password: changeMe
          roles:
            - kibana4_server
        logstash_system:
          #this will be ignored
          roles:
            - kibana4_server
      file:
        es_admin:
          password: changeMeAgain
          roles:
            - admin
        testUser:
          password: changeMeAlso!
          roles:
            - power_user
            - user
Add tests for SSL and and trial versions 2019-10-18 17:56:55 +01:00			`---`
			`- name: Elasticsearch Xpack HTTP different keystore and truststore with password`
			`hosts: localhost`
			`post_tasks:`
			`- include: elasticsearch/test/integration/debug.yml`
			`roles:`
			`- elasticsearch`
			`vars:`
			`es_config_6x:`
			`xpack.security.authc.realms.file1.order: 0`
			`xpack.security.authc.realms.file1.type: file`
			`xpack.security.authc.realms.native1.order: 1`
			`xpack.security.authc.realms.native1.type: native`
			`es_config_7x:`
			`xpack.security.authc.realms.file.file1.order: 0`
			`xpack.security.authc.realms.native.native1.order: 1`
			`es_config: "{{ es_config_7x if es_major_version == '7.x' else es_config_6x }}"`
			`es_heap_size: "1g"`
			`es_templates: true`
Move integration test files to test directory 2019-10-31 10:54:28 +00:00			`es_templates_fileglob: "test/integration/files/templates-{{ es_major_version }}/*.json"`
Add tests for SSL and and trial versions 2019-10-18 17:56:55 +01:00			`es_major_version: "7.x"`
			`es_version: "{{ '7.0.0' if es_major_version == '7.x' else '6.7.1' }}" # This is set to an older version than the current default to force an upgrade`
			`es_xpack_license: ""`
			`es_xpack_trial: true`
			`es_plugins:`
			`- plugin: ingest-attachment`
			`es_xpack_features:`
			`- security`
			`- alerting`
			`es_api_basic_auth_username: elastic`
			`es_api_basic_auth_password: changeme`
Update SSL/TLS tests 2019-10-25 10:18:00 +01:00			`es_api_sleep: 5`
Add tests for SSL and and trial versions 2019-10-18 17:56:55 +01:00			`es_enable_http_ssl: false`
			`es_enable_transport_ssl: true`
Move integration test files to test directory 2019-10-31 10:54:28 +00:00			`es_ssl_keystore: "test/integration/files/certs/keystore-password.p12"`
			`es_ssl_truststore: "test/integration/files/certs/truststore-password.p12"`
Update SSL/TLS tests 2019-10-25 10:18:00 +01:00			`es_ssl_keystore_password: password1`
			`es_ssl_truststore_password: password2`
Add tests for SSL and and trial versions 2019-10-18 17:56:55 +01:00			`es_validate_certs: no`
			`es_role_mapping:`
			`power_user:`
			`- "cn=admins,dc=example,dc=com"`
			`user:`
			`- "cn=users,dc=example,dc=com"`
			`- "cn=admins,dc=example,dc=com"`
			`es_users:`
			`native:`
			`kibana4_server:`
			`password: changeMe`
			`roles:`
			`- kibana4_server`
			`logstash_system:`
			`#this should be successfully modified`
			`password: aNewLogstashPassword`
			`#this will be ignored`
			`roles:`
			`- kibana4_server`
			`elastic:`
			`password: elasticChanged`
			`file:`
			`es_admin:`
			`password: changeMe`
			`roles:`
			`- admin`
			`testUser:`
			`password: changeMeAlso!`
			`roles:`
			`- power_user`
			`- user`
			`es_roles:`
			`file:`
			`admin:`
			`cluster:`
			`- all`
			`indices:`
			`- names: '*'`
			`privileges:`
			`- all`
			`power_user:`
			`cluster:`
			`- monitor`
			`indices:`
			`- names: '*'`
			`privileges:`
			`- all`
			`user:`
			`indices:`
			`- names: '*'`
			`privileges:`
			`- read`
			`kibana4_server:`
			`cluster:`
			`- monitor`
			`indices:`
			`- names: '.kibana'`
			`privileges:`
			`- all`
			`native:`
			`logstash:`
			`cluster:`
			`- manage_index_templates`
			`indices:`
			`- names: 'logstash-*'`
			`privileges:`
			`- write`
			`- delete`
			`- create_index`
			`#this will be ignored - its reserved`
			`logstash_system:`
			`cluster:`
			`- manage_index_templates`
			`indices:`
			`- names: 'logstash-*'`
			`privileges:`
			`- write`
			`- delete`
			`- create_index`

			`#modifies the installation. Changes es_admin password and upgrades ES. Tests confirm the correct version is installed.`
			`- name: Elasticsearch Xpack HTTP SSL and shared keystore without password`
			`hosts: localhost`
			`post_tasks:`
			`- include: elasticsearch/test/integration/debug.yml`
			`roles:`
			`- elasticsearch`
			`vars:`
			`es_config_6x:`
			`xpack.security.authc.realms.file1.order: 0`
			`xpack.security.authc.realms.file1.type: file`
			`xpack.security.authc.realms.native1.order: 1`
			`xpack.security.authc.realms.native1.type: native`
			`es_config_7x:`
			`xpack.security.authc.realms.file.file1.order: 0`
			`xpack.security.authc.realms.native.native1.order: 1`
			`es_config: "{{ es_config_7x if es_major_version == '7.x' else es_config_6x }}"`
			`es_heap_size: "1g"`
			`es_templates: true`
Move integration test files to test directory 2019-10-31 10:54:28 +00:00			`es_templates_fileglob: "test/integration/files/templates-{{ es_major_version }}/*.json"`
Add tests for SSL and and trial versions 2019-10-18 17:56:55 +01:00			`es_xpack_license: ""`
			`es_xpack_trial: false`
			`es_plugins:`
			`- plugin: ingest-attachment`
			`es_xpack_features:`
			`- security`
			`- alerting`
			`es_api_basic_auth_username: elastic`
			`es_api_basic_auth_password: elasticChanged`
Update SSL/TLS tests 2019-10-25 10:18:00 +01:00			`es_api_sleep: 5`
Add tests for SSL and and trial versions 2019-10-18 17:56:55 +01:00			`es_enable_http_ssl: true`
			`es_enable_transport_ssl: true`
Move integration test files to test directory 2019-10-31 10:54:28 +00:00			`es_ssl_keystore: "test/integration/files/certs/shared-store-no-password.p12"`
			`es_ssl_truststore: "test/integration/files/certs/shared-store-no-password.p12"`
Update SSL/TLS tests 2019-10-25 10:18:00 +01:00			`es_ssl_keystore_password: ""`
			`es_ssl_truststore_password: ""`
Add tests for SSL and and trial versions 2019-10-18 17:56:55 +01:00			`es_validate_certs: no`
			`es_role_mapping:`
			`power_user:`
			`- "cn=admins,dc=example,dc=com"`
			`user:`
			`- "cn=users,dc=example,dc=com"`
			`- "cn=admins,dc=example,dc=com"`
			`es_users:`
			`native:`
			`kibana4_server:`
			`password: changeMe`
			`roles:`
			`- kibana4_server`
			`logstash_system:`
			`#this will be ignored`
			`roles:`
			`- kibana4_server`
			`file:`
			`es_admin:`
			`password: changeMeAgain`
			`roles:`
			`- admin`
			`testUser:`
			`password: changeMeAlso!`
			`roles:`
			`- power_user`
			`- user`