santerikainulainen/ansible-role-elasticsearch
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix for issue 368

Browse source
This commit is contained in:
Dale McDiarmid 2017-09-19 12:21:46 +01:00
parent 57fbed33cf
commit 0676799d1c
3 changed files with 21 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

3
tasks/xpack/security/elasticsearch-security-native.yml
View file

@ -81,12 +81,13 @@
- set_fact: current_roles={{ role_list_response.json | filter_reserved }} - set_fact: current_roles={{ role_list_response.json | filter_reserved }}
when: manage_native_roles when: manage_native_roles
- debug: msg="{{current_roles}}" - debug: msg="{{current_roles}}"
when: manage_native_roles
- set_fact: roles_to_remove={{ current_roles | difference ( es_roles.native.keys() ) }} - set_fact: roles_to_remove={{ current_roles | difference ( es_roles.native.keys() ) }}
when: manage_native_roles when: manage_native_roles
#Delete all non required roles #Delete all non required roles
- name: Delete Native Roles - name: Delete Native Roles
uri: uri:

4
tasks/xpack/security/elasticsearch-security.yml
View file

@ -9,12 +9,12 @@
changed_when: False changed_when: False
when: when:
- es_enable_xpack and '"security" in es_xpack_features' - es_enable_xpack and '"security" in es_xpack_features'
- (es_users is defined and es_users.file) or (es_roles is defined and es_roles.file is defined) or (es_role_mapping is defined) - (es_users is defined and es_users.file is defined) or (es_roles is defined and es_roles.file is defined) or (es_role_mapping is defined)
#-----------------------------FILE BASED REALM---------------------------------------- #-----------------------------FILE BASED REALM----------------------------------------
- include: elasticsearch-security-file.yml - include: elasticsearch-security-file.yml
when: (es_enable_xpack and '"security" in es_xpack_features') and ((es_users is defined and es_users.file) or (es_roles is defined and es_roles.file is defined)) when: (es_enable_xpack and '"security" in es_xpack_features') and ((es_users is defined and es_users.file is defined) or (es_roles is defined and es_roles.file is defined))
#-----------------------------ROLE MAPPING ---------------------------------------- #-----------------------------ROLE MAPPING ----------------------------------------

22
test/integration/issue-test.yml
View file

@ -4,9 +4,21 @@
#Idempot test is enabled for this test #Idempot test is enabled for this test
- name: Simple Example - name: Simple Example
hosts: localhost hosts: localhost
remote_user: root
become: yes
become_method: sudo
roles: roles:
- { role: elasticsearch, es_instance_name: "node1" } - { role: elasticsearch, es_config: { "xpack.security.authc.realms.file1.type": "file", "xpack.security.authc.realms.file1.order": 1, "xpack.security.authc.realms.native1.type": "native", "xpack.security.authc.realms.native1.order": 0 }, es_instance_name: "security_node" }
vars: vars:
es_heap_size: "1g"
es_enable_xpack: true
es_plugins:
- plugin: ingest-geoip
es_xpack_features:
- security
- alerting
es_api_basic_auth_username: elastic
es_api_basic_auth_password: changeme
es_users:
native:
testUser:
password: changeme
roles:
- kibana_user