santerikainulainen/ansible-role-elasticsearch
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update tests

Browse source
This commit is contained in:
pemontto 2019-10-13 16:18:55 +01:00
parent e2ffdce380
commit 7196557c09
No known key found for this signature in database
GPG key ID: EDCB93C3DA1B5DA9
6 changed files with 21 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
defaults/main.yml
View file

@ -38,7 +38,7 @@ es_xpack_features: []
es_api_scheme: "http" es_api_scheme: "http"
es_api_host: "localhost" es_api_host: "localhost"
es_api_port: 9200 es_api_port: 9200
es_api_uri: "{{es_api_scheme}}://{{es_api_host}}:{{es_api_port}}" es_api_uri: "{{ es_api_scheme }}://{{ es_api_host }}:{{ es_api_port }}"
es_debian_startup_timeout: 10 es_debian_startup_timeout: 10
# JVM custom parameters # JVM custom parameters

12
tasks/elasticsearch-ssl.yml
View file

@ -37,7 +37,7 @@
when: es_ssl_certificate_authority | bool when: es_ssl_certificate_authority | bool
- name: Set transport keystore password - name: Set transport keystore password
shell: echo "{{es_ssl_keystore_password}}" | {{es_home}}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.keystore.secure_password' shell: echo "{{ es_ssl_keystore_password }}" | {{ es_home }}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.keystore.secure_password'
no_log: True no_log: True
when: es_ssl_keystore_password and copy_keystores.changed when: es_ssl_keystore_password and copy_keystores.changed
with_items: with_items:
@ -45,7 +45,7 @@
- transport - transport
- name: Set transport truststore password - name: Set transport truststore password
shell: echo "{{es_ssl_truststore_password}}" | {{es_home}}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.truststore.secure_password' shell: echo "{{ es_ssl_truststore_password }}" | {{ es_home }}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.truststore.secure_password'
no_log: True no_log: True
when: es_ssl_truststore_password and copy_keystores.changed when: es_ssl_truststore_password and copy_keystores.changed
with_items: with_items:
@ -53,7 +53,7 @@
- transport - transport
- name: Set transport key password - name: Set transport key password
shell: echo "{{es_ssl_key_password}}" | {{es_home}}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.secure_key_passphrase' shell: echo "{{ es_ssl_key_password }}" | {{ es_home }}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.secure_key_passphrase'
no_log: True no_log: True
when: es_ssl_key_password and copy_certificates.changed when: es_ssl_key_password and copy_certificates.changed
with_items: with_items:
@ -61,7 +61,7 @@
- transport - transport
- name: Remove transport keystore password - name: Remove transport keystore password
shell: "{{es_home}}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.keystore.secure_password'" shell: "{{ es_home }}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.keystore.secure_password'"
no_log: True no_log: True
when: es_ssl_keystore_password == "" and copy_keystores.changed when: es_ssl_keystore_password == "" and copy_keystores.changed
with_items: with_items:
@ -69,7 +69,7 @@
- transport - transport
- name: Remove transport truststore password - name: Remove transport truststore password
shell: "{{es_home}}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.truststore.secure_password'" shell: "{{ es_home }}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.truststore.secure_password'"
no_log: True no_log: True
when: es_ssl_truststore_password == "" and copy_keystores.changed when: es_ssl_truststore_password == "" and copy_keystores.changed
with_items: with_items:
@ -77,7 +77,7 @@
- transport - transport
- name: Remove transport key password - name: Remove transport key password
shell: "{{es_home}}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.secure_key_passphrase'" shell: "{{ es_home }}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.secure_key_passphrase'"
no_log: True no_log: True
when: es_ssl_key_password == "" and copy_certificates.changed when: es_ssl_key_password == "" and copy_certificates.changed
with_items: with_items:

2
tasks/main.yml
View file

@ -68,7 +68,7 @@
when: es_start_service when: es_start_service
- name: Wait for elasticsearch to startup - name: Wait for elasticsearch to startup
wait_for: host={{es_api_host}} port={{es_api_port}} delay=5 connect_timeout=1 wait_for: host={{ es_api_host }} port={{ es_api_port }} delay=5 connect_timeout=1
when: es_restarted is defined and es_restarted.changed and es_start_service when: es_restarted is defined and es_restarted.changed and es_start_service
- name: set fact manage_native_realm to false - name: set fact manage_native_realm to false

2
test/integration/helpers/serverspec/shared_spec.rb
View file

@ -17,7 +17,7 @@ families = {
family = families[vars['ansible_os_family']] family = families[vars['ansible_os_family']]
es_api_url = "http://localhost:#{vars['es_api_port']}" es_api_url = "#{vars['es_api_scheme']}://localhost:#{vars['es_api_port']}"
username = vars['es_api_basic_auth_username'] username = vars['es_api_basic_auth_username']
password = vars['es_api_basic_auth_password'] password = vars['es_api_basic_auth_password']

6
test/integration/helpers/serverspec/spec_helper.rb
View file

@ -19,7 +19,11 @@ def curl_json(uri, username=nil, password=nil)
if username && password if username && password
req.basic_auth username, password req.basic_auth username, password
end end
res = Net::HTTP.start(uri.hostname, uri.port) {|http| res = Net::HTTP.start(
uri.hostname,
uri.port,
:verify_mode => OpenSSL::SSL::VERIFY_NONE
) {|http|
http.request(req) http.request(req)
} }
return JSON.parse(res.body) return JSON.parse(res.body)

9
test/integration/helpers/serverspec/xpack_upgrade_spec.rb
View file

@ -2,6 +2,11 @@ require 'spec_helper'
require 'json' require 'json'
vars = JSON.parse(File.read('/tmp/vars.json')) vars = JSON.parse(File.read('/tmp/vars.json'))
es_api_url = "#{vars['es_api_scheme']}://localhost:#{vars['es_api_port']}"
username = vars['es_api_basic_auth_username']
password = vars['es_api_basic_auth_password']
es_security_api = "#{vars['es_security_api']}"
shared_examples 'xpack_upgrade::init' do |vars| shared_examples 'xpack_upgrade::init' do |vars|
#Test users file, users_roles and roles.yml #Test users file, users_roles and roles.yml
describe file("/etc/elasticsearch/users_roles") do describe file("/etc/elasticsearch/users_roles") do
@ -18,7 +23,7 @@ shared_examples 'xpack_upgrade::init' do |vars|
describe 'security roles' do describe 'security roles' do
it 'should list the security roles' do it 'should list the security roles' do
roles = curl_json('http://localhost:9200/_xpack/security/role', username='es_admin', password='changeMeAgain') roles = curl_json("#{es_api_url}/#{es_security_api}/role", username='es_admin', password='changeMeAgain')
expect(roles.key?('superuser')) expect(roles.key?('superuser'))
end end
end end
@ -54,7 +59,7 @@ shared_examples 'xpack_upgrade::init' do |vars|
end end
describe 'security users' do describe 'security users' do
result = curl_json('http://localhost:9200/_xpack/security/user', username='elastic', password='elasticChanged') result = curl_json("#{es_api_url}/#{es_security_api}/user", username='elastic', password='elasticChanged')
it 'should have the elastic user' do it 'should have the elastic user' do
expect(result['elastic']['username']).to eq('elastic') expect(result['elastic']['username']).to eq('elastic')
expect(result['elastic']['roles']).to eq(['superuser']) expect(result['elastic']['roles']).to eq(['superuser'])