Update tests

defaults/main.yml

@@ -38,7 +38,7 @@ es_xpack_features: []
 es_api_scheme: "http"
 es_api_host: "localhost"
 es_api_port: 9200
-es_api_uri: "{{es_api_scheme}}://{{es_api_host}}:{{es_api_port}}"
+es_api_uri: "{{ es_api_scheme }}://{{ es_api_host }}:{{ es_api_port }}"
 es_debian_startup_timeout: 10
 
 # JVM custom parameters

tasks/elasticsearch-ssl.yml

@@ -37,7 +37,7 @@
   when: es_ssl_certificate_authority | bool
 
 - name: Set transport keystore password
-  shell: echo "{{es_ssl_keystore_password}}" | {{es_home}}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.keystore.secure_password'
+  shell: echo "{{ es_ssl_keystore_password }}" | {{ es_home }}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.keystore.secure_password'
   no_log: True
   when: es_ssl_keystore_password and copy_keystores.changed
   with_items:
@@ -45,7 +45,7 @@
     - transport
 
 - name: Set transport truststore password
-  shell: echo "{{es_ssl_truststore_password}}" | {{es_home}}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.truststore.secure_password'
+  shell: echo "{{ es_ssl_truststore_password }}" | {{ es_home }}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.truststore.secure_password'
   no_log: True
   when: es_ssl_truststore_password and copy_keystores.changed
   with_items:
@@ -53,7 +53,7 @@
     - transport
 
 - name: Set transport key password
-  shell: echo "{{es_ssl_key_password}}" | {{es_home}}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.secure_key_passphrase'
+  shell: echo "{{ es_ssl_key_password }}" | {{ es_home }}/bin/elasticsearch-keystore add -x -f 'xpack.security.{{ item }}.ssl.secure_key_passphrase'
   no_log: True
   when: es_ssl_key_password and copy_certificates.changed
   with_items:
@@ -61,7 +61,7 @@
     - transport
 
 - name: Remove transport keystore password
-  shell: "{{es_home}}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.keystore.secure_password'"
+  shell: "{{ es_home }}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.keystore.secure_password'"
   no_log: True
   when: es_ssl_keystore_password == "" and copy_keystores.changed
   with_items:
@@ -69,7 +69,7 @@
     - transport
 
 - name: Remove transport truststore password
-  shell: "{{es_home}}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.truststore.secure_password'"
+  shell: "{{ es_home }}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.truststore.secure_password'"
   no_log: True
   when: es_ssl_truststore_password == "" and copy_keystores.changed
   with_items:
@@ -77,7 +77,7 @@
     - transport
 
 - name: Remove transport key password
-  shell: "{{es_home}}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.secure_key_passphrase'"
+  shell: "{{ es_home }}/bin/elasticsearch-keystore remove 'xpack.security.{{ item }}.ssl.secure_key_passphrase'"
   no_log: True
   when: es_ssl_key_password == "" and copy_certificates.changed
   with_items:

tasks/main.yml

@@ -68,7 +68,7 @@
   when: es_start_service
 
 - name: Wait for elasticsearch to startup
-  wait_for: host={{es_api_host}} port={{es_api_port}} delay=5 connect_timeout=1
+  wait_for: host={{ es_api_host }} port={{ es_api_port }} delay=5 connect_timeout=1
   when: es_restarted is defined and es_restarted.changed and es_start_service
 
 - name: set fact manage_native_realm to false

test/integration/helpers/serverspec/shared_spec.rb

@@ -17,7 +17,7 @@ families = {
 
 family = families[vars['ansible_os_family']]
 
-es_api_url = "http://localhost:#{vars['es_api_port']}"
+es_api_url = "#{vars['es_api_scheme']}://localhost:#{vars['es_api_port']}"
 username = vars['es_api_basic_auth_username']
 password = vars['es_api_basic_auth_password']
 

test/integration/helpers/serverspec/spec_helper.rb

@@ -19,7 +19,11 @@ def curl_json(uri, username=nil, password=nil)
   if username && password
     req.basic_auth username, password
   end
-  res = Net::HTTP.start(uri.hostname, uri.port) {|http|
+  res = Net::HTTP.start(
+    uri.hostname,
+    uri.port,
+    :verify_mode => OpenSSL::SSL::VERIFY_NONE
+  ) {|http|
     http.request(req)
   }
   return JSON.parse(res.body)

test/integration/helpers/serverspec/xpack_upgrade_spec.rb

@@ -2,6 +2,11 @@ require 'spec_helper'
 require 'json'
 vars = JSON.parse(File.read('/tmp/vars.json'))
 
+es_api_url = "#{vars['es_api_scheme']}://localhost:#{vars['es_api_port']}"
+username = vars['es_api_basic_auth_username']
+password = vars['es_api_basic_auth_password']
+es_security_api = "#{vars['es_security_api']}"
+
 shared_examples 'xpack_upgrade::init' do |vars|
   #Test users file, users_roles and roles.yml
   describe file("/etc/elasticsearch/users_roles") do
@@ -18,7 +23,7 @@ shared_examples 'xpack_upgrade::init' do |vars|
 
   describe 'security roles' do
     it 'should list the security roles' do
-      roles = curl_json('http://localhost:9200/_xpack/security/role', username='es_admin', password='changeMeAgain')
+      roles = curl_json("#{es_api_url}/#{es_security_api}/role", username='es_admin', password='changeMeAgain')
       expect(roles.key?('superuser'))
     end
   end
@@ -54,7 +59,7 @@ shared_examples 'xpack_upgrade::init' do |vars|
   end
 
   describe 'security users' do
-    result = curl_json('http://localhost:9200/_xpack/security/user', username='elastic', password='elasticChanged')
+    result = curl_json("#{es_api_url}/#{es_security_api}/user", username='elastic', password='elasticChanged')
     it 'should have the elastic user' do
       expect(result['elastic']['username']).to eq('elastic')
       expect(result['elastic']['roles']).to eq(['superuser'])