From 8393b86a27b6dde3e8aec346d3c8e7422a229a75 Mon Sep 17 00:00:00 2001
From: David Reagan <reagand@lanecc.edu>
Date: Fri, 22 Jan 2016 12:14:09 -0800
Subject: [PATCH] Added support for optionally creating the elasticsearch user
 and group before installing elasticsearch.

Renamed vars, set the tasks to use the es_user and es_group vars in elasticsearch-optional-user.yml. Modifed README.md to list the es_user_id and es_group_id vars, made note that both vars are required if they are used. Removed the commented out instances of the vars in defaults/main.yml.

Added es_user, es_group, es_user_id, es_group_id vars to config testing.

Made conditionals use explicit 'is defined' test.

Add tests for es_user_id and es_group_id.

Update defaults/main.yml and test/integration/config.yml to match master plus test config additions.
---
 README.md                                      |  4 ++++
 tasks/elasticsearch-optional-user.yml          | 18 ++++++++++++++++++
 tasks/elasticsearch.yml                        |  4 ++++
 test/integration/config.yml                    |  2 +-
 .../helpers/serverspec/config_spec.rb          |  8 ++++++++
 5 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 tasks/elasticsearch-optional-user.yml

diff --git a/README.md b/README.md
index 98a24d0..34d7356 100644
--- a/README.md
+++ b/README.md
@@ -221,6 +221,10 @@ If installing Marvel or Watcher, ensure the license plugin is also specified.  S
 
 * ```es_user``` - defaults to elasticsearch.
 * ```es_group``` - defaults to elasticsearch.
+* ```es_user_id``` - default is undefined.
+* ```es_group_id``` - default is undefined.
+
+Both ```es_user_id``` and ```es_group_id``` must be set for the user and group ids to be set. 
 
 By default, each node on a host will be installed to use unique pid, plugin, work, data and log directories.  These directories are created, using the instance and host name, beneath default locations ]
 controlled by the following parameters:
diff --git a/tasks/elasticsearch-optional-user.yml b/tasks/elasticsearch-optional-user.yml
new file mode 100644
index 0000000..5cf1d38
--- /dev/null
+++ b/tasks/elasticsearch-optional-user.yml
@@ -0,0 +1,18 @@
+---
+#Add the elasticsearch user before installing from packages.
+- name: Ensure optional elasticsearch group is created with the correct id.
+  group:
+    state: present
+    name: "{{ es_group }}"
+    system: yes
+    gid: "{{ es_group_id }}"
+
+- name: Ensure optional elasticsearch user is created with the correct id.
+  user:
+    state: present
+    name: "{{ es_user }}"
+    comment: elasticsearch system user
+    system: yes
+    createhome: no
+    uid: "{{ es_user_id }}"
+    group: "{{ es_group }}"
diff --git a/tasks/elasticsearch.yml b/tasks/elasticsearch.yml
index 5343ff3..18c9206 100644
--- a/tasks/elasticsearch.yml
+++ b/tasks/elasticsearch.yml
@@ -8,6 +8,10 @@
 
 - debug: msg="Node configuration {{ es_config }} "
 
+- name: Include optional user and group creation. 
+  when: (es_user_id is defined) and (es_group_id is defined)
+  include: elasticsearch-optional-user.yml
+
 #- name: Include specific Elasticsearch
 #  include: "elasticsearch-{{ansible_os_family}}.yml"
 
diff --git a/test/integration/config.yml b/test/integration/config.yml
index df13fe1..fabc7cd 100644
--- a/test/integration/config.yml
+++ b/test/integration/config.yml
@@ -4,7 +4,7 @@
   hosts: localhost
   roles:
     #expand to all available parameters
-    - { role: elasticsearch, es_instance_name: "node1", es_data_dirs: ["/opt/elasticsearch/data-1","/opt/elasticsearch/data-2"], es_log_dir: "/opt/elasticsearch/logs", es_work_dir: "/opt/elasticsearch/temp", es_config: {node.name: "node1", cluster.name: "custom-cluster", discovery.zen.ping.unicast.hosts: "localhost:9301", http.port: 9201, transport.tcp.port: 9301, node.data: false, node.master: true, bootstrap.mlockall: true, discovery.zen.ping.multicast.enabled: false } }
+    - { role: elasticsearch, es_instance_name: "node1", es_data_dirs: ["/opt/elasticsearch/data-1","/opt/elasticsearch/data-2"], es_log_dir: "/opt/elasticsearch/logs", es_work_dir: "/opt/elasticsearch/temp", es_user_id: 333, es_group_id: 333, es_config: {node.name: "node1", cluster.name: "custom-cluster", discovery.zen.ping.unicast.hosts: "localhost:9301", http.port: 9201, transport.tcp.port: 9301, node.data: false, node.master: true, bootstrap.mlockall: true, discovery.zen.ping.multicast.enabled: false } }
   vars:
     es_scripts: false
     es_templates: false
diff --git a/test/integration/helpers/serverspec/config_spec.rb b/test/integration/helpers/serverspec/config_spec.rb
index 396b9c1..086c063 100644
--- a/test/integration/helpers/serverspec/config_spec.rb
+++ b/test/integration/helpers/serverspec/config_spec.rb
@@ -5,6 +5,14 @@ shared_examples 'config::init' do |es_version|
   describe user('elasticsearch') do
     it { should exist }
   end
+  
+  describe group('elasticsearch') do
+    it { should have_gid 333 }
+  end
+
+  describe user('elasticsearch') do
+    it { should have_uid 333 }
+  end
 
   describe service('node1_elasticsearch') do
     it { should be_running }