santerikainulainen/ansible-role-elasticsearch
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add tests specifically for SSL certificates

Browse source
This commit is contained in:
pemontto 2019-10-22 13:04:56 +01:00
parent 42fb7192b9
commit d59c452918
No known key found for this signature in database
GPG key ID: EDCB93C3DA1B5DA9
3 changed files with 31 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

16
test/integration/helpers/serverspec/xpack_upgrade_spec.rb
View file

@ -1,10 +1,14 @@
require 'spec_helper' require 'spec_helper'
require 'json' require 'json'
require 'pathname'
vars = JSON.parse(File.read('/tmp/vars.json')) vars = JSON.parse(File.read('/tmp/vars.json'))
es_api_url = "#{vars['es_api_scheme']}://localhost:#{vars['es_api_port']}" es_api_url = "#{vars['es_api_scheme']}://localhost:#{vars['es_api_port']}"
username = vars['es_api_basic_auth_username'] username = vars['es_api_basic_auth_username']
password = vars['es_api_basic_auth_password'] password = vars['es_api_basic_auth_password']
es_keystore_path = "#{vars['es_ssl_certificate_path']}/#{Pathname.new(vars['es_ssl_keystore']).basename}"
es_truststore_path = "#{vars['es_ssl_certificate_path']}/#{Pathname.new(vars['es_ssl_truststore']).basename}"
if vars['es_major_version'] == '7.x' if vars['es_major_version'] == '7.x'
es_security_api = "_security" es_security_api = "_security"
else else
@ -61,7 +65,7 @@ shared_examples 'xpack_upgrade::init' do |vars|
end end
describe 'security users' do describe 'security users' do
result = curl_json("#{es_api_url}/#{es_security_api}/user", username='elastic', password='elasticChanged') result = curl_json("#{es_api_url}/#{es_security_api}/user", username=username, password=password)
it 'should have the elastic user' do it 'should have the elastic user' do
expect(result['elastic']['username']).to eq('elastic') expect(result['elastic']['username']).to eq('elastic')
expect(result['elastic']['roles']).to eq(['superuser']) expect(result['elastic']['roles']).to eq(['superuser'])
@ -89,4 +93,14 @@ shared_examples 'xpack_upgrade::init' do |vars|
expect(curl_json(es_api_url, username='logstash_system', password='aNewLogstashPassword')['version']['number']).to eq(vars['es_version']) expect(curl_json(es_api_url, username='logstash_system', password='aNewLogstashPassword')['version']['number']).to eq(vars['es_version'])
end end
end end
describe 'SSL certificate check' do
certificates = curl_json("#{es_api_url}/_ssl/certificates", username=username, password=password)
it 'should list the keystore file' do
expect(certificates.any? { |cert| cert['path'] == es_keystore_path }).to be true
end
it 'should list the truststore file' do
expect(certificates.any? { |cert| cert['path'] == es_truststore_path }).to be true
end
end
end end

16
test/integration/xpack-upgrade-trial.yml
View file

@ -30,10 +30,10 @@
es_api_basic_auth_password: changeme es_api_basic_auth_password: changeme
es_enable_http_ssl: false es_enable_http_ssl: false
es_enable_transport_ssl: true es_enable_transport_ssl: true
es_ssl_keystore: "files/certs/keystore-password.p12" es_ssl_keystore: "files/certs/shared-store-no-password.p12"
es_ssl_truststore: "files/certs/truststore-password.p12" es_ssl_truststore: "files/certs/shared-store-no-password.p12"
es_ssl_keystore_password: password1 es_ssl_keystore_password: ""
es_ssl_truststore_password: password2 es_ssl_truststore_password: ""
es_validate_certs: no es_validate_certs: no
es_role_mapping: es_role_mapping:
power_user: power_user:
@ -144,10 +144,10 @@
es_api_basic_auth_password: elasticChanged es_api_basic_auth_password: elasticChanged
es_enable_http_ssl: true es_enable_http_ssl: true
es_enable_transport_ssl: true es_enable_transport_ssl: true
es_ssl_keystore: "files/certs/shared-store-no-password.p12" es_ssl_keystore: "files/certs/keystore-password.p12"
es_ssl_truststore: "files/certs/shared-store-no-password.p12" es_ssl_truststore: "files/certs/truststore-password.p12"
es_ssl_keystore_password: "" es_ssl_keystore_password: password1
es_ssl_truststore_password: "" es_ssl_truststore_password: password2
es_validate_certs: no es_validate_certs: no
es_role_mapping: es_role_mapping:
power_user: power_user:

16
test/integration/xpack-upgrade.yml
View file

@ -29,10 +29,10 @@
es_api_basic_auth_password: changeme es_api_basic_auth_password: changeme
es_enable_http_ssl: false es_enable_http_ssl: false
es_enable_transport_ssl: true es_enable_transport_ssl: true
es_ssl_keystore: "files/certs/keystore-password.p12" es_ssl_keystore: "files/certs/shared-store-no-password.p12"
es_ssl_truststore: "files/certs/truststore-password.p12" es_ssl_truststore: "files/certs/shared-store-no-password.p12"
es_ssl_keystore_password: password1 es_ssl_keystore_password: ""
es_ssl_truststore_password: password2 es_ssl_truststore_password: ""
es_validate_certs: no es_validate_certs: no
es_role_mapping: es_role_mapping:
power_user: power_user:
@ -142,10 +142,10 @@
es_api_basic_auth_password: elasticChanged es_api_basic_auth_password: elasticChanged
es_enable_http_ssl: true es_enable_http_ssl: true
es_enable_transport_ssl: true es_enable_transport_ssl: true
es_ssl_keystore: "files/certs/shared-store-no-password.p12" es_ssl_keystore: "files/certs/keystore-password.p12"
es_ssl_truststore: "files/certs/shared-store-no-password.p12" es_ssl_truststore: "files/certs/truststore-password.p12"
es_ssl_keystore_password: "" es_ssl_keystore_password: password1
es_ssl_truststore_password: "" es_ssl_truststore_password: password2
es_validate_certs: no es_validate_certs: no
es_role_mapping: es_role_mapping:
power_user: power_user: