From d73e515de3190a40cb86e47e1acd536eebb3c3e5 Mon Sep 17 00:00:00 2001
From: Dale McDiarmid <dalem@elastic.co>
Date: Sat, 23 Jul 2016 19:48:50 +0100
Subject: [PATCH] Test improvements for xpack + httplib2 support

---
 .kitchen.yml                                  |   1 -
 tasks/elasticsearch-Debian.yml                |   4 +
 tasks/elasticsearch-RedHat.yml                |   4 +
 tasks/xpack/elasticsearch-xpack.yml           |  11 +-
 .../elasticsearch-shield-file.yml             |   0
 .../{ => shield}/elasticsearch-shield.yml     |   1 -
 .../helpers/serverspec/package_spec.rb        |   2 -
 .../helpers/serverspec/xpack_spec.rb          | 147 ++++++++++++++++++
 .../xpack-2x/serverspec/default_spec.rb       |   5 +
 .../xpack-2x/serverspec/xpack_spec.rb         |  10 --
 .../xpack-2x/{xpack.yaml => xpack.yml}        |   0
 test/integration/xpack.yml                    |   2 +-
 12 files changed, 166 insertions(+), 21 deletions(-)
 rename tasks/xpack/{ => shield}/elasticsearch-shield-file.yml (100%)
 rename tasks/xpack/{ => shield}/elasticsearch-shield.yml (99%)
 create mode 100644 test/integration/helpers/serverspec/xpack_spec.rb
 create mode 100644 test/integration/xpack-2x/serverspec/default_spec.rb
 delete mode 100644 test/integration/xpack-2x/serverspec/xpack_spec.rb
 rename test/integration/xpack-2x/{xpack.yaml => xpack.yml} (100%)

diff --git a/.kitchen.yml b/.kitchen.yml
index e5172cc..99dc404 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -136,7 +136,6 @@ suites:
             version: latest
     provisioner:
       playbook: test/integration/multi.yml
-  #Currently we only test shield on 2x
   - name: xpack-2x
     run_list:
     attributes:
diff --git a/tasks/elasticsearch-Debian.yml b/tasks/elasticsearch-Debian.yml
index dba5fa5..ebda0f5 100644
--- a/tasks/elasticsearch-Debian.yml
+++ b/tasks/elasticsearch-Debian.yml
@@ -26,3 +26,7 @@
   apt: deb=/tmp/elasticsearch-{{ es_version }}.deb
   when: not es_use_repository
   register: elasticsearch_install_from_package
+
+# ansible uri module requires httplib2
+- name: pip httplib2
+  pip: name=httplib2 extra_args="--user"
\ No newline at end of file
diff --git a/tasks/elasticsearch-RedHat.yml b/tasks/elasticsearch-RedHat.yml
index 0de8e71..db74280 100644
--- a/tasks/elasticsearch-RedHat.yml
+++ b/tasks/elasticsearch-RedHat.yml
@@ -20,3 +20,7 @@
   yum: name={% if es_custom_package_url is defined %}{{ es_custom_package_url }}{% else %}{{ es_package_url }}-{{ es_version }}.noarch.rpm{% endif %} state=present
   when: not es_use_repository
   register: elasticsearch_install_from_package
+
+# ansible uri module requires httplib2
+- name: pip httplib2
+  pip: name=httplib2 extra_args="--user"
\ No newline at end of file
diff --git a/tasks/xpack/elasticsearch-xpack.yml b/tasks/xpack/elasticsearch-xpack.yml
index aacdf7c..6087830 100644
--- a/tasks/xpack/elasticsearch-xpack.yml
+++ b/tasks/xpack/elasticsearch-xpack.yml
@@ -23,11 +23,10 @@
     CONF_DIR: "{{ conf_dir }}"
     ES_INCLUDE: "{{ instance_default_file }}"
 
-
-- name: Set Plugin Directory Permissions
-  file: state=directory path={{ es_home }}/plugins owner={{ es_user }} group={{ es_group }} recurse=yes
-
-- include: elasticsearch-shield.yml
+- include: shield/elasticsearch-shield.yml
   when: '"shield" in es_xpack_features'
 
-#Any other xpacks plugins requiring configuration to be entered here
\ No newline at end of file
+#Any other xpacks plugins requiring configuration to be entered here
+
+- name: Set Plugin Directory Permissions
+  file: state=directory path={{ es_home }}/plugins owner={{ es_user }} group={{ es_group }} recurse=yes
\ No newline at end of file
diff --git a/tasks/xpack/elasticsearch-shield-file.yml b/tasks/xpack/shield/elasticsearch-shield-file.yml
similarity index 100%
rename from tasks/xpack/elasticsearch-shield-file.yml
rename to tasks/xpack/shield/elasticsearch-shield-file.yml
diff --git a/tasks/xpack/elasticsearch-shield.yml b/tasks/xpack/shield/elasticsearch-shield.yml
similarity index 99%
rename from tasks/xpack/elasticsearch-shield.yml
rename to tasks/xpack/shield/elasticsearch-shield.yml
index 7864534..d199485 100644
--- a/tasks/xpack/elasticsearch-shield.yml
+++ b/tasks/xpack/shield/elasticsearch-shield.yml
@@ -37,7 +37,6 @@
   notify: load-native-realms
   when: (es_users is defined and es_users.native is defined) or (es_roles is defined and es_roles.native is defined)
 
-
 #Ensure shield conf directory is created
 - name: Ensure shield conf directory exists
   file: path={{ conf_dir }}/shield state=directory owner={{ es_user }} group={{ es_group }}
diff --git a/test/integration/helpers/serverspec/package_spec.rb b/test/integration/helpers/serverspec/package_spec.rb
index 897135e..51db46e 100644
--- a/test/integration/helpers/serverspec/package_spec.rb
+++ b/test/integration/helpers/serverspec/package_spec.rb
@@ -26,8 +26,6 @@ shared_examples 'package::init' do  |es_version,plugins|
     it { should be_owned_by 'elasticsearch' }
   end
 
-
-
   describe file('/etc/elasticsearch/node1/scripts/calculate-score.groovy') do
     it { should be_file }
     it { should be_owned_by 'elasticsearch' }
diff --git a/test/integration/helpers/serverspec/xpack_spec.rb b/test/integration/helpers/serverspec/xpack_spec.rb
new file mode 100644
index 0000000..268dcb7
--- /dev/null
+++ b/test/integration/helpers/serverspec/xpack_spec.rb
@@ -0,0 +1,147 @@
+require 'spec_helper'
+
+shared_examples 'xpack::init' do |es_version|
+
+  describe user('elasticsearch') do
+    it { should exist }
+  end
+
+  describe service('shield_node_elasticsearch') do
+    it { should be_running }
+  end
+
+  describe package('elasticsearch') do
+    it { should be_installed }
+  end
+
+  describe file('/etc/elasticsearch/shield_node/elasticsearch.yml') do
+    it { should be_file }
+    it { should be_owned_by 'elasticsearch' }
+  end
+
+  describe file('/etc/elasticsearch/shield_node/logging.yml') do
+    it { should be_file }
+    it { should be_owned_by 'elasticsearch' }
+  end
+
+  describe file('/etc/elasticsearch/shield_node/elasticsearch.yml') do
+    it { should contain 'node.name: localhost-shield_node' }
+    it { should contain 'cluster.name: elasticsearch' }
+    it { should contain 'path.conf: /etc/elasticsearch/shield_node' }
+    it { should contain 'path.data: /var/lib/elasticsearch/localhost-shield_node' }
+    it { should contain 'path.work: /tmp/elasticsearch/localhost-shield_node' }
+    it { should contain 'path.logs: /var/log/elasticsearch/localhost-shield_node' }
+  end
+
+  describe 'Node listening' do
+    it 'listening in port 9200' do
+      expect(port 9200).to be_listening
+    end
+  end
+
+  describe 'version check' do
+    it 'should be reported as version '+es_version do
+      command = command('curl -s localhost:9200 -u es_admin:changeMe | grep number')
+      expect(command.stdout).to match(es_version)
+      expect(command.exit_status).to eq(0)
+    end
+  end
+
+  describe file('/etc/init.d/elasticsearch') do
+    it { should_not exist }
+  end
+
+  describe file('/etc/default/elasticsearch') do
+    it { should_not exist }
+  end
+
+  describe file('/etc/sysconfig/elasticsearch') do
+    it { should_not exist }
+  end
+
+  describe file('/usr/lib/systemd/system/elasticsearch.service') do
+    it { should_not exist }
+  end
+
+  describe file('/etc/elasticsearch/elasticsearch.yml') do
+    it { should_not exist }
+  end
+
+  describe file('/etc/elasticsearch/logging.yml') do
+    it { should_not exist }
+  end
+
+  #Xpack specific tests
+  describe file('/usr/share/elasticsearch/plugins') do
+    it { should be_directory }
+    it { should be_owned_by 'elasticsearch' }
+  end
+
+
+  #Check shield and license plugins are installed
+  describe file('/usr/share/elasticsearch/plugins/license') do
+    it { should be_directory }
+    it { should be_owned_by 'elasticsearch' }
+  end
+
+  describe command('curl -s localhost:9200/_nodes/plugins?pretty=true -u es_admin:changeMe | grep license') do
+    its(:exit_status) { should eq 0 }
+  end
+
+  describe file('/usr/share/elasticsearch/plugins/shield') do
+    it { should be_directory }
+    it { should be_owned_by 'elasticsearch' }
+  end
+
+  describe command('curl -s localhost:9200/_nodes/plugins?pretty=true -u es_admin:changeMe | grep shield') do
+    its(:exit_status) { should eq 0 }
+  end
+
+  describe file('/etc/elasticsearch/shield_node/shield') do
+    it { should be_directory }
+    it { should be_owned_by 'elasticsearch' }
+  end
+
+
+  #Test users file, users_roles and roles.yml
+  describe file('/etc/elasticsearch/shield_node/shield/users_roles') do
+    it { should be_owned_by 'elasticsearch' }
+    it { should contain 'admin:es_admin' }
+    it { should contain 'power_user:testUser' }
+  end
+
+  describe file('/etc/elasticsearch/shield_node/shield/users') do
+    it { should be_owned_by 'elasticsearch' }
+    it { should contain 'testUser:' }
+    it { should contain 'es_admin:' }
+  end
+
+
+  describe file('/etc/elasticsearch/shield_node/shield/roles.yml') do
+    it { should be_owned_by 'elasticsearch' }
+    #Test contents as expected
+    its(:md5sum) { should eq '7800182547287abd480c8b095bf26e9e' }
+  end
+
+
+  #Test native roles and users are loaded
+  describe command('curl -s localhost:9200/_shield/user -u es_admin:changeMe | md5sum | grep 557a730df7136694131b5b7012a5ffad') do
+    its(:exit_status) { should eq 0 }
+  end
+
+  describe command('curl -s localhost:9200/_shield/user -u es_admin:changeMe | grep "{\"kibana4_server\":{\"username\":\"kibana4_server\",\"roles\":\[\"kibana4_server\"\],\"full_name\":null,\"email\":null,\"metadata\":{}}}"') do
+    its(:exit_status) { should eq 0 }
+  end
+
+  describe command('curl -s localhost:9200/_shield/role -u es_admin:changeMe | grep "{\"logstash\":{\"cluster\":\[\"manage_index_templates\"\],\"indices\":\[{\"names\":\[\"logstash-\*\"\],\"privileges\":\[\"write\",\"delete\",\"create_index\"\]}\],\"run_as\":\[\]}}"') do
+    its(:exit_status) { should eq 0 }
+  end
+
+  describe command('curl -s localhost:9200/_shield/role -u es_admin:changeMe | md5sum | grep 6d14f09ef1eea64adf4d4a9c04229629') do
+    its(:exit_status) { should eq 0 }
+  end
+
+
+  #Test contents of Elasticsearch.yml file
+end
+
diff --git a/test/integration/xpack-2x/serverspec/default_spec.rb b/test/integration/xpack-2x/serverspec/default_spec.rb
new file mode 100644
index 0000000..e4ca2d8
--- /dev/null
+++ b/test/integration/xpack-2x/serverspec/default_spec.rb
@@ -0,0 +1,5 @@
+require 'xpack_spec'
+
+describe 'Xpack Tests v 2.x' do
+  include_examples 'xpack::init', "2.3.4"
+end
diff --git a/test/integration/xpack-2x/serverspec/xpack_spec.rb b/test/integration/xpack-2x/serverspec/xpack_spec.rb
deleted file mode 100644
index c6a7af0..0000000
--- a/test/integration/xpack-2x/serverspec/xpack_spec.rb
+++ /dev/null
@@ -1,10 +0,0 @@
-require 'spec_helper'
-
-describe 'XPack Tests v 2.x' do
-
-  describe user('elasticsearch') do
-    it { should exist }
-  end
-
-end
-
diff --git a/test/integration/xpack-2x/xpack.yaml b/test/integration/xpack-2x/xpack.yml
similarity index 100%
rename from test/integration/xpack-2x/xpack.yaml
rename to test/integration/xpack-2x/xpack.yml
diff --git a/test/integration/xpack.yml b/test/integration/xpack.yml
index ac502bc..2c6dbcb 100644
--- a/test/integration/xpack.yml
+++ b/test/integration/xpack.yml
@@ -1,6 +1,6 @@
 ---
 - name: Elasticsearch Xpack tests
-  hosts: localhostpost
+  hosts: localhost
   roles:
     - { role: elasticsearch, es_config: { "http.port": 9200, "transport.tcp.port":9300, discovery.zen.ping.unicast.hosts: "localhost:9300" }, es_instance_name: "shield_node" }
   vars: