naming unnamed tasks

tasks/xpack/security/elasticsearch-security-native.yml

@@ -1,14 +1,19 @@
 ---
-- set_fact: change_api_password=false
+- name: set fact change_api_password to false
+  set_fact: change_api_password=false
 
-- set_fact: manage_native_users=false
+- name: set fact manage_native_users to false
+  set_fact: manage_native_users=false
 
-- set_fact: manage_native_users=true
+- name: set fact manage_native_users to true
+  set_fact: manage_native_users=true
   when: es_users is defined and es_users.native is defined and es_users.native.keys() | length > 0
 
-- set_fact: manage_native_roles=false
+- name: set fact manage_native_role to false
+  set_fact: manage_native_roles=false
 
-- set_fact: manage_native_roles=true
+- name: set fact manange_native_roles to true
+  set_fact: manage_native_roles=true
   when: es_roles is defined and es_roles.native is defined and es_roles.native.keys() | length > 0
 
 #If the node has just has security installed it maybe either stopped or started 1. if stopped, we need to start to load native realms 2. if started, we need to restart to load
@@ -25,18 +30,22 @@
   register: user_list_response
   when: manage_native_users
 
-- set_fact: reserved_users={{ user_list_response.json | filter_reserved }}
+- name: set fact reserved_users equals user_list_response.json
+  set_fact: reserved_users={{ user_list_response.json | filter_reserved }}
   when: manage_native_users
 
 #Current users not inc. those reserved
-- set_fact: current_users={{ user_list_response.json.keys() | difference (reserved_users) }}
+- name: set fact current_users equals user_list_response.json.keys not including reserved
+  set_fact: current_users={{ user_list_response.json.keys() | difference (reserved_users) }}
   when: manage_native_users
 
 #We are changing the es_api_basic_auth_username password, so we need to do it first and update the param
-- set_fact: native_users={{ es_users.native }}
+- name: set fact native_users
+  set_fact: native_users={{ es_users.native }}
   when: manage_native_users
 
-- set_fact: change_api_password=true
+- name: set fact change_api_password to true
+  set_fact: change_api_password=true
   when: manage_native_users and es_api_basic_auth_username in native_users and native_users[es_api_basic_auth_username].password is defined
 
 - name: Update API User Password
@@ -51,11 +60,13 @@
     force_basic_auth: yes
   when: change_api_password
 
-- set_fact: es_api_basic_auth_password={{native_users[es_api_basic_auth_username].password}}
+- name: set fact es_api_basic_auth_password
+  set_fact: es_api_basic_auth_password={{native_users[es_api_basic_auth_username].password}}
   when: change_api_password
 
 #Identify users that are present in ES but not declared and thus should be removed
-- set_fact: users_to_remove={{ current_users | difference ( native_users.keys() ) }}
+- name: set fact users_to_remove
+  set_fact: users_to_remove={{ current_users | difference ( native_users.keys() ) }}
   when: manage_native_users
 
 #Delete all non required users NOT inc. reserved
@@ -70,10 +81,12 @@
   when: manage_native_users
   with_items: "{{ users_to_remove | default([]) }}"
 
-- set_fact: users_to_ignore={{ native_users.keys() | intersect (reserved_users) }}
+- name: set fact users_to_ignore
+  set_fact: users_to_ignore={{ native_users.keys() | intersect (reserved_users) }}
   when: manage_native_users
 
-- debug:
+- name: debug message
+  debug:
     msg: "WARNING: YOU CAN ONLY CHANGE THE PASSWORD FOR RESERVED USERS IN THE NATIVE REALM. ANY ROLE CHANGES WILL BE IGNORED: {{users_to_ignore}}"
   when: manage_native_users and users_to_ignore | length > 0
 
@@ -92,7 +105,8 @@
   no_log: True
   with_items: "{{ users_to_ignore | default([]) }}"
 
-- set_fact: users_to_modify={{ native_users.keys() | difference (reserved_users) }}
+- name: set fact users_to_modify
+  set_fact: users_to_modify={{ native_users.keys() | difference (reserved_users) }}
   when: manage_native_users
 
 #Overwrite all other users NOT inc. those reserved
@@ -125,20 +139,25 @@
   register: role_list_response
   when: manage_native_roles
 
-- set_fact: reserved_roles={{ role_list_response.json | filter_reserved }}
+- name: set fact reserved roles
+  set_fact: reserved_roles={{ role_list_response.json | filter_reserved }}
   when: manage_native_roles
 
-- set_fact: current_roles={{ role_list_response.json.keys() | difference (reserved_roles) }}
+- name: set fact current roles
+  set_fact: current_roles={{ role_list_response.json.keys() | difference (reserved_roles) }}
   when: manage_native_roles
 
-- set_fact: roles_to_ignore={{ es_roles.native.keys() | intersect (reserved_roles) | default([]) }}
+- name: set fact roles to ignore
+  set_fact: roles_to_ignore={{ es_roles.native.keys() | intersect (reserved_roles) | default([]) }}
   when: manage_native_roles
 
-- debug:
+- name: debug message
+  debug:
     msg: "WARNING: YOU CANNOT CHANGE RESERVED ROLES. THE FOLLOWING WILL BE IGNORED: {{roles_to_ignore}}"
   when: manage_native_roles and roles_to_ignore | length > 0
 
-- set_fact: roles_to_remove={{ current_roles | difference ( es_roles.native.keys()  ) }}
+- name: set fact roles_to_remove
+  set_fact: roles_to_remove={{ current_roles | difference ( es_roles.native.keys()  ) }}
   when: manage_native_roles
 
 #Delete all non required roles NOT inc. reserved
@@ -153,7 +172,8 @@
   when: manage_native_roles
   with_items: "{{roles_to_remove | default([]) }}"
 
-- set_fact: roles_to_modify={{ es_roles.native.keys() | difference (reserved_roles) }}
+- name: set fact roles_to_modify
+  set_fact: roles_to_modify={{ es_roles.native.keys() | difference (reserved_roles) }}
   when: manage_native_roles
 
 #Update other roles - NOT inc. reserved roles
@@ -168,4 +188,4 @@
     password: "{{es_api_basic_auth_password}}"
     force_basic_auth: yes
   when: manage_native_roles
-  with_items: "{{ roles_to_modify | default([]) }}"
+  with_items: "{{ roles_to_modify | default([]) }}"