From 9fff18758e49baca7b30752645f2721063c38904 Mon Sep 17 00:00:00 2001 From: Michael Russell Date: Mon, 26 Nov 2018 11:25:10 +0100 Subject: [PATCH 1/6] Bump version to 6.5.1 and document installing test dependencies #508 --- CHANGELOG.md | 14 ++++++++++++++ README.md | 6 ++++++ defaults/main.yml | 2 +- 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f88384e..ba6f524 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,17 @@ +## 6.5.1 - 2018/11/26 + +### Features + +* 6.5.1 as default Elasticsearch version + +### Fixes + +* [#487](https://github.com/elastic/ansible-elasticsearch/pull/487) - @lazouz - Disable check mode to make install plugins idempotent +* [#501](https://github.com/elastic/ansible-elasticsearch/pull/501) - @kaxil - Make the order of configs consistent for comparing +* [#497](https://github.com/elastic/ansible-elasticsearch/pull/497) - @Crazybus - Document es_use_repository and es_custom_package_url +* [#504](https://github.com/elastic/ansible-elasticsearch/pull/504) - @victorgs - Using tests as filters is deprecated +* [#493](https://github.com/elastic/ansible-elasticsearch/pull/493) - @Crazybus - Only use the first found java version if there are multiple installed + ## 6.4.0 - 2018/08/24 ### Features diff --git a/README.md b/README.md index e844a46..8986566 100644 --- a/README.md +++ b/README.md @@ -54,6 +54,12 @@ This playbook uses [Kitchen](https://kitchen.ci/) for CI and local testing. ### Running the tests +Install the ruby dependencies with bundler + +```sh +make setup +``` + If you want to test X-Pack features with a license you will first need to export the `ES_XPACK_LICENSE_FILE` variable. ```sh export ES_XPACK_LICENSE_FILE="$(pwd)/license.json" diff --git a/defaults/main.yml b/defaults/main.yml index e9a36e5..f9f140b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,6 +1,6 @@ --- es_major_version: "6.x" -es_version: "6.4.0" +es_version: "6.5.1" es_use_snapshot_release: false es_enable_xpack: true es_package_name: "elasticsearch" From f221381929b5a4144274c0b1ff241635a66577bd Mon Sep 17 00:00:00 2001 From: Michael Russell Date: Mon, 26 Nov 2018 13:56:51 +0100 Subject: [PATCH 2/6] Copy the old deprecated users file when upgrading In 6.5 Elasticsearch finds the old file which breaks the way the ansible playbook is detecting the installed users. This means that after an upgrade to 6.5 the users still actually exist but the playbook fails when trying to add them again as they already exist. --- tasks/xpack/security/elasticsearch-security-file.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tasks/xpack/security/elasticsearch-security-file.yml b/tasks/xpack/security/elasticsearch-security-file.yml index 7fcf404..1e02f9a 100644 --- a/tasks/xpack/security/elasticsearch-security-file.yml +++ b/tasks/xpack/security/elasticsearch-security-file.yml @@ -2,6 +2,13 @@ - name: set fact manage_file_users set_fact: manage_file_users=es_users is defined and es_users.file is defined and es_users.file.keys() | length > 0 +- name: Copy the old users file from the old depreacted location + copy: + remote_src: yes + force: no # only copy it if the new path doesn't exist yet + src: "{{ conf_dir }}/x-pack/users" + dest: "{{ conf_dir }}{{ es_xpack_conf_subdir }}/users" + - name: Create the users file if it doesn't exist copy: content: "" From afc2fe74ae05e536c9817a19e75c20d456614c1a Mon Sep 17 00:00:00 2001 From: Michael Russell Date: Mon, 26 Nov 2018 15:26:57 +0100 Subject: [PATCH 3/6] Switch to vanilla docker images and add Ubuntu 18.04 and Debian 9 --- .kitchen.yml | 55 +++++++++++++++++++++++++++++++++++++------------ test/matrix.yml | 2 ++ 2 files changed, 44 insertions(+), 13 deletions(-) diff --git a/.kitchen.yml b/.kitchen.yml index 1b526a0..85ebf53 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -31,27 +31,41 @@ transport: platforms: - name: ubuntu-14.04 driver_config: - image: dliappis/ubuntu-devopsci:14.04 + image: ubuntu:14.04 privileged: true provision_command: - apt-get update && apt-get install -y software-properties-common && add-apt-repository -y ppa:ansible/ansible - - apt-get update && apt-get -y -q install python-apt python-pycurl python-pip python-openssl + - apt-get update && apt-get -y -q install python-apt python-pycurl python-pip python-openssl locales + - locale-gen en_US.UTF-8 && localedef -i en_US -c -f UTF-8 en_US.UTF-8 - pip install jmespath pyOpenSSL ndg-httpsclient - - pip uninstall -y ansible use_sudo: false volume: - <%=ENV['ES_XPACK_LICENSE_FILE']%>:/tmp/license.json - /etc # This fixes certain java file actions that check the mount point. Without this adding users fails for some docker storage drivers - name: ubuntu-16.04 driver_config: - image: dliappis/ubuntu-devopsci:16.04 + image: ubuntu:16.04 privileged: true provision_command: - - apt-get update && apt-get install -y software-properties-common && add-apt-repository -y ppa:ansible/ansible + - apt-get update && apt-get install -y software-properties-common && add-apt-repository -y ppa:ansible/ansible + - apt-get install -y -q net-tools + - apt-get update && apt-get -y -q install python-apt python-pycurl python-pip locales + - locale-gen en_US.UTF-8 && localedef -i en_US -c -f UTF-8 en_US.UTF-8 + - pip install jmespath + use_sudo: false + volume: + - <%=ENV['ES_XPACK_LICENSE_FILE']%>:/tmp/license.json + - /etc # This fixes certain java file actions that check the mount point. Without this adding users fails for some docker storage drivers + run_command: "/sbin/init" + - name: ubuntu-18.04 + driver_config: + image: ubuntu:18.04 + privileged: true + provision_command: + - apt-get update && apt-get install -y software-properties-common && add-apt-repository -y ppa:ansible/ansible - apt-get install -y -q net-tools - apt-get update && apt-get -y -q install python-apt python-pycurl python-pip - pip install jmespath - - pip uninstall -y ansible use_sudo: false volume: - <%=ENV['ES_XPACK_LICENSE_FILE']%>:/tmp/license.json @@ -59,16 +73,32 @@ platforms: run_command: "/sbin/init" - name: debian-8 driver_config: - image: dliappis/debian-devopsci:8 + image: debian:8 privileged: true provision_command: - - apt-get update && apt-get -y install python python-dev python-pip build-essential libyaml-dev python-yaml curl wget + - echo "deb http://http.debian.net/debian jessie-backports main" > /etc/apt/sources.list.d/jessie-backports.list + - apt-get update && apt-get -y install -t jessie-backports openjdk-8-jre-headless + - apt-get update && apt-get -y install python python-dev python-pip build-essential libyaml-dev python-yaml curl wget net-tools + - sed -ri 's/^#?PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config + - sed -ri 's/^#?PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config + - sed -ri 's/^#?UsePAM .*/UsePAM no/' /etc/ssh/sshd_config + - pip install jmespath setuptools --upgrade + volume: + - <%=ENV['ES_XPACK_LICENSE_FILE']%>:/tmp/license.json + - /etc # This fixes certain java file actions that check the mount point. Without this adding users fails for some docker storage drivers + use_sudo: false + run_command: "/sbin/init" + - name: debian-9 + driver_config: + image: debian:9 + privileged: true + provision_command: + - apt-get update && apt-get -y install python python-dev python-pip build-essential libyaml-dev python-yaml curl wget systemd-sysv - apt-get install -y -q net-tools - sed -ri 's/^#?PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config - sed -ri 's/^#?PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config - sed -ri 's/^#?UsePAM .*/UsePAM no/' /etc/ssh/sshd_config - pip install jmespath - - pip uninstall -y ansible volume: - <%=ENV['ES_XPACK_LICENSE_FILE']%>:/tmp/license.json - /etc # This fixes certain java file actions that check the mount point. Without this adding users fails for some docker storage drivers @@ -76,14 +106,13 @@ platforms: run_command: "/sbin/init" - name: centos-7 driver_config: - image: dliappis/centos-devopsci:7 + image: centos:7 provision_command: - sed -ri 's/^#?PermitRootLogin .*/PermitRootLogin yes/' /etc/ssh/sshd_config - sed -ri 's/^#?PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config - sed -ri 's/^#?UsePAM .*/UsePAM no/' /etc/ssh/sshd_config - - rm /etc/yum.repos.d/epel*repo /etc/yum.repos.d/puppetlabs-pc1.repo - - yum -y install initscripts - - yum -y remove ansible + - yum -y install epel-release + - yum -y install initscripts python-pip - yum clean all - pip install jmespath volume: diff --git a/test/matrix.yml b/test/matrix.yml index 9107020..4b30ed1 100644 --- a/test/matrix.yml +++ b/test/matrix.yml @@ -4,7 +4,9 @@ VERSION: OS: - ubuntu-1404 - ubuntu-1604 + - ubuntu-1804 - debian-8 + - debian-9 - centos-7 TEST_TYPE: - oss From 2d8192ac097fee2dcf14eb89b7f44c57050f618f Mon Sep 17 00:00:00 2001 From: Michael Russell Date: Mon, 26 Nov 2018 16:46:07 +0100 Subject: [PATCH 4/6] Install the necessary packages for Ubuntu 14.04 and 18.04 --- .kitchen.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.kitchen.yml b/.kitchen.yml index 85ebf53..8aa3c37 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -34,10 +34,10 @@ platforms: image: ubuntu:14.04 privileged: true provision_command: - - apt-get update && apt-get install -y software-properties-common && add-apt-repository -y ppa:ansible/ansible - - apt-get update && apt-get -y -q install python-apt python-pycurl python-pip python-openssl locales + - apt-get update && apt-get install -y software-properties-common && add-apt-repository -y ppa:ansible/ansible && add-apt-repository -y ppa:openjdk-r/ppa + - apt-get update && apt-get -y -q install python-apt python-pycurl python-pip python-openssl build-essential libssl-dev libffi-dev python-dev locales openjdk-8-jre - locale-gen en_US.UTF-8 && localedef -i en_US -c -f UTF-8 en_US.UTF-8 - - pip install jmespath pyOpenSSL ndg-httpsclient + - pip install jmespath pyOpenSSL ndg-httpsclient cryptography==1.8.1 use_sudo: false volume: - <%=ENV['ES_XPACK_LICENSE_FILE']%>:/tmp/license.json @@ -63,8 +63,7 @@ platforms: privileged: true provision_command: - apt-get update && apt-get install -y software-properties-common && add-apt-repository -y ppa:ansible/ansible - - apt-get install -y -q net-tools - - apt-get update && apt-get -y -q install python-apt python-pycurl python-pip + - apt-get update && apt-get -y -q install python-apt python-pycurl python-pip net-tools iproute2 - pip install jmespath use_sudo: false volume: From ec3465a60ccbdda99c2b69abfc2d8f90ca74be0f Mon Sep 17 00:00:00 2001 From: Michael Russell Date: Tue, 27 Nov 2018 12:50:49 +0100 Subject: [PATCH 5/6] Only attempt to copy the old users file if it actually exists --- tasks/xpack/security/elasticsearch-security-file.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tasks/xpack/security/elasticsearch-security-file.yml b/tasks/xpack/security/elasticsearch-security-file.yml index 1e02f9a..13fd42d 100644 --- a/tasks/xpack/security/elasticsearch-security-file.yml +++ b/tasks/xpack/security/elasticsearch-security-file.yml @@ -2,12 +2,18 @@ - name: set fact manage_file_users set_fact: manage_file_users=es_users is defined and es_users.file is defined and es_users.file.keys() | length > 0 +- name: Check if old users file exists + stat: + path: '{{ conf_dir }}/x-pack/users' + register: old_users_file + - name: Copy the old users file from the old depreacted location copy: remote_src: yes force: no # only copy it if the new path doesn't exist yet src: "{{ conf_dir }}/x-pack/users" dest: "{{ conf_dir }}{{ es_xpack_conf_subdir }}/users" + when: old_users_file.stat.exists - name: Create the users file if it doesn't exist copy: From f89f56bc347fc4f8ecbf1155fc35082a3a21579a Mon Sep 17 00:00:00 2001 From: Michael Russell Date: Tue, 27 Nov 2018 16:16:53 +0100 Subject: [PATCH 6/6] Update changelog for 6.5.1.1 release --- CHANGELOG.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ba6f524..7e75d7a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +## 6.5.1.1 - 2018/11/27 + +### Fixes + +* [#516](https://github.com/elastic/ansible-elasticsearch/pull/516) - @Crazybus - Only attempt to copy the old users file if it actually exists + ## 6.5.1 - 2018/11/26 ### Features