diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 076d6dc6..4abe9e7e 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -21,6 +21,7 @@ on: - cron: '15 6 * * 4' jobs: kics: + if: github.event.pull_request.draft == false runs-on: ubuntu-latest steps: diff --git a/.github/workflows/test_full_stack.yml b/.github/workflows/test_full_stack.yml deleted file mode 100644 index c065a334..00000000 --- a/.github/workflows/test_full_stack.yml +++ /dev/null @@ -1,78 +0,0 @@ ---- -name: Test ElasticStack -on: - workflow_dispatch: - inputs: - logLevel: - description: 'Log level' - required: true - default: 'warning' - type: choice - options: - - info - - warning - - debug - schedule: - - cron: "0 4 * * *" - -jobs: - lint_full: - uses: ./.github/workflows/test_linting.yml - with: - rolename: '' - - molecule_full_stack_every_os: - runs-on: ubuntu-latest - needs: lint_full - - env: - COLLECTION_NAMESPACE: netways - COLLECTION_NAME: elasticstack - - strategy: - fail-fast: false - max-parallel: 1 - matrix: - distro: - - rockylinux9 - - ubuntu2204 - scenario: - - elasticstack_default - release: - - 7 - - 8 - ansible_version: - - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 - python_version: - - "3.11" - - steps: - - name: Check out code - uses: actions/checkout@v6 - - - name: Set up Python ${{ matrix.python_version }} - uses: actions/setup-python@v6 - with: - python-version: ${{ matrix.python_version }} - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - python3 -m pip install "${{ matrix.ansible_version }}" - python3 -m pip install -r requirements-test.txt - - - name: Install collection - run: | - mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE - cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME - - - name: Test with molecule - run: | - ansible --version - molecule --version - molecule test -s ${{ matrix.scenario }} - env: - MOLECULE_DISTRO: ${{ matrix.distro }} - PY_COLORS: '1' - ANSIBLE_FORCE_COLOR: '1' - ELASTIC_RELEASE: ${{ matrix.release }} diff --git a/.github/workflows/test_linting.yml b/.github/workflows/test_linting.yml index 91b56e40..b13fb8fb 100644 --- a/.github/workflows/test_linting.yml +++ b/.github/workflows/test_linting.yml @@ -38,6 +38,10 @@ jobs: python3 -m pip install --upgrade pip python3 -m pip install -r requirements-test.txt + - name: Install Ansible collections + run: | + ansible-galaxy collection install community.crypto community.general + - name: Lint code (yamllint). run: | yamllint . diff --git a/.github/workflows/test_plugins.yml b/.github/workflows/test_plugins.yml index 0045ca84..201e56af 100644 --- a/.github/workflows/test_plugins.yml +++ b/.github/workflows/test_plugins.yml @@ -23,6 +23,7 @@ on: jobs: sanity_ansible_18_19: + if: github.event.pull_request.draft == false runs-on: ubuntu-latest env: COLLECTION_NAMESPACE: netways @@ -158,7 +159,7 @@ jobs: fail-fast: false matrix: distro: - - ubuntu2204 + - debian13 scenario: - plugins release: diff --git a/.github/workflows/test_role_beats.yml b/.github/workflows/test_role_beats.yml index 13cd7dc4..7ec2b4fb 100644 --- a/.github/workflows/test_role_beats.yml +++ b/.github/workflows/test_role_beats.yml @@ -24,6 +24,7 @@ on: jobs: lint_beats: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: beats @@ -40,12 +41,11 @@ jobs: fail-fast: false matrix: distro: - - ubuntu2204 + - debian13 scenario: - beats_default - beats_peculiar release: - - 7 - 8 ansible_version: - "ansible>=9.0,<10.0" #Correspond ansible-core>=2.16,<2.17 diff --git a/.github/workflows/test_role_elasticsearch.yml b/.github/workflows/test_role_elasticsearch.yml index 2ab6adf4..d7f495e3 100644 --- a/.github/workflows/test_role_elasticsearch.yml +++ b/.github/workflows/test_role_elasticsearch.yml @@ -24,6 +24,7 @@ on: jobs: lint_elasticsearch: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: elasticsearch @@ -40,14 +41,11 @@ jobs: fail-fast: false matrix: distro: - - ubuntu2204 + - debian13 scenario: - elasticsearch_default - elasticsearch_roles_calculation - - elasticsearch_cluster-oss - - elasticsearch_no-security release: - - 7 - 8 ansible_version: - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 diff --git a/.github/workflows/test_role_kibana.yml b/.github/workflows/test_role_kibana.yml index c36322c0..9dc56687 100644 --- a/.github/workflows/test_role_kibana.yml +++ b/.github/workflows/test_role_kibana.yml @@ -24,6 +24,7 @@ on: jobs: lint_kibana: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: kibana @@ -41,11 +42,10 @@ jobs: fail-fast: false matrix: distro: - - ubuntu2204 + - debian13 scenario: - kibana_default release: - - 7 - 8 ansible_version: - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 diff --git a/.github/workflows/test_role_logstash.yml b/.github/workflows/test_role_logstash.yml index 4eb2cbe4..2746f398 100644 --- a/.github/workflows/test_role_logstash.yml +++ b/.github/workflows/test_role_logstash.yml @@ -24,6 +24,7 @@ on: jobs: lint_logstash: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: logstash @@ -40,13 +41,11 @@ jobs: strategy: fail-fast: false matrix: - distro: [ubuntu2204] + distro: [debian13] scenario: - - logstash_full_stack-oss - logstash_specific_version - logstash_pipelines release: - - 7 - 8 ansible_version: - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 diff --git a/.github/workflows/test_role_repos.yml b/.github/workflows/test_role_repos.yml index 979a709f..b2c714be 100644 --- a/.github/workflows/test_role_repos.yml +++ b/.github/workflows/test_role_repos.yml @@ -23,6 +23,7 @@ on: jobs: lint_repos: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: repos @@ -48,7 +49,6 @@ jobs: - repos_default - repos_oss release: - - 7 - 8 ansible_version: - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 diff --git a/.github/workflows/test_roles_pr.yml b/.github/workflows/test_roles_pr.yml index f0d0245e..367de435 100644 --- a/.github/workflows/test_roles_pr.yml +++ b/.github/workflows/test_roles_pr.yml @@ -17,11 +17,12 @@ on: jobs: lint_full: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: '' - molecule_full_stack: + molecule_full_stack_ansible_19: runs-on: ubuntu-latest needs: lint_full @@ -38,7 +39,6 @@ jobs: scenario: - elasticstack_default release: - - 7 - 8 python_version: - "3.11" @@ -75,3 +75,58 @@ jobs: PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' ELASTIC_RELEASE: ${{ matrix.release }} + + + molecule_full_stack_ansible_20: + runs-on: ubuntu-latest + needs: lint_full + + env: + COLLECTION_NAMESPACE: netways + COLLECTION_NAME: elasticstack + + strategy: + fail-fast: false + matrix: + distro: + - rockylinux9 + - ubuntu2204 + scenario: + - elasticstack_default + release: + - 8 + python_version: + - "3.14" + ansible_version: + - "ansible-core>=2.20,<2.21" #Correspond ansible>=13.0,<14.0 + + steps: + - name: Check out code + uses: actions/checkout@v6 + + - name: Set up Python ${{ matrix.python_version }} + uses: actions/setup-python@v6 + with: + python-version: ${{ matrix.python_version }} + + - name: Install dependencies + run: | + python3 -m pip install --upgrade pip + python3 -m pip install "${{ matrix.ansible_version }}" + python3 -m pip install -r requirements-test.txt + + - name: Install collection + run: | + mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE + cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME + + - name: Test with molecule + run: | + ansible --version + molecule --version + molecule test -s ${{ matrix.scenario }} + env: + MOLECULE_DISTRO: ${{ matrix.distro }} + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + ELASTIC_RELEASE: ${{ matrix.release }} diff --git a/README.md b/README.md index b5dad47e..494ed9dd 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,5 @@ # Ansible Collection - netways.elasticstack -![Test ElasticStack](https://github.com/NETWAYS/ansible-collection-elasticstack/actions/workflows/test_full_stack.yml/badge.svg) > [!CAUTION] > The current main branch has some breaking changes. Be careful using it! Everything after commit 3d6673f6d526afeb0fd7ba382d067d76bd10bbd6 is affected! @@ -65,16 +64,8 @@ You may want the following Ansible roles installed. There other ways to achieve We test the collection on the following Linux distributions. Each one with Elastic Stack 7 and 8. * Rocky Linux 9 -* Rocky Linux 8 * Ubuntu 22.04 LTS -* Ubuntu 20.04 LTS -* Debian 11 -* Debian 10 -* CentOS 8 - -We know from personal experience, that the collections work in following combinations. Missing tests mostly come from incompatibilties between the distribution and our testing environment, not from problems with the collection itself. - -* CentOS 7 - Elastic Stack 7 +* Debian 13 ## Caveats and information for long time users diff --git a/molecule/beats_default/molecule.yml b/molecule/beats_default/molecule.yml index 0ed92435..a0c455a7 100644 --- a/molecule/beats_default/molecule.yml +++ b/molecule/beats_default/molecule.yml @@ -5,6 +5,8 @@ driver: name: docker platforms: - name: beats_default_${MOLECULE_DISTRO:-debian13} + groups: + - elasticsearch image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: diff --git a/molecule/beats_peculiar/converge.yml b/molecule/beats_peculiar/converge.yml index e5a46244..fd020406 100644 --- a/molecule/beats_peculiar/converge.yml +++ b/molecule/beats_peculiar/converge.yml @@ -40,12 +40,6 @@ elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}" tasks: - - name: Set Filebeat version for 7.x - ansible.builtin.set_fact: - elasticstack_version: "7.17.1" - when: - - elasticstack_release == 7 - - name: Set Filebeat version for 8.x ansible.builtin.set_fact: elasticstack_version: "8.4.1" diff --git a/molecule/beats_peculiar/molecule.yml b/molecule/beats_peculiar/molecule.yml index d3562ba4..fee71096 100644 --- a/molecule/beats_peculiar/molecule.yml +++ b/molecule/beats_peculiar/molecule.yml @@ -5,6 +5,8 @@ driver: name: docker platforms: - name: beats_peculiar_${MOLECULE_DISTRO:-debian13} + groups: + - elasticsearch image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: diff --git a/molecule/elasticsearch_cluster-oss/converge.yml b/molecule/elasticsearch_cluster-oss/converge.yml deleted file mode 100644 index ea69ec89..00000000 --- a/molecule/elasticsearch_cluster-oss/converge.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# The workaround for arbitrarily named role directory is important because the git repo has one name and the role within it another -# Found at: https://github.com/ansible-community/molecule/issues/1567#issuecomment-436876722 -- name: Converge - collections: - - netways.elasticstack - hosts: all - vars: - elasticstack_variant: oss - elasticsearch_jna_workaround: true - elasticsearch_disable_systemcallfilterchecks: true - elasticstack_release: 7 - elasticsearch_heap: "1" - elasticstack_no_log: false - tasks: - - name: Include Elastics repos role - ansible.builtin.include_role: - name: repos - - name: Include Elasticsearch - ansible.builtin.include_role: - name: elasticsearch diff --git a/molecule/elasticsearch_cluster-oss/molecule.yml b/molecule/elasticsearch_cluster-oss/molecule.yml deleted file mode 100644 index 160c5275..00000000 --- a/molecule/elasticsearch_cluster-oss/molecule.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: requirements.yml -driver: - name: docker -platforms: - - name: "elasticsearch-cluster1-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearch - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true - - name: "elasticsearch-cluster2-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearch - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true -provisioner: - name: ansible -verifier: - name: ansible diff --git a/molecule/elasticsearch_cluster-oss/prepare.yml b/molecule/elasticsearch_cluster-oss/prepare.yml deleted file mode 100644 index 2bf1ed5e..00000000 --- a/molecule/elasticsearch_cluster-oss/prepare.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Prepare - hosts: all - tasks: - - name: Show discovered interpreter - debug: - var: ansible_facts.discovered_interpreter_python - - - name: Install packages for Debian - ansible.builtin.apt: - name: - - gpg - - gpg-agent - - procps - - curl - - iproute2 - - git - - openssl - update_cache: yes diff --git a/molecule/elasticsearch_cluster-oss/requirements.yml b/molecule/elasticsearch_cluster-oss/requirements.yml deleted file mode 100644 index 8dd51618..00000000 --- a/molecule/elasticsearch_cluster-oss/requirements.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -collections: - - community.general diff --git a/molecule/elasticsearch_no-security/converge.yml b/molecule/elasticsearch_no-security/converge.yml deleted file mode 100644 index b8fd37cc..00000000 --- a/molecule/elasticsearch_no-security/converge.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# The workaround for arbitrarily named role directory is important because the git repo has one name and the role within it another -# Found at: https://github.com/ansible-community/molecule/issues/1567#issuecomment-436876722 -- name: Converge - collections: - - netways.elasticstack - hosts: all - vars: - elasticsearch_security: false - elasticstack_security: false - elasticsearch_jna_workaround: true - elasticsearch_disable_systemcallfilterchecks: true - elasticsearch_heap: "1" - elasticstack_release: 7 - elasticstack_no_log: false - elasticstack_elasticsearch_group_name: elasticsearchXYZ - tasks: - - name: Include Elastics repos role - ansible.builtin.include_role: - name: repos - - name: Include Elasticsearch - ansible.builtin.include_role: - name: elasticsearch diff --git a/molecule/elasticsearch_no-security/molecule.yml b/molecule/elasticsearch_no-security/molecule.yml deleted file mode 100644 index 112b7cdb..00000000 --- a/molecule/elasticsearch_no-security/molecule.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: requirements.yml -driver: - name: docker -platforms: - - name: "elasticsearch-nosecurity1-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearchXYZ - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true - - name: "elasticsearch-nosecurity2-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearchXYZ - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true -provisioner: - name: ansible -verifier: - name: ansible diff --git a/molecule/elasticsearch_no-security/prepare.yml b/molecule/elasticsearch_no-security/prepare.yml deleted file mode 100644 index a4d70b7d..00000000 --- a/molecule/elasticsearch_no-security/prepare.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Prepare - hosts: all - tasks: - - name: Show discovered interpreter - debug: - var: ansible_facts.discovered_interpreter_python - - - name: Install packages for Debian - ansible.builtin.apt: - name: - - gpg - - gpg-agent - - procps - - curl - - iproute2 - - git - update_cache: yes - when: ansible_os_family == "Debian" diff --git a/molecule/elasticsearch_no-security/requirements.yml b/molecule/elasticsearch_no-security/requirements.yml deleted file mode 100644 index 8dd51618..00000000 --- a/molecule/elasticsearch_no-security/requirements.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -collections: - - community.general diff --git a/molecule/elasticsearch_no-security/verify.yml b/molecule/elasticsearch_no-security/verify.yml deleted file mode 100644 index 83c81352..00000000 --- a/molecule/elasticsearch_no-security/verify.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -# This is an example playbook to execute Ansible tests. - -- name: Verify - hosts: all - vars: - elasticstack_elasticsearch_http_port: 9200 - elasticstack_elasticsearch_group_name: elasticsearchXYZ - tasks: - -# Remember, this is the no-security scenario. So no https -# The comment below will create an exception for KICS security scan - - name: Health check - ansible.builtin.uri: -# kics-scan ignore-line - url: http://localhost:{{ elasticstack_elasticsearch_http_port }}/_cluster/health - method: GET - return_content: yes - status_code: 200 - validate_certs: false - register: result - until: result.json.status == "green" - retries: 6 - delay: 10 - when: groups[elasticstack_elasticsearch_group_name] | length > 1 - - - name: Node check - ansible.builtin.uri: -# kics-scan ignore-line - url: http://localhost:{{ elasticstack_elasticsearch_http_port }}/_cat/nodes - method: GET - return_content: yes - status_code: 200 - validate_certs: false - register: nodes - when: groups[elasticstack_elasticsearch_group_name] | length > 1 - - - name: Check if all Nodes see each other - ansible.builtin.assert: - that: - - "'{{ item }}' in nodes.content" - fail_msg: "'{{ item }}' was not found in nodes.content" - success_msg: "'{{ item }}' was found in nodes.content" - with_inventory_hostnames: all - when: groups[elasticstack_elasticsearch_group_name] | length > 1 diff --git a/molecule/elasticsearch_roles_calculation/converge.yml b/molecule/elasticsearch_roles_calculation/converge.yml index e64a9e0f..dd206828 100644 --- a/molecule/elasticsearch_roles_calculation/converge.yml +++ b/molecule/elasticsearch_roles_calculation/converge.yml @@ -8,7 +8,7 @@ vars: elasticsearch_jna_workaround: true elasticsearch_disable_systemcallfilterchecks: true - elastic_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}" + elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}" elasticsearch_node_types: - master - data diff --git a/molecule/kibana_default/molecule.yml b/molecule/kibana_default/molecule.yml index 26455953..06044bca 100644 --- a/molecule/kibana_default/molecule.yml +++ b/molecule/kibana_default/molecule.yml @@ -5,6 +5,8 @@ driver: name: docker platforms: - name: "kibana_default-${MOLECULE_DISTRO:-debian13}" + groups: + - elasticsearch image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: diff --git a/molecule/logstash_full_stack-oss/converge.yml b/molecule/logstash_full_stack-oss/converge.yml deleted file mode 100644 index 5f163e7a..00000000 --- a/molecule/logstash_full_stack-oss/converge.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -# The workaround for arbitrarily named role directory is important because the -# git repo has one name and the role within it another -# Found at: -# https://github.com/ansible-community/molecule/issues/1567#issuecomment-436876722 -# -# Currently security is not implemented with OSS. We leave the variable set -# to check for handling of misconfiguration (and be prepared for upcoming -# implementations) -# But we need to deactivate security in Elasticsearch to not lock out -# Logstash -- name: Converge - hosts: all - collections: - - netways.elasticstack - vars: - elasticstack_full_stack: true - elasticstack_variant: oss - logstash_security: false - logstash_pipeline_unsafe_shutdown: true - elasticstack_security: false - beats_filebeat_journald: true - logstash_beats_tls: false - elasticstack_release: 7 - elasticstack_no_log: false - tasks: - - name: "Include Elastics repos role" - ansible.builtin.include_role: - name: repos - - name: "Include Elasticsearch role" - ansible.builtin.include_role: - name: elasticsearch - - name: "Include Beats" - ansible.builtin.include_role: - name: beats - - name: "Include Redis" - ansible.builtin.include_role: - name: geerlingguy.redis - - name: "Include Logstash" - ansible.builtin.include_role: - name: logstash diff --git a/molecule/logstash_full_stack-oss/molecule.yml b/molecule/logstash_full_stack-oss/molecule.yml deleted file mode 100644 index 2f3cd65a..00000000 --- a/molecule/logstash_full_stack-oss/molecule.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: requirements.yml -driver: - name: docker -platforms: - - name: "logstash-full-oss-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearch - - logstash - - filebeat - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true -provisioner: - name: ansible - env: - ANSIBLE_ROLES_PATH: $MOLECULE_EPHEMERAL_DIRECTORY/roles:${HOME}/.ansible/roles:$MOLECULE_PROJECT_DIRECTORY/roles -verifier: - name: ansible diff --git a/molecule/logstash_full_stack-oss/prepare.yml b/molecule/logstash_full_stack-oss/prepare.yml deleted file mode 100644 index 9cc68f65..00000000 --- a/molecule/logstash_full_stack-oss/prepare.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Prepare - hosts: all - tasks: - - name: Show discovered interpreter - debug: - var: ansible_facts.discovered_interpreter_python - - - name: Install packages for Debian - ansible.builtin.apt: - name: - - gpg - - gpg-agent - - procps - - curl - - git - update_cache: yes diff --git a/molecule/logstash_full_stack-oss/requirements.yml b/molecule/logstash_full_stack-oss/requirements.yml deleted file mode 100644 index 1c0204d5..00000000 --- a/molecule/logstash_full_stack-oss/requirements.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -roles: - # Versions higher than 1.6.0 seem to have a problem with idempotency on rocky 9 python 3.9, NOT on ubuntu2204 python 3.10 - - name: geerlingguy.redis - version: "1.6.0" - -collections: - - community.general diff --git a/molecule/logstash_full_stack-oss/verify.yml b/molecule/logstash_full_stack-oss/verify.yml deleted file mode 100644 index fc4bcc65..00000000 --- a/molecule/logstash_full_stack-oss/verify.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# This is an example playbook to execute Ansible tests. - -- name: Check if Logstash configuration does what it should - hosts: all - vars: - elasticstack_elasticsearch_http_port: 9200 - elasticstack_beats_port: 5044 - tasks: - - name: Give some time for tools to connect - ansible.builtin.wait_for: - timeout: 120 - - name: Run syntax check - ansible.builtin.command: "/usr/share/logstash/bin/logstash --path.settings=/etc/logstash -t" - when: "'logstash' in group_names" - - name: Query for Logstasch indices - ansible.builtin.shell: > - curl -s http://localhost:{{ elasticstack_elasticsearch_http_port }}/_cat/indices | - grep logstash | - awk {' print $7 '} | - sort -n | - tail -1 - register: logstash_count - when: "elasticstack_elasticsearch_group_name is defined and elasticstack_elasticsearch_group_name in group_names" - - name: Show full output - ansible.builtin.debug: - var: logstash_count - when: "elasticstack_elasticsearch_group_name is defined and elasticstack_elasticsearch_group_name in group_names" - - name: Fail when logstash is empty - ansible.builtin.fail: - msg: "Logstash Index is empty" - when: "elasticstack_elasticsearch_group_name is defined and elasticstack_elasticsearch_group_name in group_names and logstash_count.stdout == 0" - - name: Show number of received events - ansible.builtin.debug: - msg: "Elasticsearch received {{ logstash_count.stdout }} events so far" - when: "elasticstack_elasticsearch_group_name is defined and elasticstack_elasticsearch_group_name in group_names" diff --git a/molecule/logstash_specific_version/converge.yml b/molecule/logstash_specific_version/converge.yml index cabf8ae4..4c129cfd 100644 --- a/molecule/logstash_specific_version/converge.yml +++ b/molecule/logstash_specific_version/converge.yml @@ -18,12 +18,6 @@ elasticstack_no_log: false tasks: - - name: Set Filebeat version for 7.x - ansible.builtin.set_fact: - elasticstack_version: "7.17.1" - when: - - elasticstack_release == 7 - - name: Set Filebeat version for 8.x ansible.builtin.set_fact: elasticstack_version: "8.4.1" diff --git a/molecule/repos_default/requirements.yml b/molecule/repos_default/requirements.yml index f212a672..7ecf25a4 100644 --- a/molecule/repos_default/requirements.yml +++ b/molecule/repos_default/requirements.yml @@ -2,3 +2,5 @@ collections: - community.general + - name: community.crypto + version: ">=2.15.0,<3.0.0" # Support python 3.9 on target host e.g. Rocky 9 diff --git a/molecule/repos_oss/converge.yml b/molecule/repos_oss/converge.yml index 49416223..a3efb7ef 100644 --- a/molecule/repos_oss/converge.yml +++ b/molecule/repos_oss/converge.yml @@ -8,7 +8,7 @@ vars: elasticstack_variant: oss elasticstack_rpm_workaround: true - elasticstack_release: 7 + elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}" elasticstack_no_log: false tasks: - name: "Include Elastic Repos" diff --git a/molecule/repos_oss/requirements.yml b/molecule/repos_oss/requirements.yml index f212a672..7ecf25a4 100644 --- a/molecule/repos_oss/requirements.yml +++ b/molecule/repos_oss/requirements.yml @@ -2,3 +2,5 @@ collections: - community.general + - name: community.crypto + version: ">=2.15.0,<3.0.0" # Support python 3.9 on target host e.g. Rocky 9 diff --git a/roles/beats/meta/main.yml b/roles/beats/meta/main.yml index ff8fd4d9..944440e2 100644 --- a/roles/beats/meta/main.yml +++ b/roles/beats/meta/main.yml @@ -13,7 +13,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - beats - filebeat diff --git a/roles/elasticsearch/meta/main.yml b/roles/elasticsearch/meta/main.yml index 428762b2..ffc7f24c 100644 --- a/roles/elasticsearch/meta/main.yml +++ b/roles/elasticsearch/meta/main.yml @@ -13,7 +13,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - elasticsearch - elk diff --git a/roles/elasticsearch/tasks/main.yml b/roles/elasticsearch/tasks/main.yml index f1e3f71b..e92085cd 100644 --- a/roles/elasticsearch/tasks/main.yml +++ b/roles/elasticsearch/tasks/main.yml @@ -121,7 +121,7 @@ ansible.builtin.set_fact: elasticsearch_package: > {{ - 'elasticsearch' + + ('elasticsearch-oss' if elasticstack_variant == 'oss' else 'elasticsearch') + ((elasticstack_versionseparator + elasticstack_version | string ) if (elasticstack_version is defined and elasticstack_version | length > 0)) | diff --git a/roles/kibana/meta/main.yml b/roles/kibana/meta/main.yml index bebbf67c..24df5cd9 100644 --- a/roles/kibana/meta/main.yml +++ b/roles/kibana/meta/main.yml @@ -12,7 +12,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - kibana - elk diff --git a/roles/logstash/meta/main.yml b/roles/logstash/meta/main.yml index 8ce4270a..3689e848 100644 --- a/roles/logstash/meta/main.yml +++ b/roles/logstash/meta/main.yml @@ -12,7 +12,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - logstash - elk diff --git a/roles/repos/meta/main.yml b/roles/repos/meta/main.yml index 80ef8524..6466e0a4 100644 --- a/roles/repos/meta/main.yml +++ b/roles/repos/meta/main.yml @@ -12,7 +12,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - repositories - linux diff --git a/test.md b/test.md new file mode 100644 index 00000000..e69de29b