deviantony
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 4 additions & 4 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎.github/workflows/docs.yml‎
Lines changed: 2 additions & 4 deletions b/‎.github/workflows/docs.yml‎
Lines changed: 2 additions & 4 deletions
diff --git a/‎.github/workflows/scripts/elasticsearch-setup-passwords.exp‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/scripts/elasticsearch-setup-passwords.exp‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/scripts/run-tests-core.sh‎
Lines changed: 6 additions & 4 deletions b/‎.github/workflows/scripts/run-tests-core.sh‎
Lines changed: 6 additions & 4 deletions
diff --git a/‎.github/workflows/scripts/run-tests-enterprise-search.sh‎
Lines changed: 4 additions & 2 deletions b/‎.github/workflows/scripts/run-tests-enterprise-search.sh‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎.github/workflows/scripts/run-tests-filebeat.sh‎
Lines changed: 4 additions & 2 deletions b/‎.github/workflows/scripts/run-tests-filebeat.sh‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎.github/workflows/scripts/run-tests-logspout.sh‎
Lines changed: 4 additions & 2 deletions b/‎.github/workflows/scripts/run-tests-logspout.sh‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎.github/workflows/scripts/run-tests-metricbeat.sh‎
Lines changed: 4 additions & 2 deletions b/‎.github/workflows/scripts/run-tests-metricbeat.sh‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎.github/workflows/update-merge.yml‎
Lines changed: 0 additions & 34 deletions b/‎.github/workflows/update-merge.yml‎
Lines changed: 0 additions & 34 deletions
diff --git a/‎.github/workflows/update.yml‎
Lines changed: 0 additions & 101 deletions b/‎.github/workflows/update.yml‎
Lines changed: 0 additions & 101 deletions
@@ -2,9 +2,9 @@ name: CI
 
 on:
   push:
-    branches: [ main ]
+    branches: [ tls ]
   pull_request:
-    branches: [ main ]
+    branches: [ tls ]
 
 jobs:
 
@@ -77,7 +77,7 @@ jobs:
 
           docker compose up -d elasticsearch
           source .github/workflows/scripts/lib/testing.sh
-          poll_ready "$(container_id elasticsearch)" "http://$(service_ip elasticsearch):9200/" -u 'elastic:changeme'
+          poll_ready "$(container_id elasticsearch)" "https://elasticsearch:9200/" --resolve "elasticsearch:9200:$(service_ip elasticsearch)" --cacert "$(realpath tls/kibana/elasticsearch-ca.pem)" -u 'elastic:changeme'
 
           # Set passwords
 
@@ -295,7 +295,7 @@ jobs:
           docker stack deploy -c ./docker-stack.yml elk
           docker service scale elk_logstash=0 elk_kibana=0
           source .github/workflows/scripts/lib/testing.sh
-          poll_ready "$(container_id elasticsearch)" "http://$(service_ip elasticsearch):9200/" -u 'elastic:changeme'
+          poll_ready "$(container_id elasticsearch)" "https://elasticsearch:9200/" --resolve "elasticsearch:9200:$(service_ip elasticsearch)" --cacert "$(realpath tls/kibana/elasticsearch-ca.pem)" -u 'elastic:changeme'
 
           # Set passwords
 
 
@@ -1,12 +1,10 @@
 name: Documentation
 
 on:
-  schedule:
-    - cron: '0 0 * * 0'  # At 00:00 every Sunday
   push:
-    branches: [ main ]
+    branches: [ tls ]
   pull_request:
-    branches: [ main ]
+    branches: [ tls ]
 
 jobs:
 
 
@@ -13,7 +13,7 @@ if { [string match "swarm" $MODE] } {
 }
 
 foreach user $users {
-	set cmd "docker exec -it $cid bin/elasticsearch-reset-password --batch --user $user -i"
+	set cmd "docker exec -it $cid bin/elasticsearch-reset-password --batch --user $user -i --url https://localhost:9200"
 
 	spawn {*}$cmd
 
 
@@ -15,8 +15,10 @@ ip_es="$(service_ip elasticsearch)"
 ip_ls="$(service_ip logstash)"
 ip_kb="$(service_ip kibana)"
 
+es_ca_cert="$(realpath $(dirname ${BASH_SOURCE[0]})/../../../tls/kibana/elasticsearch-ca.pem)"
+
 log 'Waiting for readiness of Elasticsearch'
-poll_ready "$cid_es" "http://${ip_es}:9200/" -u 'elastic:testpasswd'
+poll_ready "$cid_es" 'https://elasticsearch:9200/' --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u 'elastic:testpasswd'
 
 log 'Waiting for readiness of Logstash'
 poll_ready "$cid_ls" "http://${ip_ls}:9600/_node/pipelines/main?pretty"
@@ -44,11 +46,11 @@ if ((was_retried)); then
 fi
 
 sleep 5
-curl -X POST "http://${ip_es}:9200/logs-generic-default/_refresh" -u elastic:testpasswd \
-	-s -w '\n'
+curl -X POST "https://elasticsearch:9200/logs-generic-default/_refresh" -u elastic:testpasswd \
+	-s -w '\n' --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert"
 
 log 'Searching message in Elasticsearch'
-response="$(curl "http://${ip_es}:9200/logs-generic-default/_search?q=message:dockerelk&pretty" -s -u elastic:testpasswd)"
+response="$(curl "https://elasticsearch:9200/logs-generic-default/_search?q=message:dockerelk&pretty" -s --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u elastic:testpasswd)"
 echo "$response"
 declare -i count
 count="$(jq -rn --argjson data "${response}" '$data.hits.total.value')"
 
@@ -13,14 +13,16 @@ cid_en="$(container_id enterprise-search)"
 ip_es="$(service_ip elasticsearch)"
 ip_en="$(service_ip enterprise-search)"
 
+es_ca_cert="$(realpath $(dirname ${BASH_SOURCE[0]})/../../../tls/kibana/elasticsearch-ca.pem)"
+
 log 'Waiting for readiness of Elasticsearch'
-poll_ready "$cid_es" "http://${ip_es}:9200/" -u 'elastic:testpasswd'
+poll_ready "$cid_es" 'https://elasticsearch:9200/' --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u 'elastic:testpasswd'
 
 log 'Waiting for readiness of Enterprise Search'
 poll_ready "$cid_en" "http://${ip_en}:3002/api/ent/v1/internal/health" -u 'elastic:testpasswd'
 
 log 'Ensuring that App Search API keys were created in Elasticsearch'
-response="$(curl "http://${ip_es}:9200/.ent-search-actastic-app_search_api_tokens_v3/_search?q=*:*&pretty" -s -u elastic:testpasswd)"
+response="$(curl 'https://elasticsearch:9200/.ent-search-actastic-app_search_api_tokens_v3/_search?q=*:*&pretty' -s --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u elastic:testpasswd)"
 echo "$response"
 declare -i count
 count="$(jq -rn --argjson data "${response}" '$data.hits.total.value')"
 
@@ -13,8 +13,10 @@ cid_mb="$(container_id filebeat)"
 ip_es="$(service_ip elasticsearch)"
 ip_mb="$(service_ip filebeat)"
 
+es_ca_cert="$(realpath $(dirname ${BASH_SOURCE[0]})/../../../tls/kibana/elasticsearch-ca.pem)"
+
 log 'Waiting for readiness of Elasticsearch'
-poll_ready "$cid_es" "http://${ip_es}:9200/" -u 'elastic:testpasswd'
+poll_ready "$cid_es" 'https://elasticsearch:9200/' --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u 'elastic:testpasswd'
 
 log 'Waiting for readiness of Filebeat'
 poll_ready "$cid_mb" "http://${ip_mb}:5066/?pretty"
@@ -35,7 +37,7 @@ declare -i was_retried=0
 
 # retry for max 60s (30*2s)
 for _ in $(seq 1 30); do
-	response="$(curl "http://${ip_es}:9200/filebeat-*/_search?q=agent.type:%22filebeat%22%20AND%20input.type:%22container%22%20AND%20container.name:%22docker-elk-elasticsearch-1%22&pretty" -s -u elastic:testpasswd)"
+	response="$(curl "https://elasticsearch:9200/filebeat-*/_search?q=agent.type:%22filebeat%22%20AND%20input.type:%22container%22%20AND%20container.name:%22docker-elk-elasticsearch-1%22&pretty" -s --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u elastic:testpasswd)"
 
 	set +u  # prevent "unbound variable" if assigned value is not an integer
 	count="$(jq -rn --argjson data "${response}" '$data.hits.total.value')"
 
@@ -15,8 +15,10 @@ ip_es="$(service_ip elasticsearch)"
 ip_ls="$(service_ip logstash)"
 ip_lsp="$(service_ip logspout)"
 
+es_ca_cert="$(realpath $(dirname ${BASH_SOURCE[0]})/../../../tls/kibana/elasticsearch-ca.pem)"
+
 log 'Waiting for readiness of Elasticsearch'
-poll_ready "$cid_es" "http://${ip_es}:9200/" -u 'elastic:testpasswd'
+poll_ready "$cid_es" 'https://elasticsearch:9200/' --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u 'elastic:testpasswd'
 
 log 'Waiting for readiness of Logstash'
 poll_ready "$cid_ls" "http://${ip_ls}:9600/_node/pipelines/main?pretty"
@@ -39,7 +41,7 @@ declare -i was_retried=0
 
 # retry for max 60s (30*2s)
 for _ in $(seq 1 30); do
-	response="$(curl "http://${ip_es}:9200/logs-generic-default/_search?q=docker.image:%22docker-elk_logspout%22%20AND%20message:%22logspout%20gliderlabs%22~3&pretty" -s -u elastic:testpasswd)"
+	response="$(curl "https://elasticsearch:9200/logs-generic-default/_search?q=docker.image:%22docker-elk_logspout%22%20AND%20message:%22logspout%20gliderlabs%22~3&pretty" -s --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u elastic:testpasswd)"
 
 	set +u  # prevent "unbound variable" if assigned value is not an integer
 	count="$(jq -rn --argjson data "${response}" '$data.hits.total.value')"
 
@@ -13,8 +13,10 @@ cid_mb="$(container_id metricbeat)"
 ip_es="$(service_ip elasticsearch)"
 ip_mb="$(service_ip metricbeat)"
 
+es_ca_cert="$(realpath $(dirname ${BASH_SOURCE[0]})/../../../tls/kibana/elasticsearch-ca.pem)"
+
 log 'Waiting for readiness of Elasticsearch'
-poll_ready "$cid_es" "http://${ip_es}:9200/" -u 'elastic:testpasswd'
+poll_ready "$cid_es" 'https://elasticsearch:9200/' --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u 'elastic:testpasswd'
 
 log 'Waiting for readiness of Metricbeat'
 poll_ready "$cid_mb" "http://${ip_mb}:5066/?pretty"
@@ -36,7 +38,7 @@ declare -i was_retried=0
 
 # retry for max 60s (30*2s)
 for _ in $(seq 1 30); do
-	response="$(curl "http://${ip_es}:9200/metricbeat-*/_search?q=agent.type:%22metricbeat%22%20AND%20event.module:%22docker%22%20AND%20event.dataset:%22docker.container%22%20AND%20container.name:%22docker-elk-elasticsearch-1%22&pretty" -s -u elastic:testpasswd)"
+	response="$(curl 'https://elasticsearch:9200/metricbeat-*/_search?q=agent.type:%22metricbeat%22%20AND%20event.module:%22docker%22%20AND%20event.dataset:%22docker.container%22%20AND%20container.name:%22docker-elk-elasticsearch-1%22&pretty' -s --resolve "elasticsearch:9200:${ip_es}" --cacert "$es_ca_cert" -u elastic:testpasswd)"
 
 	set +u  # prevent "unbound variable" if assigned value is not an integer
 	count="$(jq -rn --argjson data "${response}" '$data.hits.total.value')"
Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,7 @@ if { [string match "swarm" $MODE] } {`
`13`	`13`	`}`
`14`	`14`
`15`	`15`	`foreach user $users {`
`16`		`- set cmd "docker exec -it $cid bin/elasticsearch-reset-password --batch --user $user -i"`
	`16`	`+ set cmd "docker exec -it $cid bin/elasticsearch-reset-password --batch --user $user -i --url https://localhost:9200"`
`17`	`17`
`18`	`18`	`spawn {*}$cmd`
`19`	`19`