Cherrypick es keystore entries #757
Conversation
|
Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually? |
|
Would it be better to use something like:
instead of echo pipe? I worry that certain values (eg: randomly generated password) could contain shell meta characters which would cause problems. |
|
@schallee Thank yor for bringing this up. I have refactored it already and updated the pull request. |
|
Thanks for the contribution @BernardIsibor. I'm hoping to review this PR either today or tomorrow. |
|
jenkins test this please |
| @@ -28,12 +28,62 @@ | |||
|
|
|||
| - name: Create Bootstrap password for elastic user | |||
| become: yes | |||
| shell: echo {{ es_api_basic_auth_password | quote }} | {{ es_home }}/bin/elasticsearch-keystore add -x 'bootstrap.password' | |||
| command: | |||
There was a problem hiding this comment.
CI tests using this task are failing (example: https://devops-ci.elastic.co/job/elastic+ansible-elasticsearch+pull-request/237/OS=ubuntu-1404,TEST_TYPE=xpack-upgrade,label=linux/console).
I did a few local tests and see 2 issues:
-
argvsyntax forcommandmodule was released in Ansible 2.6 but our role is still supporting Ansible 2.5ansible-elasticsearch/meta/main.yml
Line 10 in 87946a8
I would prefer not remove 2.5 support if that's possible as it is the default version used in Ubuntu 18.04 packages and in our
ubuntu-1804tests. -
The generated command don't seem valid. When using it with a more recent Ansible version and enabling log for this task, I get the following error:
TASK [elasticsearch : Create Bootstrap password for elastic user] ************** fatal: [localhost]: FAILED! => {"changed": false, "cmd": "changeme /usr/share/elasticsearch/bin/elasticsearch-keystore add -x bootstrap.password", "msg": "[Errno 2] No such file or directory", "rc": 2}
There was a problem hiding this comment.
Ok, I can have a look at this and change it back. How should we address the problem mentioned by @schalle about autogenerated passwords?
There was a problem hiding this comment.
AFAIK the Ansible quote filter should handle the special characters correctly so that we don't have any issue.
I did a try with a few passwords like elastic|$&01 and didn't have any issue with my small samples.
There was a problem hiding this comment.
Ok. Got it. I have fixed it and tried to push it but used a wrong git user. Can you delete this pull request please, I will do it again
There was a problem hiding this comment.
@jmlrt Or even better, just accept it.
There was a problem hiding this comment.
Not sure that we can merge the PR with CLA failing on some commits.
Can you try changing the author name of these 2 commits with this procedure for example?
There was a problem hiding this comment.
@jmlrt I have tried it. Can you please check? Thanks
There was a problem hiding this comment.
This is still failing and I still see your other author name and emails in some commits. Then if you prefer creating a new branch/PR please do, you can then close this one or I'll do it when the new one will be created.
|
❌ Author of the following commits did not sign a Contributor Agreement: Please, read and sign the above mentioned agreement if you want to contribute to this project |
This commit create dedicated Jenkins jobs for 6.x for master branch and PRs. This is required to allow having different test suites for 7.x and 6.x in a following PR.
This commit fix the test job templates following elastic#760. - add VERSION parameter for 7.x jobs - move axis to jobs templates
This commit fix PR test job for 6.x following elastic#762.
…ealStuff/ansible-elasticsearch into cherrypick_es_keystore_entries
This commit fix PR test job for 6.x following elastic#762.
…ealStuff/ansible-elasticsearch into cherrypick_es_keystore_entries
|
cla/check |
#Add support to add,update and delete elasticsearch.keystore entries.
Obsoletes #685
Fix #684
@bndabbs Please have a look