diff --git a/.travis.yml b/.travis.yml index bc3759de8..664d4300f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -52,42 +52,87 @@ jobs: env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:amazonlinux-1-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:amazonlinux-1-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:amazonlinux-2-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:amazonlinux-2-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:centos-6-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:centos-6-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:centos-7-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:centos-7-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:centos-8-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:centos-8-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:oracle-6-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:oracle-6-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:oracle-7-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:oracle-7-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:debian-8-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:debian-8-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:debian-9-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:debian-9-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:debian-10-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:debian-10-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:ubuntu-server-1404-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:ubuntu-server-1404-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:ubuntu-server-1604-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:ubuntu-server-1604-x64:acceptance[7.8.0] - env: - BEAKER_PUPPET_COLLECTION=puppet6 - TASK=beaker:ubuntu-server-1804-x64:acceptance + - env: + - BEAKER_PUPPET_COLLECTION=puppet6 + - TASK=beaker:ubuntu-server-1804-x64:acceptance[7.8.0] + # - env: + # - BEAKER_PUPPET_COLLECTION=puppet6 + # - TASK=beaker:ubuntu-server-2004-x64:acceptance + # - env: + # - BEAKER_PUPPET_COLLECTION=puppet6 + # - TASK=beaker:ubuntu-server-2004-x64:acceptance[7.8.0] - stage: snapshots env: - TASK=beaker:ubuntu-server-1404-x64:snapshot diff --git a/manifests/config.pp b/manifests/config.pp index 3c808bdb9..dffda9f28 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -42,12 +42,13 @@ $elasticsearch::datadir: ensure => 'directory', group => $elasticsearch::elasticsearch_group, - owner => $elasticsearch::elasticsearch_user; + owner => $elasticsearch::elasticsearch_user, + mode => '2750'; $elasticsearch::logdir: ensure => 'directory', group => $elasticsearch::elasticsearch_group, owner => $elasticsearch::elasticsearch_user, - mode => '0750'; + mode => '2750'; $elasticsearch::real_plugindir: ensure => 'directory', group => $elasticsearch::elasticsearch_group, @@ -60,60 +61,19 @@ recurse => true; } - if $elasticsearch::pid_dir { - file { $elasticsearch::pid_dir: - ensure => 'directory', - group => undef, - owner => $elasticsearch::elasticsearch_user, - recurse => true, - } - - if ($elasticsearch::service_provider == 'systemd') { - $group = $elasticsearch::elasticsearch_group - $user = $elasticsearch::elasticsearch_user - $pid_dir = $elasticsearch::pid_dir - - file { '/usr/lib/tmpfiles.d/elasticsearch.conf': - ensure => 'file', - content => template("${module_name}/usr/lib/tmpfiles.d/elasticsearch.conf.erb"), - group => '0', - owner => 'root', - } - } - } - - if $elasticsearch::defaults_location { - augeas { "${elasticsearch::defaults_location}/elasticsearch": - incl => "${elasticsearch::defaults_location}/elasticsearch", - lens => 'Shellvars.lns', - changes => [ - 'rm CONF_FILE', - 'rm CONF_DIR', - 'rm ES_PATH_CONF', - ], - } - - file { "${elasticsearch::defaults_location}/elasticsearch": - ensure => 'file', - group => $elasticsearch::elasticsearch_group, - owner => $elasticsearch::elasticsearch_user, - mode => '0640'; - } - } - # Defaults file, either from file source or from hash to augeas commands if ($elasticsearch::init_defaults_file != undef) { file { "${elasticsearch::defaults_location}/elasticsearch": ensure => $elasticsearch::ensure, source => $elasticsearch::init_defaults_file, owner => 'root', - group => '0', - mode => '0644', + group => $elasticsearch::elasticsearch_group, + mode => '0660', before => Service['elasticsearch'], notify => $elasticsearch::_notify_service, } } else { - augeas { 'init_defaults': + augeas { "${elasticsearch::defaults_location}/elasticsearch": incl => "${elasticsearch::defaults_location}/elasticsearch", lens => 'Shellvars.lns', changes => template("${module_name}/etc/sysconfig/defaults.erb"), @@ -137,11 +97,24 @@ $_keystore_path = $elasticsearch::keystore_path } - $_tls_config = { - 'xpack.security.transport.ssl.enabled' => true, - 'xpack.security.http.ssl.enabled' => true, - 'xpack.ssl.keystore.path' => $_keystore_path, - 'xpack.ssl.keystore.password' => $elasticsearch::keystore_password, + # Set the correct xpack. settings based on ES version + if (versioncmp($elasticsearch::version, '7') >= 0) { + $_tls_config = { + 'xpack.security.http.ssl.enabled' => true, + 'xpack.security.http.ssl.keystore.path' => $_keystore_path, + 'xpack.security.http.ssl.keystore.password' => $elasticsearch::keystore_password, + 'xpack.security.transport.ssl.enabled' => true, + 'xpack.security.transport.ssl.keystore.path' => $_keystore_path, + 'xpack.security.transport.ssl.keystore.password' => $elasticsearch::keystore_password, + } + } + else { + $_tls_config = { + 'xpack.security.transport.ssl.enabled' => true, + 'xpack.security.http.ssl.enabled' => true, + 'xpack.ssl.keystore.path' => $_keystore_path, + 'xpack.ssl.keystore.password' => $elasticsearch::keystore_password, + } } # Trust CA Certificate diff --git a/spec/acceptance/nodesets/ubuntu-server-2004-x64.yml b/spec/acceptance/nodesets/ubuntu-server-2004-x64.yml new file mode 100644 index 000000000..c0b13f522 --- /dev/null +++ b/spec/acceptance/nodesets/ubuntu-server-2004-x64.yml @@ -0,0 +1,17 @@ +HOSTS: + ubuntu-20-04: + roles: + - agent + - master + - database + - dashboard + platform: ubuntu-20.04-amd64 + image: ubuntu:20.04 + hypervisor: docker + docker_cmd: ["/sbin/init"] + docker_preserve_image: true + docker_image_commands: + - apt-get update + - apt-get install -yq libssl-dev apt-transport-https openjdk-8-jdk iproute2 +CONFIG: + log_level: warn diff --git a/spec/classes/000_elasticsearch_init_spec.rb b/spec/classes/000_elasticsearch_init_spec.rb index 823c78731..c37fe5eb4 100644 --- a/spec/classes/000_elasticsearch_init_spec.rb +++ b/spec/classes/000_elasticsearch_init_spec.rb @@ -58,14 +58,6 @@ # Varies depending on distro it { should contain_augeas("#{defaults_path}/elasticsearch") } - it do - should contain_file("#{defaults_path}/elasticsearch").with( - :ensure => 'file', - :group => 'elasticsearch', - :owner => 'elasticsearch', - :mode => '0640' - ) - end # Systemd-specific files if test_pid == true @@ -73,7 +65,6 @@ :ensure => 'running', :enable => true ) } - it { should contain_file('/usr/lib/tmpfiles.d/elasticsearch.conf') } end context 'java installation' do @@ -226,8 +217,15 @@ .with(:ensure => 'purged') } end + it { should contain_service('elasticsearch') + .with( + :ensure => 'stopped', + :enable => 'false' + ) } it { should contain_file('/usr/share/elasticsearch/plugins') .with(:ensure => 'absent') } + it { should contain_file("#{defaults_path}/elasticsearch") + .with(:ensure => 'absent') } end context 'When managing the repository' do @@ -335,8 +333,6 @@ .with(:owner => 'myesuser', :group => 'myesgroup') } it { should contain_file('/var/lib/elasticsearch') .with(:owner => 'myesuser', :group => 'myesgroup') } - it { should contain_file('/var/run/elasticsearch') - .with(:owner => 'myesuser') if facts[:os]['family'] == 'RedHat' } end describe 'setting jvm_options' do diff --git a/spec/classes/001_hiera_spec.rb b/spec/classes/001_hiera_spec.rb index b16df2cb5..e7ad80abc 100644 --- a/spec/classes/001_hiera_spec.rb +++ b/spec/classes/001_hiera_spec.rb @@ -49,7 +49,7 @@ context 'config' do let(:facts) { facts.merge(:scenario => 'singleinstance') } - it { should contain_augeas('init_defaults') } + it { should contain_augeas('/etc/sysconfig/elasticsearch') } it { should contain_file('/etc/elasticsearch/elasticsearch.yml') } it { should contain_datacat('/etc/elasticsearch/elasticsearch.yml') } it { should contain_datacat_fragment('main_config') } diff --git a/spec/defines/004_elasticsearch_plugin_spec.rb b/spec/defines/004_elasticsearch_plugin_spec.rb index 5d8cac65e..48a99af24 100644 --- a/spec/defines/004_elasticsearch_plugin_spec.rb +++ b/spec/defines/004_elasticsearch_plugin_spec.rb @@ -161,7 +161,7 @@ class { "elasticsearch": 'Service[elasticsearch]' )} - include_examples 'class', 'es-plugin', :sysv + include_examples('class') end context 'restart_plugin_change set to false (default)' do @@ -179,7 +179,7 @@ class { "elasticsearch": 'Service[elasticsearch]' )} - include_examples 'class', 'es-plugin', :sysv + include_examples('class') end context 'restart_plugin_change set to true' do @@ -197,7 +197,7 @@ class { "elasticsearch": 'Service[elasticsearch]' )} - include_examples 'class', 'es-plugin', :sysv + include_examples('class') end end @@ -294,7 +294,7 @@ class { 'elasticsearch': } 'Class[elasticsearch::config]' )} - include_examples 'class', :sysv + include_examples('class') end end end diff --git a/spec/fixtures/templates/post_6.0.json b/spec/fixtures/templates/6.x.json similarity index 99% rename from spec/fixtures/templates/post_6.0.json rename to spec/fixtures/templates/6.x.json index e118ec181..e1f9ba10c 100644 --- a/spec/fixtures/templates/post_6.0.json +++ b/spec/fixtures/templates/6.x.json @@ -56,4 +56,4 @@ } } } -} +} \ No newline at end of file diff --git a/spec/fixtures/templates/7.x.json b/spec/fixtures/templates/7.x.json new file mode 100644 index 000000000..54569e0f4 --- /dev/null +++ b/spec/fixtures/templates/7.x.json @@ -0,0 +1,42 @@ +{ + "index_patterns": [ "logstash-*" ], + "version": 123, + "settings": { + "index": { + "refresh_interval": "5s", + "analysis": { + "analyzer": { + "default": { + "type": "standard", + "stopwords": "_none_" + } + } + } + } + }, + "mappings": { + "dynamic_templates": [ + { + "string_fields": { + "match": "*", + "match_mapping_type": "string", + "mapping": { + "type": "multi_field", + "fields": { + "{name}": { + "type": "text", + "index": "analyzed", + "omit_norms": true + }, + "raw": { + "type ": "text", + "index": "not_analyzed", + "ignore_above": 256 + } + } + } + } + } + ] + } +} \ No newline at end of file diff --git a/spec/fixtures/templates/post_8.0.json b/spec/fixtures/templates/post_8.0.json index db8c484db..91cade100 100644 --- a/spec/fixtures/templates/post_8.0.json +++ b/spec/fixtures/templates/post_8.0.json @@ -1,57 +1,30 @@ { - "index_patterns": [ "logstash-*" ], - "version": 123, - "settings": { - "index": { - "refresh_interval": "5s", - "analysis": { - "analyzer": { - "default": { - "type": "standard", - "stopwords": "_none_" - } - } - } - } - }, - "mappings": { - "dynamic_templates": [ - { - "string_fields": { - "match": "*", - "match_mapping_type": "string", - "mapping": { - "type": "multi_field", - "fields": { - "{name}": { - "type": "text", - "index": "analyzed", - "omit_norms": true - }, - "raw": { - "type ": "text", - "index": "not_analyzed", - "ignore_above": 256 - } - } - } - } - } - ], - "properties": { - "@version": { - "type": "text", - "index": false + "index_patterns": ["te*", "bar*"], + "template": { + "settings": { + "number_of_shards": 1 + }, + "mappings": { + "_source": { + "enabled": false }, - "geoip": { - "type": "object", - "dynamic": true, - "properties": { - "location": { - "type": "geo_point" - } + "properties": { + "host_name": { + "type": "keyword" + }, + "created_at": { + "type": "date", + "format": "EEE MMM dd HH:mm:ss Z yyyy" } } + }, + "aliases": { + "mydata": { } } + }, + "priority": 10, + "version": 3, + "_meta": { + "description": "my custom" } -} +} \ No newline at end of file diff --git a/spec/fixtures/templates/pre_6.0.json b/spec/fixtures/templates/pre_6.0.json deleted file mode 100644 index 38a237986..000000000 --- a/spec/fixtures/templates/pre_6.0.json +++ /dev/null @@ -1,61 +0,0 @@ -{ - "template": "logstash-*", - "settings": { - "index": { - "refresh_interval": "5s", - "analysis": { - "analyzer": { - "default": { - "type": "standard", - "stopwords": "_none_" - } - } - } - } - }, - "mappings": { - "_default_": { - "_all": { - "enabled": true - }, - "dynamic_templates": [ - { - "string_fields": { - "match": "*", - "match_mapping_type": "string", - "mapping": { - "type": "multi_field", - "fields": { - "{name}": { - "type": "string", - "index": "analyzed", - "omit_norms": true - }, - "raw": { - "type ": "string", - "index": "not_analyzed", - "ignore_above": 256 - } - } - } - } - } - ], - "properties": { - "@version": { - "type": "string", - "index": "not_analyzed" - }, - "geoip": { - "type": "object", - "dynamic": true, - "properties": { - "location": { - "type": "geo_point" - } - } - } - } - } - } -} diff --git a/spec/helpers/class_shared_examples.rb b/spec/helpers/class_shared_examples.rb index 701de973f..c7d631a8b 100644 --- a/spec/helpers/class_shared_examples.rb +++ b/spec/helpers/class_shared_examples.rb @@ -1,19 +1,8 @@ -shared_examples 'class' do |init| +shared_examples 'class' do it { should compile.with_all_deps } - it { should contain_augeas('init_defaults') } + it { should contain_augeas('/etc/sysconfig/elasticsearch') } it { should contain_file('/etc/elasticsearch/elasticsearch.yml') } it { should contain_datacat('/etc/elasticsearch/elasticsearch.yml') } it { should contain_datacat_fragment('main_config') } it { should contain_service('elasticsearch') } - - case init - when :sysv - # it { should contain_elasticsearch__service__init(name) } - # it { should contain_elasticsearch_service_file("/etc/init.d/elasticsearch-#{name}") } - # it { should contain_file('/etc/init.d/elasticsearch') } - when :systemd - # it { should contain_elasticsearch__service__systemd(name) } - # it { should contain_file('/lib/systemd/system/elasticsearch.service') } - # it { should contain_exec('systemd_reload') } - end end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index e22289a7c..3f1c49bd6 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -36,12 +36,12 @@ v[:elasticsearch_full_version] = ENV['ELASTICSEARCH_VERSION'] || v[:snapshot_version] v[:elasticsearch_major_version] = v[:elasticsearch_full_version].split('.').first.to_i v[:elasticsearch_package] = {} - v[:template] = if v[:elasticsearch_major_version] < 6 - JSON.load(File.new('spec/fixtures/templates/pre_6.0.json')) + v[:template] = if v[:elasticsearch_major_version] == 6 + JSON.load(File.new('spec/fixtures/templates/6.x.json')) elsif v[:elasticsearch_major_version] >= 8 JSON.load(File.new('spec/fixtures/templates/post_8.0.json')) else - JSON.load(File.new('spec/fixtures/templates/post_6.0.json')) + JSON.load(File.new('spec/fixtures/templates/7.x.json')) end v[:template] = Puppet_X::Elastic.deep_to_i(Puppet_X::Elastic.deep_to_s(v[:template])) v[:pipeline] = JSON.load(File.new('spec/fixtures/pipelines/example.json')) @@ -107,7 +107,11 @@ class { 'elasticsearch': c.before :context, :with_license do Vault.address = ENV['VAULT_ADDR'] - Vault.auth.approle ENV['VAULT_APPROLE_ROLE_ID'], ENV['VAULT_APPROLE_SECRET_ID'] + if ENV['CI'] + Vault.auth.approle(ENV['VAULT_APPROLE_ROLE_ID'], ENV['VAULT_APPROLE_SECRET_ID']) + else + Vault.auth.token(ENV['VAULT_TOKEN']) + end licenses = Vault.with_retries(Vault::HTTPConnectionError) do Vault.logical.read(ENV['VAULT_PATH']) end.data @@ -115,10 +119,10 @@ class { 'elasticsearch': raise 'No license found!' unless licenses license = case v[:elasticsearch_major_version] - when 2 - licenses[:v2] - else + when 6 licenses[:v5] + else + licenses[:v7] end create_remote_file hosts, '/tmp/license.json', license v[:elasticsearch_license_path] = '/tmp/license.json' diff --git a/spec/spec_utilities.rb b/spec/spec_utilities.rb index 03568eb66..489bd6a90 100644 --- a/spec/spec_utilities.rb +++ b/spec/spec_utilities.rb @@ -39,10 +39,12 @@ def derive_artifact_urls_for(full_version, plugins = ['analysis-icu']) def derive_full_package_url(full_version, extensions = %w[deb rpm]) extensions.map do |ext| - url = if full_version.start_with? '2' - "https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-#{full_version}.#{ext}" - else + url = if full_version.start_with? '6' "https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-#{full_version}.#{ext}" + elsif ext == 'deb' + "https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-#{full_version}-amd64.#{ext}" + else + "https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-#{full_version}-x86_64.#{ext}" end [url, File.basename(url)] end.to_h @@ -50,11 +52,7 @@ def derive_full_package_url(full_version, extensions = %w[deb rpm]) def derive_plugin_urls_for(full_version, plugins = ['analysis-icu']) plugins.map do |plugin| - url = if full_version.start_with? '2' - "https://download.elasticsearch.org/elasticsearch/release/org/elasticsearch/plugin/#{plugin}/#{full_version}/#{plugin}-#{full_version}.zip" - else - "https://artifacts.elastic.co/downloads/elasticsearch-plugins/#{plugin}/#{plugin}-#{full_version}.zip" - end + url = "https://artifacts.elastic.co/downloads/elasticsearch-plugins/#{plugin}/#{plugin}-#{full_version}.zip" [url, File.join('plugins', File.basename(url))] end.to_h end @@ -106,9 +104,13 @@ def pid_file end def vault_available? - %w[VAULT_ADDR VAULT_APPROLE_ROLE_ID VAULT_APPROLE_SECRET_ID VAULT_PATH].select do |var| - ENV[var].nil? - end.empty? + if ENV['CI'] + %w[VAULT_ADDR VAULT_APPROLE_ROLE_ID VAULT_APPROLE_SECRET_ID VAULT_PATH].select do |var| + ENV[var].nil? + end.empty? + else + true + end end def http_retry(url) diff --git a/spec/unit/type/elasticsearch_template_spec.rb b/spec/unit/type/elasticsearch_template_spec.rb index 0d50347a5..abeabf0e3 100644 --- a/spec/unit/type/elasticsearch_template_spec.rb +++ b/spec/unit/type/elasticsearch_template_spec.rb @@ -115,7 +115,7 @@ def deep_stringify(obj) obj.to_s end end - json = JSON.parse(File.read('spec/fixtures/templates/post_6.0.json')) + json = JSON.parse(File.read('spec/fixtures/templates/6.x.json')) is_template = described_class.new( :name => resource_name,