Skip to content

Commit d0f2c2b

Browse files
author
Tobias Bauriedel
committed
outsource classes
1 parent b1fd58c commit d0f2c2b

File tree

10 files changed

+299
-163
lines changed

10 files changed

+299
-163
lines changed

.github/workflows/test_elasticsearch_modules.yml

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,63 @@
1+
---
2+
name: Test Elasticsearch modules
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
logLevel:
7+
description: 'Log level'
8+
required: true
9+
default: 'warning'
10+
type: choice
11+
options:
12+
- info
13+
- warning
14+
- debug
15+
pull_request:
16+
paths:
17+
- '.github/workflows/test_elasticsearch_modules.yml'
18+
- 'molecule/elasticsearch_test_modules/*'
19+
20+
jobs:
21+
molecule_elasticsearch_modules:
22+
runs-on: ubuntu-latest
23+
24+
env:
25+
COLLECTION_NAMESPACE: netways
26+
COLLECTION_NAME: elasticstack
27+
28+
strategy:
29+
fail-fast: false
30+
matrix:
31+
distro: [ubuntu2204]
32+
scenario:
33+
- elasticsearch_test_modules
34+
release:
35+
- 8
36+
37+
steps:
38+
- name: Check out code
39+
uses: actions/checkout@v4
40+
41+
- name: Set up Python 3.8
42+
uses: actions/setup-python@v5
43+
with:
44+
python-version: 3.8
45+
46+
- name: Install dependencies
47+
run: |
48+
python3 -m pip install --upgrade pip
49+
python3 -m pip install -r requirements-test.txt
50+
51+
- name: Install collection
52+
run: |
53+
mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE
54+
cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME
55+
56+
- name: Test with molecule
57+
run: |
58+
molecule test -s ${{ matrix.scenario }}
59+
env:
60+
MOLECULE_DISTRO: ${{ matrix.distro }}
61+
PY_COLORS: '1'
62+
ANSIBLE_FORCE_COLOR: '1'
63+
ELASTIC_RELEASE: ${{ matrix.release }}

docs/module-elasticsearch_role.md

Lines changed: 21 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,9 +29,28 @@ Module arguments
2929
Example usage
3030
---
3131
```
32-
- name: Create elasticsearch role 'new-role'
32+
- name: Create elasticsearch role 'new-role1'
3333
netways.elasticstack.elasticsearch_role:
34-
name: new-role
34+
name: new-role1
35+
cluster:
36+
- manage_own_api_key
37+
- delegate_pki
38+
indicies:
39+
- names:
40+
- default01
41+
privileges:
42+
- read
43+
- write
44+
state: present
45+
host: https://localhost:9200
46+
auth_user: elastic
47+
auth_pass: changeMe123!
48+
verify_certs: true
49+
ca_certs: /etc/elasticsearch/certs/http_ca.crt
50+
51+
- name: Create elasticsearch role 'new-role2'
52+
netways.elasticstack.elasticsearch_role:
53+
name: new-role2
3554
cluster:
3655
- manage_own_api_key
3756
- delegate_pki

docs/module-elasticsearch_user.md

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -30,12 +30,29 @@ Module arguments
3030
Example usage
3131
---
3232
```
33-
- name: Create elasticsearch user 'new-user'
33+
- name: Create elasticsearch user 'new-user1'
3434
netways.elasticstack.elasticsearch_user:
35-
name: new-user
36-
fullname: New User
35+
name: new-user1
36+
fullname: New User 1
3737
password: changeMe321!
38-
email: new@user.de
38+
email: new1@user.de
39+
roles:
40+
- new-role
41+
- logstash-writer
42+
enabled: true
43+
state: present
44+
host: https://localhost:9200
45+
auth_user: elastic
46+
auth_pass: changeMe123!
47+
verify_certs: true
48+
ca_certs: /etc/elasticsearch/certs/http_ca.crt
49+
50+
- name: Create elasticsearch user 'new-user2'
51+
netways.elasticstack.elasticsearch_user:
52+
name: new-user2
53+
fullname: New User 2
54+
password: changeMe321!
55+
email: new2@user.de
3956
roles:
4057
- new-role
4158
- logstash-writer

molecule/elasticsearch_test_modules/converge.yml

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
elasticstack_full_stack: false
1111
elasticsearch_jna_workaround: true
1212
elasticsearch_disable_systemcallfilterchecks: true
13-
elasticstack_release: 8
13+
elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}"
1414
elasticsearch_heap: "1"
1515
elasticstack_no_log: false
1616
tasks:
@@ -46,7 +46,6 @@
4646
auth_user: elastic
4747
auth_pass: "{{ elasticstack_password.stdout }}"
4848
verify_certs: false
49-
#ca_certs: /etc/elasticsearch/certs/http_ca.crt
5049

5150
- name: Create elasticsearch user 'new-user'
5251
netways.elasticstack.elasticsearch_user:
@@ -63,4 +62,4 @@
6362
auth_user: elastic
6463
auth_pass: "{{ elasticstack_password.stdout }}"
6564
verify_certs: false
66-
#ca_certs: /etc/elasticsearch/certs/http_ca.crt
65+
ca_certs: /etc/elasticsearch/certs/http_ca.crt

molecule/elasticsearch_test_modules/molecule.yml

Lines changed: 1 addition & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ dependency:
66
driver:
77
name: docker
88
platforms:
9-
- name: elasticsearch_default1
9+
- name: elasticsearch_default
1010
groups:
1111
- elasticsearch
1212
image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian11}-ansible:latest"
@@ -16,16 +16,6 @@ platforms:
1616
cgroupns_mode: host
1717
privileged: true
1818
pre_build_image: true
19-
#- name: elasticsearch_default2
20-
# groups:
21-
# - elasticsearch
22-
# image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian11}-ansible:latest"
23-
# command: ${MOLECULE_DOCKER_COMMAND:-""}
24-
# volumes:
25-
# - /sys/fs/cgroup:/sys/fs/cgroup:rw
26-
# cgroupns_mode: host
27-
# privileged: true
28-
# pre_build_image: true
2919
provisioner:
3020
name: ansible
3121
env:

plugins/module_utils/api.py

Lines changed: 6 additions & 140 deletions
Original file line numberDiff line numberDiff line change
@@ -7,143 +7,9 @@
77
from elasticsearch import Elasticsearch
88
import ssl
99

10-
def new_client_basic_auth(host, auth_user, auth_pass, ca_certs, verify_certs) -> Elasticsearch:
11-
ctx = ssl.create_default_context(cafile=ca_certs)
12-
ctx.check_hostname = False
13-
ctx.verify_mode = False
14-
return Elasticsearch(hosts=[host], basic_auth=(auth_user, auth_pass), ssl_context=ctx, verify_certs=verify_certs)
15-
16-
17-
class Role():
18-
def __init__(self, result, role_name, cluster, indicies, state, host, auth_user, auth_pass, verify_certs, ca_certs):
19-
self.role_name = role_name
20-
self.cluster = cluster
21-
self.indicies = indicies
22-
self.state = state
23-
self.result = result
24-
25-
self.client = new_client_basic_auth(host=host, auth_user=auth_user, auth_pass=auth_pass, verify_certs=verify_certs, ca_certs=ca_certs)
26-
27-
self.handle()
28-
29-
30-
def return_result(self) -> dict:
31-
return self.result
32-
33-
34-
def handle(self):
35-
all_roles = self.get_all()
36-
37-
if self.state == 'absent':
38-
if self.role_name in all_roles:
39-
res = self.delete()
40-
if res['found'] == True:
41-
self.result['changed'] = True
42-
self.result['msg'] = self.role_name + " has been deleted"
43-
return
44-
45-
elif self.state == 'present':
46-
if self.role_name in all_roles.raw:
47-
pre_role = self.get()
48-
else:
49-
pre_role = None
50-
51-
res = self.put()
52-
53-
if res.raw['role']['created'] == True:
54-
self.result['changed'] = True
55-
self.result['msg'] = self.role_name + " has been created"
56-
return
57-
58-
if pre_role != None:
59-
if pre_role.raw != self.get().raw:
60-
self.result['changed'] = True
61-
self.result['msg'] = self.role_name + " has been updated"
62-
return
63-
64-
return
65-
66-
67-
def get_all(self):
68-
return self.client.security.get_role()
69-
70-
71-
def get(self):
72-
return self.client.security.get_role(name=self.role_name)
73-
74-
75-
def put(self):
76-
return self.client.security.put_role(name=self.role_name, cluster=self.cluster, indices=self.indicies)
77-
78-
79-
def delete(self):
80-
return self.client.security.delete_role(name=self.role_name)
81-
82-
83-
class User():
84-
def __init__(self, result, user_name, full_name, password, email, roles, enabled, state, host, auth_user, auth_pass, verify_certs, ca_certs):
85-
self.user_name = user_name
86-
self.full_name = full_name
87-
self.password = password
88-
self.email = email
89-
self.roles = roles
90-
self.enabled = enabled
91-
self.state = state
92-
self.result = result
93-
94-
self.client = new_client_basic_auth(host=host, auth_user=auth_user, auth_pass=auth_pass, ca_certs=ca_certs, verify_certs=verify_certs)
95-
96-
self.handle()
97-
98-
99-
def return_result(self) -> dict:
100-
return self.result
101-
102-
103-
def handle(self):
104-
all_users = self.get_all()
105-
106-
if self.state == 'absent':
107-
if self.user_name in all_users:
108-
res = self.delete()
109-
if res['found'] == True:
110-
self.result['changed'] = True
111-
self.result['msg'] = self.user_name + " has been deleted"
112-
return
113-
114-
elif self.state == 'present':
115-
if self.user_name in all_users.raw:
116-
pre_user = self.get()
117-
else:
118-
pre_user = None
119-
120-
res = self.put()
121-
122-
if res.raw['created'] == True:
123-
self.result['changed'] = True
124-
self.result['msg'] = self.user_name + " has been created"
125-
return
126-
127-
if pre_user != None:
128-
if pre_user.raw != self.get().raw:
129-
self.result['changed'] = True
130-
self.result['msg'] = self.user_name + " has beed updated"
131-
return
132-
133-
return
134-
135-
136-
def get_all(self):
137-
return self.client.security.get_user()
138-
139-
140-
def get(self):
141-
return self.client.security.get_user(username=self.user_name)
142-
143-
144-
def put(self):
145-
return self.client.security.put_user(username=self.user_name, password=self.password, email=self.email, full_name=self.full_name, enabled=self.enabled, roles=self.roles)
146-
147-
148-
def delete(self):
149-
return self.client.security.delete_user(username=self.user_name)
10+
class Api():
11+
def new_client_basic_auth(host, auth_user, auth_pass, ca_certs, verify_certs) -> Elasticsearch:
12+
ctx = ssl.create_default_context(cafile=ca_certs)
13+
ctx.check_hostname = False
14+
ctx.verify_mode = False
15+
return Elasticsearch(hosts=[host], basic_auth=(auth_user, auth_pass), ssl_context=ctx, verify_certs=verify_certs)

0 commit comments

Comments
 (0)