Minor changes for release 1.0.0

.github/workflows/test_role_beats.yml

@@ -9,9 +9,9 @@ on:
         default: 'warning'
         type: choice
         options:
-        - info
-        - warning
-        - debug
+          - info
+          - warning
+          - debug
   push:
     branches:
       - 'feature/**'

.github/workflows/test_role_elasticsearch.yml

@@ -9,9 +9,9 @@ on:
         default: 'warning'
         type: choice
         options:
-        - info
-        - warning
-        - debug
+          - info
+          - warning
+          - debug
   push:
     branches:
       - 'feature/**'

.github/workflows/test_role_kibana.yml

@@ -9,9 +9,9 @@ on:
         default: 'warning'
         type: choice
         options:
-        - info
-        - warning
-        - debug
+          - info
+          - warning
+          - debug
   push:
     branches:
       - 'feature/**'

README.md

@@ -1,5 +1,7 @@
 # Ansible Collection - netways.elasticstack
 
+[![Test ElasticStack](https://github.com/NETWAYS/ansible-collection-elasticstack/actions/workflows/test_full_stack.yml/badge.svg)](https://github.com/NETWAYS/ansible-collection-elasticstack/actions/workflows/test_full_stack.yml)
+
 This collection installs and manages the Elastic Stack. It provides roles every component which is part of the Stack. Furthermore it is possible to differentiate between Enterprise or OSS releases. Every role is documented with all variables, please refer to the documentation found in **[Getting-Started](./docs/getting-started.md)**
 
 ## Roles Documentation
@@ -117,3 +119,15 @@ The execution order of the roles is important! (see below)
     - kibana
     - beats
 ```
+
+## Contributing
+
+Every kind of contribution is very welcome. Open [issues](https://github.com/NETWAYS/ansible-collection-elasticstack/issues) or provide [pull requests](https://github.com/NETWAYS/ansible-collection-elasticstack/pulls).
+
+Please note that we have some actions bound to specific names of branches. So please stick to the following naming scheme:
+
+* `fix/` as a prefix for every branch that fixes a problem
+* `feature/` for every branch that enhances the code with new features
+* `doc/` as a prefix for every branch that only changes documentation
+
+For now we open pull requests against `main`. We are planning to introduce dedicated branches to support older versions without breaking changes. Since we don't need them for now, please check back with this section because when we decided on how to proceed, you will find the information here. For now `main` always has the newest changes and if you want a stable version, please use the newest release.

molecule/beats_peculiar/verify.yml

@@ -5,24 +5,24 @@
   vars:
     elastic_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}"
   tasks:
-  - name: fetch Filebeat version
-    command: "filebeat version | grep ^filebeat"
-    register: filebeat_version
+    - name: fetch Filebeat version
+      command: "filebeat version | grep ^filebeat"
+      register: filebeat_version
 
-  - name: DEBUG show filebeat version output
-    debug:
-      var: filebeat_version.stdout
+    - name: DEBUG show filebeat version output
+      debug:
+        var: filebeat_version.stdout
 
-  - name: Fail if Filebeat has the wrong version
-    fail:
-      msg: "Filebeat has the wrong version"
-    when:
-      - filebeat_version.stdout.find('7.17.1') == -1
-      - elastic_release == 7
+    - name: Fail if Filebeat has the wrong version
+      fail:
+        msg: "Filebeat has the wrong version"
+      when:
+        - filebeat_version.stdout.find('7.17.1') == -1
+        - elastic_release == 7
 
-  - name: Fail if Filebeat has the wrong version
-    fail:
-      msg: "Filebeat has the wrong version"
-    when:
-      - filebeat_version.stdout.find('8.4.1') == -1
-      - elastic_release == 8
+    - name: Fail if Filebeat has the wrong version
+      fail:
+        msg: "Filebeat has the wrong version"
+      when:
+        - filebeat_version.stdout.find('8.4.1') == -1
+        - elastic_release == 8

molecule/elasticsearch_cluster/verify.yml

@@ -8,48 +8,48 @@
     elastic_elasticsearch_http_port: 9200
   tasks:
 
-  - name: Set elasticsearch_ca variable if not already done by user
-    set_fact:
-      elasticsearch_ca: "{{ groups['elasticsearch'][0] }}"
-    when: elasticsearch_ca is undefined
+    - name: Set elasticsearch_ca variable if not already done by user
+      set_fact:
+        elasticsearch_ca: "{{ groups['elasticsearch'][0] }}"
+      when: elasticsearch_ca is undefined
 
-  - name: Fetch Elastic password
-    shell: grep "PASSWORD elastic" {{ elastic_initial_passwords }} | awk {' print $4 '}
-    register: elastic_password
-    changed_when: false
-    delegate_to: "{{ elasticsearch_ca }}"
+    - name: Fetch Elastic password
+      shell: grep "PASSWORD elastic" {{ elastic_initial_passwords }} | awk {' print $4 '}
+      register: elastic_password
+      changed_when: false
+      delegate_to: "{{ elasticsearch_ca }}"
 
-  - name: Health check
-    uri:
-      url: https://localhost:{{ elastic_elasticsearch_http_port }}/_cluster/health
-      method: GET
-      force_basic_auth: yes
-      user: elastic
-      password: "{{ elastic_password.stdout }}"
-      return_content: yes
-      status_code: 200
-      validate_certs: false
-    register: result
-    until: result.json.status == "green"
-    retries: 6
-    delay: 10
+    - name: Health check
+      uri:
+        url: https://localhost:{{ elastic_elasticsearch_http_port }}/_cluster/health
+        method: GET
+        force_basic_auth: yes
+        user: elastic
+        password: "{{ elastic_password.stdout }}"
+        return_content: yes
+        status_code: 200
+        validate_certs: false
+      register: result
+      until: result.json.status == "green"
+      retries: 6
+      delay: 10
 
-  - name: Node check
-    uri:
-      url: https://localhost:{{ elastic_elasticsearch_http_port }}/_cat/nodes
-      method: GET
-      force_basic_auth: yes
-      user: elastic
-      password: "{{ elastic_password.stdout }}"
-      return_content: yes
-      status_code: 200
-      validate_certs: false
-    register: nodes
+    - name: Node check
+      uri:
+        url: https://localhost:{{ elastic_elasticsearch_http_port }}/_cat/nodes
+        method: GET
+        force_basic_auth: yes
+        user: elastic
+        password: "{{ elastic_password.stdout }}"
+        return_content: yes
+        status_code: 200
+        validate_certs: false
+      register: nodes
 
-  - name: Check if all Nodes see each other
-    ansible.builtin.assert:
-      that:
-        - "'{{ item }}' in nodes.content"
-      fail_msg: "'{{ item }}' was not found in nodes.content"
-      success_msg: "'{{ item }}' was found in nodes.content"
-    with_inventory_hostnames: all
+    - name: Check if all Nodes see each other
+      ansible.builtin.assert:
+        that:
+          - "'{{ item }}' in nodes.content"
+        fail_msg: "'{{ item }}' was not found in nodes.content"
+        success_msg: "'{{ item }}' was found in nodes.content"
+      with_inventory_hostnames: all

molecule/elasticsearch_no-security/verify.yml

@@ -3,34 +3,36 @@
 
 - name: Verify
   hosts: all
+  vars:
+    elastic_elasticsearch_http_port: 9200
   tasks:
 
 # Remember, this is the no-security scenario. So no https
-  - name: Health check
-    uri:
-      url: http://localhost:{{ elastic_elasticsearch_http_port }}/_cluster/health
-      method: GET
-      return_content: yes
-      status_code: 200
-      validate_certs: false
-    register: result
-    until: result.json.status == "green"
-    retries: 6
-    delay: 10
+    - name: Health check
+      uri:
+        url: http://localhost:{{ elastic_elasticsearch_http_port }}/_cluster/health
+        method: GET
+        return_content: yes
+        status_code: 200
+        validate_certs: false
+      register: result
+      until: result.json.status == "green"
+      retries: 6
+      delay: 10
 
-  - name: Node check
-    uri:
-      url: http://localhost:{{ elastic_elasticsearch_http_port }}/_cat/nodes
-      method: GET
-      return_content: yes
-      status_code: 200
-      validate_certs: false
-    register: nodes
+    - name: Node check
+      uri:
+        url: http://localhost:{{ elastic_elasticsearch_http_port }}/_cat/nodes
+        method: GET
+        return_content: yes
+        status_code: 200
+        validate_certs: false
+      register: nodes
 
-  - name: Check if all Nodes see each other
-    ansible.builtin.assert:
-      that:
-        - "'{{ item }}' in nodes.content"
-      fail_msg: "'{{ item }}' was not found in nodes.content"
-      success_msg: "'{{ item }}' was found in nodes.content"
-    with_inventory_hostnames: all
+    - name: Check if all Nodes see each other
+      ansible.builtin.assert:
+        that:
+          - "'{{ item }}' in nodes.content"
+        fail_msg: "'{{ item }}' was not found in nodes.content"
+        success_msg: "'{{ item }}' was found in nodes.content"
+      with_inventory_hostnames: all

molecule/kibana_full_stack/verify.yml

@@ -8,50 +8,51 @@
 
   tasks:
 
-  - name: Give some time for all services to connect
-    wait_for:
-      timeout: 120
-
-  - name: Kibana checks
-    when: "'kibana' in group_names"
-    block:
-
-      - name: fetch kibana.yml
-        command: cat /etc/kibana/kibana.yml
-        register: kibanayml
-
-      - name: Show kibana.yml
-        debug:
-          var: kibanayml.stdout_lines
-
-      - name: Check for Kibana port
-        wait_for:
-          port: 5601
-          timeout: 120
-
-      - name: fetch Elastic password
-        shell: grep "PASSWORD elastic " /usr/share/elasticsearch/initial_passwords | awk {' print $4 '}
-        register: elastic_password
-        changed_when: false
-        delegate_to: "{{ groups['elasticsearch'][0] }}"
-
-      - name: Connect to Elasticsearch
-        command: "curl -s --cacert /etc/kibana/certs/ca.crt -u elastic:{{ elastic_password.stdout }} https://{{ groups['elasticsearch'][0] }}:{{ elastic_elasticsearch_http_port }}/_cat/indices"
-
-      - name: Connect to Kibana
-        command: "curl -s -u elastic:{{ elastic_password.stdout }} http://{{ ansible_hostname }}:5601/api/status"
-        register: curl_out
-        failed_when:
-          - "'green' not in curl_out.stdout"
-          - "'Elasticsearch is available' not in curl_out.stdout"
-
-    # The following might be nicer but doesn't work
-    #- name: Connect to Kibana
-    #  uri:
-    #    url: http://ansible-role-kibana_full_stack:5601/api/status
-    #    user: elastic
-    #    password: "{{ elastic_password.stdout }}"
-    #    return_content: yes
-    #  register: kibana_status
-    #  #failed_when: "'"title": "Green"' not in kibana_status.content"
-    #  failed_when: "'Green' not in kibana_status.content"
+    - name: Give some time for all services to connect
+      wait_for:
+        timeout: 120
+
+    - name: Kibana checks
+      when: "'kibana' in group_names"
+      block:
+
+        - name: fetch kibana.yml
+          command: cat /etc/kibana/kibana.yml
+          register: kibanayml
+
+        - name: Show kibana.yml
+          debug:
+            var: kibanayml.stdout_lines
+
+        - name: Check for Kibana port
+          wait_for:
+            port: 5601
+            timeout: 120
+
+        - name: fetch Elastic password
+          shell: grep "PASSWORD elastic " /usr/share/elasticsearch/initial_passwords | awk {' print $4 '}
+          register: elastic_password
+          changed_when: false
+          delegate_to: "{{ groups['elasticsearch'][0] }}"
+
+        - name: Connect to Elasticsearch
+          command: "curl -s --cacert /etc/kibana/certs/ca.crt -u elastic:{{ elastic_password.stdout }} https://{{ groups['elasticsearch'][0] }}:{{ elastic_elasticsearch_http_port }}/_cat/indices"
+
+        - name: Connect to Kibana
+          command: "curl -s -u elastic:{{ elastic_password.stdout }} http://{{ ansible_hostname }}:5601/api/status"
+          register: curl_out
+          failed_when:
+            - "'green' not in curl_out.stdout"
+            - "'Elasticsearch is available' not in curl_out.stdout"
+
+      # The following might be nicer but doesn't work
+      # Needs more digging - just failed
+      #- name: Connect to Kibana
+      #  uri:
+      #    url: http://ansible-role-kibana_full_stack:5601/api/status
+      #    user: elastic
+      #    password: "{{ elastic_password.stdout }}"
+      #    return_content: yes
+      #  register: kibana_status
+      #  #failed_when: "'"title": "Green"' not in kibana_status.content"
+      #  failed_when: "'Green' not in kibana_status.content"

molecule/logstash_specific_version/verify.yml

@@ -5,21 +5,20 @@
   vars:
     elastic_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}"
   tasks:
-  - name: Run syntax check
-    command: "/usr/share/logstash/bin/logstash --version | grep ^logstash"
-    register: logstash_version
+    - name: Run syntax check
+      command: "/usr/share/logstash/bin/logstash --version | grep ^logstash"
+      register: logstash_version
 
-  - name: Fail if Logstash has the wrong version
-    fail:
-      msg: "Logstash has the wrong version"
-    when:
-      - logstash_version.stdout.find('7.17.1') == -1
-      - elastic_release == 7
-
-  - name: Fail if Logstash has the wrong version
-    fail:
-      msg: "Logstash has the wrong version"
-    when:
-      - logstash_version.stdout.find('8.4.1') == -1
-      - elastic_release == 8
+    - name: Fail if Logstash has the wrong version
+      fail:
+        msg: "Logstash has the wrong version"
+      when:
+        - logstash_version.stdout.find('7.17.1') == -1
+        - elastic_release == 7
 
+    - name: Fail if Logstash has the wrong version
+      fail:
+        msg: "Logstash has the wrong version"
+      when:
+        - logstash_version.stdout.find('8.4.1') == -1
+        - elastic_release == 8