From 2314527cf5e3d5b82303bc20d31a471196428e51 Mon Sep 17 00:00:00 2001 From: Afeef Ghannam Date: Wed, 25 Mar 2026 15:36:59 +0100 Subject: [PATCH 1/8] Test push --- test.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 test.md diff --git a/test.md b/test.md new file mode 100644 index 00000000..e69de29b From a6c719b2473937dacb259f1b47195293baf53dec Mon Sep 17 00:00:00 2001 From: Afeef Ghannam <39904920+afeefghannam89@users.noreply.github.com> Date: Thu, 26 Mar 2026 15:23:48 +0100 Subject: [PATCH 2/8] Stop pipeline when the PR is draft (#443) - Fix #432 - Add community collection install in lint workflow. It is needed for lint to work. - Separate the elastic OSS and no-security worlfows, because there is no elasticsearch-oss package release => 8. I know they are not wanted and will be removed through our big PR. Anyway we get better overview when we want to remove them and all pipelines will go this way through. --- .github/workflows/kics.yml | 1 + .github/workflows/test_full_stack.yml | 1 + .github/workflows/test_linting.yml | 4 ++ .github/workflows/test_plugins.yml | 1 + .github/workflows/test_role_beats.yml | 1 + .github/workflows/test_role_elasticsearch.yml | 54 ++++++++++++++++++- .github/workflows/test_role_kibana.yml | 1 + .github/workflows/test_role_logstash.yml | 52 +++++++++++++++++- .github/workflows/test_role_repos.yml | 1 + .github/workflows/test_roles_pr.yml | 2 + molecule/beats_default/molecule.yml | 2 + molecule/beats_peculiar/molecule.yml | 2 + .../converge.yml | 2 +- molecule/kibana_default/molecule.yml | 2 + .../logstash_full_stack-oss/requirements.yml | 1 + roles/elasticsearch/tasks/main.yml | 2 +- 16 files changed, 124 insertions(+), 5 deletions(-) diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 076d6dc6..4abe9e7e 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -21,6 +21,7 @@ on: - cron: '15 6 * * 4' jobs: kics: + if: github.event.pull_request.draft == false runs-on: ubuntu-latest steps: diff --git a/.github/workflows/test_full_stack.yml b/.github/workflows/test_full_stack.yml index c065a334..e1aafd9f 100644 --- a/.github/workflows/test_full_stack.yml +++ b/.github/workflows/test_full_stack.yml @@ -17,6 +17,7 @@ on: jobs: lint_full: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: '' diff --git a/.github/workflows/test_linting.yml b/.github/workflows/test_linting.yml index 91b56e40..b13fb8fb 100644 --- a/.github/workflows/test_linting.yml +++ b/.github/workflows/test_linting.yml @@ -38,6 +38,10 @@ jobs: python3 -m pip install --upgrade pip python3 -m pip install -r requirements-test.txt + - name: Install Ansible collections + run: | + ansible-galaxy collection install community.crypto community.general + - name: Lint code (yamllint). run: | yamllint . diff --git a/.github/workflows/test_plugins.yml b/.github/workflows/test_plugins.yml index 0045ca84..f3588839 100644 --- a/.github/workflows/test_plugins.yml +++ b/.github/workflows/test_plugins.yml @@ -23,6 +23,7 @@ on: jobs: sanity_ansible_18_19: + if: github.event.pull_request.draft == false runs-on: ubuntu-latest env: COLLECTION_NAMESPACE: netways diff --git a/.github/workflows/test_role_beats.yml b/.github/workflows/test_role_beats.yml index 13cd7dc4..1d93cd43 100644 --- a/.github/workflows/test_role_beats.yml +++ b/.github/workflows/test_role_beats.yml @@ -24,6 +24,7 @@ on: jobs: lint_beats: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: beats diff --git a/.github/workflows/test_role_elasticsearch.yml b/.github/workflows/test_role_elasticsearch.yml index 2ab6adf4..bfbd2406 100644 --- a/.github/workflows/test_role_elasticsearch.yml +++ b/.github/workflows/test_role_elasticsearch.yml @@ -24,6 +24,7 @@ on: jobs: lint_elasticsearch: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: elasticsearch @@ -44,8 +45,6 @@ jobs: scenario: - elasticsearch_default - elasticsearch_roles_calculation - - elasticsearch_cluster-oss - - elasticsearch_no-security release: - 7 - 8 @@ -83,3 +82,54 @@ jobs: ELASTIC_RELEASE: ${{ matrix.release }} PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' + + molecule_elasticsearch_release7: + needs: lint_elasticsearch + runs-on: ubuntu-latest + + env: + COLLECTION_NAMESPACE: netways + COLLECTION_NAME: elasticstack + + strategy: + fail-fast: false + matrix: + distro: + - ubuntu2204 + scenario: + - elasticsearch_cluster-oss # OSS variant discontinued in ES 8 + - elasticsearch_no-security # security mandatory in ES 8 + ansible_version: + - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 + python_version: + - "3.11" + steps: + - name: Check out code + uses: actions/checkout@v6 + + - name: Set up Python ${{ matrix.python_version }} + uses: actions/setup-python@v6 + with: + python-version: ${{ matrix.python_version }} + + - name: Install dependencies + run: | + python3 -m pip install --upgrade pip + python3 -m pip install "${{ matrix.ansible_version }}" + python3 -m pip install -r requirements-test.txt + + - name: Install collection + run: | + mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE + cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME + + - name: Test with molecule + run: | + ansible --version + molecule --version + molecule test -s ${{ matrix.scenario }} + env: + MOLECULE_DISTRO: ${{ matrix.distro }} + ELASTIC_RELEASE: "7" + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' diff --git a/.github/workflows/test_role_kibana.yml b/.github/workflows/test_role_kibana.yml index c36322c0..097fd48f 100644 --- a/.github/workflows/test_role_kibana.yml +++ b/.github/workflows/test_role_kibana.yml @@ -24,6 +24,7 @@ on: jobs: lint_kibana: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: kibana diff --git a/.github/workflows/test_role_logstash.yml b/.github/workflows/test_role_logstash.yml index 4eb2cbe4..ac10c62d 100644 --- a/.github/workflows/test_role_logstash.yml +++ b/.github/workflows/test_role_logstash.yml @@ -24,6 +24,7 @@ on: jobs: lint_logstash: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: logstash @@ -42,7 +43,6 @@ jobs: matrix: distro: [ubuntu2204] scenario: - - logstash_full_stack-oss - logstash_specific_version - logstash_pipelines release: @@ -83,3 +83,53 @@ jobs: PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' ELASTIC_RELEASE: ${{ matrix.release }} + + molecule_logstash_oss: + runs-on: ubuntu-latest + needs: lint_logstash + + env: + COLLECTION_NAMESPACE: netways + COLLECTION_NAME: elasticstack + + strategy: + fail-fast: false + matrix: + distro: [ubuntu2204] + ansible_version: + - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 + python_version: + - "3.11" + scenario: + - logstash_full_stack-oss + + steps: + - name: Check out code + uses: actions/checkout@v6 + + - name: Set up Python ${{ matrix.python_version }} + uses: actions/setup-python@v6 + with: + python-version: ${{ matrix.python_version }} + + - name: Install dependencies + run: | + python3 -m pip install --upgrade pip + python3 -m pip install "${{ matrix.ansible_version }}" + python3 -m pip install -r requirements-test.txt + + - name: Install collection + run: | + mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE + cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME + + - name: Test with molecule + run: | + ansible --version + molecule --version + molecule test -s ${{ matrix.scenario }} + env: + MOLECULE_DISTRO: ${{ matrix.distro }} + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + ELASTIC_RELEASE: "7" # OSS variant discontinued in ES 8 diff --git a/.github/workflows/test_role_repos.yml b/.github/workflows/test_role_repos.yml index 979a709f..c9bbf49d 100644 --- a/.github/workflows/test_role_repos.yml +++ b/.github/workflows/test_role_repos.yml @@ -23,6 +23,7 @@ on: jobs: lint_repos: + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: repos diff --git a/.github/workflows/test_roles_pr.yml b/.github/workflows/test_roles_pr.yml index f0d0245e..df56ec45 100644 --- a/.github/workflows/test_roles_pr.yml +++ b/.github/workflows/test_roles_pr.yml @@ -17,6 +17,8 @@ on: jobs: lint_full: + # test + if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: rolename: '' diff --git a/molecule/beats_default/molecule.yml b/molecule/beats_default/molecule.yml index 0ed92435..a0c455a7 100644 --- a/molecule/beats_default/molecule.yml +++ b/molecule/beats_default/molecule.yml @@ -5,6 +5,8 @@ driver: name: docker platforms: - name: beats_default_${MOLECULE_DISTRO:-debian13} + groups: + - elasticsearch image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: diff --git a/molecule/beats_peculiar/molecule.yml b/molecule/beats_peculiar/molecule.yml index d3562ba4..fee71096 100644 --- a/molecule/beats_peculiar/molecule.yml +++ b/molecule/beats_peculiar/molecule.yml @@ -5,6 +5,8 @@ driver: name: docker platforms: - name: beats_peculiar_${MOLECULE_DISTRO:-debian13} + groups: + - elasticsearch image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: diff --git a/molecule/elasticsearch_roles_calculation/converge.yml b/molecule/elasticsearch_roles_calculation/converge.yml index e64a9e0f..dd206828 100644 --- a/molecule/elasticsearch_roles_calculation/converge.yml +++ b/molecule/elasticsearch_roles_calculation/converge.yml @@ -8,7 +8,7 @@ vars: elasticsearch_jna_workaround: true elasticsearch_disable_systemcallfilterchecks: true - elastic_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}" + elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}" elasticsearch_node_types: - master - data diff --git a/molecule/kibana_default/molecule.yml b/molecule/kibana_default/molecule.yml index 26455953..06044bca 100644 --- a/molecule/kibana_default/molecule.yml +++ b/molecule/kibana_default/molecule.yml @@ -5,6 +5,8 @@ driver: name: docker platforms: - name: "kibana_default-${MOLECULE_DISTRO:-debian13}" + groups: + - elasticsearch image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" command: ${MOLECULE_DOCKER_COMMAND:-""} volumes: diff --git a/molecule/logstash_full_stack-oss/requirements.yml b/molecule/logstash_full_stack-oss/requirements.yml index 1c0204d5..6e4ec603 100644 --- a/molecule/logstash_full_stack-oss/requirements.yml +++ b/molecule/logstash_full_stack-oss/requirements.yml @@ -6,3 +6,4 @@ roles: collections: - community.general + - community.crypto diff --git a/roles/elasticsearch/tasks/main.yml b/roles/elasticsearch/tasks/main.yml index f1e3f71b..e92085cd 100644 --- a/roles/elasticsearch/tasks/main.yml +++ b/roles/elasticsearch/tasks/main.yml @@ -121,7 +121,7 @@ ansible.builtin.set_fact: elasticsearch_package: > {{ - 'elasticsearch' + + ('elasticsearch-oss' if elasticstack_variant == 'oss' else 'elasticsearch') + ((elasticstack_versionseparator + elasticstack_version | string ) if (elasticstack_version is defined and elasticstack_version | length > 0)) | From f8c5da8bc176da22458696ecccba9340e88f418d Mon Sep 17 00:00:00 2001 From: Afeef Ghannam <39904920+afeefghannam89@users.noreply.github.com> Date: Thu, 26 Mar 2026 16:36:18 +0100 Subject: [PATCH 3/8] Use Debian 13 instead of Ubuntu (#444) - Use Debian 13 instead of Ubuntu 2204 - Fix #433 --- .github/workflows/test_plugins.yml | 2 +- .github/workflows/test_role_beats.yml | 2 +- .github/workflows/test_role_elasticsearch.yml | 2 +- .github/workflows/test_role_kibana.yml | 2 +- .github/workflows/test_role_logstash.yml | 2 +- README.md | 10 +--------- roles/beats/meta/main.yml | 5 ++++- roles/elasticsearch/meta/main.yml | 5 ++++- roles/kibana/meta/main.yml | 5 ++++- roles/logstash/meta/main.yml | 5 ++++- roles/repos/meta/main.yml | 5 ++++- 11 files changed, 26 insertions(+), 19 deletions(-) diff --git a/.github/workflows/test_plugins.yml b/.github/workflows/test_plugins.yml index f3588839..201e56af 100644 --- a/.github/workflows/test_plugins.yml +++ b/.github/workflows/test_plugins.yml @@ -159,7 +159,7 @@ jobs: fail-fast: false matrix: distro: - - ubuntu2204 + - debian13 scenario: - plugins release: diff --git a/.github/workflows/test_role_beats.yml b/.github/workflows/test_role_beats.yml index 1d93cd43..82bd9156 100644 --- a/.github/workflows/test_role_beats.yml +++ b/.github/workflows/test_role_beats.yml @@ -41,7 +41,7 @@ jobs: fail-fast: false matrix: distro: - - ubuntu2204 + - debian13 scenario: - beats_default - beats_peculiar diff --git a/.github/workflows/test_role_elasticsearch.yml b/.github/workflows/test_role_elasticsearch.yml index bfbd2406..23ad1fc5 100644 --- a/.github/workflows/test_role_elasticsearch.yml +++ b/.github/workflows/test_role_elasticsearch.yml @@ -41,7 +41,7 @@ jobs: fail-fast: false matrix: distro: - - ubuntu2204 + - debian13 scenario: - elasticsearch_default - elasticsearch_roles_calculation diff --git a/.github/workflows/test_role_kibana.yml b/.github/workflows/test_role_kibana.yml index 097fd48f..52764495 100644 --- a/.github/workflows/test_role_kibana.yml +++ b/.github/workflows/test_role_kibana.yml @@ -42,7 +42,7 @@ jobs: fail-fast: false matrix: distro: - - ubuntu2204 + - debian13 scenario: - kibana_default release: diff --git a/.github/workflows/test_role_logstash.yml b/.github/workflows/test_role_logstash.yml index ac10c62d..c923d48f 100644 --- a/.github/workflows/test_role_logstash.yml +++ b/.github/workflows/test_role_logstash.yml @@ -41,7 +41,7 @@ jobs: strategy: fail-fast: false matrix: - distro: [ubuntu2204] + distro: [debian13] scenario: - logstash_specific_version - logstash_pipelines diff --git a/README.md b/README.md index b5dad47e..5a3dde8d 100644 --- a/README.md +++ b/README.md @@ -65,16 +65,8 @@ You may want the following Ansible roles installed. There other ways to achieve We test the collection on the following Linux distributions. Each one with Elastic Stack 7 and 8. * Rocky Linux 9 -* Rocky Linux 8 * Ubuntu 22.04 LTS -* Ubuntu 20.04 LTS -* Debian 11 -* Debian 10 -* CentOS 8 - -We know from personal experience, that the collections work in following combinations. Missing tests mostly come from incompatibilties between the distribution and our testing environment, not from problems with the collection itself. - -* CentOS 7 - Elastic Stack 7 +* Debian 13 ## Caveats and information for long time users diff --git a/roles/beats/meta/main.yml b/roles/beats/meta/main.yml index ff8fd4d9..944440e2 100644 --- a/roles/beats/meta/main.yml +++ b/roles/beats/meta/main.yml @@ -13,7 +13,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - beats - filebeat diff --git a/roles/elasticsearch/meta/main.yml b/roles/elasticsearch/meta/main.yml index 428762b2..ffc7f24c 100644 --- a/roles/elasticsearch/meta/main.yml +++ b/roles/elasticsearch/meta/main.yml @@ -13,7 +13,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - elasticsearch - elk diff --git a/roles/kibana/meta/main.yml b/roles/kibana/meta/main.yml index bebbf67c..24df5cd9 100644 --- a/roles/kibana/meta/main.yml +++ b/roles/kibana/meta/main.yml @@ -12,7 +12,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - kibana - elk diff --git a/roles/logstash/meta/main.yml b/roles/logstash/meta/main.yml index 8ce4270a..3689e848 100644 --- a/roles/logstash/meta/main.yml +++ b/roles/logstash/meta/main.yml @@ -12,7 +12,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - logstash - elk diff --git a/roles/repos/meta/main.yml b/roles/repos/meta/main.yml index 80ef8524..6466e0a4 100644 --- a/roles/repos/meta/main.yml +++ b/roles/repos/meta/main.yml @@ -12,7 +12,10 @@ galaxy_info: - "9" - name: Ubuntu versions: - - "22.04" + - "jammy" + - name: Debian + versions: + - "trixie" galaxy_tags: - repositories - linux From e85c21a516562714f9a0355151dbe6cff922f32a Mon Sep 17 00:00:00 2001 From: Afeef Ghannam <39904920+afeefghannam89@users.noreply.github.com> Date: Fri, 27 Mar 2026 12:22:32 +0100 Subject: [PATCH 4/8] Remove elasticsearch OSS job and related molecule (#447) - Remove elasticsearch no secuerity workflow and molecule, needed only in version 7 - Remove elasticsearch OSS workflow, needed only in version 7 - Remove all 7 version workflow tests - Remove logstash_full_stack-oss scenario and its workflow - Remove some release 7 related tasks in molecule - Remove the daily running full stack workflow - Fix #434 --- .github/workflows/test_full_stack.yml | 79 ------------------- .github/workflows/test_role_beats.yml | 1 - .github/workflows/test_role_elasticsearch.yml | 52 ------------ .github/workflows/test_role_kibana.yml | 1 - .github/workflows/test_role_logstash.yml | 51 ------------ .github/workflows/test_role_repos.yml | 1 - .github/workflows/test_roles_pr.yml | 2 - README.md | 1 - molecule/beats_peculiar/converge.yml | 6 -- .../elasticsearch_cluster-oss/converge.yml | 21 ----- .../elasticsearch_cluster-oss/molecule.yml | 32 -------- .../elasticsearch_cluster-oss/prepare.yml | 19 ----- .../requirements.yml | 3 - .../elasticsearch_no-security/converge.yml | 23 ------ .../elasticsearch_no-security/molecule.yml | 32 -------- .../elasticsearch_no-security/prepare.yml | 19 ----- .../requirements.yml | 3 - molecule/elasticsearch_no-security/verify.yml | 45 ----------- molecule/logstash_full_stack-oss/converge.yml | 41 ---------- molecule/logstash_full_stack-oss/molecule.yml | 26 ------ molecule/logstash_full_stack-oss/prepare.yml | 17 ---- .../logstash_full_stack-oss/requirements.yml | 9 --- molecule/logstash_full_stack-oss/verify.yml | 36 --------- .../logstash_specific_version/converge.yml | 6 -- molecule/repos_oss/converge.yml | 2 +- 25 files changed, 1 insertion(+), 527 deletions(-) delete mode 100644 .github/workflows/test_full_stack.yml delete mode 100644 molecule/elasticsearch_cluster-oss/converge.yml delete mode 100644 molecule/elasticsearch_cluster-oss/molecule.yml delete mode 100644 molecule/elasticsearch_cluster-oss/prepare.yml delete mode 100644 molecule/elasticsearch_cluster-oss/requirements.yml delete mode 100644 molecule/elasticsearch_no-security/converge.yml delete mode 100644 molecule/elasticsearch_no-security/molecule.yml delete mode 100644 molecule/elasticsearch_no-security/prepare.yml delete mode 100644 molecule/elasticsearch_no-security/requirements.yml delete mode 100644 molecule/elasticsearch_no-security/verify.yml delete mode 100644 molecule/logstash_full_stack-oss/converge.yml delete mode 100644 molecule/logstash_full_stack-oss/molecule.yml delete mode 100644 molecule/logstash_full_stack-oss/prepare.yml delete mode 100644 molecule/logstash_full_stack-oss/requirements.yml delete mode 100644 molecule/logstash_full_stack-oss/verify.yml diff --git a/.github/workflows/test_full_stack.yml b/.github/workflows/test_full_stack.yml deleted file mode 100644 index e1aafd9f..00000000 --- a/.github/workflows/test_full_stack.yml +++ /dev/null @@ -1,79 +0,0 @@ ---- -name: Test ElasticStack -on: - workflow_dispatch: - inputs: - logLevel: - description: 'Log level' - required: true - default: 'warning' - type: choice - options: - - info - - warning - - debug - schedule: - - cron: "0 4 * * *" - -jobs: - lint_full: - if: github.event.pull_request.draft == false - uses: ./.github/workflows/test_linting.yml - with: - rolename: '' - - molecule_full_stack_every_os: - runs-on: ubuntu-latest - needs: lint_full - - env: - COLLECTION_NAMESPACE: netways - COLLECTION_NAME: elasticstack - - strategy: - fail-fast: false - max-parallel: 1 - matrix: - distro: - - rockylinux9 - - ubuntu2204 - scenario: - - elasticstack_default - release: - - 7 - - 8 - ansible_version: - - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 - python_version: - - "3.11" - - steps: - - name: Check out code - uses: actions/checkout@v6 - - - name: Set up Python ${{ matrix.python_version }} - uses: actions/setup-python@v6 - with: - python-version: ${{ matrix.python_version }} - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - python3 -m pip install "${{ matrix.ansible_version }}" - python3 -m pip install -r requirements-test.txt - - - name: Install collection - run: | - mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE - cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME - - - name: Test with molecule - run: | - ansible --version - molecule --version - molecule test -s ${{ matrix.scenario }} - env: - MOLECULE_DISTRO: ${{ matrix.distro }} - PY_COLORS: '1' - ANSIBLE_FORCE_COLOR: '1' - ELASTIC_RELEASE: ${{ matrix.release }} diff --git a/.github/workflows/test_role_beats.yml b/.github/workflows/test_role_beats.yml index 82bd9156..7ec2b4fb 100644 --- a/.github/workflows/test_role_beats.yml +++ b/.github/workflows/test_role_beats.yml @@ -46,7 +46,6 @@ jobs: - beats_default - beats_peculiar release: - - 7 - 8 ansible_version: - "ansible>=9.0,<10.0" #Correspond ansible-core>=2.16,<2.17 diff --git a/.github/workflows/test_role_elasticsearch.yml b/.github/workflows/test_role_elasticsearch.yml index 23ad1fc5..d7f495e3 100644 --- a/.github/workflows/test_role_elasticsearch.yml +++ b/.github/workflows/test_role_elasticsearch.yml @@ -46,7 +46,6 @@ jobs: - elasticsearch_default - elasticsearch_roles_calculation release: - - 7 - 8 ansible_version: - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 @@ -82,54 +81,3 @@ jobs: ELASTIC_RELEASE: ${{ matrix.release }} PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' - - molecule_elasticsearch_release7: - needs: lint_elasticsearch - runs-on: ubuntu-latest - - env: - COLLECTION_NAMESPACE: netways - COLLECTION_NAME: elasticstack - - strategy: - fail-fast: false - matrix: - distro: - - ubuntu2204 - scenario: - - elasticsearch_cluster-oss # OSS variant discontinued in ES 8 - - elasticsearch_no-security # security mandatory in ES 8 - ansible_version: - - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 - python_version: - - "3.11" - steps: - - name: Check out code - uses: actions/checkout@v6 - - - name: Set up Python ${{ matrix.python_version }} - uses: actions/setup-python@v6 - with: - python-version: ${{ matrix.python_version }} - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - python3 -m pip install "${{ matrix.ansible_version }}" - python3 -m pip install -r requirements-test.txt - - - name: Install collection - run: | - mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE - cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME - - - name: Test with molecule - run: | - ansible --version - molecule --version - molecule test -s ${{ matrix.scenario }} - env: - MOLECULE_DISTRO: ${{ matrix.distro }} - ELASTIC_RELEASE: "7" - PY_COLORS: '1' - ANSIBLE_FORCE_COLOR: '1' diff --git a/.github/workflows/test_role_kibana.yml b/.github/workflows/test_role_kibana.yml index 52764495..9dc56687 100644 --- a/.github/workflows/test_role_kibana.yml +++ b/.github/workflows/test_role_kibana.yml @@ -46,7 +46,6 @@ jobs: scenario: - kibana_default release: - - 7 - 8 ansible_version: - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 diff --git a/.github/workflows/test_role_logstash.yml b/.github/workflows/test_role_logstash.yml index c923d48f..2746f398 100644 --- a/.github/workflows/test_role_logstash.yml +++ b/.github/workflows/test_role_logstash.yml @@ -46,7 +46,6 @@ jobs: - logstash_specific_version - logstash_pipelines release: - - 7 - 8 ansible_version: - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 @@ -83,53 +82,3 @@ jobs: PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' ELASTIC_RELEASE: ${{ matrix.release }} - - molecule_logstash_oss: - runs-on: ubuntu-latest - needs: lint_logstash - - env: - COLLECTION_NAMESPACE: netways - COLLECTION_NAME: elasticstack - - strategy: - fail-fast: false - matrix: - distro: [ubuntu2204] - ansible_version: - - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 - python_version: - - "3.11" - scenario: - - logstash_full_stack-oss - - steps: - - name: Check out code - uses: actions/checkout@v6 - - - name: Set up Python ${{ matrix.python_version }} - uses: actions/setup-python@v6 - with: - python-version: ${{ matrix.python_version }} - - - name: Install dependencies - run: | - python3 -m pip install --upgrade pip - python3 -m pip install "${{ matrix.ansible_version }}" - python3 -m pip install -r requirements-test.txt - - - name: Install collection - run: | - mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE - cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME - - - name: Test with molecule - run: | - ansible --version - molecule --version - molecule test -s ${{ matrix.scenario }} - env: - MOLECULE_DISTRO: ${{ matrix.distro }} - PY_COLORS: '1' - ANSIBLE_FORCE_COLOR: '1' - ELASTIC_RELEASE: "7" # OSS variant discontinued in ES 8 diff --git a/.github/workflows/test_role_repos.yml b/.github/workflows/test_role_repos.yml index c9bbf49d..b2c714be 100644 --- a/.github/workflows/test_role_repos.yml +++ b/.github/workflows/test_role_repos.yml @@ -49,7 +49,6 @@ jobs: - repos_default - repos_oss release: - - 7 - 8 ansible_version: - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 diff --git a/.github/workflows/test_roles_pr.yml b/.github/workflows/test_roles_pr.yml index df56ec45..705be014 100644 --- a/.github/workflows/test_roles_pr.yml +++ b/.github/workflows/test_roles_pr.yml @@ -17,7 +17,6 @@ on: jobs: lint_full: - # test if: github.event.pull_request.draft == false uses: ./.github/workflows/test_linting.yml with: @@ -40,7 +39,6 @@ jobs: scenario: - elasticstack_default release: - - 7 - 8 python_version: - "3.11" diff --git a/README.md b/README.md index 5a3dde8d..494ed9dd 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,5 @@ # Ansible Collection - netways.elasticstack -![Test ElasticStack](https://github.com/NETWAYS/ansible-collection-elasticstack/actions/workflows/test_full_stack.yml/badge.svg) > [!CAUTION] > The current main branch has some breaking changes. Be careful using it! Everything after commit 3d6673f6d526afeb0fd7ba382d067d76bd10bbd6 is affected! diff --git a/molecule/beats_peculiar/converge.yml b/molecule/beats_peculiar/converge.yml index e5a46244..fd020406 100644 --- a/molecule/beats_peculiar/converge.yml +++ b/molecule/beats_peculiar/converge.yml @@ -40,12 +40,6 @@ elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}" tasks: - - name: Set Filebeat version for 7.x - ansible.builtin.set_fact: - elasticstack_version: "7.17.1" - when: - - elasticstack_release == 7 - - name: Set Filebeat version for 8.x ansible.builtin.set_fact: elasticstack_version: "8.4.1" diff --git a/molecule/elasticsearch_cluster-oss/converge.yml b/molecule/elasticsearch_cluster-oss/converge.yml deleted file mode 100644 index ea69ec89..00000000 --- a/molecule/elasticsearch_cluster-oss/converge.yml +++ /dev/null @@ -1,21 +0,0 @@ ---- -# The workaround for arbitrarily named role directory is important because the git repo has one name and the role within it another -# Found at: https://github.com/ansible-community/molecule/issues/1567#issuecomment-436876722 -- name: Converge - collections: - - netways.elasticstack - hosts: all - vars: - elasticstack_variant: oss - elasticsearch_jna_workaround: true - elasticsearch_disable_systemcallfilterchecks: true - elasticstack_release: 7 - elasticsearch_heap: "1" - elasticstack_no_log: false - tasks: - - name: Include Elastics repos role - ansible.builtin.include_role: - name: repos - - name: Include Elasticsearch - ansible.builtin.include_role: - name: elasticsearch diff --git a/molecule/elasticsearch_cluster-oss/molecule.yml b/molecule/elasticsearch_cluster-oss/molecule.yml deleted file mode 100644 index 160c5275..00000000 --- a/molecule/elasticsearch_cluster-oss/molecule.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: requirements.yml -driver: - name: docker -platforms: - - name: "elasticsearch-cluster1-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearch - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true - - name: "elasticsearch-cluster2-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearch - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true -provisioner: - name: ansible -verifier: - name: ansible diff --git a/molecule/elasticsearch_cluster-oss/prepare.yml b/molecule/elasticsearch_cluster-oss/prepare.yml deleted file mode 100644 index 2bf1ed5e..00000000 --- a/molecule/elasticsearch_cluster-oss/prepare.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Prepare - hosts: all - tasks: - - name: Show discovered interpreter - debug: - var: ansible_facts.discovered_interpreter_python - - - name: Install packages for Debian - ansible.builtin.apt: - name: - - gpg - - gpg-agent - - procps - - curl - - iproute2 - - git - - openssl - update_cache: yes diff --git a/molecule/elasticsearch_cluster-oss/requirements.yml b/molecule/elasticsearch_cluster-oss/requirements.yml deleted file mode 100644 index 8dd51618..00000000 --- a/molecule/elasticsearch_cluster-oss/requirements.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -collections: - - community.general diff --git a/molecule/elasticsearch_no-security/converge.yml b/molecule/elasticsearch_no-security/converge.yml deleted file mode 100644 index b8fd37cc..00000000 --- a/molecule/elasticsearch_no-security/converge.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -# The workaround for arbitrarily named role directory is important because the git repo has one name and the role within it another -# Found at: https://github.com/ansible-community/molecule/issues/1567#issuecomment-436876722 -- name: Converge - collections: - - netways.elasticstack - hosts: all - vars: - elasticsearch_security: false - elasticstack_security: false - elasticsearch_jna_workaround: true - elasticsearch_disable_systemcallfilterchecks: true - elasticsearch_heap: "1" - elasticstack_release: 7 - elasticstack_no_log: false - elasticstack_elasticsearch_group_name: elasticsearchXYZ - tasks: - - name: Include Elastics repos role - ansible.builtin.include_role: - name: repos - - name: Include Elasticsearch - ansible.builtin.include_role: - name: elasticsearch diff --git a/molecule/elasticsearch_no-security/molecule.yml b/molecule/elasticsearch_no-security/molecule.yml deleted file mode 100644 index 112b7cdb..00000000 --- a/molecule/elasticsearch_no-security/molecule.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: requirements.yml -driver: - name: docker -platforms: - - name: "elasticsearch-nosecurity1-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearchXYZ - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true - - name: "elasticsearch-nosecurity2-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearchXYZ - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true -provisioner: - name: ansible -verifier: - name: ansible diff --git a/molecule/elasticsearch_no-security/prepare.yml b/molecule/elasticsearch_no-security/prepare.yml deleted file mode 100644 index a4d70b7d..00000000 --- a/molecule/elasticsearch_no-security/prepare.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -- name: Prepare - hosts: all - tasks: - - name: Show discovered interpreter - debug: - var: ansible_facts.discovered_interpreter_python - - - name: Install packages for Debian - ansible.builtin.apt: - name: - - gpg - - gpg-agent - - procps - - curl - - iproute2 - - git - update_cache: yes - when: ansible_os_family == "Debian" diff --git a/molecule/elasticsearch_no-security/requirements.yml b/molecule/elasticsearch_no-security/requirements.yml deleted file mode 100644 index 8dd51618..00000000 --- a/molecule/elasticsearch_no-security/requirements.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -collections: - - community.general diff --git a/molecule/elasticsearch_no-security/verify.yml b/molecule/elasticsearch_no-security/verify.yml deleted file mode 100644 index 83c81352..00000000 --- a/molecule/elasticsearch_no-security/verify.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- -# This is an example playbook to execute Ansible tests. - -- name: Verify - hosts: all - vars: - elasticstack_elasticsearch_http_port: 9200 - elasticstack_elasticsearch_group_name: elasticsearchXYZ - tasks: - -# Remember, this is the no-security scenario. So no https -# The comment below will create an exception for KICS security scan - - name: Health check - ansible.builtin.uri: -# kics-scan ignore-line - url: http://localhost:{{ elasticstack_elasticsearch_http_port }}/_cluster/health - method: GET - return_content: yes - status_code: 200 - validate_certs: false - register: result - until: result.json.status == "green" - retries: 6 - delay: 10 - when: groups[elasticstack_elasticsearch_group_name] | length > 1 - - - name: Node check - ansible.builtin.uri: -# kics-scan ignore-line - url: http://localhost:{{ elasticstack_elasticsearch_http_port }}/_cat/nodes - method: GET - return_content: yes - status_code: 200 - validate_certs: false - register: nodes - when: groups[elasticstack_elasticsearch_group_name] | length > 1 - - - name: Check if all Nodes see each other - ansible.builtin.assert: - that: - - "'{{ item }}' in nodes.content" - fail_msg: "'{{ item }}' was not found in nodes.content" - success_msg: "'{{ item }}' was found in nodes.content" - with_inventory_hostnames: all - when: groups[elasticstack_elasticsearch_group_name] | length > 1 diff --git a/molecule/logstash_full_stack-oss/converge.yml b/molecule/logstash_full_stack-oss/converge.yml deleted file mode 100644 index 5f163e7a..00000000 --- a/molecule/logstash_full_stack-oss/converge.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -# The workaround for arbitrarily named role directory is important because the -# git repo has one name and the role within it another -# Found at: -# https://github.com/ansible-community/molecule/issues/1567#issuecomment-436876722 -# -# Currently security is not implemented with OSS. We leave the variable set -# to check for handling of misconfiguration (and be prepared for upcoming -# implementations) -# But we need to deactivate security in Elasticsearch to not lock out -# Logstash -- name: Converge - hosts: all - collections: - - netways.elasticstack - vars: - elasticstack_full_stack: true - elasticstack_variant: oss - logstash_security: false - logstash_pipeline_unsafe_shutdown: true - elasticstack_security: false - beats_filebeat_journald: true - logstash_beats_tls: false - elasticstack_release: 7 - elasticstack_no_log: false - tasks: - - name: "Include Elastics repos role" - ansible.builtin.include_role: - name: repos - - name: "Include Elasticsearch role" - ansible.builtin.include_role: - name: elasticsearch - - name: "Include Beats" - ansible.builtin.include_role: - name: beats - - name: "Include Redis" - ansible.builtin.include_role: - name: geerlingguy.redis - - name: "Include Logstash" - ansible.builtin.include_role: - name: logstash diff --git a/molecule/logstash_full_stack-oss/molecule.yml b/molecule/logstash_full_stack-oss/molecule.yml deleted file mode 100644 index 2f3cd65a..00000000 --- a/molecule/logstash_full_stack-oss/molecule.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -dependency: - name: galaxy - options: - requirements-file: requirements.yml -driver: - name: docker -platforms: - - name: "logstash-full-oss-${MOLECULE_DISTRO:-debian13}" - groups: - - elasticsearch - - logstash - - filebeat - image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest" - command: ${MOLECULE_DOCKER_COMMAND:-""} - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:rw - cgroupns_mode: host - privileged: true - pre_build_image: true -provisioner: - name: ansible - env: - ANSIBLE_ROLES_PATH: $MOLECULE_EPHEMERAL_DIRECTORY/roles:${HOME}/.ansible/roles:$MOLECULE_PROJECT_DIRECTORY/roles -verifier: - name: ansible diff --git a/molecule/logstash_full_stack-oss/prepare.yml b/molecule/logstash_full_stack-oss/prepare.yml deleted file mode 100644 index 9cc68f65..00000000 --- a/molecule/logstash_full_stack-oss/prepare.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Prepare - hosts: all - tasks: - - name: Show discovered interpreter - debug: - var: ansible_facts.discovered_interpreter_python - - - name: Install packages for Debian - ansible.builtin.apt: - name: - - gpg - - gpg-agent - - procps - - curl - - git - update_cache: yes diff --git a/molecule/logstash_full_stack-oss/requirements.yml b/molecule/logstash_full_stack-oss/requirements.yml deleted file mode 100644 index 6e4ec603..00000000 --- a/molecule/logstash_full_stack-oss/requirements.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -roles: - # Versions higher than 1.6.0 seem to have a problem with idempotency on rocky 9 python 3.9, NOT on ubuntu2204 python 3.10 - - name: geerlingguy.redis - version: "1.6.0" - -collections: - - community.general - - community.crypto diff --git a/molecule/logstash_full_stack-oss/verify.yml b/molecule/logstash_full_stack-oss/verify.yml deleted file mode 100644 index fc4bcc65..00000000 --- a/molecule/logstash_full_stack-oss/verify.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# This is an example playbook to execute Ansible tests. - -- name: Check if Logstash configuration does what it should - hosts: all - vars: - elasticstack_elasticsearch_http_port: 9200 - elasticstack_beats_port: 5044 - tasks: - - name: Give some time for tools to connect - ansible.builtin.wait_for: - timeout: 120 - - name: Run syntax check - ansible.builtin.command: "/usr/share/logstash/bin/logstash --path.settings=/etc/logstash -t" - when: "'logstash' in group_names" - - name: Query for Logstasch indices - ansible.builtin.shell: > - curl -s http://localhost:{{ elasticstack_elasticsearch_http_port }}/_cat/indices | - grep logstash | - awk {' print $7 '} | - sort -n | - tail -1 - register: logstash_count - when: "elasticstack_elasticsearch_group_name is defined and elasticstack_elasticsearch_group_name in group_names" - - name: Show full output - ansible.builtin.debug: - var: logstash_count - when: "elasticstack_elasticsearch_group_name is defined and elasticstack_elasticsearch_group_name in group_names" - - name: Fail when logstash is empty - ansible.builtin.fail: - msg: "Logstash Index is empty" - when: "elasticstack_elasticsearch_group_name is defined and elasticstack_elasticsearch_group_name in group_names and logstash_count.stdout == 0" - - name: Show number of received events - ansible.builtin.debug: - msg: "Elasticsearch received {{ logstash_count.stdout }} events so far" - when: "elasticstack_elasticsearch_group_name is defined and elasticstack_elasticsearch_group_name in group_names" diff --git a/molecule/logstash_specific_version/converge.yml b/molecule/logstash_specific_version/converge.yml index cabf8ae4..4c129cfd 100644 --- a/molecule/logstash_specific_version/converge.yml +++ b/molecule/logstash_specific_version/converge.yml @@ -18,12 +18,6 @@ elasticstack_no_log: false tasks: - - name: Set Filebeat version for 7.x - ansible.builtin.set_fact: - elasticstack_version: "7.17.1" - when: - - elasticstack_release == 7 - - name: Set Filebeat version for 8.x ansible.builtin.set_fact: elasticstack_version: "8.4.1" diff --git a/molecule/repos_oss/converge.yml b/molecule/repos_oss/converge.yml index 49416223..a3efb7ef 100644 --- a/molecule/repos_oss/converge.yml +++ b/molecule/repos_oss/converge.yml @@ -8,7 +8,7 @@ vars: elasticstack_variant: oss elasticstack_rpm_workaround: true - elasticstack_release: 7 + elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}" elasticstack_no_log: false tasks: - name: "Include Elastic Repos" From e57ea005f8a654460e6efb5418a51af99b55009d Mon Sep 17 00:00:00 2001 From: Afeef Ghannam <39904920+afeefghannam89@users.noreply.github.com> Date: Tue, 31 Mar 2026 17:21:18 +0200 Subject: [PATCH 5/8] Test the collection with latest Python and Ansible (#458) #437 --- .github/workflows/test_roles_pr.yml | 57 ++++++++++++++++++++++++++++- 1 file changed, 56 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test_roles_pr.yml b/.github/workflows/test_roles_pr.yml index 705be014..367de435 100644 --- a/.github/workflows/test_roles_pr.yml +++ b/.github/workflows/test_roles_pr.yml @@ -22,7 +22,7 @@ jobs: with: rolename: '' - molecule_full_stack: + molecule_full_stack_ansible_19: runs-on: ubuntu-latest needs: lint_full @@ -75,3 +75,58 @@ jobs: PY_COLORS: '1' ANSIBLE_FORCE_COLOR: '1' ELASTIC_RELEASE: ${{ matrix.release }} + + + molecule_full_stack_ansible_20: + runs-on: ubuntu-latest + needs: lint_full + + env: + COLLECTION_NAMESPACE: netways + COLLECTION_NAME: elasticstack + + strategy: + fail-fast: false + matrix: + distro: + - rockylinux9 + - ubuntu2204 + scenario: + - elasticstack_default + release: + - 8 + python_version: + - "3.14" + ansible_version: + - "ansible-core>=2.20,<2.21" #Correspond ansible>=13.0,<14.0 + + steps: + - name: Check out code + uses: actions/checkout@v6 + + - name: Set up Python ${{ matrix.python_version }} + uses: actions/setup-python@v6 + with: + python-version: ${{ matrix.python_version }} + + - name: Install dependencies + run: | + python3 -m pip install --upgrade pip + python3 -m pip install "${{ matrix.ansible_version }}" + python3 -m pip install -r requirements-test.txt + + - name: Install collection + run: | + mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE + cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME + + - name: Test with molecule + run: | + ansible --version + molecule --version + molecule test -s ${{ matrix.scenario }} + env: + MOLECULE_DISTRO: ${{ matrix.distro }} + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + ELASTIC_RELEASE: ${{ matrix.release }} From f19723f5b033759ba4c894517555030ff555cd4f Mon Sep 17 00:00:00 2001 From: Afeef Ghannam <39904920+afeefghannam89@users.noreply.github.com> Date: Tue, 31 Mar 2026 19:01:46 +0200 Subject: [PATCH 6/8] Molecule verification enhancement (#459) - Fix #439 --- docs/role-elasticsearch.md | 2 +- molecule/beats_default/verify.yml | 32 ++++++-- molecule/beats_peculiar/verify.yml | 7 -- molecule/elasticsearch_default/verify.yml | 53 +++++++++++++ molecule/kibana_default/verify.yml | 16 ++++ molecule/logstash_pipelines/converge.yml | 8 +- molecule/logstash_pipelines/verify.yml | 74 +++++++++---------- molecule/logstash_specific_version/verify.yml | 7 -- molecule/repos_default/verify.yml | 46 ++++++++++-- molecule/repos_oss/verify.yml | 46 ++++++++++-- 10 files changed, 215 insertions(+), 76 deletions(-) create mode 100644 molecule/elasticsearch_default/verify.yml create mode 100644 molecule/kibana_default/verify.yml diff --git a/docs/role-elasticsearch.md b/docs/role-elasticsearch.md index 1be8ce3b..177e337a 100644 --- a/docs/role-elasticsearch.md +++ b/docs/role-elasticsearch.md @@ -29,7 +29,7 @@ Role Variables * *elasticsearch_disable_systemcallfilterchecks*: Disable system call filter checks. This has a security impact but is necessary on some systems. Please refer to the [docs](https://www.elastic.co/guide/en/elasticsearch/reference/7.17/_system_call_filter_check.html) for details. (default: `false`) * *elasticsearch_http_publish_host*: (String) The network address for HTTP clients to contact the node using sniffing. Accepts an IP address, a hostname, or a special value. (default: `not set`) * *elasticsearch_http_publish_port*: (integer) The port of the HTTP publish address. Configure this setting only if you need the publish port to be different from http.port. (default: `not set`) -* *elasticsearch_check_calculation*: End play in checks (Default: `false`) +* *elasticsearch_check_calculation*: When set to `true`, the elasticsearch Ansible role runs **only** the node role validation checks and then immediately stops execution on each host via `meta: end_host`. Elasticsearch is **not installed, configured, or started**. The validation checks include: deriving the node role (`master`, `data`, or `other`) from `elasticsearch_node_types`, grouping nodes accordingly, and asserting that the number of master-eligible nodes is odd (required for a valid quorum). This is useful both in production (e.g. as a pre-flight validation before scaling or reconfiguring a cluster) and in CI to quickly verify your inventory topology without the cost of a full deployment. (Default: `false`) * *elasticsearch_network_host*: You can configure multipe network addresses where the networking is bind to. You can assign IP addresses or interfaces by their names. You can also use elasticsearch internal variabels as it set as default. Example: `"_ens190_,_local_"` (Default: `"_local_,"_site_"`) (Optional; if not defined `default` is used) * *elasticsearch_api_host*: Hostname or IP elasticsearch is listening on. Only used for connection checks by ansible role. (Default: `localhost`) * *elasticsearch_extra_config*: You can set additional configuration in YAML-notation as you would write in the `elasaticsearch.yml`. Example: diff --git a/molecule/beats_default/verify.yml b/molecule/beats_default/verify.yml index 86afba4f..e26d1989 100644 --- a/molecule/beats_default/verify.yml +++ b/molecule/beats_default/verify.yml @@ -1,9 +1,29 @@ --- -# This is an example playbook to execute Ansible tests. - -- name: Verify +- name: Verify Beats deployment hosts: all tasks: - - name: Example assertion - ansible.builtin.assert: - that: true + - name: Check filebeat binary exists + ansible.builtin.stat: + path: /usr/share/filebeat/bin/filebeat + register: filebeat_binary + + - name: Assert filebeat binary exists + ansible.builtin.assert: + that: filebeat_binary.stat.exists + fail_msg: "Filebeat binary not found" + + - name: Check filebeat configuration file exists + ansible.builtin.stat: + path: /etc/filebeat/filebeat.yml + register: filebeat_config + + - name: Assert filebeat config exists + ansible.builtin.assert: + that: filebeat_config.stat.exists + fail_msg: "Filebeat configuration file not found" + + - name: Run filebeat config syntax check + ansible.builtin.command: filebeat test config -c /etc/filebeat/filebeat.yml + register: filebeat_config_test + changed_when: false + failed_when: filebeat_config_test.rc != 0 diff --git a/molecule/beats_peculiar/verify.yml b/molecule/beats_peculiar/verify.yml index c7aa9fd5..d6334ab1 100644 --- a/molecule/beats_peculiar/verify.yml +++ b/molecule/beats_peculiar/verify.yml @@ -13,13 +13,6 @@ ansible.builtin.debug: var: beats_filebeat_version.stdout - - name: Fail if Filebeat has the wrong version - ansible.builtin.fail: - msg: "Filebeat has the wrong version" - when: - - beats_filebeat_version.stdout.find('7.17.1') == -1 - - elasticstack_release == 7 - - name: Fail if Filebeat has the wrong version ansible.builtin.fail: msg: "Filebeat has the wrong version" diff --git a/molecule/elasticsearch_default/verify.yml b/molecule/elasticsearch_default/verify.yml new file mode 100644 index 00000000..46c55b71 --- /dev/null +++ b/molecule/elasticsearch_default/verify.yml @@ -0,0 +1,53 @@ +--- +- name: Verify Elasticsearch deployment + hosts: elasticsearch + vars: + elasticstack_elasticsearch_http_port: 9200 + elasticstack_initial_passwords: /usr/share/elasticsearch/initial_passwords + tasks: + - name: Fetch Elastic password # noqa: risky-shell-pipe + ansible.builtin.shell: > + if test -n "$(ps -p $$ | grep bash)"; then set -o pipefail; fi; + grep "PASSWORD elastic" {{ elasticstack_initial_passwords }} | + awk {' print $4 '} + register: elastic_pass + changed_when: false + run_once: true + + - name: Check Elasticsearch cluster health + ansible.builtin.uri: + url: "https://localhost:{{ elasticstack_elasticsearch_http_port }}/_cluster/health" + method: GET + force_basic_auth: true + user: elastic + password: "{{ elastic_pass.stdout }}" + validate_certs: false + status_code: 200 + return_content: true + register: cluster_health + until: cluster_health.json is defined and cluster_health.json.status == "green" + retries: 20 + delay: 15 + + - name: Check all nodes are visible + ansible.builtin.uri: + url: "https://localhost:{{ elasticstack_elasticsearch_http_port }}/_cat/nodes" + method: GET + force_basic_auth: true + user: elastic + password: "{{ elastic_pass.stdout }}" + validate_certs: false + status_code: 200 + return_content: true + register: nodes_output + until: nodes_output.status == 200 + retries: 6 + delay: 15 + + - name: Assert all expected nodes are present by name + ansible.builtin.assert: + that: + - item | replace('_', '') in nodes_output.content + fail_msg: "{{ item }} was not found in cluster nodes" + success_msg: "{{ item }} found in cluster nodes" + loop: "{{ groups['elasticsearch'] }}" diff --git a/molecule/kibana_default/verify.yml b/molecule/kibana_default/verify.yml new file mode 100644 index 00000000..5859b447 --- /dev/null +++ b/molecule/kibana_default/verify.yml @@ -0,0 +1,16 @@ +--- +- name: Verify Kibana deployment + hosts: all + tasks: + - name: Gather service facts + ansible.builtin.service_facts: + + - name: Assert Kibana service is running + ansible.builtin.assert: + that: ansible_facts.services['kibana.service'].state == 'running' + fail_msg: "Kibana service is not running" + + - name: Wait for Kibana port to be available + ansible.builtin.wait_for: + port: 5601 + timeout: 120 diff --git a/molecule/logstash_pipelines/converge.yml b/molecule/logstash_pipelines/converge.yml index 34843d35..4c2c8cce 100644 --- a/molecule/logstash_pipelines/converge.yml +++ b/molecule/logstash_pipelines/converge.yml @@ -13,8 +13,12 @@ logstash_pipelines: - name: syslog exclusive: false - source: https://github.com/widhalmt/syslog-logstash-pipeline.git - version: bca66fd6f086a89a4b737103f5c339f66782c78e + source: https://github.com/NETWAYS/syslog-logstash-pipeline.git + version: 1183c7544d07487ab24c70213b7172133e9bbb6d + - name: filebeat + exclusive: false + source: https://github.com/NETWAYS/filebeat-logstash-pipeline.git + version: 97a85f140e0be8d941085b210f7ca9a604088455 - name: icinga exclusive: false source: https://github.com/Icinga/icinga-logstash-pipeline.git diff --git a/molecule/logstash_pipelines/verify.yml b/molecule/logstash_pipelines/verify.yml index 133e16cd..208b65a3 100644 --- a/molecule/logstash_pipelines/verify.yml +++ b/molecule/logstash_pipelines/verify.yml @@ -1,51 +1,43 @@ --- -# This is an example playbook to execute Ansible tests. - - name: Check if Logstash configuration does what it should hosts: all vars: elasticstack_beats_port: 5044 tasks: - - name: Run syntax check - ansible.builtin.command: "/usr/share/logstash/bin/logstash --path.settings=/etc/logstash -t" - changed_when: false + - name: Run syntax check + ansible.builtin.command: "/usr/share/logstash/bin/logstash --path.settings=/etc/logstash -t" + changed_when: false + + - name: Check for open port tcp {{ elasticstack_beats_port }} + ansible.builtin.wait_for: + port: "{{ elasticstack_beats_port }}" + + - name: Check syslog pipeline directory exists + ansible.builtin.stat: + path: /etc/logstash/conf.d/syslog + register: syslog_pipeline_dir + + - name: Assert syslog pipeline directory exists + ansible.builtin.assert: + that: syslog_pipeline_dir.stat.isdir + fail_msg: "Syslog pipeline directory not found" - - name: Check for open port tcp {{ elasticstack_beats_port }} - ansible.builtin.wait_for: - port: "{{ elasticstack_beats_port }}" + - name: Check filebeat pipeline directory exists + ansible.builtin.stat: + path: /etc/logstash/conf.d/filebeat + register: filebeat_pipeline_dir - - name: Create Syslog input - ansible.builtin.copy: - dest: /etc/logstash/conf.d/syslog/input.conf - content: | - input { - redis { - key => "input" - host => "localhost" - data_type => "list" - } - } - mode: preserve - owner: root - group: root + - name: Assert filebeat pipeline directory exists + ansible.builtin.assert: + that: filebeat_pipeline_dir.stat.isdir + fail_msg: "Filebeat pipeline directory not found" - - name: Create Syslog output - ansible.builtin.copy: - dest: /etc/logstash/conf.d/syslog/output.conf - content: | - output { - redis { - key => "input" - host => "localhost" - data_type => "list" - } - } - mode: preserve - owner: root - group: root + - name: Check icinga pipeline directory exists + ansible.builtin.stat: + path: /etc/logstash/conf.d/icinga + register: icinga_pipeline_dir - - name: Update Pipeline code - ansible.builtin.git: - repo: https://github.com/widhalmt/syslog-logstash-pipeline.git - dest: /etc/logstash/conf.d/syslog/ - version: master + - name: Assert icinga pipeline directory exists + ansible.builtin.assert: + that: icinga_pipeline_dir.stat.isdir + fail_msg: "Icinga pipeline directory not found" diff --git a/molecule/logstash_specific_version/verify.yml b/molecule/logstash_specific_version/verify.yml index 788e70f4..d29c102a 100644 --- a/molecule/logstash_specific_version/verify.yml +++ b/molecule/logstash_specific_version/verify.yml @@ -9,13 +9,6 @@ ansible.builtin.command: "/usr/share/logstash/bin/logstash --version | grep ^logstash" register: logstash_version - - name: Fail if Logstash has the wrong version - ansible.builtin.fail: - msg: "Logstash has the wrong version" - when: - - logstash_version.stdout.find('7.17.1') == -1 - - elasticstack_release == 7 - - name: Fail if Logstash has the wrong version ansible.builtin.fail: msg: "Logstash has the wrong version" diff --git a/molecule/repos_default/verify.yml b/molecule/repos_default/verify.yml index d0511758..afc9e532 100644 --- a/molecule/repos_default/verify.yml +++ b/molecule/repos_default/verify.yml @@ -1,9 +1,43 @@ --- -# This is an example playbook to execute Ansible tests. - -- name: Verify +- name: Verify Elastic repositories are configured hosts: all tasks: - - name: Install Kibana - ansible.builtin.package: - name: kibana + - name: Check Elastic apt repo file exists (Debian) + ansible.builtin.stat: + path: /etc/apt/sources.list.d/elasticstack.list + register: apt_repo_file + when: ansible_os_family == "Debian" + + - name: Assert Elastic apt repo file exists (Debian) + ansible.builtin.assert: + that: apt_repo_file.stat.exists + fail_msg: "Elastic apt repository file not found" + when: ansible_os_family == "Debian" + + - name: Check Elastic GPG key exists (Debian) + ansible.builtin.stat: + path: /usr/share/keyrings/elasticsearch.asc + register: apt_gpg_key + when: ansible_os_family == "Debian" + + - name: Assert Elastic GPG key exists (Debian) + ansible.builtin.assert: + that: apt_gpg_key.stat.exists + fail_msg: "Elastic GPG key not found" + when: ansible_os_family == "Debian" + + - name: Check Elastic yum repo file exists (RedHat) + ansible.builtin.stat: + path: /etc/yum.repos.d/elastic-release.repo + register: yum_repo_file + when: ansible_os_family == "RedHat" + + - name: Assert Elastic yum repo file exists (RedHat) + ansible.builtin.assert: + that: yum_repo_file.stat.exists + fail_msg: "Elastic yum repository file not found" + when: ansible_os_family == "RedHat" + + - name: Install Kibana + ansible.builtin.package: + name: kibana diff --git a/molecule/repos_oss/verify.yml b/molecule/repos_oss/verify.yml index da54380e..098032eb 100644 --- a/molecule/repos_oss/verify.yml +++ b/molecule/repos_oss/verify.yml @@ -1,9 +1,43 @@ --- -# This is an example playbook to execute Ansible tests. - -- name: Verify +- name: Verify Elastic OSS repositories are configured hosts: all tasks: - - name: Install logstash-oss - ansible.builtin.package: - name: logstash-oss + - name: Check Elastic OSS apt repo file exists (Debian) + ansible.builtin.stat: + path: /etc/apt/sources.list.d/elasticstack.list + register: apt_repo_file + when: ansible_os_family == "Debian" + + - name: Assert Elastic OSS apt repo file exists (Debian) + ansible.builtin.assert: + that: apt_repo_file.stat.exists + fail_msg: "Elastic OSS apt repository file not found" + when: ansible_os_family == "Debian" + + - name: Check Elastic GPG key exists (Debian) + ansible.builtin.stat: + path: /usr/share/keyrings/elasticsearch.asc + register: apt_gpg_key + when: ansible_os_family == "Debian" + + - name: Assert Elastic GPG key exists (Debian) + ansible.builtin.assert: + that: apt_gpg_key.stat.exists + fail_msg: "Elastic GPG key not found" + when: ansible_os_family == "Debian" + + - name: Check Elastic OSS yum repo file exists (RedHat) + ansible.builtin.stat: + path: /etc/yum.repos.d/elastic-oss-release.repo + register: yum_repo_file + when: ansible_os_family == "RedHat" + + - name: Assert Elastic OSS yum repo file exists (RedHat) + ansible.builtin.assert: + that: yum_repo_file.stat.exists + fail_msg: "Elastic OSS yum repository file not found" + when: ansible_os_family == "RedHat" + + - name: Install logstash-oss + ansible.builtin.package: + name: logstash-oss From 6ea64c160d6465b6849d953c7703d58e2eff3ed9 Mon Sep 17 00:00:00 2001 From: Afeef Ghannam <39904920+afeefghannam89@users.noreply.github.com> Date: Tue, 31 Mar 2026 19:02:19 +0200 Subject: [PATCH 7/8] Fix ansible version in beats workflow (#456) - Fix #441 - Add requirements for beats scenarios --- .github/workflows/test_role_beats.yml | 2 +- molecule/beats_default/molecule.yml | 4 ++++ molecule/beats_default/requirements.yml | 4 ++++ molecule/beats_peculiar/molecule.yml | 4 ++++ molecule/beats_peculiar/requirements.yml | 4 ++++ molecule/repos_default/molecule.yml | 2 -- molecule/repos_default/requirements.yml | 4 ---- molecule/repos_oss/molecule.yml | 2 -- molecule/repos_oss/requirements.yml | 4 ---- 9 files changed, 17 insertions(+), 13 deletions(-) create mode 100644 molecule/beats_default/requirements.yml create mode 100644 molecule/beats_peculiar/requirements.yml delete mode 100644 molecule/repos_default/requirements.yml delete mode 100644 molecule/repos_oss/requirements.yml diff --git a/.github/workflows/test_role_beats.yml b/.github/workflows/test_role_beats.yml index 7ec2b4fb..6f372bc4 100644 --- a/.github/workflows/test_role_beats.yml +++ b/.github/workflows/test_role_beats.yml @@ -48,7 +48,7 @@ jobs: release: - 8 ansible_version: - - "ansible>=9.0,<10.0" #Correspond ansible-core>=2.16,<2.17 + - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0 python_version: - "3.11" diff --git a/molecule/beats_default/molecule.yml b/molecule/beats_default/molecule.yml index a0c455a7..a6458a8d 100644 --- a/molecule/beats_default/molecule.yml +++ b/molecule/beats_default/molecule.yml @@ -1,6 +1,8 @@ --- dependency: name: galaxy + options: + requirements-file: requirements.yml driver: name: docker platforms: @@ -16,5 +18,7 @@ platforms: pre_build_image: true provisioner: name: ansible + env: + ANSIBLE_ROLES_PATH: $MOLECULE_EPHEMERAL_DIRECTORY/roles:${HOME}/.ansible/roles:$MOLECULE_PROJECT_DIRECTORY/roles verifier: name: ansible diff --git a/molecule/beats_default/requirements.yml b/molecule/beats_default/requirements.yml new file mode 100644 index 00000000..6a2f32cb --- /dev/null +++ b/molecule/beats_default/requirements.yml @@ -0,0 +1,4 @@ +--- +collections: + - name: community.crypto + version: ">=2.15.0,<3.0.0" # Support python 3.9 on target host e.g. Rocky 9 diff --git a/molecule/beats_peculiar/molecule.yml b/molecule/beats_peculiar/molecule.yml index fee71096..d0466392 100644 --- a/molecule/beats_peculiar/molecule.yml +++ b/molecule/beats_peculiar/molecule.yml @@ -1,6 +1,8 @@ --- dependency: name: galaxy + options: + requirements-file: requirements.yml driver: name: docker platforms: @@ -16,5 +18,7 @@ platforms: pre_build_image: true provisioner: name: ansible + env: + ANSIBLE_ROLES_PATH: $MOLECULE_EPHEMERAL_DIRECTORY/roles:${HOME}/.ansible/roles:$MOLECULE_PROJECT_DIRECTORY/roles verifier: name: ansible diff --git a/molecule/beats_peculiar/requirements.yml b/molecule/beats_peculiar/requirements.yml new file mode 100644 index 00000000..6a2f32cb --- /dev/null +++ b/molecule/beats_peculiar/requirements.yml @@ -0,0 +1,4 @@ +--- +collections: + - name: community.crypto + version: ">=2.15.0,<3.0.0" # Support python 3.9 on target host e.g. Rocky 9 diff --git a/molecule/repos_default/molecule.yml b/molecule/repos_default/molecule.yml index 0ef3c688..a2e83a8a 100644 --- a/molecule/repos_default/molecule.yml +++ b/molecule/repos_default/molecule.yml @@ -1,8 +1,6 @@ --- dependency: name: galaxy - options: - requirements-file: requirements.yml driver: name: docker platforms: diff --git a/molecule/repos_default/requirements.yml b/molecule/repos_default/requirements.yml deleted file mode 100644 index f212a672..00000000 --- a/molecule/repos_default/requirements.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -collections: - - community.general diff --git a/molecule/repos_oss/molecule.yml b/molecule/repos_oss/molecule.yml index c5a34bfe..208559b6 100644 --- a/molecule/repos_oss/molecule.yml +++ b/molecule/repos_oss/molecule.yml @@ -1,8 +1,6 @@ --- dependency: name: galaxy - options: - requirements-file: requirements.yml driver: name: docker platforms: diff --git a/molecule/repos_oss/requirements.yml b/molecule/repos_oss/requirements.yml deleted file mode 100644 index f212a672..00000000 --- a/molecule/repos_oss/requirements.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -collections: - - community.general From bcb404d26ffe5908a51628a1aee0053f68269818 Mon Sep 17 00:00:00 2001 From: Afeef Ghannam <39904920+afeefghannam89@users.noreply.github.com> Date: Tue, 31 Mar 2026 19:02:52 +0200 Subject: [PATCH 8/8] Pipelines conditions (#454) - Remove 'main' branch as requirement for running pipelines. Use only path to control the run. This will be useful for epic PR or generally when the target branch is not main - Let the big workflow start only with relevant changes --- .github/workflows/kics.yml | 3 --- .github/workflows/test_linting.yml | 4 +--- .github/workflows/test_plugins.yml | 3 +-- .github/workflows/test_role_beats.yml | 4 ---- .github/workflows/test_role_elasticsearch.yml | 4 ---- .github/workflows/test_role_kibana.yml | 6 +----- .github/workflows/test_role_logstash.yml | 4 ---- .github/workflows/test_role_repos.yml | 4 ---- .github/workflows/test_roles_pr.yml | 8 ++++++++ README.md | 6 ------ 10 files changed, 11 insertions(+), 35 deletions(-) diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 4abe9e7e..de93a1eb 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -13,9 +13,6 @@ on: - warning - debug pull_request: - push: - branches: - - 'main' merge_group: schedule: - cron: '15 6 * * 4' diff --git a/.github/workflows/test_linting.yml b/.github/workflows/test_linting.yml index b13fb8fb..c8c1497e 100644 --- a/.github/workflows/test_linting.yml +++ b/.github/workflows/test_linting.yml @@ -17,12 +17,10 @@ on: rolename: required: true type: string - pull_request: - branches: - - '*' jobs: lint: + if: github.event.pull_request.draft == false runs-on: ubuntu-latest steps: - name: Check out the codebase. diff --git a/.github/workflows/test_plugins.yml b/.github/workflows/test_plugins.yml index 201e56af..c043865d 100644 --- a/.github/workflows/test_plugins.yml +++ b/.github/workflows/test_plugins.yml @@ -13,8 +13,6 @@ on: - warning - debug pull_request: - branches: - - 'main' paths: - 'plugins/**' - 'tests/**' @@ -66,6 +64,7 @@ jobs: ANSIBLE_FORCE_COLOR: '1' sanity_ansible_20: + if: github.event.pull_request.draft == false runs-on: ubuntu-latest env: COLLECTION_NAMESPACE: netways diff --git a/.github/workflows/test_role_beats.yml b/.github/workflows/test_role_beats.yml index 6f372bc4..6db949e2 100644 --- a/.github/workflows/test_role_beats.yml +++ b/.github/workflows/test_role_beats.yml @@ -13,10 +13,6 @@ on: - warning - debug pull_request: - branches: - - 'feature/**' - - 'fix/**' - - '!doc/**' paths: - 'roles/beats/**' - '.github/workflows/test_role_beats.yml' diff --git a/.github/workflows/test_role_elasticsearch.yml b/.github/workflows/test_role_elasticsearch.yml index d7f495e3..af73ecc3 100644 --- a/.github/workflows/test_role_elasticsearch.yml +++ b/.github/workflows/test_role_elasticsearch.yml @@ -13,10 +13,6 @@ on: - warning - debug pull_request: - branches: - - 'feature/**' - - 'fix/**' - - '!doc/**' paths: - 'roles/elasticsearch/**' - '.github/workflows/test_role_elasticsearch.yml' diff --git a/.github/workflows/test_role_kibana.yml b/.github/workflows/test_role_kibana.yml index 9dc56687..dd11e841 100644 --- a/.github/workflows/test_role_kibana.yml +++ b/.github/workflows/test_role_kibana.yml @@ -13,10 +13,6 @@ on: - warning - debug pull_request: - branches: - - 'feature/**' - - 'fix/**' - - '!doc/**' paths: - 'roles/kibana/**' - '.github/workflows/test_role_kibana.yml' @@ -35,7 +31,7 @@ jobs: runs-on: ubuntu-latest env: - COLLECTION_NAMESPACE: NETWAYS + COLLECTION_NAMESPACE: netways COLLECTION_NAME: elasticstack strategy: diff --git a/.github/workflows/test_role_logstash.yml b/.github/workflows/test_role_logstash.yml index 2746f398..9f133ed0 100644 --- a/.github/workflows/test_role_logstash.yml +++ b/.github/workflows/test_role_logstash.yml @@ -13,10 +13,6 @@ on: - warning - debug pull_request: - branches: - - 'feature/**' - - 'fix/**' - - '!doc/**' paths: - 'roles/logstash/**' - '.github/workflows/test_role_logstash.yml' diff --git a/.github/workflows/test_role_repos.yml b/.github/workflows/test_role_repos.yml index b2c714be..4b9a4bae 100644 --- a/.github/workflows/test_role_repos.yml +++ b/.github/workflows/test_role_repos.yml @@ -12,10 +12,6 @@ on: - warning - debug pull_request: - branches: - - 'feature/**' - - 'fix/**' - - '!doc/**' paths: - 'roles/repos/**' - '.github/workflows/test_role_repos.yml' diff --git a/.github/workflows/test_roles_pr.yml b/.github/workflows/test_roles_pr.yml index 367de435..b7438c97 100644 --- a/.github/workflows/test_roles_pr.yml +++ b/.github/workflows/test_roles_pr.yml @@ -13,6 +13,14 @@ on: - warning - debug pull_request: + paths: + - 'roles/**' + - 'molecule/elasticstack_default/**' + - 'requirements-test.txt' + - '.yamllint' + - '.config/ansible-lint.yml' + - 'galaxy.yml' + - '.github/workflows/test_roles_pr.yml' merge_group: jobs: diff --git a/README.md b/README.md index 494ed9dd..e1bfcd67 100644 --- a/README.md +++ b/README.md @@ -221,12 +221,6 @@ The execution order of the roles is important! (see below) Every kind of contribution is very welcome. Open [issues](https://github.com/NETWAYS/ansible-collection-elasticstack/issues) or provide [pull requests](https://github.com/NETWAYS/ansible-collection-elasticstack/pulls). -Please note that we have some actions bound to specific names of branches. So please stick to the following naming scheme: - -* `fix/` as a prefix for every branch that fixes a problem -* `feature/` for every branch that enhances the code with new features -* `doc/` as a prefix for every branch that only changes documentation - For now we open pull requests against `main`. We are planning to introduce dedicated branches to support older versions without breaking changes. Since we don't need them for now, please check back with this section because when we decided on how to proceed, you will find the information here. For now `main` always has the newest changes and if you want a stable version, please use the newest release. ## Testing