diff --git a/molecule/kibana/molecule.yml b/molecule/kibana/molecule.yml index a1e0e3f9..c1191c07 100755 --- a/molecule/kibana/molecule.yml +++ b/molecule/kibana/molecule.yml @@ -5,6 +5,9 @@ driver: name: docker lint: name: yamllint + options: + config-data: + ignore: .virtualenv platforms: - name: bionic image: solita/ubuntu-systemd:bionic diff --git a/molecule/kibana/tests/test_default.py b/molecule/kibana/tests/test_default.py index 936f6cfc..f510aed9 100755 --- a/molecule/kibana/tests/test_default.py +++ b/molecule/kibana/tests/test_default.py @@ -14,7 +14,7 @@ def test_port_kibana_is_open(host): def test_find_correct_elasticsearch_version(host): """Test if we find the kibana/elasticsearch version in package.json""" kibana = host.file("/usr/share/kibana/plugins/wazuh/package.json") - assert kibana.contains("6.7.1") + assert kibana.contains("7.1.1") def test_wazuh_plugin_installed(host): diff --git a/roles/elastic-stack/ansible-kibana/tasks/main.yml b/roles/elastic-stack/ansible-kibana/tasks/main.yml index 43dfd57e..4e12b1b2 100755 --- a/roles/elastic-stack/ansible-kibana/tasks/main.yml +++ b/roles/elastic-stack/ansible-kibana/tasks/main.yml @@ -16,17 +16,17 @@ - name: Check if certificate exists locally stat: - path: "{{node_certs_destination}}/{{ kibana_node_name }}.crt" + path: "{{ node_certs_destination }}/{{ kibana_node_name }}.crt" register: certificate_file_exists when: - - kibana_xpack_security + - kibana_xpack_security - name: Copy key & certificate files in generator node (locally) synchronize: - src: "{{node_certs_source}}/{{kibana_node_name}}/" - dest: "{{node_certs_destination}}/" + src: "{{ node_certs_source }}/{{ kibana_node_name }}/" + dest: "{{ node_certs_destination }}/" delegate_to: "{{ node_certs_generator_ip }}" - when: + when: - node_certs_generator - kibana_xpack_security - not certificate_file_exists.stat.exists @@ -34,25 +34,29 @@ - name: Copy ca certificate file in generator node (locally) synchronize: - src: "{{node_certs_source}}/ca/" - dest: "{{node_certs_destination}}/" + src: "{{ node_certs_source }}/ca/" + dest: "{{ node_certs_destination }}/" delegate_to: "{{ node_certs_generator_ip }}" - when: + when: - node_certs_generator - kibana_xpack_security - not certificate_file_exists.stat.exists tags: xpack-security - + - name: Importing key & certificate files from generator node - shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/{{kibana_node_name}}/ {{node_certs_destination}}/" + command: >- + {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}: + {{ node_certs_source }}/{{ kibana_node_name }}/ {{ node_certs_destination }}/ when: - not node_certs_generator - kibana_xpack_security - not certificate_file_exists.stat.exists tags: xpack-security -- name: Importing ca certificate file from generator node - shell: "{{rsync_path}} {{rsync_extra_parameters}} {{rsync_user}}@{{node_certs_generator_ip}}:{{node_certs_source}}/ca/ {{node_certs_destination}}/" +- name: Importing ca certificate file from generator node + command: >- + {{ rsync_path }} {{ rsync_extra_parameters }} {{ rsync_user }}@{{ node_certs_generator_ip }}: + {{ node_certs_source }}/ca/ {{ node_certs_destination }}/ when: - not node_certs_generator - kibana_xpack_security @@ -61,14 +65,22 @@ tags: xpack-security - name: Ensuring certificates folder owner - shell: "chown -R kibana: {{node_certs_destination}}/" + file: + path: "{{ node_certs_destination }}/" + state: directory + recurse: yes + owner: kibana + group: kibana when: - check_certs_permissions is defined - kibana_xpack_security tags: xpack-security - name: Ensuring certificates folder owner - shell: "chmod -R 770 {{node_certs_destination}}/" + file: + path: "{{ node_certs_destination }}/" + mode: '0770' + recurse: yes when: - check_certs_permissions is defined - kibana_xpack_security