From e8881ee82fdf1be46543b1d460f01550a815de7b Mon Sep 17 00:00:00 2001
From: Manuel Gutierrez <manuel.gutierrez@wazuh.com>
Date: Thu, 26 Sep 2019 13:03:14 +0200
Subject: [PATCH] Bypass idempotence tests on elastic xpack

---
 .../tasks/xpack_security.yml                  | 36 ++++++++++++++-----
 1 file changed, 27 insertions(+), 9 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
index d05c3241..35f64fae 100644
--- a/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
+++ b/roles/elastic-stack/ansible-elasticsearch/tasks/xpack_security.yml
@@ -68,7 +68,9 @@
     - node_certs_generator
     - not xpack_certs_zip.stat.exists
     - generate_CA
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Generating certificates for Elasticsearch security (using provided CA | Without CA Password)
   command: >-
@@ -82,7 +84,9 @@
     - not xpack_certs_zip.stat.exists
     - not generate_CA
     - ca_password | length == 0
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Generating certificates for Elasticsearch security (using provided CA | Using CA Password)
   command: >-
@@ -96,7 +100,9 @@
     - not xpack_certs_zip.stat.exists
     - not generate_CA
     - ca_password | length > 0
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Verify the Elastic certificates directory
   file:
@@ -124,7 +130,9 @@
     mode: 0700
   when:
     - node_certs_generator
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Delete certs.zip in Generator node
   file:
@@ -132,6 +140,7 @@
     path: "{{ node_certs_source }}/certs.zip"
   when:
     - node_certs_generator
+  tags: molecule-idempotence-notest
 
 - name: Unzip generated certs.zip
   unarchive:
@@ -141,7 +150,9 @@
   delegate_to: "127.0.0.1"
   when:
     - node_certs_generator
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Copying node's certificate from master
   copy:
@@ -153,7 +164,9 @@
     - "{{ master_certs_path }}/ca/ca.crt"
   when:
     - generate_CA
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Copying node's certificate from master (Custom CA)
   copy:
@@ -165,7 +178,9 @@
     - "{{ master_certs_path }}/ca/{{ ca_cert_name }}"
   when:
     - not generate_CA
-  tags: xpack-security
+  tags:
+    - xpack-security
+    - molecule-idempotence-notest
 
 - name: Ensuring folder permissions
   file:
@@ -179,8 +194,11 @@
   tags: xpack-security
 
 - name: Set elasticsearch bootstrap password
-  shell: >-
-    set -o pipefail;
+  shell: |
+    set -o pipefail
     echo {{ elasticsearch_xpack_security_password }} | {{ node_certs_source }}/bin/elasticsearch-keystore add -xf bootstrap.password
+  args:
+    executable: /bin/bash
   when:
     - node_certs_generator
+  tags: molecule-idempotence-notest