Fix failing 'security_logging' tests

Author: Gavin Williams

manifests/config.pp

@@ -165,27 +165,27 @@
       $_tls_config = {}
     }
 
-    # Logging file or hash
-    if ($elasticsearch::logging_file != undef) {
-      $_log4j_content = undef
-    } else {
-      if ($elasticsearch::logging_template != undef ) {
-        $_log4j_content = template($elasticsearch::logging_template)
-      } else {
-        $_log4j_content = template("${module_name}/etc/elasticsearch/log4j2.properties.erb")
-      }
-      $_logging_source = undef
-    }
-    file {
-      "${elasticsearch::configdir}/log4j2.properties":
-        ensure  => file,
-        content => $_log4j_content,
-        source  => $_logging_source,
-        mode    => '0644',
-        notify  => $elasticsearch::_notify_service,
-        require => Class['elasticsearch::package'],
-        before  => Class['elasticsearch::service'],
-    }
+    # # Logging file or hash
+    # if ($elasticsearch::logging_file != undef) {
+    #   $_log4j_content = undef
+    # } else {
+    #   if ($elasticsearch::logging_template != undef ) {
+    #     $_log4j_content = template($elasticsearch::logging_template)
+    #   } else {
+    #     $_log4j_content = template("${module_name}/etc/elasticsearch/log4j2.properties.erb")
+    #   }
+    #   $_logging_source = undef
+    # }
+    # file {
+    #   "${elasticsearch::configdir}/log4j2.properties":
+    #     ensure  => file,
+    #     content => $_log4j_content,
+    #     source  => $_logging_source,
+    #     mode    => '0644',
+    #     notify  => $elasticsearch::_notify_service,
+    #     require => Class['elasticsearch::package'],
+    #     before  => Class['elasticsearch::service'],
+    # }
 
     # Generate Elasticsearch config
     $_es_config = merge(
@@ -244,10 +244,6 @@
       backup => false,
     }
 
-    file { "${elasticsearch::configdir}/jvm.options":
-      ensure => 'absent',
-    }
-
     file { "${elasticsearch::defaults_location}/elasticsearch":
       ensure    => 'absent',
       subscribe => Service['elasticsearch'],

manifests/init.pp

@@ -59,7 +59,7 @@
 #   {package, "upgradeable"}[http://j.mp/xbxmNP] in the Puppet documentation).
 #
 # @param ca_certificate
-#   Path to the trusted CA certificate to add to this node's java keystore.
+#   Path to the trusted CA certificate to add to this node's Java keystore.
 #
 # @param certificate
 #   Path to the certificate for this node signed by the CA listed in
@@ -94,7 +94,7 @@
 #
 # @param deprecation_logging
 #   Wheter to enable deprecation logging. If enabled, deprecation logs will be
-#   saved to ${cluster.name}_deprecation.log in the elastic search log folder.
+#   saved to ${cluster.name}_deprecation.log in the Elasticsearch log folder.
 #
 # @param deprecation_logging_level
 #   Default deprecation logging level for Elasticsearch.
@@ -144,7 +144,7 @@
 #   Password to encrypt this node's Java keystore.
 #
 # @param keystore_path
-#   Custom path to the java keystore file. This parameter is optional.
+#   Custom path to the Java keystore file. This parameter is optional.
 #
 # @param license
 #   Optional Elasticsearch license in hash or string form.
@@ -153,11 +153,11 @@
 #   Directory that will be used for Elasticsearch logging.
 #
 # @param logging_config
-#   Representation of information to be included in the logging.yml file.
+#   Representation of information to be included in the log4j.properties file.
 #
 # @param logging_file
 #   Instead of a hash, you may supply a `puppet://` file source for the
-#   logging.yml file.
+#   log4j.properties file.
 #
 # @param logging_level
 #   Default logging level for Elasticsearch.
@@ -273,12 +273,12 @@
 #   Elasticsearch keystore file. If unset, the keystore is left unmanaged.
 #
 # @param security_logging_content
-#   File content for shield/x-pack logging configuration file (will be placed
-#   into logging.yml or log4j2.properties file as appropriate).
+#   File content for x-pack logging configuration file (will be placed
+#   into log4j2.properties file).
 #
 # @param security_logging_source
-#   File source for shield/x-pack logging configuration file (will be placed
-#   into logging.yml or log4j2.properties file as appropriate).
+#   File source for x-pack logging configuration file (will be placed
+#   into log4j2.properties).
 #
 # @param service_name
 #   Elasticsearch service name
@@ -466,14 +466,14 @@
   contain elasticsearch::config
   contain elasticsearch::service
 
-  create_resources('elasticsearch::index', $::elasticsearch::indices)
-  create_resources('elasticsearch::pipeline', $::elasticsearch::pipelines)
-  create_resources('elasticsearch::plugin', $::elasticsearch::plugins)
-  create_resources('elasticsearch::role', $::elasticsearch::roles)
-  create_resources('elasticsearch::script', $::elasticsearch::scripts)
-  create_resources('elasticsearch::snapshot_repository', $::elasticsearch::snapshot_repositories)
-  create_resources('elasticsearch::template', $::elasticsearch::templates)
-  create_resources('elasticsearch::user', $::elasticsearch::users)
+  create_resources('elasticsearch::index', $elasticsearch::indices)
+  create_resources('elasticsearch::pipeline', $elasticsearch::pipelines)
+  create_resources('elasticsearch::plugin', $elasticsearch::plugins)
+  create_resources('elasticsearch::role', $elasticsearch::roles)
+  create_resources('elasticsearch::script', $elasticsearch::scripts)
+  create_resources('elasticsearch::snapshot_repository', $elasticsearch::snapshot_repositories)
+  create_resources('elasticsearch::template', $elasticsearch::templates)
+  create_resources('elasticsearch::user', $elasticsearch::users)
 
   if ($manage_repo == true) {
     if ($repo_stage == false) {

manifests/package.pp

@@ -181,7 +181,7 @@
 
     exec { 'remove_plugin_dir':
       refreshonly => true,
-      command     => "rm -rf ${::elasticsearch::_plugindir}",
+      command     => "rm -rf ${elasticsearch::_plugindir}",
     }
 
 

manifests/plugin.pp

@@ -57,7 +57,7 @@
 #
 define elasticsearch::plugin (
   Enum['absent', 'present']      $ensure         = 'present',
-  Stdlib::Absolutepath           $configdir      = $::elasticsearch::configdir,
+  Stdlib::Absolutepath           $configdir      = $elasticsearch::configdir,
   Array[String]                  $java_opts      = [],
   Optional[Stdlib::Absolutepath] $java_home      = undef,
   Optional[String]               $module_dir     = undef,
@@ -127,17 +127,17 @@
     source                     => $file_source,
     url                        => $url,
     proxy                      => $_proxy,
-    plugin_dir                 => $::elasticsearch::_plugindir,
+    plugin_dir                 => $elasticsearch::_plugindir,
     plugin_path                => $module_dir,
   }
-  -> file { "${::elasticsearch::_plugindir}/${_module_dir}":
+  -> file { "${elasticsearch::_plugindir}/${_module_dir}":
     ensure  => $_file_ensure,
     mode    => 'o+Xr',
     recurse => true,
     before  => $_file_before,
   }
 
-  if $::elasticsearch::restart_plugin_change {
+  if $elasticsearch::restart_plugin_change {
     Elasticsearch_plugin[$name] {
       notify +> Service['elasticsearch'],
     }

manifests/service.pp

@@ -45,9 +45,9 @@
 
   #### Service management
 
-  if $::elasticsearch::ensure == 'present' {
+  if $elasticsearch::ensure == 'present' {
 
-    case $::elasticsearch::status {
+    case $elasticsearch::status {
       # make sure service is currently running, start it on boot
       'enabled': {
         $_service_ensure = 'running'
@@ -78,7 +78,7 @@
     $_service_enable = false
   }
 
-  service { $::elasticsearch::service_name:
+  service { $elasticsearch::service_name:
     ensure => $_service_ensure,
     enable => $_service_enable,
   }

manifests/service/systemd.pp

@@ -186,7 +186,7 @@
     # }
   }
 
-  service { $::elasticsearch::service_name:
+  service { $elasticsearch::service_name:
     ensure   => $_service_ensure,
     enable   => $_service_enable,
     provider => 'systemd',

spec/acceptance/tests/acceptance_spec.rb

@@ -60,7 +60,11 @@
 
   include_examples('pipeline operations', es_config, v[:pipeline])
 
-  include_examples('plugin acceptance tests', es_config, v[:elasticsearch_plugins]) unless v[:elasticsearch_plugins].empty?
+  include_examples(
+    'plugin acceptance tests',
+    es_config,
+    v[:elasticsearch_plugins]
+  ) unless v[:elasticsearch_plugins].empty?
 
   include_examples('snapshot repository acceptance tests')
 

spec/classes/001_hiera_spec.rb

@@ -50,17 +50,14 @@
           let(:facts) { facts.merge(:scenario => 'singleinstance') }
 
           # TODO: Fix this
-          # it { should contain_augeas('defaults') }
+          it { should contain_augeas('init_defaults') }
+          it { should contain_file('/etc/elasticsearch/elasticsearch.yml') }
           it { should contain_datacat('/etc/elasticsearch/elasticsearch.yml') }
           it { should contain_datacat_fragment('main_config') }
           it { should contain_service('elasticsearch').with(
             :ensure => 'running',
             :enable => true
           ) }
-
-          %w[elasticsearch.yml log4j2.properties].each do |file|
-            it { should contain_file("/etc/elasticsearch/#{file}") }
-          end
         end # of config
 
         describe 'pipelines' do

spec/classes/002_elasticsearch_config_security_logging_spec.rb

@@ -1,2 +1 @@
-# TODO: Re-enable this test
-# at_exit { RSpec::Puppet::Coverage.report! 100 }
+at_exit { RSpec::Puppet::Coverage.report! 100 }