Skip to content

Commit 4a63480

Browse files
widhalmtwidhalmt
committed
Improve idempotency
1 parent 98fc289 commit 4a63480

File tree

1 file changed

+9
-0
lines changed

1 file changed

+9
-0
lines changed

roles/elasticsearch/tasks/elasticsearch-security.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@
3333
/usr/share/elasticsearch/bin/elasticsearch-keystore
3434
add -x 'bootstrap.password'
3535
when: "'bootstrap.password' not in es_keystore.stdout_lines"
36+
changed_when: false
3637
notify:
3738
- Restart Elasticsearch
3839
ignore_errors: "{{ ansible_check_mode }}"
@@ -54,6 +55,7 @@
5455
echo "{{ elasticsearch_tls_key_passphrase }}" |
5556
/usr/share/elasticsearch/bin/elasticsearch-keystore
5657
add -f -x 'xpack.security.http.ssl.keystore.secure_password'
58+
changed_when: false
5759
when:
5860
- http_ssl_keystore_secure_password.stdout is undefined or elasticsearch_tls_key_passphrase != http_ssl_keystore_secure_password.stdout
5961
- elasticsearch_http_security
@@ -65,6 +67,7 @@
6567
shell: >
6668
/usr/share/elasticsearch/bin/elasticsearch-keystore
6769
remove 'xpack.security.http.ssl.keystore.secure_password'
70+
changed_when: false
6871
when:
6972
- "'xpack.security.http.ssl.keystore.secure_password' in es_keystore.stdout_lines"
7073
- not elasticsearch_http_security
@@ -88,6 +91,7 @@
8891
echo "{{ elasticsearch_tls_key_passphrase }}" |
8992
/usr/share/elasticsearch/bin/elasticsearch-keystore
9093
add -f -x 'xpack.security.http.ssl.truststore.secure_password'
94+
changed_when: false
9195
when:
9296
- http_ssl_truststore_secure_password.stdout is undefined or elasticsearch_tls_key_passphrase != http_ssl_truststore_secure_password.stdout
9397
- elasticsearch_http_security
@@ -98,6 +102,7 @@
98102
shell: >
99103
/usr/share/elasticsearch/bin/elasticsearch-keystore
100104
remove 'xpack.security.http.ssl.truststore.secure_password'
105+
changed_when: false
101106
when:
102107
- "'xpack.security.http.ssl.truststore.secure_password' in es_keystore.stdout_lines"
103108
- not elasticsearch_http_security
@@ -121,6 +126,7 @@
121126
echo "{{ elasticsearch_tls_key_passphrase }}" |
122127
/usr/share/elasticsearch/bin/elasticsearch-keystore
123128
add -f -x 'xpack.security.transport.ssl.keystore.secure_password'
129+
changed_when: false
124130
when:
125131
- transport_ssl_keystore_secure_password.stdout is undefined or elasticsearch_tls_key_passphrase != transport_ssl_keystore_secure_password.stdout
126132
- elasticsearch_security
@@ -131,6 +137,7 @@
131137
shell: >
132138
/usr/share/elasticsearch/bin/elasticsearch-keystore
133139
remove 'xpack.security.transport.ssl.keystore.secure_password'
140+
changed_when: false
134141
when:
135142
- "'xpack.security.transport.ssl.keystore.secure_password' in es_keystore.stdout_lines"
136143
- not elasticsearch_security
@@ -154,6 +161,7 @@
154161
echo "{{ elasticsearch_tls_key_passphrase }}" |
155162
/usr/share/elasticsearch/bin/elasticsearch-keystore
156163
add -f -x 'xpack.security.transport.ssl.truststore.secure_password'
164+
changed_when: false
157165
when:
158166
- transport_ssl_truststore_secure_password.stdout is undefined or elasticsearch_tls_key_passphrase != transport_ssl_truststore_secure_password.stdout
159167
- elasticsearch_security
@@ -164,6 +172,7 @@
164172
shell: >
165173
/usr/share/elasticsearch/bin/elasticsearch-keystore
166174
remove 'xpack.security.transport.ssl.truststore.secure_password'
175+
changed_when: false
167176
when:
168177
- "'xpack.security.transport.ssl.truststore.secure_password' in es_keystore.stdout_lines"
169178
- not elasticsearch_security

0 commit comments

Comments
 (0)