Code quality: lint fix, variable cleanup, template and task dedup#114
Open
Code quality: lint fix, variable cleanup, template and task dedup#114
Conversation
Capitalize 'main' to 'Main' in two task names to satisfy the production profile's requirement that names start with uppercase. Closes #27
The *_cert_will_expire_soon flags are internal state set by the role during execution. Users should never set them. Moved from defaults/ (user-overridable) to vars/ (role-internal) in all 5 roles: beats, elasticsearch, kibana, logstash, elasticstack. Partial fix for #36
The Elasticsearch/Logstash output and logging configuration was duplicated across auditbeat.yml.j2, filebeat.yml.j2, and metricbeat.yml.j2 (~50 lines each, differing only in variable names). Extracted into two shared partials: - _beats_output.j2: ES and Logstash output with SSL config - _beats_logging.j2: logging configuration Each parent template sets _beat_output, _beat_loadbalance, and _beat_name before including the partials. Net reduction of ~80 lines. Partial fix for #35
Shared restart_and_verify_service.yml replaces the near-identical elasticsearch and logstash versions. Both now delegate to the shared file with _service_name and _daemon_reload parameters. Kibana kept separate (has extra HTTP readiness logic). Beats already parameterized. Shared cert_detect_content_mode.yml extracts the content-vs-file cert detection pattern from beats and kibana security tasks. Each caller includes the shared task and maps output facts to service- specific names. Elasticsearch kept separate (dual transport+HTTP layers with fallback logic don't fit the single-layer pattern). Partial fix for #34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Four code quality improvements:
#27 — Fixed the 2 remaining ansible-lint warnings (name[casing]).
#36 — Moved sentinel variables (*_cert_will_expire_soon) from defaults/ to vars/ across all 5 roles. These are internal state that users should never set.
#35 — Extracted shared output/logging blocks from the 3 beats templates into _beats_output.j2 and _beats_logging.j2 partials. Net ~80 lines removed.
#34 — Created shared restart_and_verify_service.yml (used by ES and Logstash) and cert_detect_content_mode.yml (used by beats and kibana). ~135 lines of duplication consolidated.
Closes #27, partial fix for #34, #35, #36.