Skip to content

Commit

Permalink
Replace quotations for passwords with special characters
Browse files Browse the repository at this point in the history
fixes #282
  • Loading branch information
widhalmt committed Oct 11, 2023
1 parent 62bf591 commit 229f8e8
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 5 deletions.
1 change: 1 addition & 0 deletions molecule/elasticstack_default/converge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
vars:
elasticsearch_jna_workaround: true
elasticsearch_disable_systemcallfilterchecks: true
elasticsearch_tls_key_passphrase: 'test$var@test' # to test escaping
elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}"
elasticsearch_heap: "1"
elasticstack_full_stack: true
Expand Down
10 changes: 5 additions & 5 deletions roles/elasticsearch/tasks/elasticsearch-keystore.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
- name: Set bootstrap password # noqa: risky-shell-pipe
ansible.builtin.shell: >
if test -n "$(ps -p $$ | grep bash)"; then set -o pipefail; fi;
echo "{{ elasticsearch_bootstrap_pw }}" |
echo '{{ elasticsearch_bootstrap_pw }}' |
/usr/share/elasticsearch/bin/elasticsearch-keystore
add -x 'bootstrap.password'
when: "'bootstrap.password' not in elasticsearch_keystore.stdout_lines"
Expand All @@ -39,7 +39,7 @@
- name: Set xpack.security.http.ssl.keystore.secure_password # noqa: risky-shell-pipe
ansible.builtin.shell: >
if test -n "$(ps -p $$ | grep bash)"; then set -o pipefail; fi;
echo "{{ elasticsearch_tls_key_passphrase }}" |
echo '{{ elasticsearch_tls_key_passphrase }}' |
/usr/share/elasticsearch/bin/elasticsearch-keystore
add -f -x 'xpack.security.http.ssl.keystore.secure_password'
changed_when: false
Expand Down Expand Up @@ -79,7 +79,7 @@
- name: Set xpack.security.http.ssl.truststore.secure_password # noqa: risky-shell-pipe
ansible.builtin.shell: >
if test -n "$(ps -p $$ | grep bash)"; then set -o pipefail; fi;
echo "{{ elasticsearch_tls_key_passphrase }}" |
echo '{{ elasticsearch_tls_key_passphrase }}' |
/usr/share/elasticsearch/bin/elasticsearch-keystore
add -f -x 'xpack.security.http.ssl.truststore.secure_password'
changed_when: false
Expand Down Expand Up @@ -119,7 +119,7 @@
- name: Set xpack.security.transport.ssl.keystore.secure_password # noqa: risky-shell-pipe
ansible.builtin.shell: >
if test -n "$(ps -p $$ | grep bash)"; then set -o pipefail; fi;
echo "{{ elasticsearch_tls_key_passphrase }}" |
echo '{{ elasticsearch_tls_key_passphrase }}' |
/usr/share/elasticsearch/bin/elasticsearch-keystore
add -f -x 'xpack.security.transport.ssl.keystore.secure_password'
changed_when: false
Expand Down Expand Up @@ -159,7 +159,7 @@
- name: Set xpack.security.transport.ssl.truststore.secure_password # noqa: risky-shell-pipe
ansible.builtin.shell: >
if test -n "$(ps -p $$ | grep bash)"; then set -o pipefail; fi;
echo "{{ elasticsearch_tls_key_passphrase }}" |
echo '{{ elasticsearch_tls_key_passphrase }}' |
/usr/share/elasticsearch/bin/elasticsearch-keystore
add -f -x 'xpack.security.transport.ssl.truststore.secure_password'
changed_when: false
Expand Down

0 comments on commit 229f8e8

Please sign in to comment.