Elastic auth: Fun with Salt

salt/elastalert/defaults.yaml

@@ -1,10 +1,5 @@
-{%- if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
-{%-   set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
-{%-   set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
-{%- else %}
-{%-   set ES_USER = '' %}
-{%-   set ES_PASS = '' %}
-{%- endif %}
+{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
+{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
 elastalert:
   config:
     rules_folder: /opt/elastalert/rules/
@@ -26,8 +21,10 @@ elastalert:
     use_ssl: true
     verify_certs: false
     #es_send_get_body_as: GET
+{%- if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
     es_username: {{ ES_USER }}
     es_password: {{ ES_PASS }}
+{%- endif %}
     writeback_index: elastalert_status
     alert_time_limit:
       days: 2

salt/elastalert/init.sls

@@ -103,15 +103,8 @@ elastaconf:
     - template: jinja
 
 wait_for_elasticsearch:
-  module.run:
-    - http.wait_for_successful_query:
-      - url: 'https://{{MANAGER}}:9200/_cat/indices/.kibana*'
-      - wait_for: 180
-      - status:
-          - 200
-          - 401
-      - status_type: list
-      - verify_ssl: False
+  cmd.run:
+    - name: so-elasticsearch-wait
 
 so-elastalert:
   docker_container.running: