NETWAYS · afeefghannam89 · Mar 26, 2026 · Mar 25, 2026 · Mar 25, 2026 · Mar 25, 2026
diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml
@@ -21,6 +21,7 @@ on:
     - cron: '15 6 * * 4'
 jobs:
   kics:
+    if: github.event.pull_request.draft == false
     runs-on: ubuntu-latest
 
     steps:

diff --git a/.github/workflows/test_full_stack.yml b/.github/workflows/test_full_stack.yml
@@ -17,6 +17,7 @@ on:
 
 jobs:
   lint_full:
+    if: github.event.pull_request.draft == false
     uses: ./.github/workflows/test_linting.yml
     with:
       rolename: ''

diff --git a/.github/workflows/test_linting.yml b/.github/workflows/test_linting.yml
@@ -38,6 +38,10 @@ jobs:
           python3 -m pip install --upgrade pip
           python3 -m pip install -r requirements-test.txt
 
+      - name: Install Ansible collections
+        run: |
+          ansible-galaxy collection install community.crypto community.general
+
       - name: Lint code (yamllint).
         run: |
           yamllint .

diff --git a/.github/workflows/test_plugins.yml b/.github/workflows/test_plugins.yml
@@ -23,6 +23,7 @@ on:
 
 jobs:
   sanity_ansible_18_19:
+    if: github.event.pull_request.draft == false
     runs-on: ubuntu-latest
     env:
       COLLECTION_NAMESPACE: netways

diff --git a/.github/workflows/test_role_beats.yml b/.github/workflows/test_role_beats.yml
@@ -24,6 +24,7 @@ on:
 
 jobs:
   lint_beats:
+    if: github.event.pull_request.draft == false
     uses: ./.github/workflows/test_linting.yml
     with:
       rolename: beats

diff --git a/.github/workflows/test_role_elasticsearch.yml b/.github/workflows/test_role_elasticsearch.yml
@@ -24,6 +24,7 @@ on:
 
 jobs:
   lint_elasticsearch:
+    if: github.event.pull_request.draft == false
     uses: ./.github/workflows/test_linting.yml
     with:
       rolename: elasticsearch
@@ -44,8 +45,6 @@ jobs:
         scenario:
           - elasticsearch_default
           - elasticsearch_roles_calculation
-          - elasticsearch_cluster-oss
-          - elasticsearch_no-security
         release:
           - 7
           - 8
@@ -83,3 +82,54 @@ jobs:
           ELASTIC_RELEASE: ${{ matrix.release }}
           PY_COLORS: '1'
           ANSIBLE_FORCE_COLOR: '1'
+
+  molecule_elasticsearch_release7:
+    needs: lint_elasticsearch
+    runs-on: ubuntu-latest
+
+    env:
+      COLLECTION_NAMESPACE: netways
+      COLLECTION_NAME: elasticstack
+
+    strategy:
+      fail-fast: false
+      matrix:
+        distro:
+          - ubuntu2204
+        scenario:
+          - elasticsearch_cluster-oss  # OSS variant discontinued in ES 8
+          - elasticsearch_no-security  # security mandatory in ES 8
+        ansible_version:
+          - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0
+        python_version:
+          - "3.11"
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v6
+
+      - name: Set up Python ${{ matrix.python_version }}
+        uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python_version }}
+
+      - name: Install dependencies
+        run: |
+          python3 -m pip install --upgrade pip
+          python3 -m pip install "${{ matrix.ansible_version }}"
+          python3 -m pip install -r requirements-test.txt
+
+      - name: Install collection
+        run: |
+          mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE
+          cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME
+
+      - name: Test with molecule
+        run: |
+          ansible --version
+          molecule --version
+          molecule test -s ${{ matrix.scenario }}
+        env:
+          MOLECULE_DISTRO: ${{ matrix.distro }}
+          ELASTIC_RELEASE: "7"
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
diff --git a/.github/workflows/test_role_kibana.yml b/.github/workflows/test_role_kibana.yml
@@ -24,6 +24,7 @@ on:
 
 jobs:
   lint_kibana:
+    if: github.event.pull_request.draft == false
     uses: ./.github/workflows/test_linting.yml
     with:
       rolename: kibana

diff --git a/.github/workflows/test_role_logstash.yml b/.github/workflows/test_role_logstash.yml
@@ -24,6 +24,7 @@ on:
 
 jobs:
   lint_logstash:
+    if: github.event.pull_request.draft == false
     uses: ./.github/workflows/test_linting.yml
     with:
       rolename: logstash
@@ -42,7 +43,6 @@ jobs:
       matrix:
         distro: [ubuntu2204]
         scenario:
-          - logstash_full_stack-oss
           - logstash_specific_version
           - logstash_pipelines
         release:
@@ -83,3 +83,53 @@ jobs:
           PY_COLORS: '1'
           ANSIBLE_FORCE_COLOR: '1'
           ELASTIC_RELEASE: ${{ matrix.release }}
+
+  molecule_logstash_oss:
+    runs-on: ubuntu-latest
+    needs: lint_logstash
+
+    env:
+      COLLECTION_NAMESPACE: netways
+      COLLECTION_NAME: elasticstack
+
+    strategy:
+      fail-fast: false
+      matrix:
+        distro: [ubuntu2204]
+        ansible_version:
+          - "ansible-core>=2.19,<2.20" #Correspond ansible>=12.0,<13.0
+        python_version:
+          - "3.11"
+        scenario:
+          - logstash_full_stack-oss
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v6
+
+      - name: Set up Python ${{ matrix.python_version }}
+        uses: actions/setup-python@v6
+        with:
+          python-version: ${{ matrix.python_version }}
+
+      - name: Install dependencies
+        run: |
+          python3 -m pip install --upgrade pip
+          python3 -m pip install "${{ matrix.ansible_version }}"
+          python3 -m pip install -r requirements-test.txt
+
+      - name: Install collection
+        run: |
+          mkdir -p ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE
+          cp -a ../ansible-collection-$COLLECTION_NAME ~/.ansible/collections/ansible_collections/$COLLECTION_NAMESPACE/$COLLECTION_NAME
+
+      - name: Test with molecule
+        run: |
+          ansible --version
+          molecule --version
+          molecule test -s ${{ matrix.scenario }}
+        env:
+          MOLECULE_DISTRO: ${{ matrix.distro }}
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          ELASTIC_RELEASE: "7"  # OSS variant discontinued in ES 8
diff --git a/.github/workflows/test_role_repos.yml b/.github/workflows/test_role_repos.yml
@@ -23,6 +23,7 @@ on:
 
 jobs:
   lint_repos:
+    if: github.event.pull_request.draft == false
     uses: ./.github/workflows/test_linting.yml
     with:
       rolename: repos

diff --git a/.github/workflows/test_roles_pr.yml b/.github/workflows/test_roles_pr.yml
@@ -17,6 +17,8 @@ on:
 
 jobs:
   lint_full:
+    # test
+    if: github.event.pull_request.draft == false
     uses: ./.github/workflows/test_linting.yml
     with:
       rolename: ''

diff --git a/molecule/beats_default/molecule.yml b/molecule/beats_default/molecule.yml
@@ -5,6 +5,8 @@ driver:
   name: docker
 platforms:
   - name: beats_default_${MOLECULE_DISTRO:-debian13}
+    groups:
+      - elasticsearch
     image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest"
     command: ${MOLECULE_DOCKER_COMMAND:-""}
     volumes:

diff --git a/molecule/beats_peculiar/molecule.yml b/molecule/beats_peculiar/molecule.yml
@@ -5,6 +5,8 @@ driver:
   name: docker
 platforms:
   - name: beats_peculiar_${MOLECULE_DISTRO:-debian13}
+    groups:
+      - elasticsearch
     image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest"
     command: ${MOLECULE_DOCKER_COMMAND:-""}
     volumes:

diff --git a/molecule/elasticsearch_roles_calculation/converge.yml b/molecule/elasticsearch_roles_calculation/converge.yml
@@ -8,7 +8,7 @@
   vars:
     elasticsearch_jna_workaround: true
     elasticsearch_disable_systemcallfilterchecks: true
-    elastic_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}"
+    elasticstack_release: "{{ lookup('env', 'ELASTIC_RELEASE') | int}}"
     elasticsearch_node_types:
       - master
       - data

diff --git a/molecule/kibana_default/molecule.yml b/molecule/kibana_default/molecule.yml
@@ -5,6 +5,8 @@ driver:
   name: docker
 platforms:
   - name: "kibana_default-${MOLECULE_DISTRO:-debian13}"
+    groups:
+      - elasticsearch
     image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian13}-ansible:latest"
     command: ${MOLECULE_DOCKER_COMMAND:-""}
     volumes:

diff --git a/molecule/logstash_full_stack-oss/requirements.yml b/molecule/logstash_full_stack-oss/requirements.yml
@@ -6,3 +6,4 @@ roles:
 
 collections:
   - community.general
+  - community.crypto
diff --git a/roles/elasticsearch/tasks/main.yml b/roles/elasticsearch/tasks/main.yml
@@ -121,7 +121,7 @@
   ansible.builtin.set_fact:
     elasticsearch_package: >
       {{
-      'elasticsearch' +
+      ('elasticsearch-oss' if elasticstack_variant == 'oss' else 'elasticsearch') +
       ((elasticstack_versionseparator +
       elasticstack_version |
       string ) if (elasticstack_version is defined and elasticstack_version | length > 0)) |
@@ -265,7 +265,7 @@
    - name: Check for cluster status without security
      ansible.builtin.uri:
 # kics-scan ignore-line
        url: "http://{{ elasticsearch_api_host }}:{{ elasticstack_elasticsearch_http_port }}/_cluster/health?pretty"
      register: elasticsearch_cluster_status
      ignore_errors: "{{ ansible_check_mode }}"
      until: elasticsearch_cluster_status.json.status == "green"
-Original file line number
+Diff line change
@@ Expand Up / @@ -21,6 +21,7 @@ on: @@
         - cron: '15 6 * * 4'
     jobs:
       kics:
+        if: github.event.pull_request.draft == false
         runs-on: ubuntu-latest
         steps:
@@ Expand Down @@
Original file line number	Diff line number	Diff line change
Expand Up		@@ -6,3 +6,4 @@ roles:

		collections:
		- community.general
		- community.crypto