Add comments inadvertently removed during migrate (#27)

A few files had their first comment removed even though it did not
contain a license. This re-adds those comments.

x-pack/plugin/security/src/main/config/role_mapping.yml

@@ -0,0 +1,14 @@
+# Role mapping configuration file which has elasticsearch roles as keys
+# that map to one or more user or group distinguished names
+
+#roleA:   this is an elasticsearch role
+#  - groupA-DN  this is a group distinguished name
+#  - groupB-DN
+#  - user1-DN   this is the full user distinguished name
+
+#power_user:
+#  - "cn=admins,dc=example,dc=com"
+#user:
+#  - "cn=users,dc=example,dc=com"
+#  - "cn=admins,dc=example,dc=com"
+#  - "cn=John Doe,cn=other users,dc=example,dc=com"

x-pack/plugin/security/src/main/config/roles.yml

@@ -0,0 +1,3 @@
+# The default roles file is empty as the preferred method of defining roles is
+# through the API/UI. File based roles are useful in error scenarios when the
+# API based roles may not be available.

x-pack/plugin/security/src/test/resources/org/elasticsearch/xpack/security/authc/ldap/role_mapping.yml

@@ -1,3 +1,4 @@
+# AD Realm Role Mapping
 group_role:
   - "CN=Avengers,CN=users,DC=ad,DC=test,DC=elasticsearch,DC=com"
 user_role:

x-pack/plugin/security/src/test/resources/org/elasticsearch/xpack/security/authc/ldap/support/ldapWithGroupSearch.yml

@@ -1,3 +1,4 @@
+# This LDAP connection does group lookup by a subtree search, no role mapping
 ldap:
   urls:
     - ldap://ldap.example.com:1389

x-pack/plugin/security/src/test/resources/org/elasticsearch/xpack/security/authc/ldap/support/ldapWithRoleMapping.yml

@@ -1,3 +1,4 @@
+# This LDAP connection does group lookup by attribute with group to role mapping
 ldap:
   urls: # these connections are not round-robin, but primary, secondary, etc.  When the first fails the second is attempted
     - ldap://ldap.example.com:1389

x-pack/plugin/security/src/test/resources/org/elasticsearch/xpack/security/authc/pki/role_mapping.yml

@@ -1,2 +1,4 @@
+# Role mappings for PKI tests
+
 user:
   - "CN=Elasticsearch Test Node, OU=elasticsearch, O=org"

x-pack/plugin/security/src/test/resources/org/elasticsearch/xpack/security/authc/support/role_mapping.yml

@@ -1,3 +1,9 @@
+# roleA   this is an elasticsearch role
+#  - groupA-DN  this is any group, ldap DN, or unix group
+#  - groupB-DN
+#  - user1-DN
+
+#This is an example of ldap mapping configuration
 security:
   - "cn=avengers,ou=marvel,o=superheros"
   - "cn=shield,ou=marvel,o=superheros"

x-pack/plugin/security/src/test/resources/org/elasticsearch/xpack/security/authz/store/default_roles.yml

@@ -0,0 +1,3 @@
+# The default roles file is empty as the preferred method of defining roles is
+# through the API/UI. File based roles are useful in error scenarios when the
+# API based roles may not be available.

x-pack/plugin/security/src/test/resources/org/elasticsearch/xpack/security/authz/store/reserved_roles.yml

@@ -1,3 +1,5 @@
+# All cluster rights
+# All operations on all indices
 admin:
   cluster:
     - all

x-pack/plugin/src/test/resources/rest-api-spec/test/xpack/10_basic.yml

@@ -1,3 +1,5 @@
+# Integration tests for monitoring
+#
 "X-Pack loaded":
     - do:
         cluster.state: {}

x-pack/plugin/src/test/resources/rest-api-spec/test/xpack/15_basic.yml

@@ -1,3 +1,5 @@
+# Integration tests xpack info and usage API
+#
 "X-Pack Info and Usage":
 
   - do:

x-pack/qa/core-rest-tests-with-security/src/test/resources/rest-api-spec/test/rankeval/10_rankeval.yml

@@ -1,3 +1,5 @@
+# remove this test from core-tests-with-security as soon as we can
+# pull in rest test from modules in core
 ---
 "Basic Rankeval test":
 

x-pack/qa/reindex-tests-with-security/roles.yml

@@ -1,3 +1,6 @@
+# All cluster rights
+# All operations on all indices
+# Run as all users
 admin:
   cluster:
     - all

x-pack/qa/security-migrate-tests/roles.yml

@@ -1,3 +1,7 @@
+# A role that has all sorts of configuration:
+# - it can monitor the cluster
+# - for index1 and index2 it can do CRUD things and refresh
+# - for other indices it has search-only privileges
 actual_role:
   run_as: [ "joe" ]
   cluster:

x-pack/qa/smoke-test-plugins-ssl/src/test/resources/rest-api-spec/test/smoke_test_plugins_ssl/10_basic.yml

@@ -1,3 +1,5 @@
+# Integration tests for smoke testing plugins
+#
 "Plugins are actually installed":
     - do:
         cluster.state: {}

x-pack/qa/smoke-test-plugins-ssl/src/test/resources/rest-api-spec/test/smoke_test_plugins_ssl/20_settings_filter.yml

@@ -1,3 +1,5 @@
+# Integration tests for smoke testing plugins
+#
 "Secret settings are correctly filtered":
   - do:
       cluster.state: {}

x-pack/qa/smoke-test-plugins/src/test/resources/rest-api-spec/test/smoke_test_plugins/10_basic.yml

@@ -1,3 +1,5 @@
+# Integration tests for smoke testing plugins
+#
 "Plugins are actually installed":
     - do:
         cluster.state: {}

x-pack/qa/smoke-test-watcher-with-painless/src/test/resources/rest-api-spec/test/watcher_painless/50_update_scripts.yml

@@ -1,3 +1,5 @@
+# When a script is specified in a watch, updates should be taken into account
+# See https://github.com/elastic/x-plugins/issues/4237
 ---
 "Test transform scripts are updated on execution":
   - skip:

x-pack/qa/sql/security/roles.yml

@@ -1,3 +1,4 @@
+# tag::rest
 rest_minimal:
   indices:
     - names: test