Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/7.x' into backport_18125_7.x
Browse files Browse the repository at this point in the history
  • Loading branch information
jsoriano committed May 4, 2020
2 parents 9407ab5 + 76cb884 commit 68bf3fc
Show file tree
Hide file tree
Showing 510 changed files with 23,233 additions and 5,715 deletions.
18 changes: 18 additions & 0 deletions .ci/scripts/install-terraform.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
#!/usr/bin/env bash

set -exuo pipefail

MSG="parameter missing."
TERRAFORM_VERSION=${TERRAFORM_VERSION:?$MSG}
HOME=${HOME:?$MSG}
TERRAFORM_CMD="${HOME}/bin/terraform"

OS=$(uname -s | tr '[:upper:]' '[:lower:]')

mkdir -p "${HOME}/bin"

curl -sSLo - "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_${OS}_amd64.zip" > ${TERRAFORM_CMD}.zip
unzip -o ${TERRAFORM_CMD}.zip -d $(dirname ${TERRAFORM_CMD})
rm ${TERRAFORM_CMD}.zip

chmod +x "${TERRAFORM_CMD}"
16 changes: 16 additions & 0 deletions .ci/scripts/terraform-cleanup.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
#!/usr/bin/env bash

set -exuo pipefail

DIRECTORY=${1:-.}

FAILED=0
for tfstate in $(find $DIRECTORY -name terraform.tfstate); do
cd $(dirname $tfstate)
if ! terraform destroy -auto-approve; then
FAILED=1
fi
cd -
done

exit $FAILED
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -39,3 +39,7 @@ x-pack/dockerlogbeat/temproot.tar
*.test
*.prof
*.pyc

# Terraform
*.terraform
*.tfstate*
11 changes: 11 additions & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Fix parsing of Elasticsearch node name by `elasticsearch/slowlog` fileset. {pull}14547[14547]
- CEF extensions are now mapped to the data types defined in the CEF guide. {pull}14342[14342]
- Improve ECS field mappings in panw module. event.outcome now only contains success/failure per ECS specification. {issue}16025[16025] {pull}17910[17910]
- Improve ECS categorization field mappings for nginx module. http.request.referrer is now lowercase & http.request.referrer only populated when nginx sets a value {issue}16174[16174] {pull}17844[17844]

*Heartbeat*

Expand Down Expand Up @@ -266,6 +267,9 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Add `urldecode` processor to for decoding URL-encoded fields. {pull}17505[17505]
- Add support for AWS IAM `role_arn` in credentials config. {pull}17658[17658] {issue}12464[12464]
- Add Kerberos support to Elasticsearch output. {pull}17927[17927]
- Set `agent.name` to the hostname by default. {issue}16377[16377] {pull}18000[18000]
- Add keystore support for autodiscover static configurations. {pull]16306[16306]
- Add config example of how to skip the `add_host_metadata` processor when forwarding logs. {issue}13920[13920] {pull}18153[18153]

*Auditbeat*

Expand Down Expand Up @@ -351,6 +355,10 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Improve ECS categorization field mappings in rabbitmq module. {issue}16178[16178] {pull}17916[17916]
- Improve ECS categorization field mappings in postgresql module. {issue}16177[16177] {pull}17914[17914]
- Improve ECS categorization field mappings for nginx module. {issue}16174[16174] {pull}17844[17844]
- Add support for Google Application Default Credentials to the Google Pub/Sub input and Google Cloud modules. {pull}15668[15668]
- Improve ECS categorization field mappings for zeek module. {issue}16029[16029] {pull}17738[17738]
- Improve ECS categorization field mappings for netflow module. {issue}16135[16135] {pull}18108[18108]
- Improve ECS categorization field mappings in system module. {issue}16031[16031] {pull}18065[18065]

*Heartbeat*

Expand Down Expand Up @@ -428,6 +436,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Reference kubernetes manifests mount data directory from the host when running metricbeat as daemonset, so data persist between executions in the same node. {pull}17429[17429]
- Add more detailed error messages, system tests and small refactoring to the service metricset in windows. {pull}17725[17725]
- Stack Monitoring modules now auto-configure required metricsets when `xpack.enabled: true` is set. {issue}16471[[16471] {pull}17609[17609]
- Add Metricbeat IIS module dashboards. {pull}17966[17966]
- Add dashboard for the azure database account metricset. {pull}17901[17901]
- Allow partial region and zone name in googlecloud module config. {pull}17913[17913]
- Add aggregation aligner as a config parameter for googlecloud stackdriver metricset. {issue}17141[[17141] {pull}17719[17719]
Expand All @@ -448,6 +457,8 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Add more DNS error codes to the Sysmon module. {issue}15685[15685]
- Add Audit and Log Management, Computer Object Management, and Distribution Group related events to the Security module. {pull}15217[15217]
- Add experimental event log reader implementation that should be faster in most cases. {issue}6585[6585] {pull}16849[16849]
- Set process.command_line and process.parent.command_line from Sysmon Event ID 1. {pull}17327[17327]
- Add support for event IDs 4673,4674,4697,4698,4699,4700,4701,4702,4768,4769,4770,4771,4776,4778,4779,4964 to the Security module {pull}17517[17517]

==== Deprecated

Expand Down
129 changes: 126 additions & 3 deletions Jenkinsfile
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,11 @@ pipeline {
BASE_DIR = 'src/github.com/elastic/beats'
GOX_FLAGS = "-arch amd64"
DOCKER_COMPOSE_VERSION = "1.21.0"
TERRAFORM_VERSION = "0.12.24"
PIPELINE_LOG_LEVEL = "INFO"
DOCKERELASTIC_SECRET = 'secret/observability-team/ci/docker-registry/prod'
DOCKER_REGISTRY = 'docker.elastic.co'
AWS_ACCOUNT_SECRET = 'secret/observability-team/ci/elastic-observability-aws-account-auth'
RUNBLD_DISABLE_NOTIFICATIONS = 'true'
}
options {
Expand All @@ -36,6 +38,11 @@ pipeline {
booleanParam(name: 'runAllStages', defaultValue: false, description: 'Allow to run all stages.')
booleanParam(name: 'windowsTest', defaultValue: true, description: 'Allow Windows stages.')
booleanParam(name: 'macosTest', defaultValue: false, description: 'Allow macOS stages.')

booleanParam(name: 'allCloudTests', defaultValue: false, description: 'Run all cloud integration tests.')
booleanParam(name: 'awsCloudTests', defaultValue: false, description: 'Run AWS cloud integration tests.')
string(name: 'awsRegion', defaultValue: 'eu-central-1', description: 'Default AWS region to use for testing.')

booleanParam(name: 'debug', defaultValue: false, description: 'Allow debug logging for Jenkins steps')
booleanParam(name: 'dry_run', defaultValue: false, description: 'Skip build steps, it is for testing pipeline flow')
}
Expand Down Expand Up @@ -352,8 +359,30 @@ pipeline {
return env.BUILD_METRICBEAT_XPACK != "false"
}
}
steps {
mageTarget("Metricbeat x-pack Linux", "x-pack/metricbeat", "build test")
stages {
stage('Prepare cloud integration tests environments'){
agent { label 'ubuntu && immutable' }
options { skipDefaultCheckout() }
steps {
startCloudTestEnv('x-pack-metricbeat', [
[cond: params.awsCloudTests, dir: 'x-pack/metricbeat/module/aws'],
])
}
}
stage('Metricbeat x-pack'){
agent { label 'ubuntu && immutable' }
options { skipDefaultCheckout() }
steps {
withCloudTestEnv() {
mageTarget("Metricbeat x-pack Linux", "x-pack/metricbeat", "build test")
}
}
}
}
post {
cleanup {
terraformCleanup('x-pack-metricbeat', 'x-pack/metricbeat')
}
}
}
stage('Metricbeat crosscompile'){
Expand Down Expand Up @@ -671,7 +700,7 @@ def withBeatsEnv(boolean archive, Closure body) {
"TEST_COVERAGE=true",
"RACE_DETECTOR=true",
"PYTHON_ENV=${WORKSPACE}/python-env",
"TEST_TAGS=oracle",
"TEST_TAGS=${env.TEST_TAGS},oracle",
"DOCKER_PULL=0",
]) {
deleteDir()
Expand Down Expand Up @@ -738,6 +767,7 @@ def installTools() {
if(isUnix()) {
retry(i) { sh(label: "Install Go ${GO_VERSION}", script: ".ci/scripts/install-go.sh") }
retry(i) { sh(label: "Install docker-compose ${DOCKER_COMPOSE_VERSION}", script: ".ci/scripts/install-docker-compose.sh") }
retry(i) { sh(label: "Install Terraform ${TERRAFORM_VERSION}", script: ".ci/scripts/install-terraform.sh") }
retry(i) { sh(label: "Install Mage", script: "make mage") }
} else {
retry(i) { bat(label: "Install Go/Mage/Python ${GO_VERSION}", script: ".ci/scripts/install-tools.bat") }
Expand Down Expand Up @@ -809,6 +839,7 @@ def dumpFilteredEnvironment(){
echo "SYSTEM_TESTS: ${env.SYSTEM_TESTS}"
echo "STRESS_TESTS: ${env.STRESS_TESTS}"
echo "STRESS_TEST_OPTIONS: ${env.STRESS_TEST_OPTIONS}"
echo "TEST_TAGS: ${env.TEST_TAGS}"
echo "GOX_OS: ${env.GOX_OS}"
echo "GOX_OSARCH: ${env.GOX_OSARCH}"
echo "GOX_FLAGS: ${env.GOX_FLAGS}"
Expand Down Expand Up @@ -895,6 +926,98 @@ def isChangedXPackCode(patterns) {
return isChanged(allPatterns)
}

// withCloudTestEnv executes a closure with credentials for cloud test
// environments.
def withCloudTestEnv(Closure body) {
def maskedVars = []
def testTags = "${env.TEST_TAGS}"

// AWS
if (params.allCloudTests || params.awsCloudTests) {
testTags = "${testTags},aws"
def aws = getVaultSecret(secret: "${AWS_ACCOUNT_SECRET}").data
if (!aws.containsKey('access_key')) {
error("${AWS_ACCOUNT_SECRET} doesn't contain 'access_key'")
}
if (!aws.containsKey('secret_key')) {
error("${AWS_ACCOUNT_SECRET} doesn't contain 'secret_key'")
}
maskedVars.addAll([
[var: "AWS_REGION", password: params.awsRegion],
[var: "AWS_ACCESS_KEY_ID", password: aws.access_key],
[var: "AWS_SECRET_ACCESS_KEY", password: aws.secret_key],
])
}

withEnv([
"TEST_TAGS=${testTags}",
]) {
withEnvMask(vars: maskedVars) {
body()
}
}
}

def terraformInit(String directory) {
dir(directory) {
sh(label: "Terraform Init on ${directory}", script: "terraform init")
}
}

def terraformApply(String directory) {
terraformInit(directory)
dir(directory) {
sh(label: "Terraform Apply on ${directory}", script: "terraform apply -auto-approve")
}
}

// Start testing environment on cloud using terraform. Terraform files are
// stashed so they can be used by other stages. They are also archived in
// case manual cleanup is needed.
//
// Example:
// startCloudTestEnv('x-pack-metricbeat', [
// [cond: params.awsCloudTests, dir: 'x-pack/metricbeat/module/aws'],
// ])
// ...
// terraformCleanup('x-pack-metricbeat', 'x-pack/metricbeat')
def startCloudTestEnv(String name, environments = []) {
withCloudTestEnv() {
withBeatsEnv(false) {
def runAll = params.runAllCloudTests
try {
for (environment in environments) {
if (environment.cond || runAll) {
retry(2) {
terraformApply(environment.dir)
}
}
}
} finally {
// Archive terraform states in case manual cleanup is needed.
archiveArtifacts(allowEmptyArchive: true, artifacts: '**/terraform.tfstate')
}
stash(name: "terraform-${name}", allowEmpty: true, includes: '**/terraform.tfstate,**/.terraform/**')
}
}
}


// Looks for all terraform states in directory and runs terraform destroy for them,
// it uses terraform states previously stashed by startCloudTestEnv.
def terraformCleanup(String stashName, String directory) {
stage("Remove cloud scenarios in ${directory}"){
withCloudTestEnv() {
withBeatsEnv(false) {
unstash "terraform-${stashName}"
retry(2) {
sh(label: "Terraform Cleanup", script: ".ci/scripts/terraform-cleanup.sh ${directory}")
}
}
}
}
}

def loadConfigEnvVars(){
def empty = []
env.GO_VERSION = readFile(".go-version").trim()
Expand Down
3 changes: 2 additions & 1 deletion auditbeat/docs/fields.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -2458,7 +2458,8 @@ Contains common beat fields available in all event types.
*`agent.hostname`*::
+
--
Hostname of the agent.
Deprecated - use agent.name or agent.id to identify an agent. Hostname of the agent.
type: keyword
Expand Down
2 changes: 1 addition & 1 deletion auditbeat/include/fields.go

Large diffs are not rendered by default.

25 changes: 25 additions & 0 deletions dev-tools/mage/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -833,3 +833,28 @@ func ListMatchingEnvVars(prefixes ...string) []string {
}
return vars
}

// IntegrationTestEnvVars returns the names of environment variables needed to configure
// connections to integration test environments.
func IntegrationTestEnvVars() []string {
// Environment variables that can be configured with paths to files
// with authentication information.
vars := []string{
"AWS_SHARED_CREDENTIAL_FILE",
"AZURE_AUTH_LOCATION",
"GOOGLE_APPLICATION_CREDENTIALS",
}
// Environment variables with authentication information.
prefixes := []string{
"AWS_",
"AZURE_",

// Accepted by terraform, but not by many clients, including Beats
"GOOGLE_",
"GCLOUD_",
}
for _, prefix := range prefixes {
vars = append(vars, ListMatchingEnvVars(prefix)...)
}
return vars
}
1 change: 1 addition & 0 deletions dev-tools/mage/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,7 @@ func Config(types ConfigFileType, args ConfigFileParams, targetDir string) error
"UseDockerMetadataProcessor": true,
"UseKubernetesMetadataProcessor": false,
"ExcludeDashboards": false,
"UseProcessorsTemplate": false,
}
for k, v := range args.ExtraVars {
params[k] = v
Expand Down
4 changes: 3 additions & 1 deletion dev-tools/mage/gotest.go
Original file line number Diff line number Diff line change
Expand Up @@ -156,7 +156,9 @@ func GoTestIntegrationForModule(ctx context.Context) error {
foundModule = true

// Set MODULE because only want that modules tests to run inside the testing environment.
runners, err := NewIntegrationRunners(path.Join("./module", fi.Name()), map[string]string{"MODULE": fi.Name()})
env := map[string]string{"MODULE": fi.Name()}
passThroughEnvs(env, IntegrationTestEnvVars()...)
runners, err := NewIntegrationRunners(path.Join("./module", fi.Name()), env)
if err != nil {
return errors.Wrapf(err, "test setup failed for module %s", fi.Name())
}
Expand Down
Loading

0 comments on commit 68bf3fc

Please sign in to comment.