diff --git a/Dockerfile b/Dockerfile index ecc8b977f4ccefbee95777407fc2359c9c9ecef2..fadc13e5979cc1057c91fa58eba4ce98e721389f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ ARG BASE_TAG=8.3 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as prep_files -ARG ELASTIC_STACK=7.12.0 +ARG ELASTIC_STACK=7.13.1 ARG ELASTIC_PRODUCT=elastic-agent ARG OS_AND_ARCH=linux-x86_64 @@ -85,6 +85,6 @@ USER ${ELASTIC_PRODUCT} ENV ELASTIC_PRODUCT=${ELASTIC_PRODUCT} ENTRYPOINT ["/tinit", "--", "/usr/local/bin/docker-entrypoint"] -CMD ["--environment", "container"] +CMD [""] HEALTHCHECK --interval=10s --timeout=5s --start-period=1m --retries=5 CMD test -w '/tmp/elastic-agent/elastic-agent.sock' diff --git a/README.md b/README.md index 7bf89ef710de3a40d254c1bc78e2e3223c7589eb..a6e3d2e248659d9d721ed167d32f27dc68c04f74 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ **elastic-agent** is a single, unified way to add monitoring for logs, metrics, and other types of data to each host. A single agent makes it easier and faster to deploy monitoring across your infrastructure. The agent’s single, unified configuration makes it easier to add integrations for new data sources. For more information about elastic-agent, please visit -https://www.elastic.co/guide/en/ingest-management/7.12/index.html. +https://www.elastic.co/guide/en/ingest-management/7.13/index.html. --- **NOTE** @@ -14,7 +14,7 @@ This functionality is in beta and is subject to change. The design and code is l ### Installation instructions -Please follow the documentation on [Quick start](https://www.elastic.co/guide/en/ingest-management/7.12/ingest-management-getting-started.html). +Please follow the documentation on [Quick start](https://www.elastic.co/guide/en/ingest-management/7.13/ingest-management-getting-started.html). ### Where to file issues and PRs @@ -37,9 +37,9 @@ visiting [Elastic Community](https://www.elastic.co/community). This software is governed by the [Elastic -License](https://github.com/elastic/elasticsearch/blob/7.12/licenses/ELASTIC-LICENSE.txt), +License](https://github.com/elastic/elasticsearch/blob/7.13/licenses/ELASTIC-LICENSE.txt), and includes the full set of [free features](https://www.elastic.co/subscriptions). View the detailed release notes -[here](https://www.elastic.co/guide/en/beats/libbeat/current/release-notes-7.12.1.html). +[here](https://www.elastic.co/guide/en/beats/libbeat/current/release-notes-7.13.1.html). diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index d91f0ee39d14368e1a9537773c0ece653d3740d3..e2b140b45301d49ba223c670a8aac1d4e62a8cd9 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "elastic/beats/elastic-agent" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "7.12.0" +- "7.13.1" - "latest" # Build args passed to Dockerfile ARGs @@ -16,7 +16,7 @@ args: BASE_IMAGE: "redhat/ubi/ubi8" BASE_TAG: "8.3" BASE_REGISTRY: registry1.dsop.io - ELASTIC_STACK: "7.12.0" + ELASTIC_STACK: "7.13.1" ELASTIC_PRODUCT: "elastic-agent" # Docker image labels @@ -30,7 +30,7 @@ labels: org.opencontainers.image.url: "https://www.elastic.co/products/beats/elastic-agent" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "Elastic" - org.opencontainers.image.version: "7.12.0" + org.opencontainers.image.version: "7.13.1" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "log,metrics,monitoring,observabilty,o11y,oblt,beats,elastic,elasticsearch,golang" ## This value can be "opensource" or "commercial" @@ -40,11 +40,11 @@ labels: # List of resources to make available to the offline build context resources: -- filename: elastic-agent-7.12.0-linux-x86_64.tar.gz - url: https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-7.12.0-linux-x86_64.tar.gz +- filename: elastic-agent-7.13.1-linux-x86_64.tar.gz + url: https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-7.13.1-linux-x86_64.tar.gz validation: type: sha512 - value: 2b3b0d0b39ab7c26dbea6d3dfd3f29538d10312fa7fa5a314ea252fc549e438a91ac31ed373c5bf486e74a9e8e6be1e80b20c2e5c54cae23786270cbfe3cf35c + value: 38e56ccae7ca52753cf5b3c1af3596c79acb1a790cf65e256283515812a8b3e56a440b541de40b9ac981a44018c974f9cd2e1260423aaa6b9f69a015fc207362 - filename: tinit url: https://github.com/krallin/tini/releases/download/v0.19.0/tini-amd64 validation: @@ -57,6 +57,7 @@ resources: type: sha256 value: af986793a515d500ab2d35f8d2aecd656e764504b789b66d7e1a0b727a124c44 + # List of project maintainers maintainers: - email: "nassim.kammah@elastic.co" diff --git a/scripts/docker-entrypoint b/scripts/docker-entrypoint index 630a14ecd130c1119381c40cc7dd48b74e6704d9..7ebe21745f4769f6139f4ea342a8059449cdb032 100644 --- a/scripts/docker-entrypoint +++ b/scripts/docker-entrypoint @@ -2,86 +2,10 @@ set -eo pipefail -# Environment variables used -# FLEET_ENROLLMENT_TOKEN - existing enrollment token to be used for enroll -# FLEET_ENROLL - if set to 1 enroll will be performed -# FLEET_ENROLL_INSECURE - if set to 1, agent will enroll with fleet using --insecure flag -# FLEET_SETUP - if set to 1 fleet setup will be performed -# FLEET_TOKEN_NAME - token name for a token to be created -# KIBANA_HOST - actual kibana host [http://localhost:5601] -# KIBANA_PASSWORD - password for accessing kibana API [changeme] -# KIBANA_USERNAME - username for accessing kibana API [elastic] +# For information on the possible environment variables that can be passed into the container. Run the following +# command for information on the options that are available. +# +# `./elastic-agent container --help` +# -function log(){ - local msg=$1 - if [ "${DEBUG}" == "1" ]; then - echo $msg - fi -} - -function setup(){ - echo "Fleet setup" - curl -X POST -sS ${KIBANA_HOST:-http://localhost:5601}/api/fleet/setup -H 'kbn-xsrf: true' -u ${KIBANA_USERNAME:-elastic}:${KIBANA_PASSWORD:-changeme} - echo "" - echo "Agent setup" - curl -X POST -sS ${KIBANA_HOST:-http://localhost:5601}/api/fleet/agents/setup \ - -H 'Content-Type: application/json' \ - -H 'kbn-xsrf: true' \ - -u ${KIBANA_USERNAME:-elastic}:${KIBANA_PASSWORD:-changeme} - echo "" -} - -function enroll(){ - local enrollResp - local apiKey - - if [[ -n "${FLEET_ENROLLMENT_TOKEN}" ]]; then - apikey="${FLEET_ENROLLMENT_TOKEN}" - else - echo "Enroll Agent API key" - enrollResp=$(curl -sS ${KIBANA_HOST:-http://localhost:5601}/api/fleet/enrollment-api-keys \ - -H 'Content-Type: application/json' \ - -H 'kbn-xsrf: true' \ - -u ${KIBANA_USERNAME:-elastic}:${KIBANA_PASSWORD:-changeme} ) - echo "" - - local exitCode=$? - if [ $exitCode -ne 0 ]; then - exit $exitCode - fi - log $enrollResp - local apikeyId=$(echo $enrollResp | jq -r '.list[] | select((.name | startswith("Default ")) and (.active == true)) | .id') - - if [[ -z "${apikeyId}" ]]; then - echo "Default agent policy was not found. Please consider using own enrollment token (FLEET_ENROLLMENT_TOKEN)." - exit 1 - fi - log $apikeyId - - echo "Enroll Agent" - enrollResp=$(curl -sS ${KIBANA_HOST:-http://localhost:5601}/api/fleet/enrollment-api-keys/$apikeyId \ - -H 'Content-Type: application/json' \ - -H 'kbn-xsrf: true' \ - -u ${KIBANA_USERNAME:-elastic}:${KIBANA_PASSWORD:-changeme} ) - echo "" - - exitCode=$? - if [ $exitCode -ne 0 ]; then - exit $exitCode - fi - - apikey=$(echo $enrollResp | jq -r '.item.api_key') - fi - log $apikey - - if [[ -n "${FLEET_ENROLL_INSECURE}" ]] && [[ ${FLEET_ENROLL_INSECURE} == 1 ]]; then - insecure_flag="--insecure" - fi - - elastic-agent enroll ${insecure_flag} -f --url=${KIBANA_HOST:-http://localhost:5601} --enrollment-token=$apikey -} - -if [[ -n "${FLEET_SETUP}" ]] && [[ ${FLEET_SETUP} == 1 ]]; then setup; fi -if [[ -n "${FLEET_ENROLL}" ]] && [[ ${FLEET_ENROLL} == 1 ]]; then enroll; fi - -exec elastic-agent run "$@" +elastic-agent container "$@"