From a7fe6608c01b7396710074efa67cf2e5d9aa9d79 Mon Sep 17 00:00:00 2001 From: Ivan Fernandez Calvo Date: Tue, 8 Jun 2021 19:06:40 +0200 Subject: [PATCH] Update to Elastic Stack 7.13.1 --- Dockerfile | 4 +- README.md | 8 ++-- hardening_manifest.yaml | 13 +++--- scripts/docker-entrypoint | 88 +++------------------------------------ 4 files changed, 19 insertions(+), 94 deletions(-) diff --git a/Dockerfile b/Dockerfile index ecc8b97..fadc13e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ ARG BASE_TAG=8.3 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as prep_files -ARG ELASTIC_STACK=7.12.0 +ARG ELASTIC_STACK=7.13.1 ARG ELASTIC_PRODUCT=elastic-agent ARG OS_AND_ARCH=linux-x86_64 @@ -85,6 +85,6 @@ USER ${ELASTIC_PRODUCT} ENV ELASTIC_PRODUCT=${ELASTIC_PRODUCT} ENTRYPOINT ["/tinit", "--", "/usr/local/bin/docker-entrypoint"] -CMD ["--environment", "container"] +CMD [""] HEALTHCHECK --interval=10s --timeout=5s --start-period=1m --retries=5 CMD test -w '/tmp/elastic-agent/elastic-agent.sock' diff --git a/README.md b/README.md index 7bf89ef..a6e3d2e 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ **elastic-agent** is a single, unified way to add monitoring for logs, metrics, and other types of data to each host. A single agent makes it easier and faster to deploy monitoring across your infrastructure. The agent’s single, unified configuration makes it easier to add integrations for new data sources. For more information about elastic-agent, please visit -https://www.elastic.co/guide/en/ingest-management/7.12/index.html. +https://www.elastic.co/guide/en/ingest-management/7.13/index.html. --- **NOTE** @@ -14,7 +14,7 @@ This functionality is in beta and is subject to change. The design and code is l ### Installation instructions -Please follow the documentation on [Quick start](https://www.elastic.co/guide/en/ingest-management/7.12/ingest-management-getting-started.html). +Please follow the documentation on [Quick start](https://www.elastic.co/guide/en/ingest-management/7.13/ingest-management-getting-started.html). ### Where to file issues and PRs @@ -37,9 +37,9 @@ visiting [Elastic Community](https://www.elastic.co/community). This software is governed by the [Elastic -License](https://github.com/elastic/elasticsearch/blob/7.12/licenses/ELASTIC-LICENSE.txt), +License](https://github.com/elastic/elasticsearch/blob/7.13/licenses/ELASTIC-LICENSE.txt), and includes the full set of [free features](https://www.elastic.co/subscriptions). View the detailed release notes -[here](https://www.elastic.co/guide/en/beats/libbeat/current/release-notes-7.12.1.html). +[here](https://www.elastic.co/guide/en/beats/libbeat/current/release-notes-7.13.1.html). diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml index d91f0ee..e2b140b 100644 --- a/hardening_manifest.yaml +++ b/hardening_manifest.yaml @@ -8,7 +8,7 @@ name: "elastic/beats/elastic-agent" # The most specific version should be the first tag and will be shown # on ironbank.dsop.io tags: -- "7.12.0" +- "7.13.1" - "latest" # Build args passed to Dockerfile ARGs @@ -16,7 +16,7 @@ args: BASE_IMAGE: "redhat/ubi/ubi8" BASE_TAG: "8.3" BASE_REGISTRY: registry1.dsop.io - ELASTIC_STACK: "7.12.0" + ELASTIC_STACK: "7.13.1" ELASTIC_PRODUCT: "elastic-agent" # Docker image labels @@ -30,7 +30,7 @@ labels: org.opencontainers.image.url: "https://www.elastic.co/products/beats/elastic-agent" ## Name of the distributing entity, organization or individual org.opencontainers.image.vendor: "Elastic" - org.opencontainers.image.version: "7.12.0" + org.opencontainers.image.version: "7.13.1" ## Keywords to help with search (ex. "cicd,gitops,golang") mil.dso.ironbank.image.keywords: "log,metrics,monitoring,observabilty,o11y,oblt,beats,elastic,elasticsearch,golang" ## This value can be "opensource" or "commercial" @@ -40,11 +40,11 @@ labels: # List of resources to make available to the offline build context resources: -- filename: elastic-agent-7.12.0-linux-x86_64.tar.gz - url: https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-7.12.0-linux-x86_64.tar.gz +- filename: elastic-agent-7.13.1-linux-x86_64.tar.gz + url: https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-7.13.1-linux-x86_64.tar.gz validation: type: sha512 - value: 2b3b0d0b39ab7c26dbea6d3dfd3f29538d10312fa7fa5a314ea252fc549e438a91ac31ed373c5bf486e74a9e8e6be1e80b20c2e5c54cae23786270cbfe3cf35c + value: 38e56ccae7ca52753cf5b3c1af3596c79acb1a790cf65e256283515812a8b3e56a440b541de40b9ac981a44018c974f9cd2e1260423aaa6b9f69a015fc207362 - filename: tinit url: https://github.com/krallin/tini/releases/download/v0.19.0/tini-amd64 validation: @@ -57,6 +57,7 @@ resources: type: sha256 value: af986793a515d500ab2d35f8d2aecd656e764504b789b66d7e1a0b727a124c44 + # List of project maintainers maintainers: - email: "nassim.kammah@elastic.co" diff --git a/scripts/docker-entrypoint b/scripts/docker-entrypoint index 630a14e..7ebe217 100644 --- a/scripts/docker-entrypoint +++ b/scripts/docker-entrypoint @@ -2,86 +2,10 @@ set -eo pipefail -# Environment variables used -# FLEET_ENROLLMENT_TOKEN - existing enrollment token to be used for enroll -# FLEET_ENROLL - if set to 1 enroll will be performed -# FLEET_ENROLL_INSECURE - if set to 1, agent will enroll with fleet using --insecure flag -# FLEET_SETUP - if set to 1 fleet setup will be performed -# FLEET_TOKEN_NAME - token name for a token to be created -# KIBANA_HOST - actual kibana host [http://localhost:5601] -# KIBANA_PASSWORD - password for accessing kibana API [changeme] -# KIBANA_USERNAME - username for accessing kibana API [elastic] +# For information on the possible environment variables that can be passed into the container. Run the following +# command for information on the options that are available. +# +# `./elastic-agent container --help` +# -function log(){ - local msg=$1 - if [ "${DEBUG}" == "1" ]; then - echo $msg - fi -} - -function setup(){ - echo "Fleet setup" - curl -X POST -sS ${KIBANA_HOST:-http://localhost:5601}/api/fleet/setup -H 'kbn-xsrf: true' -u ${KIBANA_USERNAME:-elastic}:${KIBANA_PASSWORD:-changeme} - echo "" - echo "Agent setup" - curl -X POST -sS ${KIBANA_HOST:-http://localhost:5601}/api/fleet/agents/setup \ - -H 'Content-Type: application/json' \ - -H 'kbn-xsrf: true' \ - -u ${KIBANA_USERNAME:-elastic}:${KIBANA_PASSWORD:-changeme} - echo "" -} - -function enroll(){ - local enrollResp - local apiKey - - if [[ -n "${FLEET_ENROLLMENT_TOKEN}" ]]; then - apikey="${FLEET_ENROLLMENT_TOKEN}" - else - echo "Enroll Agent API key" - enrollResp=$(curl -sS ${KIBANA_HOST:-http://localhost:5601}/api/fleet/enrollment-api-keys \ - -H 'Content-Type: application/json' \ - -H 'kbn-xsrf: true' \ - -u ${KIBANA_USERNAME:-elastic}:${KIBANA_PASSWORD:-changeme} ) - echo "" - - local exitCode=$? - if [ $exitCode -ne 0 ]; then - exit $exitCode - fi - log $enrollResp - local apikeyId=$(echo $enrollResp | jq -r '.list[] | select((.name | startswith("Default ")) and (.active == true)) | .id') - - if [[ -z "${apikeyId}" ]]; then - echo "Default agent policy was not found. Please consider using own enrollment token (FLEET_ENROLLMENT_TOKEN)." - exit 1 - fi - log $apikeyId - - echo "Enroll Agent" - enrollResp=$(curl -sS ${KIBANA_HOST:-http://localhost:5601}/api/fleet/enrollment-api-keys/$apikeyId \ - -H 'Content-Type: application/json' \ - -H 'kbn-xsrf: true' \ - -u ${KIBANA_USERNAME:-elastic}:${KIBANA_PASSWORD:-changeme} ) - echo "" - - exitCode=$? - if [ $exitCode -ne 0 ]; then - exit $exitCode - fi - - apikey=$(echo $enrollResp | jq -r '.item.api_key') - fi - log $apikey - - if [[ -n "${FLEET_ENROLL_INSECURE}" ]] && [[ ${FLEET_ENROLL_INSECURE} == 1 ]]; then - insecure_flag="--insecure" - fi - - elastic-agent enroll ${insecure_flag} -f --url=${KIBANA_HOST:-http://localhost:5601} --enrollment-token=$apikey -} - -if [[ -n "${FLEET_SETUP}" ]] && [[ ${FLEET_SETUP} == 1 ]]; then setup; fi -if [[ -n "${FLEET_ENROLL}" ]] && [[ ${FLEET_ENROLL} == 1 ]]; then enroll; fi - -exec elastic-agent run "$@" +elastic-agent container "$@" -- GitLab