From b42be0df903aba6580b80761af6df86fa80c845d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 15 Jan 2024 15:01:24 -0500 Subject: [PATCH 1/6] [updatecli] Bump Golang version to 1.21.6 (#76) ### What Bump go release version with the latest release. ### Further details See [changelog](https://github.com/golang/go/issues?q=milestone%3AGo1.21.6+label%3ACherryPickApproved) for 1.21.6 Generated automatically with https://github.com/elastic/elastic-agent-autodiscover/actions/runs/7514558421 ---

Bump golang-version to latest version

Update .golangci.yml

1 file(s) updated with "1.21.6": * .golangci.yml

1.21.6 
no GitHub Release found for go1.21.6 on
"https://github.com/golang/go"
Update .go-version

1 file(s) updated with "1.21.6": * .go-version

1.21.6 
no GitHub Release found for go1.21.6 on
"https://github.com/golang/go"
 ---
Updatecli logo

Created automatically by Updatecli

Options:

Most of Updatecli configuration is done via its manifest(s).

  • If you close this pull request, Updatecli will automatically reopen it, the next time it runs.
  • If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made.

Feel free to report any issues at github.com/updatecli/updatecli.
If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!

--------- Co-authored-by: apmmachine --- .go-version | 2 +- .golangci.yml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.go-version b/.go-version index ce2dd5357..c262b1f0d 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.21.5 +1.21.6 diff --git a/.golangci.yml b/.golangci.yml index ebc48ae98..dc58b9948 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -87,7 +87,7 @@ linters-settings: gosimple: # Select the Go version to target. The default is '1.13'. - go: "1.21.5" + go: "1.21.6" nakedret: # make an issue if func has more lines of code than this setting and it has naked returns; default is 30 @@ -121,15 +121,15 @@ linters-settings: staticcheck: # Select the Go version to target. The default is '1.13'. - go: "1.21.5" + go: "1.21.6" stylecheck: # Select the Go version to target. The default is '1.13'. - go: "1.21.5" + go: "1.21.6" unused: # Select the Go version to target. The default is '1.13'. - go: "1.21.5" + go: "1.21.6" gosec: excludes: From e052775fa515eaae56a33acb10d2e6c3740fad0a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 12 Feb 2024 12:29:44 -0500 Subject: [PATCH 2/6] [updatecli] Bump Golang version to 1.21.7 (#78) ### What Bump go release version with the latest release. ### Further details See [changelog](https://github.com/golang/go/issues?q=milestone%3AGo1.21.7+label%3ACherryPickApproved) for 1.21.7 Generated automatically with https://github.com/elastic/elastic-agent-autodiscover/actions/runs/7857106506 ---

Bump golang-version to latest version

Update .go-version

1 file(s) updated with "1.21.7": * .go-version

1.21.7 
no GitHub Release found for go1.21.7 on
"https://github.com/golang/go"
Update .golangci.yml

1 file(s) updated with "1.21.7": * .golangci.yml

1.21.7 
no GitHub Release found for go1.21.7 on
"https://github.com/golang/go"
 ---
Updatecli logo

Created automatically by Updatecli

Options:

Most of Updatecli configuration is done via its manifest(s).

  • If you close this pull request, Updatecli will automatically reopen it, the next time it runs.
  • If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made.

Feel free to report any issues at github.com/updatecli/updatecli.
If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!

--------- Co-authored-by: apmmachine --- .go-version | 2 +- .golangci.yml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.go-version b/.go-version index c262b1f0d..8819d012c 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.21.6 +1.21.7 diff --git a/.golangci.yml b/.golangci.yml index dc58b9948..b7f60909f 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -87,7 +87,7 @@ linters-settings: gosimple: # Select the Go version to target. The default is '1.13'. - go: "1.21.6" + go: "1.21.7" nakedret: # make an issue if func has more lines of code than this setting and it has naked returns; default is 30 @@ -121,15 +121,15 @@ linters-settings: staticcheck: # Select the Go version to target. The default is '1.13'. - go: "1.21.6" + go: "1.21.7" stylecheck: # Select the Go version to target. The default is '1.13'. - go: "1.21.6" + go: "1.21.7" unused: # Select the Go version to target. The default is '1.13'. - go: "1.21.6" + go: "1.21.7" gosec: excludes: From e47c0f013820d394460a21b688e45de1ac7628de Mon Sep 17 00:00:00 2001 From: Michael Katsoulis Date: Mon, 19 Feb 2024 10:00:20 +0200 Subject: [PATCH 3/6] Add method to return a watcher's event handler (#79) This PR adds a method to kubernetes Watcher interface in order to return the event handler of a watcher. This is needed as part of refactoring of metadata enrichment (https://github.com/elastic/beats/pull/37332). --- kubernetes/watcher.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/kubernetes/watcher.go b/kubernetes/watcher.go index c18a6f468..9b02c93f2 100644 --- a/kubernetes/watcher.go +++ b/kubernetes/watcher.go @@ -54,6 +54,9 @@ type Watcher interface { // AddEventHandler add event handlers for corresponding event type watched AddEventHandler(ResourceEventHandler) + // GetEventHandler returns the event handlers for corresponding event type watched + GetEventHandler() ResourceEventHandler + // Store returns the store object for the watcher Store() cache.Store @@ -181,6 +184,11 @@ func (w *watcher) AddEventHandler(h ResourceEventHandler) { w.handler = h } +// GetEventHandler returns the watcher's event handler +func (w *watcher) GetEventHandler() ResourceEventHandler { + return w.handler +} + // Store returns the store object for the resource that is being watched func (w *watcher) Store() cache.Store { return w.store From 4554e51c00911209f8dfd463f52bc17f65e3f18f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 11 Mar 2024 11:10:39 -0400 Subject: [PATCH 4/6] [updatecli] Bump Golang version to 1.21.8 (#82) ### What Bump go release version with the latest release. ### Further details See [changelog](https://github.com/golang/go/issues?q=milestone%3AGo1.21.8+label%3ACherryPickApproved) for 1.21.8 Generated automatically with https://github.com/elastic/elastic-agent-autodiscover/actions/runs/8216870501 ---

Bump golang-version to latest version

Update .go-version

1 file(s) updated with "1.21.8": * .go-version

1.21.8 
no GitHub Release found for go1.21.8 on
"https://github.com/golang/go"
Update .golangci.yml

1 file(s) updated with "1.21.8": * .golangci.yml

1.21.8 
no GitHub Release found for go1.21.8 on
"https://github.com/golang/go"
 ---
Updatecli logo

Created automatically by Updatecli

Options:

Most of Updatecli configuration is done via its manifest(s).

  • If you close this pull request, Updatecli will automatically reopen it, the next time it runs.
  • If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made.

Feel free to report any issues at github.com/updatecli/updatecli.
If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!

--------- Co-authored-by: apmmachine --- .go-version | 2 +- .golangci.yml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.go-version b/.go-version index 8819d012c..428abfd24 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.21.7 +1.21.8 diff --git a/.golangci.yml b/.golangci.yml index b7f60909f..4f34c577f 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -87,7 +87,7 @@ linters-settings: gosimple: # Select the Go version to target. The default is '1.13'. - go: "1.21.7" + go: "1.21.8" nakedret: # make an issue if func has more lines of code than this setting and it has naked returns; default is 30 @@ -121,15 +121,15 @@ linters-settings: staticcheck: # Select the Go version to target. The default is '1.13'. - go: "1.21.7" + go: "1.21.8" stylecheck: # Select the Go version to target. The default is '1.13'. - go: "1.21.7" + go: "1.21.8" unused: # Select the Go version to target. The default is '1.13'. - go: "1.21.7" + go: "1.21.8" gosec: excludes: From b3b1fa70dc11f18cf9b8b4bc16c0b42ec529d673 Mon Sep 17 00:00:00 2001 From: Jan Calanog Date: Tue, 12 Mar 2024 17:54:10 +0100 Subject: [PATCH 5/6] security: add permissions block to workflows (#80) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## Details ⚠️ This PR was created by an automated tool. Please review the changes carefully. ⚠️ We want to set the default permissions for workflows to read-only for contents. This is a security measure to prevent accidental changes to the repository. This change adds a top-level permissions block to all workflows in the .github/workflows directory. ```yaml permissions: contents: read ``` In some cases workflows might need more permissions than just `contents: read`. Please checkout this branch and add the necessary permissions to the workflows. If your workflow uses a Personal Access Token (PAT), we can still add the permissions block, but it will not have any effect. Merging this PR as is might cause workflows that need more permissions to fail. If there are any questions, please reach out to the @elastic/observablt-ci --- .github/workflows/add-issues-to-ingest-board.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/add-issues-to-ingest-board.yml b/.github/workflows/add-issues-to-ingest-board.yml index 499fa012e..8d063114d 100644 --- a/.github/workflows/add-issues-to-ingest-board.yml +++ b/.github/workflows/add-issues-to-ingest-board.yml @@ -13,6 +13,9 @@ env: AREA_FIELD_ID: 'PVTSSF_lADOAGc3Zs4AEzn4zgEgZSo' ELASTIC_AGENT_OPTION_ID: 'c1e1a30a' +permissions: + contents: read + jobs: add_to_ingest_project: runs-on: ubuntu-latest From 7490558445cb8d3248462255edc8ac64bc18b8eb Mon Sep 17 00:00:00 2001 From: Andrew Gizas Date: Wed, 13 Mar 2024 10:54:53 +0200 Subject: [PATCH 6/6] Introduce checks for not supported annotations for Hints based autodiscover of Elastic Agent (#81) This PR relates to https://github.com/elastic/elastic-agent/issues/3064 and provides the checks for the supported hints. --- CHANGELOG.md | 9 +++++++++ utils/hints.go | 27 +++++++++++++++++++++++++-- utils/hints_test.go | 34 +++++++++++++++++++++++++++------- 3 files changed, 61 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e378d2ea9..247ac580f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -44,3 +44,12 @@ This project adheres to [Semantic Versioning](http://semver.org/). [0.6.7]: https://github.com/elastic/elastic-agent-autodiscover/compare/v0.6.2...v0.6.7 + +## [0.6.9] + +### Changed + +- Update GenerateHints function to check supported list of hints + + +[0.6.9]: https://github.com/elastic/elastic-agent-autodiscover/compare/v0.6.8...v0.6.9 diff --git a/utils/hints.go b/utils/hints.go index f3b816b53..cde1ae185 100644 --- a/utils/hints.go +++ b/utils/hints.go @@ -202,16 +202,22 @@ func IsDisabled(hints mapstr.M, key string) bool { } // GenerateHints parses annotations based on a prefix and sets up hints that can be picked up by individual Beats. -func GenerateHints(annotations mapstr.M, container, prefix string) mapstr.M { +func GenerateHints(annotations mapstr.M, container, prefix string, allSupportedHints []string) (mapstr.M, []string) { hints := mapstr.M{} + var incorrecthints []string + found := false if rawEntries, err := annotations.GetValue(prefix); err == nil { if entries, ok := rawEntries.(mapstr.M); ok { for key, rawValue := range entries { + // If there are top level hints like co.elastic.logs/ then just add the values after the / // Only consider namespaced annotations parts := strings.Split(key, "/") if len(parts) == 2 { hintKey := fmt.Sprintf("%s.%s", parts[0], parts[1]) + //We check whether the provided annotation follows the supported format and vocabulary. The check happens for annotations that have prefix co.elastic + found = checkSupportedHints(parts[1], allSupportedHints) + // Insert only if there is no entry already. container level annotations take // higher priority. if _, err := hints.GetValue(hintKey); err != nil { @@ -233,6 +239,8 @@ func GenerateHints(annotations mapstr.M, container, prefix string) mapstr.M { if strings.HasPrefix(hintKey, container) { // Split the key to get part[1] to be the hint parts := strings.Split(hintKey, "/") + //We check whether the provided annotation follows the supported format and vocabulary. The check happens for annotations that have prefix co.elastic + found = checkSupportedHints(parts[1], allSupportedHints) if len(parts) == 2 { // key will be the hint type hintKey := fmt.Sprintf("%s.%s", key, parts[1]) @@ -244,11 +252,14 @@ func GenerateHints(annotations mapstr.M, container, prefix string) mapstr.M { } } } + if !found { + incorrecthints = append(incorrecthints, key) + } } } } - return hints + return hints, incorrecthints } // GetHintsAsList gets a set of hints and tries to convert them into a list of hints @@ -289,3 +300,15 @@ func GetHintsAsList(hints mapstr.M, key string) []mapstr.M { } return configs } + +// checkSupportedHints gets a specific hint annotation and compares it with the supported list of hints +func checkSupportedHints(actualannotation string, allSupportedHints []string) bool { + found := false + for _, checksupported := range allSupportedHints { + if actualannotation == checksupported { + found = true + break + } + } + return found +} diff --git a/utils/hints_test.go b/utils/hints_test.go index 624bab545..3072c90b3 100644 --- a/utils/hints_test.go +++ b/utils/hints_test.go @@ -50,14 +50,21 @@ func TestGetProcessors(t *testing.T) { } func TestGenerateHints(t *testing.T) { + + var allSupportedHints = []string{"enabled", "module", "integration", "datas_treams", "host", "period", "timeout", "metrics_path", "username", "password", "stream", "processors", "multiline", "json", "disable"} + tests := []struct { - annotations map[string]string - result mapstr.M + name string + annotations map[string]string + result mapstr.M + expectedIncorrectHints int // We set the number of hints that will be marked as incorrect and wont be included in the acceptable supported list }{ - // Empty annotations should return empty hints + //Empty annotations should return empty hints { - annotations: map[string]string{}, - result: mapstr.M{}, + name: "Empty_Annotations", + annotations: map[string]string{}, + result: mapstr.M{}, + expectedIncorrectHints: 0, }, // Scenarios being tested: @@ -68,6 +75,7 @@ func TestGenerateHints(t *testing.T) { // not.to.include must not be part of hints // period is annotated at both container and pod level. Container level value must be in hints { + name: "Logs_multiline_and_metrics", annotations: map[string]string{ "co.elastic.logs/multiline.pattern": "^test", "co.elastic.logs/json.keys_under_root": "true", @@ -91,6 +99,7 @@ func TestGenerateHints(t *testing.T) { "period": "15s", }, }, + expectedIncorrectHints: 0, }, // Scenarios being tested: // logs/multiline.pattern must be a nested mapstr.M under hints.logs @@ -98,6 +107,7 @@ func TestGenerateHints(t *testing.T) { // not.to.include must not be part of hints // metrics/metrics_path must be found in hints.metrics { + name: "Logs_multiline_and_metrics_with_metrics_path", annotations: map[string]string{ "co.elastic.logs/multiline.pattern": "^test", "co.elastic.metrics/module": "prometheus", @@ -107,6 +117,7 @@ func TestGenerateHints(t *testing.T) { "co.elastic.metrics/password": "pass", "co.elastic.metrics.foobar/period": "15s", "co.elastic.metrics.foobar1/period": "15s", + "co.elastic.hints/steam": "stdout", // On purpose this added with typo "not.to.include": "true", }, result: mapstr.M{ @@ -115,6 +126,7 @@ func TestGenerateHints(t *testing.T) { "pattern": "^test", }, }, + "hints": mapstr.M{"steam": "stdout"}, "metrics": mapstr.M{ "module": "prometheus", "period": "15s", @@ -123,14 +135,15 @@ func TestGenerateHints(t *testing.T) { "password": "pass", }, }, + expectedIncorrectHints: 1, // Due to co.elastic.hints/steam and not co.elastic.hints/stream }, // Scenarios being tested: - // have co.elastic.logs/disable set to false. // logs/multiline.pattern must be a nested mapstr.M under hints.logs // metrics/module must be found in hints.metrics // not.to.include must not be part of hints // period is annotated at both container and pod level. Container level value must be in hints { + name: "Logs_multiline_and_metrics", annotations: map[string]string{ "co.elastic.logs/multiline.pattern": "^test", "co.elastic.metrics/module": "prometheus", @@ -150,6 +163,7 @@ func TestGenerateHints(t *testing.T) { "period": "15s", }, }, + expectedIncorrectHints: 0, }, // Scenarios being tested: // have co.elastic.logs/disable set to false. @@ -158,6 +172,7 @@ func TestGenerateHints(t *testing.T) { // not.to.include must not be part of hints // period is annotated at both container and pod level. Container level value must be in hints { + name: "Logs_disabled_false_and_metrics", annotations: map[string]string{ "co.elastic.logs/disable": "false", "co.elastic.logs/multiline.pattern": "^test", @@ -179,6 +194,7 @@ func TestGenerateHints(t *testing.T) { "period": "15s", }, }, + expectedIncorrectHints: 0, }, // Scenarios being tested: // have co.elastic.logs/disable set to true. @@ -187,6 +203,7 @@ func TestGenerateHints(t *testing.T) { // not.to.include must not be part of hints // period is annotated at both container and pod level. Container level value must be in hints { + name: "Logs_disabled_true_and_metrics", annotations: map[string]string{ "co.elastic.logs/disable": "true", "co.elastic.logs/multiline.pattern": "^test", @@ -208,6 +225,7 @@ func TestGenerateHints(t *testing.T) { "period": "15s", }, }, + expectedIncorrectHints: 0, }, } @@ -219,7 +237,9 @@ func TestGenerateHints(t *testing.T) { continue } } - assert.Equal(t, test.result, GenerateHints(annMap, "foobar", "co.elastic")) + generateHints, incorrectHints := GenerateHints(annMap, "foobar", "co.elastic", allSupportedHints) + assert.Equal(t, test.expectedIncorrectHints, len(incorrectHints)) // We validate how many incorrect hints are provided per test case. + assert.Equal(t, test.result, generateHints) } } func TestGetHintsAsList(t *testing.T) {