Skip to content

Commit

Permalink
[8.x](backport #5889) Add integration tests using a proxy with mTLS f…
Browse files Browse the repository at this point in the history
…or control plane with Elastic Defend installed (#5943)

* add integration tests using a proxy with mTLS for control plane with Elastic Defend installed (#5889)

(cherry picked from commit a338543)

* update elastic-agent-libs so it works with 8.x stacks

---------

Co-authored-by: Anderson Queiroz <[email protected]>
  • Loading branch information
mergify[bot] and AndersonQ authored Nov 8, 2024
1 parent 155b601 commit 81196cc
Show file tree
Hide file tree
Showing 11 changed files with 597 additions and 53 deletions.
4 changes: 2 additions & 2 deletions NOTICE.txt
Original file line number Diff line number Diff line change
Expand Up @@ -1264,11 +1264,11 @@ SOFTWARE

--------------------------------------------------------------------------------
Dependency : github.com/elastic/elastic-agent-libs
Version: v0.17.0
Version: v0.17.2
Licence type (autodetected): Apache-2.0
--------------------------------------------------------------------------------

Contents of probable licence file $GOMODCACHE/github.com/elastic/[email protected].0/LICENSE:
Contents of probable licence file $GOMODCACHE/github.com/elastic/[email protected].2/LICENSE:

Apache License
Version 2.0, January 2004
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ require (
github.com/dolmen-go/contextio v0.0.0-20200217195037-68fc5150bcd5
github.com/elastic/elastic-agent-autodiscover v0.9.0
github.com/elastic/elastic-agent-client/v7 v7.16.0
github.com/elastic/elastic-agent-libs v0.17.0
github.com/elastic/elastic-agent-libs v0.17.2
github.com/elastic/elastic-agent-system-metrics v0.11.3
github.com/elastic/elastic-transport-go/v8 v8.6.0
github.com/elastic/go-elasticsearch/v8 v8.15.0
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -264,8 +264,8 @@ github.com/elastic/elastic-agent-autodiscover v0.9.0 h1:+iWIKh0u3e8I+CJa3FfWe9h0
github.com/elastic/elastic-agent-autodiscover v0.9.0/go.mod h1:5iUxLHhVdaGSWYTveSwfJEY4RqPXTG13LPiFoxcpFd4=
github.com/elastic/elastic-agent-client/v7 v7.16.0 h1:yKGq2+CxAuW8Kh0EoNl202tqAyQKfBcPRawVKs2Jve0=
github.com/elastic/elastic-agent-client/v7 v7.16.0/go.mod h1:6h+f9QdIr3GO2ODC0Y8+aEXRwzbA5W4eV4dd/67z7nI=
github.com/elastic/elastic-agent-libs v0.17.0 h1:KvgigcnlH74yZGZyKx7tqn9zBzy6Bt+AVhg3PfrxNW0=
github.com/elastic/elastic-agent-libs v0.17.0/go.mod h1:5CR02awPrBr+tfmjBBK+JI+dMmHNQjpVY24J0wjbC7M=
github.com/elastic/elastic-agent-libs v0.17.2 h1:Wk2mzdyjC7TZNgXcIfht5r6nHbXP4uLEFNxAhIhhkLA=
github.com/elastic/elastic-agent-libs v0.17.2/go.mod h1:5CR02awPrBr+tfmjBBK+JI+dMmHNQjpVY24J0wjbC7M=
github.com/elastic/elastic-agent-system-metrics v0.11.3 h1:LDzRwP8kxvsYEtMDgMSKZs1TgPcSEukit+/EAP5Y28A=
github.com/elastic/elastic-agent-system-metrics v0.11.3/go.mod h1:saqLKe9fuyuAo6IADAnnuy1kaBI7VNlxfwMo8KzSRyQ=
github.com/elastic/elastic-transport-go/v8 v8.6.0 h1:Y2S/FBjx1LlCv5m6pWAF2kDJAHoSjSRSJCApolgfthA=
Expand Down
2 changes: 1 addition & 1 deletion pkg/testing/define/define.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,12 @@ import (
"github.com/gofrs/uuid/v5"

"github.com/elastic/elastic-agent-libs/kibana"
"github.com/elastic/elastic-agent/pkg/utils"
"github.com/elastic/go-elasticsearch/v8"
"github.com/elastic/go-sysinfo"
"github.com/elastic/go-sysinfo/types"

atesting "github.com/elastic/elastic-agent/pkg/testing"
"github.com/elastic/elastic-agent/pkg/utils"
semver "github.com/elastic/elastic-agent/pkg/version"
"github.com/elastic/elastic-agent/version"

Expand Down
8 changes: 6 additions & 2 deletions pkg/testing/fixture.go
Original file line number Diff line number Diff line change
Expand Up @@ -1376,8 +1376,12 @@ type AgentInspectOutput struct {
Threshold int `yaml:"threshold"`
} `yaml:"reporting"`
Ssl struct {
Renegotiation string `yaml:"renegotiation"`
VerificationMode string `yaml:"verification_mode"`
Renegotiation string `yaml:"renegotiation"`
VerificationMode string `yaml:"verification_mode"`
Certificate string `yaml:"certificate"`
CertificateAuthorities []string `yaml:"certificate_authorities"`
Key string `yaml:"key"`
KeyPassphrasePath string `yaml:"key_passphrase_path"`
} `yaml:"ssl"`
Timeout string `yaml:"timeout"`
} `yaml:"fleet"`
Expand Down
16 changes: 8 additions & 8 deletions pkg/testing/fixture_install.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ type EnrollOpts struct {
CertificateAuthorities []string // --certificate-authorities
Certificate string // --elastic-agent-cert
Key string // --elastic-agent-cert-key
KeyPassphrasePath string // --elastic-agent-cert-key-passphrase
}

func (e EnrollOpts) toCmdArgs() []string {
Expand All @@ -65,10 +66,13 @@ func (e EnrollOpts) toCmdArgs() []string {
if e.Certificate != "" {
args = append(args, "--elastic-agent-cert="+e.Certificate)
}

if e.Key != "" {
args = append(args, "--elastic-agent-cert-key="+e.Key)
}
if e.KeyPassphrasePath != "" {
args = append(args, "--elastic-agent-cert-key-passphrase="+e.KeyPassphrasePath)
}

return args
}

Expand Down Expand Up @@ -113,7 +117,7 @@ type InstallOpts struct {
FleetBootstrapOpts
}

func (i *InstallOpts) toCmdArgs(operatingSystem string) ([]string, error) {
func (i *InstallOpts) ToCmdArgs() []string {
var args []string
if i.BasePath != "" {
args = append(args, "--base-path", i.BasePath)
Expand Down Expand Up @@ -150,7 +154,7 @@ func (i *InstallOpts) toCmdArgs(operatingSystem string) ([]string, error) {
args = append(args, i.EnrollOpts.toCmdArgs()...)
args = append(args, i.FleetBootstrapOpts.toCmdArgs()...)

return args, nil
return args
}

// Install installs the prepared Elastic Agent binary and registers a t.Cleanup
Expand Down Expand Up @@ -196,11 +200,7 @@ func (f *Fixture) installNoPkgManager(ctx context.Context, installOpts *InstallO
}

installArgs := []string{"install"}
installOptsArgs, err := installOpts.toCmdArgs(f.operatingSystem)
if err != nil {
return nil, err
}
installArgs = append(installArgs, installOptsArgs...)
installArgs = append(installArgs, installOpts.ToCmdArgs()...)
out, err := f.Exec(ctx, installArgs, opts...)
if err != nil {
f.DumpProcesses("-install")
Expand Down
41 changes: 21 additions & 20 deletions pkg/testing/tools/tools.go
Original file line number Diff line number Diff line change
Expand Up @@ -74,9 +74,10 @@ func InstallAgentWithPolicy(ctx context.Context, t *testing.T,
return policy, err
}

// InstallAgentForPolicy enrolls the provided agent fixture in Fleet using the
// default Fleet Server, waits for the agent to come online, and returns either
// an error or nil.
// InstallAgentForPolicy enrolls the provided agent fixture with Fleet. If
// either the enroll URL or the enrollmentToken is empty, they'll be generated
// using the default fleet-server. Then if delay enroll isn't set it waits for
// the agent to come online, otherwise it returns immediately.
// If the context (ctx) has a deadline, it will wait for the agent to become
// online until the deadline of the context, or if not, a default 5-minute
// deadline will be applied.
Expand All @@ -92,31 +93,32 @@ func InstallAgentForPolicy(ctx context.Context, t *testing.T,
PolicyID: policyID,
}

t.Logf("Creating enrollment API key...")
enrollmentToken, err := kibClient.CreateEnrollmentAPIKey(ctx, createEnrollmentAPIKeyReq)
if err != nil {
return fmt.Errorf("unable to create enrollment API key: %w", err)
}
if installOpts.EnrollmentToken == "" {
t.Logf("Creating enrollment API key...")
enrollmentToken, err := kibClient.CreateEnrollmentAPIKey(ctx, createEnrollmentAPIKeyReq)
if err != nil {
return fmt.Errorf("failed creating enrollment API key: %w", err)
}

// Get default Fleet Server URL
fleetServerURL, err := fleettools.DefaultURL(ctx, kibClient)
if err != nil {
return fmt.Errorf("unable to get default Fleet Server URL: %w", err)
installOpts.EnrollmentToken = enrollmentToken.APIKey
}

// Enroll agent
t.Logf("Unpacking and installing Elastic Agent")
installOpts.EnrollOpts = atesting.EnrollOpts{
URL: fleetServerURL,
EnrollmentToken: enrollmentToken.APIKey,
if installOpts.URL == "" {
fleetServerURL, err := fleettools.DefaultURL(ctx, kibClient)
if err != nil {
return fmt.Errorf("failed getting fleet server URL: %w", err)
}

installOpts.URL = fleetServerURL
}

output, err := agentFixture.Install(ctx, &installOpts)
if err != nil {
t.Log(string(output))
return fmt.Errorf("unable to enroll Elastic Agent: %w", err)
return fmt.Errorf("failed installing the agent: %w", err)
}
t.Logf(">>> Ran Enroll. Output: %s", output)

t.Logf(">>> Enroll succeeded. Output: %s", output)

timeout := 10 * time.Minute
if deadline, ok := ctx.Deadline(); ok {
Expand All @@ -136,6 +138,5 @@ func InstallAgentForPolicy(ctx context.Context, t *testing.T,
10*time.Second,
"Elastic Agent status is not online",
)

return nil
}
Loading

0 comments on commit 81196cc

Please sign in to comment.