Skip to content

Commit

Permalink
Merge branch 'main' into system-process-pid
Browse files Browse the repository at this point in the history
  • Loading branch information
fearful-symmetry authored May 22, 2024
2 parents cd52564 + 18a7e54 commit 0dc3e83
Show file tree
Hide file tree
Showing 22 changed files with 1,521 additions and 219 deletions.
55 changes: 29 additions & 26 deletions .buildkite/x-pack/pipeline.xpack.auditbeat.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,9 @@ env:
steps:
- group: "x-pack/auditbeat Mandatory Tests"
key: "x-pack-auditbeat-mandatory-tests"

steps:
- label: ":linux: Ubuntu Unit (MODULE) Tests"
- label: ":ubuntu: x-pack/auditbeat Build (MODULE) Tests"
key: "mandatory-linux-unit-test"
command: |
set -euo pipefail
Expand All @@ -54,7 +55,7 @@ steps:
- github_commit_status:
context: "x-pack/auditbeat: Ubuntu Unit (MODULE) Tests"

- label: ":rhel: RHEL9 Unit Tests"
- label: ":rhel: x-pack/auditbeat RHEL9 Unit Tests"
key: "mandatory-rhel9-unit-test"
command: |
cd x-pack/auditbeat
Expand All @@ -71,13 +72,13 @@ steps:
- "x-pack/auditbeat/build/*.json"
notify:
- github_commit_status:
context: "x-pack/auditbeat: RHEL Unit Tests"
context: "x-pack/auditbeat: RHEL9 Unit Tests"

- label: ":windows: Windows 2022 Unit Tests"
- label: ":windows: x-pack/auditbeat Windows 2022 Unit Tests"
key: "mandatory-win-2022-unit-tests"
command: |
Set-Location -Path x-pack/auditbeat
mage build unitTest
key: "mandatory-win-2022-unit-tests"
retry:
automatic:
- limit: 3
Expand All @@ -94,7 +95,7 @@ steps:
- github_commit_status:
context: "x-pack/auditbeat: Windows 2022 Unit Tests"

- label: ":windows: Windows 2016 Unit Tests"
- label: ":windows: x-pack/auditbeat Windows 2016 Unit Tests"
command: |
Set-Location -Path x-pack/auditbeat
mage build unitTest
Expand All @@ -118,8 +119,9 @@ steps:
- group: "x-pack/auditbeat Extended Windows Tests"
key: "x-pack-auditbeat-extended-win-tests"
if: build.env("BUILDKITE_PULL_REQUEST") == "false" || build.env("GITHUB_PR_LABELS") =~ /.*[Ww]indows.*/

steps:
- label: ":windows: Windows 2019 Unit Tests"
- label: ":windows: x-pack/auditbeat Windows 2019 Unit Tests"
command: |
Set-Location -Path x-pack/auditbeat
mage build unitTest
Expand All @@ -140,7 +142,7 @@ steps:
- github_commit_status:
context: "x-pack/auditbeat: Windows 2019 Extended Tests"

- label: ":windows: Windows 10 Unit Tests"
- label: ":windows: x-pack/auditbeat Windows 10 Unit Tests"
command: |
Set-Location -Path x-pack/auditbeat
mage build unitTest
Expand All @@ -161,7 +163,7 @@ steps:
- github_commit_status:
context: "x-pack/auditbeat: Windows 10 Extended Tests"

- label: ":windows: Windows 11 Unit Tests"
- label: ":windows: x-pack/auditbeat Windows 11 Unit Tests"
command: |
Set-Location -Path x-pack/auditbeat
mage build unitTest
Expand All @@ -182,11 +184,13 @@ steps:
- github_commit_status:
context: "x-pack/auditbeat: Windows 11 Extended Tests"

- group: "x-pack/auditbeat MacOS Extended Tests"
key: "x-pack-auditbeat-extended-tests-macos"
if: build.env("BUILDKITE_PULL_REQUEST") == "false" || build.env("GITHUB_PR_LABELS") =~ /.*macOS.*/
- group: "x-pack/auditbeat Extended Tests"
key: "x-pack-auditbeat-extended-tests"
if: build.env("BUILDKITE_PULL_REQUEST") == "false" || build.env("GITHUB_PR_LABELS") =~ /.*(macOS|arm).*/

steps:
- label: ":mac: MacOS x86_64 Unit Tests"
- label: ":mac: x-pack/auditbeat macOS x86_64 Unit Tests"
if: build.env("BUILDKITE_PULL_REQUEST") == "false" || build.env("GITHUB_PR_LABELS") =~ /.*macOS.*/
command: |
set -euo pipefail
source .buildkite/scripts/install_macos_tools.sh
Expand All @@ -203,9 +207,10 @@ steps:
- "x-pack/auditbeat/build/*.json"
notify:
- github_commit_status:
context: "x-pack/auditbeat: macOS x86_64 Extended Tests"
context: "x-pack/auditbeat: macOS x86_64 Unit Tests"

- label: ":mac: MacOS arm64 Unit Tests"
- label: ":mac: x-pack/auditbeat macOS arm64 Unit Tests"
if: build.env("BUILDKITE_PULL_REQUEST") == "false" || build.env("GITHUB_PR_LABELS") =~ /.*macOS.*/
command: |
set -euo pipefail
source .buildkite/scripts/install_macos_tools.sh
Expand All @@ -222,13 +227,10 @@ steps:
- "x-pack/auditbeat/build/*.json"
notify:
- github_commit_status:
context: "x-pack/auditbeat: macOS arm64 Extended Tests"
context: "x-pack/auditbeat: macOS arm64 Unit Tests"

- group: "x-pack/auditbeat Linux arm Extended Tests"
key: "x-pack-auditbeat-extended-tests-linux-arm"
if: build.env("BUILDKITE_PULL_REQUEST") == "false" || build.env("GITHUB_PR_LABELS") =~ /.*arm.*/
steps:
- label: ":linux: Ubuntu ARM Unit Tests"
- label: ":linux: x-pack/auditbeat Ubuntu ARM Unit Tests"
if: build.env("BUILDKITE_PULL_REQUEST") == "false" || build.env("GITHUB_PR_LABELS") =~ /.*arm.*/
command: |
cd x-pack/auditbeat
mage build unitTest
Expand All @@ -244,7 +246,7 @@ steps:
- "x-pack/auditbeat/build/*.json"
notify:
- github_commit_status:
context: "x-pack/auditbeat: Linux arm64 Extended Tests"
context: "x-pack/auditbeat: Linux arm64 Unit Tests"

- wait: ~
# with PRs, we want to run packaging only if mandatory tests succeed
Expand All @@ -256,8 +258,9 @@ steps:

- group: "x-pack/auditbeat Packaging"
key: "x-pack-auditbeat-packaging"

steps:
- label: ":linux: Packaging Linux"
- label: ":ubuntu: x-pack/auditbeat Packaging Linux"
key: "packaging-linux"
command: |
cd x-pack/auditbeat
Expand All @@ -276,9 +279,9 @@ steps:
PLATFORMS: "+all linux/amd64 linux/arm64 windows/amd64 darwin/amd64 darwin/arm64"
notify:
- github_commit_status:
context: "x-pack/auditbeat: Packaging Linux Linux"
context: "x-pack/auditbeat: Packaging Linux"

- label: ":linux: Packaging ARM"
- label: ":ubuntu: x-pack/auditbeat Packaging Linux arm64"
key: "packaging-arm"
command: |
cd x-pack/auditbeat
Expand All @@ -296,4 +299,4 @@ steps:
PACKAGES: "docker"
notify:
- github_commit_status:
context: "x-pack/auditbeat: Packaging Linux ARM"
context: "x-pack/auditbeat: Packaging Linux arm64"
19 changes: 19 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,25 @@ updates:
- dependency-name: github.com/elastic/mito
open-pull-requests-limit: 2

# Cloud providers' SDK dependencies
- package-ecosystem: "gomod"
directory: "/"
schedule:
interval: "daily"
labels:
- automation
- dependabot
reviewers:
- "elastic/obs-ds-hosted-services"
- "elastic/obs-infraobs-integrations"
groups:
azure-sdks:
patterns:
- "github.com/Azure/azure-sdk-for-go/*"
- "github.com/Azure/azure-event-hubs-go/*"
- "github.com/Azure/go-autorest/*"
- "github.com/Azure/azure-storage-blob-go/*"

# GitHub actions
- package-ecosystem: "github-actions"
directory: "/"
Expand Down
40 changes: 30 additions & 10 deletions .github/workflows/bump-elastic-stack-snapshot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,22 +21,42 @@ jobs:

bump-elastic-stack:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
needs: [filter]
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.filter.outputs.matrix) }}
steps:
- uses: actions/checkout@v4

- uses: elastic/apm-pipeline-library/.github/actions/updatecli@current
with:
vaultUrl: ${{ secrets.VAULT_ADDR }}
vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
pipeline: .github/workflows/updatecli.d/bump-elastic-stack-snapshot.yml
values: .github/workflows/updatecli.d/scm.yml
command: '--experimental apply'
notifySlackChannel: "#ingest-notifications"
messageIfFailure: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, `@update-me-with-the-slack-team-to-be-poked` please look what's going on <${{ env.JOB_URL }}|here>"
- name: Install Updatecli in the runner
uses: updatecli/updatecli-action@9a37c7e35598d7b37d8e7568b40ed9538112be01 # v0.76.1

- name: Run Updatecli in Apply mode
run: updatecli --experimental apply --config .github/workflows/updatecli.d/bump-elastic-stack-snapshot.yml --values .github/workflows/updatecli.d/scm.yml
env:
BRANCH: ${{ matrix.branch }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- if: ${{ failure() }}
uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
with:
channel-id: '#ingest-notifications'
payload: |
{
"text": "${{ env.SLACK_MESSAGE }}",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "${{ env.SLACK_MESSAGE }}"
}
}
]
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
SLACK_MESSAGE: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, `@update-me-with-the-slack-team-to-be-poked` please look what's going on <https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>"
57 changes: 33 additions & 24 deletions .github/workflows/bump-golang.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,34 +10,43 @@ permissions:
contents: read

jobs:
bump-main:
bump:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
strategy:
fail-fast: false
matrix:
file: ['bump-golang.yml', 'bump-golang-7.17.yml']
steps:
- uses: actions/checkout@v4

- uses: elastic/apm-pipeline-library/.github/actions/updatecli@current
with:
vaultUrl: ${{ secrets.VAULT_ADDR }}
vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
pipeline: .github/workflows/updatecli.d/bump-golang.yml
values: .github/workflows/updatecli.d/scm.yml
command: '--experimental apply'
notifySlackChannel: "#ingest-notifications"
messageIfFailure: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, `@update-me-with-the-slack-team-to-be-poked` please look what's going on <${{ env.JOB_URL }}|here>"
- name: Install Updatecli in the runner
uses: updatecli/updatecli-action@9a37c7e35598d7b37d8e7568b40ed9538112be01 # v0.76.1

bump-7-17:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run Updatecli in Apply mode
run: updatecli --experimental apply --config .github/workflows/updatecli.d/${{ matrix.file }} --values .github/workflows/updatecli.d/scm.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- uses: elastic/apm-pipeline-library/.github/actions/updatecli@current
- if: ${{ failure() }}
uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
with:
vaultUrl: ${{ secrets.VAULT_ADDR }}
vaultRoleId: ${{ secrets.VAULT_ROLE_ID }}
vaultSecretId: ${{ secrets.VAULT_SECRET_ID }}
pipeline: .github/workflows/updatecli.d/bump-golang-7.17.yml
values: .github/workflows/updatecli.d/scm.yml
command: '--experimental apply'
notifySlackChannel: "#ingest-notifications"
messageIfFailure: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, `@update-me-with-the-slack-team-to-be-poked` please look what's going on <${{ env.JOB_URL }}|here>"
channel-id: '#ingest-notifications'
payload: |
{
"text": "${{ env.SLACK_MESSAGE }}",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "${{ env.SLACK_MESSAGE }}"
}
}
]
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
SLACK_MESSAGE: ":traffic_cone: updatecli failed for `${{ github.repository }}@${{ github.ref_name }}`, `@update-me-with-the-slack-team-to-be-poked` please look what's going on <https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}|here>"
36 changes: 10 additions & 26 deletions .github/workflows/notify-stalled-snapshots.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ permissions:
contents: read

env:
EMAIL_VAULT_SECRET: secret/observability-team/ci/service-account/email-github-actions
EMAIL: [email protected]
URL_QUERY: 'https://github.com/elastic/beats/pulls?q=is%3Apr+is%3Aopen+label%3ATeam%3ABeats-On-Call'
JOB_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
Expand Down Expand Up @@ -56,37 +55,22 @@ jobs:

- if: ${{ contains(steps.search.outputs.found, 'true') }}
name: Report obsoleted branches (slack)
uses: elastic/apm-pipeline-library/.github/actions/slack-message@current
uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
with:
url: ${{ secrets.VAULT_ADDR }}
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
channel: "#ingest-notifications"
message: ":red_circle: Elastic Stack version for the `${{ matrix.branch }}` branch has not been updated for a while (`> 7 days`). Review the (<${{ env.URL_QUERY }}|open PRs>)"

- if: ${{ contains(steps.search.outputs.found, 'true') }}
uses: hashicorp/[email protected]
with:
url: ${{ secrets.VAULT_ADDR }}
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
method: approle
secrets: |
${{ env.EMAIL_VAULT_SECRET }} username | MAIL_USERNAME ;
${{ env.EMAIL_VAULT_SECRET }} app_token | MAIL_PASSWORD;
${{ env.EMAIL_VAULT_SECRET }} from | MAIL_FROM;
${{ env.EMAIL_VAULT_SECRET }} reply | MAIL_REPLY;
${{ env.EMAIL_VAULT_SECRET }} server | MAIL_SERVER
channel-id: '#ingest-notifications'
payload: ":red_circle: Elastic Stack version for the `${{ matrix.branch }}` branch has not been updated for a while (`> 7 days`). Review the (<${{ env.URL_QUERY }}|open PRs>)"
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}

- if: ${{ contains(steps.search.outputs.found, 'true') }}
name: Report obsoleted branches (email)
uses: dawidd6/action-send-mail@6063705cefe50cb915fc53bb06d4049cae2953b2
with:
server_address: ${{ env.MAIL_SERVER }}
username: ${{ env.MAIL_USERNAME }}
password: ${{ env.MAIL_PASSWORD }}
server_address: ${{ secrets.MAIL_SERVER }}
username: ${{ secrets.MAIL_USERNAME }}
password: ${{ secrets.MAIL_PASSWORD }}
subject: '[${{ matrix.branch }}] ${{ steps.date.outputs.date }}: Elastic Stack version has not been updated recently.'
to: ${{ env.EMAIL }}
from: ${{ env.MAIL_FROM }}
reply_to: ${{ env.MAIL_REPLY }}
from: ${{ secrets.MAIL_FROM }}
reply_to: ${{ secrets.MAIL_REPLY }}
body: 'Elastic Stack version for the ${{ matrix.branch }} branch has not been updated for a while (> 7 days). Review the open PRs in ${{ env.URL_QUERY }}. Generated automatically with ${{ env.JOB_URL }}'
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,7 @@ https://github.com/elastic/beats/compare/v8.8.1\...main[Check the HEAD diff]
- Ensure all responses sent by HTTP Endpoint are HTML-escaped. {pull}39329[39329]
- Update CEL mito extensions to v1.11.0 to improve type checking. {pull}39460[39460]
- Improve logging of request and response with request trace logging in error conditions. {pull}39455[39455]
- Implement Elastic Agent status and health reporting for CEL Filebeat input. {pull}39209[39209]
- Add HTTP metrics to CEL input. {issue}39501[39501] {pull}39503[39503]
- Add default user-agent to CEL HTTP requests. {issue}39502[39502] {pull}39587[39587]
- Improve reindexing support in security module pipelines. {issue}38224[38224] {pull}[]
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,7 @@ Available parsers:
* `ndjson`
* `container`
* `syslog`
* `include_message`

In this example, {beatname_uc} is reading multiline messages that consist of 3 lines
and are encapsulated in single-line JSON objects.
Expand Down
Loading

0 comments on commit 0dc3e83

Please sign in to comment.