├── .buildkite ├── bk.integration.pipeline.yml ├── hooks │ ├── post-checkout │ ├── post-checkout.ps1 │ ├── pre-command │ ├── pre-command.ps1 │ └── pre-exit ├── integration.pipeline.yml ├── misc │ └── gce-cleanup.yml ├── pipeline.agentless-app-release.yaml ├── pipeline.agentless-tests.yaml ├── pipeline.elastic-agent-binary-dra.yml ├── pipeline.elastic-agent-gce-cleanup.yml ├── pipeline.elastic-agent-helm-charts.yml ├── pipeline.elastic-agent-package.yml ├── pipeline.integration-test-matrix.yml ├── pipeline.tests-production.yaml ├── pipeline.tests-qa.yaml ├── pipeline.tests-staging.yaml ├── pipeline.yml ├── pull-requests.json ├── scripts │ ├── buildkite-integration-tests.sh │ ├── buildkite-k8s-integration-tests.sh │ ├── common.sh │ ├── common2.sh │ ├── install-gh.sh │ ├── install-kind.sh │ ├── install-kubectl.sh │ ├── integration-tests.ps1 │ ├── steps │ │ ├── beats_tests.sh │ │ ├── build-agent-core.sh │ │ ├── check-ci.sh │ │ ├── dra-publish.sh │ │ ├── ecp-internal-release.sh │ │ ├── ess.ps1 │ │ ├── ess.sh │ │ ├── ess_down.sh │ │ ├── ess_start.sh │ │ ├── fleet.sh │ │ ├── gce-cleanup.sh │ │ ├── helm-charts.sh │ │ ├── integration-package.sh │ │ ├── integration_tests.sh │ │ ├── integration_tests_tf.sh │ │ ├── ironbank-cp-workaround.sh │ │ ├── k8s-extended-tests.sh │ │ ├── k8s-tests.sh │ │ ├── merge.sh │ │ ├── package.sh │ │ ├── run-agentless-tests.sh │ │ ├── sync-k8s.sh │ │ ├── trigger-publish-helm-charts.sh │ │ ├── unit-tests.ps1 │ │ └── unit-tests.sh │ └── version_qualifier.sh └── serverless.beats.tests.yml ├── .ci ├── scripts │ ├── otel-update.sh │ └── update-beats.sh └── updatecli │ ├── update-beats.yml │ ├── updatecli-bump-golang.yml │ ├── updatecli-bump-vm-images.yml │ └── values.d │ ├── ironbank.yml │ ├── scm.yml │ └── updatecli-compose.yml ├── .dockerignore ├── .editorconfig ├── .gitattributes ├── .github ├── CODEOWNERS ├── ISSUE_TEMPLATE │ ├── bug-report.md │ ├── feature-request.md │ ├── flaky-test.yml │ └── question.md ├── PULL_REQUEST_TEMPLATE.md ├── dependabot.yml ├── stale.yml └── workflows │ ├── add-issues-to-ingest-board.yml │ ├── backport-active.yml │ ├── bump-agent-versions.sh │ ├── bump-agent-versions.yml │ ├── bump-beats-version.yml │ ├── bump-golang.yml │ ├── bump-vm-images.yml │ ├── catalog-info.yml │ ├── fragment-in-pr.yml │ ├── golangci-lint.yml │ ├── mergify-labels-copier.yml │ ├── post-dependabot.yml │ ├── pre-commit.yml │ ├── release-helm-charts-manual.yml │ ├── release-helm-charts.yml │ └── updatecli-compose.yml ├── .gitignore ├── .go-version ├── .golangci.yml ├── .mergify.yml ├── .mockery.yaml ├── .package-version ├── .pre-commit-config.yaml ├── .tool-versions ├── CHANGELOG.asciidoc ├── CONTRIBUTING.md ├── Dockerfile ├── Dockerfile.skaffold ├── GPG-KEY-elasticsearch ├── GUIDELINES.md ├── LICENSE.txt ├── Makefile ├── NOTICE-fips.txt ├── NOTICE.txt ├── README.md ├── Vagrantfile ├── _meta ├── .flavors ├── config │ ├── common.p1.yml.tmpl │ ├── common.p2.yml.tmpl │ ├── common.reference.p1.yml.tmpl │ ├── common.reference.p2.yml.tmpl │ ├── elastic-agent.docker.yml.tmpl │ ├── elastic-agent.reference.yml.tmpl │ ├── elastic-agent.yml.tmpl │ └── providers.yml.tmpl ├── elastic-agent.fleet.yml └── elastic-agent.yml ├── catalog-info.yaml ├── changelog ├── 8.10.0.asciidoc ├── 8.10.0.yaml ├── 8.10.1.asciidoc ├── 8.10.1.yaml ├── 8.10.2.asciidoc ├── 8.10.2.yaml ├── 8.10.3.asciidoc ├── 8.10.3.yaml ├── 8.10.4.asciidoc ├── 8.10.4.yaml ├── 8.11.0.asciidoc ├── 8.11.0.yaml ├── 8.11.1.asciidoc ├── 8.11.1.yaml ├── 8.11.2.asciidoc ├── 8.11.2.yaml ├── 8.11.3.asciidoc ├── 8.11.3.yaml ├── 8.11.4.asciidoc ├── 8.11.4.yaml ├── 8.16.6.asciidoc ├── 8.16.6.yaml ├── 8.17.5.asciidoc ├── 8.17.5.yaml ├── 8.17.6.asciidoc ├── 8.17.6.yaml ├── 8.5.0.yaml ├── 8.5.1.yaml ├── 8.5.2.yaml ├── 8.6.0.yaml ├── 8.6.1.yaml ├── 8.6.2.yaml ├── 8.7.0.yaml ├── 8.7.1.yaml ├── 8.8.0.asciidoc ├── 8.8.0.yaml ├── 8.8.1.asciidoc ├── 8.8.1.yaml ├── 8.8.2.asciidoc ├── 8.8.2.yaml ├── 8.9.0.asciidoc ├── 8.9.0.yaml ├── 8.9.1.asciidoc ├── 8.9.1.yaml ├── 8.9.2.asciidoc ├── 8.9.2.yaml └── fragments │ ├── 1723829102-Upgrade-to-Go-1.23.0.yaml │ ├── 1725913991-remove-cloud-defend.yaml │ ├── 1726144746-container-default-credentials.yaml │ ├── 1726145045-container-api-key.yaml │ ├── 1726572104-enable-persistence-by-default.yaml │ ├── 1728332120-Upgrade-to-Go-1.22.8..yaml │ ├── 1729011748-Add-EDOT-hybrid-mode.yaml │ ├── 1729630977-Add-filebeat-otel-receiver.yaml │ ├── 1729750939-crossbuild-debian11.yaml │ ├── 1729971565-detect-fail-early-fleet-managed-cli-upgrade.yaml │ ├── 1730986549-Add-os_family,-os_platform-and-os_version-to-host-provider.yaml │ ├── 1731314919-Added-support-for-custom-Active-Directory-user-for-unprivileged-mode.yaml │ ├── 1731517501-removed-endpoint-security-from-linux-containers.yaml │ ├── 1731962301-re-enable-otel-subcommand-on-Windows.yaml │ ├── 1732110636-elastic-defend-cannot-run-in-emulation.yaml │ ├── 1732187698-update-otel-v0.114.0.yaml │ ├── 1732656422-add-actionable-error-message-for-enroll-command.yaml │ ├── 1732809895-add-GeoIP-processor-to-EDOT-collector.yaml │ ├── 1732840106-Only-run-providers-referenced-in-the-policy.yaml │ ├── 1733156311-add-metricbeat-otel-receiver.yaml │ ├── 1733248787-flag-to-skip-fleet-audit.yaml │ ├── 1733317274-add-routing-connector-to-EDOT-collector.yaml │ ├── 1733390040-update-otel-0.115.0.yaml │ ├── 1733397457-redact-common-secrets-in-inspect-output.yaml │ ├── 1733768621-Notify-Fleet-of-uninstall-on-Windows.yaml │ ├── 1733936340-add-retries-for-download-upgrade-verifiers.yaml │ ├── 1734023789-add-loadbalancing-exporter-to-EDOT-collector.yaml │ ├── 1734098868-prevent-leaking-secrets-when-logging-component-model.yaml │ ├── 1734512365-embed-hints-inputs-in-agent-container-image.yaml │ ├── 1734525166-update-otel-v0.116.0.yaml │ ├── 1734626964-Windows-add-Event-Logging-to-install,-uninstall,-enroll.yaml │ ├── 1734959878-Replace-default-Ubuntu-based-images-with-UBI-minimal-based-ones.yaml │ ├── 1735137195-remove-deprecated-list-in-favor-of-items.yaml │ ├── 1735306293-add-gateway-collector-in-Helm-kube-stack-deployment.yaml │ ├── 1735664420-remove-deprecated-path-install-cli-flag.yaml │ ├── 1736002257-log-fleet-enroll-failure-status-code.yaml │ ├── 1736417404-update-otel-v0.117.0.yaml │ ├── 1737106864-add_otel_components_cmd.yaml │ ├── 1737131552-Changes-to-binary-distribution.yaml │ ├── 1737462864-add_k8s_otel_comps.yaml │ ├── 1737473147-force-install-replaces-correct-agent.yaml │ ├── 1737552345-Fix-enrollment-for-containerised-agent-when-there-is-an-enrollement-token-change-or-the-agent-is-unenrolled.yaml │ ├── 1737657890-Use-a-random-free-port-for-sub-process-communication-in-containers.yaml │ ├── 1737666699-Add-filesource-provider.yaml │ ├── 1737717648-add-kafkaexporter-otel-collector.yaml │ ├── 1737749181-add-jmxreceiver-otel-collector.yaml │ ├── 1737750331-add-nopreceiver-otel-collector.yaml │ ├── 1737816507-Add-context-variable-support-to-outputs.yaml │ ├── 1738139927-Fix-logical-race-conditions-in-kubernetes_secrets-provider.yaml │ ├── 1738160406-add_redis_nginx_otel_comps.yaml │ ├── 1738199968-update-scheduler-when-received-too-many-unathorized-responses.yaml │ ├── 1738752554-update-otel-v0.119.0.yaml │ ├── 1738784301-Add-id-and-replace-token-to-enrollment.yaml │ ├── 1739437836-Improve-kubernetes_secrets-provider-secret-logging.yaml │ ├── 1739544282-add-MOtel-sample-configurations.yaml │ ├── 1739981369-Fix-deadlock-in-OTelManager.yaml │ ├── 1740054191-kube-stack-helm-chart-metrics-batch.yaml │ ├── 1740492672-set-replicas-for-gateway-collector.yaml │ ├── 1740674973-add-ApiKey-prefix-to-MOTel-host-configurations.yaml │ ├── 1740713597-support-agent-monitoring-ipv6.yaml │ ├── 1740773781-Add-elastic.agent.fips-to-local_metadata.yaml │ ├── 1741122475-Validate-pbkdf2-settings-when-in-FIPS-mode.yaml │ ├── 1741808763-FIPS-Compliant-agent-file-vault.yaml │ ├── 1741865161-fix-otel-kube-stack-config.yaml │ ├── 1741897911-fips-to-fips-upgrades.yaml │ ├── 1742318642-fips-to-fips-upgrade-error-reword.yaml │ ├── 1743783374-update-otel-v0.121.0.yaml │ ├── 1744022264-update-otel-components-to-v0.122.0.yaml │ ├── 1744059162-send-correct-signal-on-windows.yaml │ ├── 1744198660-add-nopexporter.yaml │ ├── 1744839123-fix-MOtel-config-image-value.yaml │ ├── 1744886313-otel_disable_process_scraper.yaml │ ├── 1745610677-update-otel-components-to-v0.123.0.yaml │ ├── 1745923884-deb-rpm-preserve-run-state.yaml │ ├── 1746113477-Retry-enrollment-for-all-errors.yaml │ ├── 1746197293-config-rollback-window.yaml │ ├── 1746636264-fix-notice.yaml │ ├── 1746652545-Upgrade-to-Go-1.24.3..yaml │ ├── 1746736812-fips-notice.yaml │ └── 1747938268-fix-diag-race-condition.yaml ├── control_v1.proto ├── control_v2.proto ├── deploy ├── helm │ ├── edot-collector │ │ └── kube-stack │ │ │ ├── README.md │ │ │ ├── managed_otlp │ │ │ └── values.yaml │ │ │ └── values.yaml │ └── elastic-agent │ │ ├── .gitignore │ │ ├── .helmignore │ │ ├── Chart.lock │ │ ├── Chart.yaml │ │ ├── LICENSE │ │ ├── README.md │ │ ├── README.md.gotmpl │ │ ├── examples │ │ ├── README.md │ │ ├── eck │ │ │ ├── README.md │ │ │ ├── agent-kubernetes-values.yaml │ │ │ ├── elasticsearch.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── fleet-managed-certificates │ │ │ ├── README.md │ │ │ ├── fleet-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── fleet-managed-ksm-sharding │ │ │ ├── README.md │ │ │ ├── fleet-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── fleet-managed │ │ │ ├── README.md │ │ │ ├── fleet-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── kubernetes-custom-output │ │ │ ├── README.md │ │ │ ├── agent-kubernetes-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── kubernetes-default │ │ │ ├── README.md │ │ │ ├── agent-kubernetes-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── kubernetes-hints-autodiscover │ │ │ ├── README.md │ │ │ ├── agent-kubernetes-values.yaml │ │ │ ├── redis.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── kubernetes-ksm-sharding │ │ │ ├── README.md │ │ │ ├── agent-kubernetes-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── kubernetes-only-logs │ │ │ ├── README.md │ │ │ ├── agent-kubernetes-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── multiple-integrations │ │ │ ├── README.md │ │ │ ├── agent-kubernetes-values.yaml │ │ │ ├── agent-nginx-values.yaml │ │ │ ├── nginx.yaml │ │ │ ├── redis.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── netflow-service │ │ │ ├── README.md │ │ │ ├── agent-netflow-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── nginx-custom-integration │ │ │ ├── README.md │ │ │ ├── agent-nginx-values.yaml │ │ │ ├── nginx.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── priority-class │ │ │ ├── README.md │ │ │ ├── priority-class-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── system-custom-auth-paths │ │ │ ├── README.md │ │ │ ├── agent-system-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ ├── user-cluster-role │ │ │ ├── README.md │ │ │ ├── agent-nginx-values.yaml │ │ │ └── rendered │ │ │ │ └── manifest.yaml │ │ └── user-service-account │ │ │ ├── README.md │ │ │ ├── agent-kubernetes-values.yaml │ │ │ └── rendered │ │ │ └── manifest.yaml │ │ ├── templates │ │ ├── NOTES.txt │ │ ├── agent │ │ │ ├── _helpers.tpl │ │ │ ├── _outputs.tpl │ │ │ ├── cluster-role-binding.yaml │ │ │ ├── cluster-role.yaml │ │ │ ├── eck │ │ │ │ ├── _helpers.tpl │ │ │ │ ├── _pod_template.yaml │ │ │ │ ├── daemonset.yaml │ │ │ │ ├── deployment.yaml │ │ │ │ ├── secret.yaml │ │ │ │ └── statefulset.yaml │ │ │ ├── k8s │ │ │ │ ├── _helpers.tpl │ │ │ │ ├── _pod_template.yaml │ │ │ │ ├── _secret.tpl │ │ │ │ ├── daemonset.yaml │ │ │ │ ├── deployment.yaml │ │ │ │ ├── secret.yaml │ │ │ │ └── statefulset.yaml │ │ │ ├── priority-class.yaml │ │ │ ├── service-account.yaml │ │ │ └── service.yaml │ │ └── integrations │ │ │ ├── _kubernetes │ │ │ ├── _kubernetes.tpl │ │ │ ├── _kubernetes_apiserver.tpl │ │ │ ├── _kubernetes_controller_manager.tpl │ │ │ ├── _kubernetes_kubelet_containers.tpl │ │ │ ├── _kubernetes_kubelet_nodes.tpl │ │ │ ├── _kubernetes_kubelet_pods.tpl │ │ │ ├── _kubernetes_kubelet_system.tpl │ │ │ ├── _kubernetes_kubelet_volumes.tpl │ │ │ ├── _kubernetes_logs_audit.tpl │ │ │ ├── _kubernetes_logs_containers.tpl │ │ │ ├── _kubernetes_proxy.tpl │ │ │ ├── _kubernetes_scheduler.tpl │ │ │ └── _kubernetes_state.tpl │ │ │ ├── _presets │ │ │ ├── _ksm_sidecar.tpl │ │ │ └── _pernode.tpl │ │ │ └── _system │ │ │ ├── _system.tpl │ │ │ ├── _system_logs.tpl │ │ │ └── _system_metrics.tpl │ │ ├── values.schema.json │ │ └── values.yaml ├── kubernetes │ ├── Makefile │ ├── README.md │ ├── creator_k8s_manifest.sh │ ├── elastic-agent-kustomize │ │ ├── default │ │ │ ├── README.md │ │ │ ├── elastic-agent-managed │ │ │ │ ├── base │ │ │ │ │ ├── elastic-agent-managed-daemonset.yaml │ │ │ │ │ ├── elastic-agent-managed-role-binding.yaml │ │ │ │ │ ├── elastic-agent-managed-role.yaml │ │ │ │ │ ├── elastic-agent-managed-service-account.yaml │ │ │ │ │ └── kustomization.yaml │ │ │ │ ├── environmental-variables-remove.yaml │ │ │ │ ├── fleet-enrollment-token-patch.yaml │ │ │ │ └── kustomization.yaml │ │ │ └── elastic-agent-standalone │ │ │ │ ├── api-key-patch.yaml │ │ │ │ ├── base │ │ │ │ ├── elastic-agent-standalone-daemonset-configmap.yaml │ │ │ │ ├── elastic-agent-standalone-daemonset.yaml │ │ │ │ ├── elastic-agent-standalone-ksm-daemonset-configmap.yaml │ │ │ │ ├── elastic-agent-standalone-ksm-statefulset-configmap.yaml │ │ │ │ ├── elastic-agent-standalone-role-binding.yaml │ │ │ │ ├── elastic-agent-standalone-role.yaml │ │ │ │ ├── elastic-agent-standalone-service-account.yaml │ │ │ │ └── kustomization.yaml │ │ │ │ ├── environmental-variables-remove.yaml │ │ │ │ └── kustomization.yaml │ │ ├── ksm-autosharding │ │ │ ├── elastic-agent-managed │ │ │ │ ├── base │ │ │ │ │ ├── elastic-agent-managed-daemonset.yaml │ │ │ │ │ ├── elastic-agent-managed-role-binding.yaml │ │ │ │ │ ├── elastic-agent-managed-role.yaml │ │ │ │ │ ├── elastic-agent-managed-service-account.yaml │ │ │ │ │ └── kustomization.yaml │ │ │ │ ├── extra │ │ │ │ │ └── elastic-agent-managed-statefulset.yaml │ │ │ │ └── kustomization.yaml │ │ │ └── elastic-agent-standalone │ │ │ │ ├── base │ │ │ │ ├── elastic-agent-standalone-daemonset.yaml │ │ │ │ ├── elastic-agent-standalone-ksm-daemonset-configmap.yaml │ │ │ │ ├── elastic-agent-standalone-ksm-statefulset-configmap.yaml │ │ │ │ ├── elastic-agent-standalone-role-binding.yaml │ │ │ │ ├── elastic-agent-standalone-role.yaml │ │ │ │ ├── elastic-agent-standalone-service-account.yaml │ │ │ │ └── kustomization.yaml │ │ │ │ ├── extra │ │ │ │ └── elastic-agent-standalone-statefulset.yaml │ │ │ │ └── kustomization.yaml │ │ └── ksm-hints │ │ │ └── elastic-agent-standalone │ │ │ ├── elastic-agent-standalone-daemonset-configmap.yaml │ │ │ ├── kustomization.yaml │ │ │ └── kustomization.yaml.original │ ├── elastic-agent-managed-kubernetes.yaml │ ├── elastic-agent-managed │ │ ├── elastic-agent-managed-daemonset.yaml │ │ ├── elastic-agent-managed-role-binding.yaml │ │ ├── elastic-agent-managed-role.yaml │ │ └── elastic-agent-managed-service-account.yaml │ ├── elastic-agent-standalone-kubernetes.yaml │ └── elastic-agent-standalone │ │ ├── elastic-agent-standalone-daemonset-configmap.yaml │ │ ├── elastic-agent-standalone-daemonset.yaml │ │ ├── elastic-agent-standalone-ksm-daemonset-configmap.yaml │ │ ├── elastic-agent-standalone-ksm-statefulset-configmap.yaml │ │ ├── elastic-agent-standalone-role-binding.yaml │ │ ├── elastic-agent-standalone-role.yaml │ │ ├── elastic-agent-standalone-service-account.yaml │ │ └── templates.d │ │ ├── activemq.yml │ │ ├── apache.yml │ │ ├── cassandra.yml │ │ ├── cef.yml │ │ ├── checkpoint.yml │ │ ├── cockroachdb.yml │ │ ├── container_logs.yml │ │ ├── crowdstrike.yml │ │ ├── cyberarkpas.yml │ │ ├── elasticsearch.yml │ │ ├── endpoint.yml │ │ ├── fireeye.yml │ │ ├── haproxy.yml │ │ ├── hashicorp_vault.yml │ │ ├── hid_bravura_monitor.yml │ │ ├── iis.yml │ │ ├── infoblox_nios.yml │ │ ├── iptables.yml │ │ ├── kafka.yml │ │ ├── keycloak.yml │ │ ├── kibana.yml │ │ ├── log.yml │ │ ├── logstash.yml │ │ ├── mattermost.yml │ │ ├── microsoft_sqlserver.yml │ │ ├── mimecast.yml │ │ ├── modsecurity.yml │ │ ├── mongodb.yml │ │ ├── mysql.yml │ │ ├── mysql_enterprise.yml │ │ ├── nats.yml │ │ ├── netflow.yml │ │ ├── nginx.yml │ │ ├── nginx_ingress_controller.yml │ │ ├── oracle.yml │ │ ├── panw.yml │ │ ├── panw_cortex_xdr.yml │ │ ├── pfsense.yml │ │ ├── postgresql.yml │ │ ├── prometheus.yml │ │ ├── qnap_nas.yml │ │ ├── rabbitmq.yml │ │ ├── redis.yml │ │ ├── santa.yml │ │ ├── security_detection_engine.yml │ │ ├── sentinel_one.yml │ │ ├── snort.yml │ │ ├── snyk.yml │ │ ├── stan.yml │ │ ├── suricata.yml │ │ ├── symantec_endpoint.yml │ │ ├── synthetics.yml │ │ ├── tcp.yml │ │ ├── tomcat.yml │ │ ├── traefik.yml │ │ ├── udp.yml │ │ ├── zeek.yml │ │ └── zookeeper.yml └── skaffold │ ├── .env.example │ ├── .gitignore │ ├── kustomization.yaml │ └── patches │ ├── elastic-agent-managed-entrypoint.yaml │ ├── elastic-agent-standalone-entrypoint.yaml │ ├── elasticsearch-env-vars.yaml │ └── fleet-env-vars.yaml ├── dev-tools ├── .gitignore ├── README.md ├── cmd │ ├── buildfleetcfg │ │ └── buildfleetcfg.go │ └── buildpgp │ │ └── build_pgp.go ├── dependencies-report ├── deploy ├── devmachine │ └── devmachine.go ├── kubernetes │ ├── .gitignore │ ├── Taskfile.yaml │ ├── base │ │ ├── common │ │ │ ├── cluster-role-binding.yaml │ │ │ ├── cluster-role.yaml │ │ │ ├── kustomization.yml │ │ │ ├── role-binding-leases.yaml │ │ │ ├── role-leases.yaml │ │ │ └── service-account.yaml │ │ ├── elastic-agent-managed │ │ │ ├── .env │ │ │ ├── daemonset.yaml │ │ │ └── kustomization.yml │ │ └── elastic-agent-standalone │ │ │ ├── .env │ │ │ ├── config-map.yaml │ │ │ ├── daemonset.yaml │ │ │ ├── kustomization.yml │ │ │ ├── role-binding-kubeadm-config.yaml │ │ │ └── role-kubeadm-config.yaml │ └── overlays │ │ ├── elastic-agent-managed │ │ └── kustomization.yml │ │ └── elastic-agent-standalone │ │ └── kustomization.yml ├── licenses │ ├── ELASTIC-LICENSE-2.0-header.txt │ ├── ELASTIC-LICENSE-2.0.txt │ ├── license.go │ ├── license_generate.go │ └── license_header.go ├── mage │ ├── .gitignore │ ├── build.go │ ├── build_test.go │ ├── check.go │ ├── checksums.go │ ├── clean.go │ ├── common.go │ ├── common_test.go │ ├── config.go │ ├── copy.go │ ├── crossbuild.go │ ├── dockerbuilder.go │ ├── dockervariants.go │ ├── downloads │ │ ├── _testresources │ │ │ ├── dra │ │ │ │ └── snapshot_artifacts_test.json │ │ │ └── gcp │ │ │ │ ├── commits.json │ │ │ │ ├── nextPageParam.json │ │ │ │ └── snapshots.json │ │ ├── buckets.go │ │ ├── buckets_test.go │ │ ├── curl.go │ │ ├── io.go │ │ ├── io_test.go │ │ ├── logger.go │ │ ├── releases.go │ │ ├── releases_test.go │ │ ├── retry.go │ │ ├── testdata │ │ │ └── some-file.txt │ │ ├── utils.go │ │ ├── utils_test.go │ │ ├── versions.go │ │ └── versions_test.go │ ├── fmt.go │ ├── godaemon.go │ ├── gomod.go │ ├── gotest.go │ ├── gotest_test.go │ ├── gotool │ │ ├── get.go │ │ ├── go.go │ │ ├── licenser.go │ │ ├── linkcheck.go │ │ └── modules.go │ ├── install.go │ ├── integtest.go │ ├── integtest_docker.go │ ├── integtest_mage.go │ ├── keychain.go │ ├── keychain_test.go │ ├── kubernetes │ │ ├── kind.go │ │ ├── kubectl.go │ │ ├── kuberemote.go │ │ └── kubernetes.go │ ├── manifest │ │ ├── manifest.go │ │ ├── manifest_test.go │ │ ├── manifestspecs.go │ │ └── testdata │ │ │ ├── manifest-8.14.0+build202406201002.json │ │ │ ├── manifest-8.14.2-SNAPSHOT.json │ │ │ └── manifest-8.14.2.json │ ├── otel │ │ ├── deps.go │ │ └── deps_test.go │ ├── pkg.go │ ├── pkg_test.go │ ├── pkgcommon │ │ └── pkgcommon-types.go │ ├── pkgdeps.go │ ├── pkgspecs.go │ ├── pkgtypes.go │ ├── platforms.go │ ├── platforms_test.go │ ├── semver.go │ ├── settings.go │ ├── settings_test.go │ ├── target │ │ ├── build │ │ │ └── build.go │ │ ├── common │ │ │ ├── check.go │ │ │ ├── fmt.go │ │ │ ├── notice.go │ │ │ ├── package.go │ │ │ ├── shared.go │ │ │ └── tidy.go │ │ ├── integtest │ │ │ ├── integtest.go │ │ │ └── notests │ │ │ │ └── integtest.go │ │ ├── pkg │ │ │ └── test.go │ │ ├── test │ │ │ └── test.go │ │ ├── unittest │ │ │ └── unittest.go │ │ └── update │ │ │ └── update.go │ └── testdata │ │ └── config.yml ├── magefile.go ├── notice │ ├── NOTICE.txt.append │ ├── NOTICE.txt.tmpl │ ├── dependencies.csv.tmpl │ ├── notice.go │ ├── overrides.json │ └── rules.json ├── packaging │ ├── files │ │ ├── darwin │ │ │ ├── PkgInfo │ │ │ └── otelcol.sh │ │ ├── ironbank │ │ │ ├── LICENSE │ │ │ └── config │ │ │ │ └── docker-entrypoint │ │ ├── linux │ │ │ ├── connectors.sh │ │ │ ├── filebeat.sh │ │ │ ├── metricbeat.sh │ │ │ ├── otelcol.sh │ │ │ └── systemd-daemon-reload.sh │ │ └── windows │ │ │ └── otelcol.ps1 │ ├── packages.yml │ ├── settings.go │ ├── templates │ │ ├── common │ │ │ └── README.md.tmpl │ │ ├── darwin │ │ │ ├── Info.plist.tmpl │ │ │ └── elastic-agent.tmpl │ │ ├── deb │ │ │ ├── elastic-agent.init.sh.tmpl │ │ │ └── init.sh.tmpl │ │ ├── docker │ │ │ ├── Dockerfile.elastic-agent.tmpl │ │ │ ├── docker-entrypoint.edot.tmpl │ │ │ └── docker-entrypoint.elastic-agent.tmpl │ │ ├── ironbank │ │ │ ├── Dockerfile.tmpl │ │ │ ├── README.md.tmpl │ │ │ └── hardening_manifest.yaml.tmpl │ │ ├── linux │ │ │ ├── beatname.sh.tmpl │ │ │ ├── elastic-agent.sh.tmpl │ │ │ ├── elastic-agent.unit.tmpl │ │ │ ├── postinstall.sh.tmpl │ │ │ ├── postrm.sh.tmpl │ │ │ ├── preinstall.sh.tmpl │ │ │ └── systemd.unit.tmpl │ │ ├── rpm │ │ │ ├── elastic-agent.init.sh.tmpl │ │ │ └── init.sh.tmpl │ │ └── windows │ │ │ ├── install-service.ps1.tmpl │ │ │ └── uninstall-service.ps1.tmpl │ └── testing │ │ └── package_test.go ├── promote_docs ├── set_docs_version ├── set_version └── vagrant_scripts │ ├── dockerProvision.sh │ ├── kindProvision.sh │ ├── unixProvision.sh │ └── winProvision.ps1 ├── docker-compose.yml ├── docs ├── agent-fleet-server-ES-CAs-certificates-usage.md ├── agent-policy.md ├── architecture.md ├── component-specs.md ├── cpu-metrics-in-fleet.md ├── elastic-agent-gke-autopilot.md ├── elastic-agent-ksm-sharding.md ├── elastic-agent-logging.md ├── elastic-agent-scaling-tests.md ├── fleet-server-bootstrap.asciidoc ├── images │ ├── 1.png │ ├── 2.png │ ├── 3.png │ ├── 4.png │ ├── 5.png │ ├── 6.png │ ├── cloudid.png │ ├── components-example.d2 │ ├── components-example.svg │ ├── compute_model.png │ ├── coordinator.png │ ├── ksm-ksm01.png │ ├── ksm-ksm02.png │ ├── ksm-sidecontainer.png │ ├── ksm01.png │ ├── ksm02.png │ ├── leader-ksm-sidecontainer.png │ ├── testing-framework.png │ ├── tolerationsdaemonset.png │ └── tolerationsksm0.png ├── local-k8s-testing.md ├── manifests │ ├── elastic-agent-managed-gke-autopilot.yaml │ ├── elastic-agent-standalone-gke-autopilot.yaml │ ├── hostnetwork │ │ ├── elastic-agent-managed-daemonset-ksm-0.yaml │ │ ├── elastic-agent-managed-deployment-ksm-1.yaml │ │ ├── elastic-agent-standalone-daemonset-ksm-0.yaml │ │ └── elastic-agent-standalone-deployment-ksm-1.yaml │ ├── kustomize-autosharding │ │ ├── README.md │ │ ├── elastic-agent-kustomize │ │ │ ├── agent-cluster-role-binding.yaml │ │ │ ├── agent-cluster-role.yaml │ │ │ ├── agent-role-binding.yaml │ │ │ ├── agent-role.yaml │ │ │ ├── agent-service-account.yaml │ │ │ ├── agent-statefulset.yaml │ │ │ └── kustomization.yaml │ │ ├── elastic-agent-managed-kubernetes.yaml │ │ ├── elastic-agent-standalone-kubernetes-side-leader.yaml │ │ ├── elastic-agent-standalone-statefulset-side-ksm.yaml │ │ └── kustomization.yaml │ └── tolerations │ │ ├── elastic-agent-managed-daemonset-ksm-0.yaml │ │ ├── elastic-agent-managed-deployment-ksm-1.yaml │ │ ├── elastic-agent-standalone-daemonset-ksm-0.yaml │ │ └── elastic-agent-standalone-deployment-ksm-1.yaml ├── pgp-sign-verify-artifact.md ├── pgp-workaround.md ├── scripts │ ├── autopilot-tests.sh │ └── es │ │ └── elastic-agent-logs-comparison.http ├── test-framework-dev-guide.md ├── tracing.md └── upgrades.md ├── elastic-agent.docker.yml ├── elastic-agent.reference.yml ├── elastic-agent.yml ├── go.mod ├── go.sum ├── internal └── pkg │ ├── acl │ ├── acl.go │ ├── acl_windows.go │ └── acl_windows_test.go │ ├── agent │ ├── application │ │ ├── actions │ │ │ ├── action.go │ │ │ └── handlers │ │ │ │ ├── handler_action_application.go │ │ │ │ ├── handler_action_cancel.go │ │ │ │ ├── handler_action_diagnostics.go │ │ │ │ ├── handler_action_diagnostics_test.go │ │ │ │ ├── handler_action_policy_change.go │ │ │ │ ├── handler_action_policy_change_nofips_test.go │ │ │ │ ├── handler_action_policy_change_test.go │ │ │ │ ├── handler_action_policy_reassign.go │ │ │ │ ├── handler_action_settings.go │ │ │ │ ├── handler_action_settings_test.go │ │ │ │ ├── handler_action_unenroll.go │ │ │ │ ├── handler_action_unenroll_test.go │ │ │ │ ├── handler_action_upgrade.go │ │ │ │ ├── handler_action_upgrade_test.go │ │ │ │ ├── handler_default.go │ │ │ │ ├── handler_helpers.go │ │ │ │ ├── handler_helpers_test.go │ │ │ │ ├── handler_unknown.go │ │ │ │ └── loglevelsetter.go │ │ ├── apm_config_modifier.go │ │ ├── apm_config_modifier_test.go │ │ ├── application.go │ │ ├── application_test.go │ │ ├── config.go │ │ ├── config_test.go │ │ ├── configuration_embed.go │ │ ├── configuration_embed_changed_test.go │ │ ├── coordinator │ │ │ ├── config_patcher.go │ │ │ ├── coordinator.go │ │ │ ├── coordinator_state.go │ │ │ ├── coordinator_test.go │ │ │ ├── coordinator_unit_test.go │ │ │ ├── diagnostics_test.go │ │ │ ├── gateway.go │ │ │ ├── handler.go │ │ │ ├── mocks │ │ │ │ └── runtime_manager.go │ │ │ └── testdata │ │ │ │ ├── config.yaml │ │ │ │ └── variables.yaml │ │ ├── dispatcher │ │ │ ├── dispatcher.go │ │ │ ├── dispatcher_test.go │ │ │ ├── retryconfig.go │ │ │ └── retryconfig_test.go │ │ ├── endpoint_component_modifier.go │ │ ├── endpoint_component_modifier_nofips_test.go │ │ ├── endpoint_component_modifier_test.go │ │ ├── filelock │ │ │ ├── locker.go │ │ │ └── locker_test.go │ │ ├── filters │ │ │ ├── stream_checker.go │ │ │ └── stream_checker_test.go │ │ ├── fleet_server_bootstrap.go │ │ ├── fleet_server_bootstrap_test.go │ │ ├── gateway │ │ │ └── fleet │ │ │ │ ├── fleet_gateway.go │ │ │ │ └── fleet_gateway_test.go │ │ ├── info │ │ │ ├── agent_id.go │ │ │ ├── agent_id_test.go │ │ │ ├── agent_info.go │ │ │ ├── agent_metadata.go │ │ │ ├── agent_metadata_test.go │ │ │ ├── inject_config.go │ │ │ ├── inject_config_test.go │ │ │ ├── svc_unix.go │ │ │ └── svc_windows.go │ │ ├── inject_proxy_component_modifier.go │ │ ├── inject_proxy_component_modifier_test.go │ │ ├── managed_mode.go │ │ ├── managed_mode_test.go │ │ ├── monitoring │ │ │ ├── error.go │ │ │ ├── handler.go │ │ │ ├── liveness.go │ │ │ ├── liveness_test.go │ │ │ ├── process.go │ │ │ ├── processes.go │ │ │ ├── processes_cloud.go │ │ │ ├── processes_cloud_test.go │ │ │ ├── reload │ │ │ │ ├── reload.go │ │ │ │ └── reload_test.go │ │ │ ├── server.go │ │ │ ├── server_test.go │ │ │ ├── stats.go │ │ │ ├── testdata │ │ │ │ └── monitoring_config_full.yaml │ │ │ ├── url.go │ │ │ ├── v1_monitor.go │ │ │ └── v1_monitor_test.go │ │ ├── once.go │ │ ├── paths │ │ │ ├── common.go │ │ │ ├── common_namespace.go │ │ │ ├── common_namespace_test.go │ │ │ ├── common_test.go │ │ │ ├── files.go │ │ │ ├── paths.go │ │ │ ├── paths_darwin.go │ │ │ ├── paths_linux.go │ │ │ ├── paths_test.go │ │ │ ├── paths_unix.go │ │ │ └── paths_windows.go │ │ ├── periodic.go │ │ ├── reexec │ │ │ ├── manager.go │ │ │ ├── reexec.go │ │ │ └── reexec_windows.go │ │ ├── secret │ │ │ ├── secret.go │ │ │ └── secret_test.go │ │ ├── testing_mode.go │ │ └── upgrade │ │ │ ├── artifact │ │ │ ├── artifact.go │ │ │ ├── config.go │ │ │ ├── config_test.go │ │ │ └── download │ │ │ │ ├── composed │ │ │ │ ├── downloader.go │ │ │ │ ├── downloader_test.go │ │ │ │ ├── verifier.go │ │ │ │ └── verifier_test.go │ │ │ │ ├── downloader.go │ │ │ │ ├── fs │ │ │ │ ├── downloader.go │ │ │ │ ├── downloader_test.go │ │ │ │ ├── testdata │ │ │ │ │ └── drop │ │ │ │ │ │ ├── elastic-agent-8.0.0-darwin-x86_64.tar.gz │ │ │ │ │ │ ├── elastic-agent-8.0.0-darwin-x86_64.tar.gz.asc │ │ │ │ │ │ ├── elastic-agent-8.0.0-darwin-x86_64.tar.gz.sha512 │ │ │ │ │ │ └── public-key.pgp │ │ │ │ ├── verifier.go │ │ │ │ └── verifier_test.go │ │ │ │ ├── headers_rtt.go │ │ │ │ ├── headers_rtt_test.go │ │ │ │ ├── http │ │ │ │ ├── common_test.go │ │ │ │ ├── downloader.go │ │ │ │ ├── downloader_test.go │ │ │ │ ├── progress_observer.go │ │ │ │ ├── progress_observer_test.go │ │ │ │ ├── progress_reporter.go │ │ │ │ ├── verifier.go │ │ │ │ ├── verifier_test.go │ │ │ │ ├── verify_backoff_rtt.go │ │ │ │ └── verify_backoff_rtt_test.go │ │ │ │ ├── localremote │ │ │ │ ├── downloader.go │ │ │ │ └── verifier.go │ │ │ │ ├── reloadable.go │ │ │ │ ├── snapshot │ │ │ │ ├── downloader.go │ │ │ │ ├── downloader_test.go │ │ │ │ ├── testdata │ │ │ │ │ └── latest-snapshot.json │ │ │ │ └── verifier.go │ │ │ │ ├── verifier.go │ │ │ │ └── verifier_test.go │ │ │ ├── cleanup.go │ │ │ ├── cleanup_test.go │ │ │ ├── details │ │ │ ├── details.go │ │ │ ├── details_test.go │ │ │ └── state.go │ │ │ ├── marker_access_common.go │ │ │ ├── marker_access_other.go │ │ │ ├── marker_access_test.go │ │ │ ├── marker_access_windows.go │ │ │ ├── marker_watcher.go │ │ │ ├── marker_watcher_test.go │ │ │ ├── rollback.go │ │ │ ├── rollback_darwin.go │ │ │ ├── rollback_linux.go │ │ │ ├── rollback_test.go │ │ │ ├── rollback_windows.go │ │ │ ├── service_update.go │ │ │ ├── service_update_linux.go │ │ │ ├── service_update_linux_test.go │ │ │ ├── step_download.go │ │ │ ├── step_download_test.go │ │ │ ├── step_mark.go │ │ │ ├── step_mark_test.go │ │ │ ├── step_relink.go │ │ │ ├── step_unpack.go │ │ │ ├── step_unpack_test.go │ │ │ ├── test │ │ │ ├── case1 │ │ │ │ └── README.md │ │ │ ├── case2 │ │ │ │ └── README.md │ │ │ └── case3 │ │ │ │ └── README.md │ │ │ ├── upgrade.go │ │ │ ├── upgrade_test.go │ │ │ ├── watcher.go │ │ │ └── watcher_test.go │ ├── cleaner │ │ ├── cleaner.go │ │ └── cleaner_test.go │ ├── cmd │ │ ├── apply_flavor.go │ │ ├── cmd_test.go │ │ ├── command_components.go │ │ ├── command_components_fips_test.go │ │ ├── command_components_nofips_test.go │ │ ├── common.go │ │ ├── component.go │ │ ├── component_spec.go │ │ ├── container.go │ │ ├── container_init_linux.go │ │ ├── container_init_other.go │ │ ├── container_init_test.go │ │ ├── container_test.go │ │ ├── diagnostics.go │ │ ├── diagnostics_test.go │ │ ├── enroll.go │ │ ├── enroll_cmd.go │ │ ├── enroll_cmd_nofips_test.go │ │ ├── enroll_cmd_test.go │ │ ├── enroll_match_fileowner_unix.go │ │ ├── enroll_match_fileowner_unix_test.go │ │ ├── enroll_match_fileowner_windows.go │ │ ├── enroll_match_fileowner_windows_test.go │ │ ├── enroll_unix.go │ │ ├── enroll_windows.go │ │ ├── include.go │ │ ├── inspect.go │ │ ├── install.go │ │ ├── install_enroll.go │ │ ├── install_enroll_windows.go │ │ ├── install_test.go │ │ ├── install_windows_test.go │ │ ├── logs.go │ │ ├── logs_test.go │ │ ├── otel.go │ │ ├── otel_flags.go │ │ ├── otel_flags_test.go │ │ ├── privileged.go │ │ ├── reexec.go │ │ ├── reexec_windows.go │ │ ├── run.go │ │ ├── run_test.go │ │ ├── run_unix.go │ │ ├── run_windows.go │ │ ├── setup_config.go │ │ ├── status.go │ │ ├── status_test.go │ │ ├── testdata │ │ │ ├── diagnostics │ │ │ │ └── endpoint-security │ │ │ │ │ └── logs │ │ │ │ │ ├── endpoint-1.log │ │ │ │ │ └── endpoint-2.log │ │ │ ├── otel │ │ │ │ ├── components-output-fips.yml │ │ │ │ ├── components-output.yml │ │ │ │ ├── elastic-agent.yml │ │ │ │ └── otel.yml │ │ │ └── status │ │ │ │ ├── full_degraded │ │ │ │ ├── full_healthy │ │ │ │ ├── human_degraded │ │ │ │ └── human_healthy │ │ ├── uninstall.go │ │ ├── unprivileged.go │ │ ├── upgrade.go │ │ ├── upgrade_test.go │ │ ├── validate.go │ │ ├── validate_test.go │ │ ├── watch.go │ │ └── watch_test.go │ ├── configuration │ │ ├── configuration.go │ │ ├── fleet.go │ │ ├── fleet_server.go │ │ ├── fleet_server_test.go │ │ ├── grpc.go │ │ ├── grpc_test.go │ │ ├── info.go │ │ ├── reload.go │ │ ├── settings.go │ │ ├── upgrade.go │ │ └── upgrade_test.go │ ├── errors │ │ ├── error.go │ │ ├── error_test.go │ │ ├── generators.go │ │ └── types.go │ ├── install │ │ ├── flavors.go │ │ ├── flavors_test.go │ │ ├── install.go │ │ ├── install_test.go │ │ ├── install_unix.go │ │ ├── install_windows.go │ │ ├── install_windows_test.go │ │ ├── installed.go │ │ ├── pkgmgr │ │ │ ├── pkgmgr_unix.go │ │ │ └── pkgmgr_windows.go │ │ ├── prereq.go │ │ ├── progress.go │ │ ├── progress_test.go │ │ ├── svc.go │ │ ├── svc_windows.go │ │ ├── switch.go │ │ ├── switch_darwin.go │ │ ├── switch_other.go │ │ ├── testblocking │ │ │ └── main.go │ │ ├── uninstall.go │ │ ├── uninstall_test.go │ │ ├── uninstall_unix.go │ │ ├── uninstall_windows.go │ │ ├── uninstall_windows_test.go │ │ ├── user.go │ │ ├── user_darwin.go │ │ ├── user_linux.go │ │ ├── user_test.go │ │ ├── user_windows.go │ │ ├── user_windows_test.go │ │ ├── wait_service_other.go │ │ └── wait_service_windows.go │ ├── internal │ │ └── yamltest │ │ │ └── yaml.go │ ├── migration │ │ ├── migrate_config.go │ │ └── migrate_config_test.go │ ├── perms │ │ ├── opts.go │ │ ├── unix.go │ │ ├── windows.go │ │ └── windows_test.go │ ├── protection │ │ ├── action.go │ │ ├── action_test.go │ │ ├── config.go │ │ ├── config_test.go │ │ ├── match_policy.go │ │ ├── match_policy_test.go │ │ ├── overlay_policy.go │ │ ├── overlay_policy_test.go │ │ ├── policy.go │ │ ├── policy_test.go │ │ ├── signature.go │ │ └── signature_test.go │ ├── storage │ │ ├── disk_store.go │ │ ├── encrypted_disk_storage_windows_linux_test.go │ │ ├── encrypted_disk_store.go │ │ ├── encrypted_disk_store_test.go │ │ ├── handler_store.go │ │ ├── null_store.go │ │ ├── replace_store.go │ │ ├── skip_replace.go │ │ ├── skip_replace_test.go │ │ ├── storage.go │ │ ├── storage_test.go │ │ └── store │ │ │ ├── internal │ │ │ └── migrations │ │ │ │ └── migrations.go │ │ │ ├── migrations.go │ │ │ ├── migrations_test.go │ │ │ ├── state_store.go │ │ │ ├── state_store_test.go │ │ │ └── testdata │ │ │ ├── 7.17.18-action_store_empty.yml │ │ │ ├── 7.17.18-action_store_policy_change.yml │ │ │ ├── 7.18.18-action_store_unenroll.yml │ │ │ ├── 7.18.18-action_store_unknown.yml │ │ │ ├── 8.0.0-action_policy_change.yml │ │ │ ├── 8.0.0-action_unenroll.yml │ │ │ ├── 8.0.0-action_unknown.yml │ │ │ └── 8.0.0-empty.yml │ ├── transpiler │ │ ├── ast.go │ │ ├── ast_test.go │ │ ├── inputs.go │ │ ├── inputs_test.go │ │ ├── map_visitor.go │ │ ├── outputs.go │ │ ├── outputs_test.go │ │ ├── vars.go │ │ ├── vars_test.go │ │ └── visitor.go │ ├── vars │ │ └── vars.go │ └── vault │ │ ├── aesgcm │ │ ├── aesgcm.go │ │ └── aesgcm_test.go │ │ ├── seed.go │ │ ├── seed_fips.go │ │ ├── seed_fips_test.go │ │ ├── seed_nofips.go │ │ ├── seed_nofips_test.go │ │ ├── seed_test.go │ │ ├── vault.go │ │ ├── vault_file.go │ │ ├── vault_file_fips_test.go │ │ ├── vault_file_nofips_test.go │ │ ├── vault_file_notwindows.go │ │ ├── vault_file_test.go │ │ ├── vault_file_windows.go │ │ ├── vault_keychain_darwin.c │ │ ├── vault_keychain_darwin.go │ │ ├── vault_keychain_notdarwin.go │ │ ├── vault_keychain_notdarwin_test.go │ │ └── vault_options.go │ ├── basecmd │ ├── cmd.go │ ├── cmd_test.go │ ├── restart │ │ └── cmd.go │ └── version │ │ ├── cmd.go │ │ └── cmd_test.go │ ├── capabilities │ ├── capabilities.go │ ├── capabilities_test.go │ ├── expr.go │ ├── expr_test.go │ ├── spec.go │ ├── spec_test.go │ ├── string_matcher.go │ ├── string_matcher_test.go │ ├── upgrade.go │ └── upgrade_test.go │ ├── cli │ ├── confirm.go │ ├── confirm_test.go │ ├── flags.go │ ├── flags_test.go │ ├── input.go │ └── streams.go │ ├── composable │ ├── benchmark_test.go │ ├── config.go │ ├── context.go │ ├── controller.go │ ├── controller_test.go │ ├── dynamic.go │ ├── providers │ │ ├── agent │ │ │ ├── agent.go │ │ │ └── agent_test.go │ │ ├── docker │ │ │ ├── config.go │ │ │ ├── docker.go │ │ │ └── docker_test.go │ │ ├── env │ │ │ ├── env.go │ │ │ └── env_test.go │ │ ├── filesource │ │ │ ├── filesource.go │ │ │ └── filesource_test.go │ │ ├── host │ │ │ ├── host.go │ │ │ └── host_test.go │ │ ├── kubernetes │ │ │ ├── README.md │ │ │ ├── config.go │ │ │ ├── config_test.go │ │ │ ├── hints.go │ │ │ ├── hints_test.go │ │ │ ├── kubernetes.go │ │ │ ├── node.go │ │ │ ├── node_test.go │ │ │ ├── pod.go │ │ │ ├── pod_test.go │ │ │ ├── service.go │ │ │ └── service_test.go │ │ ├── kubernetesleaderelection │ │ │ ├── config.go │ │ │ ├── kubernetes_leaderelection.go │ │ │ └── kubernetes_leaderelection_test.go │ │ ├── kubernetessecrets │ │ │ ├── config.go │ │ │ ├── expiration_cache.go │ │ │ ├── kubernetes_secrets.go │ │ │ ├── kubernetes_secrets_test.go │ │ │ └── store_test.go │ │ ├── local │ │ │ ├── local.go │ │ │ └── local_test.go │ │ ├── localdynamic │ │ │ ├── localdynamic.go │ │ │ └── localdynamic_test.go │ │ └── path │ │ │ ├── path.go │ │ │ └── path_test.go │ ├── registry.go │ ├── testdata │ │ ├── agent.yaml │ │ ├── env.yaml │ │ ├── host.yaml │ │ ├── kubernetes.yaml │ │ └── path.yaml │ └── testing │ │ ├── clone.go │ │ ├── context.go │ │ └── dynamic.go │ ├── config │ ├── config.go │ ├── config_test.go │ ├── discover.go │ ├── loader.go │ ├── loader_test.go │ ├── operations │ │ ├── inspector.go │ │ ├── svc_unix.go │ │ └── svc_windows.go │ └── testdata │ │ ├── inputs │ │ ├── invalid-inputs.yml │ │ ├── log-inputs.yml │ │ └── metrics-inputs.yml │ │ ├── standalone-with-inputs.yml │ │ ├── standalone1.yml │ │ └── standalone2.yml │ ├── conv │ ├── map.go │ └── map_test.go │ ├── core │ ├── authority │ │ └── ca.go │ ├── backoff │ │ ├── backoff.go │ │ ├── backoff_test.go │ │ ├── equal_jitter.go │ │ └── exponential.go │ ├── composable │ │ └── providers.go │ ├── monitoring │ │ └── config │ │ │ ├── config.go │ │ │ └── config_test.go │ └── socket │ │ ├── dial.go │ │ ├── dial_windows.go │ │ └── doc.go │ ├── crypto │ ├── hash.go │ ├── hash_test.go │ ├── io.go │ ├── io_opts_fips.go │ ├── io_opts_fips_test.go │ ├── io_opts_nofips.go │ ├── io_opts_nofips_test.go │ └── io_test.go │ ├── diagnostics │ ├── diagnostics.go │ └── diagnostics_test.go │ ├── dir │ ├── discover.go │ └── discover_test.go │ ├── eql │ ├── Eql.g4 │ ├── compare.go │ ├── eql.go │ ├── eql_test.go │ ├── expression.go │ ├── math.go │ ├── methods.go │ ├── methods_array.go │ ├── methods_dict.go │ ├── methods_length.go │ ├── methods_math.go │ ├── methods_str.go │ ├── parser │ │ ├── Eql.interp │ │ ├── Eql.tokens │ │ ├── EqlLexer.interp │ │ ├── EqlLexer.tokens │ │ ├── eql_base_listener.go │ │ ├── eql_base_visitor.go │ │ ├── eql_lexer.go │ │ ├── eql_listener.go │ │ ├── eql_parser.go │ │ └── eql_visitor.go │ └── visitor.go │ ├── fileutil │ └── fileutil.go │ ├── filewatcher │ ├── watcher.go │ └── watcher_test.go │ ├── fleetapi │ ├── ack_cmd.go │ ├── ack_cmd_test.go │ ├── acker │ │ ├── acker.go │ │ ├── fleet │ │ │ ├── fleet_acker.go │ │ │ └── fleet_acker_test.go │ │ ├── lazy │ │ │ ├── lazy_acker.go │ │ │ └── lazy_acker_test.go │ │ ├── noop │ │ │ └── noop_acker.go │ │ └── retrier │ │ │ ├── retrier.go │ │ │ └── retrier_test.go │ ├── action.go │ ├── action_test.go │ ├── audit_unenroll_cmd.go │ ├── audit_unenroll_cmd_test.go │ ├── checkin_cmd.go │ ├── checkin_cmd_test.go │ ├── client │ │ ├── client.go │ │ ├── client_test.go │ │ ├── helper_test.go │ │ └── round_trippers.go │ ├── custom_type.go │ ├── custom_type_test.go │ ├── enroll_cmd.go │ ├── enroll_cmd_test.go │ ├── helper_test.go │ └── uploader │ │ ├── uploader.go │ │ └── uploader_test.go │ ├── id │ ├── generate.go │ └── generate_test.go │ ├── otel │ ├── README.md │ ├── agentprovider │ │ ├── provider.go │ │ └── provider_test.go │ ├── command_components.go │ ├── components.go │ ├── components_fips.go │ ├── components_nofips.go │ ├── configtranslate │ │ ├── otelconfig.go │ │ └── otelconfig_test.go │ ├── manager │ │ ├── extension.go │ │ ├── force_extension_converter.go │ │ ├── manager.go │ │ └── manager_test.go │ ├── otelhelpers │ │ ├── status.go │ │ └── status_test.go │ ├── run.go │ ├── run_fips_test.go │ ├── run_nofips_test.go │ ├── run_test.go │ ├── samples │ │ ├── darwin │ │ │ ├── logs_metrics_traces.yml │ │ │ ├── managed_otlp │ │ │ │ ├── logs_metrics_traces.yml │ │ │ │ ├── platformlogs.yml │ │ │ │ └── platformlogs_hostmetrics.yml │ │ │ ├── platformlogs.yml │ │ │ └── platformlogs_hostmetrics.yml │ │ └── linux │ │ │ ├── gateway.yml │ │ │ ├── logs_metrics_traces.yml │ │ │ ├── managed_otlp │ │ │ ├── logs_metrics_traces.yml │ │ │ ├── platformlogs.yml │ │ │ └── platformlogs_hostmetrics.yml │ │ │ ├── platformlogs.yml │ │ │ └── platformlogs_hostmetrics.yml │ ├── templates │ │ └── README.md.tmpl │ ├── testdata │ │ ├── all-components-fips.yml │ │ ├── all-components.windows.yml │ │ ├── all-components.yml │ │ ├── nonexistent-component.yml │ │ ├── otel.yml │ │ └── otlp.yml │ └── validate.go │ ├── queue │ ├── actionqueue.go │ └── actionqueue_test.go │ ├── release │ ├── pgp.go │ ├── upgrade.go │ ├── version.go │ └── version_test.go │ ├── remote │ ├── client.go │ ├── client_fips_test.go │ ├── client_test.go │ ├── config.go │ ├── config_test.go │ ├── round_trippers.go │ └── testdata │ │ ├── .gitignore │ │ ├── README.md │ │ ├── ca.crt │ │ ├── fips_invalid.crt │ │ ├── fips_invalid.key │ │ ├── fips_valid.crt │ │ ├── fips_valid.key │ │ ├── server.crt │ │ └── server.key │ ├── runner │ ├── runner.go │ └── runner_test.go │ ├── scheduler │ ├── scheduler.go │ └── scheduler_test.go │ ├── sorted │ ├── set.go │ └── set_test.go │ ├── testutils │ ├── fipsutils │ │ └── fipsOnlySkip.go │ └── testutils.go │ └── util │ ├── host.go │ └── host_test.go ├── magefile.go ├── main.go ├── main_test.go ├── otel.yml ├── pkg ├── api │ └── v1 │ │ ├── api.go │ │ ├── manifest.go │ │ └── manifest_test.go ├── component │ ├── component.go │ ├── component_test.go │ ├── config.go │ ├── config_test.go │ ├── error.go │ ├── fake │ │ └── component │ │ │ ├── README.md │ │ │ ├── comp │ │ │ ├── actions.go │ │ │ ├── apm.go │ │ │ └── component.go │ │ │ └── main.go │ ├── input_spec.go │ ├── load.go │ ├── load_test.go │ ├── platforms.go │ ├── platforms_test.go │ ├── runtime │ │ ├── README.md │ │ ├── apm_config_mapper.go │ │ ├── apm_config_mapper_test.go │ │ ├── command.go │ │ ├── command_test.go │ │ ├── conn_info_server.go │ │ ├── conn_info_server_test.go │ │ ├── conn_info_server_unix_test.go │ │ ├── conn_info_server_windows_test.go │ │ ├── failed.go │ │ ├── log_writer.go │ │ ├── log_writer_test.go │ │ ├── manager.go │ │ ├── manager_fake_input_test.go │ │ ├── manager_test.go │ │ ├── runtime.go │ │ ├── runtime_comm.go │ │ ├── runtime_comm_test.go │ │ ├── service.go │ │ ├── service_command.go │ │ ├── service_command_test.go │ │ ├── service_test.go │ │ ├── state.go │ │ └── subscription.go │ ├── spec.go │ └── spec_test.go ├── control │ ├── addr.go │ ├── time.go │ ├── v1 │ │ ├── client │ │ │ ├── client.go │ │ │ ├── dial.go │ │ │ └── dial_windows.go │ │ ├── proto │ │ │ ├── control_v1.pb.go │ │ │ └── control_v1_grpc.pb.go │ │ └── server │ │ │ └── server.go │ └── v2 │ │ ├── client │ │ ├── client.go │ │ ├── dial.go │ │ ├── dial_windows.go │ │ └── wait │ │ │ ├── agent.go │ │ │ └── common.go │ │ ├── control_test.go │ │ ├── cproto │ │ ├── control_v2.pb.go │ │ └── control_v2_grpc.pb.go │ │ └── server │ │ ├── listener.go │ │ ├── server.go │ │ └── server_test.go ├── core │ ├── logger │ │ ├── logger.go │ │ ├── logger_test.go │ │ └── loggertest │ │ │ ├── logger.go │ │ │ └── logger_test.go │ └── process │ │ ├── cmd.go │ │ ├── cmd_darwin.go │ │ ├── cmd_linux.go │ │ ├── cmd_test.go │ │ ├── config.go │ │ ├── external_unix.go │ │ ├── external_windows.go │ │ ├── job_unix.go │ │ ├── job_windows.go │ │ ├── process.go │ │ └── testsignal │ │ ├── main.go │ │ ├── proc.go │ │ └── proc_win.go ├── features │ ├── features.go │ └── features_test.go ├── ipc │ ├── listener.go │ └── listener_windows.go ├── limits │ ├── limits.go │ └── limits_test.go ├── packer │ ├── packer.go │ └── packer_test.go ├── testing │ ├── buildkite │ │ ├── buildkite.go │ │ └── steps.go │ ├── common │ │ ├── batch.go │ │ ├── build.go │ │ ├── config.go │ │ ├── config_test.go │ │ ├── instance.go │ │ ├── logger.go │ │ ├── prefix_output.go │ │ ├── runner.go │ │ ├── stack.go │ │ └── supported.go │ ├── define │ │ ├── batch.go │ │ ├── batch_test.go │ │ ├── define.go │ │ ├── define_all.go │ │ ├── define_autodiscovery.go │ │ ├── define_autodiscovery_test.go │ │ ├── define_define.go │ │ ├── define_flags.go │ │ ├── define_kubernetes.go │ │ ├── define_local.go │ │ ├── parser.go │ │ ├── parser_test.go │ │ ├── requirements.go │ │ └── testdata │ │ │ └── sample_test.go │ ├── ess │ │ ├── client.go │ │ ├── client_test.go │ │ ├── config.go │ │ ├── create_deployment_csp_configuration.yaml │ │ ├── create_deployment_request.tmpl.json │ │ ├── deployment.go │ │ ├── deployment_test.go │ │ ├── doc.go │ │ ├── serverless.go │ │ ├── serverless_provisioner.go │ │ ├── serverless_test.go │ │ ├── statful_provisioner.go │ │ └── users.go │ ├── fetch_test.go │ ├── fetcher.go │ ├── fetcher_artifact.go │ ├── fetcher_artifact_test.go │ ├── fetcher_http.go │ ├── fetcher_http_test.go │ ├── fetcher_local.go │ ├── fetcher_local_test.go │ ├── fixture.go │ ├── fixture_install.go │ ├── helm │ │ └── helm.go │ ├── kubernetes │ │ ├── image.go │ │ ├── kind │ │ │ └── provisioner.go │ │ ├── loader.go │ │ ├── runner.go │ │ └── supported.go │ ├── linux │ │ ├── debian.go │ │ ├── linux.go │ │ └── rhel.go │ ├── log.go │ ├── log_watcher.go │ ├── machine.go │ ├── machine_test.go │ ├── multipass │ │ └── provisioner.go │ ├── ogc │ │ ├── api.go │ │ ├── config.go │ │ ├── provisioner.go │ │ └── supported.go │ ├── runner │ │ ├── archiver.go │ │ ├── json.go │ │ ├── junit.go │ │ ├── runner.go │ │ ├── runner_test.go │ │ └── utils.go │ ├── ssh │ │ ├── client.go │ │ ├── file.go │ │ ├── interface.go │ │ └── keys.go │ ├── supported │ │ ├── batch.go │ │ ├── supported.go │ │ └── supported_test.go │ ├── testdata │ │ ├── build-manifest.json │ │ ├── release-response.json │ │ └── snapshot-response.json │ ├── tools │ │ ├── check │ │ │ └── check.go │ │ ├── epr.go │ │ ├── fleettools │ │ │ └── fleet.go │ │ ├── git │ │ │ ├── git.go │ │ │ └── git_test.go │ │ ├── kibana.go │ │ ├── product_versions │ │ │ ├── product_versions.go │ │ │ ├── product_versions_test.go │ │ │ └── testdata │ │ │ │ ├── expected-versions.txt │ │ │ │ ├── filter.sh │ │ │ │ └── versions.json │ │ ├── slope.go │ │ ├── slope_test.go │ │ ├── snapshots │ │ │ ├── snapshots.go │ │ │ └── snapshots_test.go │ │ ├── testcontext │ │ │ └── testcontext.go │ │ └── tools.go │ ├── use.go │ └── windows │ │ └── windows.go ├── utils │ ├── broadcaster │ │ ├── broadcaster.go │ │ └── broadcaster_test.go │ ├── maps.go │ ├── perm_unix.go │ ├── perm_windows.go │ ├── root_unix.go │ ├── root_windows.go │ ├── root_windows_test.go │ ├── socket_unix.go │ ├── socket_unix_test.go │ ├── socket_windows.go │ ├── socket_windows_test.go │ └── watcher.go └── version │ ├── version_parser.go │ └── version_parser_test.go ├── skaffold.yaml ├── sonar-project.properties ├── specs ├── README.md ├── apm-server.spec.yml ├── cloudbeat.spec.yml ├── connectors.spec.yml ├── endpoint-security.spec.yml ├── fleet-server.spec.yml ├── pf-elastic-collector.spec.yml ├── pf-elastic-symbolizer.spec.yml ├── pf-host-agent.spec.yml └── testbeat.spec.yml ├── test_infra └── ess │ ├── .gitignore │ ├── deployment.tf │ ├── output.tf │ └── terraform.tf ├── testing ├── .gitignore ├── environments │ ├── cloud │ │ ├── .gitignore │ │ ├── .terraform.lock.hcl │ │ ├── Makefile │ │ ├── README.md │ │ ├── docker_image.auto.tfvars.sample │ │ ├── main.tf │ │ ├── outputs.tf │ │ ├── terraform.tfvars │ │ └── variables.tf │ └── infra │ │ └── terraform │ │ └── modules │ │ └── ec_deployment │ │ ├── .gitignore │ │ ├── README.md │ │ ├── deployment.tf │ │ ├── header.md │ │ ├── outputs.tf │ │ ├── scripts │ │ ├── custom-apm-integration-pkg.tftpl │ │ ├── drop_pipeline.tftpl │ │ ├── enable_expvar.tftpl │ │ ├── index_shards.tftpl │ │ └── secret_token.tftpl │ │ ├── terraform.tf │ │ └── variables.tf ├── fleetservertest │ ├── README.md │ ├── ackableactions.go │ ├── auth.go │ ├── checkin.go │ ├── fleetserver.go │ ├── fleetserver_test.go │ ├── handlers.go │ ├── models.go │ └── server.go ├── installtest │ ├── checks.go │ ├── checks_unix.go │ └── checks_windows.go ├── integration │ ├── README.md │ ├── agent_long_running_leak_test.go │ ├── agent_long_test_apache.json │ ├── agent_long_test_base_system_integ.json │ ├── apm_propagation_test.go │ ├── auditd_monitoring_test.go │ ├── beat_receivers_test.go │ ├── beats_serverless_test.go │ ├── container_cmd_test.go │ ├── delay_enroll_test.go │ ├── diagnostics_test.go │ ├── endpoint_security_package.json.tmpl │ ├── endpoint_security_test.go │ ├── endpoint_test_tools.go │ ├── enroll_replace_token_test.go │ ├── enroll_unprivileged_test.go │ ├── escaping_secrets_in_policy_test.go │ ├── event_logging_test.go │ ├── fake_test.go │ ├── fakes.go │ ├── fleetserver_fips_test.go │ ├── fleetserver_test.go │ ├── fqdn_test.go │ ├── groups_test.go │ ├── init.go │ ├── inspect_test.go │ ├── install_test.go │ ├── kubernetes_agent_service_test.go │ ├── kubernetes_agent_standalone_test.go │ ├── linux_deb_test.go │ ├── linux_rpm_test.go │ ├── log_level_test.go │ ├── logs_ingestion_test.go │ ├── main_test.go │ ├── metrics_monitoring_test.go │ ├── monitoring_endpoint_test.go │ ├── monitoring_probe_preserve_text_cfg_test.go │ ├── monitoring_probe_reload_test.go │ ├── network_traffic_monitoring_test.go │ ├── osquery_monitoring_test.go │ ├── otel_helm_test.go │ ├── otel_test.go │ ├── package_version_test.go │ ├── pkgversion_common_test.go │ ├── proxy_url_test.go │ ├── restrict_upgrade_deb_test.go │ ├── restrict_upgrade_rpm_test.go │ ├── switch_privileged_test.go │ ├── switch_unprivileged_test.go │ ├── system_integration_setup.json │ ├── testdata │ │ ├── .upgrade-test-agent-versions.yml │ │ ├── auditd_package.json │ │ ├── connectors.agent.yml │ │ ├── fleet-server.json │ │ ├── java_app.yaml │ │ ├── k8s.hints.redis.yaml │ │ ├── network_traffic_package.json │ │ ├── osquery_package.json │ │ └── preinstalled_packages.json │ ├── upgrade_broken_package_test.go │ ├── upgrade_fleet_test.go │ ├── upgrade_gpg_test.go │ ├── upgrade_rollback_test.go │ ├── upgrade_standalone_flavors_test.go │ ├── upgrade_standalone_inprogress_test.go │ ├── upgrade_standalone_retry_test.go │ ├── upgrade_standalone_same_commit_test.go │ ├── upgrade_standalone_test.go │ ├── upgrade_uninstall_test.go │ └── validate_items_deprecated_list_test.go ├── kubernetes_inner │ └── agent_paths_ownership_test.go ├── mocks │ ├── internal_ │ │ └── pkg │ │ │ ├── agent │ │ │ ├── application │ │ │ │ ├── actions │ │ │ │ │ └── handlers │ │ │ │ │ │ ├── diagnostics_provider_mock.go │ │ │ │ │ │ ├── log_level_setter_mock.go │ │ │ │ │ │ └── uploader_mock.go │ │ │ │ └── info │ │ │ │ │ └── agent_mock.go │ │ │ └── storage │ │ │ │ └── storage_mock.go │ │ │ └── fleetapi │ │ │ ├── acker │ │ │ └── acker_mock.go │ │ │ └── client │ │ │ └── sender_mock.go │ └── pkg │ │ └── control │ │ └── v2 │ │ └── client │ │ └── client_mock.go ├── pgptest │ └── pgp.go ├── proxytest │ ├── https.go │ ├── proxytest.go │ ├── proxytest_example_test.go │ └── proxytest_test.go └── upgradetest │ ├── logger.go │ ├── upgrader.go │ ├── versions.go │ ├── versions_test.go │ ├── watcher.go │ ├── watcher_unix.go │ └── watcher_windows.go ├── tools └── tools.go ├── updatecli-compose.yaml ├── version ├── docs │ ├── build_docs.sh │ └── version.asciidoc ├── helper.go └── version.go └── wrapper └── windows └── archive-proxy ├── go.mod ├── go.sum └── main.go /.buildkite/hooks/pre-command.ps1: -------------------------------------------------------------------------------- 1 | # Shorten BUILDKITE_MESSAGE if needed to avoid filling the Windows env var buffer 2 | $env:BUILDKITE_MESSAGE = $env:BUILDKITE_MESSAGE.Substring(0, [System.Math]::Min(2048, $env:BUILDKITE_MESSAGE.Length)) 3 | -------------------------------------------------------------------------------- /.buildkite/pipeline.elastic-agent-gce-cleanup.yml: -------------------------------------------------------------------------------- 1 | # yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json 2 | 3 | # Removes stale GCE instances having matching labels, name prefixes and older than 24 hours 4 | # See gce-cleanup.sh and .buildkite/misc/gce-cleanup.yml 5 | env: 6 | VAULT_PATH: "kv/ci-shared/observability-ingest/cloud/gcp" 7 | DOCKER_REGISTRY: "docker.elastic.co" 8 | steps: 9 | - label: "GCE Cleanup" 10 | key: "gce-cleanup" 11 | command: ".buildkite/scripts/steps/gce-cleanup.sh" 12 | agents: 13 | provider: "gcp" 14 | -------------------------------------------------------------------------------- /.buildkite/pipeline.elastic-agent-helm-charts.yml: -------------------------------------------------------------------------------- 1 | # yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json 2 | env: 3 | HELM_REPO_ENV: ${HELM_REPO_ENV:-dev} 4 | SNAPSHOT: ${SNAPSHOT:-true} 5 | 6 | steps: 7 | - label: ":elastic-stack: Create helm chart" 8 | command: | 9 | .buildkite/scripts/steps/helm-charts.sh 10 | artifact_paths: 11 | - "elastic-agent-*.tgz" 12 | plugins: 13 | - elastic/oblt-google-auth#v1.2.0: 14 | lifetime: 1800 # seconds 15 | project-id: "elastic-observability-ci" 16 | project-number: "911195782929" 17 | agents: 18 | provider: "gcp" 19 | machineType: "n2-standard-8" 20 | -------------------------------------------------------------------------------- /.buildkite/scripts/steps/build-agent-core.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -euo pipefail 4 | 5 | source .buildkite/scripts/common.sh 6 | 7 | echo "+++ Build Agent artifacts" 8 | SNAPSHOT="" 9 | VERSION_QUALIFIER="${VERSION_QUALIFIER:=""}" 10 | BEAT_VERSION_FULL=$BEAT_VERSION 11 | 12 | if [ "$DRA_WORKFLOW" == "snapshot" ]; then 13 | SNAPSHOT="true" 14 | BEAT_VERSION_FULL="${BEAT_VERSION}-SNAPSHOT" 15 | fi 16 | 17 | if [[ "$DRA_WORKFLOW" == "staging" ]] && [[ -n "$VERSION_QUALIFIER" ]]; then 18 | BEAT_VERSION_FULL="${BEAT_VERSION_FULL}-${VERSION_QUALIFIER}" 19 | fi 20 | 21 | SNAPSHOT=$SNAPSHOT mage packageAgentCore 22 | chmod -R 777 build/distributions 23 | 24 | echo "+++ Generate dependencies report" 25 | ./dev-tools/dependencies-report 26 | mkdir -p build/distributions/reports 27 | mv dependencies.csv "build/distributions/reports/dependencies-${BEAT_VERSION_FULL}.csv" 28 | -------------------------------------------------------------------------------- /.buildkite/scripts/steps/check-ci.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -euo pipefail 4 | 5 | source .buildkite/scripts/common.sh 6 | 7 | echo "--- Check CI" 8 | go version 9 | mage --version 10 | BEAT_VERSION=$(make get-version) 11 | echo "Beat version: $BEAT_VERSION" 12 | make check-ci -------------------------------------------------------------------------------- /.buildkite/scripts/steps/ess_down.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -euo pipefail 3 | 4 | source .buildkite/scripts/common2.sh 5 | 6 | source .buildkite/scripts/steps/ess.sh 7 | 8 | ess_down || echo "Failed to stop ESS stack" >&2 9 | -------------------------------------------------------------------------------- /.buildkite/scripts/steps/ess_start.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -euo pipefail 3 | 4 | source .buildkite/scripts/common2.sh 5 | source .buildkite/scripts/steps/ess.sh 6 | source .buildkite/scripts/steps/fleet.sh 7 | 8 | OVERRIDE_STACK_VERSION="$(cat .package-version)" 9 | OVERRIDE_STACK_VERSION=${OVERRIDE_STACK_VERSION}"-SNAPSHOT" 10 | 11 | ess_up $OVERRIDE_STACK_VERSION 12 | 13 | preinstall_fleet_packages 14 | 15 | echo "ES_HOST: ${ELASTICSEARCH_HOST}" 16 | buildkite-agent meta-data set "es.host" $ELASTICSEARCH_HOST 17 | buildkite-agent meta-data set "es.username" $ELASTICSEARCH_USERNAME 18 | buildkite-agent meta-data set "es.pwd" $ELASTICSEARCH_PASSWORD 19 | buildkite-agent meta-data set "kibana.host" $KIBANA_HOST 20 | buildkite-agent meta-data set "kibana.username" $KIBANA_USERNAME 21 | buildkite-agent meta-data set "kibana.pwd" $KIBANA_PASSWORD 22 | buildkite-agent meta-data set "integrations_server.host" $INTEGRATIONS_SERVER_HOST 23 | -------------------------------------------------------------------------------- /.buildkite/scripts/steps/gce-cleanup.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -euo pipefail 4 | 5 | export ACCOUNT_KEY_SECRET=$(vault kv get -field=client_email $VAULT_PATH) 6 | export ACCOUNT_SECRET=$(vault kv get -field=private_key $VAULT_PATH) 7 | export ACCOUNT_PROJECT_SECRET=$(vault kv get -field=project_id $VAULT_PATH) 8 | export DELETE_CREATED_AFTER_DATE=$(date -Is -d "5 hours ago") 9 | 10 | docker run -v $(pwd)/.buildkite/misc/gce-cleanup.yml:/etc/cloud-reaper/config.yml \ 11 | -e ACCOUNT_SECRET="$ACCOUNT_SECRET" \ 12 | -e ACCOUNT_KEY="$ACCOUNT_KEY_SECRET" \ 13 | -e ACCOUNT_PROJECT=$ACCOUNT_PROJECT_SECRET \ 14 | -e DELETE_CREATED_AFTER_DATE=$DELETE_CREATED_AFTER_DATE \ 15 | ${DOCKER_REGISTRY}/observability-ci/cloud-reaper:0.3.0 cloud-reaper --config /etc/cloud-reaper/config.yml destroy --confirm 16 | -------------------------------------------------------------------------------- /.buildkite/scripts/steps/integration-package.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -euo pipefail 3 | 4 | source .buildkite/scripts/common.sh 5 | 6 | export SNAPSHOT="true" 7 | export EXTERNAL="true" 8 | 9 | mage package 10 | -------------------------------------------------------------------------------- /.buildkite/scripts/steps/merge.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Downloads and merges coverage files from multiple steps into a single file (build/TEST-go-unit.cov). 4 | # Usage: merge.sh ... Where is the id of the step that contains the coverage artifact.# 5 | set -euo pipefail 6 | set -x # for debugging 7 | 8 | mkdir -p build 9 | MERGED_COV_FILE="build/TEST-go-unit.cov" 10 | 11 | go install github.com/wadey/gocovmerge@latest 12 | 13 | buildkite-agent artifact download "coverage-*.out" . 14 | # Space separated list of paths to coverage files 15 | find coverage-*.out -exec printf '%s ' {} \; | xargs gocovmerge > "$MERGED_COV_FILE" 16 | echo "Merged coverage file: $MERGED_COV_FILE. See artifacts" 17 | -------------------------------------------------------------------------------- /.buildkite/scripts/steps/sync-k8s.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -euo pipefail 3 | 4 | export PATH=$HOME/bin:${PATH} 5 | 6 | source .buildkite/scripts/install-gh.sh 7 | source .buildkite/scripts/common.sh 8 | 9 | echo "--- [Prepare env] Create required env variables" 10 | GITHUB_USERNAME_SECRET="elasticmachine" 11 | export GITHUB_USERNAME_SECRET=$GITHUB_USERNAME_SECRET 12 | export GITHUB_EMAIL_SECRET="elasticmachine@elastic.co" 13 | export GITHUB_TOKEN_SECRET=$VAULT_GITHUB_TOKEN 14 | 15 | cd deploy/kubernetes 16 | 17 | echo "--- [File Creation] Create-Needed-Manifest" 18 | WITHOUTCONFIG=true make generate-k8s 19 | ./creator_k8s_manifest.sh . 20 | 21 | echo "--- [Clone] Kibana-Repository" 22 | make ci-clone-kibana-repository 23 | cp Makefile ./kibana 24 | cd kibana 25 | echo "--- Create Kibana PR" 26 | make ci-create-kubernetes-templates-pull-request 27 | 28 | -------------------------------------------------------------------------------- /.buildkite/scripts/steps/trigger-publish-helm-charts.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # Create a dynamic buildkite step that triggers the 4 | # unified-release-publish-helm-charts pipeline. 5 | # 6 | # Required environment variables: 7 | # - HELM_REPO_ENV 8 | # - CHART_URL 9 | # 10 | 11 | set -eo pipefail 12 | 13 | HELM_REPO_ENV=${HELM_REPO_ENV:-"dev"} 14 | 15 | if [ -z "$CHART_URL" ] ; then 16 | echo "CHART_URL could not be found." 17 | exit 1 18 | fi 19 | 20 | cat << EOF 21 | - label: ":elastic-stack: Publish helm chart" 22 | trigger: unified-release-publish-helm-charts 23 | build: 24 | message: "publish helm-chart for elastic-agent in ${HELM_REPO_ENV}" 25 | env: 26 | CHARTS_URL: "${CHART_URL}" 27 | HELM_REPO_ENV: ${HELM_REPO_ENV} 28 | EOF -------------------------------------------------------------------------------- /.buildkite/scripts/steps/unit-tests.ps1: -------------------------------------------------------------------------------- 1 | $ErrorActionPreference = "Stop" 2 | 3 | Write-Host "-- Fixing CRLF in git checkout --" 4 | git config core.autocrlf input 5 | git rm --quiet --cached -r . 6 | git reset --quiet --hard 7 | 8 | $env:GOTMPDIR = "$env:BUILDKITE_BUILD_CHECKOUT_PATH" 9 | 10 | Write-Host "--- Build" 11 | mage build 12 | 13 | if ($LASTEXITCODE -ne 0) { 14 | exit 1 15 | } 16 | 17 | Write-Host "--- Unit tests" 18 | $env:TEST_COVERAGE = $true 19 | $env:RACE_DETECTOR = $true 20 | mage unitTest 21 | # Copy coverage file to build directory so it can be downloaded as an artifact 22 | Write-Host "--- Prepare artifacts" 23 | $buildkiteJobId = $env:BUILDKITE_JOB_ID 24 | Move-Item -Path "build/TEST-go-unit.cov" -Destination "coverage-$buildkiteJobId.out" 25 | Move-Item -Path "build/TEST-go-unit.xml" -Destination "build/TEST-$buildkiteJobId.xml" 26 | if ($LASTEXITCODE -ne 0) { 27 | exit 1 28 | } 29 | 30 | 31 | -------------------------------------------------------------------------------- /.buildkite/scripts/steps/unit-tests.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | source .buildkite/scripts/common.sh 3 | set +euo pipefail 4 | 5 | echo "--- Unit tests" 6 | RACE_DETECTOR=true TEST_COVERAGE=true mage unitTest 7 | TESTS_EXIT_STATUS=$? 8 | echo "--- Prepare artifacts" 9 | # Copy coverage file to build directory so it can be downloaded as an artifact 10 | mv build/TEST-go-unit.cov "coverage-${BUILDKITE_JOB_ID:go-unit}.out" 11 | mv build/TEST-go-unit.xml build/"TEST-${BUILDKITE_JOB_ID:go-unit}.xml" 12 | exit $TESTS_EXIT_STATUS 13 | -------------------------------------------------------------------------------- /.buildkite/scripts/version_qualifier.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # An opinionated approach to managing the Elastic Qualifier for the DRA in a Google Bucket 4 | # instead of using a Buildkite env variable. 5 | 6 | if [[ -n "$VERSION_QUALIFIER" ]]; then 7 | echo "~~~ VERSION_QUALIFIER externally set to [$VERSION_QUALIFIER]" 8 | return 0 9 | fi 10 | 11 | # DRA_BRANCH can be used for manually testing packaging with PRs 12 | # e.g. define `DRA_BRANCH="main"` under Options/Environment Variables in the Buildkite UI after clicking new Build 13 | BRANCH="${DRA_BRANCH:="${BUILDKITE_BRANCH:=""}"}" 14 | 15 | qualifier="" 16 | URL="https://storage.googleapis.com/dra-qualifier/${BRANCH}" 17 | if curl -sf -o /dev/null "$URL" ; then 18 | qualifier=$(curl -s "$URL") 19 | fi 20 | 21 | export VERSION_QUALIFIER="$qualifier" 22 | echo "~~~ VERSION_QUALIFIER set to [$VERSION_QUALIFIER]" 23 | -------------------------------------------------------------------------------- /.buildkite/serverless.beats.tests.yml: -------------------------------------------------------------------------------- 1 | # yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json 2 | 3 | env: 4 | DOCKER_REGISTRY: "docker.elastic.co" 5 | VAULT_PATH: "kv/ci-shared/observability-ingest/cloud/gcp" 6 | 7 | steps: 8 | - label: "Serverless Beats Tests" 9 | key: "serverless-beats-integration-tests" 10 | retry: 11 | automatic: 12 | limit: 1 13 | command: | 14 | .buildkite/scripts/steps/beats_tests.sh 15 | agents: 16 | provider: "gcp" 17 | machineType: "n2-standard-8" 18 | -------------------------------------------------------------------------------- /.ci/scripts/update-beats.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # 3 | # This script is executed by the automation we are putting in place 4 | # and it requires the git add/commit commands. 5 | # 6 | set -euo pipefail 7 | TARGET_VERSION="${1:?Error: Please provide the target version to update to}" 8 | 9 | echo "~~~ Updating to elastic/beats@${TARGET_VERSION}" 10 | mage update:beats "${TARGET_VERSION}" 11 | -------------------------------------------------------------------------------- /.ci/updatecli/values.d/ironbank.yml: -------------------------------------------------------------------------------- 1 | config: 2 | - path: dev-tools/packaging/templates/ironbank 3 | dockerfile: Dockerfile.tmpl 4 | manifest: hardening_manifest.yaml.tmpl 5 | -------------------------------------------------------------------------------- /.ci/updatecli/values.d/scm.yml: -------------------------------------------------------------------------------- 1 | scm: 2 | enabled: true 3 | owner: elastic 4 | repository: elastic-agent 5 | branch: main 6 | commitusingapi: true 7 | # begin updatecli-compose policy values 8 | user: 'github-actions[bot]' 9 | email: '41898282+github-actions[bot]@users.noreply.github.com' 10 | # end updatecli-compose policy values 11 | 12 | -------------------------------------------------------------------------------- /.ci/updatecli/values.d/updatecli-compose.yml: -------------------------------------------------------------------------------- 1 | spec: 2 | files: 3 | - "updatecli-compose.yaml" -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | build/ 2 | deploy/ 3 | .ogc_cache/ 4 | .agent_testing/ 5 | data/ -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | # See: http://editorconfig.org 2 | root = true 3 | 4 | [*] 5 | charset = utf-8 6 | end_of_line = lf 7 | insert_final_newline = true 8 | trim_trailing_whitespace = true 9 | 10 | [.go] 11 | indent_size = 4 12 | indent_style = tab 13 | 14 | [*.json] 15 | indent_size = 4 16 | indent_style = space 17 | 18 | [*.py] 19 | indent_style = space 20 | indent_size = 4 21 | 22 | [*.yml] 23 | indent_style = space 24 | indent_size = 2 25 | 26 | [Makefile*] 27 | indent_style = tab 28 | 29 | [*.mk] 30 | indent_style = tab 31 | 32 | [Jenkinsfile] 33 | indent_size = 2 34 | indent_style = space 35 | 36 | [Vagrantfile] 37 | indent_size = 2 38 | indent_style = space 39 | 40 | [*.rl] 41 | indent_size = 4 42 | indent_style = space 43 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | CHANGELOG.next.asciidoc merge=union 2 | CHANGELOG-developer.next.asciidoc merge=union 3 | 4 | # Keep these file types as CRLF (Windows). 5 | *.bat text eol=crlf 6 | *.cmd text eol=crlf 7 | *.go text eol=lf -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | # Team responsible for Fleet Server 2 | * @elastic/elastic-agent-control-plane 3 | 4 | # Top-level files ownership 5 | /catalog-info.yaml @elastic/observablt-ci @elastic/observablt-ci-contractors 6 | 7 | # Sub-directories/files ownership. Remember that order matters; the last matching pattern takes the most precedence. 8 | /.buildkite @elastic/observablt-ci @elastic/observablt-ci-contractors 9 | /.ci @elastic/observablt-ci @elastic/observablt-ci-contractors 10 | /.github @elastic/observablt-ci @elastic/observablt-ci-contractors 11 | /.github/CODEOWNERS @elastic/ingest-tech-lead 12 | /deploy/helm @elastic/elastic-agent-control-plane 13 | /deploy/helm/edot-collector @elastic/ingest-otel-data 14 | /deploy/kubernetes @elastic/elastic-agent-control-plane 15 | /dev-tools/kubernetes @elastic/elastic-agent-control-plane 16 | /internal/pkg/composable/providers/kubernetes @elastic/elastic-agent-control-plane 17 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug-report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug 3 | about: "Report confirmed bugs. For unconfirmed bugs please visit https://discuss.elastic.co/c/beats" 4 | labels: ["bug"] 5 | 6 | --- 7 | 8 | Please post all questions and issues concerning the Elastic Agent on https://discuss.elastic.co/c/beats 9 | before opening a Github Issue. Your questions will reach a wider audience there, 10 | and if we confirm that there is a bug, then you can open a new issue. 11 | 12 | For security vulnerabilities please only send reports to security@elastic.co. 13 | See https://www.elastic.co/community/security for more information. 14 | 15 | Please include configurations and logs if available. 16 | 17 | For confirmed bugs, please report: 18 | - Version: 19 | - Operating System: 20 | - Discuss Forum URL: 21 | - Steps to Reproduce: 22 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature-request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Enhancement request 3 | about: Elastic Agent can't do all the things, but maybe it can do your things. 4 | 5 | --- 6 | 7 | **Describe the enhancement:** 8 | 9 | **Describe a specific use case for the enhancement or feature:** 10 | 11 | **What is the definition of done?** 12 | 13 | 16 | 17 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/question.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Question 3 | about: Who, what, when, where, and how? 4 | 5 | --- 6 | 7 | Hey, stop right there! 8 | 9 | We use GitHub to track feature requests and bug reports. Please do not submit issues for questions about how to use features of Elastic Agent, how to set Elastic Agent up, best practices, or development related help. 10 | 11 | However, we do want to help! Head on over to our official Beats forums and ask 12 | your questions there. In additional to awesome, knowledgeable community 13 | contributors, core Elastic Agent developers are on the forums every single day to help 14 | you out. 15 | 16 | The forums are here: https://discuss.elastic.co/c/beats 17 | 18 | We can't stop you from opening an issue here, but it will likely linger without a response for days or weeks before it is closed and we ask you to join us on the forums instead. Save yourself the time, and ask on the forums today. 19 | -------------------------------------------------------------------------------- /.github/workflows/backport-active.yml: -------------------------------------------------------------------------------- 1 | name: Backport to active branches 2 | 3 | on: 4 | pull_request_target: 5 | types: [closed] 6 | branches: 7 | - main 8 | 9 | permissions: 10 | pull-requests: write 11 | contents: read 12 | 13 | jobs: 14 | backport: 15 | # Only run if the PR was merged (not just closed) and has one of the backport labels 16 | if: | 17 | github.event.pull_request.merged == true && 18 | contains(toJSON(github.event.pull_request.labels.*.name), 'backport-active-') 19 | runs-on: ubuntu-latest 20 | 21 | steps: 22 | - uses: elastic/oblt-actions/github/backport-active@v1 23 | -------------------------------------------------------------------------------- /.github/workflows/catalog-info.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: catalog-info 3 | 4 | on: 5 | pull_request: 6 | branches: 7 | - main 8 | paths: 9 | - 'catalog-info.yaml' 10 | 11 | permissions: 12 | contents: read 13 | 14 | jobs: 15 | validate: 16 | runs-on: ubuntu-latest 17 | permissions: 18 | contents: read 19 | packages: read 20 | steps: 21 | - uses: actions/checkout@v4 22 | 23 | - uses: elastic/oblt-actions/elastic/validate-catalog@v1 24 | 25 | -------------------------------------------------------------------------------- /.github/workflows/mergify-labels-copier.yml: -------------------------------------------------------------------------------- 1 | name: mergify backport labels copier 2 | 3 | on: 4 | pull_request: 5 | types: 6 | - opened 7 | 8 | permissions: 9 | contents: read 10 | 11 | jobs: 12 | mergify-backport-labels-copier: 13 | runs-on: ubuntu-latest 14 | if: startsWith(github.head_ref, 'mergify/bp/') 15 | permissions: 16 | # Add GH labels 17 | pull-requests: write 18 | # See https://github.com/cli/cli/issues/6274 19 | repository-projects: read 20 | steps: 21 | - uses: elastic/oblt-actions/mergify/labels-copier@v1 22 | with: 23 | excluded-labels-regex: "^backport-*" 24 | -------------------------------------------------------------------------------- /.github/workflows/pre-commit.yml: -------------------------------------------------------------------------------- 1 | name: pre-commit 2 | 3 | on: 4 | pull_request: 5 | push: 6 | branches: 7 | - main 8 | - 8.* 9 | - 9.* 10 | 11 | permissions: 12 | contents: read 13 | 14 | jobs: 15 | pre-commit: 16 | runs-on: ubuntu-latest 17 | steps: 18 | - uses: elastic/oblt-actions/pre-commit@v1 19 | -------------------------------------------------------------------------------- /.go-version: -------------------------------------------------------------------------------- 1 | 1.24.3 2 | -------------------------------------------------------------------------------- /.package-version: -------------------------------------------------------------------------------- 1 | 9.1.0 -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | repos: 2 | - repo: https://github.com/pre-commit/pre-commit-hooks 3 | rev: v4.6.0 4 | hooks: 5 | - id: check-executables-have-shebangs 6 | exclude: (.*/.*.(ps1|bat|bash)$) 7 | - id: check-shebang-scripts-are-executable 8 | exclude: (.*/.*.(tmpl|tftpl)$) 9 | - id: check-merge-conflict 10 | args: ['--assume-in-merge'] 11 | -------------------------------------------------------------------------------- /.tool-versions: -------------------------------------------------------------------------------- 1 | mage 1.14.0 2 | golang 1.24.0 3 | terraform 1.9.3 4 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | ARG GO_VERSION=1.24.3 2 | FROM circleci/golang:${GO_VERSION} 3 | 4 | 5 | ARG TEST_RESULTS=/tmp/test-results 6 | 7 | RUN mkdir -p ${TEST_RESULTS} && mkdir -p ./code 8 | RUN go get github.com/magefile/mage 9 | 10 | WORKDIR ./code 11 | #COPY --chown=circleci:circleci . . 12 | COPY . . 13 | VOLUME "/tmp" "dev-tools/mage/build/distributions" 14 | USER root 15 | 16 | -------------------------------------------------------------------------------- /GUIDELINES.md: -------------------------------------------------------------------------------- 1 | # Guidelines 2 | 3 | This document contains architecture details around Elastic Agent and guidelines on how new inputs and processes should be built. 4 | 5 | ## Processes running as service and error handling 6 | 7 | All the processes started by Elastic Agent are running as service. Each service is expected to handle local errors on its own and continue working. A process should only fail on startup if an invalid configuration is passed in. As soon as a process is running and partial updates to the config are made without restart, the service is expected to keep running but report the errors. 8 | 9 | A service that needs to do setup tasks on startup is expected to retry until it succeeds and not error out after a certain timeout. 10 | -------------------------------------------------------------------------------- /_meta/.flavors: -------------------------------------------------------------------------------- 1 | basic: 2 | - agentbeat 3 | - endpoint-security 4 | - pf-host-agent 5 | servers: 6 | - agentbeat 7 | - endpoint-security 8 | - pf-host-agent 9 | - cloudbeat 10 | - apm-server 11 | - fleet-server 12 | - pf-elastic-symbolizer 13 | - pf-elastic-collector 14 | -------------------------------------------------------------------------------- /_meta/config/common.p1.yml.tmpl: -------------------------------------------------------------------------------- 1 | ###################### Agent Configuration Example ######################### 2 | 3 | # This file is an example configuration file highlighting only the most common 4 | # options. The elastic-agent.reference.yml file from the same directory contains all the 5 | # supported options with more comments. You can use it as a reference. 6 | -------------------------------------------------------------------------------- /_meta/config/common.reference.p1.yml.tmpl: -------------------------------------------------------------------------------- 1 | ###################### Agent Configuration Example ######################### 2 | 3 | # This file is an example configuration file highlighting only the most common 4 | # options. The elastic-agent.reference.yml file from the same directory contains all the 5 | # supported options with more comments. You can use it as a reference. 6 | -------------------------------------------------------------------------------- /_meta/config/elastic-agent.reference.yml.tmpl: -------------------------------------------------------------------------------- 1 | {{template "common.reference.p1.yml.tmpl" .}} 2 | {{template "common.reference.p2.yml.tmpl" .}} 3 | -------------------------------------------------------------------------------- /_meta/config/elastic-agent.yml.tmpl: -------------------------------------------------------------------------------- 1 | {{template "common.p1.yml.tmpl" .}} 2 | {{template "common.p2.yml.tmpl" .}} 3 | -------------------------------------------------------------------------------- /changelog/8.10.1.yaml: -------------------------------------------------------------------------------- 1 | version: 8.10.1 2 | entries: 3 | - kind: bug-fix 4 | summary: Rollback Elastic Agent upgrade if upgraded Agent process crashes immediately. 5 | description: "" 6 | component: elastic-agent 7 | pr: 8 | - https://github.com/elastic/elastic-agent/pull/3166 9 | issue: 10 | - https://github.com/elastic/elastic-agent/issues/3124 11 | timestamp: 1690917883 12 | file: 13 | name: 1690917883-crash-checker-pid-zero.yaml 14 | checksum: 0a2ceec945ec5f1829bbf0d6d9f13f2f5b428885 15 | - kind: enhancement 16 | summary: Improve logging during Agent upgrades 17 | description: "" 18 | component: elastic-agent 19 | pr: 20 | - https://github.com/elastic/elastic-agent/pull/3382 21 | issue: [] 22 | timestamp: 1694190260 23 | file: 24 | name: 1694190260-improve-upgrade-logging.yaml 25 | checksum: 4d9c6f196e8fa89e834969c751237153b69b18e5 26 | -------------------------------------------------------------------------------- /changelog/8.10.2.asciidoc: -------------------------------------------------------------------------------- 1 | // begin 8.10.2 relnotes 2 | 3 | [[release-notes-8.10.2]] 4 | == 8.10.2 5 | 6 | Review important information about the 8.10.2 release. 7 | 8 | [discrete] 9 | [[security-updates-8.10.2]] 10 | === Security updates 11 | 12 | 13 | elastic-agent:: 14 | 15 | * Upgrade Go version to 1.20.8. {elastic-agent-pull}https://github.com/elastic/elastic-agent/pull/3393[#https://github.com/elastic/elastic-agent/pull/3393] 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | // end 8.10.2 relnotes 32 | -------------------------------------------------------------------------------- /changelog/8.10.2.yaml: -------------------------------------------------------------------------------- 1 | version: 8.10.2 2 | entries: 3 | - kind: security 4 | summary: Upgrade Go version to 1.20.8. 5 | description: "" 6 | component: elastic-agent 7 | pr: 8 | - https://github.com/elastic/elastic-agent/pull/3393 9 | issue: [] 10 | timestamp: 1694700200 11 | file: 12 | name: 1694700200-Upgrade-to-Go-1.20.8.yaml 13 | checksum: f9a337cf39abbf93f66c393e52c66053ea700d09 14 | -------------------------------------------------------------------------------- /changelog/8.11.1.asciidoc: -------------------------------------------------------------------------------- 1 | // begin 8.11.1 relnotes 2 | 3 | [[release-notes-8.11.1]] 4 | == 8.11.1 5 | 6 | Review important information about the 8.11.1 release. 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | [discrete] 17 | [[new-features-8.11.1]] 18 | === New features 19 | 20 | The 8.11.1 release adds the following new and notable features. 21 | 22 | 23 | elastic-agent:: 24 | 25 | * Add component {id, binary} to monitoring metrics from {agent} and {beats}. {elastic-agent-pull}https://github.com/elastic/elastic-agent/pull/3626[#https://github.com/elastic/elastic-agent/pull/3626] {elastic-agent-issue}https://github.com/elastic/integrations/issues/7977[#https://github.com/elastic/integrations/issues/7977] 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | // end 8.11.1 relnotes 34 | -------------------------------------------------------------------------------- /changelog/8.11.1.yaml: -------------------------------------------------------------------------------- 1 | version: 8.11.1 2 | entries: 3 | - kind: feature 4 | summary: Add component {id, binary} to monitoring metrics from Elastic-Agent and Beats 5 | description: "" 6 | component: elastic-agent 7 | pr: 8 | - https://github.com/elastic/elastic-agent/pull/3626 9 | issue: 10 | - https://github.com/elastic/integrations/issues/7977 11 | timestamp: 1697735373 12 | file: 13 | name: 1697735373-Add-component-fields-to-metrics.yaml 14 | checksum: e78d27aa33269834757dceee23e195ae6ea8ecd5 15 | -------------------------------------------------------------------------------- /changelog/8.11.3.asciidoc: -------------------------------------------------------------------------------- 1 | // begin 8.11.3 relnotes 2 | 3 | [[release-notes-8.11.3]] 4 | == 8.11.3 5 | 6 | Review important information about the 8.11.3 release. 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | // end 8.11.3 relnotes 25 | -------------------------------------------------------------------------------- /changelog/8.11.3.yaml: -------------------------------------------------------------------------------- 1 | version: 8.11.3 2 | # No changes in this release. 3 | -------------------------------------------------------------------------------- /changelog/8.11.4.asciidoc: -------------------------------------------------------------------------------- 1 | // begin 8.11.4 relnotes 2 | 3 | [[release-notes-8.11.4]] 4 | == 8.11.4 5 | 6 | Review important information about the 8.11.4 release. 7 | 8 | [discrete] 9 | [[security-updates-8.11.4]] 10 | === Security updates 11 | 12 | 13 | elastic-agent:: 14 | 15 | * Upgrade Go Version To 1.20.12. {elastic-agent-pull}https://github.com/elastic/elastic-agent/pull/3885[#https://github.com/elastic/elastic-agent/pull/3885] 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | // end 8.11.4 relnotes 32 | -------------------------------------------------------------------------------- /changelog/8.11.4.yaml: -------------------------------------------------------------------------------- 1 | version: 8.11.4 2 | entries: 3 | - kind: security 4 | summary: Upgrade Go version to 1.20.12. 5 | description: "" 6 | component: elastic-agent 7 | pr: 8 | - https://github.com/elastic/elastic-agent/pull/3885 9 | issue: [] 10 | timestamp: 1702055473 11 | file: 12 | name: 1702055473-Upgrade-to-Go-1.20.12.yaml 13 | checksum: d66f715a1ce95792a87a3f632825f5e6e50d8057 14 | -------------------------------------------------------------------------------- /changelog/8.17.6.asciidoc: -------------------------------------------------------------------------------- 1 | // begin 8.17.6 relnotes 2 | 3 | [[release-notes-8.17.6]] 4 | == 8.17.6 5 | 6 | Review important information about the 8.17.6 release. 7 | 8 | [discrete] 9 | [[new-features-8.17.6]] 10 | === New features 11 | 12 | The 8.17.6 release adds the following new and notable features. 13 | 14 | 15 | elastic-agent:: 16 | 17 | * Use `fullnameOverride` to set the fully qualified application names in the EDOT Kube-Stack Helm chart. {elastic-agent-pull}https://github.com/elastic/elastic-agent/pull/7754[#https://github.com/elastic/elastic-agent/pull/7754] {elastic-agent-issue}https://github.com/elastic/elastic-agent/issues/7381[#https://github.com/elastic/elastic-agent/issues/7381] 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | // end 8.17.6 relnotes 26 | -------------------------------------------------------------------------------- /changelog/8.17.6.yaml: -------------------------------------------------------------------------------- 1 | version: 8.17.6 2 | entries: 3 | - kind: feature 4 | summary: Set collectors fullnameOverride for edot kube-stack values. 5 | description: "" 6 | component: elastic-agent 7 | pr: 8 | - https://github.com/elastic/elastic-agent/pull/7754 9 | issue: 10 | - https://github.com/elastic/elastic-agent/issues/7381 11 | timestamp: 1744384247 12 | file: 13 | name: 1744384247-set-collector's-fullnameOverride-for-edot-kube-stack-values.yaml 14 | checksum: d7ccd1a2a660e7e0cc8bed5fc91570465b9ff639 15 | -------------------------------------------------------------------------------- /changelog/8.5.2.yaml: -------------------------------------------------------------------------------- 1 | version: 8.5.2 2 | # No changes in this release. 3 | -------------------------------------------------------------------------------- /changelog/8.8.1.asciidoc: -------------------------------------------------------------------------------- 1 | // begin 8.8.1 relnotes 2 | 3 | [[release-notes-8.8.1]] 4 | == 8.8.1 5 | 6 | Review important information about the 8.8.1 release. 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | [discrete] 22 | [[bug-fixes-8.8.1]] 23 | === Bug fixes 24 | 25 | 26 | 27 | 28 | * Fix potential deadlock issue in communication between updated components and RuntimeManager. {-pull}https://github.com/elastic/elastic-agent/pull/2729[#https://github.com/elastic/elastic-agent/pull/2729] {-issue}https://github.com/elastic/elastic-agent/issues/2691[#https://github.com/elastic/elastic-agent/issues/2691] 29 | agent:: 30 | 31 | * Add a retry download step to the upgrade process. {agent-pull}https://github.com/elastic/elastic-agent/pull/2776[#https://github.com/elastic/elastic-agent/pull/2776] 32 | 33 | // end 8.8.1 relnotes 34 | -------------------------------------------------------------------------------- /changelog/8.9.2.asciidoc: -------------------------------------------------------------------------------- 1 | // begin 8.9.2 relnotes 2 | 3 | [[release-notes-8.9.2]] 4 | == 8.9.2 5 | 6 | Review important information about the 8.9.2 release. 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | [discrete] 20 | [[enhancements-8.9.2]] 21 | === Enhancements 22 | 23 | 24 | elastic-agent:: 25 | 26 | * Adds logging to the restart step of the Agent upgrade rollback process. {elastic-agent-pull}https://github.com/elastic/elastic-agent/pull/3245[#https://github.com/elastic/elastic-agent/pull/3245] 27 | 28 | 29 | 30 | 31 | [discrete] 32 | [[bug-fixes-8.9.2]] 33 | === Bug fixes 34 | 35 | 36 | Uninstaller:: 37 | 38 | * Correctly identify retryable errors when attempting to uninstall on Windows. {Uninstaller-pull}https://github.com/elastic/elastic-agent/pull/3317[#https://github.com/elastic/elastic-agent/pull/3317] 39 | 40 | // end 8.9.2 relnotes 41 | -------------------------------------------------------------------------------- /changelog/8.9.2.yaml: -------------------------------------------------------------------------------- 1 | version: 8.9.2 2 | entries: 3 | - kind: enhancement 4 | summary: Adds more logging to the rollback process 5 | description: "" 6 | component: elastic-agent 7 | pr: 8 | - https://github.com/elastic/elastic-agent/pull/3245 9 | issue: [] 10 | timestamp: 1692141038 11 | file: 12 | name: 1692141038-upgrade-watcher-logging.yaml 13 | checksum: df3b71b30a8b199dc52705069edff9c4079200b4 14 | - kind: bug-fix 15 | summary: Correctly identify retryable errors when attempting to uninstall on Windows 16 | description: "" 17 | component: Uninstaller 18 | pr: 19 | - https://github.com/elastic/elastic-agent/pull/3317 20 | issue: [] 21 | timestamp: 1693319952 22 | file: 23 | name: 1693319952-Change-error-handling-o-Windows-when-uninstalling-the-Elastic-Agent.yaml 24 | checksum: 5f52725e4e52247d7ad35d49d6402f4f4b0ce5aa 25 | -------------------------------------------------------------------------------- /changelog/fragments/1725913991-remove-cloud-defend.yaml: -------------------------------------------------------------------------------- 1 | kind: breaking-change 2 | summary: Remove cloud-defend from agent package 3 | component: elastic-agent 4 | pr: https://github.com/elastic/elastic-agent/pull/5481 5 | -------------------------------------------------------------------------------- /changelog/fragments/1729750939-crossbuild-debian11.yaml: -------------------------------------------------------------------------------- 1 | kind: breaking-change 2 | summary: crossbuild-debian11 3 | description: We're dropping support for Debian 10, so no need to crossbuild using the outdated image anymore. This also updates the statically linked glibc from 2.19 to 2.31. 4 | component: elastic-agent 5 | -------------------------------------------------------------------------------- /changelog/fragments/1745923884-deb-rpm-preserve-run-state.yaml: -------------------------------------------------------------------------------- 1 | kind: bug-fix 2 | summary: Preserve agent run state on DEB and RPM upgrades 3 | component: "elastic-agent" 4 | pr: https://github.com/elastic/elastic-agent/pull/7999 5 | issue: https://github.com/elastic/elastic-agent/issues/3832 6 | -------------------------------------------------------------------------------- /changelog/fragments/1747938268-fix-diag-race-condition.yaml: -------------------------------------------------------------------------------- 1 | kind: bug-fix 2 | summary: Address a race condition that can occur in Agent diagnostics if log rotation runs while logs are being zipped. 3 | component: elastic-agent 4 | pull_request: https://github.com/elastic/elastic-agent/pull/8215 5 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/.gitignore: -------------------------------------------------------------------------------- 1 | ./charts 2 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | 25 | examples/* 26 | README.md.gotmpl 27 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: kube-state-metrics 3 | repository: https://prometheus-community.github.io/helm-charts 4 | version: 5.30.1 5 | digest: sha256:890f386cd7edf510a8d3370f0450012e814305bf6f74dfac8d005d1774a81112 6 | generated: "2025-03-06T16:14:13.42839+02:00" 7 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: elastic-agent 3 | description: Elastic-Agent Helm Chart 4 | kubeVersion: ">= 1.27.0-0" 5 | type: application 6 | appVersion: 9.1.0 7 | version: 9.1.0-beta 8 | dependencies: 9 | - name: kube-state-metrics 10 | version: "5.30.1" 11 | repository: https://prometheus-community.github.io/helm-charts 12 | condition: kube-state-metrics.enabled 13 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/eck/agent-kubernetes-values.yaml: -------------------------------------------------------------------------------- 1 | kubernetes: 2 | enabled: true 3 | state: 4 | agentAsSidecar: 5 | enabled: false # deploying elastic-agent with ECK as sidecar container is not supported 6 | 7 | kube-state-metrics: 8 | enabled: true 9 | 10 | agent: 11 | unprivileged: true 12 | engine: eck 13 | 14 | outputs: 15 | default: 16 | type: ESECKRef 17 | name: "elasticsearch-sample" 18 | namespace: "elastic-system" 19 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/fleet-managed-ksm-sharding/fleet-values.yaml: -------------------------------------------------------------------------------- 1 | kubernetes: 2 | enabled: true 3 | state: 4 | agentAsSidecar: 5 | enabled: true 6 | 7 | agent: 8 | fleet: 9 | enabled: true 10 | url: http://localhost:8220 11 | token: fleetToken 12 | preset: "" 13 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/fleet-managed/fleet-values.yaml: -------------------------------------------------------------------------------- 1 | kubernetes: 2 | enabled: true 3 | system: 4 | enabled: true 5 | agent: 6 | fleet: 7 | enabled: true 8 | url: http://localhost:8220 9 | token: fleetToken 10 | preset: perNode 11 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/kubernetes-default/agent-kubernetes-values.yaml: -------------------------------------------------------------------------------- 1 | kubernetes: 2 | enabled: true 3 | 4 | agent: 5 | unprivileged: true 6 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/agent-kubernetes-values.yaml: -------------------------------------------------------------------------------- 1 | kubernetes: 2 | enabled: true 3 | hints: 4 | enabled: true 5 | 6 | agent: 7 | unprivileged: true 8 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/kubernetes-ksm-sharding/agent-kubernetes-values.yaml: -------------------------------------------------------------------------------- 1 | outputs: 2 | default: 3 | type: ESSecretAuthAPI 4 | secretName: es-api-secret 5 | 6 | kubernetes: 7 | enabled: true 8 | state: 9 | agentAsSidecar: 10 | enabled: true 11 | 12 | agent: 13 | unprivileged: true 14 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/kubernetes-only-logs/agent-kubernetes-values.yaml: -------------------------------------------------------------------------------- 1 | kubernetes: 2 | enabled: true 3 | state: 4 | enabled: false 5 | metrics: 6 | enabled: false 7 | apiserver: 8 | enabled: false 9 | proxy: 10 | enabled: false 11 | scheduler: 12 | enabled: false 13 | controller_manager: 14 | enabled: false 15 | containers: 16 | logs: 17 | enabled: true 18 | hints: 19 | enabled: false 20 | 21 | kube-state-metrics: 22 | enabled: false 23 | 24 | agent: 25 | unprivileged: true 26 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/multiple-integrations/agent-kubernetes-values.yaml: -------------------------------------------------------------------------------- 1 | kubernetes: 2 | enabled: true 3 | hints: 4 | enabled: true -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/multiple-integrations/agent-nginx-values.yaml: -------------------------------------------------------------------------------- 1 | extraIntegrations: 2 | nginx/metrics: 3 | id: nginx/metrics-nginx-69240207-6fcc-4d19-aee3-dbf716e3bb0f 4 | preset: clusterWide 5 | name: nginx-1 6 | revision: 1 7 | type: nginx/metrics 8 | use_output: default 9 | meta: 10 | package: 11 | name: nginx 12 | version: 1.19.1 13 | data_stream: 14 | namespace: default 15 | package_policy_id: 69240207-6fcc-4d19-aee3-dbf716e3bb0f 16 | streams: 17 | - id: nginx/metrics-nginx.stubstatus-69240207-6fcc-4d19-aee3-dbf716e3bb0f 18 | data_stream: 19 | dataset: nginx.stubstatus 20 | type: metrics 21 | metricsets: 22 | - stubstatus 23 | hosts: 24 | - 'http://nginx.default.svc.cluster.local:80' 25 | tags: 26 | - nginx-stubstatus 27 | period: 10s 28 | server_status_path: /nginx_status -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/priority-class/priority-class-values.yaml: -------------------------------------------------------------------------------- 1 | kubernetes: 2 | enabled: true 3 | 4 | agent: 5 | unprivileged: true 6 | presets: 7 | perNode: 8 | priorityClass: 9 | create: true 10 | value: 456 11 | globalDefault: true 12 | preemptionPolicy: "Never" 13 | description: "Elastic Agent per-node preset priority class" 14 | clusterWide: 15 | priorityClass: 16 | create: false 17 | name: "agent-clusterwide-pc" 18 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/system-custom-auth-paths/agent-system-values.yaml: -------------------------------------------------------------------------------- 1 | system: 2 | enabled: true 3 | authLogs: 4 | vars: 5 | paths: 6 | - /var/log/custom_auth.log 7 | syslog: 8 | vars: 9 | paths: 10 | - /var/log/custom_syslog.log 11 | kubernetes: 12 | enabled: false 13 | kube-state-metrics: 14 | enabled: false 15 | agent: 16 | unprivileged: true 17 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/examples/user-service-account/agent-kubernetes-values.yaml: -------------------------------------------------------------------------------- 1 | kubernetes: 2 | enabled: true 3 | 4 | agent: 5 | unprivileged: true 6 | presets: 7 | perNode: 8 | serviceAccount: 9 | create: false 10 | name: user-sa-perNode 11 | clusterRole: 12 | annotations: 13 | elastic-agent.k8s.elastic.co/cr: nginx 14 | clusterWide: 15 | serviceAccount: 16 | create: false 17 | name: user-sa-clusterWide 18 | clusterRole: 19 | annotations: 20 | elastic-agent.k8s.elastic.co/cr: nginx 21 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/templates/agent/eck/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{- define "elasticagent.engine.eck.init" -}} 2 | {{- if eq $.Values.agent.fleet.enabled true -}} 3 | {{- fail "fleet mode with eck engine is not supported at the moment"}} 4 | {{- end -}} 5 | {{/* need to add the basic license annotation for ECK */}} 6 | {{- $basicLicenceAnnotations := dict "eck.k8s.elastic.co/license" "basic"}} 7 | {{- range $presetName, $presetVal := $.Values.agent.presets -}} 8 | {{- include "elasticagent.preset.mutate.annotations" (list $ $presetVal $basicLicenceAnnotations)}} 9 | {{- end -}} 10 | {{- end -}} -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/templates/agent/k8s/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{- define "elasticagent.engine.k8s.init" -}} 2 | {{/*nothing specified to k8s engine at the moment but this needs to exist*/}} 3 | {{- end -}} -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/templates/agent/k8s/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- include "elasticagent.init" $ -}} 2 | {{- range $presetName, $presetVal := $.Values.agent.presets }} 3 | {{- if (eq $.Values.agent.engine "k8s") -}} 4 | {{- $agentName := include "elasticagent.preset.fullname" (list $ $presetName) }} 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: {{ $agentName }} 9 | namespace: {{ .namespace | default $.Release.Namespace | quote }} 10 | labels: 11 | {{- include "elasticagent.labels" $ | nindent 4 }} 12 | {{- with ($presetVal).labels -}} 13 | {{ toYaml . | nindent 4 }} 14 | {{- end }} 15 | {{- with ($presetVal).annotations }} 16 | annotations: 17 | {{- toYaml . | nindent 4 }} 18 | {{- end }} 19 | stringData: 20 | {{ include "elasticagent.engine.k8s.secretData" (list $ $presetVal $agentName) }} 21 | --- 22 | {{- end }} 23 | {{- end }} 24 | -------------------------------------------------------------------------------- /deploy/helm/elastic-agent/templates/integrations/_system/_system.tpl: -------------------------------------------------------------------------------- 1 | {{- define "elasticagent.system.init" -}} 2 | {{- if eq $.Values.system.enabled true -}} 3 | {{- include "elasticagent.system.config.logs.init" $ -}} 4 | {{- include "elasticagent.system.config.metrics.init" $ -}} 5 | {{- end -}} 6 | {{- end -}} 7 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-managed/base/elastic-agent-managed-service-account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: elastic-agent 5 | namespace: kube-system 6 | labels: 7 | app.kubernetes.io/name: elastic-agent 8 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-managed/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | resources: 7 | - elastic-agent-managed-daemonset.yaml 8 | - elastic-agent-managed-role-binding.yaml 9 | - elastic-agent-managed-role.yaml 10 | - elastic-agent-managed-service-account.yaml 11 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-managed/environmental-variables-remove.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: DaemonSet 3 | metadata: 4 | name: elastic-agent 5 | namespace: kube-system 6 | labels: 7 | app: elastic-agent 8 | spec: 9 | selector: 10 | matchLabels: 11 | app: elastic-agent 12 | template: 13 | metadata: 14 | labels: 15 | app: elastic-agent 16 | spec: 17 | containers: 18 | - name: elastic-agent 19 | env: 20 | - $patch: delete 21 | name: FLEET_ENROLLMENT_TOKEN 22 | - $patch: delete 23 | name: FLEET_URL -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-managed/fleet-enrollment-token-patch.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /spec/template/spec/containers/0/env/- 3 | value: 4 | name: FLEET_ENROLLMENT_TOKEN 5 | valueFrom: 6 | secretKeyRef: 7 | name: elastic-agent-creds 8 | key: enrollment_token 9 | 10 | 11 | - op: add 12 | path: /spec/template/spec/containers/0/env/- 13 | value: 14 | name: FLEET_URL 15 | valueFrom: 16 | configMapKeyRef: 17 | name: elastic-agent-configs 18 | key: host 19 | 20 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-managed/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | secretGenerator: 7 | - name: elastic-agent-creds 8 | literals: 9 | - enrollment_token=%ENROLLMENT_TOKEN% 10 | 11 | configMapGenerator: 12 | - name: elastic-agent-configs 13 | literals: 14 | - host=%FLEET_URL% 15 | 16 | resources: 17 | - ./base 18 | - https://github.com/kubernetes/kube-state-metrics 19 | 20 | patches: 21 | - path: environmental-variables-remove.yaml 22 | - target: 23 | group: apps 24 | version: v1 25 | kind: DaemonSet 26 | name: elastic-agent 27 | path: fleet-enrollment-token-patch.yaml -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-standalone/api-key-patch.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /spec/template/spec/containers/0/env/- 3 | value: 4 | name: API_KEY 5 | valueFrom: 6 | secretKeyRef: 7 | name: elastic-agent-creds 8 | key: api_key 9 | 10 | 11 | - op: add 12 | path: /spec/template/spec/containers/0/env/- 13 | value: 14 | name: ES_HOST 15 | valueFrom: 16 | configMapKeyRef: 17 | name: elastic-agent-configs 18 | key: host 19 | 20 | - op: add 21 | path: /spec/template/spec/containers/0/env/- 22 | value: 23 | name: CA_TRUSTED 24 | valueFrom: 25 | configMapKeyRef: 26 | name: elastic-agent-configs 27 | key: ca_trusted -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-standalone/base/elastic-agent-standalone-service-account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: elastic-agent-standalone 5 | namespace: kube-system 6 | labels: 7 | app.kubernetes.io/name: elastic-agent-standalone 8 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-standalone/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | resources: 7 | - elastic-agent-standalone-daemonset-configmap.yaml 8 | - elastic-agent-standalone-daemonset.yaml 9 | - elastic-agent-standalone-role-binding.yaml 10 | - elastic-agent-standalone-role.yaml 11 | - elastic-agent-standalone-service-account.yaml -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-standalone/environmental-variables-remove.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: DaemonSet 3 | metadata: 4 | name: elastic-agent-standalone 5 | namespace: kube-system 6 | labels: 7 | app: elastic-agent-standalone 8 | spec: 9 | selector: 10 | matchLabels: 11 | app: elastic-agent-standalone 12 | template: 13 | metadata: 14 | labels: 15 | app: elastic-agent-standalone 16 | spec: 17 | containers: 18 | - name: elastic-agent-standalone 19 | env: 20 | - $patch: delete 21 | name: API_KEY 22 | - $patch: delete 23 | name: ES_HOST -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/default/elastic-agent-standalone/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | secretGenerator: 7 | - name: elastic-agent-creds 8 | literals: 9 | - api_key=%API_KEY% 10 | 11 | configMapGenerator: 12 | - name: elastic-agent-configs 13 | literals: 14 | - host=%ES_HOST% 15 | - ca_trusted=%CA_TRUSTED% 16 | 17 | resources: 18 | - ./base 19 | - https://github.com/kubernetes/kube-state-metrics/ 20 | 21 | patches: 22 | - path: environmental-variables-remove.yaml 23 | - target: 24 | group: apps 25 | version: v1 26 | kind: DaemonSet 27 | name: elastic-agent-standalone 28 | path: api-key-patch.yaml -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/ksm-autosharding/elastic-agent-managed/base/elastic-agent-managed-service-account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: elastic-agent 5 | namespace: kube-system 6 | labels: 7 | app.kubernetes.io/name: elastic-agent 8 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/ksm-autosharding/elastic-agent-managed/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | resources: 7 | - elastic-agent-managed-daemonset.yaml 8 | - elastic-agent-managed-role-binding.yaml 9 | - elastic-agent-managed-role.yaml 10 | - elastic-agent-managed-service-account.yaml -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/ksm-autosharding/elastic-agent-managed/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | resources: 7 | - ./base 8 | - https://github.com/kubernetes/kube-state-metrics/examples/autosharding 9 | replicas: 10 | - name: kube-state-metrics 11 | count: 2 12 | 13 | patches: 14 | - path: extra/elastic-agent-managed-statefulset.yaml 15 | target: 16 | kind: StatefulSet -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/ksm-autosharding/elastic-agent-standalone/base/elastic-agent-standalone-service-account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: elastic-agent-standalone 5 | namespace: kube-system 6 | labels: 7 | app.kubernetes.io/name: elastic-agent-standalone 8 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/ksm-autosharding/elastic-agent-standalone/base/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | resources: 7 | - elastic-agent-standalone-ksm-daemonset-configmap.yaml 8 | - elastic-agent-standalone-ksm-statefulset-configmap.yaml 9 | - elastic-agent-standalone-daemonset.yaml 10 | - elastic-agent-standalone-role-binding.yaml 11 | - elastic-agent-standalone-role.yaml 12 | - elastic-agent-standalone-service-account.yaml 13 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-kustomize/ksm-autosharding/elastic-agent-standalone/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | resources: 7 | - https://github.com/kubernetes/kube-state-metrics/examples/autosharding 8 | - ./base 9 | replicas: 10 | - name: kube-state-metrics 11 | count: 2 12 | 13 | patches: 14 | - path: extra/elastic-agent-standalone-statefulset.yaml 15 | target: 16 | kind: StatefulSet 17 | 18 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-managed/elastic-agent-managed-service-account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: elastic-agent 5 | namespace: kube-system 6 | labels: 7 | app.kubernetes.io/name: elastic-agent 8 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-service-account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: elastic-agent-standalone 5 | namespace: kube-system 6 | labels: 7 | app.kubernetes.io/name: elastic-agent-standalone 8 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-standalone/templates.d/container_logs.yml: -------------------------------------------------------------------------------- 1 | inputs: 2 | - name: hints-filestream-container-logs 3 | id: hints-filestream-container-logs-${kubernetes.hints.container_id} 4 | type: filestream 5 | use_output: default 6 | streams: 7 | - condition: ${kubernetes.hints.container_logs.enabled} == true 8 | id: hints-filestream-container-logs-${kubernetes.hints.container_id} 9 | data_stream: 10 | dataset: kubernetes.container_logs 11 | type: logs 12 | parsers: 13 | - container: 14 | format: auto 15 | stream: ${kubernetes.hints.container_logs.stream|'all'} 16 | paths: 17 | - /var/log/containers/*${kubernetes.hints.container_id}.log 18 | prospector: 19 | scanner: 20 | symlinks: true 21 | data_stream.namespace: default 22 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-standalone/templates.d/endpoint.yml: -------------------------------------------------------------------------------- 1 | inputs: 2 | - name: filestream-endpoint 3 | id: filestream-endpoint-${kubernetes.hints.container_id} 4 | type: filestream 5 | use_output: default 6 | streams: 7 | - id: endpoint-container-logs-${kubernetes.hints.container_id} 8 | condition: ${kubernetes.hints.endpoint.container_logs.enabled} == true 9 | data_stream: 10 | dataset: endpoint.container_logs 11 | type: logs 12 | exclude_files: [] 13 | exclude_lines: [] 14 | parsers: 15 | - container: 16 | format: auto 17 | stream: all 18 | paths: 19 | - /var/log/containers/*${kubernetes.hints.container_id}.log 20 | prospector: 21 | scanner: 22 | symlinks: true 23 | tags: [] 24 | data_stream.namespace: default 25 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-standalone/templates.d/keycloak.yml: -------------------------------------------------------------------------------- 1 | inputs: 2 | - name: filestream-keycloak 3 | id: filestream-keycloak-${kubernetes.hints.container_id} 4 | type: filestream 5 | use_output: default 6 | streams: 7 | - condition: ${kubernetes.hints.keycloak.log.enabled} == true or ${kubernetes.hints.keycloak.enabled} == true 8 | data_stream: 9 | dataset: keycloak.log 10 | type: logs 11 | paths: 12 | - /var/log/containers/*${kubernetes.hints.container_id}.log 13 | processors: 14 | - add_locale: null 15 | - add_fields: 16 | fields: 17 | only_user_events: false 18 | tz_offset: local 19 | target: _tmp 20 | prospector.scanner.exclude_files: 21 | - \.gz$ 22 | tags: 23 | - keycloak-log 24 | data_stream.namespace: default 25 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-standalone/templates.d/log.yml: -------------------------------------------------------------------------------- 1 | inputs: 2 | - name: filestream-log 3 | id: filestream-log-${kubernetes.hints.container_id} 4 | type: filestream 5 | use_output: default 6 | streams: 7 | - id: log-container-logs-${kubernetes.hints.container_id} 8 | condition: ${kubernetes.hints.log.container_logs.enabled} == true 9 | data_stream: 10 | dataset: log.container_logs 11 | type: logs 12 | exclude_files: [] 13 | exclude_lines: [] 14 | parsers: 15 | - container: 16 | format: auto 17 | stream: all 18 | paths: 19 | - /var/log/containers/*${kubernetes.hints.container_id}.log 20 | prospector: 21 | scanner: 22 | symlinks: true 23 | tags: [] 24 | data_stream.namespace: default 25 | -------------------------------------------------------------------------------- /deploy/kubernetes/elastic-agent-standalone/templates.d/mysql_enterprise.yml: -------------------------------------------------------------------------------- 1 | inputs: 2 | - name: filestream-mysql_enterprise 3 | id: filestream-mysql_enterprise-${kubernetes.hints.container_id} 4 | type: filestream 5 | use_output: default 6 | streams: 7 | - condition: ${kubernetes.hints.mysql_enterprise.audit.enabled} == true or ${kubernetes.hints.mysql_enterprise.enabled} == true 8 | data_stream: 9 | dataset: mysql_enterprise.audit 10 | type: logs 11 | exclude_files: 12 | - .gz$ 13 | paths: 14 | - /var/log/containers/*${kubernetes.hints.container_id}.log 15 | processors: 16 | - add_locale: null 17 | tags: 18 | - mysql_enterprise-audit 19 | data_stream.namespace: default 20 | -------------------------------------------------------------------------------- /deploy/skaffold/.env.example: -------------------------------------------------------------------------------- 1 | # insert your connection parameters here and save it as .env before running skaffold commands 2 | 3 | # managed elastic agent vars 4 | FLEET_URL=https://:443 5 | FLEET_ENROLLMENT_TOKEN= 6 | 7 | # standalone elastic agent vars 8 | ES_HOST=https://:443 9 | ES_USERNAME=elastic 10 | ES_PASSWORD=changeme 11 | -------------------------------------------------------------------------------- /deploy/skaffold/.gitignore: -------------------------------------------------------------------------------- 1 | elastic-agent-kubernetes.yaml 2 | .env -------------------------------------------------------------------------------- /deploy/skaffold/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | 5 | resources: 6 | - elastic-agent-kubernetes.yaml 7 | 8 | patches: 9 | - path: patches/elastic-agent-standalone-entrypoint.yaml 10 | target: 11 | group: apps 12 | version: v1 13 | kind: DaemonSet 14 | name: elastic-agent-standalone 15 | 16 | - path: patches/elastic-agent-managed-entrypoint.yaml 17 | target: 18 | group: apps 19 | version: v1 20 | kind: DaemonSet 21 | name: elastic-agent 22 | 23 | - path: patches/fleet-env-vars.yaml 24 | target: 25 | group: apps 26 | version: v1 27 | kind: DaemonSet 28 | name: elastic-agent 29 | 30 | - path: patches/elasticsearch-env-vars.yaml 31 | target: 32 | group: apps 33 | version: v1 34 | kind: DaemonSet 35 | name: elastic-agent-standalone 36 | 37 | configMapGenerator: 38 | - name: fleet-es-configmap 39 | namespace: kube-system 40 | envs: 41 | - .env -------------------------------------------------------------------------------- /deploy/skaffold/patches/elastic-agent-managed-entrypoint.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: DaemonSet 3 | metadata: 4 | name: elastic-agent 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: elastic-agent 10 | command: 11 | - /usr/share/elastic-agent/elastic-agent 12 | args: ["container", "-e"] -------------------------------------------------------------------------------- /deploy/skaffold/patches/elastic-agent-standalone-entrypoint.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: DaemonSet 3 | metadata: 4 | name: elastic-agent-standalone 5 | spec: 6 | template: 7 | spec: 8 | containers: 9 | - name: elastic-agent-standalone 10 | command: 11 | - /usr/share/elastic-agent/elastic-agent 12 | args: ["container", "-c", "/etc/elastic-agent/agent.yml", "-e"] -------------------------------------------------------------------------------- /dev-tools/.gitignore: -------------------------------------------------------------------------------- 1 | /build 2 | -------------------------------------------------------------------------------- /dev-tools/deploy: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | import os 3 | import argparse 4 | from subprocess import check_call 5 | 6 | def main(): 7 | parser = argparse.ArgumentParser( 8 | description="Builds all the Beats artifacts") 9 | parser.add_argument("--no-snapshot", action="store_true", 10 | help="Don't append -SNAPSHOT to the version.") 11 | args = parser.parse_args() 12 | 13 | dir = os.path.dirname(__file__) 14 | os.chdir(dir + "/../") 15 | print("Getting dependencies") 16 | check_call("make clean", shell=True) 17 | print("Done building Docker images.") 18 | if args.no_snapshot: 19 | check_call("make release", shell=True) 20 | else: 21 | check_call("make snapshot", shell=True) 22 | print("All done") 23 | 24 | if __name__ == "__main__": 25 | main() 26 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/.gitignore: -------------------------------------------------------------------------------- 1 | overlays/**/.env 2 | *.yaml 3 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/Taskfile.yaml: -------------------------------------------------------------------------------- 1 | # https://taskfile.dev 2 | 3 | version: '3' 4 | 5 | tasks: 6 | default: 7 | cmds: 8 | - task: managed 9 | # - task: standalone 10 | 11 | build: 12 | cmds: 13 | # note: create overlay 14 | - kustomize build overlays/elastic-agent-managed > elastic-agent-managed-kubernetes.yaml 15 | - kustomize build overlays/elastic-agent-standalone > elastic-agent-standalone-kubernetes.yaml 16 | 17 | managed: 18 | cmds: 19 | - kubectl apply -k overlays/elastic-agent-managed 20 | 21 | managed-delete: 22 | cmds: 23 | - kubectl delete -k overlays/elastic-agent-managed 24 | 25 | standalone: 26 | cmds: 27 | - kubectl apply -k overlays/elastic-agent-standalone 28 | 29 | standalone-delete: 30 | cmds: 31 | - kubectl delete -k overlays/elastic-agent-standalone 32 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/common/cluster-role-binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: cluster-role-binding 5 | subjects: 6 | - kind: ServiceAccount 7 | name: service-account 8 | roleRef: 9 | kind: ClusterRole 10 | name: cluster-role 11 | apiGroup: rbac.authorization.k8s.io 12 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/common/kustomization.yml: -------------------------------------------------------------------------------- 1 | resources: 2 | - service-account.yaml 3 | - role-leases.yaml 4 | - cluster-role.yaml 5 | - role-binding-leases.yaml 6 | - cluster-role-binding.yaml 7 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/common/role-binding-leases.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: role-binding-leases 5 | subjects: 6 | - kind: ServiceAccount 7 | name: service-account 8 | roleRef: 9 | kind: Role 10 | name: role-leases 11 | apiGroup: rbac.authorization.k8s.io 12 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/common/role-leases.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: role-leases 5 | rules: 6 | - apiGroups: 7 | - coordination.k8s.io 8 | resources: 9 | - leases 10 | verbs: ["get", "create", "update"] 11 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/common/service-account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: service-account 5 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/elastic-agent-managed/kustomization.yml: -------------------------------------------------------------------------------- 1 | namespace: kube-system 2 | commonLabels: 3 | app.kubernetes.io/name: elastic-agent 4 | namePrefix: elastic-agent-managed- 5 | 6 | images: 7 | - name: docker.elastic.co/beats/elastic-agent 8 | newTag: "8.6.0" 9 | 10 | resources: 11 | - ../../base/common 12 | - daemonset.yaml 13 | 14 | configMapGenerator: 15 | - name: configs 16 | envs: 17 | - .env 18 | 19 | generatorOptions: 20 | disableNameSuffixHash: true 21 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/elastic-agent-standalone/.env: -------------------------------------------------------------------------------- 1 | # The basic authentication username used to connect to Elasticsearch 2 | # This user needs the privileges required to publish events to Elasticsearch. 3 | ES_USERNAME=elastic 4 | 5 | # The basic authentication password used to connect to Elasticsearch 6 | ES_PASSWORD=changeme 7 | 8 | # The Elasticsearch host to communicate with 9 | ES_HOST=https://elasticsearch:9200 10 | 11 | # Indicates the type of verification when using ldaps to protect against man in the middle attacks and certificate forgery. 12 | # More info at https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html 13 | ES_SSL_VERIFICATION_MODE=full 14 | 15 | # For optimal experience, Filebeat only connects to instances that are at least on the same version as the Beat. 16 | # The check can be disabled by setting output.elasticsearch.allow_older_versions 17 | ES_ALLOW_OLDER_VERSIONS=false 18 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/elastic-agent-standalone/kustomization.yml: -------------------------------------------------------------------------------- 1 | namespace: kube-system 2 | commonLabels: 3 | app.kubernetes.io/name: elastic-agent 4 | namePrefix: elastic-agent-standalone- 5 | 6 | images: 7 | - name: docker.elastic.co/beats/elastic-agent 8 | newTag: "8.6.0" 9 | 10 | resources: 11 | - ../../base/common 12 | - role-kubeadm-config.yaml 13 | - role-binding-kubeadm-config.yaml 14 | - config-map.yaml 15 | - daemonset.yaml 16 | 17 | configMapGenerator: 18 | - name: configs 19 | envs: 20 | - .env 21 | 22 | generatorOptions: 23 | disableNameSuffixHash: true 24 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/elastic-agent-standalone/role-binding-kubeadm-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: role-binding-kubeadm-config 5 | subjects: 6 | - kind: ServiceAccount 7 | name: service-account 8 | roleRef: 9 | kind: Role 10 | name: role-kubeadm-config 11 | apiGroup: rbac.authorization.k8s.io 12 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/base/elastic-agent-standalone/role-kubeadm-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: role-kubeadm-config 5 | rules: 6 | - apiGroups: [""] 7 | resources: 8 | - configmaps 9 | resourceNames: 10 | - kubeadm-config 11 | verbs: ["get"] 12 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/overlays/elastic-agent-managed/kustomization.yml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../../base/elastic-agent-managed 3 | - github.com/kubernetes/kube-state-metrics?ref=main 4 | 5 | images: 6 | - name: docker.elastic.co/beats/elastic-agent 7 | newTag: "8.6.0" 8 | 9 | configMapGenerator: 10 | - name: elastic-agent-managed-configs 11 | namespace: kube-system 12 | behavior: merge 13 | envs: 14 | - .env 15 | 16 | generatorOptions: 17 | disableNameSuffixHash: true 18 | -------------------------------------------------------------------------------- /dev-tools/kubernetes/overlays/elastic-agent-standalone/kustomization.yml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../../base/elastic-agent-standalone 3 | - github.com/kubernetes/kube-state-metrics?ref=main 4 | 5 | images: 6 | - name: docker.elastic.co/beats/elastic-agent 7 | newTag: "8.6.0" 8 | 9 | configMapGenerator: 10 | - name: elastic-agent-standalone-configs 11 | namespace: kube-system 12 | behavior: merge 13 | envs: 14 | - .env 15 | 16 | generatorOptions: 17 | disableNameSuffixHash: true 18 | -------------------------------------------------------------------------------- /dev-tools/licenses/ELASTIC-LICENSE-2.0-header.txt: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | -------------------------------------------------------------------------------- /dev-tools/licenses/license.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package licenses 6 | 7 | //go:generate go run license_generate.go 8 | -------------------------------------------------------------------------------- /dev-tools/licenses/license_header.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | // Code generated by beats/dev-tools/licenses/license_generate.go - DO NOT EDIT. 6 | 7 | package licenses 8 | 9 | import "fmt" 10 | 11 | var Elasticv2 = ` 12 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 13 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 14 | // you may not use this file except in compliance with the Elastic License 2.0. 15 | ` 16 | 17 | func Find(name string) (string, error) { 18 | switch name { 19 | 20 | case "Elasticv2": 21 | return Elasticv2, nil 22 | } 23 | return "", fmt.Errorf("unknown license: %s", name) 24 | } 25 | -------------------------------------------------------------------------------- /dev-tools/mage/.gitignore: -------------------------------------------------------------------------------- 1 | /build 2 | -------------------------------------------------------------------------------- /dev-tools/mage/downloads/_testresources/gcp/nextPageParam.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "storage#objects", 3 | "nextPageToken": "foo" 4 | } 5 | -------------------------------------------------------------------------------- /dev-tools/mage/downloads/io_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package downloads 6 | 7 | import ( 8 | "path" 9 | "testing" 10 | 11 | "github.com/stretchr/testify/assert" 12 | ) 13 | 14 | func TestMkdirAll(t *testing.T) { 15 | tmpDir := t.TempDir() 16 | 17 | dir := path.Join(tmpDir, ".op", "compose", "services") 18 | 19 | err := mkdirAll(dir) 20 | assert.Nil(t, err) 21 | 22 | e, _ := exists(dir) 23 | assert.True(t, e) 24 | } 25 | -------------------------------------------------------------------------------- /dev-tools/mage/downloads/logger.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package downloads 6 | 7 | import ( 8 | "log/slog" 9 | "os" 10 | ) 11 | 12 | var ( 13 | LogLevel = new(slog.LevelVar) // Info by default 14 | 15 | logger = slog.New(slog.NewTextHandler(os.Stderr, &slog.HandlerOptions{Level: LogLevel})) 16 | ) 17 | 18 | const ( 19 | TraceLevel = slog.Level(-12) 20 | FatalLevel = slog.Level(12) 21 | ) 22 | -------------------------------------------------------------------------------- /dev-tools/mage/downloads/utils_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package downloads 6 | 7 | import ( 8 | "fmt" 9 | "net/http" 10 | "net/http/httptest" 11 | "os" 12 | "path/filepath" 13 | "testing" 14 | 15 | "github.com/stretchr/testify/assert" 16 | ) 17 | 18 | func TestDownloadFile(t *testing.T) { 19 | s := httptest.NewServer(http.FileServer(http.Dir("./testdata"))) 20 | t.Cleanup(s.Close) 21 | 22 | var dRequest = downloadRequest{ 23 | URL: fmt.Sprintf("http://%s/some-file.txt", 24 | s.Listener.Addr().String()), 25 | DownloadPath: "", 26 | } 27 | 28 | err := downloadFile(&dRequest) 29 | assert.Nil(t, err) 30 | assert.NotEmpty(t, dRequest.UnsanitizedFilePath) 31 | defer os.Remove(filepath.Dir(dRequest.UnsanitizedFilePath)) 32 | } 33 | -------------------------------------------------------------------------------- /dev-tools/mage/gotool/get.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package gotool 6 | 7 | type goGet func(opts ...ArgOpt) error 8 | 9 | // Get runs `go get` and provides optionals for adding command line arguments. 10 | var Get goGet = runGoGet 11 | 12 | func runGoGet(opts ...ArgOpt) error { 13 | args := buildArgs(opts) 14 | return runVGo("get", args) 15 | } 16 | 17 | func (goGet) Download() ArgOpt { return flagBoolIf("-d", true) } 18 | func (goGet) Update() ArgOpt { return flagBoolIf("-u", true) } 19 | func (goGet) Package(pkg string) ArgOpt { return posArg(pkg) } 20 | -------------------------------------------------------------------------------- /dev-tools/mage/gotool/linkcheck.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package gotool 6 | 7 | import ( 8 | "fmt" 9 | 10 | "github.com/magefile/mage/sh" 11 | ) 12 | 13 | type goLinkCheck func(opts ...ArgOpt) error 14 | 15 | // LinkCheck runs a tool to verify that links in a file are live. 16 | var LinkCheck goLinkCheck = runGoLinkCheck 17 | 18 | func runGoLinkCheck(opts ...ArgOpt) error { 19 | args := buildArgs(opts).build() 20 | output, err := sh.Output("link-patrol", args...) 21 | if err != nil { 22 | fmt.Println(output) 23 | return err 24 | } 25 | 26 | return nil 27 | } 28 | 29 | func (goLinkCheck) Path(path string) ArgOpt { return flagArgIf("-f", path) } 30 | -------------------------------------------------------------------------------- /dev-tools/mage/keychain_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build darwin 6 | 7 | package mage 8 | 9 | import ( 10 | "testing" 11 | 12 | "github.com/stretchr/testify/assert" 13 | ) 14 | 15 | func TestAppleKeychainListIdentities(t *testing.T) { 16 | t.Skip("Flaky test") 17 | idents, err := _appleKeychain.ListIdentities() 18 | if err != nil { 19 | t.Fatal(err) 20 | } 21 | 22 | assert.NotZero(t, idents) 23 | 24 | for i, ident := range idents { 25 | t.Log(i, ident) 26 | } 27 | } 28 | 29 | func TestGetAppleSigningInfo(t *testing.T) { 30 | signingInfo, err := GetAppleSigningInfo() 31 | if err != nil { 32 | t.Fatal(err) 33 | } 34 | 35 | if assert.NotNil(t, signingInfo) { 36 | assert.False(t, signingInfo.Sign) 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /dev-tools/mage/pkgcommon/pkgcommon-types.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package pkgcommon 6 | 7 | // PackageType defines the file format of the package (e.g. zip, rpm, etc). 8 | type PackageType int 9 | 10 | // List of possible package types. 11 | const ( 12 | RPM PackageType = iota + 1 13 | Deb 14 | Zip 15 | TarGz 16 | Docker 17 | ) 18 | 19 | var AllPackageTypes = []PackageType{ 20 | RPM, 21 | Deb, 22 | Zip, 23 | TarGz, 24 | Docker, 25 | } 26 | -------------------------------------------------------------------------------- /dev-tools/mage/target/build/build.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package build 6 | 7 | import ( 8 | devtools "github.com/elastic/elastic-agent/dev-tools/mage" 9 | ) 10 | 11 | // Build builds the Beat binary. 12 | func Build() error { 13 | return devtools.Build(devtools.DefaultBuildArgs()) 14 | } 15 | -------------------------------------------------------------------------------- /dev-tools/mage/target/common/fmt.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package common 6 | 7 | import ( 8 | "github.com/magefile/mage/mg" 9 | 10 | devtools "github.com/elastic/elastic-agent/dev-tools/mage" 11 | ) 12 | 13 | // Fmt formats source code (.go and .py) and adds license headers. 14 | func Fmt() { 15 | mg.Deps(devtools.Format) 16 | } 17 | 18 | // AddLicenseHeaders adds license headers 19 | func AddLicenseHeaders() { 20 | mg.Deps(devtools.AddLicenseHeaders) 21 | } 22 | -------------------------------------------------------------------------------- /dev-tools/mage/target/common/shared.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package common 6 | 7 | import devtools "github.com/elastic/elastic-agent/dev-tools/mage" 8 | 9 | // DumpVariables writes the template variables and values to stdout. 10 | func DumpVariables() error { 11 | return devtools.DumpVariables() 12 | } 13 | -------------------------------------------------------------------------------- /dev-tools/mage/target/integtest/notests/integtest.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package notests 6 | 7 | import "fmt" 8 | 9 | // IntegTest executes integration tests (it uses Docker to run the tests). 10 | func IntegTest() { 11 | GoIntegTest() 12 | } 13 | 14 | // GoIntegTest method informs that no integration tests will be executed. 15 | func GoIntegTest() { 16 | fmt.Println(">> integTest: Complete (no tests require the integ test environment)") 17 | } 18 | -------------------------------------------------------------------------------- /dev-tools/mage/target/pkg/test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package pkg 6 | 7 | import devtools "github.com/elastic/elastic-agent/dev-tools/mage" 8 | 9 | // PackageTest tests the generated packages in build/distributions. It checks 10 | // things like file ownership/mode, package attributes, etc. 11 | func PackageTest() error { 12 | return devtools.TestPackages() 13 | } 14 | -------------------------------------------------------------------------------- /dev-tools/mage/target/test/test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package test 6 | 7 | import "github.com/magefile/mage/mg" 8 | 9 | var ( 10 | testDeps []interface{} 11 | ) 12 | 13 | // RegisterDeps registers dependencies of the Test target (register your targets 14 | // that execute tests). 15 | func RegisterDeps(deps ...interface{}) { 16 | testDeps = append(testDeps, deps...) 17 | } 18 | 19 | // Test runs all available tests (unitTest + integTest). 20 | func Test() { 21 | mg.SerialDeps(testDeps...) 22 | } 23 | -------------------------------------------------------------------------------- /dev-tools/mage/testdata/config.yml: -------------------------------------------------------------------------------- 1 | brewbeat.modules: 2 | - module: milling 3 | - module: mashing 4 | - module: lautering 5 | - module: boil 6 | - module: fermenting 7 | - module: bottle 8 | -------------------------------------------------------------------------------- /dev-tools/notice/NOTICE.txt.tmpl: -------------------------------------------------------------------------------- 1 | {{- define "depInfo" -}} 2 | {{- range $i, $dep := . }} 3 | {{ "-" | line }} 4 | Dependency : {{ $dep.Name }} 5 | Version: {{ $dep.Version }} 6 | Licence type (autodetected): {{ $dep.LicenceType }} 7 | {{ "-" | line }} 8 | 9 | {{ $dep | licenceText }} 10 | {{ end }} 11 | {{- end -}} 12 | 13 | Elastic Beats 14 | Copyright 2014-{{ currentYear }} Elasticsearch BV 15 | 16 | This product includes software developed by The Apache Software 17 | Foundation (http://www.apache.org/). 18 | 19 | {{ "=" | line }} 20 | Third party libraries used by the Elastic Beats project: 21 | {{ "=" | line }} 22 | 23 | {{ template "depInfo" .Direct }} 24 | 25 | {{ if .Indirect }} 26 | {{ "=" | line }} 27 | Indirect dependencies 28 | 29 | {{ template "depInfo" .Indirect -}} 30 | {{- end}} 31 | -------------------------------------------------------------------------------- /dev-tools/notice/dependencies.csv.tmpl: -------------------------------------------------------------------------------- 1 | {{- define "depInfo" -}} 2 | {{- range $i, $dep := . }} 3 | {{ $dep.Name }},{{ $dep.URL }},{{ $dep.Version | canonicalVersion }},{{ $dep.Version | revision }},{{ $dep.LicenceType }}, 4 | {{- end -}} 5 | {{- end -}} 6 | 7 | name,url,version,revision,license,sourceURL{{ template "depInfo" .Direct }}{{ template "depInfo" .Indirect }} 8 | -------------------------------------------------------------------------------- /dev-tools/notice/notice.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package notice 6 | 7 | const ( 8 | NoticeFilename = "NOTICE.txt" 9 | FIPSNoticeFilename = "NOTICE-fips.txt" 10 | ) 11 | -------------------------------------------------------------------------------- /dev-tools/notice/rules.json: -------------------------------------------------------------------------------- 1 | { 2 | "allowlist": [ 3 | "Apache-2.0", 4 | "BSD", 5 | "BSD-2-Clause", 6 | "BSD-2-Clause-FreeBSD", 7 | "BSD-3-Clause", 8 | "CC0-1.0", 9 | "Elastic", 10 | "ISC", 11 | "MIT", 12 | "MPL-2.0", 13 | "Public Domain", 14 | "Zlib" 15 | ], 16 | "maybelist": [ 17 | "EPL-1.0", 18 | "GPL-3.0" 19 | ] 20 | } 21 | -------------------------------------------------------------------------------- /dev-tools/packaging/files/darwin/PkgInfo: -------------------------------------------------------------------------------- 1 | APPL???? -------------------------------------------------------------------------------- /dev-tools/packaging/files/darwin/otelcol.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | BASEDIR=$(dirname "$0") 4 | 5 | exec "$BASEDIR/elastic-agent" otel "$@" -------------------------------------------------------------------------------- /dev-tools/packaging/files/ironbank/config/docker-entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eo pipefail 4 | 5 | # For information on the possible environment variables that can be passed into the container. Run the following 6 | # command for information on the options that are available. 7 | # 8 | # `./elastic-agent container --help` 9 | # 10 | 11 | elastic-agent container "$@" 12 | -------------------------------------------------------------------------------- /dev-tools/packaging/files/linux/connectors.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | PY_AGENT_CLIENT_PATH=/usr/share/connectors 4 | PYTHON_PATH=$PY_AGENT_CLIENT_PATH/.venv/bin/python 5 | COMPONENT_PATH=$PY_AGENT_CLIENT_PATH/connectors/agent/cli.py 6 | $PYTHON_PATH $COMPONENT_PATH 7 | -------------------------------------------------------------------------------- /dev-tools/packaging/files/linux/filebeat.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | exec /opt/agentbeat/agentbeat filebeat $@ 4 | -------------------------------------------------------------------------------- /dev-tools/packaging/files/linux/metricbeat.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | exec /opt/agentbeat/agentbeat metricbeat $@ 4 | -------------------------------------------------------------------------------- /dev-tools/packaging/files/linux/otelcol.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | BASEDIR=$(dirname "$0") 4 | 5 | exec "$BASEDIR/elastic-agent" otel "$@" -------------------------------------------------------------------------------- /dev-tools/packaging/files/linux/systemd-daemon-reload.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | systemctl daemon-reload 2> /dev/null 4 | exit 0 5 | -------------------------------------------------------------------------------- /dev-tools/packaging/files/windows/otelcol.ps1: -------------------------------------------------------------------------------- 1 | $workdir = Split-Path $MyInvocation.MyCommand.Path 2 | & "$workdir\elastic-agent" otel $args -------------------------------------------------------------------------------- /dev-tools/packaging/templates/common/README.md.tmpl: -------------------------------------------------------------------------------- 1 | # Welcome to {{.BeatName | title}} {{.Version}}{{if .Snapshot}}-SNAPSHOT{{end}} 2 | 3 | {{.Description}} 4 | 5 | ## Documentation 6 | Visit the [Fleet and Elastic Agent Guide](https://www.elastic.co/docs/reference/fleet). 7 | 8 | ## Release notes 9 | 10 | https://www.elastic.co/docs/release-notes/fleet 11 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/darwin/Info.plist.tmpl: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | CFBundleExecutable 6 | elastic-agent 7 | CFBundleIdentifier 8 | co.elastic.elastic-agent 9 | CFBundleInfoDictionaryVersion 10 | 6.0 11 | CFBundleName 12 | elastic-agent 13 | CFBundlePackageType 14 | APPL 15 | CFBundleShortVersionString 16 | {{ beat_version }} 17 | CFBundleVersion 18 | {{ beat_version }} 19 | 20 | 21 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/darwin/elastic-agent.tmpl: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Fix up the symlink and exit 3 | 4 | set -e 5 | 6 | symlink="/Library/Elastic/Agent/elastic-agent" 7 | 8 | if test -L "$symlink"; then 9 | symlinkTarget="data/elastic-agent-{{ commit_short }}/elastic-agent.app/Contents/MacOS/elastic-agent" 10 | if test -f "data/elastic-agent-{{ agent_package_version }}{{ snapshot_suffix }}-{{ commit_short }}/elastic-agent.app/Contents/MacOS/elastic-agent"; then 11 | symlinkTarget="data/elastic-agent-{{ agent_package_version }}{{ snapshot_suffix }}-{{ commit_short }}/elastic-agent.app/Contents/MacOS/elastic-agent" 12 | fi 13 | ln -sfn "$symlinkTarget" "$symlink" 14 | fi 15 | 16 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/docker/docker-entrypoint.edot.tmpl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Update umask to retain group write permissions on runtime directories: $root/tmp/default, $root/logs/default and $root/run/default 4 | umask 0007 5 | 6 | set -eo pipefail 7 | 8 | # For information on the possible environment variables that can be passed into the container. Run the following 9 | # command for information on the options that are available. 10 | # 11 | # `./elastic-agent container --help` 12 | # 13 | 14 | exec {{ .BeatName }} otel "$@" -------------------------------------------------------------------------------- /dev-tools/packaging/templates/docker/docker-entrypoint.elastic-agent.tmpl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Update umask to retain group write permissions on runtime directories: $root/tmp/default, $root/logs/default and $root/run/default 4 | umask 0007 5 | 6 | set -eo pipefail 7 | 8 | # For information on the possible environment variables that can be passed into the container. Run the following 9 | # command for information on the options that are available. 10 | # 11 | # `./elastic-agent container --help` 12 | # 13 | 14 | if [[ "$ELASTIC_AGENT_OTEL" == "true" ]] 15 | then 16 | exec {{ .BeatName }} otel "$@" 17 | else 18 | exec {{ .BeatName }} container "$@" 19 | fi 20 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/linux/beatname.sh.tmpl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Script to run {{.BeatName | title}} in foreground with the same path settings that 4 | # the init script / systemd unit file would do. 5 | umask 0027 6 | exec /usr/share/{{.BeatName}}/bin/{{.BeatName}} \ 7 | --path.home /usr/share/{{.BeatName}} \ 8 | --path.config /etc/{{.BeatName}} \ 9 | --path.data /var/lib/{{.BeatName}} \ 10 | --path.logs /var/log/{{.BeatName}} \ 11 | "$@" 12 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/linux/elastic-agent.sh.tmpl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Script to run {{.BeatName | title}} in foreground with the same path settings that 4 | # the init script / systemd unit file would do. 5 | umask 0027 6 | exec /usr/share/{{.BeatName}}/bin/{{.BeatName}} \ 7 | --path.home /var/lib/{{.BeatName}} \ 8 | --path.config /etc/{{.BeatName}} \ 9 | --path.logs /var/log/{{.BeatName}} \ 10 | "$@" 11 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/linux/elastic-agent.unit.tmpl: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description={{.Description}} 3 | Documentation={{.URL}} 4 | Wants=network-online.target 5 | After=network-online.target 6 | 7 | [Service] 8 | {{ if ne .BeatUser "root" -}} 9 | User={{ .BeatUser }} 10 | Group={{ .BeatUser }} 11 | {{- end }} 12 | UMask=0027 13 | Environment="GODEBUG='madvdontneed=1'" 14 | Environment="BEAT_CONFIG_OPTS=-c /etc/{{.BeatName}}/{{.BeatName}}.yml" 15 | ExecStart=/usr/bin/{{.BeatName}} run --environment systemd $BEAT_CONFIG_OPTS 16 | Restart=always 17 | 18 | # By setting KillMode=process, we ensure that in a scenario where the upgraded Agent's 19 | # process is repeatedly crashing, systemd keeps the Upgrade Watcher process running so 20 | # it can monitor the Agent process for long enough to initiate a rollback. 21 | # See also https://github.com/elastic/elastic-agent/pull/3220#issuecomment-1673935694. 22 | KillMode=process 23 | 24 | [Install] 25 | WantedBy=multi-user.target 26 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/linux/postinstall.sh.tmpl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | commit_hash="{{ commit_short }}" 6 | version_dir="{{agent_package_version}}{{snapshot_suffix}}" 7 | symlink="/usr/share/elastic-agent/bin/elastic-agent" 8 | new_agent_dir="/var/lib/elastic-agent/data/elastic-agent-$version_dir-$commit_hash" 9 | 10 | # delete $symlink if exists 11 | if test -L "$symlink"; then 12 | echo "found symlink $symlink, unlink" 13 | unlink "$symlink" 14 | fi 15 | 16 | # create symlink to the new agent 17 | echo "create symlink "$symlink" to "$new_agent_dir/elastic-agent"" 18 | ln -s "$new_agent_dir/elastic-agent" "$symlink" 19 | 20 | $new_agent_dir/elastic-agent apply-flavor 21 | 22 | # reload systemctl and then restart service 23 | echo "systemd enable/restart elastic-agent" 24 | systemctl daemon-reload 2> /dev/null 25 | systemctl enable elastic-agent 2> /dev/null || true 26 | systemctl restart elastic-agent 2> /dev/null || true 27 | exit 0 28 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/linux/postrm.sh.tmpl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | symlink="/usr/share/elastic-agent/bin/elastic-agent" 6 | 7 | case "$1" in 8 | purge) 9 | rm -rf /var/lib/elastic-agent /var/log/elastic-agent /etc/elastic-agent 10 | ;; 11 | 12 | # 0 is for rpm uninstall 13 | upgrade|remove|failed-upgrade|abort-install|abort-upgrade|disappear|0) 14 | if systemctl --quiet is-active elastic-agent; then 15 | echo "stopping elastic-agent" 16 | systemctl --quiet stop elastic-agent 17 | fi 18 | # delete symlink if exists 19 | if test -L "$symlink"; then 20 | echo "found symlink $symlink, unlink" 21 | unlink "$symlink" 22 | fi 23 | ;; 24 | *) 25 | ;; 26 | esac 27 | 28 | echo "systemd daemon-reload" 29 | systemctl daemon-reload 2> /dev/null 30 | exit 0 31 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/linux/systemd.unit.tmpl: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description={{.Description}} 3 | Documentation={{.URL}} 4 | Wants=network-online.target 5 | After=network-online.target 6 | 7 | [Service] 8 | {{ if ne .BeatUser "root" -}} 9 | User={{ .BeatUser }} 10 | Group={{ .BeatUser }} 11 | {{- end }} 12 | UMask=0027 13 | Environment="GODEBUG='madvdontneed=1'" 14 | Environment="BEAT_LOG_OPTS=" 15 | Environment="BEAT_CONFIG_OPTS=-c /etc/{{.BeatName}}/{{.BeatName}}.yml" 16 | Environment="BEAT_PATH_OPTS=--path.home /usr/share/{{.BeatName}} --path.config /etc/{{.BeatName}} --path.data /var/lib/{{.BeatName}} --path.logs /var/log/{{.BeatName}}" 17 | ExecStart=/usr/share/{{.BeatName}}/bin/{{.BeatName}} --environment systemd $BEAT_LOG_OPTS $BEAT_CONFIG_OPTS $BEAT_PATH_OPTS 18 | Restart=always 19 | 20 | [Install] 21 | WantedBy=multi-user.target 22 | -------------------------------------------------------------------------------- /dev-tools/packaging/templates/windows/uninstall-service.ps1.tmpl: -------------------------------------------------------------------------------- 1 | # Delete and stop the service if it already exists. 2 | if (Get-Service {{.BeatName}} -ErrorAction SilentlyContinue) { 3 | $service = Get-WmiObject -Class Win32_Service -Filter "name='{{.BeatName}}'" 4 | $service.StopService() 5 | Start-Sleep -s 1 6 | $service.delete() 7 | } 8 | -------------------------------------------------------------------------------- /dev-tools/vagrant_scripts/dockerProvision.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # This is to aid in testing docker images for different underlying OSes 4 | # You can build *just* the docker image with export PACKAGES=docker && mage package 5 | 6 | apt-get install -y \ 7 | apt-transport-https \ 8 | ca-certificates \ 9 | curl \ 10 | gnupg \ 11 | lsb-release 12 | 13 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg 14 | 15 | echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \ 16 | $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null 17 | 18 | sudo apt-get update 19 | sudo apt-get -y install docker-ce docker-ce-cli containerd.io docker-compose 20 | 21 | usermod -aG docker vagrant 22 | -------------------------------------------------------------------------------- /dev-tools/vagrant_scripts/kindProvision.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # This installs k8s utilities on the host 4 | # This is the one command that needs to run as the user, hence the ugly sudo invocation 5 | sudo -S -u vagrant -i /bin/bash -l -c "GO111MODULE='on' go get sigs.k8s.io/kind@v0.11.1" 6 | 7 | curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg 8 | echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list 9 | apt-get update 10 | apt-get install -y kubectl 11 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | testunit: 4 | build: 5 | context: . 6 | dockerfile: Dockerfile.test 7 | args: 8 | GO_VERSION: ${GO_VERSION} 9 | command: ["mage", "update", "check:all", "test:all"] 10 | -------------------------------------------------------------------------------- /docs/images/1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/1.png -------------------------------------------------------------------------------- /docs/images/2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/2.png -------------------------------------------------------------------------------- /docs/images/3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/3.png -------------------------------------------------------------------------------- /docs/images/4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/4.png -------------------------------------------------------------------------------- /docs/images/5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/5.png -------------------------------------------------------------------------------- /docs/images/6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/6.png -------------------------------------------------------------------------------- /docs/images/cloudid.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/cloudid.png -------------------------------------------------------------------------------- /docs/images/components-example.d2: -------------------------------------------------------------------------------- 1 | # A diagram of example components managed by Agent. 2 | # To regenerate the image after changing this file, run: 3 | # d2 components-example.d2 components-example.svg 4 | # To live-edit this file with immediate regeneration of the diagram, run: 5 | # d2 --watch components-example.d2 components-example.svg 6 | 7 | filebeat1: { 8 | filestream-1 -> output 9 | filestream-2 -> output 10 | } 11 | 12 | filebeat2: { 13 | udp-1 -> output 14 | } 15 | 16 | metricbeat: { 17 | metrics-1 -> output 18 | metrics-2 -> output 19 | } 20 | 21 | endpoint: { 22 | endpoint-1 -> output 23 | } 24 | 25 | filebeat1.output -> elasticsearch1 26 | metricbeat.output -> elasticsearch1 27 | 28 | filebeat2.output -> logstash 29 | 30 | endpoint.output -> elasticsearch2 31 | -------------------------------------------------------------------------------- /docs/images/compute_model.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/compute_model.png -------------------------------------------------------------------------------- /docs/images/coordinator.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/coordinator.png -------------------------------------------------------------------------------- /docs/images/ksm-ksm01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/ksm-ksm01.png -------------------------------------------------------------------------------- /docs/images/ksm-ksm02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/ksm-ksm02.png -------------------------------------------------------------------------------- /docs/images/ksm-sidecontainer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/ksm-sidecontainer.png -------------------------------------------------------------------------------- /docs/images/ksm01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/ksm01.png -------------------------------------------------------------------------------- /docs/images/ksm02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/ksm02.png -------------------------------------------------------------------------------- /docs/images/leader-ksm-sidecontainer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/leader-ksm-sidecontainer.png -------------------------------------------------------------------------------- /docs/images/testing-framework.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/testing-framework.png -------------------------------------------------------------------------------- /docs/images/tolerationsdaemonset.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/tolerationsdaemonset.png -------------------------------------------------------------------------------- /docs/images/tolerationsksm0.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/docs/images/tolerationsksm0.png -------------------------------------------------------------------------------- /docs/manifests/kustomize-autosharding/elastic-agent-kustomize/agent-cluster-role-binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: elastic-agent 5 | subjects: 6 | - kind: ServiceAccount 7 | name: elastic-agent 8 | namespace: kube-system 9 | roleRef: 10 | kind: ClusterRole 11 | name: elastic-agent 12 | apiGroup: rbac.authorization.k8s.io -------------------------------------------------------------------------------- /docs/manifests/kustomize-autosharding/elastic-agent-kustomize/agent-role-binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | namespace: kube-system 5 | name: elastic-agent 6 | subjects: 7 | - kind: ServiceAccount 8 | name: elastic-agent 9 | namespace: kube-system 10 | roleRef: 11 | kind: Role 12 | name: elastic-agent 13 | apiGroup: rbac.authorization.k8s.io 14 | -------------------------------------------------------------------------------- /docs/manifests/kustomize-autosharding/elastic-agent-kustomize/agent-role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: elastic-agent 5 | # Should be the namespace where elastic-agent is running 6 | namespace: kube-system 7 | labels: 8 | app.kubernetes.io/name: elastic-agent 9 | rules: 10 | - apiGroups: 11 | - coordination.k8s.io 12 | resources: 13 | - leases 14 | verbs: ["get", "create", "update"] 15 | -------------------------------------------------------------------------------- /docs/manifests/kustomize-autosharding/elastic-agent-kustomize/agent-service-account.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: elastic-agent 5 | namespace: kube-system 6 | labels: 7 | app.kubernetes.io/name: elastic-agent 8 | -------------------------------------------------------------------------------- /docs/manifests/kustomize-autosharding/elastic-agent-kustomize/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | resources: 7 | - agent-service-account.yaml 8 | - agent-cluster-role-binding.yaml 9 | - agent-cluster-role.yaml 10 | - agent-role-binding.yaml 11 | - agent-role.yaml -------------------------------------------------------------------------------- /docs/manifests/kustomize-autosharding/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | 4 | namespace: kube-system 5 | 6 | resources: 7 | - cluster-role-binding.yaml 8 | - cluster-role.yaml 9 | - role-binding.yaml 10 | - role.yaml 11 | - service-account.yaml 12 | - service.yaml 13 | - statefulset.yaml 14 | - ./elastic-agent-kustomize 15 | replicas: 16 | - name: kube-state-metrics 17 | count: 2 18 | 19 | patches: 20 | - path: elastic-agent-kustomize/agent-statefulset.yaml 21 | target: 22 | kind: StatefulSet -------------------------------------------------------------------------------- /internal/pkg/acl/acl.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package acl 8 | 9 | import ( 10 | "os" 11 | ) 12 | 13 | // Chmod changes the permissions of the specified file. Only the nine 14 | // least-significant bytes are used, allowing access by the file's owner, the 15 | // file's group, and everyone else to be explicitly controlled. 16 | func Chmod(name string, fileMode os.FileMode) error { 17 | return os.Chmod(name, fileMode) 18 | } 19 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/actions/action.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package actions 6 | 7 | import ( 8 | "context" 9 | 10 | "github.com/elastic/elastic-agent/internal/pkg/fleetapi" 11 | "github.com/elastic/elastic-agent/internal/pkg/fleetapi/acker" 12 | "github.com/elastic/elastic-agent/internal/pkg/fleetapi/client" 13 | ) 14 | 15 | // Handler handles action coming from fleet. 16 | type Handler interface { 17 | Handle(ctx context.Context, a fleetapi.Action, acker acker.Acker) error 18 | } 19 | 20 | // ClientSetter sets the client for communication. 21 | type ClientSetter interface { 22 | SetClient(client.Sender) 23 | } 24 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/actions/handlers/loglevelsetter.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package handlers 6 | 7 | import ( 8 | "context" 9 | 10 | "github.com/elastic/elastic-agent-libs/logp" 11 | ) 12 | 13 | // logLevelSetter interface represents an actor able to set the global log level in agent 14 | type logLevelSetter interface { 15 | SetLogLevel(ctx context.Context, lvl *logp.Level) error 16 | } 17 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/config.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package application 6 | 7 | import ( 8 | "github.com/elastic/elastic-agent/internal/pkg/agent/configuration" 9 | ) 10 | 11 | type localConfig struct { 12 | Fleet *configuration.FleetAgentConfig `config:"fleet"` 13 | Settings *configuration.SettingsConfig `config:"agent" yaml:"agent"` 14 | } 15 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/configuration_embed_changed_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package application 6 | 7 | import ( 8 | "testing" 9 | 10 | "github.com/stretchr/testify/assert" 11 | "gopkg.in/yaml.v2" 12 | ) 13 | 14 | // This test exists to notify the cloudbeat team in case the default agent fleet config is changed. 15 | func TestDefaultAgentFleetConfig(t *testing.T) { 16 | cfg := map[string]interface{}{} 17 | 18 | err := yaml.Unmarshal(DefaultAgentFleetConfig, &cfg) 19 | assert.NoError(t, err) 20 | 21 | assert.Equal(t, map[string]interface{}{"fleet": map[interface{}]interface{}{"enabled": true}}, cfg) 22 | } 23 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/dispatcher/retryconfig.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package dispatcher 6 | 7 | import ( 8 | "fmt" 9 | "time" 10 | ) 11 | 12 | var ErrNoRetry = fmt.Errorf("no retry attempts remaining") 13 | 14 | type retryConfig struct { 15 | steps []time.Duration 16 | } 17 | 18 | func defaultRetryConfig() *retryConfig { 19 | return &retryConfig{ 20 | steps: []time.Duration{time.Minute, 5 * time.Minute, 10 * time.Minute, 15 * time.Minute, 30 * time.Minute, time.Hour}, 21 | } 22 | } 23 | 24 | func (r *retryConfig) GetWait(step int) (time.Duration, error) { 25 | if step < 0 || step >= len(r.steps) { 26 | return time.Duration(0), ErrNoRetry 27 | } 28 | return r.steps[step], nil 29 | } 30 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/filelock/locker_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package filelock 6 | 7 | import ( 8 | "testing" 9 | 10 | "github.com/stretchr/testify/assert" 11 | "github.com/stretchr/testify/require" 12 | ) 13 | 14 | const testLockFile = "test.lock" 15 | 16 | func TestAppLocker(t *testing.T) { 17 | tmp := t.TempDir() 18 | 19 | locker1 := NewAppLocker(tmp, testLockFile) 20 | locker2 := NewAppLocker(tmp, testLockFile) 21 | 22 | require.NoError(t, locker1.TryLock()) 23 | assert.Error(t, locker2.TryLock()) 24 | require.NoError(t, locker1.Unlock()) 25 | require.NoError(t, locker2.TryLock()) 26 | assert.Error(t, locker1.TryLock()) 27 | require.NoError(t, locker2.Unlock()) 28 | } 29 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/info/inject_config_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package info 6 | 7 | import ( 8 | "testing" 9 | 10 | "github.com/stretchr/testify/assert" 11 | 12 | "github.com/elastic/elastic-agent/internal/pkg/config" 13 | ) 14 | 15 | func TestInjectAgentConfig(t *testing.T) { 16 | c := config.New() 17 | err := InjectAgentConfig(c) 18 | assert.NoError(t, err) 19 | } 20 | 21 | func TestAgentGlobalConfig(t *testing.T) { 22 | c, err := agentGlobalConfig() 23 | assert.NoError(t, err) 24 | assert.NotEmpty(t, c) 25 | } 26 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/info/svc_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package info 8 | 9 | import "os" 10 | 11 | // RunningUnderSupervisor returns true when executing Agent is running under 12 | // the supervisor processes of the OS. 13 | func RunningUnderSupervisor() bool { 14 | return os.Getppid() == 1 15 | } 16 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/monitoring/error.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package monitoring 6 | 7 | import "fmt" 8 | 9 | func errorWithStatus(status int, err error) *statusError { 10 | return &statusError{ 11 | err: err, 12 | status: status, 13 | } 14 | } 15 | 16 | func errorfWithStatus(status int, msg string, args ...string) *statusError { 17 | err := fmt.Errorf(msg, args) 18 | return errorWithStatus(status, err) 19 | } 20 | 21 | // StatusError holds correlation between error and a status 22 | type statusError struct { 23 | err error 24 | status int 25 | } 26 | 27 | func (s *statusError) Status() int { 28 | return s.status 29 | } 30 | 31 | func (s *statusError) Error() string { 32 | return s.err.Error() 33 | } 34 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/reexec/reexec.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package reexec 8 | 9 | import ( 10 | "os" 11 | "path/filepath" 12 | 13 | "golang.org/x/sys/unix" 14 | 15 | "github.com/elastic/elastic-agent/pkg/core/logger" 16 | ) 17 | 18 | func reexec(log *logger.Logger, executable string, argOverrides ...string) error { 19 | // force log sync, before re-exec 20 | _ = log.Sync() 21 | 22 | args := []string{filepath.Base(executable)} 23 | args = append(args, os.Args[1:]...) 24 | args = append(args, argOverrides...) 25 | return unix.Exec(executable, args, os.Environ()) 26 | } 27 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/artifact/download/downloader.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package download 6 | 7 | import ( 8 | "context" 9 | 10 | "github.com/elastic/elastic-agent/internal/pkg/agent/application/upgrade/artifact" 11 | "github.com/elastic/elastic-agent/pkg/version" 12 | ) 13 | 14 | // Downloader is an interface allowing download of an artifact 15 | type Downloader interface { 16 | Download(ctx context.Context, a artifact.Artifact, version *version.ParsedSemVer) (string, error) 17 | } 18 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/artifact/download/fs/testdata/drop/elastic-agent-8.0.0-darwin-x86_64.tar.gz: -------------------------------------------------------------------------------- 1 | sample 2 | content 3 | of 4 | a 5 | file 6 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/artifact/download/fs/testdata/drop/elastic-agent-8.0.0-darwin-x86_64.tar.gz.asc: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP SIGNATURE----- 2 | 3 | iQGzBAABCgAdFiEE81a455Doc5DWexOcF4e6ez4rqzAFAmUn7TsACgkQF4e6ez4r 4 | qzDcIgwArpuXDex9aisWFWkXjCfjhJdrTTXr3wv8W68NeFsAaazLlvsWPxdol1db 5 | FeKFL+P/P/PhlTvdkZw9xMyXoVRWQXJ2p2jVjV0Wq2SCtbbjdrGjQ4OrchgE9FW7 6 | onWxqV8RjzPyaMwpDWWtHKgxhQeLP5yXhWm6RXHvBLZ5mqbTCuIq2Q4sijEd6IFD 7 | 9JoAA276tqyKGOsPZ1QzaPUFF69B9QLcWasEuNFf5ytMVFfTcMl6/HYDPO7ErhJx 8 | E1hnKGIc5rrMghL0LzaVLGYZUtnQwru02ZA0omXzEv1uYgqmZl75g9qHk2Cu2V5W 9 | 0qbg9OtUKOkJ1sODvsVv8O40rVazdZTgL2ifNLi2wFwR3syMdHCih2aKMcPDPzt3 10 | Q4q0zvsxuR9PGsv5+8zze74iC3oZSvF8h36XGjJuyjEFORUpcWNGDmhsC6l7ql5W 11 | rEbIPZ19j3r1M4yHG/ptBmrwRnQz9RKFnwTO9ME/5eBVumPLUD5kAcYXjvAFYQI5 12 | qEc7okL5 13 | =+nvi 14 | -----END PGP SIGNATURE----- 15 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/artifact/download/fs/testdata/drop/elastic-agent-8.0.0-darwin-x86_64.tar.gz.sha512: -------------------------------------------------------------------------------- 1 | 9af9aa016f3349aa248034629e4336ca2f4d31317bfb8c9a23a9d924c18969cf43ad93727e784da010a272690b2b5ce4c4ded3a5d2039e4408e93e1e18d113db elastic-agent-8.0.0-darwin-x86_64.tar.gz 2 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/artifact/download/reloadable.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package download 6 | 7 | import ( 8 | "github.com/elastic/elastic-agent/internal/pkg/agent/application/upgrade/artifact" 9 | ) 10 | 11 | // Reloader is an interface allowing to reload artifact config 12 | type Reloader interface { 13 | Reload(*artifact.Config) error 14 | } 15 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/artifact/download/snapshot/testdata/latest-snapshot.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "8.14.0-SNAPSHOT", 3 | "build_id": "8.14.0-6d69ee76", 4 | "manifest_url": "https://snapshots.elastic.co/8.14.0-6d69ee76/manifest-8.14.0-SNAPSHOT.json", 5 | "summary_url": "https://snapshots.elastic.co/8.14.0-6d69ee76/summary-8.14.0-SNAPSHOT.html" 6 | } 7 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/service_update.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !linux 6 | 7 | package upgrade 8 | 9 | func EnsureServiceConfigUpToDate() error { 10 | // Noop on non-Linux systems 11 | return nil 12 | } 13 | -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/test/case1/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/internal/pkg/agent/application/upgrade/test/case1/README.md -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/test/case2/README.md: -------------------------------------------------------------------------------- 1 | test -------------------------------------------------------------------------------- /internal/pkg/agent/application/upgrade/test/case3/README.md: -------------------------------------------------------------------------------- 1 | test 2 -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/component.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package cmd 6 | 7 | import ( 8 | "github.com/spf13/cobra" 9 | 10 | "github.com/elastic/elastic-agent/internal/pkg/cli" 11 | ) 12 | 13 | func newComponentCommandWithArgs(args []string, streams *cli.IOStreams) *cobra.Command { 14 | cmd := &cobra.Command{ 15 | Use: "component ", 16 | Short: "Tools to work on components", 17 | Long: "Tools for viewing current component information and developing new components for Elastic Agent", 18 | } 19 | 20 | cmd.AddCommand(newComponentSpecCommandWithArgs(args, streams)) 21 | 22 | return cmd 23 | } 24 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/container_init_other.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !linux 6 | 7 | package cmd 8 | 9 | import ( 10 | "github.com/elastic/elastic-agent/internal/pkg/cli" 11 | ) 12 | 13 | func initContainer(_ *cli.IOStreams) {} 14 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/enroll_match_fileowner_unix_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package cmd 8 | 9 | import ( 10 | "os" 11 | "path/filepath" 12 | "testing" 13 | 14 | "github.com/stretchr/testify/require" 15 | ) 16 | 17 | func TestIsOwnerExecUnix(t *testing.T) { 18 | path := t.TempDir() 19 | fp := filepath.Join(path, "testfile") 20 | fi, err := os.Create(fp) 21 | require.NoError(t, err) 22 | defer fi.Close() 23 | 24 | isOwner, err := isOwnerExec(fp) 25 | require.NoError(t, err) 26 | 27 | require.True(t, isOwner) 28 | } 29 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/install_enroll_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build windows 6 | 7 | package cmd 8 | 9 | import ( 10 | "fmt" 11 | "os/exec" 12 | 13 | "github.com/elastic/elastic-agent/pkg/utils" 14 | ) 15 | 16 | func enrollCmdExtras(cmd *exec.Cmd, ownership utils.FileOwner) error { 17 | if ownership.UID != "" { 18 | cmd.Args = append( 19 | cmd.Args, 20 | fmt.Sprintf("--%s", fromInstallUserArg), 21 | ownership.UID, 22 | ) 23 | } 24 | if ownership.GID != "" { 25 | cmd.Args = append( 26 | cmd.Args, 27 | fmt.Sprintf("--%s", fromInstallGroupArg), 28 | ownership.GID, 29 | ) 30 | } 31 | return nil 32 | } 33 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/reexec.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package cmd 8 | 9 | import ( 10 | "github.com/spf13/cobra" 11 | 12 | "github.com/elastic/elastic-agent/internal/pkg/cli" 13 | ) 14 | 15 | func newReExecWindowsCommand(_ []string, streams *cli.IOStreams) *cobra.Command { 16 | return nil 17 | } 18 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/run_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package cmd 8 | 9 | // logExternal logs the error to an external log. On non-windows systems this is a no-op. 10 | func logExternal(msg string) { 11 | } 12 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/run_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build windows 6 | 7 | package cmd 8 | 9 | import ( 10 | "golang.org/x/sys/windows/svc/eventlog" 11 | 12 | "github.com/elastic/elastic-agent/internal/pkg/agent/application/paths" 13 | ) 14 | 15 | // logExternal logs the error to an external log. On Windows this is 16 | // the Application EventLog. This is a best effort logger and no 17 | // errors are returned. 18 | func logExternal(msg string) { 19 | eLog, err2 := eventlog.Open(paths.ServiceName()) 20 | if err2 != nil { 21 | return 22 | } 23 | _ = eLog.Error(1, msg) 24 | } 25 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/testdata/diagnostics/endpoint-security/logs/endpoint-1.log: -------------------------------------------------------------------------------- 1 | file 1, log 1 2 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/testdata/diagnostics/endpoint-security/logs/endpoint-2.log: -------------------------------------------------------------------------------- 1 | file 2, log 2 2 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/testdata/otel/elastic-agent.yml: -------------------------------------------------------------------------------- 1 | outputs: 2 | default: 3 | type: elasticsearch 4 | hosts: [127.0.0.1:9200] 5 | api_key: "example-key" 6 | preset: balanced 7 | inputs: 8 | - type: system/metrics 9 | id: unique-system-metrics-input 10 | data_stream.namespace: default 11 | use_output: default 12 | streams: 13 | - metricsets: 14 | - cpu 15 | data_stream.dataset: system.cpu 16 | - metricsets: 17 | - memory 18 | data_stream.dataset: system.memory 19 | - metricsets: 20 | - network 21 | data_stream.dataset: system.network 22 | - metricsets: 23 | - filesystem 24 | data_stream.dataset: system.filesystem 25 | agent.logging.to_stderr: true -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/testdata/otel/otel.yml: -------------------------------------------------------------------------------- 1 | receivers: 2 | filelog: 3 | include: [ /var/log/system.log ] 4 | start_at: beginning 5 | 6 | processors: 7 | resource: 8 | attributes: 9 | - key: service.name 10 | action: insert 11 | value: elastic-otel-test 12 | 13 | exporters: 14 | debug: 15 | verbosity: detailed 16 | sampling_initial: 10000 17 | sampling_thereafter: 10000 18 | 19 | service: 20 | pipelines: 21 | logs: 22 | receivers: [filelog] 23 | processors: [resource] 24 | exporters: 25 | - debug -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/testdata/status/human_degraded: -------------------------------------------------------------------------------- 1 | ┌─ fleet 2 | │ └─ status: (HEALTHY) Connected 3 | └─ elastic-agent 4 | ├─ status: (DEGRADED) 1 or more components/units in a failed state 5 | └─ httpjson-default 6 | ├─ status: (HEALTHY) Healthy communicating with pid '2875' 7 | ├─ httpjson-default-httpjson-generic-ca7fa460-0bab-11ee-8598-c3f64dd59b06 8 | │ └─ status: (FAILED) [failed to reloading inputs: 1 error: Error creating runner from config: required 'object', but found 'string' in field 'processors.6'] 9 | └─ httpjson-default 10 | └─ status: (FAILED) [failed to reloading inputs: 1 error: Error creating runner from config: required 'object', but found 'string' in field 'processors.6'] 11 | -------------------------------------------------------------------------------- /internal/pkg/agent/cmd/testdata/status/human_healthy: -------------------------------------------------------------------------------- 1 | ┌─ fleet 2 | │ └─ status: (HEALTHY) Connected 3 | └─ elastic-agent 4 | └─ status: (HEALTHY) Running 5 | -------------------------------------------------------------------------------- /internal/pkg/agent/configuration/info.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package configuration 6 | 7 | // IsStandalone decides based on missing of fleet.enabled: true or fleet.{access_token,kibana} will place Elastic Agent into standalone mode. 8 | func IsStandalone(cfg *FleetAgentConfig) bool { 9 | return cfg == nil || !cfg.Enabled 10 | } 11 | 12 | // IsFleetServerBootstrap decides if Elastic Agent is started in bootstrap mode. 13 | func IsFleetServerBootstrap(cfg *FleetAgentConfig) bool { 14 | return cfg != nil && cfg.Server != nil && cfg.Server.Bootstrap 15 | } 16 | -------------------------------------------------------------------------------- /internal/pkg/agent/install/pkgmgr/pkgmgr_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build windows 6 | 7 | package pkgmgr 8 | 9 | // InstalledViaExternalPkgMgr returns false under windows 10 | func InstalledViaExternalPkgMgr() bool { 11 | return false 12 | } 13 | -------------------------------------------------------------------------------- /internal/pkg/agent/install/progress_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package install 6 | 7 | import ( 8 | "bytes" 9 | "testing" 10 | 11 | "github.com/stretchr/testify/require" 12 | ) 13 | 14 | func TestProgressSpinner(t *testing.T) { 15 | stringWriter := &bytes.Buffer{} 16 | 17 | spinner := CreateAndStartNewSpinner(stringWriter, "example") 18 | 19 | spinner.Describe("test input") 20 | 21 | res := stringWriter.String() 22 | require.Contains(t, res, "test input") 23 | } 24 | -------------------------------------------------------------------------------- /internal/pkg/agent/install/svc_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build windows 6 | 7 | package install 8 | 9 | func withPassword(password string) serviceOpt { 10 | return func(opts *serviceOpts) { 11 | opts.Password = password 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /internal/pkg/agent/install/switch_other.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !darwin 6 | 7 | package install 8 | 9 | import ( 10 | "github.com/schollz/progressbar/v3" 11 | 12 | "github.com/elastic/elastic-agent/pkg/utils" 13 | ) 14 | 15 | func switchPlatformMode(pt *progressbar.ProgressBar, ownership utils.FileOwner) error { 16 | return nil 17 | } 18 | -------------------------------------------------------------------------------- /internal/pkg/agent/install/testblocking/main.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package main 6 | 7 | import ( 8 | "math" 9 | "time" 10 | ) 11 | 12 | // Simple program that blocks forever to ensure exes running from a directory on Windows can be removed during uninstall. 13 | func main() { 14 | <-time.After(time.Duration(math.MaxInt64)) 15 | } 16 | -------------------------------------------------------------------------------- /internal/pkg/agent/install/uninstall_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package install 8 | 9 | import "os" 10 | 11 | func isBlockingOnExe(_ error) bool { 12 | return false 13 | } 14 | 15 | func removeBlockingExe(_ error) error { 16 | return nil 17 | } 18 | 19 | func isRetryableError(_ error) bool { 20 | return false 21 | } 22 | 23 | // killNoneChildProcess provides a way of killing a process that is not started as a child of this process. 24 | // 25 | // On Unix systems it just calls the native golang kill. 26 | func killNoneChildProcess(proc *os.Process) error { 27 | return proc.Kill() 28 | } 29 | -------------------------------------------------------------------------------- /internal/pkg/agent/install/user.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package install 6 | 7 | import "errors" 8 | 9 | var ( 10 | // ErrGroupNotFound returned when group is not found. 11 | ErrGroupNotFound = errors.New("group not found") 12 | // ErrUserNotFound returned when user is not found. 13 | ErrUserNotFound = errors.New("user not found") 14 | ) 15 | -------------------------------------------------------------------------------- /internal/pkg/agent/install/user_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package install 8 | 9 | import ( 10 | "testing" 11 | 12 | "github.com/stretchr/testify/assert" 13 | ) 14 | 15 | func TestEnsureRights(t *testing.T) { 16 | // no-op function testing for coverage 17 | assert.NoError(t, EnsureRights("custom")) 18 | } 19 | -------------------------------------------------------------------------------- /internal/pkg/agent/install/wait_service_other.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package install 8 | 9 | import ( 10 | "time" 11 | ) 12 | 13 | // isStopped waits until the service has stopped. On non Windows 14 | // systems this isn't necessary so just return. 15 | func isStopped(timeout time.Duration, interval time.Duration, service string) error { 16 | return nil 17 | } 18 | 19 | // EnsureServiceRemoved waits until the service has been removed. On non 20 | // Windows systems this isn't necessary so just return. 21 | func EnsureServiceRemoved(timeout time.Duration, interval time.Duration, service string) error { 22 | return nil 23 | } 24 | -------------------------------------------------------------------------------- /internal/pkg/agent/storage/handler_store.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package storage 6 | 7 | import "io" 8 | 9 | type handlerFunc func(io.Reader) error 10 | 11 | // HandlerStore take a function handler and wrap it into the store interface. 12 | type HandlerStore struct { 13 | fn handlerFunc 14 | } 15 | 16 | // NewHandlerStore takes a function and wrap it into an handlerStore. 17 | func NewHandlerStore(fn handlerFunc) *HandlerStore { 18 | return &HandlerStore{fn: fn} 19 | } 20 | 21 | // Save calls the handler. 22 | func (h *HandlerStore) Save(in io.Reader) error { 23 | return h.fn(in) 24 | } 25 | -------------------------------------------------------------------------------- /internal/pkg/agent/storage/null_store.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package storage 6 | 7 | import "io" 8 | 9 | // NullStore this is only use to split the work into multiples PRs. 10 | type NullStore struct{} 11 | 12 | // Save takes the fleetConfig and persist it, will return an errors on failure. 13 | func (m *NullStore) Save(_ io.Reader) error { 14 | return nil 15 | } 16 | -------------------------------------------------------------------------------- /internal/pkg/agent/storage/store/testdata/7.17.18-action_store_empty.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/internal/pkg/agent/storage/store/testdata/7.17.18-action_store_empty.yml -------------------------------------------------------------------------------- /internal/pkg/agent/storage/store/testdata/7.17.18-action_store_policy_change.yml: -------------------------------------------------------------------------------- 1 | action_id: abc123 2 | action_type: POLICY_CHANGE 3 | policy: 4 | answer: 42 5 | hello: world 6 | phi: 1.618 7 | a_map: 8 | - nested_map1: 9 | nested_map1_key1: value1 10 | nested_map1_key2: value2 11 | - nested_map2: 12 | nested_map2_key1: value1 13 | nested_map2_key2: value2 14 | -------------------------------------------------------------------------------- /internal/pkg/agent/storage/store/testdata/7.18.18-action_store_unenroll.yml: -------------------------------------------------------------------------------- 1 | action_id: f450373c-ea62-475c-98c5-26fa174d759f 2 | action_type: UNENROLL 3 | is_detected: false 4 | -------------------------------------------------------------------------------- /internal/pkg/agent/storage/store/testdata/7.18.18-action_store_unknown.yml: -------------------------------------------------------------------------------- 1 | action_id: u450373c-ea62-475c-98c5-26fa174d759u 2 | action_type: UNKNOWN 3 | -------------------------------------------------------------------------------- /internal/pkg/agent/storage/store/testdata/8.0.0-action_policy_change.yml: -------------------------------------------------------------------------------- 1 | ack_token: czlV93YBwdkt5lYhBY7S 2 | action: 3 | action_id: policy:POLICY-ID:1:1 4 | action_type: POLICY_CHANGE 5 | policy: 6 | answer: 42 7 | hello: world 8 | phi: 1.618 9 | a_map: 10 | - nested_map1: 11 | nested_map1_key1: value1 12 | nested_map1_key2: value2 13 | - nested_map2: 14 | nested_map2_key1: value1 15 | nested_map2_key2: value2 16 | action_queue: 17 | - action_id: action1 18 | type: UPGRADE 19 | start_time: "2024-02-19T17:48:40Z" 20 | expiration: "2025-02-19T17:48:40Z" 21 | version: 1.2.3 22 | source_uri: https://example.com 23 | retry_attempt: 1 24 | - action_id: action2 25 | type: UPGRADE 26 | start_time: "2024-02-19T17:48:40Z" 27 | expiration: "2025-02-19T17:48:40Z" 28 | version: 1.2.3 29 | source_uri: https://example.com 30 | retry_attempt: 1 31 | -------------------------------------------------------------------------------- /internal/pkg/agent/storage/store/testdata/8.0.0-action_unenroll.yml: -------------------------------------------------------------------------------- 1 | action: 2 | action_id: abc123 3 | action_type: UNENROLL 4 | is_detected: true 5 | ack_token: czlV93YBwdkt5lYhBY7S 6 | action_queue: 7 | - action_id: action1 8 | type: UPGRADE 9 | start_time: "2024-02-19T17:48:40Z" 10 | expiration: "2025-02-19T17:48:40Z" 11 | version: 1.2.3 12 | source_uri: https://example.com 13 | retry_attempt: 1 14 | - action_id: action2 15 | type: UPGRADE 16 | start_time: "2024-02-19T17:48:40Z" 17 | expiration: "2025-02-19T17:48:40Z" 18 | version: 1.2.3 19 | source_uri: https://example.com 20 | retry_attempt: 1 21 | -------------------------------------------------------------------------------- /internal/pkg/agent/storage/store/testdata/8.0.0-action_unknown.yml: -------------------------------------------------------------------------------- 1 | action: 2 | action_id: abc123 3 | action_type: UNKNOWN 4 | is_detected: true 5 | ack_token: czlV93YBwdkt5lYhBY7S 6 | action_queue: 7 | - action_id: action1 8 | type: UNKNOWN 9 | start_time: "2024-02-19T17:48:40Z" 10 | expiration: "2025-02-19T17:48:40Z" 11 | version: 1.2.3 12 | source_uri: https://example.com 13 | retry_attempt: 1 14 | - action_id: action2 15 | type: UNKNOWN 16 | start_time: "2024-02-19T17:48:40Z" 17 | expiration: "2025-02-19T17:48:40Z" 18 | version: 1.2.3 19 | source_uri: https://example.com 20 | retry_attempt: 1 21 | -------------------------------------------------------------------------------- /internal/pkg/agent/storage/store/testdata/8.0.0-empty.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/elastic-agent/b28dab807997008493e775bfd2472fc9e8eda542/internal/pkg/agent/storage/store/testdata/8.0.0-empty.yml -------------------------------------------------------------------------------- /internal/pkg/agent/transpiler/visitor.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package transpiler 6 | 7 | // Visitor defines the interface to use when visiting all the nodes in the Tree. 8 | type Visitor interface { 9 | OnDict() VisitorDict 10 | OnList() VisitorList 11 | OnStr(string) 12 | OnInt(int) 13 | OnUInt(uint64) 14 | OnFloat(float64) 15 | OnBool(bool) 16 | } 17 | 18 | // VisitorDict to use when visiting a Dict. 19 | type VisitorDict interface { 20 | OnKey(string) 21 | Visitor() Visitor 22 | OnValue(Visitor) 23 | OnComplete() 24 | } 25 | 26 | // VisitorList to use when visiting a List. 27 | type VisitorList interface { 28 | OnValue(Visitor) 29 | Visitor() Visitor 30 | OnComplete() 31 | } 32 | -------------------------------------------------------------------------------- /internal/pkg/basecmd/cmd.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package basecmd 6 | 7 | import ( 8 | "github.com/spf13/cobra" 9 | 10 | "github.com/elastic/elastic-agent/internal/pkg/basecmd/restart" 11 | "github.com/elastic/elastic-agent/internal/pkg/basecmd/version" 12 | "github.com/elastic/elastic-agent/internal/pkg/cli" 13 | ) 14 | 15 | // NewDefaultCommandsWithArgs returns a list of default commands to executes. 16 | func NewDefaultCommandsWithArgs(args []string, streams *cli.IOStreams) []*cobra.Command { 17 | return []*cobra.Command{ 18 | restart.NewCommandWithArgs(streams), 19 | version.NewCommandWithArgs(streams), 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /internal/pkg/basecmd/cmd_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package basecmd 6 | 7 | import ( 8 | "testing" 9 | 10 | "github.com/elastic/elastic-agent/internal/pkg/cli" 11 | ) 12 | 13 | func TestBaseCmd(t *testing.T) { 14 | streams, _, _, _ := cli.NewTestingIOStreams() 15 | NewDefaultCommandsWithArgs([]string{}, streams) 16 | } 17 | -------------------------------------------------------------------------------- /internal/pkg/capabilities/expr.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package capabilities 6 | 7 | import "strings" 8 | 9 | const ( 10 | wild = "*" 11 | separator = "/" 12 | ) 13 | 14 | func matchesExpr(pattern, target string) bool { 15 | if pattern == wild { 16 | return true 17 | } 18 | 19 | patternParts := strings.Split(pattern, separator) 20 | targetParts := strings.Split(target, separator) 21 | 22 | if len(patternParts) != len(targetParts) { 23 | return false 24 | } 25 | 26 | for i, pp := range patternParts { 27 | if pp == wild { 28 | continue 29 | } 30 | 31 | if pp != targetParts[i] { 32 | return false 33 | } 34 | } 35 | 36 | return true 37 | } 38 | -------------------------------------------------------------------------------- /internal/pkg/cli/flags.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package cli 6 | 7 | import "strings" 8 | 9 | const splitOn = "," 10 | 11 | // StringToSlice takes a string retrieve from a flag and return a slices splitted on comma and every 12 | // element has been trim of space. 13 | func StringToSlice(s string) []string { 14 | if len(s) == 0 { 15 | return make([]string, 0) 16 | } 17 | 18 | elements := strings.Split(s, splitOn) 19 | for i, v := range elements { 20 | elements[i] = strings.TrimSpace(v) 21 | } 22 | 23 | return elements 24 | } 25 | -------------------------------------------------------------------------------- /internal/pkg/cli/flags_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package cli 6 | 7 | import ( 8 | "testing" 9 | 10 | "github.com/stretchr/testify/assert" 11 | ) 12 | 13 | func TestStringToSlice(t *testing.T) { 14 | assert.Equal(t, []string{"hello", "world", "bye"}, StringToSlice("hello, world,bye")) 15 | assert.Equal(t, []string{"hello"}, StringToSlice("hello")) 16 | assert.Equal(t, []string{}, StringToSlice("")) 17 | } 18 | -------------------------------------------------------------------------------- /internal/pkg/cli/input.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package cli 6 | 7 | import ( 8 | "bufio" 9 | "errors" 10 | "fmt" 11 | "io" 12 | "os" 13 | ) 14 | 15 | // ReadInput shows the text and ask the user to provide input. 16 | func ReadInput(prompt string) (string, error) { 17 | reader := bufio.NewReader(os.Stdin) 18 | return input(reader, os.Stdout, prompt) 19 | } 20 | 21 | func input(r io.Reader, out io.Writer, prompt string) (string, error) { 22 | reader := bufio.NewScanner(r) 23 | fmt.Fprintf(out, "%s ", prompt) 24 | 25 | if !reader.Scan() { 26 | return "", errors.New("error reading user input") 27 | } 28 | return reader.Text(), nil 29 | } 30 | -------------------------------------------------------------------------------- /internal/pkg/composable/config.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package composable 6 | 7 | import ( 8 | "time" 9 | 10 | "github.com/elastic/elastic-agent/internal/pkg/config" 11 | ) 12 | 13 | // Config is config for multiple providers. 14 | type Config struct { 15 | Providers map[string]*config.Config `config:"providers"` 16 | ProvidersInitialDefault *bool `config:"agent.providers.initial_default"` 17 | ProvidersRestartInterval *time.Duration `config:"agent.providers.restart_interval"` 18 | ProvidersDefaultProvider *string `config:"agent.providers.default"` 19 | } 20 | -------------------------------------------------------------------------------- /internal/pkg/composable/providers/docker/config.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package docker 6 | 7 | import ( 8 | "time" 9 | 10 | "github.com/elastic/elastic-agent-autodiscover/docker" 11 | ) 12 | 13 | // Config for docker provider 14 | type Config struct { 15 | Host string `config:"host"` 16 | TLS *docker.TLSConfig `config:"ssl"` 17 | CleanupTimeout time.Duration `config:"cleanup_timeout" validate:"positive"` 18 | } 19 | 20 | // InitDefaults initializes the default values for the config. 21 | func (c *Config) InitDefaults() { 22 | c.Host = "unix:///var/run/docker.sock" 23 | c.CleanupTimeout = 60 * time.Second 24 | } 25 | -------------------------------------------------------------------------------- /internal/pkg/composable/testdata/agent.yaml: -------------------------------------------------------------------------------- 1 | id: 36806a7e-1981-4a55-a3b6-ec9dd1ad1a4c 2 | unprivileged: false 3 | version: 4 | build_time: 2024-09-12 21:13:27 +0000 UTC 5 | commit: d99b09b0769f6f34428321eedb00c0b4339c202b 6 | snapshot: true 7 | version: 9.0.0 8 | -------------------------------------------------------------------------------- /internal/pkg/composable/testdata/kubernetes.yaml: -------------------------------------------------------------------------------- 1 | annotations: {} 2 | labels: 3 | app: nginx 4 | pod-template-hash: d556c846c 5 | namespace: default 6 | namespace_labels: 7 | kubernetes_io/metadata_name: default 8 | namespace_uid: 65506782-932a-4ed7-874f-4b729b648b05 9 | node: 10 | hostname: kind 11 | labels: 12 | beta_kubernetes_io/arch: amd64 13 | beta_kubernetes_io/os: linux 14 | kubernetes_io/arch: amd64 15 | kubernetes_io/hostname: kind 16 | kubernetes_io/os: linux 17 | name: kind 18 | uid: 5a917c19-0789-419b-9b6d-7cf858e942e3 19 | pod: 20 | ip: 10.244.2.64 21 | name: nginx-d556c846c-sk9qt 22 | uid: 02ad1222-6edc-403a-8775-ec2b164a77bf 23 | replicaset: 24 | name: nginx-d556c846c 25 | scope: node 26 | -------------------------------------------------------------------------------- /internal/pkg/composable/testdata/path.yaml: -------------------------------------------------------------------------------- 1 | config: /usr/share/elastic-agent/state 2 | data: /usr/share/elastic-agent/state/data 3 | home: /usr/share/elastic-agent/state/data 4 | logs: /usr/share/elastic-agent 5 | -------------------------------------------------------------------------------- /internal/pkg/config/operations/svc_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package operations 8 | 9 | import "os" 10 | 11 | // RunningUnderSupervisor returns true when executing Agent is running under 12 | // the supervisor processes of the OS. 13 | func RunningUnderSupervisor() bool { 14 | return os.Getppid() == 1 15 | } 16 | -------------------------------------------------------------------------------- /internal/pkg/config/testdata/inputs/invalid-inputs.yml: -------------------------------------------------------------------------------- 1 | # this file is invalid because the inputs section is missing 2 | - data_stream: 3 | dataset: system.auth 4 | type: logs 5 | 6 | -------------------------------------------------------------------------------- /internal/pkg/config/testdata/inputs/log-inputs.yml: -------------------------------------------------------------------------------- 1 | inputs: 2 | - data_stream: 3 | dataset: system.auth 4 | type: logs 5 | exclude_files: [".gz$"] 6 | id: logfile-system.auth-my-id 7 | paths: 8 | - /var/log/auth.log* 9 | - /var/log/secure* 10 | use_output: default 11 | - data_stream: 12 | dataset: system.syslog 13 | type: logs 14 | type: logfile 15 | id: logfile-system.syslog-my-id 16 | exclude_files: [".gz$"] 17 | paths: 18 | - /var/log/messages* 19 | - /var/log/syslog* 20 | use_output: default 21 | -------------------------------------------------------------------------------- /internal/pkg/config/testdata/inputs/metrics-inputs.yml: -------------------------------------------------------------------------------- 1 | inputs: 2 | - data_stream: 3 | dataset: system.diskio 4 | type: metrics 5 | id: system/metrics-system.diskio-my-id 6 | metricsets: 7 | - diskio 8 | period: 10s 9 | - data_stream: 10 | dataset: system.filesystem 11 | type: metrics 12 | id: system/metrics-system.filesystem-my-id 13 | metricsets: 14 | - filesystem 15 | period: 30s 16 | 17 | -------------------------------------------------------------------------------- /internal/pkg/config/testdata/standalone-with-inputs.yml: -------------------------------------------------------------------------------- 1 | outputs: 2 | default: 3 | type: elasticsearch 4 | hosts: [127.0.0.1:9201] 5 | api_key: "my-secret-key" 6 | 7 | inputs: 8 | - type: system/metrics 9 | data_stream.namespace: default 10 | use_output: default 11 | streams: 12 | - metricset: cpu 13 | data_stream.dataset: system.cpu 14 | -------------------------------------------------------------------------------- /internal/pkg/config/testdata/standalone1.yml: -------------------------------------------------------------------------------- 1 | outputs: 2 | default: 3 | type: elasticsearch 4 | hosts: [127.0.0.1:9201] 5 | api_key: "my-secret-key" 6 | 7 | -------------------------------------------------------------------------------- /internal/pkg/config/testdata/standalone2.yml: -------------------------------------------------------------------------------- 1 | agent.logging.level: debug 2 | agent.logging.metrics.enabled: false 3 | 4 | -------------------------------------------------------------------------------- /internal/pkg/core/socket/dial.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package socket 8 | 9 | import ( 10 | "context" 11 | "net" 12 | ) 13 | 14 | // DialContext returns a function that can be used to dial a local unix-domain socket. 15 | func DialContext(socket string) func(context.Context, string, string) (net.Conn, error) { 16 | return func(ctx context.Context, _, _ string) (net.Conn, error) { 17 | var d net.Dialer 18 | d.LocalAddr = nil 19 | addr := net.UnixAddr{Name: socket, Net: "unix"} 20 | return d.DialContext(ctx, "unix", addr.String()) 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /internal/pkg/core/socket/dial_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build windows 6 | 7 | package socket 8 | 9 | import ( 10 | "context" 11 | "net" 12 | 13 | winio "github.com/Microsoft/go-winio" 14 | ) 15 | 16 | // DialContext returns a function that can be used to dial a local Windows npipe. 17 | func DialContext(socket string) func(context.Context, string, string) (net.Conn, error) { 18 | return func(ctx context.Context, _, _ string) (net.Conn, error) { 19 | return winio.DialPipeContext(ctx, `\\.\pipe\`+socket) 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /internal/pkg/core/socket/doc.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | // Package socket provides a DialContext function to access unix domain functions or windows npipes. 6 | package socket 7 | -------------------------------------------------------------------------------- /internal/pkg/crypto/io_opts_fips.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build requirefips 6 | 7 | package crypto 8 | 9 | import ( 10 | "errors" 11 | ) 12 | 13 | // Validate the options for encoding and decoding values. 14 | func (o *Option) Validate() error { 15 | if o.IVLength < 12 { 16 | return errors.New("IVLength must be at least 96 bits (12 bytes)") 17 | } 18 | 19 | if o.SaltLength < 16 { 20 | return errors.New("SaltLength must be at least 128 bits (16 bytes)") 21 | } 22 | 23 | if o.IterationsCount < 1000 { 24 | return errors.New("IterationsCount must be at least 1000") 25 | } 26 | 27 | if o.KeyLength < 14 { 28 | return errors.New("KeyLength must be at least 112 bits (14 bytes)") 29 | } 30 | 31 | return nil 32 | } 33 | -------------------------------------------------------------------------------- /internal/pkg/crypto/io_opts_nofips.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !requirefips 6 | 7 | package crypto 8 | 9 | import ( 10 | "errors" 11 | ) 12 | 13 | // Validate the options for encoding and decoding values. 14 | func (o *Option) Validate() error { 15 | if o.IVLength == 0 { 16 | return errors.New("IVLength must be superior to 0") 17 | } 18 | 19 | if o.SaltLength == 0 { 20 | return errors.New("SaltLength must be superior to 0") 21 | } 22 | 23 | if o.IterationsCount == 0 { 24 | return errors.New("IterationsCount must be superior to 0") 25 | } 26 | 27 | if o.KeyLength == 0 { 28 | return errors.New("KeyLength must be superior to 0") 29 | } 30 | 31 | return nil 32 | } 33 | -------------------------------------------------------------------------------- /internal/pkg/eql/methods_length.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package eql 6 | 7 | import "fmt" 8 | 9 | // length returns the length of the string, array, or dictionary 10 | func length(args []interface{}) (interface{}, error) { 11 | if len(args) != 1 { 12 | return nil, fmt.Errorf("length: accepts exactly 1 argument; received %d", len(args)) 13 | } 14 | switch a := args[0].(type) { 15 | case *null: 16 | return 0, nil 17 | case string: 18 | return len(a), nil 19 | case []interface{}: 20 | return len(a), nil 21 | case map[string]interface{}: 22 | return len(a), nil 23 | } 24 | return nil, fmt.Errorf("length: accepts only a string, array, or dictionary; received %T", args[0]) 25 | } 26 | -------------------------------------------------------------------------------- /internal/pkg/eql/parser/Eql.tokens: -------------------------------------------------------------------------------- 1 | T__0=1 2 | T__1=2 3 | T__2=3 4 | EQ=4 5 | NEQ=5 6 | GT=6 7 | LT=7 8 | GTE=8 9 | LTE=9 10 | ADD=10 11 | SUB=11 12 | MUL=12 13 | DIV=13 14 | MOD=14 15 | AND=15 16 | OR=16 17 | TRUE=17 18 | FALSE=18 19 | FLOAT=19 20 | NUMBER=20 21 | WHITESPACE=21 22 | NOT=22 23 | NAME=23 24 | VNAME=24 25 | STEXT=25 26 | DTEXT=26 27 | LPAR=27 28 | RPAR=28 29 | LARR=29 30 | RARR=30 31 | LDICT=31 32 | RDICT=32 33 | BEGIN_EVARIABLE=33 34 | BEGIN_VARIABLE=34 35 | '|'=1 36 | ','=2 37 | ':'=3 38 | '=='=4 39 | '!='=5 40 | '>'=6 41 | '<'=7 42 | '>='=8 43 | '<='=9 44 | '+'=10 45 | '-'=11 46 | '*'=12 47 | '/'=13 48 | '%'=14 49 | '('=27 50 | ')'=28 51 | '['=29 52 | ']'=30 53 | '{'=31 54 | '}'=32 55 | '$${'=33 56 | '${'=34 57 | -------------------------------------------------------------------------------- /internal/pkg/eql/parser/EqlLexer.tokens: -------------------------------------------------------------------------------- 1 | T__0=1 2 | T__1=2 3 | T__2=3 4 | EQ=4 5 | NEQ=5 6 | GT=6 7 | LT=7 8 | GTE=8 9 | LTE=9 10 | ADD=10 11 | SUB=11 12 | MUL=12 13 | DIV=13 14 | MOD=14 15 | AND=15 16 | OR=16 17 | TRUE=17 18 | FALSE=18 19 | FLOAT=19 20 | NUMBER=20 21 | WHITESPACE=21 22 | NOT=22 23 | NAME=23 24 | VNAME=24 25 | STEXT=25 26 | DTEXT=26 27 | LPAR=27 28 | RPAR=28 29 | LARR=29 30 | RARR=30 31 | LDICT=31 32 | RDICT=32 33 | BEGIN_EVARIABLE=33 34 | BEGIN_VARIABLE=34 35 | '|'=1 36 | ','=2 37 | ':'=3 38 | '=='=4 39 | '!='=5 40 | '>'=6 41 | '<'=7 42 | '>='=8 43 | '<='=9 44 | '+'=10 45 | '-'=11 46 | '*'=12 47 | '/'=13 48 | '%'=14 49 | '('=27 50 | ')'=28 51 | '['=29 52 | ']'=30 53 | '{'=31 54 | '}'=32 55 | '$${'=33 56 | '${'=34 57 | -------------------------------------------------------------------------------- /internal/pkg/fleetapi/acker/acker.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package acker 6 | 7 | import ( 8 | "context" 9 | 10 | "github.com/elastic/elastic-agent/internal/pkg/fleetapi" 11 | ) 12 | 13 | // Acker is an acker of actions to fleet. 14 | type Acker interface { 15 | Ack(ctx context.Context, action fleetapi.Action) error 16 | Commit(ctx context.Context) error 17 | } 18 | -------------------------------------------------------------------------------- /internal/pkg/fleetapi/acker/noop/noop_acker.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package noop 6 | 7 | import ( 8 | "context" 9 | 10 | "github.com/elastic/elastic-agent/internal/pkg/fleetapi/acker" 11 | 12 | "github.com/elastic/elastic-agent/internal/pkg/fleetapi" 13 | ) 14 | 15 | // noopAcker is a noop acker. 16 | // Methods of these acker do nothing. 17 | type noopAcker struct{} 18 | 19 | // New creates a new noop acker. 20 | func New() acker.Acker { 21 | return &noopAcker{} 22 | } 23 | 24 | // Ack acknowledges action. 25 | func (f *noopAcker) Ack(ctx context.Context, action fleetapi.Action) error { 26 | return nil 27 | } 28 | 29 | // Commit commits ack actions. 30 | func (*noopAcker) Commit(ctx context.Context) error { return nil } 31 | -------------------------------------------------------------------------------- /internal/pkg/fleetapi/custom_type.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package fleetapi 6 | 7 | import ( 8 | "encoding/json" 9 | "time" 10 | ) 11 | 12 | const timeFormat = time.RFC3339Nano 13 | 14 | // Time is a custom time that impose the serialization format. 15 | type Time time.Time 16 | 17 | // MarshalJSON make sure that all the times are serialized with the RFC3339 format. 18 | func (t Time) MarshalJSON() ([]byte, error) { 19 | return json.Marshal(time.Time(t).Format(timeFormat)) 20 | } 21 | -------------------------------------------------------------------------------- /internal/pkg/fleetapi/custom_type_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package fleetapi 6 | 7 | import ( 8 | "encoding/json" 9 | "testing" 10 | "time" 11 | 12 | "github.com/stretchr/testify/require" 13 | ) 14 | 15 | func TestTimeSerialized(t *testing.T) { 16 | then := time.Date( 17 | 2020, 1, 8, 6, 30, 00, 651387237, time.UTC) 18 | 19 | b, err := json.Marshal(Time(then)) 20 | require.NoError(t, err) 21 | 22 | require.Equal(t, "\"2020-01-08T06:30:00.651387237Z\"", string(b)) 23 | } 24 | -------------------------------------------------------------------------------- /internal/pkg/id/generate.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package id 6 | 7 | import ( 8 | "crypto/rand" 9 | "time" 10 | 11 | "github.com/oklog/ulid/v2" 12 | ) 13 | 14 | // ID represents a unique ID. 15 | type ID = ulid.ULID 16 | 17 | // Generate returns and ID or an error if we cannot generate an ID. 18 | func Generate() (ID, error) { 19 | t := time.Now() 20 | entropy := ulid.Monotonic(rand.Reader, 0) 21 | return ulid.New(ulid.Timestamp(t), entropy) 22 | } 23 | -------------------------------------------------------------------------------- /internal/pkg/id/generate_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package id 6 | 7 | import ( 8 | "testing" 9 | 10 | "github.com/stretchr/testify/require" 11 | ) 12 | 13 | func TestGenerate(t *testing.T) { 14 | id, err := Generate() 15 | require.NoError(t, err) 16 | require.NotNil(t, id) 17 | } 18 | -------------------------------------------------------------------------------- /internal/pkg/otel/components_fips.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build requirefips 6 | 7 | package otel 8 | 9 | import ( 10 | "go.opentelemetry.io/collector/exporter" 11 | "go.opentelemetry.io/collector/receiver" 12 | ) 13 | 14 | func addNonFipsReceivers(receivers []receiver.Factory) []receiver.Factory { 15 | // do not add non fips receivers in fips mode 16 | return receivers 17 | } 18 | 19 | func addNonFipsExporters(exporters []exporter.Factory) []exporter.Factory { 20 | // do not add non fips exporters in fips mode 21 | return exporters 22 | } 23 | -------------------------------------------------------------------------------- /internal/pkg/otel/testdata/all-components.windows.yml: -------------------------------------------------------------------------------- 1 | exporters: 2 | file: 3 | path: ${env:TMP}\file-exporter-output.json -------------------------------------------------------------------------------- /internal/pkg/otel/testdata/nonexistent-component.yml: -------------------------------------------------------------------------------- 1 | receivers: 2 | otlp: 3 | protocols: 4 | grpc: 5 | 6 | exporters: 7 | debug: 8 | 9 | extensions: 10 | zpages: 11 | 12 | service: 13 | extensions: 14 | - zpages 15 | pipelines: 16 | logs: 17 | exporters: 18 | - debug 19 | receivers: 20 | - otlp 21 | -------------------------------------------------------------------------------- /internal/pkg/otel/testdata/otel.yml: -------------------------------------------------------------------------------- 1 | receivers: 2 | filelog: 3 | include: [ /var/log/system.log ] 4 | start_at: beginning 5 | 6 | processors: 7 | resource: 8 | attributes: 9 | - key: service.name 10 | action: insert 11 | value: elastic-otel-test 12 | 13 | exporters: 14 | debug: 15 | verbosity: detailed 16 | sampling_initial: 10000 17 | sampling_thereafter: 10000 18 | 19 | service: 20 | pipelines: 21 | logs: 22 | receivers: [filelog] 23 | processors: [resource] 24 | exporters: 25 | - debug 26 | -------------------------------------------------------------------------------- /internal/pkg/otel/testdata/otlp.yml: -------------------------------------------------------------------------------- 1 | receivers: 2 | filelog: 3 | include: [ /var/log/system.log ] 4 | start_at: beginning 5 | 6 | processors: 7 | resource: 8 | attributes: 9 | - key: service.name 10 | action: insert 11 | value: elastic-otel-test 12 | 13 | exporters: 14 | debug: 15 | verbosity: detailed 16 | sampling_initial: 10000 17 | sampling_thereafter: 10000 18 | 19 | service: 20 | telemetry: 21 | logs: 22 | output_paths: ["stderr"] 23 | pipelines: 24 | logs: 25 | receivers: [filelog] 26 | processors: [resource] 27 | exporters: 28 | - debug 29 | -------------------------------------------------------------------------------- /internal/pkg/otel/validate.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package otel 6 | 7 | import ( 8 | "context" 9 | 10 | "go.opentelemetry.io/collector/otelcol" 11 | 12 | "github.com/elastic/elastic-agent/internal/pkg/release" 13 | ) 14 | 15 | func Validate(ctx context.Context, configPaths []string) error { 16 | settings := NewSettings(release.Version(), configPaths) 17 | col, err := otelcol.NewCollector(*settings) 18 | if err != nil { 19 | return err 20 | } 21 | return col.DryRun(ctx) 22 | } 23 | -------------------------------------------------------------------------------- /internal/pkg/release/upgrade.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package release 6 | 7 | // Upgradeable return true when release is built specifically for upgrading. 8 | func Upgradeable() bool { 9 | return allowUpgrade == "true" 10 | } 11 | -------------------------------------------------------------------------------- /internal/pkg/remote/testdata/.gitignore: -------------------------------------------------------------------------------- 1 | ca.key 2 | -------------------------------------------------------------------------------- /internal/pkg/remote/testdata/README.md: -------------------------------------------------------------------------------- 1 | The certificates and private keys in this folder are intended for use by unit tests in the parent folder. 2 | 3 | In particular, the `TestClientWithCertificate` unit test uses certificates and private keys from this folder. Note 4 | that this test is expected to run in FIPS mode due to the `requirefips` build tag on the file containing the test. 5 | In FIPS mode, it is not possible to generate insecure keys and their corresponding certificates in test code. Therefore, 6 | the `agent_insecure.key` and `agent_insecure.crt` have been manually generated and stored in this folder. The other keys 7 | and certificates in this folder are all secure (from a FIPS perspective) and could be generated in test code; however, 8 | they are also manually generated for simplifying the test code and since we already have a manually-generated insecure 9 | key and certificate in this folder anyway. 10 | -------------------------------------------------------------------------------- /otel.yml: -------------------------------------------------------------------------------- 1 | receivers: 2 | filelog: 3 | include: [ /var/log/system.log ] 4 | start_at: beginning 5 | storage: file_storage/filelogreceiver 6 | 7 | processors: 8 | resource: 9 | attributes: 10 | - key: service.name 11 | action: insert 12 | value: elastic-otel-test 13 | 14 | exporters: 15 | debug: 16 | verbosity: detailed 17 | sampling_initial: 10000 18 | sampling_thereafter: 10000 19 | 20 | extensions: 21 | memory_limiter: 22 | check_interval: 1s 23 | limit_mib: 700 24 | spike_limit_mib: 180 25 | health_check: 26 | endpoint: "localhost:13133" 27 | path: "/health/status" 28 | file_storage/filelogreceiver: 29 | create_directory: true 30 | directory: ${env:STATE_PATH} 31 | 32 | service: 33 | extensions: [health_check, memory_limiter, file_storage/filelogreceiver] 34 | pipelines: 35 | logs: 36 | receivers: [filelog] 37 | processors: [resource] 38 | exporters: 39 | - debug -------------------------------------------------------------------------------- /pkg/api/v1/api.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | // Package v1 contains definitions for elastic-agent/v1 objects 6 | package v1 7 | 8 | const VERSION = "co.elastic.agent/v1" 9 | 10 | type apiObject struct { 11 | Version string `yaml:"version" json:"version"` 12 | Kind string `yaml:"kind" json:"kind"` 13 | } 14 | -------------------------------------------------------------------------------- /pkg/component/error.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package component 6 | 7 | // ErrorReason is an error that can be marshalled/unmarshalled to and from YAML. 8 | type ErrorReason struct { 9 | Reason string 10 | } 11 | 12 | func newError(reason string) error { 13 | return &ErrorReason{Reason: reason} 14 | } 15 | 16 | func (e *ErrorReason) Error() string { 17 | return e.Reason 18 | } 19 | 20 | func (e *ErrorReason) MarshalYAML() (interface{}, error) { 21 | return e.Reason, nil 22 | } 23 | 24 | func (e *ErrorReason) UnmarshalYAML(unmarshal func(interface{}) error) error { 25 | var s string 26 | err := unmarshal(&s) 27 | if err != nil { 28 | return err 29 | } 30 | e.Reason = s 31 | return nil 32 | } 33 | -------------------------------------------------------------------------------- /pkg/component/platforms_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package component 6 | 7 | import ( 8 | "testing" 9 | 10 | "github.com/stretchr/testify/assert" 11 | ) 12 | 13 | func TestLoadPlatformDetail(t *testing.T) { 14 | platformDetail, err := LoadPlatformDetail() 15 | assert.NoError(t, err) 16 | assert.NotEmpty(t, platformDetail) 17 | } 18 | -------------------------------------------------------------------------------- /pkg/component/runtime/conn_info_server_unix_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package runtime 8 | 9 | import ( 10 | "net" 11 | "net/url" 12 | ) 13 | 14 | func dialLocal(address string) (net.Conn, error) { 15 | var u *url.URL 16 | u, err := url.Parse(address) 17 | if err != nil { 18 | return nil, err 19 | } 20 | return net.Dial("unix", u.Path) 21 | } 22 | -------------------------------------------------------------------------------- /pkg/component/runtime/conn_info_server_windows_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build windows 6 | 7 | package runtime 8 | 9 | import ( 10 | "net" 11 | 12 | "github.com/Microsoft/go-winio" 13 | 14 | "github.com/elastic/elastic-agent-libs/api/npipe" 15 | ) 16 | 17 | func dialLocal(address string) (net.Conn, error) { 18 | return winio.DialPipe(npipe.TransformString(address), nil) 19 | } 20 | -------------------------------------------------------------------------------- /pkg/control/time.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package control 6 | 7 | // TimeFormat returns the time format shared between the protocol. 8 | func TimeFormat() string { 9 | return "2006-01-02 15:04:05 -0700 MST" 10 | } 11 | -------------------------------------------------------------------------------- /pkg/control/v2/server/listener.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package server 6 | 7 | import ( 8 | "net" 9 | 10 | "github.com/elastic/elastic-agent/pkg/control" 11 | "github.com/elastic/elastic-agent/pkg/core/logger" 12 | "github.com/elastic/elastic-agent/pkg/ipc" 13 | ) 14 | 15 | func createListener(log *logger.Logger) (net.Listener, error) { 16 | return ipc.CreateListener(log, control.Address()) 17 | } 18 | 19 | func cleanupListener(log *logger.Logger) { 20 | ipc.CleanupListener(log, control.Address()) 21 | } 22 | -------------------------------------------------------------------------------- /pkg/core/process/config.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package process 6 | 7 | import "time" 8 | 9 | // Config for fine tuning new process 10 | type Config struct { 11 | SpawnTimeout time.Duration `yaml:"spawn_timeout" config:"spawn_timeout"` 12 | StopTimeout time.Duration `yaml:"stop_timeout" config:"stop_timeout"` 13 | FailureTimeout time.Duration `yaml:"failure_timeout" config:"failure_timeout"` 14 | 15 | // TODO: cgroups and namespaces 16 | } 17 | 18 | // DefaultConfig creates a config with pre-set default values. 19 | func DefaultConfig() *Config { 20 | return &Config{ 21 | SpawnTimeout: 30 * time.Second, 22 | StopTimeout: 30 * time.Second, 23 | FailureTimeout: 10 * time.Second, 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /pkg/core/process/external_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package process 8 | 9 | import ( 10 | "os" 11 | "syscall" 12 | "time" 13 | ) 14 | 15 | // externalProcess is a watch mechanism used in cases where OS requires a process to be a child 16 | // for waiting for process. We need to be able to await any process. 17 | func externalProcess(proc *os.Process) { 18 | if proc == nil { 19 | return 20 | } 21 | 22 | for { 23 | <-time.After(1 * time.Second) 24 | if proc.Signal(syscall.Signal(0)) != nil { 25 | // failed to contact process, return 26 | return 27 | } 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /pkg/core/process/job_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package process 8 | 9 | import ( 10 | "os" 11 | ) 12 | 13 | // Job is noop on unix 14 | type Job int 15 | 16 | var ( 17 | // JobObject is public global JobObject, 0 value on linux 18 | JobObject Job 19 | ) 20 | 21 | // CreateJobObject returns a job object. 22 | func CreateJobObject() (pj Job, err error) { 23 | return pj, err 24 | } 25 | 26 | // NewJob is noop on unix 27 | func NewJob() (Job, error) { 28 | return 0, nil 29 | } 30 | 31 | // Close is noop on unix 32 | func (job Job) Close() error { 33 | return nil 34 | } 35 | 36 | // Assign is noop on unix 37 | func (job Job) Assign(p *os.Process) error { 38 | return nil 39 | } 40 | -------------------------------------------------------------------------------- /pkg/core/process/testsignal/main.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package main 6 | 7 | import ( 8 | "log" 9 | "os" 10 | "os/signal" 11 | "syscall" 12 | ) 13 | 14 | var name string 15 | 16 | func main() { 17 | if len(os.Args) == 1 { 18 | log.Println("Usage: ./testsignal [name]") 19 | os.Exit(1) 20 | } 21 | 22 | name = os.Args[1] 23 | log.Printf("[%s] Starting, PID %d", name, os.Getpid()) 24 | defer log.Printf("[%s] Done", name) 25 | 26 | signals := make(chan os.Signal, 1) 27 | signal.Notify(signals, syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT, syscall.SIGHUP) 28 | 29 | log.Printf("[%s] Wait for signal", name) 30 | s := <-signals 31 | log.Printf("[%s] Got signal: %s", name, s) 32 | } 33 | -------------------------------------------------------------------------------- /pkg/core/process/testsignal/proc.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package main 8 | 9 | import ( 10 | "os/exec" 11 | "syscall" 12 | ) 13 | 14 | func stopCmd(cmd *exec.Cmd) error { 15 | return cmd.Process.Signal(syscall.SIGINT) 16 | } 17 | 18 | func getSysProcAttr() *syscall.SysProcAttr { 19 | return &syscall.SysProcAttr{} 20 | } 21 | -------------------------------------------------------------------------------- /pkg/core/process/testsignal/proc_win.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build windows 6 | 7 | package main 8 | 9 | import ( 10 | "os/exec" 11 | "syscall" 12 | 13 | "golang.org/x/sys/windows" 14 | ) 15 | 16 | func stopCmd(cmd *exec.Cmd) error { 17 | return windows.GenerateConsoleCtrlEvent(windows.CTRL_BREAK_EVENT, uint32(cmd.Process.Pid)) 18 | } 19 | 20 | func getSysProcAttr() *syscall.SysProcAttr { 21 | return &syscall.SysProcAttr{ 22 | // This disables the child from receiveing CTRL_C events 23 | // But isolates other siganls from us, aka the parent 24 | CreationFlags: windows.CREATE_NEW_PROCESS_GROUP, 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /pkg/testing/common/batch.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package common 6 | 7 | import ( 8 | "github.com/elastic/elastic-agent/pkg/testing/define" 9 | ) 10 | 11 | // OSBatch defines the mapping between a SupportedOS and a define.Batch. 12 | type OSBatch struct { 13 | // ID is the unique ID for the batch. 14 | ID string 15 | // LayoutOS provides all the OS information to create an instance. 16 | OS SupportedOS 17 | // Batch defines the batch of tests to run on this layout. 18 | Batch define.Batch 19 | // Skip defines if this batch will be skipped because no supported layout exists yet. 20 | Skip bool 21 | } 22 | -------------------------------------------------------------------------------- /pkg/testing/common/build.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package common 6 | 7 | // Build describes a build and its paths. 8 | type Build struct { 9 | // Version of the Elastic Agent build. 10 | Version string 11 | // Type of OS this build is for. 12 | Type string 13 | // Arch is architecture this build is for. 14 | Arch string 15 | // Path is the path to the build. 16 | Path string 17 | // SHA512 is the path to the SHA512 file. 18 | SHA512Path string 19 | } 20 | -------------------------------------------------------------------------------- /pkg/testing/common/logger.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package common 6 | 7 | // Logger is a simple logging interface used by each runner type. 8 | type Logger interface { 9 | // Logf logs the message for this runner. 10 | Logf(format string, args ...any) 11 | } 12 | -------------------------------------------------------------------------------- /pkg/testing/common/supported.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package common 6 | 7 | import "github.com/elastic/elastic-agent/pkg/testing/define" 8 | 9 | // SupportedOS maps a OS definition to a OSRunner. 10 | type SupportedOS struct { 11 | define.OS 12 | 13 | // Runner is the runner to use for the OS. 14 | Runner OSRunner 15 | } 16 | -------------------------------------------------------------------------------- /pkg/testing/define/define_all.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !define && !local && !kubernetes 6 | 7 | package define 8 | 9 | import ( 10 | "testing" 11 | ) 12 | 13 | func defineAction(t *testing.T, req Requirements) *Info { 14 | return runOrSkip(t, req, false, false) 15 | } 16 | -------------------------------------------------------------------------------- /pkg/testing/define/define_kubernetes.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build kubernetes && !define && !local 6 | 7 | package define 8 | 9 | import ( 10 | "testing" 11 | ) 12 | 13 | func defineAction(t *testing.T, req Requirements) *Info { 14 | return runOrSkip(t, req, false, true) 15 | } 16 | -------------------------------------------------------------------------------- /pkg/testing/define/define_local.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build local && !define && !kubernetes 6 | 7 | package define 8 | 9 | import ( 10 | "testing" 11 | ) 12 | 13 | func defineAction(t *testing.T, req Requirements) *Info { 14 | return runOrSkip(t, req, true, false) 15 | } 16 | -------------------------------------------------------------------------------- /pkg/testing/ess/create_deployment_csp_configuration.yaml: -------------------------------------------------------------------------------- 1 | gcp: 2 | integrations_server_conf_id: "gcp.integrationsserver.n2.68x32x45" 3 | elasticsearch_conf_id: "gcp.es.datahot.n2.68x10x45" 4 | elasticsearch_deployment_template_id: "gcp-storage-optimized" 5 | kibana_instance_configuration_id: "gcp.kibana.n2.68x32x45" 6 | azure: 7 | integrations_server_conf_id: "azure.integrationsserver.fsv2" 8 | elasticsearch_conf_id: "azure.es.datahot.edsv4" 9 | elasticsearch_deployment_template_id: "azure-storage-optimized" 10 | kibana_instance_configuration_id: "azure.kibana.fsv2" 11 | aws: 12 | integrations_server_conf_id: "aws.integrationsserver.c5d" 13 | elasticsearch_conf_id: "aws.es.datahot.i3" 14 | elasticsearch_deployment_template_id: "aws-storage-optimized" 15 | kibana_instance_configuration_id: "aws.kibana.c5d" -------------------------------------------------------------------------------- /pkg/testing/ess/doc.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package ess 6 | 7 | /* 8 | This package defines a minimal Elastic Cloud (ESS) client. This client is intended 9 | for use by the integration testing framework. 10 | */ 11 | -------------------------------------------------------------------------------- /pkg/testing/ssh/file.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package ssh 6 | 7 | type fileContentsOpts struct { 8 | command string 9 | } 10 | 11 | // FileContentsOpt provides an option to modify how fetching files from the remote host work. 12 | type FileContentsOpt func(opts *fileContentsOpts) 13 | 14 | // WithContentFetchCommand changes the command to use for fetching the file contents. 15 | func WithContentFetchCommand(command string) FileContentsOpt { 16 | return func(opts *fileContentsOpts) { 17 | opts.command = command 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /pkg/testing/tools/product_versions/testdata/filter.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use this script to update the `expected-versions.txt` file when you change `versions.json` 4 | cat versions.json | jq -c '.[][]' | grep 'bltce270507523f4c56' | jq -r '.version_number' > expected-versions.txt 5 | -------------------------------------------------------------------------------- /pkg/utils/root_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package utils 8 | 9 | import "os" 10 | 11 | const ( 12 | // PermissionUser is the permission level the user needs to be. 13 | PermissionUser = "root" 14 | ) 15 | 16 | // HasRoot returns true if the user has root permissions. 17 | // Added extra `nil` value to return since the HasRoot for windows will return an error as well 18 | func HasRoot() (bool, error) { 19 | return os.Geteuid() == 0, nil 20 | } 21 | -------------------------------------------------------------------------------- /pkg/utils/root_windows_test.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build windows 6 | 7 | package utils 8 | 9 | import ( 10 | "testing" 11 | 12 | "github.com/stretchr/testify/assert" 13 | ) 14 | 15 | func TestHasRoot(t *testing.T) { 16 | t.Run("check if user is admin", func(t *testing.T) { 17 | _, err := HasRoot() 18 | assert.NoError(t, err) 19 | }) 20 | } 21 | -------------------------------------------------------------------------------- /sonar-project.properties: -------------------------------------------------------------------------------- 1 | sonar.projectKey=elastic_elastic-agent_AYluowg0xMq8P7b4moiZ 2 | sonar.host.url=https://sonar.elastic.dev 3 | 4 | sonar.sources=. 5 | sonar.exclusions=.git/**, dev-tools/**, /magefile.go, changelog/**, \ 6 | _meta/**, deploy/**, docs/**, img/**, specs/**, \ 7 | */*_test.go, pkg/testing/**, pkg/component/fake/**, testing/**, **/mocks/*.go, \ 8 | pkg/control/v1/proto/*.pb.go, pkg/control/v2/cproto/*.pb.go 9 | sonar.tests=. 10 | sonar.test.inclusions=**/*_test.go 11 | 12 | sonar.go.tests.reportPaths=build/TEST-go-unit.out.json 13 | sonar.go.coverage.reportPaths=**/build/TEST-*.cov 14 | sonar.go.exclusions=**/vendor/**,**/*_mock.go 15 | 16 | sonar.sourceEncoding=UTF-8 17 | 18 | # Prevent C analysis 19 | sonar.c.file.suffixes=- 20 | sonar.cpp.file.suffixes=- 21 | sonar.objc.file.suffixes=- 22 | -------------------------------------------------------------------------------- /specs/README.md: -------------------------------------------------------------------------------- 1 | # Spec files for agent-managed components 2 | 3 | For details on the structure of component spec files, see `docs/component-specs.md`. 4 | -------------------------------------------------------------------------------- /specs/apm-server.spec.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | component_files: 3 | - "java-attarcher.jar" 4 | - "install-service.ps1" 5 | - "uninstall-service.ps1" 6 | inputs: 7 | - name: apm 8 | description: "APM Server" 9 | platforms: 10 | - linux/amd64 11 | - linux/arm64 12 | - darwin/amd64 13 | - darwin/arm64 14 | - windows/amd64 15 | - container/amd64 16 | - container/arm64 17 | outputs: 18 | - elasticsearch 19 | - kafka 20 | - logstash 21 | - redis 22 | command: 23 | args: 24 | - "-E" 25 | - "management.enabled=true" 26 | - "-E" 27 | - "gc_percent=${APMSERVER_GOGC:100}" 28 | - "-E" 29 | - "logging.level=info" 30 | - "-E" 31 | - "logging.to_stderr=true" 32 | -------------------------------------------------------------------------------- /specs/connectors.spec.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | inputs: 3 | - name: connectors-py 4 | description: "Connectors Python" 5 | platforms: 6 | - linux/amd64 7 | - linux/arm64 8 | - container/amd64 9 | - container/arm64 10 | outputs: 11 | - elasticsearch 12 | command: 13 | restart_monitoring_period: 5s 14 | maximum_restarts_per_period: 1 15 | timeouts: 16 | restart: 1s 17 | args: [] 18 | -------------------------------------------------------------------------------- /specs/fleet-server.spec.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | inputs: 3 | - name: fleet-server 4 | description: "Fleet Server" 5 | platforms: 6 | - linux/amd64 7 | - linux/arm64 8 | - darwin/amd64 9 | - darwin/arm64 10 | - windows/amd64 11 | - container/amd64 12 | - container/arm64 13 | outputs: 14 | - elasticsearch 15 | command: 16 | args: 17 | - "--agent-mode" 18 | - "-E" 19 | - "logging.level=debug" 20 | - "-E" 21 | - "logging.to_stderr=true" 22 | -------------------------------------------------------------------------------- /specs/pf-elastic-collector.spec.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | inputs: 3 | - name: pf-elastic-collector 4 | description: "Universal Profiling Collector" 5 | platforms: 6 | - linux/amd64 7 | - linux/arm64 8 | - container/amd64 9 | - container/arm64 10 | outputs: 11 | - elasticsearch 12 | command: 13 | args: 14 | - "-elastic" 15 | -------------------------------------------------------------------------------- /specs/pf-elastic-symbolizer.spec.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | inputs: 3 | - name: pf-elastic-symbolizer 4 | description: "Universal Profiling Symbolizer" 5 | platforms: 6 | - linux/amd64 7 | - linux/arm64 8 | - container/amd64 9 | - container/arm64 10 | outputs: 11 | - elasticsearch 12 | command: 13 | args: 14 | - "-elastic" 15 | -------------------------------------------------------------------------------- /specs/pf-host-agent.spec.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | inputs: 3 | - name: pf-host-agent 4 | description: "Universal Profiling Agent" 5 | platforms: 6 | - linux/amd64 7 | - linux/arm64 8 | - container/amd64 9 | - container/arm64 10 | outputs: 11 | - elasticsearch 12 | runtime: 13 | preventions: 14 | - condition: ${user.root} == false 15 | message: "Elastic Agent must be running as root" 16 | command: 17 | args: 18 | - "-elastic" 19 | -------------------------------------------------------------------------------- /test_infra/ess/.gitignore: -------------------------------------------------------------------------------- 1 | .terraform 2 | terraform.tfstate 3 | terraform.tfstate.backup 4 | .terraform.lock.hcl -------------------------------------------------------------------------------- /test_infra/ess/output.tf: -------------------------------------------------------------------------------- 1 | output "cloud_id" { 2 | value = ec_deployment.integration-testing.elasticsearch.cloud_id 3 | description = "Cloud ID (cloud_id)" 4 | } 5 | 6 | output "es_password" { 7 | value = ec_deployment.integration-testing.elasticsearch_password 8 | description = "Password (cloud_id)" 9 | sensitive = true 10 | } 11 | 12 | output "es_username" { 13 | value = ec_deployment.integration-testing.elasticsearch_username 14 | description = "Password (cloud_id)" 15 | sensitive = true 16 | } 17 | 18 | output "es_host" { 19 | value = ec_deployment.integration-testing.elasticsearch.https_endpoint 20 | description = "" 21 | } 22 | 23 | output "kibana_endpoint" { 24 | value = ec_deployment.integration-testing.kibana.https_endpoint 25 | } 26 | 27 | output "integrations_server_endpoint" { 28 | value = ec_deployment.integration-testing.integrations_server.https_endpoint 29 | } 30 | -------------------------------------------------------------------------------- /test_infra/ess/terraform.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_version = ">= 1.0.0" 3 | 4 | required_providers { 5 | ec = { 6 | source = "elastic/ec" 7 | version = ">= 0.10.0" 8 | } 9 | random = { 10 | source = "hashicorp/random" 11 | version = "~> 3.5" 12 | } 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /testing/.gitignore: -------------------------------------------------------------------------------- 1 | e2e/cluster-digest.yml 2 | e2e/cluster-info.json 3 | e2e_testing 4 | e2e/elastic-agent-*/ 5 | !elastic-agent.yml.tpl 6 | e2e/*.gz 7 | e2e/infra 8 | .integration-cache 9 | .ogc-cache 10 | e2e/e2e_artifacts 11 | -------------------------------------------------------------------------------- /testing/environments/cloud/.gitignore: -------------------------------------------------------------------------------- 1 | *.auto.tfvars 2 | -------------------------------------------------------------------------------- /testing/environments/cloud/docker_image.auto.tfvars.sample: -------------------------------------------------------------------------------- 1 | docker_image_override={"elasticsearch":"docker.elastic.co/cloud-release/elasticsearch-cloud-ess","kibana":"docker.elastic.co/cloud-release/kibana-cloud","agent":"docker.elastic.co/observability-ci/elastic-agent"} 2 | docker_image_tag_override={"elasticsearch":"8.6.0-f96862e0-SNAPSHOT","kibana":"8.6.0-f96862e0-SNAPSHOT","agent":"mysampletag"} -------------------------------------------------------------------------------- /testing/environments/cloud/terraform.tfvars: -------------------------------------------------------------------------------- 1 | integrations_server=false 2 | stack_version="7.17.8-c416a4cb-SNAPSHOT" -------------------------------------------------------------------------------- /testing/environments/infra/terraform/modules/ec_deployment/.gitignore: -------------------------------------------------------------------------------- 1 | scripts/enable_expvar.sh 2 | scripts/secret_token.sh 3 | scripts/index_shards.sh 4 | scripts/custom-apm-integration-pkg.sh 5 | scripts/drop_pipeline.sh 6 | -------------------------------------------------------------------------------- /testing/environments/infra/terraform/modules/ec_deployment/header.md: -------------------------------------------------------------------------------- 1 | # Elastic Cloud Deployment module 2 | 3 | This module can be used to create an opinionated Elastic Cloud deployment with the configured inputs. 4 | It requires access to either ESS or an ECE installation. To see which environment variables can be 5 | used to configure the module, please refer to the [EC Provider docs](https://registry.terraform.io/providers/elastic/ec/latest/docs#authentication). 6 | -------------------------------------------------------------------------------- /testing/environments/infra/terraform/modules/ec_deployment/scripts/custom-apm-integration-pkg.tftpl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | KIBANA_ENDPOINT=${kibana_url}/api/fleet/epm/packages 4 | KIBANA_AUTH=elastic:${elastic_password} 5 | 6 | curl -s \ 7 | -X POST \ 8 | -u $${KIBANA_AUTH} \ 9 | -H "Content-Type: application/zip" \ 10 | -H "kbn-xsrf:1" \ 11 | --data-binary @${custom_apm_integration_pkg_path} \ 12 | $${KIBANA_ENDPOINT} 13 | -------------------------------------------------------------------------------- /testing/environments/infra/terraform/modules/ec_deployment/scripts/drop_pipeline.tftpl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eo 4 | 5 | ingest_pipelines=("logs-apm.app@custom" "logs-apm.error@custom" "metrics-apm.app@custom" "metrics-apm.internal@custom" "traces-apm.rum@custom" "traces-apm@custom") 6 | 7 | for tpl in $${ingest_pipelines[@]}; do 8 | curl -s --fail-with-body -H 'Content-Type: application/json' -XPUT -u ${elasticsearch_username}:${elasticsearch_password} "${elasticsearch_url}/_ingest/pipeline/$${tpl}" -d '{ 9 | "processors": [ 10 | { 11 | "drop": {} 12 | } 13 | ] 14 | }' 15 | done 16 | -------------------------------------------------------------------------------- /testing/environments/infra/terraform/modules/ec_deployment/scripts/index_shards.tftpl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -eo 4 | 5 | component_templates=("logs-apm.app@custom" "logs-apm.error@custom" "metrics-apm.app@custom" "metrics-apm.internal@custom" "traces-apm.rum@custom" "traces-apm@custom") 6 | 7 | for tpl in $${component_templates[@]}; do 8 | curl -s -H 'Content-Type: application/json' --fail -XPUT -u ${elasticsearch_username}:${elasticsearch_password} "${elasticsearch_url}/_component_template/$${tpl}" -d '{ 9 | "template": { 10 | "settings": { 11 | "index": { 12 | "number_of_shards": "${shards}" 13 | } 14 | } 15 | }, 16 | "_meta": { 17 | "package": { 18 | "name": "apm" 19 | }, 20 | "managed_by": "fleet", 21 | "managed": true 22 | } 23 | }' 24 | done 25 | -------------------------------------------------------------------------------- /testing/environments/infra/terraform/modules/ec_deployment/scripts/secret_token.tftpl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | KIBANA_ENDPOINT=${kibana_url}/api/fleet/package_policies/elastic-cloud-apm 4 | KIBANA_AUTH=elastic:${elastic_password} 5 | 6 | SECRET_TOKEN=$(curl -s -u $${KIBANA_AUTH} $${KIBANA_ENDPOINT} $${KIBANA_ENDPOINT} |\ 7 | jq -r '.item | select(.inputs[].policy_template == "apmserver") .inputs[].vars.secret_token.value' | uniq) 8 | 9 | echo "{\"value\":\"$${SECRET_TOKEN}\"}" 10 | -------------------------------------------------------------------------------- /testing/environments/infra/terraform/modules/ec_deployment/terraform.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | ec = { 4 | source = "elastic/ec" 5 | version = ">=0.4.1" 6 | } 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /testing/integration/README.md: -------------------------------------------------------------------------------- 1 | See [test-framework-dev-guide.md](../../docs/test-framework-dev-guide.md) 2 | -------------------------------------------------------------------------------- /testing/integration/testdata/.upgrade-test-agent-versions.yml: -------------------------------------------------------------------------------- 1 | # This file is generated automatically. Please do not manually edit it. 2 | 3 | # The testVersions list in this file specifies Elastic Agent versions to be used as 4 | # the starting (pre-upgrade) or ending (post-upgrade) versions of Elastic Agent in 5 | # upgrade integration tests. 6 | 7 | testVersions: 8 | - 9.0.2 9 | - 9.0.2-SNAPSHOT 10 | - 8.19.0-SNAPSHOT 11 | - 8.18.2 12 | - 7.17.29-SNAPSHOT 13 | -------------------------------------------------------------------------------- /testing/integration/testdata/connectors.agent.yml: -------------------------------------------------------------------------------- 1 | outputs: 2 | default: 3 | type: elasticsearch 4 | hosts: 5 | - >- 6 | ${ES_HOST} 7 | api_key: ${API_KEY} 8 | agent: 9 | monitoring: 10 | enabled: false 11 | inputs: 12 | - id: connectors 13 | type: connectors-py 14 | -------------------------------------------------------------------------------- /testing/integration/testdata/java_app.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | labels: 5 | app: java-app 6 | name: java-app 7 | spec: 8 | replicas: 1 9 | selector: 10 | matchLabels: 11 | app: java-app 12 | template: 13 | metadata: 14 | labels: 15 | app: java-app 16 | annotations: 17 | instrumentation.opentelemetry.io/inject-java: "true" 18 | spec: 19 | containers: 20 | - name: java-app 21 | image: docker.elastic.co/demos/apm/k8s-webhook-test 22 | env: 23 | - name: OTEL_INSTRUMENTATION_METHODS_INCLUDE 24 | value: "test.Testing[methodB]" 25 | -------------------------------------------------------------------------------- /testing/integration/testdata/preinstalled_packages.json: -------------------------------------------------------------------------------- 1 | { 2 | "force": true, 3 | "packages": [ 4 | { "name": "endpoint", "version": "9.0.0" }, 5 | { "name": "system", "version": "1.67.3" }, 6 | { "name": "auditd_manager", "version": "1.19.0" }, 7 | { "name": "fleet_server", "version": "1.5.0" }, 8 | { "name": "network_traffic", "version": "1.33.0" }, 9 | { "name": "osquery_manager", "version": "1.16.0" }, 10 | { "name": "apache", "version": "1.30.0" }, 11 | { "name": "log", "version": "2.4.0" } 12 | ] 13 | } 14 | -------------------------------------------------------------------------------- /testing/upgradetest/logger.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package upgradetest 6 | 7 | type Logger interface { 8 | Logf(format string, args ...interface{}) 9 | } 10 | -------------------------------------------------------------------------------- /testing/upgradetest/watcher_unix.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build !windows 6 | 7 | package upgradetest 8 | 9 | import "os" 10 | 11 | // killNoneChildProcess provides a way of killing a process that is not started as a child of this process. 12 | // 13 | // On Unix systems it just calls the native golang kill. 14 | func killNoneChildProcess(proc *os.Process) error { 15 | return proc.Kill() 16 | } 17 | -------------------------------------------------------------------------------- /tools/tools.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | //go:build tools 6 | // +build tools 7 | 8 | // This package contains the tool dependencies of the project. 9 | 10 | package tools 11 | 12 | import ( 13 | _ "github.com/magefile/mage" 14 | _ "github.com/tsg/go-daemon" 15 | _ "golang.org/x/tools/cmd/goimports" 16 | _ "golang.org/x/tools/cmd/stringer" 17 | _ "gotest.tools/gotestsum/cmd" 18 | 19 | _ "go.elastic.co/go-licence-detector" 20 | 21 | _ "github.com/rednafi/link-patrol/cmd/link-patrol" 22 | 23 | _ "github.com/elastic/go-licenser" 24 | ) 25 | -------------------------------------------------------------------------------- /updatecli-compose.yaml: -------------------------------------------------------------------------------- 1 | # Config file for `updatecli compose ...`. 2 | # https://www.updatecli.io/docs/core/compose/ 3 | policies: 4 | - name: Handle ironbank bumps 5 | policy: ghcr.io/elastic/oblt-updatecli-policies/ironbank/templates:0.5.2@sha256:6a237aea2c621a675d644dd51580bd3c0cb4d48591f54f5ba1c2ba88240fa08b 6 | values: 7 | - .ci/updatecli/values.d/scm.yml 8 | - .ci/updatecli/values.d/ironbank.yml 9 | - name: Update Updatecli policies 10 | policy: ghcr.io/updatecli/policies/autodiscovery/updatecli:0.8.0@sha256:99e9e61b501575c2c176c39f2275998d198b590a3f6b1fe829f7315f8d457e7f 11 | values: 12 | - .ci/updatecli/values.d/scm.yml 13 | - .ci/updatecli/values.d/updatecli-compose.yml 14 | -------------------------------------------------------------------------------- /version/docs/version.asciidoc: -------------------------------------------------------------------------------- 1 | :stack-version: 8.8.1 2 | :doc-branch: main 3 | // FIXME: once elastic.co docs have been switched over to use `main`, remove 4 | // the `doc-site-branch` line below as well as any references to it in the code. 5 | :doc-site-branch: master 6 | :go-version: 1.24.3 7 | :release-state: unreleased 8 | :python: 3.7 9 | :docker: 1.12 10 | :docker-compose: 1.11 11 | :libpcap: 0.8 12 | -------------------------------------------------------------------------------- /version/version.go: -------------------------------------------------------------------------------- 1 | // Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one 2 | // or more contributor license agreements. Licensed under the Elastic License 2.0; 3 | // you may not use this file except in compliance with the Elastic License 2.0. 4 | 5 | package version 6 | 7 | const defaultBeatVersion = "9.1.0" 8 | const Agent = defaultBeatVersion 9 | -------------------------------------------------------------------------------- /wrapper/windows/archive-proxy/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/elastic/elastic-agent/wrapper/windows/archive-proxy 2 | 3 | go 1.24.3 4 | 5 | require github.com/elastic/elastic-agent v0.0.0 6 | 7 | require golang.org/x/sys v0.33.0 // indirect 8 | 9 | replace github.com/elastic/elastic-agent => ../../../ 10 | -------------------------------------------------------------------------------- /wrapper/windows/archive-proxy/go.sum: -------------------------------------------------------------------------------- 1 | golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= 2 | golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= 3 | --------------------------------------------------------------------------------