Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[7.17](backport #39133) [Auditbeat/FIM/fsnotify]: remove time window where a child file operation of a directory can be lost #39231

Merged
merged 2 commits into from
Apr 30, 2024
Merged

[7.17](backport #39133) [Auditbeat/FIM/fsnotify]: remove time window where a child file operation of a directory can be lost #39231

merged 2 commits into from
Apr 30, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Apr 26, 2024
edited by zube bot
Loading

Proposed commit message

This PR fixes lost events for file integrity module of Auditbeat. Specifically as captured here there is tiny time window where if a child file get's created right after the internal dir contents snapshot of filepath.Walk and before we add the path to the fsnotify watcher, this file is now off the radar.

Mutliple of this tiny windows have been present during some buildkite CI runs (#39110 (comment), #39109 (comment), #39108 (comment))

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Author's Checklist

N/A

How to test this PR locally

cd auditbeat && for i in {1..15}; do mage build unitTest; done

Related issues

Use cases

N/A

Screenshots

N/A

Logs

N/A

This is an automatic backport of pull request #39133 done by [Mergify](https://mergify.com).

@pkoutsovasilis @mergify
[Auditbeat/FIM/fsnotify]: remove time window where a child file opera…
18459e0 
…tion of a directory can be lost (#39133)

* fix(auditbeat/fim/fsnotify): remove time window where a child file operation in of a directory can be lost

* fix(auditbeat/fim/fsnotify): remove redundant error wrapping

(cherry picked from commit 074f221)

# Conflicts:
#	auditbeat/module/file_integrity/monitor/recursive.go
@mergify mergify bot requested a review from a team as a code owner April 26, 2024 13:02
@mergify mergify bot added backport conflicts There is a conflict in the backported pull request labels Apr 26, 2024
@mergify Mergify
Copy link
Contributor Author

mergify bot commented Apr 26, 2024

Cherry-pick of 074f221 has failed:

On branch mergify/bp/7.17/pr-39133
Your branch is up to date with 'origin/7.17'.

You are currently cherry-picking commit 074f2219da.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   CHANGELOG.next.asciidoc
	modified:   auditbeat/module/file_integrity/monitor/monitor_test.go

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   auditbeat/module/file_integrity/monitor/recursive.go

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Apr 26, 2024
@botelastic
Copy link

botelastic bot commented Apr 26, 2024

This pull request doesn't have a Team:<team> label.

@elasticmachine
Copy link
Collaborator

elasticmachine commented Apr 26, 2024
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Duration: 36 min 3 sec

❕ Flaky test report

No test was executed to be analysed.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@mergify Mergify
Copy link
Contributor Author

mergify bot commented Apr 29, 2024

This pull request has not been merged yet. Could you please review and merge it @pkoutsovasilis? 🙏

@pkoutsovasilis pkoutsovasilis merged commit 5436889 into 7.17 Apr 30, 2024
28 of 31 checks passed
@pkoutsovasilis pkoutsovasilis deleted the mergify/bp/7.17/pr-39133 branch April 30, 2024 18:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pkoutsovasilis pkoutsovasilis pkoutsovasilis approved these changes

Assignees

@pkoutsovasilis pkoutsovasilis

Labels
backport conflicts There is a conflict in the backported pull request needs_team Indicates that the issue/PR needs a Team:* label
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@elasticmachine @pkoutsovasilis