-
Notifications
You must be signed in to change notification settings - Fork 145
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Agent] Respect connector_id defined in agentless #2989
Changes from all commits
6e6d911
7df79cf
7f0a77a
fed9910
b9d8155
b1d7a32
f773af9
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,35 +1,47 @@ | ||
# This file is for internal experimental purposes only. | ||
# Please do not use this file for any real-world workloads. | ||
|
||
FROM docker.elastic.co/elastic-agent/elastic-agent:9.0.0-SNAPSHOT | ||
|
||
USER root | ||
# Install dependencies | ||
RUN apt update | ||
RUN apt install software-properties-common -y | ||
RUN add-apt-repository ppa:deadsnakes/ppa | ||
RUN apt install python3.11 python3.11-venv make -y | ||
|
||
# TEMPORARY STUFF | ||
# I need vim to edit some fields | ||
# Git is needed to pull connectors repo | ||
# yq is needed to append our input to elastic-agent.yml | ||
RUN add-apt-repository ppa:rmescandon/yq | ||
RUN apt install vim git yq -y | ||
|
||
# Copy and install python agent client | ||
# TODO: also package this with revision and everything | ||
|
||
# Install apt-get dependencies | ||
RUN apt-get update && apt-get install -y \ | ||
software-properties-common \ | ||
vim \ | ||
wget \ | ||
git \ | ||
make \ | ||
&& add-apt-repository ppa:deadsnakes/ppa \ | ||
&& apt-get update && apt-get install -y python3.11 python3.11-venv \ | ||
&& apt-get clean && rm -rf /var/lib/apt/lists/* | ||
|
||
# Install Go-based yq separately | ||
RUN wget https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 -O /usr/bin/yq && \ | ||
chmod +x /usr/bin/yq | ||
|
||
# Copy project files | ||
COPY ./ /usr/share/connectors | ||
|
||
# Set working directory | ||
WORKDIR /usr/share/connectors | ||
|
||
# Install Python agent client | ||
RUN PYTHON=python3.11 make clean install install-agent | ||
|
||
# Add component | ||
# Agent directory name is dynamic and based on build hash, so we need to move in two steps | ||
# Copy and move the component files into the dynamic agent directory | ||
COPY ./resources/agent/python-elastic-agent-client /tmp/python-elastic-agent-client | ||
COPY ./resources/agent/python-elastic-agent-client.spec.yml /tmp/python-elastic-agent-client.spec.yml | ||
RUN mv /tmp/python-elastic-agent-client /usr/share/elastic-agent/data/elastic-agent-$(cat /usr/share/elastic-agent/.build_hash.txt| cut -c 1-6)/components/python-elastic-agent-client | ||
RUN mv /tmp/python-elastic-agent-client.spec.yml /usr/share/elastic-agent/data/elastic-agent-$(cat /usr/share/elastic-agent/.build_hash.txt| cut -c 1-6)/components/python-elastic-agent-client.spec.yml | ||
|
||
# add input to the elastic-agent.yml | ||
RUN yq eval --inplace '.inputs += { "type": "connectors-py", "id": "connectors-py", "use_output": "default"}' /usr/share/elastic-agent/elastic-agent.yml | ||
RUN BUILD_DIR=$(cat /usr/share/elastic-agent/.build_hash.txt | cut -c 1-6) && \ | ||
mv /tmp/python-elastic-agent-client \ | ||
/usr/share/elastic-agent/data/elastic-agent-${BUILD_DIR}/components/python-elastic-agent-client && \ | ||
mv /tmp/python-elastic-agent-client.spec.yml \ | ||
/usr/share/elastic-agent/data/elastic-agent-${BUILD_DIR}/components/python-elastic-agent-client.spec.yml | ||
|
||
WORKDIR /usr/share/elastic-agent | ||
# Modify the elastic-agent.yml file | ||
RUN yq eval --inplace '.inputs += { "type": "connectors-py", "id": "connectors-py", "use_output": "default"}' \ | ||
/usr/share/elastic-agent/elastic-agent.yml | ||
|
||
# Set the final working directory | ||
WORKDIR /usr/share/elastic-agent |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -164,13 +164,19 @@ async def heartbeat(self, doc_id): | |
await self.update(doc_id=doc_id, doc={"last_seen": iso_utc()}) | ||
|
||
async def connector_put( | ||
self, connector_id, service_type, connector_name=None, index_name=None | ||
self, | ||
connector_id, | ||
service_type, | ||
connector_name=None, | ||
index_name=None, | ||
is_native=False, | ||
): | ||
await self.api.connector_put( | ||
connector_id=connector_id, | ||
service_type=service_type, | ||
connector_name=connector_name, | ||
index_name=index_name, | ||
is_native=is_native, | ||
) | ||
|
||
async def connector_exists(self, connector_id): | ||
|
@@ -231,7 +237,6 @@ async def supported_connectors(self, native_service_types=None, connector_ids=No | |
custom_connectors_query = { | ||
"bool": { | ||
"filter": [ | ||
{"term": {"is_native": False}}, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. since we treat all connectors the same (discover by ID), remove this filter |
||
{"terms": {"_id": connector_ids}}, | ||
] | ||
} | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -384,7 +384,7 @@ class BaseDataSource: | |
advanced_rules_enabled = False | ||
dls_enabled = False | ||
incremental_sync_enabled = False | ||
native_connector_api_keys_enabled = True | ||
native_connector_api_keys_enabled = False | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. What happens here? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is old setting to enable There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. So it'll break connectors running in native mode in traditional setup in 9.x, but we don't care since it's something nobody's supposed to do, right? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The native connectors would be broken anyway since only service account that manages the ent-search node has access to read the secrets https://github.com/elastic/elasticsearch/blob/8c20ac5884158b88fdd598e422db632e1734aabb/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/service/ElasticServiceAccounts.java#L48 After migration to 9.0 those secrets are useless because noone has permissions to read them |
||
|
||
def __init__(self, configuration): | ||
# Initialize to the global logger | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So we've settled on
is_native
flag reusage in the end?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is what I understood from the "mega-thread" we've had last week, will DM you the link