github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Fleet] Fix upgrade one agent should check fleet server version too (#141788)

Browse source
This commit is contained in:
Nicolas Chaulet 2022-09-26 12:46:55 -04:00 committed by GitHub
parent c9d9d63ee7
commit fd16e6b224
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 104 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

55
x-pack/plugins/fleet/server/routes/agent/upgrade_handler.ts
View file

@ -47,26 +47,43 @@ export const postAgentUpgradeHandler: RequestHandler<
},
});
}
const agent = await getAgentById(esClient, request.params.agentId);
if (agent.unenrollment_started_at || agent.unenrolled_at) {
return response.customError({
statusCode: 400,
body: {
message: 'cannot upgrade an unenrolling or unenrolled agent',
},
});
}
if (!force && !isAgentUpgradeable(agent, kibanaVersion, version)) {
return response.customError({
statusCode: 400,
body: {
message: `agent ${request.params.agentId} is not upgradeable`,
},
});
}
try {
const agent = await getAgentById(esClient, request.params.agentId);
const fleetServerAgents = await getAllFleetServerAgents(soClient, esClient);
const agentIsFleetServer = fleetServerAgents.some(
(fleetServerAgent) => fleetServerAgent.id === agent.id
);
if (!agentIsFleetServer) {
try {
checkFleetServerVersion(version, fleetServerAgents);
} catch (err) {
return response.customError({
statusCode: 400,
body: {
message: err.message,
},
});
}
}
if (agent.unenrollment_started_at || agent.unenrolled_at) {
return response.customError({
statusCode: 400,
body: {
message: 'cannot upgrade an unenrolling or unenrolled agent',
},
});
}
if (!force && !isAgentUpgradeable(agent, kibanaVersion, version)) {
return response.customError({
statusCode: 400,
body: {
message: `agent ${request.params.agentId} is not upgradeable`,
},
});
}
await AgentService.sendUpgradeAgentAction({
soClient,
esClient,

92
x-pack/test/fleet_api_integration/apis/agents/upgrade.ts
View file

@ -57,8 +57,38 @@ export default function (providerContext: FtrProviderContext) {
});
describe('one agent', () => {
const fleetServerVersion = '7.16.0';
beforeEach(async () => {
await supertest.post(`/api/fleet/agent_policies`).set('kbn-xsrf', 'kibana').send({
name: 'Fleet Server policy 1',
id: 'fleet-server-policy',
namespace: 'default',
has_fleet_server: true,
});
await kibanaServer.savedObjects.create({
id: `package-policy-test`,
type: PACKAGE_POLICY_SAVED_OBJECT_TYPE,
overwrite: true,
attributes: {
policy_id: 'fleet-server-policy',
name: 'Fleet Server',
package: {
name: 'fleet_server',
},
},
});
await generateAgent(
providerContext,
'healthy',
'agentWithFS',
'fleet-server-policy',
fleetServerVersion
);
});
it('should respond 200 to upgrade agent and update the agent SO', async () => {
const kibanaVersion = await kibanaServer.version.get();
await es.update({
id: 'agent1',
refresh: 'wait_for',
@ -73,23 +103,39 @@ export default function (providerContext: FtrProviderContext) {
.post(`/api/fleet/agents/agent1/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({
version: kibanaVersion,
version: fleetServerVersion,
})
.expect(200);
const res = await supertest.get(`/api/fleet/agents/agent1`).set('kbn-xsrf', 'xxx');
expect(typeof res.body.item.upgrade_started_at).to.be('string');
});
it('should respond 400 if upgrading agent with version the same as snapshot version', async () => {
it('should allow to upgrade a Fleet server agent to a version > fleet server version', async () => {
const kibanaVersion = await kibanaServer.version.get();
const kibanaVersionSnapshot = makeSnapshotVersion(kibanaVersion);
await supertest
.post(`/api/fleet/agents/agentWithFS/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({
version: kibanaVersion,
})
.expect(200);
const res = await supertest.get(`/api/fleet/agents/agentWithFS`).set('kbn-xsrf', 'xxx');
expect(typeof res.body.item.upgrade_started_at).to.be('string');
});
it('should respond 400 if upgrading agent with version the same as snapshot version', async () => {
const fleetServerVersionSnapshot = makeSnapshotVersion(fleetServerVersion);
await es.update({
id: 'agent1',
refresh: 'wait_for',
index: AGENTS_INDEX,
body: {
doc: {
local_metadata: { elastic: { agent: { upgradeable: true, version: kibanaVersion } } },
local_metadata: {
elastic: { agent: { upgradeable: true, version: fleetServerVersion } },
},
},
},
});
@ -97,20 +143,21 @@ export default function (providerContext: FtrProviderContext) {
.post(`/api/fleet/agents/agent1/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({
version: kibanaVersionSnapshot,
version: fleetServerVersionSnapshot,
})
.expect(400);
});
it('should respond 200 if upgrading agent with version the same as snapshot version and force flag is passed', async () => {
const kibanaVersion = await kibanaServer.version.get();
const kibanaVersionSnapshot = makeSnapshotVersion(kibanaVersion);
const fleetServerVersionSnapshot = makeSnapshotVersion(fleetServerVersion);
await es.update({
id: 'agent1',
refresh: 'wait_for',
index: AGENTS_INDEX,
body: {
doc: {
local_metadata: { elastic: { agent: { upgradeable: true, version: kibanaVersion } } },
local_metadata: {
elastic: { agent: { upgradeable: true, version: fleetServerVersion } },
},
},
},
});
@ -118,14 +165,13 @@ export default function (providerContext: FtrProviderContext) {
.post(`/api/fleet/agents/agent1/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({
version: kibanaVersionSnapshot,
version: fleetServerVersionSnapshot,
force: true,
})
.expect(200);
});
it('should respond 200 if upgrading agent with version less than kibana snapshot version', async () => {
const kibanaVersion = await kibanaServer.version.get();
const kibanaVersionSnapshot = makeSnapshotVersion(kibanaVersion);
const fleetServerVersionSnapshot = makeSnapshotVersion(fleetServerVersion);
await es.update({
id: 'agent1',
@ -141,12 +187,11 @@ export default function (providerContext: FtrProviderContext) {
.post(`/api/fleet/agents/agent1/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({
version: kibanaVersionSnapshot,
version: fleetServerVersionSnapshot,
})
.expect(200);
});
it('should respond 200 if trying to upgrade with source_uri set', async () => {
const kibanaVersion = await kibanaServer.version.get();
await es.update({
id: 'agent1',
refresh: 'wait_for',
@ -161,7 +206,7 @@ export default function (providerContext: FtrProviderContext) {
.post(`/api/fleet/agents/agent1/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({
version: kibanaVersion,
version: fleetServerVersion,
source_uri: 'http://path/to/download',
})
.expect(200);
@ -205,7 +250,6 @@ export default function (providerContext: FtrProviderContext) {
.expect(400);
});
it('should respond 400 if trying to upgrade an agent that is unenrolling', async () => {
const kibanaVersion = await kibanaServer.version.get();
await supertest.post(`/api/fleet/agents/agent1/unenroll`).set('kbn-xsrf', 'xxx').send({
revoke: true,
});
@ -213,12 +257,11 @@ export default function (providerContext: FtrProviderContext) {
.post(`/api/fleet/agents/agent1/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({
version: kibanaVersion,
version: fleetServerVersion,
})
.expect(400);
});
it('should respond 400 if trying to upgrade an agent that is unenrolled', async () => {
const kibanaVersion = await kibanaServer.version.get();
await es.update({
id: 'agent1',
refresh: 'wait_for',
@ -233,18 +276,17 @@ export default function (providerContext: FtrProviderContext) {
.post(`/api/fleet/agents/agent1/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({
version: kibanaVersion,
version: fleetServerVersion,
})
.expect(400);
});
it('should respond 400 if trying to upgrade an agent that is not upgradeable', async () => {
const kibanaVersion = await kibanaServer.version.get();
const res = await supertest
.post(`/api/fleet/agents/agent1/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({
version: kibanaVersion,
version: fleetServerVersion,
})
.expect(400);
expect(res.body.message).to.equal('agent agent1 is not upgradeable');
@ -258,7 +300,6 @@ export default function (providerContext: FtrProviderContext) {
is_managed: true,
});
const kibanaVersion = await kibanaServer.version.get();
await es.update({
id: 'agent1',
refresh: 'wait_for',
@ -273,7 +314,7 @@ export default function (providerContext: FtrProviderContext) {
const { body } = await supertest
.post(`/api/fleet/agents/agent1/upgrade`)
.set('kbn-xsrf', 'xxx')
.send({ version: kibanaVersion })
.send({ version: fleetServerVersion })
.expect(400);
expect(body.message).to.contain(
'Cannot upgrade agent agent1 in hosted agent policy policy1'
@ -284,7 +325,6 @@ export default function (providerContext: FtrProviderContext) {
});
it('should respond 403 if user lacks fleet all permissions', async () => {
const kibanaVersion = await kibanaServer.version.get();
await es.update({
id: 'agent1',
refresh: 'wait_for',
@ -300,7 +340,7 @@ export default function (providerContext: FtrProviderContext) {
.set('kbn-xsrf', 'xxx')
.auth(testUsers.fleet_no_access.username, testUsers.fleet_no_access.password)
.send({
version: kibanaVersion,
version: fleetServerVersion,
})
.expect(403);
});
@ -312,7 +352,7 @@ export default function (providerContext: FtrProviderContext) {
beforeEach(async () => {
await supertest.post(`/api/fleet/agent_policies`).set('kbn-xsrf', 'kibana').send({
name: 'Fleet Server policy 1',
policy_id: 'fleet-server-policy',
id: 'fleet-server-policy',
namespace: 'default',
has_fleet_server: true,
});

2
x-pack/test/fleet_api_integration/helpers.ts
View file

@ -69,6 +69,7 @@ export async function generateAgent(
await es.index({
index: '.fleet-agents',
id,
body: {
id,
active: true,
@ -79,6 +80,7 @@ export async function generateAgent(
elastic: {
agent: {
version,
upgradeable: true,
},
},
},