* Provision automatic test runs for ruby/java unit tests and integration tests with fips mode (#17029)
* Run ruby unit tests under FIPS mode
This commit shows a proposed pattern for running automated tests for logstash in
FIPS mode. It uses a new identifier in gradle for conditionally setting
properties to configure fips mode. The tests are run in a container
representative of the base image the final artifacts will be built from.
* Move everything from qa/fips -> x-pack
This commit moves test setup/config under x-pack dir.
* Extend test pipelines for fips mode to java unit tests and integration
* Add git to container for gradle
* move fips-mode gradle hooks to x-pack
* Skip license check for now
---------
Co-authored-by: Ry Biesemeyer <ry.biesemeyer@elastic.co>
* Split fips integration tests into two steps (#17038)
* Split fips integration tests into two steps
The integration tests suite takes about 40 minutes. This is far too slow for
reasonable feedback on a PR. This commit follows the pattern for the non-fips
integration tests whereby the tests are split into two sections that can run in
parallel across two steps. This should halve the feedback time.
The logic for getting a list of specs files to run has been extracted to a
shared shell script for use here and in the integration tests shell script.
* Use shared function for splitting integration tests
The logic for getting a list of specs to run has been extracted so that it can
be shared across fips and non fips integration test modes. This commit updates
the non fips integration tests to use the shared function.
* fix typo in helper name (kebab case, not snake)
* Escape $ so buildkite upload does not try to interpolate
* Wrap integration tests in shell script to avoid BK interpolation
* Move entrypoint for running integration tests inside docker
* Skip offline pack manager tests when running in fips mode (#17160)
This commit introduces a pattern for skipping tests we do not want to run in
fips mode. In this case the plugin manager tests rely on using
bundler/net-http/openssl which is not configured to be run with bouncycastle
fips providers.
* Get tests running in FIPS environment (#17096)
* Modify FIPS test runner environment for integration tests
This commit makes two small changes to the dockerfile used to define the fips
test environment. Specifically it adds curl (which is required by integration
tests), make (which is required by test setup), adds a c compiler (gcc and glibc
for integration tests which compile a small c program) and turns off debug ssl
logging as it is extremely noisy in logs and breaking some assumptions in
tests about logfile content.
Closes https://github.com/elastic/ingest-dev/issues/5074
* Do not run test env as root
The elastic stack is not meant to be run as root. This commit updates the test
environment to provision a non root user and have the container context execute
under that providioned user.
Closes https://github.com/elastic/ingest-dev/issues/5088
* Skip unit tests that reach out to rubygems for fips mode
The `update` test setup reaches out to rubygems with net/http which is
incompatible with our use of openssl in fips mode. This commit skips those tests
when running under fips.
See https://github.com/elastic/ingest-dev/issues/5071
* Work around random data request limits in BCFIPS
This commit changes test setup to make chunked calls to random data generation
in order to work around a limit in fips mode.
See https://github.com/elastic/ingest-dev/issues/5072 for details.
* Skip tests validating openssl defaults
Openssl will not be used when running under FIPS mode. The test setup and tests
themselves were failing when running in FIPS mode. This commit skips the tests
that are covering behavior that will be disabled.
See https://github.com/elastic/ingest-dev/issues/5069
* Skip tests that require pluginmanager to install plugins
This commit skips tests that rely on using the pluginmanager to install plugins
during tests which require reaching out to rubygems.
See https://github.com/elastic/ingest-dev/issues/5108
* Skip prepare offline pack integration tests in fips mode
The offline pack tests require on pluginmanager to use net-http library for
resolving deps. This will not operate under fips mode. Skip when running in fips
mode.
See https://github.com/elastic/ingest-dev/issues/5109
* Ensure a gem executible is on path for test setup
This commit modifies the generate-gems script to ensure that a `gem` executable
is on the path. If there is not one on the test runner, then use the one bundled
with vendored jruby.
* Skip webserver specs when running in FIPS mode
This commit skips the existing webserver tests. We have some options and need to
understand some requirements for the webserver functionality for fips mode. The
https://github.com/elastic/ingest-dev/issues/5110 issue has a ton of details.
* Skip cli `remove` integration tests for FIPS
This commit skips tests that are running `remove` action for the pluginmanager.
These require reaching out to rubygems which is not available in FIPS mode.
These tests were added post initial integration tests scoping work but are
clearly requiring skips for FIPS mode.
* Add openssl package to FIPS testing env container
The setup script for filebeats requires an openssl executable. This commit
updates the testing container with this tool.
See https://github.com/elastic/ingest-dev/issues/5107
* Re-introduce retries for FIPS tests now that we are in a passing state
* Backport 17203 and 17267 fedramp8x (#17271)
* Pluginmanager clean after mutate (#17203)
* pluginmanager: always clean after mutate
* pluginmanager: don't skip updating plugins installed with --version
* pr feedback
(cherry picked from commit 8c96913807)
* Pluginmanager install preserve (#17267)
* tests: integration tests for pluginmanager install --preserve
* fix regression where pluginmanager's install --preserve flag didn't
* Add :skip_fips to update_spec.rb
* Run x-pack tests under FIPS mode (#17254)
This commit adds two new CI cells to cover x-pack tests running in FIPS mode.
This ensures we have coverage of these features when running existing x-pack
tests.
* observabilitySRE: docker rake tasks (#17272)
* observabilitySRE: docker rake tasks
* Apply suggestions from code review
Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>
* Update rakelib/plugin.rake
* Update rakelib/plugin.rake
* Update docker/Makefile
Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>
---------
Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>
* Ensure env2yaml dep is properly expressed in observabilitySRE task (#17305)
The `build-from-local-observability-sre-artifacts` task depends on the `env2yaml`
task. This was easy to miss in local development if other images had been built.
This commit updates the makefile to properly define that dependency.
* Add a smoke test for observability SRE container (#17298)
* Add a smoke test for observability SRE container
Add a CI cell to ensure the observability contater is building successfully. In
order to show success run a quick smoke test to point out any glaring issues.
This adds some general, low risk plugins for doing quick testing. This will help
developers in debugging as we work on this image.
* Show what is happening when rake fails
* Debug deeper in the stack
Show the stdout/stderr when shelling out fails.
* Debug layers of build tooling
Open3 is not capturing stdout for some reason. Capture it and print to see what is wrong in CI.
* Actually run ls command in docker container 🤦
* Update safe_system based on code review suggestion
* Dynamically generate version for container invocation
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
* Refactor smoke test setup to script
Avoid interpolation backflips with buildkite by extracting to a script.
* Split out message surfacing improvment to separate PR.
Moved to: https://github.com/elastic/logstash/pull/17310
* Extract version qualifier into standalone script
* Wait for version-qualifier.sh script to land upstream
Use https://github.com/elastic/logstash/pull/17311 once it lands and gets
backported to 8.x. For now just hard code version.
---------
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
* Configure observability SRE container for FIPS (#17297)
This commit establishes a pattern for configuring the container to run in fips mode.
- Use chainguard-fips
- Copy over java properties from ls tar archive
- Convert default jks to BC keystore
- Configure logstash to use java properties and FIPS config
NOTE: this assumes bouncycastle jars are in the tarball. The
https://github.com/elastic/ingest-dev/issues/5049 ticket will address that.
* Exclude plugin manager and keystore cli from observabilitySRE artifact (#17375)
* Conditionally install bcfips jars when building/testing observabilitySRE (#17359)
* Conditionally install bcfips jars when building for observabilitySRE
This commit implements a pattern for performing specific gradle tasks based on a
newly named "fedrampHighMode" option. This option is used to configure tests to
run with additional configuration specific to the observabilitySRE use case.
Similarly the additional jar dependencies for bouncycastle fips providers are
conditionally installed gated on the "fedrampHighMode" option.
In order to ensure the the "fedrampHighMode" option persists through the layers
of sub-processes spawned between gradle and rake we store and respect an
environment variable FEDRAMP_HIGH_MODE. This may be useful generally in building
the docker image.
Try codereview suggestion
* Use gradle pattern for setting properties with env vars
Gradle has a mechanism for setting properties with environment variables
prefixed with `ORG_GRADLE_PROJECT`. This commit updates the gradle tasks to use
that pattern.
See
https://docs.gradle.org/current/userguide/build_environment.html#setting_a_project_property
for details.
* Pull in latests commits from 8.x and update based on new patterns (#17385)
* Fix empty node stats pipelines (#17185) (#17197)
Fixed an issue where the `/_node/stats` API displayed empty pipeline metrics
when X-Pack monitoring was enabled
(cherry picked from commit 86785815bd)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
* Update z_rubycheck.rake to no longer inject Xmx1g (#17211)
This allows the environment variable JRUBY_OPTS to be used for setting properties like Xmx
original pr: #16420
(cherry picked from commit f562f37df2)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
* Improve warning for insufficient file resources for PQ max_bytes (#16656) (#17222)
This commit refactors the `PersistedQueueConfigValidator` class to provide a
more detailed, accurate and actionable warning when pipeline's PQ configs are at
risk of running out of disk space. See
https://github.com/elastic/logstash/issues/14839 for design considerations. The
highlights of the changes include accurately determining the free resources on a
filesystem disk and then providing a breakdown of the usage for each of the
paths configured for a queue.
(cherry picked from commit 062154494a)
Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>
* gradle task migrate to the new artifacts-api (#17232) (#17236)
This commit migrates gradle task to the new artifacts-api
- remove dependency on staging artifacts
- all builds use snapshot artifacts
- resolve version from current branch, major.x, previous minor,
with priority given in that order.
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
(cherry picked from commit 0a745686f6)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
* tests: ls2ls delay checking until events have been processed (#17167) (#17252)
* tests: ls2ls delay checking until events have been processed
* Make sure upstream sends expected number of events before checking the expectation with downstream. Remove unnecessary or duplicated logics from the spec.
* Add exception handling in `wait_for_rest_api` to make wait for LS REST API retriable.
---------
Co-authored-by: Mashhur <mashhur.sattorov@elastic.co>
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
(cherry picked from commit 73ffa243bf)
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
* Additional cleanify changes to ls2ls integ tests (#17246) (#17255)
* Additional cleanify changes to ls2ls integ tests: replace heartbeat-input with reload option, set queue drain to get consistent result.
(cherry picked from commit 1e06eea86e)
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
* [8.x] Reimplement LogStash::Numeric setting in Java (backport #17127) (#17273)
This is an automatic backport of pull request #17127 done by [Mergify](https://mergify.com).
----
* Reimplement LogStash::Numeric setting in Java (#17127)
Reimplements `LogStash::Setting::Numeric` Ruby setting class into the `org.logstash.settings.NumericSetting` and exposes it through `java_import` as `LogStash::Setting::NumericSetting`.
Updates the rspec tests:
- verifies `java.lang.IllegalArgumentException` instead of `ArgumentError` is thrown because the kind of exception thrown by Java code, during verification.
(cherry picked from commit 07a3c8e73b)
* Fixed reference of SettingNumeric class (on main modules were removed)
---------
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* [CI] Health report integration tests use the new artifacts-api (#17274) (#17277)
migrate to the new artifacts-api
(cherry picked from commit feb2b92ba2)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
* Backport 17203 and 17267 8.x (#17270)
* Pluginmanager clean after mutate (#17203)
* pluginmanager: always clean after mutate
* pluginmanager: don't skip updating plugins installed with --version
* pr feedback
(cherry picked from commit 8c96913807)
* Pluginmanager install preserve (#17267)
* tests: integration tests for pluginmanager install --preserve
* fix regression where pluginmanager's install --preserve flag didn't
* [Backport 8.x] benchmark script (#17283)
This commit cherry-picked the missing becnhmark script PRs
The deprecated artifacts-api is removed
[CI] benchmark uses the new artifacts-api (#17224)
[CI] benchmark readme (#16783)
Introduce a new flag to explicitly permit legacy monitoring (#16586) (Only take the benchmark script)
[ci] fix wrong queue type in benchmark marathon (#16465)
[CI] fix benchmark marathon (#16447)
[CI] benchmark dashboard and pipeline for testing against multiple versions (#16421)
* Fix pqcheck and pqrepair on Windows (#17210) (#17259)
A recent change to pqheck, attempted to address an issue where the
pqcheck would not on Windows mahcines when located in a folder containing
a space, such as "C:\program files\elastic\logstash". While this fixed an
issue with spaces in folders, it introduced a new issue related to Java options,
and the pqcheck was still unable to run on Windows.
This PR attempts to address the issue, by removing the quotes around the Java options,
which caused the option parsing to fail, and instead removes the explicit setting of
the classpath - the use of `set CLASSPATH=` in the `:concat` function is sufficient
to set the classpath, and should also fix the spaces issue
Fixes: #17209
(cherry picked from commit ba5f21576c)
Co-authored-by: Rob Bavey <rob.bavey@elastic.co>
* Shareable function for partitioning integration tests (#17223) (#17303)
For the fedramp high work https://github.com/elastic/logstash/pull/17038/files a
use case for multiple scripts consuming the partitioning functionality emerged.
As we look to more advanced partitioning we want to ensure that the
functionality will be consumable from multiple scripts.
See https://github.com/elastic/logstash/pull/17219#issuecomment-2698650296
(cherry picked from commit d916972877)
Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>
* [8.x] Surface failures from nested rake/shell tasks (backport #17310) (#17317)
* Surface failures from nested rake/shell tasks (#17310)
Previously when rake would shell out the output would be lost. This
made debugging CI logs difficult. This commit updates the stack with
improved message surfacing on error.
(cherry picked from commit 0d931a502a)
# Conflicts:
# rubyUtils.gradle
* Extend ruby linting tasks to handle file inputs (#16660)
This commit extends the gradle and rake tasks to pass through a list of files
for rubocop to lint. This allows more specificity and fine grained control for
linting when the consumer of the tasks only wishes to lint a select few files.
* Ensure shellwords library is loaded
Without this depending on task load order `Shellwords` may not be available.
---------
Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>
* Forward Port of Release notes for `8.16.5` and `8.17.3` (#17187), (#17188) (#17266) (#17321)
* Forward Port of Release notes for 8.17.3 (#17187)
* Update release notes for 8.17.3
---------
Co-authored-by: logstashmachine <43502315+logstashmachine@users.noreply.github.com>
Co-authored-by: Rob Bavey <rob.bavey@elastic.co>
* Forward Port of Release notes for 8.16.5 (#17188)
* Update release notes for 8.16.5
---------
Co-authored-by: logstashmachine <43502315+logstashmachine@users.noreply.github.com>
Co-authored-by: Rob Bavey <rob.bavey@elastic.co>
---------
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: logstashmachine <43502315+logstashmachine@users.noreply.github.com>
(cherry picked from commit 63e8fd1d21)
Co-authored-by: Rob Bavey <rob.bavey@elastic.co>
* Add Deprecation tag to arcsight module (#17331)
* [8.x] Upgrade elasticsearch-ruby client. (backport #17161) (#17306)
* Upgrade elasticsearch-ruby client. (#17161)
* Fix Faraday removed basic auth option and apply the ES client module name change.
(cherry picked from commit e748488e4a)
* Apply the required changes in elasticsearch_client.rb after upgrading the elasticsearch-ruby client to 8.x
* Swallow the exception and make non-connectable client when ES client raises connection refuses exception.
---------
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
Co-authored-by: Mashhur <mashhur.sattorov@elastic.co>
* Removed unused configHash computation that can be replaced by PipelineConfig.configHash() (#17336) (#17345)
Removed unused configHash computation happening in AbstractPipeline and used only in tests replaced by PipelineConfig.configHash() invocation
(cherry picked from commit 787fd2c62f)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* Use org.logstash.common.Util to hashing by default to SHA256 (#17346) (#17352)
Removes the usage fo Apache Commons Codec MessgeDigest to use internal Util class with embodies hashing methods.
(cherry picked from commit 9c0e50faac)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* Added test to verify the int overflow happen (#17353) (#17354)
Use long instead of int type to keep the length of the first token.
The size limit validation requires to sum two integers, one with the length of the accumulated chars till now plus the next fragment head part. If any of the two sizes is close to the max integer it generates an overflow and could successfully fail the test 9c0e50faac/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java (L123).
To fall in this case it's required that sizeLimit is bigger then 2^32 bytes (2GB) and data fragments without any line delimiter is pushed to the tokenizer with a total size close to 2^32 bytes.
(cherry picked from commit afde43f918)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* [8.x] add ci shared qualified-version script (backport #17311) (#17348)
* add ci shared qualified-version script (#17311)
* ci: add shareable script for generating qualified version
* ci: use shared script to generate qualified version
(cherry picked from commit 10b5a84f84)
# Conflicts:
# .buildkite/scripts/dra/build_docker.sh
* resolve merge conflict
---------
Co-authored-by: Rye Biesemeyer <yaauie@users.noreply.github.com>
* tests: make integration split quantity configurable (#17219) (#17367)
* tests: make integration split quantity configurable
Refactors shared splitter bash function to take a list of files on stdin
and split into a configurable number of partitions, emitting only those from
the currently-selected partition to stdout.
Also refactors the only caller in the integration_tests launcher script to
accept an optional partition_count parameter (defaulting to `2` for backward-
compatibility), to provide the list of specs to the function's stdin, and to
output relevant information about the quantity of partition splits and which
was selected.
* ci: run integration tests in 3 parts
(cherry picked from commit 3e0f488df2)
Co-authored-by: Rye Biesemeyer <yaauie@users.noreply.github.com>
* Update buildkite with new patterns from 8.x
This commit updates the buildkite definitions to be compatible with the
upstream 8.x branch. Specificially:
- Split integration tests for fips into 3 runners.
- Use the new shared bash helper for computing QUALIFIED_VERSION
It also continues standardization of using a "fedrampHighMode" for indicating
the tests should be running in the context of our custom image for the SRE team.
* Bug fix: Actually use shared integration_tests.sh file
After refactoring to use the same script, I forgot to actually use it
in the buildkite definition...
---------
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
Co-authored-by: Rob Bavey <rob.bavey@elastic.co>
Co-authored-by: Mashhur <mashhur.sattorov@elastic.co>
* Pin rubocop-ast development gem due to new dep on prism (#17407) (#17433)
The rubocop-ast gem just introduced a new dependency on prism.
- https://rubygems.org/gems/rubocop-ast/versions/1.43.0
In our install default gem rake task we are seeing issues trying to build native
extensions. I see that in upstream jruby they are seeing a similar problem (at
least it is the same failure mode https://github.com/jruby/jruby/pull/8415
This commit pins rubocop-ast to 1.42.0 which is the last version that did not
have an explicit prism dependency.
(cherry picked from commit 6de59f2c02)
Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>
* Add age filter fedramp (#17434)
* net-zero-change refactor
* add logstash-filter-age to observabilitySRE artifact
* Add licenses for bouncycastle fips jars (#17406)
This commit adds licences for bouncycastle jars that are added for the
observability SRE container artifact. It re-enables the previously disabled
license check and adds a new one running in fips mode.
* Publish Observability SRE images to internal container registry (#17401)
* POC for publishing observability SRE images
This commit adds a step to the pull_request_pipeline buildkite definition to
push a docker image to the elastic container registry. It is added here to show
that we have the proper creds etc in CI to push the container where it needs to
go. We will likely move this into the DRA pipeline once we are confident it is
pushing to the correct place with a naming convention that works for all
consumers/producers.
The general idea is to build the container with our gradle task, then once we
have that image we can tag it with the git sha and a "latest" identifier. This
would allow consumers to choose between an exact sha for a stream like 8.19.0 or
the "latest". I will also need to factor in the case where we have the tag
*without* the sha postfix. Obviously we will want to fold this in to the existing DRA
pipeline for building/staging images but for now it seems reasonable to handle
this separately.
* check variable resolution
* Move POC code into DRA pipeline
This commit takes the POC from the pull_request_pipeline and adds it to the DRA
pipeline. Noteably, we take care to not disrupt anything about the existing DRA
pipeline by making this wait until after the artifacts are published and we set
a soft_fail. While this is being introduced and stabilized we want to ensure the
existing DRA pipeline continues to work without interruption. As we get more
stability we can look at a tigther integration.
* Disambiguate architectures
Eventually we will want to do proper annotations with manifests but for now
just add arch to the tag.
* Use docker manifest for multi-architecture builds
This commit refactors the POC pipeline for pushing observabilty SRE containers
to handle conflicts for tags based on target architectures. Cells with
respective architectures build containers and push to the container registry
with a unique identifier. Once those exist we introduce a separate step to use
the docker manifest command to annotate those images such that a container
client can download the correct image based on architecture. As a result for
every artifact there will be 2 images pushed (one for each arch) and N manifests
pushed. The manifests will handle the final naming that the consumer would
expect.
* Refactor docker naming scheme
In order to follow more closely the existing tagging scheme this commit
refactors the naming for images to include the build sha BEFORE the SNAPSHOT
identifier. WHile this does not exactly follow the whole system that exists
today for container images in DRA it follows a pattern that is more similar.
Ideally we can iterate to fold handling of this container into DRA and in that
case consumers would not need to update their patterns for identifying images.
* Code review refactor
Rename INCLUDE_SHA to INCLUDE_COMMIT_ID in qualified-version script.
Confine use of this argument to individual invocations instead at top level in scripts.
* Build observabilitySRE containers after DRA is published
This gates build/push for observability SRE containers on success of DRA pipeline.
* x-pack: add fips validation plugin from x-pack (#16940)
* x-pack: add fips_validation plugin to be included in fips builds
The `logstash-integration-fips_validation` plugin provides no runtime
pipeline plugins, but instead provides hooks to ensure that the logstash
process is correctly configured for compliance with FIPS 140-3.
It is installed while building the observabilitySRE artifacts.
* fips validation: ensure BCFIPS,BCJSSE,SUN are first 3 security providers
* remove re-injection of BCFIPS jars
* Update lib/bootstrap/rubygems.rb
* add integration spec for fips_validation plugin
* add missing logstash_plugin helper
* fixup
* skip non-fips spec on fips-configured artifact, add spec details
* Improve smoke tests for observability SRE image (#17486)
* Improve smoke tests for observability SRE image
This commit adds a new rspec test to run the observability SRE container in a
docker compose network with filebeat and elasticsearch. It uses some simple test
data through a pipeline with plugins we expect to be used in production. The
rspec tests will ensure the test data is flowing from filebeat to logstash to
elasticsearch by querying elasticsearch for expected transformed data.
* REVERT ME: debug whats goig on in CI :(
* Run filebeat container as root
* Work around strict file ownership perms for filebeat
We add the filebeat config in a volume, the permissions checks fail due test
runner not being a root user. This commit disables that check in filebeat as
seems to be the consensus solution online for example: https://event-driven.io/en/tricks_on_how_to_set_up_related_docker_images/
* Dynaimcally generate PKI instead of checking it in
Instead of checking in PKI, dynamically generate it with gradle task for
starting containers and running the tests. This improvement avoids github
warning of checked in keys and avoid expiration headaches. Generation is very
fast and does not add any significant overhead to test setup.
* Remove use of "should" in rspec docstrings
see https://github.com/rubocop/rspec-style-guide?tab=readme-ov-file#should-in-example-docstrings
* Ensure permissions readable for volume
Now that certs are dynamically generated, ensure they are able to be read in container
* Use elasticsearch-fips image for smoke testing
* Add git ignore for temp certs
* Fix naming convention for integration tests
Co-authored-by: Rye Biesemeyer <yaauie@users.noreply.github.com>
* Use parameter expansion for FEDRAMP_HIGH_MODE
Co-authored-by: Rye Biesemeyer <yaauie@users.noreply.github.com>
* Use parameter expansion for FEDRAMP_HIGH_MODE
Co-authored-by: Rye Biesemeyer <yaauie@users.noreply.github.com>
* Use parameter expansion for FEDRAMP_HIGH_MODE
Co-authored-by: Rye Biesemeyer <yaauie@users.noreply.github.com>
---------
Co-authored-by: Ry Biesemeyer <ry.biesemeyer@elastic.co>
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
Co-authored-by: Rob Bavey <rob.bavey@elastic.co>
Co-authored-by: Mashhur <mashhur.sattorov@elastic.co>
NOTE: we decided to squash these commits as the feature branch had cherry-picks (and squshed change sets 182f15ebde ) from 8.x which would potentially make the commit history confusing. We determined that the benefit of having individual commits from the feature branch was outweighed by the potentially confusing git history. This will also make porting this bit of work to other streams more simple.
Updates only test code to be able to run a test that consumes big memory if:
- the physical memory is bigger than the requested Java heap
- JDK version is greater than or equal to 21.
The reason to limit the JDK version is that on 16GB machine the G1GC is more efficient than the one on previous JDKs and so let complete the test with 10GB heap, while in JDK 17 it consistently fails with OOM error.
(cherry picked from commit 075fdb4152)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
Use long instead of int type to keep the length of the first token.
The size limit validation requires to sum two integers, one with the length of the accumulated chars till now plus the next fragment head part. If any of the two sizes is close to the max integer it generates an overflow and could successfully fail the test 9c0e50faac/logstash-core/src/main/java/org/logstash/common/BufferedTokenizerExt.java (L123).
To fall in this case it's required that sizeLimit is bigger then 2^32 bytes (2GB) and data fragments without any line delimiter is pushed to the tokenizer with a total size close to 2^32 bytes.
(cherry picked from commit afde43f918)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
Removes the usage fo Apache Commons Codec MessgeDigest to use internal Util class with embodies hashing methods.
(cherry picked from commit 9c0e50faac)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
Removed unused configHash computation happening in AbstractPipeline and used only in tests replaced by PipelineConfig.configHash() invocation
(cherry picked from commit 787fd2c62f)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* Upgrade elasticsearch-ruby client. (#17161)
* Fix Faraday removed basic auth option and apply the ES client module name change.
(cherry picked from commit e748488e4a)
* Apply the required changes in elasticsearch_client.rb after upgrading the elasticsearch-ruby client to 8.x
* Swallow the exception and make non-connectable client when ES client raises connection refuses exception.
---------
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
Co-authored-by: Mashhur <mashhur.sattorov@elastic.co>
This is an automatic backport of pull request #17127 done by [Mergify](https://mergify.com).
----
* Reimplement LogStash::Numeric setting in Java (#17127)
Reimplements `LogStash::Setting::Numeric` Ruby setting class into the `org.logstash.settings.NumericSetting` and exposes it through `java_import` as `LogStash::Setting::NumericSetting`.
Updates the rspec tests:
- verifies `java.lang.IllegalArgumentException` instead of `ArgumentError` is thrown because the kind of exception thrown by Java code, during verification.
(cherry picked from commit 07a3c8e73b)
* Fixed reference of SettingNumeric class (on main modules were removed)
---------
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
This commit refactors the `PersistedQueueConfigValidator` class to provide a
more detailed, accurate and actionable warning when pipeline's PQ configs are at
risk of running out of disk space. See
https://github.com/elastic/logstash/issues/14839 for design considerations. The
highlights of the changes include accurately determining the free resources on a
filesystem disk and then providing a breakdown of the usage for each of the
paths configured for a queue.
(cherry picked from commit 062154494a)
Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>
Fixed an issue where the `/_node/stats` API displayed empty pipeline metrics
when X-Pack monitoring was enabled
(cherry picked from commit 86785815bd)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
Currently the deserialization is behind the readBatch's lock, so any large batch will take time deserializing, causing any other Queue writer (e.g. netty executor threads) and any other Queue reader (pipeline worker) to block.
This commit moves the deserialization out of the lock, allowing multiple pipeline workers to deserialize batches concurrently.
- add intermediate batch-holder from `Queue` methods
- make the intermediate batch-holder a private inner class of `Queue` with a descriptive name `SerializedBatchHolder`
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
(cherry picked from commit 637f447b88)
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
PR #17006 revealed that the `VERSION_QUALIFIER` env var gets honored in
various scripts when present but empty.
This shouldn't be the case as the DRA process is designed to gracefully
ignore empty values for this variable.
This commit changes various ruby scripts to not treat "" as truthy.
Bash scripts (used by CI etc.) are already ok with this as part of
refactorings done in #16907.
---------
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
(cherry picked from commit c7204fd7d6)
Co-authored-by: Dimitrios Liappis <dimitrios.liappis@gmail.com>
VERSION_QUALIFIER was already observed in rake artifacts task but only to influence the name of the artifact.
This commit ensure that the qualifier is also displayed in the cli and in the http api.
Backport PR #16968 to 8.x branch, original message:
----
Permit to use effectively the tokenizer also in context where a line is bigger than a limit.
Fixes an issues related to token size limit error, when the offending token was bigger than the input fragment in happened that the tokenzer wasn't unable to recover the token stream from the first delimiter after the offending token but messed things, loosing part of tokens.
## How solve the problem
This is a second take to fix the processing of tokens from the tokenizer after a buffer full error. The first try #16482 was rollbacked to the encoding error #16694.
The first try failed on returning the tokens in the same encoding of the input.
This PR does a couple of things:
- accumulates the tokens, so that after a full condition can resume with the next tokens after the offending one.
- respect the encoding of the input string. Use `concat` method instead of `addAll`, which avoid to convert RubyString to String and back to RubyString. When return the head `StringBuilder` it enforce the encoding with the input charset.
(cherry picked from commit 1c8cf546c2)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
This commit removed irrelevant warning for internal pipeline, such as monitoring pipeline.
Monitoring pipeline is expected to be one worker. The warning is not useful
Fixes: #13298
(cherry picked from commit 3f41828ebb)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
Non clean backport of #16576
----
Reimplements `LogStash::Setting::String` Ruby setting class into the `org.logstash.settings.SettingString` and exposes it through `java_import` as `LogStash::Setting::SettingString`.
Updates the rspec tests in two ways:
- logging mock is now converted to real Log4J appender that spy log line that are later verified
- verifies `java.lang.IllegalArgumentException` instead of `ArgumentError` is thrown because the kind of exception thrown by Java code, during verification.
* Fixed the rename of NullableString to SettingNullableString
* Fixed runner test to use real spy logger from Java Settings instead of mock test double
* Add a new pattern %{{TIME_NOW}} to `event.sprintf` to generate a fresh timestamp.
The timestamp is represented as a string in the default ISO 8601 format
For example,
```
input {
heartbeat {
add_field => { "heartbeat_time" => "%{{TIME_NOW}}" }
}
}
```
(cherry picked from commit cd729b7682)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
The preferred channel for communication about LS is the elastic discussion
forum, this commit updates the source code and readme files to reflect that.
* Revert "Apply Jackson stream read constraints defaults at runtime (#16832)"
This reverts commit cc608eb88b.
* jackson stream read constraints: code-based defaults
refactors stream read constraints to couple default values with their
associated overrides, which allows us to have more descriptive logging
that includes provenance of the value that has been applied.
(cherry picked from commit 16392908e2)
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
* Ensure plugin config marked :deprecated logs to deprecation logger (#16833)
Previously when the `:deprecated` modifier was used in the plugin config DSL a
log message was sent at `:warn` level to the main logger. This commit updates
that message to be routed *only* to the deprecation logger.
* Ensure plugin config marked `:deprecated` logs to deprecation logger
Previously when the `:deprecated` modifier was used in the plugin config DSL a
log message was sent at `:warn` level ONLY to the main logger. This commit updates
that message to be routed *both* to the deprecation logger as well as the main
logger. In 9.x this will *only* go to the deprecation logger.
When Logstash 8.12.0 added increased Jackson stream read constraints to
jvm.options, assumptions about the existence of that file's contents
were invalidated. This led to issues like #16683.
This change ensures Logstash applies defaults from config at runtime:
- MAX_STRING_LENGTH: 200_000_000
- MAX_NUMBER_LENGTH: 10_000
- MAX_NESTING_DEPTH: 1_000
These match the jvm.options defaults and are applied even when config
is missing. Config values still override these defaults when present.
(cherry picked from commit cc608eb88b)
Co-authored-by: Cas Donoghue <cas.donoghue@gmail.com>
Because a `break` escapes a `begin`...`end` block, we must not use a `break` in order to ensure that the explicitly set value gets memoized to avoid lock contention.
> ~~~ ruby
> def fake_sync(&block)
> puts "FAKE_SYNC:enter"
> val = yield
> puts "FAKE_SYNC:return(#{val})"
> return val
> ensure
> puts "FAKE_SYNC:ensure"
> end
>
> fake_sync do
> @ivar = begin
> puts("BE:begin")
> break :break
>
> val = :ret
> puts("BE:return(#{val})")
> val
> ensure
> puts("BE:ensure")
> end
> end
> ~~~
Note: no `FAKE_SYNC:return`:
> ~~~
> ╭─{ rye@perhaps:~/src/elastic/logstash (main ✔) }
> ╰─● ruby break-esc.rb
> FAKE_SYNC:enter
> BE:begin
> BE:ensure
> FAKE_SYNC:ensure
> [success]
> ~~~
(cherry picked from commit 01c8e8bb55)
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
This commit updates the Kibana client to add a `x-elastic-product-origin` header
with the value `logstash` for any requests originating from logstash to indicate
which internal product is using the API.
Moves the application of jackson defaults overrides into pure java, and
applies them statically _before_ the `org.logstash.ObjectMappers` has a chance
to start initializing object mappers that rely on the defaults.
We replace the runner's invocation (which was too late to be fully applied) with
a _verification_ that the configured defaults have been applied.
(cherry picked from commit 202d07cbbf)
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
* pipeline bus: add deadlock test for unlisten/unregisterSender
* pipeline bus: eliminate deadlock
Moves the sync-to-notify out of the `AddressStateMapping#mutate`'s effective
synchronous block to eliminate a race condition where unlistening to an address
and unregistering a sender could deadlock.
It is safe to notify an AddressState's attached input without exclusive access
to the AddressState, because notifying an input that has since been disconnected
is net zero harm.
The current max inflight error message focuses on a single pipeline and on a maximum amount of 10k events regardless of the heap size.
The new warning will take into account all loaded pipelines and also consider the heap size, giving a warning if the total number of events consumes 10% or more of the total heap.
For the purpose of the warning events are assumed to be 2KB as it a normal size for a small log entry.
(cherry picked from commit ca19f0029e)
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
- refactor deprecated alias to support obsoleted version
- add deprecation log for http.* config
(cherry picked from commit 3f0ad12d06)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
Fixes the behaviour of the tokenizer to be able to work properly when buffer full conditions are met.
Updates BufferedTokenizerExt so that can accumulate token fragments coming from different data segments. When a "buffer full" condition is matched, it record this state in a local field so that on next data segment it can consume all the token fragments till the next token delimiter.
Updated the accumulation variable from RubyArray containing strings to a StringBuilder which contains the head token, plus the remaining token fragments are stored in the input array.
Furthermore it translates the `buftok_spec` tests into JUnit tests.
(cherry picked from commit 85493ce864)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
Adds a JMH benchmark to measure the peformances of BufferedTokenizerExt.
Update also Gradle build script to remove CMS GC flags and fix deprecations for Gradle 9.0.
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
(cherry picked from commit b6f16c8b81)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
On 8.x series log a deprecation log if the user didn't explicitly specify a selection for pipeline.buffer.type. Before this change the default was silently set to direct, after this change if not explicitly defined, the default is still direct but log a deprecation log.
Co-authored-by: Ry Biesemeyer <yaauie@users.noreply.github.com>
- add `obsoleted_version` and remove `deprecated_msg` from `deprecated_option` for consistent warning message
(cherry picked from commit 8cd0fa8767)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
Update Settings to_hash method to also skip Java DeprecatedAlias and not just the Ruby one.
With PR #15679 was introduced org.logstash.settings.DeprecatedAlias which mirrors the behaviour of Ruby class Setting::DeprecatedAlias. The equality check at Logstash::Settings, as descibed in #16505 (comment), is implemented comparing the maps.
The conversion of Settings to the corresponding maps filtered out the Ruby implementation of DeprecatedAlias but not the Java one.
This PR adds also the Java one to the list of filter.
(cherry picked from commit 5d4825f000)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* [Spacetime] Reimplement config Setting classe in java (#15679)
Reimplement the root Ruby Setting class in Java and use it from the Ruby one moving the original Ruby class to a shell wrapping the Java instance.
In particular create a new symmetric hierarchy (at the time just for `Setting`, `Coercible` and `Boolean` classes) to the Ruby one, moving also the feature for setting deprecation. In this way the new `org.logstash.settings.Boolean` is syntactically and semantically equivalent to the old Ruby Boolean class, which replaces.
(cherry picked from commit 61de60fe26)
* Adds supress warnings related to this-escape for Java Settings classes
---------
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* [health] bootstrap HealthObserver from agent to API (#16141)
* [health] bootstrap HealthObserver from agent to API
* specs: mocked agent needs health observer
* add license headers
* Merge `main` into `feature/health-report-api` (#16397)
* Add GH vault plugin bot to allowed list (#16301)
* regenerate webserver test certificates (#16331)
* correctly handle stack overflow errors during pipeline compilation (#16323)
This commit improves error handling when pipelines that are too big hit the Xss limit and throw a StackOverflowError. Currently the exception is printed outside of the logger, and doesn’t even show if log.format is json, leaving the user to wonder what happened.
A couple of thoughts on the way this is implemented:
* There should be a first barrier to handle pipelines that are too large based on the PipelineIR compilation. The barrier would use the detection of Xss to determine how big a pipeline could be. This however doesn't reduce the need to still handle a StackOverflow if it happens.
* The catching of StackOverflowError could also be done on the WorkerLoop. However I'd suggest that this is unrelated to the Worker initialization itself, it just so happens that compiledPipeline.buildExecution is computed inside the WorkerLoop class for performance reasons. So I'd prefer logging to not come from the existing catch, but from a dedicated catch clause.
Solves #16320
* Doc: Reposition worker-utilization in doc (#16335)
* settings: add support for observing settings after post-process hooks (#16339)
Because logging configuration occurs after loading the `logstash.yml`
settings, deprecation logs from `LogStash::Settings::DeprecatedAlias#set` are
effectively emitted to a null logger and lost.
By re-emitting after the post-process hooks, we can ensure that they make
their way to the deprecation log. This change adds support for any setting
that responds to `Object#observe_post_process` to receive it after all
post-processing hooks have been executed.
Resolves: elastic/logstash#16332
* fix line used to determine ES is up (#16349)
* add retries to snyk buildkite job (#16343)
* Fix 8.13.1 release notes (#16363)
make a note of the fix that went to 8.13.1: #16026
Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com>
* Update logstash_releases.json (#16347)
* [Bugfix] Resolve the array and char (single | double quote) escaped values of ${ENV} (#16365)
* Properly resolve the values from ENV vars if literal array string provided with ENV var.
* Docker acceptance test for persisting keys and use actual values in docker container.
* Review suggestion.
Simplify the code by stripping whitespace before `gsub`, no need to check comma and split.
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
---------
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
* Doc: Add SNMP integration to breaking changes (#16374)
* deprecate java less-than 17 (#16370)
* Exclude substitution refinement on pipelines.yml (#16375)
* Exclude substitution refinement on pipelines.yml (applies on ENV vars and logstash.yml where env2yaml saves vars)
* Safety integration test for pipeline config.string contains ENV .
* Doc: Forwardport 8.15.0 release notes to main (#16388)
* Removing 8.14 from ci/branches.json as we have 8.15. (#16390)
---------
Co-authored-by: ev1yehor <146825775+ev1yehor@users.noreply.github.com>
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com>
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
* Squashed merge from 8.x
* Failure injector plugin implementation. (#16466)
* Test purpose only failure injector integration (filter and output) plugins implementation. Add unit tests and include license notes.
* Fix the degrate method name typo.
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* Add explanation to the config params and rebuild plugin gem.
---------
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* Health report integration tests bootstrapper and initial tests implementation (#16467)
* Health Report integration tests bootstrapper and initial slow start scenario implementation.
* Apply suggestions from code review
Renaming expectation check method name.
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
* Changed to branch concept, YAML structure simplified as changed to Dict.
* Apply suggestions from code review
Reflect `help_url` to the integration test.
---------
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
* health api: expose `GET /_health_report` with pipelines/*/status probe (#16398)
Adds a `GET /_health_report` endpoint with per-pipeline status probes, and wires the
resulting report status into the other API responses, replacing their hard-coded `green`
with a meaningful status indication.
---------
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
* docs: health report API, and diagnosis links (feature-targeted) (#16518)
* docs: health report API, and diagnosis links
* Remove plus-for-passthrough markers
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
---------
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
* merge 8.x into feature branch... (#16519)
* Add GH vault plugin bot to allowed list (#16301)
* regenerate webserver test certificates (#16331)
* correctly handle stack overflow errors during pipeline compilation (#16323)
This commit improves error handling when pipelines that are too big hit the Xss limit and throw a StackOverflowError. Currently the exception is printed outside of the logger, and doesn’t even show if log.format is json, leaving the user to wonder what happened.
A couple of thoughts on the way this is implemented:
* There should be a first barrier to handle pipelines that are too large based on the PipelineIR compilation. The barrier would use the detection of Xss to determine how big a pipeline could be. This however doesn't reduce the need to still handle a StackOverflow if it happens.
* The catching of StackOverflowError could also be done on the WorkerLoop. However I'd suggest that this is unrelated to the Worker initialization itself, it just so happens that compiledPipeline.buildExecution is computed inside the WorkerLoop class for performance reasons. So I'd prefer logging to not come from the existing catch, but from a dedicated catch clause.
Solves #16320
* Doc: Reposition worker-utilization in doc (#16335)
* settings: add support for observing settings after post-process hooks (#16339)
Because logging configuration occurs after loading the `logstash.yml`
settings, deprecation logs from `LogStash::Settings::DeprecatedAlias#set` are
effectively emitted to a null logger and lost.
By re-emitting after the post-process hooks, we can ensure that they make
their way to the deprecation log. This change adds support for any setting
that responds to `Object#observe_post_process` to receive it after all
post-processing hooks have been executed.
Resolves: elastic/logstash#16332
* fix line used to determine ES is up (#16349)
* add retries to snyk buildkite job (#16343)
* Fix 8.13.1 release notes (#16363)
make a note of the fix that went to 8.13.1: #16026
Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com>
* Update logstash_releases.json (#16347)
* [Bugfix] Resolve the array and char (single | double quote) escaped values of ${ENV} (#16365)
* Properly resolve the values from ENV vars if literal array string provided with ENV var.
* Docker acceptance test for persisting keys and use actual values in docker container.
* Review suggestion.
Simplify the code by stripping whitespace before `gsub`, no need to check comma and split.
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
---------
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
* Doc: Add SNMP integration to breaking changes (#16374)
* deprecate java less-than 17 (#16370)
* Exclude substitution refinement on pipelines.yml (#16375)
* Exclude substitution refinement on pipelines.yml (applies on ENV vars and logstash.yml where env2yaml saves vars)
* Safety integration test for pipeline config.string contains ENV .
* Doc: Forwardport 8.15.0 release notes to main (#16388)
* Removing 8.14 from ci/branches.json as we have 8.15. (#16390)
* Increase Jruby -Xmx to avoid OOM during zip task in DRA (#16408)
Fix: #16406
* Generate Dataset code with meaningful fields names (#16386)
This PR is intended to help Logstash developers or users that want to better understand the code that's autogenerated to model a pipeline, assigning more meaningful names to the Datasets subclasses' fields.
Updates `FieldDefinition` to receive the name of the field from construction methods, so that it can be used during the code generation phase, instead of the existing incremental `field%n`.
Updates `ClassFields` to propagate the explicit field name down to the `FieldDefinitions`.
Update the `DatasetCompiler` that add fields to `ClassFields` to assign a proper name to generated Dataset's fields.
* Implements safe evaluation of conditional expressions, logging the error without killing the pipeline (#16322)
This PR protects the if statements against expression evaluation errors, cancel the event under processing and log it.
This avoids to crash the pipeline which encounter a runtime error during event condition evaluation, permitting to debug the root cause reporting the offending event and removing from the current processing batch.
Translates the `org.jruby.exceptions.TypeError`, `IllegalArgumentException`, `org.jruby.exceptions.ArgumentError` that could happen during `EventCodition` evaluation into a custom `ConditionalEvaluationError` which bubbles up on AST tree nodes. It's catched in the `SplitDataset` node.
Updates the generation of the `SplitDataset `so that the execution of `filterEvents` method inside the compute body is try-catch guarded and defer the execution to an instance of `AbstractPipelineExt.ConditionalEvaluationListener` to handle such error. In this particular case the error management consist in just logging the offending Event.
---------
Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com>
* Update logstash_releases.json (#16426)
* Release notes for 8.15.1 (#16405) (#16427)
* Update release notes for 8.15.1
* update release note
---------
Co-authored-by: logstashmachine <43502315+logstashmachine@users.noreply.github.com>
Co-authored-by: Kaise Cheng <kaise.cheng@elastic.co>
(cherry picked from commit 2fca7e39e8)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Fix ConditionalEvaluationError to do not include the event that errored in its serialiaxed form, because it's not expected that this class is ever serialized. (#16429) (#16430)
Make inner field of ConditionalEvaluationError transient to be avoided during serialization.
(cherry picked from commit bb7ecc203f)
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* use gnu tar compatible minitar to generate tar artifact (#16432) (#16434)
Using VERSION_QUALIFIER when building the tarball distribution will fail since Ruby's TarWriter implements the older POSIX88 version of tar and paths will be longer than 100 characters.
For the long paths being used in Logstash's plugins, mainly due to nested folders from jar-dependencies, we need the tarball to follow either the 2001 ustar format or gnu tar, which is implemented by the minitar gem.
(cherry picked from commit 69f0fa54ca)
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
* account for the 8.x in DRA publishing task (#16436) (#16440)
the current DRA publishing task computes the branch from the version
contained in the version.yml
This is done by taking the major.minor and confirming that a branch
exists with that name.
However this pattern won't be applicable for 8.x, as that branch
currently points to 8.16.0 and there is no 8.16 branch.
This commit falls back to reading the buildkite injected
BUILDKITE_BRANCH variable.
(cherry picked from commit 17dba9f829)
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
* Fixes the issue where LS wipes out all quotes from docker env variables. (#16456) (#16459)
* Fixes the issue where LS wipes out all quotes from docker env variables. This is an issue when running LS on docker with CONFIG_STRING, needs to keep quotes with env variable.
* Add a docker acceptance integration test.
(cherry picked from commit 7c64c7394b)
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
* Known issue for 8.15.1 related to env vars references (#16455) (#16469)
(cherry picked from commit b54caf3fd8)
Co-authored-by: Luca Belluccini <luca.belluccini@elastic.co>
* bump .ruby_version to jruby-9.4.8.0 (#16477) (#16480)
(cherry picked from commit 51cca7320e)
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
* Release notes for 8.15.2 (#16471) (#16478)
Co-authored-by: andsel <selva.andre@gmail.com>
Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com>
(cherry picked from commit 01dc76f3b5)
* Change LogStash::Util::SubstitutionVariables#replace_placeholders refine argument to optional (#16485) (#16488)
(cherry picked from commit 8368c00367)
Co-authored-by: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com>
* Use jruby-9.4.8.0 in exhaustive CIs. (#16489) (#16491)
(cherry picked from commit fd1de39005)
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
* Don't use an older JRuby with oraclelinux-7 (#16499) (#16501)
A recent PR (elastic/ci-agent-images/pull/932) modernized the VM images
and removed JRuby 9.4.5.0 and some older versions.
This ended up breaking exhaustive test on Oracle Linux 7 that hard coded
JRuby 9.4.5.0.
PR https://github.com/elastic/logstash/pull/16489 worked around the
problem by pinning to the new JRuby, but actually we don't
need the conditional anymore since the original issue
https://github.com/jruby/jruby/issues/7579#issuecomment-1425885324 has
been resolved and none of our releasable branches (apart from 7.17 which
uses `9.2.20.1`) specify `9.3.x.y` in `/.ruby-version`.
Therefore, this commit removes conditional setting of JRuby for
OracleLinux 7 agents in exhaustive tests (and relies on whatever
`/.ruby-version` defines).
(cherry picked from commit 07c01f8231)
Co-authored-by: Dimitrios Liappis <dimitrios.liappis@gmail.com>
* Improve pipeline bootstrap error logs (#16495) (#16504)
This PR adds the cause errors details on the pipeline converge state error logs
(cherry picked from commit e84fb458ce)
Co-authored-by: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com>
* Logstash Health Report Tests Buildkite pipeline setup. (#16416) (#16511)
(cherry picked from commit 5195332bc6)
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
* Make health report test runner script executable. (#16446) (#16512)
(cherry picked from commit 2ebf2658ff)
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
* Backport PR #16423 to 8.x: DLQ-ing events that trigger an conditional evaluation error. (#16493)
* DLQ-ing events that trigger an conditional evaluation error. (#16423)
When a conditional evaluation encounter an error in the expression the event that triggered the issue is sent to pipeline's DLQ, if enabled for the executing pipeline.
This PR engage with the work done in #16322, the `ConditionalEvaluationListener` that is receives notifications about if-statements evaluation failure, is improved to also send the event to DLQ (if enabled in the pipeline) and not just logging it.
(cherry picked from commit b69d993d71)
* Fixed warning about non serializable field DeadLetterQueueWriter in serializable AbstractPipelineExt
---------
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
* add deprecation log for `--event_api.tags.illegal` (#16507) (#16515)
- move `--event_api.tags.illegal` from option to deprecated_option
- add deprecation log when the flag is explicitly used
relates: #16356
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
(cherry picked from commit a4eddb8a2a)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
---------
Co-authored-by: ev1yehor <146825775+ev1yehor@users.noreply.github.com>
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com>
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Luca Belluccini <luca.belluccini@elastic.co>
Co-authored-by: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com>
Co-authored-by: Dimitrios Liappis <dimitrios.liappis@gmail.com>
---------
Co-authored-by: ev1yehor <146825775+ev1yehor@users.noreply.github.com>
Co-authored-by: João Duarte <jsvd@users.noreply.github.com>
Co-authored-by: Karen Metts <35154725+karenzone@users.noreply.github.com>
Co-authored-by: Andrea Selva <selva.andre@gmail.com>
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Luca Belluccini <luca.belluccini@elastic.co>
Co-authored-by: Edmo Vamerlatti Costa <11836452+edmocosta@users.noreply.github.com>
Co-authored-by: Dimitrios Liappis <dimitrios.liappis@gmail.com>
- move `--event_api.tags.illegal` from option to deprecated_option
- add deprecation log when the flag is explicitly used
relates: #16356
Co-authored-by: Mashhur <99575341+mashhurs@users.noreply.github.com>
(cherry picked from commit a4eddb8a2a)
Co-authored-by: kaisecheng <69120390+kaisecheng@users.noreply.github.com>
