Update patch plugin versions in gemfile lock (#16110)

Co-authored-by: logstashmachine <43502315+logstashmachine@users.noreply.github.com>

.buildkite/aarch64_pipeline.yml

@@ -0,0 +1,111 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+agents:
+  provider: aws
+  imagePrefix: platform-ingest-logstash-ubuntu-2204-aarch64
+  instanceType: "m6g.4xlarge"
+  diskSizeGb: 200
+
+steps:
+  - group: "Testing Phase"
+    key: "testing-phase"
+    steps:
+      - label: ":rspec: Ruby unit tests"
+        key: "ruby-unit-tests"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          ci/unit_tests.sh ruby
+
+      - label: ":java: Java unit tests"
+        key: "java-unit-tests"
+        env:
+          # https://github.com/elastic/logstash/pull/15486 for background
+          ENABLE_SONARQUBE: "false"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          ci/unit_tests.sh java
+
+      - label: ":lab_coat: Integration Tests / part 1"
+        key: "integration-tests-part-1"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          ci/integration_tests.sh split 0
+
+      - label: ":lab_coat: Integration Tests / part 2"
+        key: "integration-tests-part-2"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          ci/integration_tests.sh split 1
+
+      - label: ":lab_coat: IT Persistent Queues / part 1"
+        key: "integration-tests-qa-part-1"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          export FEATURE_FLAG=persistent_queues
+          ci/integration_tests.sh split 0
+
+      - label: ":lab_coat: IT Persistent Queues / part 2"
+        key: "integration-tests-qa-part-2"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          export FEATURE_FLAG=persistent_queues
+          ci/integration_tests.sh split 1
+
+      - label: ":lab_coat: x-pack unit tests"
+        key: "x-pack-unit-tests"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          x-pack/ci/unit_tests.sh
+
+      - label: ":lab_coat: x-pack integration"
+        key: "integration-tests-x-pack"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          x-pack/ci/integration_tests.sh
+
+  - group: "Acceptance Phase"
+    depends_on: "testing-phase"
+    key: "acceptance-phase"
+    steps:
+      - label: "Docker [{{matrix}}] flavor acceptance"
+        command:
+          set -euo pipefail
+          
+          source .buildkite/scripts/common/vm-agent.sh && ci/docker_acceptance_tests.sh {{matrix}}
+        matrix:
+          - "full"
+          - "oss"
+
+      # *** TODO: enable after clarifying if acceptance tests really need vagrant on aarch64
+      # - label: "Acceptance tests on {{matrix.distribution}}"
+      #   agents:
+      #     provider: aws
+      #     imagePrefix: platform-ingest-logstash-{{matrix.distribution}}-aarch64
+      #     instanceType: "m6g.4xlarge"
+      #     diskSizeGb: 200
+      #   command:
+      #     set -euo pipefail
+          
+      #     source .buildkite/scripts/common/vm-agent.sh && ci/acceptance_tests.sh {{matrix.suite}}
+      #   matrix:
+      #     setup:
+      #       suite:
+      #         - "debian"
+      #       distribution:
+      #         - "ubuntu-2204"

.buildkite/dra_pipeline.yml

@@ -0,0 +1,11 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+steps:
+  - label: ":pipeline: Generate steps"
+    command: |
+      set -euo pipefail
+
+      echo "--- Building [${WORKFLOW_TYPE}] artifacts"
+      python3 -m pip install pyyaml
+      echo "--- Building dynamic pipeline steps"
+      python3 .buildkite/scripts/dra/generatesteps.py | buildkite-agent pipeline upload

.buildkite/exhaustive_tests_pipeline.yml

@@ -0,0 +1,39 @@
+steps:
+  - label: "Exhaustive tests pipeline"
+    command: |
+      #!/usr/bin/env bash
+      echo "--- Check for docs changes"
+      set +e
+      .buildkite/scripts/common/check-files-changed.sh '^docs/.*'
+      if [[ $$? -eq 0 ]]; then
+        echo "^^^ +++"
+        echo "Skipping running pipeline as all changes are related to docs."
+        exit 0
+      else
+        echo "Changes are not exclusively related to docs, continuing."
+      fi
+
+      set -eo pipefail
+
+      echo "--- Downloading prerequisites"
+      python3 -m pip install ruamel.yaml
+      curl -fsSL --retry-max-time 60 --retry 3 --retry-delay 5 -o /usr/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+      chmod a+x /usr/bin/yq
+
+      echo "--- Printing generated dynamic steps"
+      set +e
+      python3 .buildkite/scripts/exhaustive-tests/generate-steps.py >pipeline_steps.yml
+      if [[ $$? -ne 0 ]]; then
+        echo "^^^ +++"
+        echo "There was a problem rendering the pipeline steps."
+        cat pipeline_steps.yml
+        echo "Exiting now."
+        exit 1
+      else
+        set -eo pipefail
+        cat pipeline_steps.yml | yq .
+      fi
+
+      set -eo pipefail
+      echo "--- Uploading steps to buildkite"
+      cat pipeline_steps.yml | buildkite-agent pipeline upload

.buildkite/linux_jdk_matrix_pipeline.yml

@@ -0,0 +1,91 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+env:
+  DEFAULT_MATRIX_OS: "ubuntu-2204"
+  DEFAULT_MATRIX_JDK: "adoptiumjdk_17"
+
+steps:
+  - input: "Test Parameters"
+    if: build.source != "schedule" && build.source != "trigger_job"
+    fields:
+      - select: "Operating System"
+        key: "matrix-os"
+        hint: "The operating system variant(s) to run on:"
+        required: true
+        multiple: true
+        default: "${DEFAULT_MATRIX_OS}"
+        options:
+          - label: "Ubuntu 22.04"
+            value: "ubuntu-2204"
+          - label: "Ubuntu 20.04"
+            value: "ubuntu-2004"
+          - label: "Debian 12"
+            value: "debian-12"
+          - label: "Debian 11"
+            value: "debian-11"
+          - label: "Debian 10"
+            value: "debian-10"
+          - label: "RHEL 9"
+            value: "rhel-9"
+          - label: "RHEL 8"
+            value: "rhel-8"
+          - label: "CentOS 7"
+            value: "centos-7"
+          - label: "Oracle Linux 8"
+            value: "oraclelinux-8"
+          - label: "Oracle Linux 7"
+            value: "oraclelinux-7"
+          - label: "Rocky Linux 8"
+            value: "rocky-linux-8"
+          - label: "Amazon Linux (2023)"
+            value: "amazonlinux-2023"
+          - label: "OpenSUSE Leap 15"
+            value: "opensuse-leap-15"
+
+      - select: "Java"
+        key: "matrix-jdk"
+        hint: "The JDK to test with:"
+        required: true
+        multiple: true
+        default: "${DEFAULT_MATRIX_JDK}"
+        options:
+          - label: "Adoptium JDK 17 (Eclipse Temurin)"
+            value: "adoptiumjdk_17"
+          - label: "Adoptium JDK 11 (Eclipse Temurin)"
+            value: "adoptiumjdk_11"
+          - label: "OpenJDK 17"
+            value: "openjdk_17"
+          - label: "OpenJDK 11"
+            value: "openjdk_11"
+          - label: "Zulu 17"
+            value: "zulu_17"
+          - label: "Zulu 11"
+            value: "zulu_11"
+
+  - wait: ~
+    if: build.source != "schedule" && build.source != "trigger_job"
+
+  - command: |
+      set -euo pipefail
+
+      echo "--- Downloading prerequisites"
+      python3 -m pip install ruamel.yaml
+
+      echo "--- Printing generated dynamic steps"
+      export MATRIX_OSES="$(buildkite-agent meta-data get matrix-os --default=${DEFAULT_MATRIX_OS})"
+      export MATRIX_JDKS="$(buildkite-agent meta-data get matrix-jdk --default=${DEFAULT_MATRIX_JDK})"
+      set +eo pipefail
+      python3 .buildkite/scripts/jdk-matrix-tests/generate-steps.py >pipeline_steps.yml
+      if [[ $$? -ne 0 ]]; then
+        echo "^^^ +++"
+        echo "There was a problem rendering the pipeline steps."
+        cat pipeline_steps.yml
+        echo "Exiting now."
+        exit 1
+      else
+        set -eo pipefail
+        cat pipeline_steps.yml
+      fi
+
+      echo "--- Uploading steps to buildkite"
+      cat pipeline_steps.yml | buildkite-agent pipeline upload

.buildkite/pull_request_pipeline.yml

@@ -0,0 +1,184 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+steps:
+  - label: ":passport_control: License check"
+    key: "license-check"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+      cpu: "4"
+      memory: "6Gi"
+      ephemeralStorage: "100Gi"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      export JRUBY_OPTS="-J-Xmx1g"
+      export GRADLE_OPTS="-Xmx2g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info"
+      ci/license_check.sh -m 4G
+
+  - label: ":rspec: Ruby unit tests"
+    key: "ruby-unit-tests"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+      cpu: "4"
+      memory: "8Gi"
+      ephemeralStorage: "100Gi"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      ci/unit_tests.sh ruby
+
+  - label: ":java: Java unit tests"
+    key: "java-unit-tests"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+      if [[ $BUILDKITE_PULL_REQUEST == "false" ]]; then
+        # https://github.com/elastic/logstash/pull/15486 for background
+        export ENABLE_SONARQUBE="false"
+      else
+        source .buildkite/scripts/pull-requests/sonar-env.sh
+      fi
+
+      source .buildkite/scripts/common/container-agent.sh
+      ci/unit_tests.sh java
+    artifact_paths:
+      - "**/build/test-results/javaTests/TEST-*.xml"
+
+  - label: ":lab_coat: Integration Tests / part 1"
+    key: "integration-tests-part-1"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as a non-root user
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      ci/integration_tests.sh split 0
+
+  - label: ":lab_coat: Integration Tests / part 2"
+    key: "integration-tests-part-2"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as a non-root user
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      ci/integration_tests.sh split 1
+
+  - label: ":lab_coat: IT Persistent Queues / part 1"
+    key: "integration-tests-qa-part-1"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as non root (logstash) user. UID is hardcoded in image.
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      export FEATURE_FLAG=persistent_queues
+      ci/integration_tests.sh split 0
+
+  - label: ":lab_coat: IT Persistent Queues / part 2"
+    key: "integration-tests-qa-part-2"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as non root (logstash) user. UID is hardcoded in image.
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      export FEATURE_FLAG=persistent_queues
+      ci/integration_tests.sh split 1
+
+  - label: ":lab_coat: x-pack unit tests"
+    key: "x-pack-unit-tests"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as non root (logstash) user. UID is hardcoded in image.
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      x-pack/ci/unit_tests.sh
+
+  - label: ":lab_coat: x-pack integration"
+    key: "integration-tests-x-pack"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as non root (logstash) user. UID is hardcoded in image.
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      x-pack/ci/integration_tests.sh
+
+  - wait: ~
+    continue_on_failure: true
+
+  - label: "🏁 Annotate JUnit results"
+    # the plugin requires docker run, hence the use of a VM
+    agents:
+      provider: gcp
+      imageProject: elastic-images-prod
+      image: family/platform-ingest-logstash-ubuntu-2204
+      machineType: "n2-standard-2"
+    plugins:
+      - junit-annotate#v2.4.1:
+          artifacts: "**/TEST-*.xml"

.buildkite/scripts/common/check-files-changed.sh

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+# **********************************************************
+# Returns true if current checkout compared to parent commit
+# has changes ONLY matching the argument regexp
+#
+# Used primarily to skip running the exhaustive pipeline
+# when only docs changes have happened.
+# ********************************************************
+
+if [[ -z "$1" ]]; then
+  echo "Usage: $0 <regexp>"
+  exit 1
+fi
+
+previous_commit=$(git rev-parse HEAD^)
+changed_files=$(git diff --name-only $previous_commit)
+
+if [[ -n "$changed_files" ]] && [[ -z "$(echo "$changed_files" | grep -vE "$1")" ]]; then
+    echo "All files compared to the previous commit [$previous_commit] match the specified regex: [$1]"
+    echo "Files changed:"
+    git diff --name-only HEAD^
+  exit 0
+else
+  exit 1
+fi

.buildkite/scripts/common/container-agent.sh

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+# ********************************************************
+# This file contains prerequisite bootstrap invocations
+# required for Logstash CI when using containerized agents
+# ********************************************************
+
+set -euo pipefail
+
+if [[ $(whoami) == "logstash" ]]
+then
+    export PATH="/home/logstash/.rbenv/bin:$PATH"
+    eval "$(rbenv init -)"
+else
+    export PATH="/usr/local/rbenv/bin:$PATH"
+    eval "$(rbenv init -)"
+fi

.buildkite/scripts/common/vm-agent-multi-jdk.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+# **************************************************************
+# This file contains prerequisite bootstrap invocations
+# required for Logstash CI when using custom multi-jdk VM images
+# It is primarily used by the exhaustive BK pipeline.
+# **************************************************************
+
+set -euo pipefail
+
+source .ci/java-versions.properties
+export BUILD_JAVA_HOME=/opt/buildkite-agent/.java/$LS_BUILD_JAVA
+
+export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$BUILD_JAVA_HOME/bin:$PATH"
+
+eval "$(rbenv init -)"

.buildkite/scripts/common/vm-agent.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+# ********************************************************
+# This file contains prerequisite bootstrap invocations
+# required for Logstash CI when using VM/baremetal agents
+# ********************************************************
+
+set -euo pipefail
+
+export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:/opt/buildkite-agent/.java/bin:$PATH"
+export JAVA_HOME="/opt/buildkite-agent/.java"
+eval "$(rbenv init -)"

.buildkite/scripts/common/vm-images.json

@@ -0,0 +1,13 @@
+{
+    "#comment": "This file lists all custom vm images. We use it to make decisions about randomized CI jobs.",
+    "linux": {
+        "ubuntu": ["ubuntu-2204", "ubuntu-2004"],
+        "debian": ["debian-12", "debian-11", "debian-10"],
+        "rhel": ["rhel-9", "rhel-8"],
+        "oraclelinux": ["oraclelinux-8", "oraclelinux-7"],
+        "rocky": ["rocky-linux-8"],
+        "amazonlinux": ["amazonlinux-2023"],
+        "opensuse": ["opensuse-leap-15"]
+    },
+    "windows": ["windows-2022", "windows-2019", "windows-2016"]
+}

.buildkite/scripts/dra/build_docker.sh

@@ -0,0 +1,90 @@
+#!/bin/bash -ie
+#Note - ensure that the -e flag is set to properly set the $? status if any command fails
+echo "####################################################################"
+echo "##################### Starting $0"
+echo "####################################################################"
+
+source ./$(dirname "$0")/common.sh
+
+# WORKFLOW_TYPE is a CI externally configured environment variable that could assume "snapshot" or "staging" values
+case "$WORKFLOW_TYPE" in
+    snapshot)
+        info "Building artifacts for the $WORKFLOW_TYPE workflow..."
+        if [ -z "$VERSION_QUALIFIER_OPT" ]; then
+            rake artifact:docker || error "artifact:docker build failed."
+            rake artifact:docker_oss || error "artifact:docker_oss build failed."
+            rake artifact:dockerfiles || error "artifact:dockerfiles build failed."
+            if [ "$ARCH" != "aarch64" ]; then
+                rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed."
+            fi
+        else
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker || error "artifact:docker build failed."
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker_oss || error "artifact:docker_oss build failed."
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:dockerfiles || error "artifact:dockerfiles build failed."
+            if [ "$ARCH" != "aarch64" ]; then
+                VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed."
+            fi
+            # Qualifier is passed from CI as optional field and specify the version postfix
+            # in case of alpha or beta releases:
+            # e.g: 8.0.0-alpha1
+            STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+        fi
+        STACK_VERSION=${STACK_VERSION}-SNAPSHOT
+        info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+        ;;
+    staging)
+        info "Building artifacts for the $WORKFLOW_TYPE workflow..."
+        if [ -z "$VERSION_QUALIFIER_OPT" ]; then
+            RELEASE=1 rake artifact:docker || error "artifact:docker build failed."
+            RELEASE=1 rake artifact:docker_oss || error "artifact:docker_oss build failed."
+            RELEASE=1 rake artifact:dockerfiles || error "artifact:dockerfiles build failed."
+            if [ "$ARCH" != "aarch64" ]; then
+                RELEASE=1 rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed."
+            fi
+        else
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker || error "artifact:docker build failed."
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker_oss || error "artifact:docker_oss build failed."
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:dockerfiles || error "artifact:dockerfiles build failed."
+            if [ "$ARCH" != "aarch64" ]; then
+                VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed."
+            fi
+            # Qualifier is passed from CI as optional field and specify the version postfix
+            # in case of alpha or beta releases:
+            # e.g: 8.0.0-alpha1
+            STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+        fi
+        info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+        ;;
+    *)
+        error "Workflow (WORKFLOW_TYPE variable) is not set, exiting..."
+        ;;
+esac
+
+info "Saving tar.gz for docker images"
+save_docker_tarballs "${ARCH}" "${STACK_VERSION}"
+
+info "Generated Artifacts"
+for file in build/logstash-*; do shasum $file;done
+
+info "Uploading DRA artifacts in buildkite's artifact store ..."
+# Note the deb, rpm tar.gz AARCH64 files generated has already been loaded by the build_packages.sh
+images="logstash logstash-oss"
+if [ "$ARCH" != "aarch64" ]; then
+    # No logstash-ubi8 for AARCH64
+    images="logstash logstash-oss logstash-ubi8"
+fi
+for image in ${images}; do
+    buildkite-agent artifact upload "build/$image-${STACK_VERSION}-docker-image-${ARCH}.tar.gz"
+done
+
+# Upload 'docker-build-context.tar.gz' files only when build x86_64, otherwise they will be
+# overwritten when building aarch64 (or viceversa).
+if [ "$ARCH" != "aarch64" ]; then
+    for image in logstash logstash-oss logstash-ubi8 logstash-ironbank; do
+        buildkite-agent artifact upload "build/${image}-${STACK_VERSION}-docker-build-context.tar.gz"
+    done
+fi
+
+echo "####################################################################"
+echo "##################### Finishing $0"
+echo "####################################################################"

.buildkite/scripts/dra/build_packages.sh

@@ -0,0 +1,58 @@
+#!/bin/bash -ie
+#Note - ensure that the -e flag is set to properly set the $? status if any command fails
+echo "####################################################################"
+echo "##################### Starting $0"
+echo "####################################################################"
+
+source ./$(dirname "$0")/common.sh
+
+# WORKFLOW_TYPE is a CI externally configured environment variable that could assume "snapshot" or "staging" values
+case "$WORKFLOW_TYPE" in
+    snapshot)
+        info "Building artifacts for the $WORKFLOW_TYPE workflow..."
+        if [ -z "$VERSION_QUALIFIER_OPT" ]; then
+            SKIP_DOCKER=1 rake artifact:all || error "rake artifact:all build failed."
+        else
+            # Qualifier is passed from CI as optional field and specify the version postfix
+            # in case of alpha or beta releases:
+            # e.g: 8.0.0-alpha1
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" SKIP_DOCKER=1 rake artifact:all || error "rake artifact:all build failed."
+            STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+        fi
+        STACK_VERSION=${STACK_VERSION}-SNAPSHOT
+        info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+        ;;
+    staging)
+        info "Building artifacts for the $WORKFLOW_TYPE workflow..."
+        if [ -z "$VERSION_QUALIFIER_OPT" ]; then
+            RELEASE=1 SKIP_DOCKER=1 rake artifact:all || error "rake artifact:all build failed."
+        else
+            # Qualifier is passed from CI as optional field and specify the version postfix
+            # in case of alpha or beta releases:
+            # e.g: 8.0.0-alpha1
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 SKIP_DOCKER=1 rake artifact:all || error "rake artifact:all build failed."
+            STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+        fi
+        info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+        ;;
+    *)
+        error "Workflow (WORKFLOW_TYPE variable) is not set, exiting..."
+        ;;
+esac
+
+info "Generated Artifacts"
+for file in build/logstash-*; do shasum $file;done
+
+info "Creating dependencies report for ${STACK_VERSION}"
+mkdir -p build/distributions/dependencies-reports/
+bin/dependencies-report --csv=build/distributions/dependencies-reports/logstash-${STACK_VERSION}.csv
+
+info "Generated dependencies report"
+shasum build/distributions/dependencies-reports/logstash-${STACK_VERSION}.csv
+
+info "Uploading DRA artifacts in buildkite's artifact store ..."
+buildkite-agent artifact upload "build/logstash*;build/distributions/dependencies-reports/logstash*"
+
+echo "####################################################################"
+echo "##################### Finishing $0"
+echo "####################################################################"

.buildkite/scripts/dra/common.sh

@@ -0,0 +1,46 @@
+function info {
+    echo "--- INFO: $1"
+}
+
+function error {
+    echo "--- ERROR: $1"
+    exit 1
+}
+
+function save_docker_tarballs {
+    local arch="${1:?architecture required}"
+    local version="${2:?stack-version required}"
+    local images="logstash logstash-oss"
+    if [ "${arch}" != "aarch64" ]; then
+        # No logstash-ubi8 for AARCH64
+        images="logstash logstash-oss logstash-ubi8"
+    fi
+
+    for image in ${images}; do
+        tar_file="${image}-${version}-docker-image-${arch}.tar"
+        docker save -o "build/${tar_file}" \
+            "docker.elastic.co/logstash/${image}:${version}" || \
+            error "Unable to save tar file ${tar_file} for ${image} image."
+        # NOTE: if docker save exited with non-zero the error log already exited the script
+        gzip "build/${tar_file}"
+    done
+}
+
+# Since we are using the system jruby, we need to make sure our jvm process
+# uses at least 1g of memory, If we don't do this we can get OOM issues when
+# installing gems. See https://github.com/elastic/logstash/issues/5179
+export JRUBY_OPTS="-J-Xmx1g"
+
+# Extract the version number from the version.yml file
+# e.g.: 8.6.0
+# The suffix part like alpha1 etc is managed by the optional VERSION_QUALIFIER_OPT environment variable
+STACK_VERSION=`cat versions.yml | sed -n 's/^logstash\:[[:space:]]\([[:digit:]]*\.[[:digit:]]*\.[[:digit:]]*\)$/\1/p'`
+
+info "Agent is running on architecture [$(uname -i)]"
+
+export VERSION_QUALIFIER_OPT=${VERSION_QUALIFIER_OPT:-""}
+export DRA_DRY_RUN=${DRA_DRY_RUN:-""}
+
+if [[ ! -z $DRA_DRY_RUN && $BUILDKITE_STEP_KEY == "logstash_publish_dra" ]]; then
+    info "Release manager will run in dry-run mode [$DRA_DRY_RUN]"
+fi

.buildkite/scripts/dra/docker-env-setup.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+set -euo pipefail
+
+DOCKER_REGISTRY="docker.elastic.co"
+DOCKER_REGISTRY_SECRET_PATH="kv/ci-shared/platform-ingest/docker_registry_prod"
+CI_DRA_ROLE_PATH="kv/ci-shared/release/dra-role"
+
+
+function docker_login {
+  DOCKER_USERNAME_SECRET=$(retry -t 5 -- vault kv get -field user "${DOCKER_REGISTRY_SECRET_PATH}")
+  DOCKER_PASSWORD_SECRET=$(retry -t 5 -- vault kv get -field password "${DOCKER_REGISTRY_SECRET_PATH}")
+  docker login -u "${DOCKER_USERNAME_SECRET}" -p "${DOCKER_PASSWORD_SECRET}" "${DOCKER_REGISTRY}" 2>/dev/null
+  unset DOCKER_USERNAME_SECRET DOCKER_PASSWORD_SECRET
+}
+
+function release_manager_login {
+  DRA_CREDS_SECRET=$(retry -t 5 -- vault kv get -field=data -format=json ${CI_DRA_ROLE_PATH})
+  VAULT_ADDR_SECRET=$(echo ${DRA_CREDS_SECRET} | jq -r '.vault_addr')
+  VAULT_ROLE_ID=$(echo ${DRA_CREDS_SECRET} | jq -r '.role_id')
+  VAULT_SECRET_ID=$(echo ${DRA_CREDS_SECRET} | jq -r '.secret_id')
+  export VAULT_ADDR_SECRET VAULT_ROLE_ID VAULT_SECRET_ID
+}

.buildkite/scripts/dra/docker-env-teardown.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -euo pipefail
+
+# Unset all variables ending with _SECRET or _TOKEN
+for var in $(printenv | sed 's;=.*;;' | sort); do
+  if [[ $var != "VAULT_ADDR" && ("$var" == *_SECRET || "$var" == *_TOKEN || "$var" == *VAULT* ) ]]; then
+      unset "$var"
+  fi
+done
+
+if command -v docker &>/dev/null; then
+  DOCKER_REGISTRY="docker.elastic.co"
+  docker logout $DOCKER_REGISTRY
+fi

.buildkite/scripts/dra/generatesteps.py

@@ -0,0 +1,131 @@
+import os
+import sys
+
+import yaml
+
+def to_bk_key_friendly_string(key):
+    """
+    Convert and return key to an acceptable format for Buildkite's key: field
+    Only alphanumerics, dashes and underscores are allowed.
+    """
+
+    mapping_table = str.maketrans({'.': '_'})
+
+    return key.translate(mapping_table)
+
+def package_x86_step(branch, workflow_type):
+    step = f'''
+- label: ":package: Build packages / {branch}-{workflow_type.upper()} DRA artifacts"
+  key: "logstash_build_packages_dra"
+  agents:
+    provider: gcp
+    imageProject: elastic-images-prod
+    image: family/platform-ingest-logstash-ubuntu-2004
+    machineType: "n2-standard-16"
+    diskSizeGb: 200
+  command: |
+    export WORKFLOW_TYPE="{workflow_type}"
+    export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$PATH"
+    eval "$(rbenv init -)"
+    .buildkite/scripts/dra/build_packages.sh
+'''
+
+    return step
+
+def package_x86_docker_step(branch, workflow_type):
+    step = f'''
+- label: ":package: Build x86_64 Docker / {branch}-{workflow_type.upper()} DRA artifacts"
+  key: "logstash_build_x86_64_docker_dra"
+  agents:
+    provider: gcp
+    imageProject: elastic-images-prod
+    image: family/platform-ingest-logstash-ubuntu-2004
+    machineType: "n2-standard-16"
+    diskSizeGb: 200
+  command: |
+    export WORKFLOW_TYPE="{workflow_type}"
+    export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$PATH"
+    export ARCH="x86_64"
+    eval "$(rbenv init -)"
+    .buildkite/scripts/dra/build_docker.sh
+'''
+
+    return step
+
+def package_aarch64_docker_step(branch, workflow_type):
+    step = f'''
+- label: ":package: Build aarch64 Docker / {branch}-{workflow_type.upper()} DRA artifacts"
+  key: "logstash_build_aarch64_docker_dra"
+  agents:
+    provider: aws
+    imagePrefix: platform-ingest-logstash-ubuntu-2004-aarch64
+    instanceType: "m6g.4xlarge"
+    diskSizeGb: 200
+  command: |
+    export WORKFLOW_TYPE="{workflow_type}"
+    export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$PATH"
+    export ARCH="aarch64"
+    eval "$(rbenv init -)"
+    .buildkite/scripts/dra/build_docker.sh
+'''
+
+    return step
+
+def publish_dra_step(branch, workflow_type, depends_on):
+    step = f'''
+- label: ":elastic-stack: Publish  / {branch}-{workflow_type.upper()} DRA artifacts"
+  key: "logstash_publish_dra"
+  depends_on: "{depends_on}"
+  agents:
+    provider: gcp
+    imageProject: elastic-images-prod
+    image: family/platform-ingest-logstash-ubuntu-2004
+    machineType: "n2-standard-16"
+    diskSizeGb: 200
+  command: |
+    echo "+++ Restoring Artifacts"
+    buildkite-agent artifact download "build/logstash*" .
+    buildkite-agent artifact download "build/distributions/**/*" .
+    echo "+++ Changing permissions for the release manager"
+    sudo chown -R :1000 build
+    echo "+++ Running DRA publish step"
+    export WORKFLOW_TYPE="{workflow_type}"
+    .buildkite/scripts/dra/publish.sh
+    '''
+
+    return step
+
+def build_steps_to_yaml(branch, workflow_type):
+    steps = []
+    steps.extend(yaml.safe_load(package_x86_step(branch, workflow_type)))
+    steps.extend(yaml.safe_load(package_x86_docker_step(branch, workflow_type)))
+    steps.extend(yaml.safe_load(package_aarch64_docker_step(branch, workflow_type)))
+
+    return steps
+
+if __name__ == "__main__":
+    try:
+        workflow_type = os.environ["WORKFLOW_TYPE"]
+    except ImportError:
+        print(f"Missing env variable WORKFLOW_TYPE. Use export WORKFLOW_TYPE=<staging|snapshot>\n.Exiting.")
+        exit(1)
+
+    branch = os.environ["BUILDKITE_BRANCH"]
+
+    structure = {"steps": []}
+
+    # Group defining parallel steps that build and save artifacts
+    group_key = to_bk_key_friendly_string(f"logstash_dra_{workflow_type}")
+
+    structure["steps"].append({
+        "group": f":Build Artifacts - {workflow_type.upper()}",
+        "key": group_key,
+        "steps": build_steps_to_yaml(branch, workflow_type),
+    })
+
+    # Final step: pull artifacts built above and publish them via the release-manager
+    structure["steps"].extend(
+        yaml.safe_load(publish_dra_step(branch, workflow_type, depends_on=group_key)),
+    )
+
+    print('# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json\n' + yaml.dump(structure, Dumper=yaml.Dumper, sort_keys=False))

.buildkite/scripts/dra/publish.sh

@@ -0,0 +1,109 @@
+#!/bin/bash -i
+set -euo pipefail
+
+echo "####################################################################"
+echo "##################### Starting $0"
+echo "####################################################################"
+
+source ./$(dirname "$0")/common.sh
+
+PLAIN_STACK_VERSION=$STACK_VERSION
+
+# This is the branch selector that needs to be passed to the release-manager
+# It has to be the name of the branch which originates the artifacts.
+RELEASE_VER=`cat versions.yml | sed -n 's/^logstash\:[[:space:]]\([[:digit:]]*\.[[:digit:]]*\)\.[[:digit:]]*$/\1/p'`
+if [ -n "$(git ls-remote --heads origin $RELEASE_VER)" ] ; then
+    RELEASE_BRANCH=$RELEASE_VER
+else
+    RELEASE_BRANCH=main
+fi
+
+if [ -n "$VERSION_QUALIFIER_OPT" ]; then
+  # Qualifier is passed from CI as optional field and specify the version postfix
+  # in case of alpha or beta releases:
+  # e.g: 8.0.0-alpha1
+  STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+  PLAIN_STACK_VERSION="${PLAIN_STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+fi
+
+case "$WORKFLOW_TYPE" in
+    snapshot)
+        STACK_VERSION=${STACK_VERSION}-SNAPSHOT
+        ;;
+    staging)
+        ;;
+    *)
+        error "Worklflow (WORKFLOW_TYPE variable) is not set, exiting..."
+        ;;
+esac
+
+info "Uploading artifacts for ${WORKFLOW_TYPE} workflow on branch: ${RELEASE_BRANCH}"
+
+if [ "$RELEASE_VER" != "7.17" ]; then
+  # Version 7.17.x doesn't generates ARM artifacts for Darwin
+  # TODO see if we need to do anything here
+  :
+fi
+
+# Deleting ubi8 for aarch64 for the time being. This image itself is not being built, and it is not expected
+# by the release manager.
+# See https://github.com/elastic/infra/blob/master/cd/release/release-manager/project-configs/8.5/logstash.gradle
+# for more details.
+# TODO filter it out when uploading artifacts instead
+rm -f build/logstash-ubi8-${STACK_VERSION}-docker-image-aarch64.tar.gz
+
+info "Downloaded ARTIFACTS sha report"
+for file in build/logstash-*; do shasum $file;done
+
+mv build/distributions/dependencies-reports/logstash-${STACK_VERSION}.csv build/distributions/dependencies-${STACK_VERSION}.csv
+
+# set required permissions on artifacts and directory
+chmod -R a+r build/*
+chmod -R a+w build
+
+chmod -R a+r $PWD/*
+chmod -R a+w $PWD
+
+info "Setup docker credentials"
+# TODO disable tracing
+# set +o xtrace
+source ./$(dirname "$0")/docker-env-setup.sh
+release_manager_login
+
+# ensure the latest image has been pulled
+docker pull docker.elastic.co/infra/release-manager:latest
+
+info "Running the release manager ..."
+
+# collect the artifacts for use with the unified build
+docker run --rm \
+  --name release-manager \
+  -e VAULT_ADDR="${VAULT_ADDR_SECRET}" \
+  -e VAULT_ROLE_ID \
+  -e VAULT_SECRET_ID \
+  --mount type=bind,readonly=false,src="$PWD",target=/artifacts \
+  docker.elastic.co/infra/release-manager:latest \
+    cli collect \
+      --project logstash \
+      --branch ${RELEASE_BRANCH} \
+      --commit "$(git rev-parse HEAD)" \
+      --workflow "${WORKFLOW_TYPE}" \
+      --version "${PLAIN_STACK_VERSION}" \
+      --artifact-set main \
+      ${DRA_DRY_RUN} | tee rm-output.txt
+
+# extract the summary URL from a release manager output line like:
+# Report summary-8.22.0.html can be found at https://artifacts-staging.elastic.co/logstash/8.22.0-ABCDEFGH/summary-8.22.0.html
+
+SUMMARY_URL=$(grep -E '^Report summary-.* can be found at ' rm-output.txt | grep -oP 'https://\S+' | awk '{print $1}')
+rm rm-output.txt
+
+# and make it easily clickable as a Builkite annotation
+printf "**Summary link:** [${SUMMARY_URL}](${SUMMARY_URL})\n" | buildkite-agent annotate --style=success 
+
+info "Teardown logins"
+$(dirname "$0")/docker-env-teardown.sh
+
+echo "####################################################################"
+echo "##################### Finishing $0"
+echo "####################################################################"

.buildkite/scripts/exhaustive-tests/generate-steps.py

@@ -0,0 +1,225 @@
+import json
+import os
+import random
+import sys
+import typing
+
+from ruamel.yaml import YAML
+from ruamel.yaml.scalarstring import LiteralScalarString
+
+VM_IMAGES_FILE = ".buildkite/scripts/common/vm-images.json"
+VM_IMAGE_PREFIX = "platform-ingest-logstash-multi-jdk-"
+
+ACCEPTANCE_LINUX_OSES = ["ubuntu-2204", "ubuntu-2004", "debian-11", "debian-10", "rhel-8", "oraclelinux-7", "rocky-linux-8", "opensuse-leap-15", "amazonlinux-2023"]
+
+CUR_PATH = os.path.dirname(os.path.abspath(__file__))
+
+def slugify_bk_key(key: str) -> str:
+    """
+    Convert and return key to an acceptable format for Buildkite's key: field
+    Only alphanumerics, dashes and underscores are allowed.
+    """
+
+    mapping_table = str.maketrans({'.': '_', ' ': '_', '/': '_'})
+
+    return key.translate(mapping_table)
+
+def testing_phase_steps() -> typing.Dict[str, typing.List[typing.Any]]:
+    with open(os.path.join(CUR_PATH, "..", "..", "pull_request_pipeline.yml")) as fp:
+        return YAML().load(fp)
+
+def compat_linux_step(imagesuffix: str) -> dict[str, typing.Any]:
+    linux_command = LiteralScalarString("""#!/usr/bin/env bash
+set -eo pipefail
+source .buildkite/scripts/common/vm-agent.sh
+ci/unit_tests.sh""")
+
+    return compat_step(imagesuffix, command=linux_command)
+
+
+def compat_windows_step(imagesuffix: str) -> dict[str, typing.Any]:
+    windows_command = LiteralScalarString(r'''.\\ci\\unit_tests.ps1''')
+
+    return compat_step(imagesuffix, command=windows_command)
+
+def compat_step(imagesuffix: str, command: LiteralScalarString) -> dict[str, typing.Any]:
+    step = {
+        "label": imagesuffix,
+        "key": slugify_bk_key(f"compat-linux-{imagesuffix}"),
+        "command": command,
+        "agents": {},
+        "retry": {"automatic": [{"limit": 3}]},
+    }
+
+    if "amazon" in imagesuffix.lower():
+        step["agents"] = {
+            "provider": "aws",
+            "imagePrefix": f"{VM_IMAGE_PREFIX}{imagesuffix}",
+            "instanceType": "m5.2xlarge",
+            "diskSizeGb": 200,
+       }
+    else:
+       step["agents"] = {
+            "provider": "gcp",
+            "imageProject": "elastic-images-prod",
+            "image": f"family/{VM_IMAGE_PREFIX}{imagesuffix}",
+            "machineType": "n2-standard-4",
+            "diskSizeGb": 200,
+            "diskType": "pd-ssd",
+       }
+
+    return step
+
+def randomized_linux_oses() -> typing.List[str]:
+    with open(VM_IMAGES_FILE, "r") as fp:
+        all_oses = json.load(fp)
+
+    randomized_oses = []
+    for _, family_oses in all_oses["linux"].items():
+       randomized_oses.append(random.choice(family_oses))
+    return randomized_oses
+
+def randomized_windows_os() -> str:
+    with open(VM_IMAGES_FILE, "r") as fp:
+        all_oses = json.load(fp)
+
+    return random.choice(all_oses["windows"])
+
+def aws_agent(vm_name: str, instance_type: str, image_prefix: str = "platform-ingest-logstash-multi-jdk", disk_size_gb: int = 200) -> dict[str, typing.Any]:
+    return {
+        "provider": "aws",
+        "imagePrefix": f"{image_prefix}-{vm_name}",
+        "instanceType": instance_type,
+        "diskSizeGb": disk_size_gb,
+    }
+
+def gcp_agent(vm_name: str, instance_type: str = "n2-standard-4", image_prefix: str = "family/platform-ingest-logstash-multi-jdk", disk_size_gb: int = 200) -> dict[str, typing.Any]:
+    return {
+        "provider": "gcp",
+        "imageProject": "elastic-images-prod",
+        "image": f"{image_prefix}-{vm_name}",
+        "machineType": instance_type,
+        "diskSizeGb": disk_size_gb,
+        "diskType": "pd-ssd",
+    }
+
+def acceptance_linux_vms() -> typing.List[str]:
+    acceptance_linux_vms = os.getenv("ACCEPTANCE_LINUX_OSES")
+    if acceptance_linux_vms:
+        acceptance_linux_vms = acceptance_linux_vms.split(",")
+    else:
+        acceptance_linux_vms = ACCEPTANCE_LINUX_OSES
+
+    return acceptance_linux_vms
+
+def acceptance_linux_steps() -> list[typing.Any]:
+    steps = []
+
+    build_artifacts_step = {
+        "label": "Build artifacts",
+        "key": "acceptance-build-artifacts",
+        # use the same agent as the one we use for building DRA artifacts
+        # NOTE! specifically on 7.17 we must use ubuntu 20.04 or less due to https://github.com/jruby/jruby/pull/7611#issuecomment-1750387837
+        "agents": gcp_agent("ubuntu-2004", instance_type="n2-standard-16", image_prefix="family/platform-ingest-logstash"),
+        "command": LiteralScalarString("""#!/usr/bin/env bash
+set -eo pipefail
+source .buildkite/scripts/common/vm-agent.sh
+echo "--- Building all artifacts"
+./gradlew clean bootstrap
+rake artifact:deb artifact:rpm
+"""),
+        "artifact_paths": [
+            "build/*rpm",
+            "build/*deb",
+            "build/*tar.gz",
+        ],
+    }
+
+    steps.append(build_artifacts_step)
+
+    for vm in acceptance_linux_vms():
+        step = {
+            "label": vm,
+            "key": slugify_bk_key(vm),
+            "agents": aws_agent(vm,instance_type="m5.4xlarge") if "amazonlinux" in vm else gcp_agent(vm),
+            "depends_on": "acceptance-build-artifacts",
+            "retry": {"automatic": [{"limit": 3}]},
+            "command": LiteralScalarString("""#!/usr/bin/env bash
+set -eo pipefail
+source .buildkite/scripts/common/vm-agent-multi-jdk.sh
+source /etc/os-release
+if [[ "$$(echo $$ID_LIKE | tr '[:upper:]' '[:lower:]')" =~ (rhel|fedora) && "$${VERSION_ID%.*}" -le 7 ]]; then
+  # jruby-9.3.10.0 unavailable on centos-7 / oel-7, see https://github.com/jruby/jruby/issues/7579#issuecomment-1425885324 / https://github.com/jruby/jruby/issues/7695
+  # we only need a working jruby to run the acceptance test framework -- the packages have been prebuilt in a previous stage
+  rbenv local jruby-9.4.5.0
+fi
+ci/acceptance_tests.sh"""),
+        }
+        steps.append(step)
+
+    return steps
+
+def acceptance_docker_steps()-> list[typing.Any]:
+    steps = []
+    for flavor in ["full", "oss", "ubi8"]:
+        steps.append({
+            "label": f":docker: {flavor} flavor acceptance",
+            "agents": gcp_agent(vm_name="ubuntu-2204", image_prefix="family/platform-ingest-logstash"),
+            "command": LiteralScalarString(f"""#!/usr/bin/env bash
+set -euo pipefail
+source .buildkite/scripts/common/vm-agent.sh
+ci/docker_acceptance_tests.sh {flavor}"""),
+            "retry": {"automatic": [{"limit": 3}]},
+        })
+
+    return steps
+
+if __name__ == "__main__":
+    LINUX_OS_ENV_VAR_OVERRIDE = os.getenv("LINUX_OS")
+    WINDOWS_OS_ENV_VAR_OVERRIDE = os.getenv("WINDOWS_OS")
+
+    compat_linux_steps = []
+    linux_test_oses = [LINUX_OS_ENV_VAR_OVERRIDE] if LINUX_OS_ENV_VAR_OVERRIDE else randomized_linux_oses()
+    for linux_os in linux_test_oses:
+       compat_linux_steps.append(compat_linux_step(linux_os))
+
+    windows_test_os = WINDOWS_OS_ENV_VAR_OVERRIDE or randomized_windows_os()
+
+    structure = {"steps": []}
+
+    structure["steps"].append({
+        "group": "Testing Phase",
+        "key": "testing-phase",
+        **testing_phase_steps(),
+    })
+
+    structure["steps"].append({
+            "group": "Compatibility / Linux",
+            "key": "compatibility-linux",
+            "depends_on": "testing-phase",
+            "steps": compat_linux_steps,
+    })
+
+    structure["steps"].append({
+            "group": "Compatibility / Windows",
+            "key": "compatibility-windows",
+            "depends_on": "testing-phase",
+            "steps": [compat_windows_step(imagesuffix=windows_test_os)],
+    })
+
+    structure["steps"].append({
+            "group": "Acceptance / Packaging",
+            "key": "acceptance-packaging",
+            "depends_on": ["testing-phase"],
+            "steps": acceptance_linux_steps(),
+    })
+
+    structure["steps"].append({
+            "group": "Acceptance / Docker",
+            "key": "acceptance-docker",
+            "depends_on": ["testing-phase"],
+            "steps": acceptance_docker_steps(),
+    })
+
+    print('# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json')
+    YAML().dump(structure, sys.stdout)

.buildkite/scripts/jdk-matrix-tests/generate-steps.py

@@ -0,0 +1,405 @@
+import abc
+import copy
+from dataclasses import dataclass, field
+import os
+import sys
+import typing
+
+from ruamel.yaml import YAML
+from ruamel.yaml.scalarstring import LiteralScalarString
+
+ENABLED_RETRIES = {"automatic": [{"limit": 3}]}
+
+@dataclass
+class JobRetValues:
+    step_label: str
+    command: str
+    step_key: str
+    depends: str
+    agent: typing.Dict[typing.Any, typing.Any]
+    retry: typing.Optional[typing.Dict[typing.Any, typing.Any]] = None
+    artifact_paths: list = field(default_factory=list)
+
+
+class GCPAgent:
+    def __init__(self, image: str, machineType: str, diskSizeGb: int = 200, diskType: str = "pd-ssd") -> None:
+        self.provider = "gcp"
+        self.imageProject = "elastic-images-prod"
+        self.image = image
+        self.machineType = machineType
+        self.diskSizeGb = diskSizeGb
+        self.diskType = diskType
+
+    def to_dict(self):
+        return {
+            "provider": self.provider,
+            "imageProject": self.imageProject,
+            "image": self.image,
+            "machineType": self.machineType,
+            "diskSizeGb": self.diskSizeGb,
+            "diskType": self.diskType,
+        }
+
+
+class AWSAgent:
+    def __init__(self, imagePrefix: str, instanceType: str, diskSizeGb: int):
+        self.provider = "aws"
+        self.imagePrefix = imagePrefix
+        self.instanceType = instanceType
+        self.diskSizeGb = diskSizeGb
+
+    def to_dict(self):
+        return {
+            "provider": self.provider,
+            "imagePrefix": self.imagePrefix,
+            "instanceType": self.instanceType,
+            "diskSizeGb": self.diskSizeGb,   
+        }
+    
+class DefaultAgent:
+    """
+    Represents an empty agent definition which makes Buildkite use the default agent i.e. a container
+    """
+
+    def __init__(self) -> None:
+        pass
+
+    def to_json(self) -> typing.Dict:
+        return {}
+    
+
+@dataclass
+class BuildkiteEmojis:
+    running: str = ":bk-status-running:"
+    success: str = ":bk-status-passed:"
+    failed: str = ":bk-status-failed:"
+
+def slugify_bk_key(key: str) -> str:
+    """
+    Convert and return key to an acceptable format for Buildkite's key: field
+    Only alphanumerics, dashes and underscores are allowed.
+    """
+
+    mapping_table = str.maketrans({'.': '_', ' ': '_', '/': '_'})
+
+    return key.translate(mapping_table)
+
+def get_bk_metadata(key: str) -> typing.List[str]:
+    try:
+      return os.environ[key].split()
+    except KeyError:
+        print(f"Missing environment variable [{key}]. This should be set before calling this script using buildkite-agent meta-data get. Exiting.")
+        exit(1)
+
+def bk_annotate(body: str, context: str, mode = "") -> str:
+    cmd = f"""buildkite-agent annotate --style=info --context={context} """
+    if mode:
+        cmd += f"--{mode} "
+
+    cmd += f"\"{body}\n\""
+    return cmd
+
+
+class Jobs(abc.ABC):
+    def __init__(self, os: str, jdk: str, group_key: str, agent: typing.Union[GCPAgent, AWSAgent]):
+        self.os = os
+        self.jdk = jdk
+        self.group_key = group_key
+        self.init_annotation_key = f"{os}-{jdk}-initialize-annotation"
+        self.agent = agent
+
+    def init_annotation(self) -> JobRetValues:
+        """
+        Command for creating the header of a new annotation for a group step
+        """
+
+        body = f"### Group: {self.os} / {self.jdk}\n| **Status** | **Test** |\n| --- | ----|"
+
+        return JobRetValues(
+            step_label="Initialize annotation",
+            command=LiteralScalarString(bk_annotate(body=body, context=self.group_key)),
+            step_key=self.init_annotation_key,
+            depends="",
+            agent=DefaultAgent().to_json(),
+        )
+
+    @abc.abstractmethod
+    def all_jobs(self) -> list[typing.Callable[[], typing.Tuple[str, str]]]:
+        pass
+
+
+class WindowsJobs(Jobs):
+    def __init__(self, os: str, jdk: str, group_key: str, agent: typing.Union[GCPAgent, AWSAgent]):
+      super().__init__(os=os, jdk=jdk, group_key=group_key, agent=agent)
+
+    def all_jobs(self) -> list[typing.Callable[[], JobRetValues]]:
+        return [
+          self.init_annotation,
+          self.java_unit_test,
+          self.ruby_unit_test,          
+        ]
+
+    def java_unit_test(self) -> JobRetValues:
+        step_name_human = "Java Unit Test"
+        step_key = f"{self.group_key}-java-unit-test"
+        test_command = rf'''.\\.buildkite\\scripts\\jdk-matrix-tests\\launch-command.ps1 -JDK "{self.jdk}" -StepNameHuman "{step_name_human}" -AnnotateContext "{self.group_key}" -CIScript ".\\ci\\unit_tests.ps1 java" -Annotate
+        '''
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=LiteralScalarString(test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            artifact_paths=["build_reports.zip"],
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def ruby_unit_test(self) -> JobRetValues:
+        step_name_human = "Ruby Unit Test"
+        step_key = f"{self.group_key}-ruby-unit-test"
+        test_command = rf'''.\\.buildkite\\scripts\\jdk-matrix-tests\\launch-command.ps1 -JDK "{self.jdk}" -StepNameHuman "{step_name_human}" -AnnotateContext "{self.group_key}" -CIScript ".\\ci\\unit_tests.ps1 ruby" -Annotate
+        '''
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=LiteralScalarString(test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            artifact_paths=["build_reports.zip"],
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+
+class LinuxJobs(Jobs):
+    def __init__(self, os: str, jdk: str, group_key: str, agent: typing.Union[GCPAgent, AWSAgent]):
+      super().__init__(os=os, jdk=jdk, group_key=group_key, agent=agent)
+
+    def all_jobs(self) -> list[typing.Callable[[], JobRetValues]]:
+        return [
+            self.init_annotation,
+            self.java_unit_test,
+            self.ruby_unit_test,
+            self.integration_tests_part_1,
+            self.integration_tests_part_2,
+            self.pq_integration_tests_part_1,
+            self.pq_integration_tests_part_2,
+            self.x_pack_unit_tests,
+            self.x_pack_integration,
+        ]
+
+    def prepare_shell(self) -> str:
+        jdk_dir = f"/opt/buildkite-agent/.java/{self.jdk}"
+        return f"""#!/usr/bin/env bash
+set -euo pipefail
+
+# unset generic JAVA_HOME
+unset JAVA_HOME
+
+# LS env vars for JDK matrix tests
+export BUILD_JAVA_HOME={jdk_dir}
+export RUNTIME_JAVA_HOME={jdk_dir}
+export LS_JAVA_HOME={jdk_dir}
+
+export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$PATH"
+eval "$(rbenv init -)"
+"""
+
+    def failed_step_annotation(self, step_name_human) -> str:
+        return bk_annotate(body=f"| {BuildkiteEmojis.failed} | {step_name_human} |", context=self.group_key, mode="append")
+
+    def succeeded_step_annotation(self, step_name_human) -> str:
+        return bk_annotate(body=f"| {BuildkiteEmojis.success} | {step_name_human} |", context=self.group_key, mode="append")
+
+    def emit_command(self, step_name_human, test_command: str) -> str:
+        return LiteralScalarString(f"""
+{self.prepare_shell()}
+# temporarily disable immediate failure on errors, so that we can update the BK annotation
+set +eo pipefail
+{test_command}
+if [[ $$? -ne 0 ]]; then
+    {self.failed_step_annotation(step_name_human)}
+  exit 1
+else
+    {self.succeeded_step_annotation(step_name_human)}
+fi
+      """)
+
+    def java_unit_test(self) -> JobRetValues:
+        step_name_human = "Java Unit Test"
+        step_key = f"{self.group_key}-java-unit-test"
+        test_command = '''
+export ENABLE_SONARQUBE="false"
+ci/unit_tests.sh java
+        '''
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def ruby_unit_test(self) -> JobRetValues:
+        step_name_human = "Ruby Unit Test"
+        step_key = f"{self.group_key}-ruby-unit-test"
+        test_command = """
+ci/unit_tests.sh ruby
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def integration_tests_part_1(self) -> JobRetValues:
+        return self.integration_tests(part=1)
+
+    def integration_tests_part_2(self) -> JobRetValues:
+        return self.integration_tests(part=2)
+
+    def integration_tests(self, part: int) -> JobRetValues:
+        step_name_human = f"Integration Tests - {part}"
+        step_key = f"{self.group_key}-integration-tests-{part}"
+        test_command = f"""
+ci/integration_tests.sh split {part-1}
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def pq_integration_tests_part_1(self) -> JobRetValues:
+        return self.pq_integration_tests(part=1)
+
+    def pq_integration_tests_part_2(self) -> JobRetValues:
+        return self.pq_integration_tests(part=2)
+
+    def pq_integration_tests(self, part: int) -> JobRetValues:
+        step_name_human = f"IT Persistent Queues - {part}"
+        step_key = f"{self.group_key}-it-persistent-queues-{part}"
+        test_command = f"""
+export FEATURE_FLAG=persistent_queues
+ci/integration_tests.sh split {part-1}
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def x_pack_unit_tests(self) -> JobRetValues:
+        step_name_human = "x-pack unit tests"
+        step_key = f"{self.group_key}-x-pack-unit-test"
+        test_command = """
+x-pack/ci/unit_tests.sh
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def x_pack_integration(self) -> JobRetValues:
+        step_name_human = "x-pack integration"
+        step_key = f"{self.group_key}-x-pack-integration"
+        test_command = """
+x-pack/ci/integration_tests.sh
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+
+if __name__ == "__main__":
+    matrix_oses = get_bk_metadata(key="MATRIX_OSES")
+    matrix_jdkes = get_bk_metadata(key="MATRIX_JDKS")
+
+    pipeline_name = os.environ.get("BUILDKITE_PIPELINE_NAME", "").lower()
+
+    structure = {"steps": []}
+
+    for matrix_os in matrix_oses:
+        gcpAgent = GCPAgent(
+            image=f"family/platform-ingest-logstash-multi-jdk-{matrix_os}",
+            machineType="n2-standard-4",
+            diskSizeGb=200,
+            diskType="pd-ssd",
+        )
+
+        awsAgent = AWSAgent(
+            imagePrefix=f"platform-ingest-logstash-multi-jdk-{matrix_os}",
+            instanceType="m5.2xlarge",
+            diskSizeGb=200,
+        )
+
+        for matrix_jdk in matrix_jdkes:
+          group_name = f"{matrix_os}/{matrix_jdk}"
+          group_key = slugify_bk_key(group_name)
+
+          agent = awsAgent if "amazon" in matrix_os else gcpAgent
+
+          if "windows" in pipeline_name:
+            jobs = WindowsJobs(os=matrix_os, jdk=matrix_jdk, group_key=group_key, agent=agent)
+          else:
+            jobs = LinuxJobs(os=matrix_os, jdk=matrix_jdk, group_key=group_key, agent=agent)
+
+          group_steps = []
+          for job in jobs.all_jobs():
+            job_values = job()
+
+            step = {
+              "label": f"{job_values.step_label}",
+              "key": job_values.step_key,
+            }
+
+            if job_values.depends:
+                step["depends_on"] = job_values.depends
+
+            if job_values.agent:
+                step["agents"] = job_values.agent
+
+            if job_values.artifact_paths:
+                step["artifact_paths"] = job_values.artifact_paths
+
+            if job_values.retry:
+                step["retry"] = job_values.retry
+
+            step["command"] = job_values.command
+
+            group_steps.append(step)
+
+
+          structure["steps"].append({
+            "group": group_name,
+            "key": slugify_bk_key(group_name),
+            "steps": group_steps})
+
+    print('# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json')
+    YAML().dump(structure, sys.stdout)

.buildkite/scripts/jdk-matrix-tests/launch-command.ps1

@@ -0,0 +1,51 @@
+# ********************************************************
+# This file contains prerequisite bootstrap invocations
+# required for Logstash CI JDK matrix tests
+# ********************************************************
+
+param (
+    [string]$JDK,
+    [string]$CIScript,
+    [string]$StepNameHuman,
+    [string]$AnnotateContext,
+    [switch]$Annotate
+)
+
+# expand previous buildkite folded section (command invocation)
+Write-Host "^^^ +++"
+
+# unset generic JAVA_HOME
+if (Test-Path env:JAVA_HOME) {
+    Remove-Item -Path env:JAVA_HOME
+    Write-Host "--- Environment variable 'JAVA_HOME' has been unset."
+} else {
+    Write-Host "--- Environment variable 'JAVA_HOME' doesn't exist. Continuing."
+}
+
+# LS env vars for JDK matrix tests
+$JAVA_CUSTOM_DIR = "C:\Users\buildkite\.java\$JDK"
+$env:BUILD_JAVA_HOME = $JAVA_CUSTOM_DIR
+$env:RUNTIME_JAVA_HOME = $JAVA_CUSTOM_DIR
+$env:LS_JAVA_HOME = $JAVA_CUSTOM_DIR
+
+Write-Host "--- Running test: $CIScript"
+try {
+    Invoke-Expression $CIScript
+
+    if ($LASTEXITCODE -ne 0) {
+        throw "Test script $CIScript failed with a non-zero code: $LASTEXITCODE"
+    }
+
+    if ($Annotate) {
+        C:\buildkite-agent\bin\buildkite-agent.exe annotate --context="$AnnotateContext" --append "| :bk-status-passed: | $StepNameHuman |`n"
+    }
+} catch {
+    # tests failed
+    Write-Host "^^^ +++"
+    if ($Annotate) {
+        C:\buildkite-agent\bin\buildkite-agent.exe annotate --context="$AnnotateContext" --append "| :bk-status-failed: | $StepNameHuman |`n"
+        Write-Host "--- Archiving test reports"
+        & "7z.exe" a -r .\build_reports.zip .\logstash-core\build\reports\tests
+    }
+    exit 1
+}

.buildkite/scripts/pull-requests/sonar-env.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+SONAR_TOKEN_PATH="kv/ci-shared/platform-ingest/elastic/logstash/sonar-creds"
+export SONAR_TOKEN=$(retry -t 5 -- vault kv get -field=token ${SONAR_TOKEN_PATH})
+
+export SOURCE_BRANCH=$GITHUB_PR_BRANCH
+export TARGET_BRANCH=$GITHUB_PR_TARGET_BRANCH
+export PULL_ID=$GITHUB_PR_NUMBER
+export COMMIT_SHA=$BUILDKITE_COMMIT

.buildkite/windows_jdk_matrix_pipeline.yml

@@ -0,0 +1,71 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+env:
+  DEFAULT_MATRIX_OS: "windows-2022"
+  DEFAULT_MATRIX_JDK: "adoptiumjdk_17"
+
+steps:
+  - input: "Test Parameters"
+    if: build.source != "schedule" && build.source != "trigger_job"
+    fields:
+      - select: "Operating System"
+        key: "matrix-os"
+        hint: "The operating system variant(s) to run on:"
+        required: true
+        multiple: true
+        default: "${DEFAULT_MATRIX_OS}"
+        options:
+          - label: "Windows 2022"
+            value: "windows-2022"
+          - label: "Windows 2019"
+            value: "windows-2019"
+          - label: "Windows 2016"
+            value: "windows-2016"
+
+      - select: "Java"
+        key: "matrix-jdk"
+        hint: "The JDK to test with:"
+        required: true
+        multiple: true
+        default: "${DEFAULT_MATRIX_JDK}"
+        options:
+          - label: "Adoptium JDK 17 (Eclipse Temurin)"
+            value: "adoptiumjdk_17"
+          - label: "Adoptium JDK 11 (Eclipse Temurin)"
+            value: "adoptiumjdk_11"
+          - label: "OpenJDK 17"
+            value: "openjdk_17"
+          - label: "OpenJDK 11"
+            value: "openjdk_11"
+          - label: "Zulu 17"
+            value: "zulu_17"
+          - label: "Zulu 11"
+            value: "zulu_11"
+
+  - wait: ~
+    if: build.source != "schedule" && build.source != "trigger_job"
+
+  - command: |
+      set -euo pipefail
+
+      echo "--- Downloading prerequisites"
+      python3 -m pip install ruamel.yaml
+
+      echo "--- Printing generated dynamic steps"
+      export MATRIX_OSES="$(buildkite-agent meta-data get matrix-os --default=${DEFAULT_MATRIX_OS})"
+      export MATRIX_JDKS="$(buildkite-agent meta-data get matrix-jdk --default=${DEFAULT_MATRIX_JDK})"
+      set +eo pipefail
+      python3 .buildkite/scripts/jdk-matrix-tests/generate-steps.py >pipeline_steps.yml
+      if [[ $$? -ne 0 ]]; then
+        echo "^^^ +++"
+        echo "There was a problem rendering the pipeline steps."
+        cat pipeline_steps.yml
+        echo "Exiting now."
+        exit 1
+      else
+        set -eo pipefail
+        cat pipeline_steps.yml
+      fi
+
+      echo "--- Uploading steps to buildkite"
+      cat pipeline_steps.yml | buildkite-agent pipeline upload

.ci/java-versions.properties

@@ -0,0 +1,2 @@
+LS_BUILD_JAVA=adoptopenjdk_11
+LS_RUNTIME_JAVA=adoptopenjdk_11

.ci/matrix-runtime-javas.yml

@@ -0,0 +1,14 @@
+# This file is used as part of a matrix build in Jenkins where the
+# values below are included as an axis of the matrix.
+
+# This axis of the build matrix represents the versions of Java on
+# which Logstash can be tested against.
+
+LS_RUNTIME_JAVA:
+  - java8
+  - openjdk11
+  - openjdk17
+  - adoptopenjdk11
+  - adoptiumjdk17
+  - zulu11
+  - zulu17

.fossa.yml

@@ -0,0 +1,59 @@
+# Generated by FOSSA CLI (https://github.com/fossas/fossa-cli)
+# Visit https://fossa.com to learn more
+
+version: 2
+cli:
+  server: https://app.fossa.com
+  fetcher: custom
+  project: git@github.com:elastic/logstash.git
+analyze:
+  modules:
+    - name: Logstash gems
+      type: bundler
+      strategy: lockfile
+      target: .
+      path: .
+    - name: benchmark-cli
+      type: gradle
+      target: 'benchmark-cli:'
+      path: .
+    - name: dependencies-report
+      type: gradle
+      target: 'dependencies-report:'
+      path: .
+    - name: ingest-converter
+      type: gradle
+      target: 'ingest-converter:'
+      path: .
+    - name: logstash-core
+      type: gradle
+      target: 'logstash-core:'
+      path: .
+    - name: logstash-core-benchmarks
+      type: gradle
+      target: 'logstash-core-benchmarks:'
+      path: .
+    - name: logstash-integration-tests
+      type: gradle
+      target: 'logstash-integration-tests:'
+      path: .
+    - name: logstash-xpack
+      type: gradle
+      target: 'logstash-xpack:'
+    #   path: .
+    # - name: docker
+    #   type: pip
+    #   target: docker
+    #   path: docker
+    # - name: Gemfile
+    #   type: gem
+    #   target: qa
+    #   path: qa
+    # - name: Gemfile
+    #   type: gem
+    #   target: qa/integration
+    #   path: qa/integration
+    # - name: Gemfile
+    #   type: gem
+    #   target: tools/paquet
+    #   path: tools/paquet

.gitignore

@@ -16,8 +16,9 @@ out
 local
 test/setup/elasticsearch/elasticsearch-*
 vendor
+!docker/ironbank/go/src/env2yaml/vendor
 .sass-cache
-data
+/data
 .buildpath
 .project
 .DS_Store
@@ -57,3 +58,8 @@ logstash-core/versions-gem-copy.yml
 logstash-core-plugin-api/versions-gem-copy.yml
 config/logstash.keystore
 html_docs
+lib/pluginmanager/plugin_aliases.yml
+logstash-core/src/main/resources/org/logstash/plugins/plugin_aliases.yml
+spec/unit/plugin_manager/plugin_aliases.yml
+logstash-core/src/test/resources/org/logstash/plugins/plugin_aliases.yml
+qa/integration/fixtures/logs_rollover/log4j2.properties

.ruby-version

@@ -1 +1 @@
-jruby-9.1.12.0
+jruby-9.2.20.1

CONTRIBUTING.md

@@ -3,6 +3,8 @@
 All contributions are welcome: ideas, patches, documentation, bug reports,
 complaints, etc!
 
+If you want to be rewarded for your contributions, sign up for the [Elastic Contributor Program](https://www.elastic.co/community/contributor). Each time you make a valid contribution, you’ll earn points that increase your chances of winning prizes and being recognized as a top contributor.
+
 Programming is not a required skill, and there are many ways to help out!
 It is more important to us that you are able to contribute.
 
@@ -12,7 +14,7 @@ That said, some basic guidelines, which you are free to ignore :)
 
 Want to lurk about and see what others are doing with Logstash?
 
-* The irc channel (#logstash on irc.freenode.org) is a good place for this
+* The #logstash channel on Elastic Stack Community slack (https://elasticstack.slack.com/channels/logstash) is a good place to start. 
 * The [forum](https://discuss.elastic.co/c/logstash) is also
   great for learning from others.
 
@@ -21,12 +23,11 @@ Want to lurk about and see what others are doing with Logstash?
 Have a problem you want Logstash to solve for you?
 
 * You can ask a question in the [forum](https://discuss.elastic.co/c/logstash)
-* Alternately, you are welcome to join the IRC channel #logstash on
-irc.freenode.org and ask for help there!
+* You are welcome to join Elastic Stack Community slack (https://elasticstack.slack.com) and ask for help on the #logstash channel.
 
 ## Have an Idea or Feature Request?
 
-* File a ticket on [GitHub](https://github.com/elastic/logstash/issues). Please remember that GitHub is used only for issues and feature requests. If you have a general question, the [forum](https://discuss.elastic.co/c/logstash) or IRC would be the best place to ask.
+* File a ticket on [GitHub](https://github.com/elastic/logstash/issues). Please remember that GitHub is used only for issues and feature requests. If you have a general question, the [forum](https://discuss.elastic.co/c/logstash) or Elastic Stack Community slack (https://elasticstack.slack.com) is the best place to ask.
 
 ## Something Not Working? Found a Bug?
 
@@ -49,17 +50,22 @@ get in touch with our security team [here](https://www.elastic.co/community/secu
 
 If you have a bugfix or new feature that you would like to contribute to Logstash, and you think it will take
 more than a few minutes to produce the fix (ie; write code), it is worth discussing the change with the Logstash
-users and developers first. You can reach us via [GitHub](https://github.com/elastic/logstash/issues), the [forum](https://discuss.elastic.co/c/logstash), or via IRC (#logstash on freenode irc)
+users and developers first. You can reach us via [GitHub](https://github.com/elastic/logstash/issues), the [forum](https://discuss.elastic.co/c/logstash), or Elastic Stack Community slack (https://elasticstack.slack.com).
 
 Please note that Pull Requests without tests and documentation may not be merged. If you would like to contribute but do not have
-experience with writing tests, please ping us on IRC/forum or create a PR and ask our help.
+experience with writing tests, please ping us on the forum or create a PR and ask for our help.
 
-If you would like to contribute to Logstash, but don't know where to start, you can use the GitHub labels "adoptme"
-and "low hanging fruit". Issues marked with these labels are relatively easy, and provides a good starting
-point to contribute to Logstash.
+If you would like to contribute to Logstash, but don't know where to start, you
+can use the GitHub labels "adoptme", "low hanging fruit" and "good first issue".
+Issues marked with these labels are relatively easy, and provide a good
+starting point to contribute to Logstash.
 
-See: https://github.com/elastic/logstash/labels/adoptme
-https://github.com/elastic/logstash/labels/low%20hanging%20fruit
+See the following links:
+ * https://github.com/elastic/logstash/labels/adoptme
+ * https://github.com/elastic/logstash/labels/low%20hanging%20fruit
+ * https://github.com/elastic/logstash/labels/good%20first%20issue
+
+Or go directly here for an exhaustive list: https://github.com/elastic/logstash/contribute
 
 Using IntelliJ? See a detailed getting started guide [here](https://docs.google.com/document/d/1kqunARvYMrlfTEOgMpYHig0U-ZqCcMJfhvTtGt09iZg/pub).
 
@@ -71,7 +77,7 @@ Check our [documentation](https://www.elastic.co/guide/en/logstash/current/contr
 
 This document provides guidelines on editing a logstash plugin's CHANGELOG file.
 
-#### What's a CHANGELOG file?
+### What's a CHANGELOG file?
 
 According to [keepachangelog.com](https://keepachangelog.com/en/1.0.0/):
 
@@ -107,14 +113,24 @@ then you should still create an entry in the changelog, using the word `Unreleas
 
 Most code in logstash-plugins comes from self-contained changes in the form of pull requests, so each entry should:
 
-1. be a summary of the Pull Request and contain a markdown link to it.
-2. start with [BREAKING], when it denotes a breaking change.
-  * Note: Breaking changes should warrant a major version bump.
-3. after [BREAKING], start with one of the following keywords:
-    `Added`, `Changed`, `Deprecated`, `Removed`, `Fixed`, `Security`.
-4. keep multiple entries with the same keyword in the same changelog revision together.
+1. Be a summary of the Pull Request and contain a markdown link to the PR.
+2. Begin your entry with an introductory label if appropriate. Labels include:
+    `[DOC]`, `[BREAKING]`, `[SECURITY]`.  
+    NOTE: Your PR may not need a label.
+3. After the label, start with one of the following keywords:
+    `Added`, `Changed`, `Deprecated`, `Removed`, `Fixed`.
+4. Keep multiple entries with the same keyword in the same changelog revision together.
 
-The meaning of the keywords is as follows (copied from [keepachangelog.com](https://keepachangelog.com/en/1.0.0/#how):
+Labels (optional):
+
+- **`[BREAKING]`** for a breaking change.
+ Note that breaking changes should warrant a major version bump.
+- **`[DOC]`** for a change that affects only documentation, and not code.
+- **`[SECURITY]`** for a security fix. If you're working on a security issue, 
+please make sure to follow the process outlined by our security team. 
+If you haven't done so already, please [get in touch with them](https://www.elastic.co/community/security) first.
+
+Keywords (copied from [keepachangelog.com](https://keepachangelog.com/en/1.0.0/#how)):
 
 - **`Added`** for new features.
 - **`Changed`** for changes in existing functionality.
@@ -135,6 +151,9 @@ Example:
 - Changed default value of `execution_bugs` from 30 to 0 [#104](http://example.org)
 - [BREAKING] Removed obsolete option `enable_telnet` option [#100](http://example.org)
 
+## 3.3.3
+- [DOC] Fixed incorrect formatting of code sample [#85](http://example.org)
+
 ## 3.3.2
 - Fixed incorrect serialization of input data when encoding was `Emacs-Mule` [#84](http://example.org)
 
@@ -196,4 +215,3 @@ Keep these in mind as both authors and reviewers of PRs:
   * If no, ask for clarifications on the PR. This will usually lead to changes in the code such as renaming of variables/functions or extracting of functions or simply adding "why" inline comments. But first ask the author for clarifications before assuming any intent on their part.
 
 * I must not focus on personal preferences or nitpicks. If I understand the code in the PR but simply would've implemented the same solution a different way that's great but its not feedback that belongs in the PR. Such feedback only serves to slow down progress for little to no gain.
-

Dockerfile

@@ -1,8 +1,8 @@
-FROM ubuntu:xenial
+FROM ubuntu:bionic
 
 RUN apt-get update && \
     apt-get install -y zlib1g-dev build-essential vim rake git curl libssl-dev libreadline-dev libyaml-dev  \
-      libxml2-dev libxslt-dev openjdk-8-jdk-headless curl iputils-ping netcat && \
+      libxml2-dev libxslt-dev openjdk-11-jdk-headless curl iputils-ping netcat && \
     apt-get clean
 
 WORKDIR /root
@@ -20,25 +20,32 @@ WORKDIR /home/logstash
 # used by the purge policy
 LABEL retention="keep"
 
-ADD gradlew /opt/logstash/gradlew
-ADD gradle/wrapper /opt/logstash/gradle/wrapper
-ADD buildSrc /opt/logstash/buildSrc
-RUN /opt/logstash/gradlew wrapper
+# Setup gradle wrapper. When running any `gradle` command, a `settings.gradle` is expected (and will soon be required).
+# This section adds the gradle wrapper, `settings.gradle` and sets the permissions (setting the user to root for `chown`
+# and working directory to allow this and then reverts back to the previous working directory and user.
+COPY --chown=logstash:logstash gradlew /opt/logstash/gradlew
+COPY --chown=logstash:logstash gradle/wrapper /opt/logstash/gradle/wrapper
+COPY --chown=logstash:logstash settings.gradle /opt/logstash/settings.gradle
+WORKDIR /opt/logstash
+RUN for iter in `seq 1 10`; do ./gradlew wrapper --warning-mode all && exit_code=0 && break || exit_code=$? && echo "gradlew error: retry $iter in 10s" && sleep 10; done; exit $exit_code
+WORKDIR /home/logstash
 
 ADD versions.yml /opt/logstash/versions.yml
 ADD LICENSE.txt /opt/logstash/LICENSE.txt
 ADD NOTICE.TXT /opt/logstash/NOTICE.TXT
 ADD licenses /opt/logstash/licenses
 ADD CONTRIBUTORS /opt/logstash/CONTRIBUTORS
-ADD Gemfile.template /opt/logstash/Gemfile.template
+ADD Gemfile.template Gemfile.jruby-2.5.lock.* /opt/logstash/
 ADD Rakefile /opt/logstash/Rakefile
 ADD build.gradle /opt/logstash/build.gradle
+ADD rubyUtils.gradle /opt/logstash/rubyUtils.gradle
 ADD rakelib /opt/logstash/rakelib
 ADD config /opt/logstash/config
 ADD spec /opt/logstash/spec
 ADD qa /opt/logstash/qa
 ADD lib /opt/logstash/lib
 ADD pkg /opt/logstash/pkg
+ADD buildSrc /opt/logstash/buildSrc
 ADD tools /opt/logstash/tools
 ADD logstash-core /opt/logstash/logstash-core
 ADD logstash-core-plugin-api /opt/logstash/logstash-core-plugin-api
@@ -46,7 +53,6 @@ ADD bin /opt/logstash/bin
 ADD modules /opt/logstash/modules
 ADD x-pack /opt/logstash/x-pack
 ADD ci /opt/logstash/ci
-ADD settings.gradle /opt/logstash/settings.gradle
 
 USER root
 RUN rm -rf build && \
@@ -55,5 +61,4 @@ RUN rm -rf build && \
 USER logstash
 WORKDIR /opt/logstash
 
-LABEL retention="prune"
-
+LABEL retention="prune"

Dockerfile.base

@@ -1,9 +1,9 @@
 #logstash-base image, use ci/docker_update_base_image.sh to push updates
-FROM ubuntu:xenial
+FROM ubuntu:bionic
 
 RUN apt-get update && \
     apt-get install -y zlib1g-dev build-essential vim rake git curl libssl-dev libreadline-dev libyaml-dev  \
-      libxml2-dev libxslt-dev openjdk-8-jdk-headless curl iputils-ping netcat && \
+      libxml2-dev libxslt-dev openjdk-11-jdk-headless curl iputils-ping netcat && \
     apt-get clean
 
 WORKDIR /root

Gemfile.jruby-2.5.lock.release

@@ -0,0 +1,914 @@
+PATH
+  remote: logstash-core-plugin-api
+  specs:
+    logstash-core-plugin-api (2.1.16-java)
+      logstash-core (= 7.17.21)
+
+PATH
+  remote: logstash-core
+  specs:
+    logstash-core (7.17.21-java)
+      chronic_duration (~> 0.10)
+      clamp (~> 1)
+      concurrent-ruby (~> 1, < 1.1.10)
+      down (~> 5.2.0)
+      elasticsearch (~> 7)
+      filesize (~> 0.2)
+      gems (~> 1)
+      i18n (~> 1)
+      jrjackson (= 0.4.14)
+      jruby-openssl (~> 0.11)
+      manticore (~> 0.6)
+      minitar (~> 0.8)
+      mustermann (~> 1.0.3)
+      pry (~> 0.12)
+      puma (~> 5, >= 5.6.8)
+      racc (~> 1.5.2)
+      rack (~> 2)
+      rubyzip (~> 1)
+      rufus-scheduler
+      sinatra (~> 2)
+      stud (~> 0.0.19)
+      thread_safe (~> 0.3.6)
+      treetop (~> 1)
+      tzinfo-data
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.8.6)
+      public_suffix (>= 2.0.2, < 6.0)
+    amazing_print (1.4.0)
+    arr-pm (0.0.12)
+    atomic (1.1.101-java)
+    avl_tree (1.2.1)
+      atomic (~> 1.1)
+    avro (1.10.2)
+      multi_json (~> 1)
+    aws-eventstream (1.2.0)
+    aws-sdk (2.11.632)
+      aws-sdk-resources (= 2.11.632)
+    aws-sdk-core (2.11.632)
+      aws-sigv4 (~> 1.0)
+      jmespath (~> 1.0)
+    aws-sdk-resources (2.11.632)
+      aws-sdk-core (= 2.11.632)
+    aws-sigv4 (1.4.0)
+      aws-eventstream (~> 1, >= 1.0.2)
+    back_pressure (1.0.0)
+    backports (3.23.0)
+    belzebuth (0.2.3)
+      childprocess
+    benchmark-ips (2.10.0)
+    bigdecimal (3.1.7-java)
+    bindata (2.4.15)
+    buftok (0.2.0)
+    builder (3.2.4)
+    cabin (0.9.0)
+    childprocess (4.1.0)
+    chronic_duration (0.10.6)
+      numerizer (~> 0.1.1)
+    ci_reporter (2.0.0)
+      builder (>= 2.1.2)
+    ci_reporter_rspec (1.0.0)
+      ci_reporter (~> 2.0)
+      rspec (>= 2.14, < 4)
+    clamp (1.0.1)
+    coderay (1.1.3)
+    concurrent-ruby (1.1.9)
+    crack (0.4.6)
+      bigdecimal
+      rexml
+    dalli (2.7.11)
+    diff-lcs (1.5.1)
+    domain_name (0.5.20190701)
+      unf (>= 0.0.5, < 1.0.0)
+    dotenv (2.7.6)
+    down (5.2.4)
+      addressable (~> 2.8)
+    edn (1.1.1)
+    elastic-app-search (7.8.0)
+      jwt (>= 1.5, < 3.0)
+    elastic-workplace-search (0.4.1)
+    elasticsearch (7.17.10)
+      elasticsearch-api (= 7.17.10)
+      elasticsearch-transport (= 7.17.10)
+    elasticsearch-api (7.17.10)
+      multi_json
+    elasticsearch-transport (7.17.10)
+      faraday (>= 1, < 3)
+      multi_json
+    equalizer (0.0.11)
+    faraday (1.10.3)
+      faraday-em_http (~> 1.0)
+      faraday-em_synchrony (~> 1.0)
+      faraday-excon (~> 1.1)
+      faraday-httpclient (~> 1.0)
+      faraday-multipart (~> 1.0)
+      faraday-net_http (~> 1.0)
+      faraday-net_http_persistent (~> 1.0)
+      faraday-patron (~> 1.0)
+      faraday-rack (~> 1.0)
+      faraday-retry (~> 1.0)
+      ruby2_keywords (>= 0.0.4)
+    faraday-em_http (1.0.0)
+    faraday-em_synchrony (1.0.0)
+    faraday-excon (1.1.0)
+    faraday-httpclient (1.0.1)
+    faraday-multipart (1.0.4)
+      multipart-post (~> 2)
+    faraday-net_http (1.0.1)
+    faraday-net_http_persistent (1.2.0)
+    faraday-patron (1.0.0)
+    faraday-rack (1.0.0)
+    faraday-retry (1.0.3)
+    ffi (1.15.5-java)
+    filesize (0.2.0)
+    fivemat (1.3.7)
+    flores (0.0.8)
+    fpm (1.14.2)
+      arr-pm (~> 0.0.11)
+      backports (>= 2.6.2)
+      cabin (>= 0.6.0)
+      clamp (~> 1.0.0)
+      git (>= 1.3.0, < 2.0)
+      json (>= 1.7.7, < 3.0)
+      pleaserun (~> 0.0.29)
+      rexml
+      stud
+    gelfd2 (0.4.1)
+    gem_publisher (1.5.0)
+    gems (1.2.0)
+    gene_pool (1.5.0)
+      concurrent-ruby (>= 1.0)
+    git (1.10.2)
+      rchardet (~> 1.8)
+    hashdiff (1.0.1)
+    hitimes (1.3.1-java)
+    http (3.3.0)
+      addressable (~> 2.3)
+      http-cookie (~> 1.0)
+      http-form_data (~> 2.0)
+      http_parser.rb (~> 0.6.0)
+    http-cookie (1.0.5)
+      domain_name (~> 0.5)
+    http-form_data (2.3.0)
+    http_parser.rb (0.6.0-java)
+    i18n (1.10.0)
+      concurrent-ruby (~> 1.0)
+    insist (1.0.0)
+    jar-dependencies (0.4.1)
+    jls-grok (0.11.5)
+      cabin (>= 0.6.0)
+    jls-lumberjack (0.0.26)
+      concurrent-ruby
+    jmespath (1.6.2)
+    jrjackson (0.4.14-java)
+    jruby-jms (1.3.0-java)
+      gene_pool
+      semantic_logger
+    jruby-openssl (0.11.0-java)
+    jruby-stdin-channel (0.2.0-java)
+    json (2.6.3-java)
+    json-schema (2.8.1)
+      addressable (>= 2.4)
+    jwt (2.3.0)
+    kramdown (1.14.0)
+    logstash-codec-avro (3.3.1-java)
+      avro (~> 1.10.2)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-codec-cef (6.2.7-java)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+    logstash-codec-collectd (3.1.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-codec-dots (3.0.6)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-codec-edn (3.1.0)
+      edn
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-codec-edn_lines (3.1.0)
+      edn
+      logstash-codec-line
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-codec-es_bulk (3.1.0)
+      logstash-codec-line
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-codec-fluent (3.4.2-java)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+      msgpack (~> 1.1)
+    logstash-codec-graphite (3.0.6)
+      logstash-codec-line
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-event_support (~> 1.0)
+    logstash-codec-json (3.1.1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0, >= 1.0.1)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-codec-json_lines (3.1.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0, >= 1.0.1)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-codec-line (3.1.1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+    logstash-codec-msgpack (3.1.0-java)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+      msgpack (~> 1.1)
+    logstash-codec-multiline (3.1.2)
+      concurrent-ruby
+      jls-grok (~> 0.11.1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-patterns-core
+    logstash-codec-netflow (4.2.2)
+      bindata (>= 1.5.0)
+      logstash-core-plugin-api (~> 2.0)
+      logstash-mixin-event_support (~> 1.0)
+    logstash-codec-plain (3.1.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+    logstash-codec-rubydebug (3.1.0)
+      amazing_print (~> 1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-devutils (1.3.6-java)
+      fivemat
+      gem_publisher
+      insist (= 1.0.0)
+      kramdown (= 1.14.0)
+      logstash-core-plugin-api (>= 2.0, <= 2.99)
+      minitar
+      rake
+      rspec (~> 3.0)
+      rspec-wait
+      stud (>= 0.0.20)
+    logstash-filter-aggregate (2.10.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-anonymize (3.0.7)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      murmurhash3 (= 0.1.6)
+    logstash-filter-cidr (3.1.3-java)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-clone (4.2.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.1)
+    logstash-filter-csv (3.1.1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-filter-date (3.1.15)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-de_dot (1.0.4)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-dissect (1.2.5)
+      jar-dependencies
+      logstash-core-plugin-api (>= 2.1.1, <= 2.99)
+    logstash-filter-dns (3.1.5)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      lru_redux (~> 1.1.0)
+    logstash-filter-drop (3.0.5)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-elasticsearch (3.11.1)
+      elasticsearch (>= 7.14.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      manticore (>= 0.7.1)
+    logstash-filter-fingerprint (3.3.2)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+      murmurhash3
+    logstash-filter-geoip (7.2.13-java)
+      logstash-core (>= 7.14.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+    logstash-filter-grok (4.4.3)
+      jls-grok (~> 0.11.3)
+      logstash-core (>= 5.6.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.0)
+      logstash-patterns-core (>= 4.3.0, < 5)
+      stud (~> 0.0.22)
+    logstash-filter-http (1.2.1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+      logstash-mixin-http_client (>= 5.0.0, < 9.0.0)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-filter-json (3.2.1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-filter-kv (4.5.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-validator_support (~> 1.0)
+    logstash-filter-memcached (1.1.0)
+      dalli (~> 2.7)
+      logstash-core-plugin-api (~> 2.0)
+    logstash-filter-metrics (4.0.7)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      metriks
+      thread_safe
+    logstash-filter-mutate (3.5.8)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-prune (3.0.4)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-ruby (3.1.8)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-sleep (3.0.7)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-split (3.1.8)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-syslog_pri (3.1.1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+    logstash-filter-throttle (4.0.4)
+      atomic
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      thread_safe
+    logstash-filter-translate (3.3.1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-deprecation_logger_support (~> 1.0)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+      logstash-mixin-validator_support (~> 1.0)
+      rufus-scheduler
+    logstash-filter-truncate (1.0.6)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-urldecode (3.0.6)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-useragent (3.3.5-java)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+    logstash-filter-uuid (3.0.5)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-filter-xml (4.1.3)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      nokogiri
+      xml-simple
+    logstash-input-azure_event_hubs (1.4.5)
+      logstash-codec-json
+      logstash-codec-plain
+      logstash-core-plugin-api (~> 2.0)
+      stud (>= 0.0.22)
+    logstash-input-beats (6.2.6-java)
+      concurrent-ruby (~> 1.0)
+      jar-dependencies (~> 0.3, >= 0.3.4)
+      logstash-codec-multiline (>= 2.0.5)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      thread_safe (~> 0.3.5)
+    logstash-input-couchdb_changes (3.1.6)
+      json
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      stud (>= 0.0.22)
+    logstash-input-dead_letter_queue (1.1.12)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-input-elasticsearch (4.12.3)
+      elasticsearch (>= 7.17.1)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+      manticore (>= 0.7.1)
+      rufus-scheduler
+      tzinfo
+      tzinfo-data
+    logstash-input-exec (3.4.0)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      rufus-scheduler
+      stud (~> 0.0.22)
+    logstash-input-file (4.4.6)
+      addressable
+      concurrent-ruby (~> 1.0)
+      logstash-codec-multiline (~> 3.0)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+    logstash-input-ganglia (3.1.4)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      stud (~> 0.0.22)
+    logstash-input-gelf (3.3.2)
+      gelfd2 (= 0.4.1)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      stud (>= 0.0.22, < 0.1.0)
+    logstash-input-generator (3.1.0)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+    logstash-input-graphite (3.0.6)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-input-tcp
+    logstash-input-heartbeat (3.1.1)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-deprecation_logger_support (~> 1.0)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+      logstash-mixin-event_support (~> 1.0)
+      stud
+    logstash-input-http (3.4.5-java)
+      jar-dependencies (~> 0.3, >= 0.3.4)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+    logstash-input-http_poller (5.1.0)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0, >= 1.0.1)
+      logstash-mixin-http_client (~> 7)
+      logstash-mixin-validator_support (~> 1.0)
+      rufus-scheduler (~> 3.0.9)
+      stud (~> 0.0.22)
+    logstash-input-imap (3.2.0)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-validator_support (~> 1.0)
+      mail (~> 2.6.3)
+      mime-types (= 2.6.2)
+      stud (~> 0.0.22)
+    logstash-input-jms (3.2.2-java)
+      jruby-jms (>= 1.2.0)
+      logstash-codec-json (~> 3.0)
+      logstash-codec-plain (~> 3.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+      semantic_logger (< 4.0.0)
+    logstash-input-pipe (3.1.0)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      stud (~> 0.0.22)
+    logstash-input-redis (3.7.0)
+      logstash-codec-json
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      redis (>= 4.0.1, < 5)
+    logstash-input-s3 (3.8.4)
+      logstash-core-plugin-api (>= 2.1.12, <= 2.99)
+      logstash-mixin-aws (>= 5.1.0)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+      stud (~> 0.0.18)
+    logstash-input-snmp (1.3.3)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+      stud (>= 0.0.22, < 0.1.0)
+    logstash-input-snmptrap (3.1.0)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+      snmp
+    logstash-input-sqs (3.1.3)
+      logstash-codec-json
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-aws (>= 4.3.0)
+    logstash-input-stdin (3.4.0)
+      jruby-stdin-channel
+      logstash-codec-line
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+    logstash-input-syslog (3.6.0)
+      concurrent-ruby
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-filter-date
+      logstash-filter-grok (>= 4.4.1)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+      stud (>= 0.0.22, < 0.1.0)
+    logstash-input-tcp (6.2.7-java)
+      jruby-openssl (>= 0.10.2)
+      logstash-codec-json
+      logstash-codec-json_lines
+      logstash-codec-line
+      logstash-codec-multiline
+      logstash-codec-plain
+      logstash-core (>= 6.7.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+    logstash-input-twitter (4.1.0)
+      http-form_data (~> 2)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+      public_suffix (~> 3)
+      stud (>= 0.0.22, < 0.1)
+      twitter (= 6.2.0)
+    logstash-input-udp (3.5.0)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.2)
+      stud (~> 0.0.22)
+    logstash-input-unix (3.1.2)
+      logstash-codec-line
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+    logstash-integration-elastic_enterprise_search (2.1.2)
+      elastic-app-search (~> 7.8.0)
+      elastic-workplace-search (~> 0.4.1)
+      logstash-codec-plain
+      logstash-core-plugin-api (~> 2.0)
+    logstash-integration-jdbc (5.2.6)
+      logstash-codec-plain
+      logstash-core (>= 6.5.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-ecs_compatibility_support (~> 1.3)
+      logstash-mixin-event_support (~> 1.0)
+      logstash-mixin-validator_support (~> 1.0)
+      lru_redux
+      rufus-scheduler
+      sequel
+      tzinfo
+      tzinfo-data
+    logstash-integration-kafka (10.9.0-java)
+      logstash-codec-json
+      logstash-codec-plain
+      logstash-core (>= 6.5.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-deprecation_logger_support (~> 1.0)
+      manticore (>= 0.5.4, < 1.0.0)
+      stud (>= 0.0.22, < 0.1.0)
+    logstash-integration-rabbitmq (7.3.3-java)
+      back_pressure (~> 1.0)
+      logstash-codec-json
+      logstash-core (>= 6.5.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      march_hare (~> 4.0)
+      stud (~> 0.0.22)
+    logstash-mixin-aws (5.1.0)
+      aws-sdk (~> 2)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-mixin-deprecation_logger_support (1.0.0-java)
+      logstash-core (>= 5.0.0)
+    logstash-mixin-ecs_compatibility_support (1.3.0-java)
+      logstash-core (>= 6.0.0)
+    logstash-mixin-event_support (1.0.1-java)
+      logstash-core (>= 6.8)
+    logstash-mixin-http_client (7.0.0)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      manticore (>= 0.5.2, < 1.0.0)
+    logstash-mixin-validator_support (1.0.2-java)
+      logstash-core (>= 6.8)
+    logstash-output-cloudwatch (3.0.10)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-aws (>= 1.0.0)
+      rufus-scheduler (>= 3.0.9)
+    logstash-output-csv (3.0.10)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-output-file
+    logstash-output-elasticsearch (11.4.2-java)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-deprecation_logger_support (~> 1.0)
+      logstash-mixin-ecs_compatibility_support (~> 1.0)
+      manticore (>= 0.8.0, < 1.0.0)
+      stud (~> 0.0, >= 0.0.17)
+    logstash-output-email (4.1.2)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      mail (~> 2.6.3)
+      mime-types (< 3)
+      mustache (>= 0.99.8)
+    logstash-output-file (4.3.0)
+      logstash-codec-json_lines
+      logstash-codec-line
+      logstash-core-plugin-api (>= 2.0.0, < 2.99)
+    logstash-output-graphite (3.1.6)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-output-http (5.2.5)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-http_client (>= 6.0.0, < 8.0.0)
+    logstash-output-lumberjack (3.1.9)
+      jls-lumberjack (>= 0.0.26)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      stud
+    logstash-output-nagios (3.0.6)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-output-null (3.0.5)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-output-pipe (3.0.6)
+      logstash-codec-plain
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-output-redis (5.0.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      redis (~> 4)
+      stud
+    logstash-output-s3 (4.3.7)
+      concurrent-ruby
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-aws (>= 4.3.0)
+      stud (~> 0.0.22)
+    logstash-output-sns (4.0.8)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-aws (>= 1.0.0)
+    logstash-output-sqs (6.0.0)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      logstash-mixin-aws (>= 4.3.0)
+    logstash-output-stdout (3.1.4)
+      logstash-codec-rubydebug
+      logstash-core-plugin-api (>= 1.60.1, < 2.99)
+    logstash-output-tcp (6.0.3)
+      logstash-codec-json
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      stud
+    logstash-output-udp (3.2.0)
+      logstash-codec-json
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    logstash-output-webhdfs (3.0.6)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+      snappy (= 0.0.12)
+      webhdfs
+    logstash-patterns-core (4.3.4)
+      logstash-core-plugin-api (>= 1.60, <= 2.99)
+    lru_redux (1.1.0)
+    mail (2.6.6)
+      mime-types (>= 1.16, < 4)
+    manticore (0.8.0-java)
+      openssl_pkcs8_pure
+    march_hare (4.4.0-java)
+    memoizable (0.4.2)
+      thread_safe (~> 0.3, >= 0.3.1)
+    method_source (1.0.0)
+    metriks (0.9.9.8)
+      atomic (~> 1.0)
+      avl_tree (~> 1.2.0)
+      hitimes (~> 1.1)
+    mime-types (2.6.2)
+    minitar (0.9)
+    msgpack (1.4.5-java)
+    multi_json (1.15.0)
+    multipart-post (2.1.1)
+    murmurhash3 (0.1.6-java)
+    mustache (0.99.8)
+    mustermann (1.0.3)
+    naught (1.1.0)
+    nio4r (2.5.9-java)
+    nokogiri (1.12.5-java)
+      racc (~> 1.4)
+    numerizer (0.1.1)
+    octokit (4.22.0)
+      faraday (>= 0.9)
+      sawyer (~> 0.8.0, >= 0.5.3)
+    openssl_pkcs8_pure (0.0.0.2)
+    paquet (0.2.1)
+    pleaserun (0.0.32)
+      cabin (> 0)
+      clamp
+      dotenv
+      insist
+      mustache (= 0.99.8)
+      stud
+    polyglot (0.3.5)
+    pry (0.14.2-java)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+      spoon (~> 0.0)
+    public_suffix (3.1.1)
+    puma (5.6.8-java)
+      nio4r (~> 2.0)
+    racc (1.5.2-java)
+    rack (2.2.9)
+    rack-protection (2.2.1)
+      rack
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rake (12.3.3)
+    rchardet (1.8.0)
+    redis (4.6.0)
+    rexml (3.2.6)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.1)
+    rspec-wait (0.0.9)
+      rspec (>= 3, < 4)
+    ruby-progressbar (1.11.0)
+    ruby2_keywords (0.0.5)
+    rubyzip (1.3.0)
+    rufus-scheduler (3.0.9)
+      tzinfo
+    sawyer (0.8.2)
+      addressable (>= 2.3.5)
+      faraday (> 0.8, < 2.0)
+    semantic_logger (3.4.1)
+      concurrent-ruby (~> 1.0)
+    sequel (5.53.0)
+    simple_oauth (0.3.1)
+    sinatra (2.2.1)
+      mustermann (~> 1.0)
+      rack (~> 2.2)
+      rack-protection (= 2.2.1)
+      tilt (~> 2.0)
+    snappy (0.0.12-java)
+      snappy-jars (~> 1.1.0)
+    snappy-jars (1.1.0.1.2-java)
+    snmp (1.3.2)
+    spoon (0.0.6)
+      ffi
+    stud (0.0.23)
+    thread_safe (0.3.6-java)
+    tilt (2.0.11)
+    treetop (1.6.12)
+      polyglot (~> 0.3)
+    twitter (6.2.0)
+      addressable (~> 2.3)
+      buftok (~> 0.2.0)
+      equalizer (~> 0.0.11)
+      http (~> 3.0)
+      http-form_data (~> 2.0)
+      http_parser.rb (~> 0.6.0)
+      memoizable (~> 0.4.0)
+      multipart-post (~> 2.0)
+      naught (~> 1.0)
+      simple_oauth (~> 0.3.0)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
+    tzinfo-data (1.2021.5)
+      tzinfo (>= 1.0.0)
+    unf (0.1.4-java)
+    webhdfs (0.10.2)
+      addressable
+    webmock (3.14.0)
+      addressable (>= 2.8.0)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+    xml-simple (1.1.9)
+      rexml
+
+PLATFORMS
+  java
+  universal-java-11
+
+DEPENDENCIES
+  atomic (~> 1)
+  belzebuth
+  benchmark-ips
+  builder (~> 3)
+  childprocess (~> 4)
+  ci_reporter_rspec (~> 1)
+  flores (~> 0.0.8)
+  fpm (~> 1, >= 1.14.1)
+  gems (~> 1)
+  json-schema (~> 2)
+  logstash-codec-avro
+  logstash-codec-cef
+  logstash-codec-collectd
+  logstash-codec-dots
+  logstash-codec-edn
+  logstash-codec-edn_lines
+  logstash-codec-es_bulk
+  logstash-codec-fluent
+  logstash-codec-graphite
+  logstash-codec-json
+  logstash-codec-json_lines
+  logstash-codec-line
+  logstash-codec-msgpack
+  logstash-codec-multiline
+  logstash-codec-netflow
+  logstash-codec-plain
+  logstash-codec-rubydebug
+  logstash-core!
+  logstash-core-plugin-api!
+  logstash-devutils (~> 1)
+  logstash-filter-aggregate
+  logstash-filter-anonymize
+  logstash-filter-cidr
+  logstash-filter-clone
+  logstash-filter-csv
+  logstash-filter-date
+  logstash-filter-de_dot
+  logstash-filter-dissect
+  logstash-filter-dns
+  logstash-filter-drop
+  logstash-filter-elasticsearch
+  logstash-filter-fingerprint
+  logstash-filter-geoip
+  logstash-filter-grok
+  logstash-filter-http
+  logstash-filter-json
+  logstash-filter-kv
+  logstash-filter-memcached
+  logstash-filter-metrics
+  logstash-filter-mutate
+  logstash-filter-prune
+  logstash-filter-ruby
+  logstash-filter-sleep
+  logstash-filter-split
+  logstash-filter-syslog_pri
+  logstash-filter-throttle
+  logstash-filter-translate
+  logstash-filter-truncate
+  logstash-filter-urldecode
+  logstash-filter-useragent
+  logstash-filter-uuid
+  logstash-filter-xml
+  logstash-input-azure_event_hubs
+  logstash-input-beats
+  logstash-input-couchdb_changes
+  logstash-input-dead_letter_queue
+  logstash-input-elasticsearch
+  logstash-input-exec
+  logstash-input-file
+  logstash-input-ganglia
+  logstash-input-gelf
+  logstash-input-generator
+  logstash-input-graphite
+  logstash-input-heartbeat
+  logstash-input-http
+  logstash-input-http_poller
+  logstash-input-imap
+  logstash-input-jms
+  logstash-input-pipe
+  logstash-input-redis
+  logstash-input-s3
+  logstash-input-snmp
+  logstash-input-snmptrap
+  logstash-input-sqs
+  logstash-input-stdin
+  logstash-input-syslog
+  logstash-input-tcp
+  logstash-input-twitter
+  logstash-input-udp
+  logstash-input-unix
+  logstash-integration-elastic_enterprise_search
+  logstash-integration-jdbc
+  logstash-integration-kafka
+  logstash-integration-rabbitmq
+  logstash-output-cloudwatch
+  logstash-output-csv
+  logstash-output-elasticsearch (>= 10.4.2)
+  logstash-output-email
+  logstash-output-file
+  logstash-output-graphite
+  logstash-output-http
+  logstash-output-lumberjack
+  logstash-output-nagios
+  logstash-output-null
+  logstash-output-pipe
+  logstash-output-redis
+  logstash-output-s3
+  logstash-output-sns
+  logstash-output-sqs
+  logstash-output-stdout
+  logstash-output-tcp
+  logstash-output-udp
+  logstash-output-webhdfs
+  murmurhash3 (= 0.1.6)
+  octokit (~> 4)
+  paquet (~> 0.2)
+  pleaserun (~> 0.0.28)
+  rack-test
+  rake (~> 12)
+  rspec (~> 3.5)
+  ruby-progressbar (~> 1)
+  rubyzip (~> 1)
+  stud (~> 0.0.22)
+  webmock (~> 3)
+
+BUNDLED WITH
+   2.3.18

Gemfile.template

@@ -4,122 +4,26 @@
 source "https://rubygems.org"
 gem "logstash-core", :path => "./logstash-core"
 gem "logstash-core-plugin-api", :path => "./logstash-core-plugin-api"
-gem "paquet", "~> 0.2"
-gem "ruby-progressbar", "~> 1"
-gem "builder", "~> 3"
-gem "ci_reporter_rspec", "~> 1", :group => :development
-gem "rspec", "~> 3.5", :group => :development
-gem "logstash-devutils", "~> 1", :group => :development
-gem "benchmark-ips", :group => :development
-gem "octokit", "~> 4", :group => :build
-gem "stud", "~> 0.0.22", :group => :build
-gem "rack-test", :require => "rack/test", :group => :development
-gem "fpm", "~> 1.3.3", :group => :build
-gem "rubyzip", "~> 1", :group => :build
-gem "gems", "~> 1", :group => :build
-gem "flores", "~> 0.0.6", :group => :development
 gem "atomic", "~> 1"
-gem "belzebuth", :group => :development
-gem "json-schema", "~> 2", :group => :development
+gem "builder", "~> 3"
+gem "paquet", "~> 0.2"
 gem "pleaserun", "~>0.0.28"
 gem "rake", "~> 12"
+gem "ruby-progressbar", "~> 1"
+gem "logstash-output-elasticsearch", ">= 10.4.2"
+gem "childprocess", "~> 4", :group => :build
+gem "fpm", "~> 1", ">= 1.14.1", :group => :build # compound due to bugfix https://github.com/jordansissel/fpm/pull/1856
+gem "gems", "~> 1", :group => :build
+gem "octokit", "~> 4", :group => :build
+gem "rubyzip", "~> 1", :group => :build
+gem "stud", "~> 0.0.22", :group => :build
+gem "belzebuth", :group => :development
+gem "benchmark-ips", :group => :development
+gem "ci_reporter_rspec", "~> 1", :group => :development
+gem "flores", "~> 0.0.8", :group => :development
+gem "json-schema", "~> 2", :group => :development
+gem "logstash-devutils", "~> 1", :group => :development
+gem "rack-test", :require => "rack/test", :group => :development
+gem "rspec", "~> 3.5", :group => :development
 gem "webmock", "~> 3", :group => :development
-gem "logstash-codec-cef"
-gem "logstash-codec-collectd"
-gem "logstash-codec-dots"
-gem "logstash-codec-edn"
-gem "logstash-codec-edn_lines"
-gem "logstash-codec-es_bulk"
-gem "logstash-codec-fluent"
-gem "logstash-codec-graphite"
-gem "logstash-codec-json"
-gem "logstash-codec-json_lines"
-gem "logstash-codec-line"
-gem "logstash-codec-msgpack"
-gem "logstash-codec-multiline"
-gem "logstash-codec-netflow"
-gem "logstash-codec-plain"
-gem "logstash-codec-rubydebug"
-gem "logstash-filter-aggregate"
-gem "logstash-filter-anonymize"
-gem "logstash-filter-cidr"
-gem "logstash-filter-clone"
-gem "logstash-filter-csv"
-gem "logstash-filter-date"
-gem "logstash-filter-de_dot"
-gem "logstash-filter-dissect"
-gem "logstash-filter-dns"
-gem "logstash-filter-drop"
-gem "logstash-filter-elasticsearch"
-gem "logstash-filter-fingerprint"
-gem "logstash-filter-geoip"
-gem "logstash-filter-grok"
-gem "logstash-filter-http"
-gem "logstash-filter-jdbc_static"
-gem "logstash-filter-jdbc_streaming"
-gem "logstash-filter-json"
-gem "logstash-filter-kv"
-gem "logstash-filter-memcached"
-gem "logstash-filter-metrics"
-gem "logstash-filter-mutate"
-gem "logstash-filter-ruby"
-gem "logstash-filter-sleep"
-gem "logstash-filter-split"
-gem "logstash-filter-syslog_pri"
-gem "logstash-filter-throttle"
-gem "logstash-filter-translate"
-gem "logstash-filter-truncate"
-gem "logstash-filter-urldecode"
-gem "logstash-filter-useragent"
-gem "logstash-filter-xml"
-gem "logstash-input-beats"
-gem "logstash-input-azure_event_hubs"
-gem "logstash-input-dead_letter_queue"
-gem "logstash-input-elasticsearch"
-gem "logstash-input-exec"
-gem "logstash-input-file"
-gem "logstash-input-ganglia"
-gem "logstash-input-gelf"
-gem "logstash-input-generator"
-gem "logstash-input-graphite"
-gem "logstash-input-heartbeat"
-gem "logstash-input-http"
-gem "logstash-input-http_poller"
-gem "logstash-input-imap"
-gem "logstash-input-jdbc"
-gem "logstash-input-kafka"
-gem "logstash-input-pipe"
-gem "logstash-input-rabbitmq"
-gem "logstash-input-redis"
-gem "logstash-input-s3"
-gem "logstash-input-snmp"
-gem "logstash-input-snmptrap"
-gem "logstash-input-sqs"
-gem "logstash-input-stdin"
-gem "logstash-input-syslog"
-gem "logstash-input-tcp"
-gem "logstash-input-twitter"
-gem "logstash-input-udp"
-gem "logstash-input-unix"
-gem "logstash-output-elastic_app_search"
-gem "logstash-output-cloudwatch"
-gem "logstash-output-csv"
-gem "logstash-output-elasticsearch"
-gem "logstash-output-email"
-gem "logstash-output-file"
-gem "logstash-output-graphite"
-gem "logstash-output-http"
-gem "logstash-output-kafka"
-gem "logstash-output-lumberjack"
-gem "logstash-output-nagios"
-gem "logstash-output-null"
-gem "logstash-output-pipe"
-gem "logstash-output-rabbitmq"
-gem "logstash-output-redis"
-gem "logstash-output-s3"
-gem "logstash-output-sns"
-gem "logstash-output-sqs"
-gem "logstash-output-stdout"
-gem "logstash-output-tcp"
-gem "logstash-output-udp"
-gem "logstash-output-webhdfs"
+gem "murmurhash3", "= 0.1.6" # Pins until version 0.1.7-java is released

README.md

@@ -16,27 +16,6 @@ For information about building the documentation, see the README in https://gith
 You can download officially released Logstash binaries, as well as debian/rpm packages for the
 supported platforms, from [downloads page](https://www.elastic.co/downloads/logstash).
 
-### Snapshot Builds
-
-For the daring, snapshot builds are available.
-These builds are created nightly and have undergone no formal QA, so they should **never** be run in production.
-
-| Complete, with X-Pack | Apache 2.0 licensed    |
-| --------------------- | ---------------------- |
-| [tar-complete][]      | [tar-oss][]            |
-| [zip-complete][]      | [zip-oss][]            |
-| [deb-complete][]      | [deb-oss][]            |
-| [rpm-complete][]      | [rpm-oss][]            |
-
-[tar-complete]: https://snapshots.elastic.co/downloads/logstash/logstash-7.0.0-SNAPSHOT.tar.gz
-[zip-complete]: https://snapshots.elastic.co/downloads/logstash/logstash-7.0.0-SNAPSHOT.zip
-[deb-complete]: https://snapshots.elastic.co/downloads/logstash/logstash-7.0.0-SNAPSHOT.deb
-[rpm-complete]: https://snapshots.elastic.co/downloads/logstash/logstash-7.0.0-SNAPSHOT.rpm
-[tar-oss]: https://snapshots.elastic.co/downloads/logstash/logstash-oss-7.0.0-SNAPSHOT.tar.gz
-[zip-oss]: https://snapshots.elastic.co/downloads/logstash/logstash-oss-7.0.0-SNAPSHOT.zip
-[deb-oss]: https://snapshots.elastic.co/downloads/logstash/logstash-oss-7.0.0-SNAPSHOT.deb
-[rpm-oss]: https://snapshots.elastic.co/downloads/logstash/logstash-oss-7.0.0-SNAPSHOT.rpm
-
 ## Need Help?
 
 - [Logstash Forum](https://discuss.elastic.co/c/logstash)
@@ -65,8 +44,8 @@ Logstash core will continue to exist under this repository and all related issue
 
 ### Prerequisites
 
-* Install JDK version 8. Make sure to set the `JAVA_HOME` environment variable to the path to your JDK installation directory. For example `set JAVA_HOME=<JDK_PATH>`
-* Install JRuby 9.1.x It is recommended to use a Ruby version manager such as [RVM](https://rvm.io/) or [rbenv](https://github.com/sstephenson/rbenv).
+* Install JDK version 8 or 11. Make sure to set the `JAVA_HOME` environment variable to the path to your JDK installation directory. For example `set JAVA_HOME=<JDK_PATH>`
+* Install JRuby 9.2.x It is recommended to use a Ruby version manager such as [RVM](https://rvm.io/) or [rbenv](https://github.com/sstephenson/rbenv).
 * Install `rake` and `bundler` tool using `gem install rake` and `gem install bundler` respectively.
 
 ### RVM install (optional)
@@ -159,7 +138,7 @@ Run the doc build script from within the `docs` repo. For example:
 
 ## Testing
 
-Most of the unit tests in Logstash are written using [rspec](http://rspec.info/) for the Ruby parts. For the Java parts, we use junit. For testing you can use the *test* `rake` tasks and the `bin/rspec` command, see instructions below:
+Most of the unit tests in Logstash are written using [rspec](http://rspec.info/) for the Ruby parts. For the Java parts, we use [junit](https://junit.org). For testing you can use the *test* `rake` tasks and the `bin/rspec` command, see instructions below:
 
 ### Core tests
 
@@ -183,6 +162,14 @@ Most of the unit tests in Logstash are written using [rspec](http://rspec.info/)
 3- To execute the complete test-suite including the integration tests run:
 
     ./gradlew check
+    
+4- To execute a single Ruby test run:
+
+    SPEC_OPTS="-fd -P logstash-core/spec/logstash/api/commands/default_metadata_spec.rb" ./gradlew :logstash-core:rubyTests --tests org.logstash.RSpecTests    
+
+5- To execute single spec for integration test, run:
+
+    ./gradlew integrationTests -PrubyIntegrationSpecs=specs/slowlog_spec.rb
 
 Sometimes you might find a change to a piece of Logstash code causes a test to hang. These can be hard to debug.
 
@@ -258,10 +245,10 @@ All contributions are welcome: ideas, patches, documentation, bug reports,
 complaints, and even something you drew up on a napkin.
 
 Programming is not a required skill. Whatever you've seen about open source and
-maintainers or community members  saying "send patches or die" - you will not
+maintainers or community members saying "send patches or die" - you will not
 see that here.
 
-It is more important to me that you are able to contribute.
+It is more important that you are able to contribute.
 
 For more information about contributing, see the
 [CONTRIBUTING](./CONTRIBUTING.md) file.

Rakefile

@@ -1,4 +1,19 @@
-# encoding: utf-8
+# Licensed to Elasticsearch B.V. under one or more contributor
+# license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright
+# ownership. Elasticsearch B.V. licenses this file to you under
+# the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
 
 $: << File.join(File.dirname(__FILE__), "lib")
 $: << File.join(File.dirname(__FILE__), "logstash-core/lib")

bin/benchmark.bat

@@ -0,0 +1,10 @@
+@echo off
+setlocal enabledelayedexpansion
+
+cd /d "%~dp0.."
+for /f %%i in ('cd') do set RESULT=%%i
+
+"%JAVACMD%" -cp "!!RESULT!!\tools\benchmark-cli\build\libs\benchmark-cli.jar;*" ^
+  org.logstash.benchmark.cli.Main %*
+
+endlocal

bin/ingest-convert.bat

@@ -0,0 +1,10 @@
+@echo off
+setlocal enabledelayedexpansion
+
+cd /d "%~dp0\.."
+for /f %%i in ('cd') do set RESULT=%%i
+
+"%JAVACMD%" -cp "!!RESULT!!\tools\ingest-converter\build\libs\ingest-converter.jar;*" ^
+  org.logstash.ingest.Pipeline %*
+
+endlocal

bin/logstash

@@ -1,7 +1,5 @@
 #!/bin/bash
-# Run logstash from source
-#
-# This is most useful when done from a git checkout.
+# Run logstash
 #
 # Usage:
 #   bin/logstash <command> [arguments]
@@ -58,9 +56,6 @@ if [ "$1" = "-V" ] || [ "$1" = "--version" ]; then
   fi
   echo "logstash $LOGSTASH_VERSION"
 else
-  unset CLASSPATH
-  for J in $(cd "${LOGSTASH_JARS}"; ls *.jar); do
-    CLASSPATH=${CLASSPATH}${CLASSPATH:+:}${LOGSTASH_JARS}/${J}
-  done
+  CLASSPATH="$(setup_classpath $LOGSTASH_JARS)"
   exec "${JAVACMD}" ${JAVA_OPTS} -cp "${CLASSPATH}" org.logstash.Logstash "$@"
 fi

bin/logstash-keystore

@@ -6,6 +6,6 @@ setup
 
 # bin/logstash-keystore is a short lived ruby script thus we can use aggressive "faster starting JRuby options"
 # see https://github.com/jruby/jruby/wiki/Improving-startup-time
-export JRUBY_OPTS="$JRUBY_OPTS -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -J-noverify -X-C -Xcompile.invokedynamic=false"
+export JRUBY_OPTS="${JRUBY_OPTS---dev}"
 
 ruby_exec "${LOGSTASH_HOME}/lib/secretstore/cli.rb" "$@"

bin/logstash-plugin

@@ -6,6 +6,6 @@ setup
 
 # bin/logstash-plugin is a short lived ruby script thus we can use aggressive "faster starting JRuby options"
 # see https://github.com/jruby/jruby/wiki/Improving-startup-time
-export JRUBY_OPTS="$JRUBY_OPTS -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -J-noverify -X-C -Xcompile.invokedynamic=false"
+export JRUBY_OPTS="${JRUBY_OPTS---dev}"
 
 ruby_exec "${LOGSTASH_HOME}/lib/pluginmanager/main.rb" "$@"

bin/logstash.bat

@@ -15,7 +15,7 @@ if "%1" == "--version" goto version
 
 rem iterate over the command line args and look for the argument
 rem after --path.settings to see if the jvm.options file is in
-rem that path and set LS_JVM_OPTIONS_CONFIG accordingly
+rem that path and set LS_JVM_OPTS accordingly
 :loop
 for /F "usebackq tokens=1-2* delims= " %%A in (!params!) do (
     set current=%%A
@@ -24,7 +24,7 @@ for /F "usebackq tokens=1-2* delims= " %%A in (!params!) do (
 
     if "!current!" == "--path.settings" (
     	if exist !next!\jvm.options (
-    	  set "LS_JVM_OPTIONS_CONFIG=!next!\jvm.options"
+    	  set "LS_JVM_OPTS=!next!\jvm.options"
     	)
     )
 
@@ -33,45 +33,40 @@ for /F "usebackq tokens=1-2* delims= " %%A in (!params!) do (
 	)
 )
 
-rem if explicit jvm.options is not found use default location
-if "%LS_JVM_OPTIONS_CONFIG%" == "" (
-  set LS_JVM_OPTIONS_CONFIG="%LS_HOME%\config\jvm.options"
-)
-
-rem extract the options from the JVM options file %LS_JVM_OPTIONS_CONFIG%
-rem such options are the lines beginning with '-', thus "findstr /b"
-if exist %LS_JVM_OPTIONS_CONFIG% (
-  for /F "usebackq delims=" %%a in (`findstr /b \- %LS_JVM_OPTIONS_CONFIG%`) do set options=!options! %%a
-  set "LS_JAVA_OPTS=!options! %LS_JAVA_OPTS%"
-) else (
-  echo "warning: no jvm.options file found"
-)
-set JAVA_OPTS=%LS_JAVA_OPTS%
-
 for %%i in ("%LS_HOME%\logstash-core\lib\jars\*.jar") do (
 	call :concat "%%i"
 )
 
-%JAVA% %JAVA_OPTS% -cp "%CLASSPATH%" org.logstash.Logstash %*
+@setlocal
+for /F "usebackq delims=" %%a in (`CALL "%JAVACMD%" -cp "!CLASSPATH!" "org.logstash.launchers.JvmOptionsParser" "!LS_HOME!" "!LS_JVM_OPTS!" ^|^| echo jvm_options_parser_failed`) do set LS_JAVA_OPTS=%%a
+@endlocal & set "MAYBE_JVM_OPTIONS_PARSER_FAILED=%LS_JAVA_OPTS%" & set LS_JAVA_OPTS=%LS_JAVA_OPTS%
+
+if "%MAYBE_JVM_OPTIONS_PARSER_FAILED%" == "jvm_options_parser_failed" (
+  echo "error: jvm options parser failed; exiting"
+  exit /b 1
+)
+set JAVA_OPTS=%LS_JAVA_OPTS%
+
+"%JAVACMD%" %JAVA_OPTS% -cp "%CLASSPATH%" org.logstash.Logstash %*
 
 goto :end
 
 :version
-set "LOGSTASH_VERSION_FILE1=%LS_HOME%\logstash-core\versions-gem-copy.yml"
-set "LOGSTASH_VERSION_FILE2=%LS_HOME%\versions.yml"
+set LOGSTASH_VERSION_FILE1="%LS_HOME%\logstash-core\versions-gem-copy.yml"
+set LOGSTASH_VERSION_FILE2="%LS_HOME%\versions.yml"
 
 set "LOGSTASH_VERSION=Version not detected"
 if exist !LOGSTASH_VERSION_FILE1! (
 	rem this file is present in zip, deb and rpm artifacts and after bundle install
 	rem but might not be for a git checkout type install
-	for /F "tokens=1,2 delims=: " %%a in (!LOGSTASH_VERSION_FILE1!) do (
+	for /F "tokens=1,2 delims=: " %%a in ('type !LOGSTASH_VERSION_FILE1!') do (
 		if "%%a"=="logstash" set LOGSTASH_VERSION=%%b
 	)
 ) else (
 	if exist !LOGSTASH_VERSION_FILE2! (
 		rem this file is present for a git checkout type install
 		rem but its not in zip, deb and rpm artifacts (and in integration tests)
-		for /F "tokens=1,2 delims=: " %%a in (!LOGSTASH_VERSION_FILE2!) do (
+		for /F "tokens=1,2 delims=: " %%a in ('type !LOGSTASH_VERSION_FILE2!') do (
 			if "%%a"=="logstash" set LOGSTASH_VERSION=%%b
 		)
 	)
@@ -81,11 +76,12 @@ goto :end
 
 :concat
 IF not defined CLASSPATH (
-  set CLASSPATH="%~1"
+  set CLASSPATH=%~1
 ) ELSE (
-  set CLASSPATH=%CLASSPATH%;"%~1"
+  set CLASSPATH=%CLASSPATH%;%~1
 )
 goto :eof
 
 :end
 endlocal
+exit /B %ERRORLEVEL%

bin/logstash.lib.sh

@@ -14,7 +14,8 @@
 # The following env var will be used by this script if set:
 #   LS_GEM_HOME and LS_GEM_PATH to overwrite the path assigned to GEM_HOME and GEM_PATH
 #   LS_JAVA_OPTS to append extra options to the JVM options provided by logstash
-#   JAVA_HOME to point to the java home
+#   LS_JAVA_HOME to point to the java home (takes precedence over JAVA_HOME)
+#   (deprecated) JAVA_HOME to point to the java home
 
 unset CDPATH
 # This unwieldy bit of scripting is to try to catch instances where Logstash
@@ -66,26 +67,64 @@ for i in "$@"; do
  fi
 done
 
-parse_jvm_options() {
-  if [ -f "$1" ]; then
-    echo "$(grep "^-" "$1" | tr '\n' ' ')"
+setup_bundled_jdk_part() {
+  OS_NAME="$(uname -s)"
+  if [ $OS_NAME = "Darwin" ]; then
+    BUNDLED_JDK_PART="jdk.app/Contents/Home"
+  else
+    BUNDLED_JDK_PART="jdk"
   fi
 }
 
+# Accepts 1 parameter which is the path the directory where logstash jar are contained.
+setup_classpath() {
+  local jar_directory="${1?jar directory required}"
+  local classpath
+  for J in $(cd "${jar_directory}"; ls *.jar); do
+    classpath=${classpath}${classpath:+:}${jar_directory}/${J}
+  done
+  echo "${classpath}"
+}
+
 setup_java() {
   # set the path to java into JAVACMD which will be picked up by JRuby to launch itself
   if [ -z "$JAVACMD" ]; then
-    if [ -x "$JAVA_HOME/bin/java" ]; then
-      JAVACMD="$JAVA_HOME/bin/java"
-    else
+    setup_bundled_jdk_part
+    JAVACMD_TEST=`command -v java`
+    if [ -n "$LS_JAVA_HOME" ]; then
+      echo "Using LS_JAVA_HOME defined java: ${LS_JAVA_HOME}."
+      if [ -x "$LS_JAVA_HOME/bin/java" ]; then
+        JAVACMD="$LS_JAVA_HOME/bin/java"
+        if [ -d "${LOGSTASH_HOME}/${BUNDLED_JDK_PART}" -a -x "${LOGSTASH_HOME}/${BUNDLED_JDK_PART}/bin/java" ]; then
+          echo "WARNING: Using LS_JAVA_HOME while Logstash distribution comes with a bundled JDK."
+        fi
+      else
+        echo "Invalid LS_JAVA_HOME, doesn't contain bin/java executable."
+      fi
+    elif [ -n "$JAVA_HOME" ]; then
+      echo "Using JAVA_HOME defined java: ${JAVA_HOME}"
+      if [ -x "$JAVA_HOME/bin/java" ]; then
+        JAVACMD="$JAVA_HOME/bin/java"
+        if [ -d "${LOGSTASH_HOME}/${BUNDLED_JDK_PART}" -a -x "${LOGSTASH_HOME}/${BUNDLED_JDK_PART}/bin/java" ]; then
+          echo "WARNING: Using JAVA_HOME while Logstash distribution comes with a bundled JDK."
+        fi
+      else
+        echo "Invalid JAVA_HOME, doesn't contain bin/java executable."
+      fi
+      echo "DEPRECATION: The use of JAVA_HOME is now deprecated and will be removed starting from 8.0. Please configure LS_JAVA_HOME instead."
+    elif [ -d "${LOGSTASH_HOME}/${BUNDLED_JDK_PART}" -a -x "${LOGSTASH_HOME}/${BUNDLED_JDK_PART}/bin/java" ]; then
+      echo "Using bundled JDK: ${LOGSTASH_HOME}/${BUNDLED_JDK_PART}"
+      JAVACMD="${LOGSTASH_HOME}/${BUNDLED_JDK_PART}/bin/java"
+    elif [ -n "$JAVACMD_TEST" ]; then
       set +e
       JAVACMD=`command -v java`
       set -e
+      echo "Using system java: $JAVACMD"
     fi
   fi
 
   if [ ! -x "$JAVACMD" ]; then
-    echo "could not find java; set JAVA_HOME or ensure java is in PATH"
+    echo "Could not find java; set LS_JAVA_HOME or ensure java is in PATH."
     exit 1
   fi
 
@@ -107,24 +146,12 @@ setup_java() {
     LS_GC_LOG_FILE="./logstash-gc.log"
   fi
 
-  # Set the initial JVM options from the jvm.options file.  Look in
-  # /etc/logstash first, and break if that file is found readable there.
-  if [ -z "$LS_JVM_OPTS" ]; then
-      for jvm_options in /etc/logstash/jvm.options \
-                        "$LOGSTASH_HOME"/config/jvm.options;
-                         do
-          if [ -r "$jvm_options" ]; then
-              LS_JVM_OPTS=$jvm_options
-              break
-          fi
-      done
-  fi
-  # then override with anything provided
-  LS_JAVA_OPTS="$(parse_jvm_options "$LS_JVM_OPTS") $LS_JAVA_OPTS"
-  JAVA_OPTS=$LS_JAVA_OPTS
-
   # jruby launcher uses JAVACMD as its java executable and JAVA_OPTS as the JVM options
   export JAVACMD
+
+  CLASSPATH="$(setup_classpath $LOGSTASH_JARS)"
+  JAVA_OPTS=`exec "${JAVACMD}" -cp "${CLASSPATH}" org.logstash.launchers.JvmOptionsParser "$LOGSTASH_HOME" "$LS_JVM_OPTS"`
+  unset CLASSPATH
   export JAVA_OPTS
 }
 

bin/pqcheck.bat

@@ -0,0 +1,29 @@
+@echo off
+setlocal enabledelayedexpansion 
+
+call "%~dp0setup.bat" || exit /b 1
+if errorlevel 1 (
+	if not defined nopauseonerror (
+		pause
+	)
+	exit /B %ERRORLEVEL%
+)
+
+
+set JAVA_OPTS=%LS_JAVA_OPTS%
+
+for %%i in ("%LS_HOME%\logstash-core\lib\jars\*.jar") do (
+	call :concat "%%i"
+)
+
+"%JAVACMD%" %JAVA_OPTS% -cp "%CLASSPATH%" org.logstash.ackedqueue.PqCheck %*
+
+:concat
+IF not defined CLASSPATH (
+  set CLASSPATH="%~1"
+) ELSE (
+  set CLASSPATH=%CLASSPATH%;"%~1"
+)
+goto :eof 
+
+endlocal

bin/pqrepair.bat

@@ -0,0 +1,29 @@
+@echo off
+setlocal enabledelayedexpansion 
+
+call "%~dp0setup.bat" || exit /b 1
+if errorlevel 1 (
+	if not defined nopauseonerror (
+		pause
+	)
+	exit /B %ERRORLEVEL%
+)
+
+
+set JAVA_OPTS=%LS_JAVA_OPTS%
+
+for %%i in ("%LS_HOME%\logstash-core\lib\jars\*.jar") do (
+	call :concat "%%i"
+)
+
+"%JAVACMD%" %JAVA_OPTS% -cp "%CLASSPATH%" org.logstash.ackedqueue.PqRepair %*
+
+:concat
+IF not defined CLASSPATH (
+  set CLASSPATH="%~1"
+) ELSE (
+  set CLASSPATH=%CLASSPATH%;"%~1"
+)
+goto :eof 
+
+endlocal

bin/rspec

@@ -5,6 +5,6 @@ unset CDPATH
 setup
 
 # use faster starting JRuby options see https://github.com/jruby/jruby/wiki/Improving-startup-time
-export JRUBY_OPTS="$JRUBY_OPTS -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1"
+export JRUBY_OPTS="${JRUBY_OPTS---dev}"
 
 ruby_exec "${LOGSTASH_HOME}/lib/bootstrap/rspec.rb" "$@"

bin/ruby

@@ -12,7 +12,7 @@
 #   DEBUG=1 to output debugging information
 
 # use faster starting JRuby options see https://github.com/jruby/jruby/wiki/Improving-startup-time
-export JRUBY_OPTS="$JRUBY_OPTS -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1"
+export JRUBY_OPTS="${JRUBY_OPTS---dev}"
 
 unset CDPATH
 

bin/setup.bat

@@ -20,13 +20,30 @@ for %%I in ("%LS_HOME%..") do set LS_HOME=%%~dpfI
 
 rem ### 2: set java
 
-if defined JAVA_HOME (
-  set JAVA="%JAVA_HOME%\bin\java.exe"
+if defined LS_JAVA_HOME (
+  set JAVACMD=%LS_JAVA_HOME%\bin\java.exe
+  echo Using LS_JAVA_HOME defined java: %LS_JAVA_HOME%
+  if exist "%LS_HOME%\jdk" (
+    echo WARNING: Using LS_JAVA_HOME while Logstash distribution comes with a bundled JDK.
+  )
+) else if defined JAVA_HOME (
+  set JAVACMD="%JAVA_HOME%\bin\java.exe"
+  echo Using JAVA_HOME defined java: %JAVA_HOME%
+  if exist "%LS_HOME%\jdk" (
+    echo WARNING: Using JAVA_HOME while Logstash distribution comes with a bundled JDK.
+  )
+  echo DEPRECATION: The use of JAVA_HOME is now deprecated and will be removed starting from 8.0. Please configure LS_JAVA_HOME instead.
 ) else (
-  for %%I in (java.exe) do set JAVA="%%~$PATH:I"
+  if exist "%LS_HOME%\jdk" (
+    set JAVACMD=%LS_HOME%\jdk\bin\java.exe
+    echo "Using bundled JDK: !JAVACMD!"
+  ) else (
+    for %%I in (java.exe) do set JAVACMD="%%~$PATH:I"
+    echo "Using system java: !JAVACMD!"
+  )
 )
 
-if not exist %JAVA% (
+if not exist "%JAVACMD%" (
   echo could not find java; set JAVA_HOME or ensure java is in PATH 1>&2
   exit /b 1
 )
@@ -52,4 +69,4 @@ if not exist %JRUBY_BIN% (
   exit /b 1
 )
 
-set RUBYLIB=%LS_HOME%\lib
+set RUBYLIB=%LS_HOME%\lib

bin/system-install

@@ -17,8 +17,8 @@ elif [ "$1" == "-h" ] || [ "$1" == "--help" ]; then
   echo
   echo "OPTIONSFILE: Full path to a startup.options file"
   echo "OPTIONSFILE is required if STARTUPTYPE is specified, but otherwise looks first"
-  echo "in $LOGSTASH_HOME/config/startup.options and then /etc/logstash/startup.options"
-  echo "Last match wins"
+  echo "in /etc/logstash/startup.options and then "
+  echo "in $LOGSTASH_HOME/config/startup.options "
   echo
   echo "STARTUPTYPE: e.g. sysv, upstart, systemd, etc."
   echo "OPTIONSFILE is required to specify a STARTUPTYPE."
@@ -61,7 +61,7 @@ done
 
 # bin/logstash-plugin is a short lived ruby script thus we can use aggressive "faster starting JRuby options"
 # see https://github.com/jruby/jruby/wiki/Improving-startup-time
-export JRUBY_OPTS="$JRUBY_OPTS -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -J-noverify -X-C -Xcompile.invokedynamic=false"
+export JRUBY_OPTS="$JRUBY_OPTS $OPEN_JAVA_MODULES -J-XX:+TieredCompilation -J-XX:TieredStopAtLevel=1 -J-noverify -X-C -Xcompile.invokedynamic=false"
 
 tempfile=$(mktemp)
 if [ "x${PRESTART}" == "x" ]; then

buildSrc/build.gradle

@@ -1,12 +1,17 @@
-apply plugin: 'java'
-apply plugin: 'groovy'
-
-group = 'org.logstash.gradle'
+plugins {
+    id 'groovy'
+    id 'java'
+}
 
 repositories {
-  mavenCentral()
+    mavenCentral()
 }
 
 dependencies {
-  compile group: 'org.jruby', name: 'jruby-complete', version: '9.2.5.0'
+    testImplementation("org.junit.jupiter:junit-jupiter-api:5.7.2")
+    testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:5.7.2")
 }
+
+test {
+    useJUnitPlatform()
+}

buildSrc/src/main/groovy/org/logstash/gradle/RubyGradleUtils.groovy

@@ -1,103 +0,0 @@
-package org.logstash.gradle
-
-import org.jruby.Ruby
-import org.jruby.embed.PathType
-import org.jruby.embed.ScriptingContainer
-
-final class RubyGradleUtils {
-
-  private final File buildDir
-
-  private final File projectDir
-
-  RubyGradleUtils(File buildDir, File projectDir) {
-    this.buildDir = buildDir
-    this.projectDir = projectDir
-  }
-
-  /**
-   * Executes a bundler bin script with given parameters.
-   * @param pwd Current worker directory to execute in
-   * @param bundleBin Bundler Bin Script
-   * @param args CLI Args to Use with Bundler
-   */
-  void bundle(String pwd, String bundleBin, Iterable<String> args) {
-    bundle(pwd, bundleBin, args, Collections.emptyMap())
-  }
-
-  /**
-   * Executes a bundler bin script with given parameters.
-   * @param pwd Current worker directory to execute in
-   * @param bundleBin Bundler Bin Script
-   * @param args CLI Args to Use with Bundler
-   * @param env Environment Variables to Set
-   */
-  void bundle(String pwd, String bundleBin, Iterable<String> args, Map<String, String> env) {
-    executeJruby { ScriptingContainer jruby ->
-      jruby.environment.putAll(env)
-      jruby.currentDirectory = pwd
-      jruby.argv = args.toList().toArray()
-      jruby.runScriptlet(PathType.ABSOLUTE, bundleBin)
-    }
-  }
-
-  /**
-   * Installs a Gem with the given version to the given path.
-   * @param gem Gem Name
-   * @param version Version to Install
-   * @param path Path to Install to
-   */
-  void gem(String gem, String version, String path) {
-    executeJruby { ScriptingContainer jruby ->
-      jruby.currentDirectory = projectDir
-      jruby.runScriptlet(
-        "require 'rubygems/commands/install_command'\n" +
-          "cmd = Gem::Commands::InstallCommand.new\n" +
-          "cmd.handle_options [\"--no-ri\", \"--no-rdoc\", '${gem}', '-v', '${version}', '-i', '${path}']\n" +
-          "begin \n" +
-          "  cmd.execute\n" +
-          "rescue Gem::SystemExitException => e\n" +
-          "  raise e unless e.exit_code == 0\n" +
-          "end"
-      )
-    }
-  }
-
-  /**
-   * Executes RSpec for a given plugin.
-   * @param plugin Plugin to run specs for
-   * @param args CLI arguments to pass to rspec
-   */
-  void rake(String task) {
-    executeJruby { ScriptingContainer jruby ->
-      jruby.currentDirectory = projectDir
-      jruby.runScriptlet("require 'rake'")
-      jruby.runScriptlet(
-        "rake = Rake.application\n" +
-          "rake.init\n" +
-          "rake.load_rakefile\n" +
-          "rake['${task}'].invoke"
-      )
-    }
-  }
-
-  /**
-   * Executes Closure using a fresh JRuby environment, safely tearing it down afterwards.
-   * @param block Closure to run
-   */
-  Object executeJruby(Closure<?> block) {
-    def jruby = new ScriptingContainer()
-    def env = jruby.environment
-    def gemDir = "${projectDir}/vendor/bundle/jruby/2.5.0".toString()
-    env.put "USE_RUBY", "1"
-    env.put "GEM_HOME", gemDir
-    env.put "GEM_SPEC_CACHE", "${buildDir}/cache".toString()
-    env.put "GEM_PATH", gemDir
-    try {
-      return block(jruby)
-    } finally {
-      jruby.terminate()
-      Ruby.clearGlobalRuntime()
-    }
-  }
-}

buildSrc/src/main/groovy/org/logstash/gradle/tooling/ListProjectDependencies.groovy

@@ -0,0 +1,50 @@
+package org.logstash.gradle.tooling
+
+import org.gradle.api.DefaultTask
+import org.gradle.api.tasks.TaskAction
+import org.gradle.api.tasks.OutputFile
+import org.gradle.api.tasks.OutputDirectory
+import org.gradle.api.tasks.Input
+import org.gradle.api.artifacts.Dependency
+
+import java.nio.file.Files
+
+class ListProjectDependencies extends DefaultTask {
+
+    @Input
+    String report = 'licenses.csv'
+
+    @OutputFile
+    File reportFile = project.file("${project.buildDir}/reports/dependency-license/" + report)
+
+    @OutputDirectory
+    File reportDir = reportFile.toPath().parent.toFile()
+
+    ListProjectDependencies() {
+        description = "Lists the projects dependencies in a CSV file"
+        group = "org.logstash.tooling"
+    }
+
+    @TaskAction
+    def list() {
+        // collect all project's dependencies
+        Set<Dependency> moduleDeps = new HashSet<>()
+        moduleDeps.addAll(project.configurations.implementation.getAllDependencies())
+        moduleDeps.addAll(project.configurations.runtimeClasspath.getAllDependencies())
+        moduleDeps.addAll(project.configurations.runtimeOnly.getAllDependencies())
+
+        def depsInGAV = moduleDeps.collect {dep ->
+            "${dep.group}:${dep.name}:${dep.version}"
+        }
+
+        // output in a CSV to be read by dependencies-report tool
+        Files.createDirectories(reportFile.toPath().parent)
+        reportFile.withWriter('utf-8') { writer ->
+            writer.writeLine '"artifact","moduleUrl","moduleLicense","moduleLicenseUrl",'
+            depsInGAV.each { s ->
+                writer.writeLine "\"$s\",,,,"
+            }
+        }
+    }
+
+}

buildSrc/src/main/groovy/org/logstash/gradle/tooling/SnapshotArtifactURLs.groovy

@@ -0,0 +1,28 @@
+package org.logstash.gradle.tooling
+
+import groovy.json.JsonSlurper
+
+/**
+ * Helper class to obtain project specific (e.g. Elasticsearch or beats/filebeat) snapshot-DRA artifacts.
+ * We use it in all cases apart from release builds.
+ * */
+class SnapshotArtifactURLs {
+    /**
+     * Returns a list of the package and package SHA(512) URLs for a given project / version / downloadedPackageName
+     * */
+    static def packageUrls(String project, String projectVersion, String downloadedPackageName) {
+        String artifactSnapshotVersionsApiPrefix = "https://artifacts-snapshot.elastic.co"
+
+        // e.g. https://artifacts-snapshot.elastic.co/elasticsearch/latest/8.11.5-SNAPSHOT.json
+        String apiResponse = "${artifactSnapshotVersionsApiPrefix}/${project}/latest/${projectVersion}.json".toURL().text
+        def artifactUrls = new JsonSlurper().parseText(apiResponse)
+        String manifestUrl = artifactUrls["manifest_url"]
+        // e.g. https://artifacts-snapshot.elastic.co/elasticsearch/8.11.5-12345678/manifest-8.11.5-SNAPSHOT.json
+        apiResponse = manifestUrl.toURL().text
+        def packageArtifactUrls = new JsonSlurper().parseText(apiResponse)
+        String packageUrl = packageArtifactUrls["projects"]["${project}"]["packages"]["${downloadedPackageName}.tar.gz"]["url"]
+        String packageShaUrl = packageArtifactUrls["projects"]["${project}"]["packages"]["${downloadedPackageName}.tar.gz"]["sha_url"]
+
+        return ["packageUrl": packageUrl, "packageShaUrl": packageShaUrl]
+    }
+}

buildSrc/src/main/java/org/logstash/gradle/ExecLogOutputStream.java

@@ -1,29 +0,0 @@
-package org.logstash.gradle;
-
-import java.io.ByteArrayOutputStream;
-import java.io.PrintStream;
-
-/**
- * Stream that can be used to forward Gradle Exec task output to an arbitrary {@link PrintStream}.
- */
-public final class ExecLogOutputStream extends ByteArrayOutputStream {
-
-    /**
-     * Underlying {@link PrintStream} to flush output to.
-     */
-    private final PrintStream stream;
-
-    /**
-     * Ctor.
-     * @param stream PrintStream to flush to
-     */
-    public ExecLogOutputStream(final PrintStream stream) {
-        this.stream = stream;
-    }
-
-    @Override
-    public synchronized void flush() {
-        stream.print(toString());
-        reset();
-    }
-}

buildSrc/src/test/groovy/org/logstash/gradle/tooling/ListProjectDependenciesTest.groovy

@@ -0,0 +1,43 @@
+package org.logstash.gradle.tooling
+
+import org.junit.jupiter.api.BeforeEach
+import org.junit.jupiter.api.Test
+import org.gradle.api.*
+import org.gradle.testfixtures.ProjectBuilder
+
+class ListProjectDependenciesTest {
+
+    static final TASK_NAME = 'generateLicenseReport'
+    Project project
+
+    @BeforeEach
+    void setUp() {
+        project = ProjectBuilder.builder().build()
+        project.getConfigurations().create("implementation")
+        project.getConfigurations().create("runtimeClasspath")
+        project.getConfigurations().create("runtimeOnly")
+    }
+
+    @Test
+    void "list dependencies"() {
+        // configure the project to have Jetty client as a dependency
+        project.getDependencies().add('implementation',
+                [group: "org.eclipse.jetty", name: "jetty-client", version: "9.4.43.v20210629", configuration: "implementation"])
+
+        // configure and execute the task
+        project.task(TASK_NAME, type: ListProjectDependencies) {
+            report = "test.csv"
+            reportFile = project.buildDir.toPath().resolve("test.csv").toFile()
+        }
+        def task = project.tasks.findByName(TASK_NAME)
+        task != null
+        task.list()
+
+        // Verify the CSV generated
+        List<String> fileContents = new File("${project.buildDir}/test.csv").readLines()
+        assert fileContents.size() == 2
+        assert fileContents[0] == '"artifact","moduleUrl","moduleLicense","moduleLicenseUrl",'
+        assert fileContents[1] == '"org.eclipse.jetty:jetty-client:9.4.43.v20210629",,,,'
+    }
+
+}

ci/acceptance_tests.sh

@@ -1,81 +1,54 @@
 #!/usr/bin/env bash
-set -e
-set -x
+set -eo pipefail
+
+function get_package_type {
+  # determines OS packaging system; at the moment either rpm or deb
+  source /etc/os-release
+
+  if [[ $ID == "ubuntu" || $ID == "debian" || $ID_LIKE == "debian" ]]; then
+    PACKAGE_TYPE="deb"
+  elif [[ $ID_LIKE == *"rhel"* || $ID_LIKE == *"fedora"* || $ID_LIKE == *"suse"* ]]; then
+    PACKAGE_TYPE="rpm"
+  else
+    echo "^^^ +++ Unsupported Linux distribution [$ID]. Acceptance packaging tests only support deb or rpm based distributions. Exiting."
+    exit 1
+  fi
+}
 
 # Since we are using the system jruby, we need to make sure our jvm process
 # uses at least 1g of memory, If we don't do this we can get OOM issues when
 # installing gems. See https://github.com/elastic/logstash/issues/5179
 export JRUBY_OPTS="-J-Xmx1g"
-export GRADLE_OPTS="-Xmx2g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8"
+export GRADLE_OPTS="-Xmx4g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8"
 export OSS=true
 
-SELECTED_TEST_SUITE=$1
-
-# The acceptance test in our CI infrastructure doesn't clear the workspace between run
-# this mean the lock of the Gemfile can be sticky from a previous run, before generating any package
-# we will clear them out to make sure we use the latest version of theses files
-# If we don't do this we will run into gem Conflict error.
-[ -f Gemfile ] && rm Gemfile
-[ -f Gemfile.lock ] && rm Gemfile.lock
-
-# When running these tests in a Jenkins matrix, in parallel, once one Vagrant job is done, the Jenkins ProcessTreeKiller will kill any other Vagrant processes with the same
-# BUILD_ID unless you set this magic flag:  https://wiki.jenkins.io/display/JENKINS/ProcessTreeKiller
-export BUILD_ID=dontKillMe
-
 LS_HOME="$PWD"
 QA_DIR="$PWD/qa"
 
-# Always run the halt, even if the test times out or an exit is sent
-cleanup() {
-  cd $QA_DIR
-  bundle check || bundle install
-  bundle exec rake qa:vm:halt
-}
-trap cleanup EXIT
+cd $LS_HOME
 
-# Cleanup any stale VMs from old jobs first
-cleanup
+get_package_type
 
-if [[ $SELECTED_TEST_SUITE == $"redhat" ]]; then
-  echo "Generating the RPM, make sure you start with a clean environment before generating other packages."
-  cd $LS_HOME
-  rake artifact:rpm
-  echo "Acceptance: Installing dependencies"
-  cd $QA_DIR
-  bundle install
-
-  echo "Acceptance: Running the tests"
-  bundle exec rake qa:vm:setup["redhat"]
-  bundle exec rake qa:vm:ssh_config
-  bundle exec rake qa:acceptance:redhat
-  bundle exec rake qa:vm:halt["redhat"]
-elif [[ $SELECTED_TEST_SUITE == $"debian" ]]; then
-  echo "Generating the DEB, make sure you start with a clean environment before generating other packages."
-  cd $LS_HOME
-  rake artifact:deb
-  echo "Acceptance: Installing dependencies"
-  cd $QA_DIR
-  bundle install
-
-  echo "Acceptance: Running the tests"
-  bundle exec rake qa:vm:setup["debian"]
-  bundle exec rake qa:vm:ssh_config
-  bundle exec rake qa:acceptance:debian
-  bundle exec rake qa:vm:halt["debian"]
-elif [[ $SELECTED_TEST_SUITE == $"all" ]]; then
-  echo "Building Logstash artifacts"
-  cd $LS_HOME
-  rake artifact:all
-
-  echo "Acceptance: Installing dependencies"
-  cd $QA_DIR
-  bundle install
-
-  echo "Acceptance: Running the tests"
-  bundle exec rake qa:vm:setup
-  bundle exec rake qa:vm:ssh_config
-  bundle exec rake qa:acceptance:all
-  bundle exec rake qa:vm:halt
+# in CI (Buildkite), packaging artifacts are pre-built from a previous step
+if [[ $BUILDKITE == true ]]; then
+  export LS_ARTIFACTS_PATH="$HOME/build"
+  echo "--- Downloading artifacts from \"build/*${PACKAGE_TYPE}\" to $LS_ARTIFACTS_PATH"
+  set -x
+  # also creates build/ under $HOME
+  buildkite-agent artifact download "build/*${PACKAGE_TYPE}" $HOME
+  set +x
+  echo "--- Running gradle"
+  ./gradlew clean bootstrap
+else
+  echo "--- Detected a distribution that supports \033[33m[$PACKAGE_TYPE]\033[0m packages. Running gradle."
+  ./gradlew clean bootstrap
+  echo "--- Building Logstash artifacts"
+  rake artifact:$PACKAGE_TYPE
 fi
 
+echo "--- Acceptance: Installing dependencies"
+cd $QA_DIR
+bundle install
 
+echo "--- Acceptance: Running the tests"
+rake qa:acceptance:all

ci/bootstrap_dependencies.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+./gradlew installDefaultGems

ci/docker_acceptance_tests.sh

@@ -0,0 +1,75 @@
+#!/usr/bin/env bash
+set -e
+set -x
+
+# Since we are using the system jruby, we need to make sure our jvm process
+# uses at least 1g of memory, If we don't do this we can get OOM issues when
+# installing gems. See https://github.com/elastic/logstash/issues/5179
+export JRUBY_OPTS="-J-Xmx1g"
+export GRADLE_OPTS="-Xmx4g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8"
+
+# Can run either a specific flavor, or all flavors -
+# eg `ci/acceptance_tests.sh oss` will run tests for open source container
+#    `ci/acceptance_tests.sh full` will run tests for the default container
+#    `ci/acceptance_tests.sh ubi8` will run tests for the ubi8 based container
+#    `ci/acceptance_tests.sh` will run tests for all containers
+SELECTED_TEST_SUITE=$1
+
+# The acceptance test in our CI infrastructure doesn't clear the workspace between run
+# this mean the lock of the Gemfile can be sticky from a previous run, before generating any package
+# we will clear them out to make sure we use the latest version of theses files
+# If we don't do this we will run into gem Conflict error.
+[ -f Gemfile ] && rm Gemfile
+[ -f Gemfile.lock ] && rm Gemfile.lock
+
+LS_HOME="$PWD"
+QA_DIR="$PWD/qa"
+
+cd $QA_DIR
+bundle check || bundle install
+
+echo "Building Logstash artifacts"
+cd $LS_HOME
+
+if [[ $SELECTED_TEST_SUITE == "oss" ]]; then
+  echo "--- Building $SELECTED_TEST_SUITE docker images"
+  cd $LS_HOME
+  rake artifact:docker_oss
+  echo "--- Acceptance: Installing dependencies"
+  cd $QA_DIR
+  bundle install
+
+  echo "--- Acceptance: Running the tests"
+  bundle exec rspec docker/spec/oss/*_spec.rb
+elif [[ $SELECTED_TEST_SUITE == "full" ]]; then
+  echo "--- Building $SELECTED_TEST_SUITE docker images"
+  cd $LS_HOME
+  rake artifact:docker
+  echo "--- Acceptance: Installing dependencies"
+  cd $QA_DIR
+  bundle install
+
+  echo "--- Acceptance: Running the tests"
+  bundle exec rspec docker/spec/full/*_spec.rb
+elif [[ $SELECTED_TEST_SUITE == "ubi8" ]]; then
+  echo "--- Building $SELECTED_TEST_SUITE docker images"
+  cd $LS_HOME
+  rake artifact:docker_ubi8
+  echo "--- Acceptance: Installing dependencies"
+  cd $QA_DIR
+  bundle install
+
+  echo "--- Acceptance: Running the tests"
+  bundle exec rspec docker/spec/ubi8/*_spec.rb
+else
+  echo "--- Building all docker images"
+  cd $LS_HOME
+  rake artifact:docker_only
+
+  echo "--- Acceptance: Installing dependencies"
+  cd $QA_DIR
+  bundle install
+
+  echo "--- Acceptance: Running the tests"
+  bundle exec rspec docker/spec/**/*_spec.rb
+fi

ci/docker_integration_tests.sh

@@ -1,2 +1,4 @@
 #!/bin/bash
+# we may pass "persistent_queues" to FEATURE_FLAG to enable PQ in the integration tests
+export DOCKER_ENV_OPTS="${DOCKER_ENV_OPTS} -e FEATURE_FLAG"
 ci/docker_run.sh logstash-integration-tests ci/integration_tests.sh $@

ci/docker_run.sh

@@ -6,6 +6,7 @@ set -x # We want verbosity here, this mostly runs on CI and we want to easily de
 #Note - ensure that the -e flag is NOT set, and explicitly check the $? status to allow for clean up
 
 REMOVE_IMAGE=false
+DOCKER_EXTERNAL_JDK=""
 if [ -z "$branch_specifier" ]; then
     # manual
     REMOVE_IMAGE=true
@@ -33,8 +34,13 @@ cleanup() {
 }
 trap cleanup EXIT
 
+if [ -n "$JDK" ]; then
+  echo "JDK to use $JDK"
+  DOCKER_EXTERNAL_JDK="--mount type=bind,source=$JDK,target=$JDK,readonly --env BUILD_JAVA_HOME=$JDK"
+fi
+
 # Run the command, skip the first argument, which is the image name
-docker run $DOCKER_ENV_OPTS --cidfile=docker_cid --sig-proxy=true --rm $IMAGE_NAME ${@:2}
+docker run $DOCKER_ENV_OPTS --cidfile=docker_cid --sig-proxy=true $DOCKER_EXTERNAL_JDK --rm $IMAGE_NAME ${@:2}
 exit_code=$?
 
 # Remove the container cid since we ran cleanly, no need to force rm it if we got to this point

ci/dra_common.sh

@@ -0,0 +1,49 @@
+function info {
+    echo "INFO: $1"
+}
+
+function error {
+    echo "ERROR: $1"
+    exit 1
+}
+
+function save_docker_tarballs {
+    local arch="${1:?architecture required}"
+    local version="${2:?stack-version required}"
+    local images="logstash logstash-oss"
+    if [ "${arch}" != "aarch64" ]; then
+        # No logstash-ubi8 for AARCH64
+        images="logstash logstash-oss logstash-ubi8"
+    fi
+
+    for image in ${images}; do
+        tar_file="${image}-${version}-docker-image-${arch}.tar"
+        docker save -o "build/${tar_file}" \
+            "docker.elastic.co/logstash/${image}:${version}" || \
+            error "Unable to save tar file ${tar_file} for ${image} image."
+        # NOTE: if docker save exited with non-zero the error log already exited the script
+        gzip "build/${tar_file}"
+    done
+}
+
+function upload_to_bucket {
+    local file="${1:?file required}"
+    local version="${2:?stack-version required}"
+    info "Uploading ${file}..."
+    gsutil cp "${file}" "gs://logstash-ci-artifacts/dra/${version}/"
+}
+
+# Since we are using the system jruby, we need to make sure our jvm process
+# uses at least 1g of memory, If we don't do this we can get OOM issues when
+# installing gems. See https://github.com/elastic/logstash/issues/5179
+export JRUBY_OPTS="-J-Xmx1g"
+
+# Extract the version number from the version.yml file
+# e.g.: 8.6.0
+# The suffix part like alpha1 etc is managed by the optional VERSION_QUALIFIER_OPT environment variable
+STACK_VERSION=`cat versions.yml | sed -n 's/^logstash\:[[:space:]]\([[:digit:]]*\.[[:digit:]]*\.[[:digit:]]*\)$/\1/p'`
+
+# ARCH is a Environment variable set in Jenkins
+if [ -z "$ARCH" ]; then
+	ARCH=aarch64
+fi

ci/dra_docker.sh

@@ -0,0 +1,90 @@
+#!/bin/bash -ie
+#Note - ensure that the -e flag is set to properly set the $? status if any command fails
+echo "####################################################################"
+echo "##################### Starting $0"
+echo "####################################################################"
+
+source ./$(dirname "$0")/dra_common.sh
+
+# WORKFLOW_TYPE is a CI externally configured environment variable that could assume "snapshot" or "staging" values
+case "$WORKFLOW_TYPE" in
+    snapshot)
+        info "Building artifacts for the $WORKFLOW_TYPE workflow..."
+        if [ -z "$VERSION_QUALIFIER_OPT" ]; then
+            rake artifact:docker || error "artifact:docker build failed."
+            rake artifact:docker_oss || error "artifact:docker_oss build failed."
+            rake artifact:dockerfiles || error "artifact:dockerfiles build failed."
+            if [ "$ARCH" != "aarch64" ]; then
+                rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed."
+            fi
+        else
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker || error "artifact:docker build failed."
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker_oss || error "artifact:docker_oss build failed."
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:dockerfiles || error "artifact:dockerfiles build failed."
+            if [ "$ARCH" != "aarch64" ]; then
+                VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed."
+            fi
+            # Qualifier is passed from CI as optional field and specify the version postfix
+            # in case of alpha or beta releases:
+            # e.g: 8.0.0-alpha1
+            STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+        fi
+        STACK_VERSION=${STACK_VERSION}-SNAPSHOT
+        info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+        ;;
+    staging)
+        info "Building artifacts for the $WORKFLOW_TYPE workflow..."
+        if [ -z "$VERSION_QUALIFIER_OPT" ]; then
+            RELEASE=1 rake artifact:docker || error "artifact:docker build failed."
+            RELEASE=1 rake artifact:docker_oss || error "artifact:docker_oss build failed."
+            RELEASE=1 rake artifact:dockerfiles || error "artifact:dockerfiles build failed."
+            if [ "$ARCH" != "aarch64" ]; then
+                RELEASE=1 rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed."
+            fi
+        else
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker || error "artifact:docker build failed."
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker_oss || error "artifact:docker_oss build failed."
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:dockerfiles || error "artifact:dockerfiles build failed."
+            if [ "$ARCH" != "aarch64" ]; then
+                VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 rake artifact:docker_ubi8 || error "artifact:docker_ubi8 build failed."
+            fi
+            # Qualifier is passed from CI as optional field and specify the version postfix
+            # in case of alpha or beta releases:
+            # e.g: 8.0.0-alpha1
+            STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+        fi
+        info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+        ;;
+    *)
+        error "Workflow (WORKFLOW_TYPE variable) is not set, exiting..."
+        ;;
+esac
+
+info "Saving tar.gz for docker images"
+save_docker_tarballs "${ARCH}" "${STACK_VERSION}"
+
+info "GENERATED ARTIFACTS"
+for file in build/logstash-*; do shasum $file;done
+
+info "UPLOADING TO INTERMEDIATE BUCKET"
+# Note the deb, rpm tar.gz AARCH64 files generated has already been loaded by the dra_x86_64.sh
+images="logstash logstash-oss"
+if [ "$ARCH" != "aarch64" ]; then
+    # No logstash-ubi8 for AARCH64
+    images="logstash logstash-oss logstash-ubi8"
+fi
+for image in ${images}; do
+    upload_to_bucket "build/$image-${STACK_VERSION}-docker-image-${ARCH}.tar.gz" ${STACK_VERSION}
+done
+
+# Upload 'docker-build-context.tar.gz' files only when build x86_64, otherwise they will be
+# overwritten when building aarch64 (or viceversa).
+if [ "$ARCH" != "aarch64" ]; then
+    for image in logstash logstash-oss logstash-ubi8 logstash-ironbank; do
+        upload_to_bucket "build/${image}-${STACK_VERSION}-docker-build-context.tar.gz" ${STACK_VERSION}
+    done
+fi
+
+echo "####################################################################"
+echo "##################### Finishing $0"
+echo "####################################################################"

ci/dra_upload.sh

@@ -0,0 +1,139 @@
+#!/bin/bash -iex
+#Note - ensure that the -e flag is set to properly set the $? status if any command fails
+echo "####################################################################"
+echo "##################### Starting $0"
+echo "####################################################################"
+
+source ./$(dirname "$0")/dra_common.sh
+PLAIN_STACK_VERSION=$STACK_VERSION
+
+# This is the branch selector that needs to be passed to the release-manager
+# It has to be the name of the branch which originates the artifacts.
+RELEASE_VER=`cat versions.yml | sed -n 's/^logstash\:[[:space:]]\([[:digit:]]*\.[[:digit:]]*\)\.[[:digit:]]*$/\1/p'`
+if [ -n "$(git ls-remote --heads origin $RELEASE_VER)" ] ; then
+    RELEASE_BRANCH=$RELEASE_VER
+else
+    RELEASE_BRANCH=main
+fi
+
+if [ -n "$VERSION_QUALIFIER_OPT" ]; then
+  # Qualifier is passed from CI as optional field and specify the version postfix
+  # in case of alpha or beta releases:
+  # e.g: 8.0.0-alpha1
+  STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+  PLAIN_STACK_VERSION="${PLAIN_STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+fi
+
+case "$WORKFLOW_TYPE" in
+    snapshot)
+        STACK_VERSION=${STACK_VERSION}-SNAPSHOT
+        ;;
+    staging)
+        ;;
+    *)
+        error "Worklflow (WORKFLOW_TYPE variable) is not set, exiting..."
+        ;;
+esac
+
+info "Uploading artifacts for ${WORKFLOW_TYPE} workflow on branch: ${RELEASE_BRANCH}"
+
+info "Download all the artifacts for version ${STACK_VERSION}"
+mkdir build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-no-jdk.deb build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}.csv build/
+
+# no arch
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-no-jdk.deb build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-no-jdk.rpm build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-no-jdk.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-no-jdk.zip build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-no-jdk.deb build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-no-jdk.rpm build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-no-jdk.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-no-jdk.zip build/
+
+# windows
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-windows-x86_64.zip build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-windows-x86_64.zip build/
+
+# unix x86
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-amd64.deb build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-x86_64.rpm build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-linux-x86_64.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-darwin-x86_64.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-amd64.deb build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-x86_64.rpm build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-linux-x86_64.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-darwin-x86_64.tar.gz build/
+
+# unix ARM
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-arm64.deb build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-aarch64.rpm build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-linux-aarch64.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-arm64.deb build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-aarch64.rpm build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-linux-aarch64.tar.gz build/
+
+if [ "$RELEASE_VER" != "7.17" ]; then
+  # Version 7.17.x doesn't generates ARM artifacts for Darwin   
+  gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-darwin-aarch64.tar.gz build/
+  gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-darwin-aarch64.tar.gz build/
+fi
+
+# docker
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-docker-build-context.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-ironbank-${STACK_VERSION}-docker-build-context.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-docker-build-context.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-ubi8-${STACK_VERSION}-docker-build-context.tar.gz build/
+
+# docker x86
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-docker-image-x86_64.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-docker-image-x86_64.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-ubi8-${STACK_VERSION}-docker-image-x86_64.tar.gz build/
+
+# docker ARM
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}-docker-image-aarch64.tar.gz build/
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-oss-${STACK_VERSION}-docker-image-aarch64.tar.gz build/
+# Commenting out ubi8 for aarch64 for the time being. This image itself is not being built, and it is not expected
+# by the release manager.
+# See https://github.com/elastic/infra/blob/master/cd/release/release-manager/project-configs/8.5/logstash.gradle
+# for more details.
+#gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-ubi8-${STACK_VERSION}-docker-image-aarch64.tar.gz build/
+
+gsutil cp gs://logstash-ci-artifacts/dra/${STACK_VERSION}/logstash-${STACK_VERSION}.csv build/
+
+info "Downloaded ARTIFACTS"
+for file in build/logstash-*; do shasum $file;done
+
+mkdir -p build/distributions/dependencies-reports/
+mv build/logstash-${STACK_VERSION}.csv build/distributions/dependencies-${STACK_VERSION}.csv
+
+# set required permissions on artifacts and directory
+chmod -R a+r build/*
+chmod -R a+w build
+
+chmod -R a+r $PWD/*
+chmod -R a+w $PWD
+
+# ensure the latest image has been pulled
+docker pull docker.elastic.co/infra/release-manager:latest
+
+# collect the artifacts for use with the unified build
+docker run --rm \
+  --name release-manager \
+  -e VAULT_ADDR \
+  -e VAULT_ROLE_ID \
+  -e VAULT_SECRET_ID \
+  --mount type=bind,readonly=false,src="$PWD",target=/artifacts \
+  docker.elastic.co/infra/release-manager:latest \
+    cli collect \
+      --project logstash \
+      --branch ${RELEASE_BRANCH} \
+      --commit "$(git rev-parse HEAD)" \
+      --workflow "${WORKFLOW_TYPE}" \
+      --version "${PLAIN_STACK_VERSION}" \
+      --artifact-set main
+
+echo "####################################################################"
+echo "##################### Finishing $0"
+echo "####################################################################"

ci/dra_x86_64.sh

@@ -0,0 +1,63 @@
+#!/bin/bash -ie
+#Note - ensure that the -e flag is set to properly set the $? status if any command fails
+echo "####################################################################"
+echo "##################### Starting $0"
+echo "####################################################################"
+
+source ./$(dirname "$0")/dra_common.sh
+
+# WORKFLOW_TYPE is a CI externally configured environment variable that could assume "snapshot" or "staging" values
+case "$WORKFLOW_TYPE" in
+    snapshot)
+        info "Building artifacts for the $WORKFLOW_TYPE workflow..."
+        if [ -z "$VERSION_QUALIFIER_OPT" ]; then
+            SKIP_DOCKER=1 rake artifact:all || error "rake artifact:all build failed."
+        else
+            # Qualifier is passed from CI as optional field and specify the version postfix
+            # in case of alpha or beta releases:
+            # e.g: 8.0.0-alpha1
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" SKIP_DOCKER=1 rake artifact:all || error "rake artifact:all build failed."
+            STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+        fi
+        STACK_VERSION=${STACK_VERSION}-SNAPSHOT
+        info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+        ;;
+    staging)
+        info "Building artifacts for the $WORKFLOW_TYPE workflow..."
+        if [ -z "$VERSION_QUALIFIER_OPT" ]; then
+            RELEASE=1 SKIP_DOCKER=1 rake artifact:all || error "rake artifact:all build failed."
+        else
+            # Qualifier is passed from CI as optional field and specify the version postfix
+            # in case of alpha or beta releases:
+            # e.g: 8.0.0-alpha1
+            VERSION_QUALIFIER="$VERSION_QUALIFIER_OPT" RELEASE=1 SKIP_DOCKER=1 rake artifact:all || error "rake artifact:all build failed."
+            STACK_VERSION="${STACK_VERSION}-${VERSION_QUALIFIER_OPT}"
+        fi
+        info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+        ;;
+    *)
+        error "Workflow (WORKFLOW_TYPE variable) is not set, exiting..."
+        ;;
+esac
+
+info "GENERATED ARTIFACTS"
+for file in build/logstash-*; do shasum $file;done
+
+info "Creating dependencies report for ${STACK_VERSION}"
+mkdir -p build/distributions/dependencies-reports/
+bin/dependencies-report --csv=build/distributions/dependencies-reports/logstash-${STACK_VERSION}.csv
+
+info "GENERATED DEPENDENCIES REPORT"
+shasum build/distributions/dependencies-reports/logstash-${STACK_VERSION}.csv
+
+info "UPLOADING TO INTERMEDIATE BUCKET"
+for file in build/logstash-*; do
+  upload_to_bucket $file ${STACK_VERSION}
+done
+
+# Upload Dependencies Report
+upload_to_bucket "build/distributions/dependencies-reports/logstash-${STACK_VERSION}.csv" ${STACK_VERSION}
+
+echo "####################################################################"
+echo "##################### Finishing $0"
+echo "####################################################################"

ci/integration_tests.sh

@@ -5,12 +5,16 @@
 # uses at least 1g of memory, If we don't do this we can get OOM issues when
 # installing gems. See https://github.com/elastic/logstash/issues/5179
 export JRUBY_OPTS="-J-Xmx1g"
-export GRADLE_OPTS="-Xmx2g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8"
+export GRADLE_OPTS="-Xmx4g -Dorg.gradle.jvmargs=-Xmx4g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8"
 
 export SPEC_OPTS="--order rand --format documentation"
 export CI=true
 export OSS=true
 
+if [ -n "$BUILD_JAVA_HOME" ]; then
+  GRADLE_OPTS="$GRADLE_OPTS -Dorg.gradle.java.home=$BUILD_JAVA_HOME"
+fi
+
 if [[ $1 = "setup" ]]; then
  echo "Setup only, no tests will be run"
  exit 0

ci/license_check.sh

@@ -1,7 +1,12 @@
 #!/bin/bash -i
-export GRADLE_OPTS="-Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8"
+export GRADLE_OPTS="-Xmx2g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8"
 
 ./gradlew installDefaultGems
 bin/dependencies-report --csv report.csv
+
+result=$?
+
 # We want this to show on the CI server
 cat report.csv
+
+exit $result

ci/unit_tests.bat

@@ -1,48 +0,0 @@
-@echo off
-setlocal enabledelayedexpansion
-
-if "%WORKSPACE%" == "" (
-  echo Error: environment variable WORKSPACE must be defined. Aborting..
-  exit /B 1
-)
-
-:: see if %WORKSPACE% is already mapped to a drive
-for /f "tokens=1* delims==> " %%G IN ('subst') do (
-  set sdrive=%%G
-  :: removing extra space
-  set sdrive=!sdrive:~0,2!
-  set spath=%%H
-
-  if /I "!spath!" == "%WORKSPACE%" (
-    set use_drive=!sdrive!
-    goto :found_drive
-  )
-)
-
-:: no existing mapping
-:: try to assign "%WORKSPACE%" to the first drive letter which works
-for %%i in (A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z) do (
-    set "drive=%%i:"
-    subst !drive! "%WORKSPACE%" >nul
-    if not errorlevel 1 (
-        set use_drive=!drive!
-        goto :found_drive
-    )
-)
-
-echo Error: unable to subst drive to path %WORKSPACE%. Aborting...
-exit /B 1
-
-:found_drive
-echo Using drive !use_drive! for %WORKSPACE%
-
-:: change current directory to that drive
-!use_drive!
-
-echo Running core tests..
-call .\gradlew.bat test --console=plain --no-daemon --info
-
-if errorlevel 1 (
-  echo Error: failed to run core tests. Aborting..
-  exit /B 1
-)

ci/unit_tests.ps1

@@ -0,0 +1,106 @@
+<#
+.SYNOPSIS
+    This is a gradle wrapper script to help run the Logstash unit tests on Windows.
+
+.PARAMETER UnnamedArgument1
+    Optionally allows to specify a subset of tests.
+    Allows values are "ruby" or "java".
+    If unset, all tests are executed.
+
+.EXAMPLE
+    .\ci\unit_tests.ps1
+    Runs all unit tests.
+
+    .\ci\unit_tests.ps1 java
+    Runs only Java unit tests.
+#>
+
+$selectedTestSuite="all"
+
+if ($args.Count -eq 1) {
+    $selectedTestSuite=$args[0]
+}
+
+$startingPath = Get-Location
+
+## Map a drive letter to the current path to avoid path length issues
+
+# First, check if there is already a mapping
+$currentDir = $PWD.Path
+$substOutput = subst
+
+# Filter the subst output based on the path
+$matchedLines = $substOutput | Where-Object { $_ -like "*$currentDir*" }
+
+if ($matchedLines) {
+    # $currentDir seems to be already mapped to another drive letter; switch to this drive
+    # Extract the drive letter from the matched lines
+    $driveLetter = $matchedLines | ForEach-Object {
+        # Split the line by colon and extract the drive letter
+        ($_ -split ':')[0]
+    }
+    $drivePath = "$driveLetter`:"
+
+    Write-Output "$currentDir is already mapped to $drivePath."
+    Set-Location -Path $drivePath
+    Write-Output "Changing drive to $drivePath."
+}
+else {
+    # $currentDir isn't mapped to a drive letter, let's find a free drive letter and change to it
+
+    # Loop through drive letters A to Z; we don't use the 'A'..'Z' for BWC with Windows 2016 / Powershell < 7
+    for ($driveLetterAscii = 65; $driveLetterAscii -le 90; $driveLetterAscii++) {
+        $drivePath = [char]$driveLetterAscii + ":"
+
+        # check if the drive letter is available
+        if (-not (Test-Path $drivePath)) {
+            # found a free drive letter, create the virtual drive mapping and switch to it
+            subst $drivePath $currentDir
+
+            Write-Output "Mapped $currentDir to $drivePath"
+            Set-Location -Path $drivePath
+            Write-Output "Changing drive to $drivePath."
+            # exit the loop since we found a free drive letter
+            break
+        }
+    }
+}
+
+if (Test-Path Env:BUILD_JAVA_HOME) {    
+    if (Test-Path Env:GRADLE_OPTS) {    
+        $env:GRADLE_OPTS=$env:GRADLE_OPTS + " " + "-Dorg.gradle.java.home=" + $env:BUILD_JAVA_HOME
+    } else {
+        $env:GRADLE_OPTS="-Dorg.gradle.java.home=" + $env:BUILD_JAVA_HOME
+    }
+}
+
+$testOpts = "GRADLE_OPTS: $env:GRADLE_OPTS, BUILD_JAVA_HOME: $env:BUILD_JAVA_HOME"
+
+try {
+    if ($selectedTestSuite -eq "java") {
+        Write-Host "~~~ :java: Running Java tests via Gradle using $testOpts"
+        $CIScript = ".\gradlew.bat javaTests --console=plain --no-daemon --info"
+        Invoke-Expression $CIScript
+    }
+    elseif ($selectedTestSuite -eq "ruby") {
+        Write-Host "~~~ :ruby: Running Ruby tests via Gradle using $testOpts"
+        $CIScript = ".\gradlew.bat rubyTests --console=plain --no-daemon --info"
+        Invoke-Expression $CIScript
+    }
+    else {
+        Write-Host "~~~ Running all tests via Gradle using $testOpts"
+        $CIScript = ".\gradlew.bat test --console=plain --no-daemon --info"
+        Invoke-Expression $CIScript
+    }
+
+    if ($LASTEXITCODE -ne 0) {
+        throw "Test script $CIScript failed with a non-zero code: $LASTEXITCODE"
+    }
+} catch {
+    # tests failed
+    Write-Host "^^^ +++"
+    exit 1
+}
+
+# switch back to the path when the script started
+Set-Location -Path $startingPath

ci/unit_tests.sh

@@ -5,21 +5,25 @@
 # uses at least 1g of memory, If we don't do this we can get OOM issues when
 # installing gems. See https://github.com/elastic/logstash/issues/5179
 export JRUBY_OPTS="-J-Xmx1g"
-export GRADLE_OPTS="-Xmx2g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8"
+export GRADLE_OPTS="-Xmx4g -Dorg.gradle.jvmargs=-Xmx4g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info -Dfile.encoding=UTF-8"
 
 export SPEC_OPTS="--order rand --format documentation"
 export CI=true
 export OSS=true
 export TEST_DEBUG=true
 
+if [ -n "$BUILD_JAVA_HOME" ]; then
+  GRADLE_OPTS="$GRADLE_OPTS -Dorg.gradle.java.home=$BUILD_JAVA_HOME"
+fi
+
 SELECTED_TEST_SUITE=$1
 
 if [[ $SELECTED_TEST_SUITE == $"java" ]]; then
   echo "Running Java Tests"
-  ./gradlew javaTests --console=plain
+  ./gradlew javaTests --console=plain --warning-mode all
 elif [[ $SELECTED_TEST_SUITE == $"ruby" ]]; then
   echo "Running Ruby unit tests"
-  ./gradlew rubyTests --console=plain
+  ./gradlew rubyTests --console=plain --warning-mode all
 else
   echo "Running Java and Ruby unit tests"
   ./gradlew test --console=plain

config/jvm.options

@@ -17,9 +17,9 @@
 ################################################################
 
 ## GC configuration
--XX:+UseConcMarkSweepGC
--XX:CMSInitiatingOccupancyFraction=75
--XX:+UseCMSInitiatingOccupancyOnly
+8-13:-XX:+UseConcMarkSweepGC
+8-13:-XX:CMSInitiatingOccupancyFraction=75
+8-13:-XX:+UseCMSInitiatingOccupancyOnly
 
 ## Locale
 # Set the locale language
@@ -42,6 +42,9 @@
 # ensure UTF-8 encoding by default (e.g. filenames)
 -Dfile.encoding=UTF-8
 
+# Set enableADS to true to enable Logstash to run on certain versions of the JDK
+-Djdk.io.File.enableADS=true
+
 # use our provided JNA always versus the system one
 #-Djna.nosys=true
 
@@ -49,6 +52,8 @@
 -Djruby.compile.invokedynamic=true
 # Force Compilation
 -Djruby.jit.threshold=0
+# Make sure joni regexp interruptability is enabled
+-Djruby.regexp.interruptible=true
 
 ## heap dumps
 
@@ -74,3 +79,9 @@
 
 # Entropy source for randomness
 -Djava.security.egd=file:/dev/urandom
+
+# Copy the logging context from parent threads to children
+-Dlog4j2.isThreadContextMapInheritable=true
+
+17-:--add-opens java.base/sun.nio.ch=ALL-UNNAMED
+17-:--add-opens java.base/java.io=ALL-UNNAMED

config/log4j2.properties

@@ -4,7 +4,7 @@ name = LogstashPropertiesConfig
 appender.console.type = Console
 appender.console.name = plain_console
 appender.console.layout.type = PatternLayout
-appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %m%n
+appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c]%notEmpty{[%X{pipeline.id}]}%notEmpty{[%X{plugin.id}]} %m%n
 
 appender.json_console.type = Console
 appender.json_console.name = json_console
@@ -14,23 +14,24 @@ appender.json_console.layout.eventEol = true
 
 appender.rolling.type = RollingFile
 appender.rolling.name = plain_rolling
-appender.rolling.fileName = ${sys:ls.logs}/logstash-${sys:ls.log.format}.log
-appender.rolling.filePattern = ${sys:ls.logs}/logstash-${sys:ls.log.format}-%d{yyyy-MM-dd}-%i.log.gz
+appender.rolling.fileName = ${sys:ls.logs}/logstash-plain.log
+appender.rolling.filePattern = ${sys:ls.logs}/logstash-plain-%d{yyyy-MM-dd}-%i.log.gz
 appender.rolling.policies.type = Policies
 appender.rolling.policies.time.type = TimeBasedTriggeringPolicy
 appender.rolling.policies.time.interval = 1
 appender.rolling.policies.time.modulate = true
 appender.rolling.layout.type = PatternLayout
-appender.rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %-.10000m%n
+appender.rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c]%notEmpty{[%X{pipeline.id}]}%notEmpty{[%X{plugin.id}]} %m%n
 appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
 appender.rolling.policies.size.size = 100MB
 appender.rolling.strategy.type = DefaultRolloverStrategy
 appender.rolling.strategy.max = 30
+appender.rolling.avoid_pipelined_filter.type = PipelineRoutingFilter
 
 appender.json_rolling.type = RollingFile
 appender.json_rolling.name = json_rolling
-appender.json_rolling.fileName = ${sys:ls.logs}/logstash-${sys:ls.log.format}.log
-appender.json_rolling.filePattern = ${sys:ls.logs}/logstash-${sys:ls.log.format}-%d{yyyy-MM-dd}-%i.log.gz
+appender.json_rolling.fileName = ${sys:ls.logs}/logstash-json.log
+appender.json_rolling.filePattern = ${sys:ls.logs}/logstash-json-%d{yyyy-MM-dd}-%i.log.gz
 appender.json_rolling.policies.type = Policies
 appender.json_rolling.policies.time.type = TimeBasedTriggeringPolicy
 appender.json_rolling.policies.time.interval = 1
@@ -42,10 +43,25 @@ appender.json_rolling.policies.size.type = SizeBasedTriggeringPolicy
 appender.json_rolling.policies.size.size = 100MB
 appender.json_rolling.strategy.type = DefaultRolloverStrategy
 appender.json_rolling.strategy.max = 30
+appender.json_rolling.avoid_pipelined_filter.type = PipelineRoutingFilter
+
+appender.routing.type = PipelineRouting
+appender.routing.name = pipeline_routing_appender
+appender.routing.pipeline.type = RollingFile
+appender.routing.pipeline.name = appender-${ctx:pipeline.id}
+appender.routing.pipeline.fileName = ${sys:ls.logs}/pipeline_${ctx:pipeline.id}.log
+appender.routing.pipeline.filePattern = ${sys:ls.logs}/pipeline_${ctx:pipeline.id}.%i.log.gz
+appender.routing.pipeline.layout.type = PatternLayout
+appender.routing.pipeline.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %m%n
+appender.routing.pipeline.policy.type = SizeBasedTriggeringPolicy
+appender.routing.pipeline.policy.size = 100MB
+appender.routing.pipeline.strategy.type = DefaultRolloverStrategy
+appender.routing.pipeline.strategy.max = 30
 
 rootLogger.level = ${sys:ls.log.level}
 rootLogger.appenderRef.console.ref = ${sys:ls.log.format}_console
 rootLogger.appenderRef.rolling.ref = ${sys:ls.log.format}_rolling
+rootLogger.appenderRef.routing.ref = pipeline_routing_appender
 
 # Slowlog
 
@@ -62,14 +78,14 @@ appender.json_console_slowlog.layout.eventEol = true
 
 appender.rolling_slowlog.type = RollingFile
 appender.rolling_slowlog.name = plain_rolling_slowlog
-appender.rolling_slowlog.fileName = ${sys:ls.logs}/logstash-slowlog-${sys:ls.log.format}.log
-appender.rolling_slowlog.filePattern = ${sys:ls.logs}/logstash-slowlog-${sys:ls.log.format}-%d{yyyy-MM-dd}-%i.log.gz
+appender.rolling_slowlog.fileName = ${sys:ls.logs}/logstash-slowlog-plain.log
+appender.rolling_slowlog.filePattern = ${sys:ls.logs}/logstash-slowlog-plain-%d{yyyy-MM-dd}-%i.log.gz
 appender.rolling_slowlog.policies.type = Policies
 appender.rolling_slowlog.policies.time.type = TimeBasedTriggeringPolicy
 appender.rolling_slowlog.policies.time.interval = 1
 appender.rolling_slowlog.policies.time.modulate = true
 appender.rolling_slowlog.layout.type = PatternLayout
-appender.rolling_slowlog.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %.10000m%n
+appender.rolling_slowlog.layout.pattern = [%d{ISO8601}][%-5p][%-25c] %m%n
 appender.rolling_slowlog.policies.size.type = SizeBasedTriggeringPolicy
 appender.rolling_slowlog.policies.size.size = 100MB
 appender.rolling_slowlog.strategy.type = DefaultRolloverStrategy
@@ -77,8 +93,8 @@ appender.rolling_slowlog.strategy.max = 30
 
 appender.json_rolling_slowlog.type = RollingFile
 appender.json_rolling_slowlog.name = json_rolling_slowlog
-appender.json_rolling_slowlog.fileName = ${sys:ls.logs}/logstash-slowlog-${sys:ls.log.format}.log
-appender.json_rolling_slowlog.filePattern = ${sys:ls.logs}/logstash-slowlog-${sys:ls.log.format}-%d{yyyy-MM-dd}-%i.log.gz
+appender.json_rolling_slowlog.fileName = ${sys:ls.logs}/logstash-slowlog-json.log
+appender.json_rolling_slowlog.filePattern = ${sys:ls.logs}/logstash-slowlog-json-%d{yyyy-MM-dd}-%i.log.gz
 appender.json_rolling_slowlog.policies.type = Policies
 appender.json_rolling_slowlog.policies.time.type = TimeBasedTriggeringPolicy
 appender.json_rolling_slowlog.policies.time.interval = 1
@@ -99,3 +115,33 @@ logger.slowlog.additivity = false
 
 logger.licensereader.name = logstash.licensechecker.licensereader
 logger.licensereader.level = error
+
+# Silence http-client by default
+logger.apache_http_client.name = org.apache.http
+logger.apache_http_client.level = fatal
+
+# Deprecation log
+appender.deprecation_rolling.type = RollingFile
+appender.deprecation_rolling.name = deprecation_plain_rolling
+appender.deprecation_rolling.fileName = ${sys:ls.logs}/logstash-deprecation.log
+appender.deprecation_rolling.filePattern = ${sys:ls.logs}/logstash-deprecation-%d{yyyy-MM-dd}-%i.log.gz
+appender.deprecation_rolling.policies.type = Policies
+appender.deprecation_rolling.policies.time.type = TimeBasedTriggeringPolicy
+appender.deprecation_rolling.policies.time.interval = 1
+appender.deprecation_rolling.policies.time.modulate = true
+appender.deprecation_rolling.layout.type = PatternLayout
+appender.deprecation_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c]%notEmpty{[%X{pipeline.id}]}%notEmpty{[%X{plugin.id}]} %m%n
+appender.deprecation_rolling.policies.size.type = SizeBasedTriggeringPolicy
+appender.deprecation_rolling.policies.size.size = 100MB
+appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy
+appender.deprecation_rolling.strategy.max = 30
+
+logger.deprecation.name = org.logstash.deprecation, deprecation
+logger.deprecation.level = WARN
+logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_plain_rolling
+logger.deprecation.additivity = false
+
+logger.deprecation_root.name = deprecation
+logger.deprecation_root.level = WARN
+logger.deprecation_root.appenderRef.deprecation_rolling.ref = deprecation_plain_rolling
+logger.deprecation_root.additivity = false

config/logstash.yml

@@ -57,6 +57,29 @@
 #
 # pipeline.unsafe_shutdown: false
 #
+# Set the pipeline event ordering. Options are "auto" (the default), "true" or "false".
+# "auto" will  automatically enable ordering if the 'pipeline.workers' setting
+# is also set to '1'.
+# "true" will enforce ordering on the pipeline and prevent logstash from starting
+# if there are multiple workers.
+# "false" will disable any extra processing necessary for preserving ordering.
+#
+# pipeline.ordered: auto
+#
+# Sets the pipeline's default value for `ecs_compatibility`, a setting that is
+# available to plugins that implement an ECS Compatibility mode for use with
+# the Elastic Common Schema.
+# Possible values are:
+# - disabled (default)
+# - v1
+# - v8
+# The default value will be `v8` in Logstash 8, making ECS on-by-default. To ensure a
+# migrated pipeline continues to operate as it did before your upgrade, opt-OUT
+# of ECS for the individual pipeline in its `pipelines.yml` definition. Setting
+# it here will set the default for _all_ pipelines, including new ones.
+#
+# pipeline.ecs_compatibility: disabled
+#
 # ------------ Pipeline Configuration Settings --------------
 #
 # Where to fetch the pipeline configuration for the main pipeline
@@ -77,6 +100,9 @@
 # config.reload.automatic: false
 #
 # How often to check if the pipeline configuration has changed (in seconds)
+# Note that the unit value (s) is required. Values without a qualifier (e.g. 60) 
+# are treated as nanoseconds.
+# Setting the interval this way is not recommended and might change in later versions.
 #
 # config.reload.interval: 3s
 #
@@ -90,6 +116,55 @@
 #
 # config.support_escapes: false
 #
+# ------------ API Settings -------------
+# Define settings related to the HTTP API here.
+#
+# The HTTP API is enabled by default. It can be disabled, but features that rely
+# on it will not work as intended.
+#
+# api.enabled: true
+#
+# By default, the HTTP API is not secured and is therefore bound to only the
+# host's loopback interface, ensuring that it is not accessible to the rest of
+# the network.
+# When secured with SSL and Basic Auth, the API is bound to _all_ interfaces
+# unless configured otherwise.
+#
+# api.http.host: 127.0.0.1
+#
+# The HTTP API web server will listen on an available port from the given range.
+# Values can be specified as a single port (e.g., `9600`), or an inclusive range
+# of ports (e.g., `9600-9700`).
+#
+# api.http.port: 9600-9700
+#
+# The HTTP API includes a customizable "environment" value in its response,
+# which can be configured here.
+#
+# api.environment: "production"
+#
+# The HTTP API can be secured with SSL (TLS). To do so, you will need to provide
+# the path to a password-protected keystore in p12 or jks format, along with credentials.
+#
+# api.ssl.enabled: false
+# api.ssl.keystore.path: /path/to/keystore.jks
+# api.ssl.keystore.password: "y0uRp4$$w0rD"
+#
+# The HTTP API can be configured to require authentication. Acceptable values are
+#  - `none`:  no auth is required (default)
+#  - `basic`: clients must authenticate with HTTP Basic auth, as configured
+#             with `api.auth.basic.*` options below
+# api.auth.type: none
+#
+# When configured with `api.auth.type` `basic`, you must provide the credentials
+# that requests will be validated against. Usage of Environment or Keystore
+# variable replacements is encouraged (such as the value `"${HTTP_PASS}"`, which
+# resolves to the value stored in the keystore's `HTTP_PASS` variable if present
+# or the same variable from the environment)
+#
+# api.auth.basic.username: "logstash-user"
+# api.auth.basic.password: "s3cUreP4$$w0rD"
+#
 # ------------ Module Settings ---------------
 # Define modules here.  Modules definitions must be defined as an array.
 # The simple way to see this is to prepend each `name` with a `-`, and keep
@@ -178,22 +253,19 @@
 # Default is 1024mb
 # dead_letter_queue.max_bytes: 1024mb
 
+# If using dead_letter_queue.enable: true, the interval in milliseconds where if no further events eligible for the DLQ
+# have been created, a dead letter queue file will be written. A low value here will mean that more, smaller, queue files
+# may be written, while a larger value will introduce more latency between items being "written" to the dead letter queue, and
+# being available to be read by the dead_letter_queue input when items are are written infrequently.
+# Default is 5000.
+#
+# dead_letter_queue.flush_interval: 5000
+
 # If using dead_letter_queue.enable: true, the directory path where the data files will be stored.
 # Default is path.data/dead_letter_queue
 #
 # path.dead_letter_queue:
 #
-# ------------ Metrics Settings --------------
-#
-# Bind address for the metrics REST endpoint
-#
-# http.host: "127.0.0.1"
-#
-# Bind port for the metrics REST endpoint, this option also accept a range
-# (9600-9700) and logstash will pick up the first available ports.
-#
-# http.port: 9600-9700
-#
 # ------------ Debugging Settings --------------
 #
 # Options for log.level:
@@ -212,6 +284,10 @@
 # Where to find custom plugins
 # path.plugins: []
 #
+# Flag to output log lines of each pipeline in its separate log file. Each log filename contains the pipeline.name
+# Default is false
+# pipeline.separate_logs: false
+#
 # ------------ X-Pack Settings (not applicable for OSS build)--------------
 #
 # X-Pack Monitoring
@@ -219,7 +295,13 @@
 #xpack.monitoring.enabled: false
 #xpack.monitoring.elasticsearch.username: logstash_system
 #xpack.monitoring.elasticsearch.password: password
+#xpack.monitoring.elasticsearch.proxy: ["http://proxy:port"]
 #xpack.monitoring.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
+# an alternative to hosts + username/password settings is to use cloud_id/cloud_auth
+#xpack.monitoring.elasticsearch.cloud_id: monitoring_cluster_id:xxxxxxxxxx
+#xpack.monitoring.elasticsearch.cloud_auth: logstash_system:password
+# another authentication alternative is to use an Elasticsearch API key
+#xpack.monitoring.elasticsearch.api_key: "id:api_key"
 #xpack.monitoring.elasticsearch.ssl.certificate_authority: [ "/path/to/ca.crt" ]
 #xpack.monitoring.elasticsearch.ssl.truststore.path: path/to/file
 #xpack.monitoring.elasticsearch.ssl.truststore.password: password
@@ -236,7 +318,13 @@
 #xpack.management.pipeline.id: ["main", "apache_logs"]
 #xpack.management.elasticsearch.username: logstash_admin_user
 #xpack.management.elasticsearch.password: password
+#xpack.management.elasticsearch.proxy: ["http://proxy:port"]
 #xpack.management.elasticsearch.hosts: ["https://es1:9200", "https://es2:9200"]
+# an alternative to hosts + username/password settings is to use cloud_id/cloud_auth
+#xpack.management.elasticsearch.cloud_id: management_cluster_id:xxxxxxxxxx
+#xpack.management.elasticsearch.cloud_auth: logstash_admin_user:password
+# another authentication alternative is to use an Elasticsearch API key
+#xpack.management.elasticsearch.api_key: "id:api_key"
 #xpack.management.elasticsearch.ssl.certificate_authority: [ "/path/to/ca.crt" ]
 #xpack.management.elasticsearch.ssl.truststore.path: /path/to/file
 #xpack.management.elasticsearch.ssl.truststore.password: password
@@ -245,3 +333,7 @@
 #xpack.management.elasticsearch.ssl.verification_mode: certificate
 #xpack.management.elasticsearch.sniffing: false
 #xpack.management.logstash.poll_interval: 5s
+
+# X-Pack GeoIP plugin
+# https://www.elastic.co/guide/en/logstash/current/plugins-filters-geoip.html#plugins-filters-geoip-manage_update
+#xpack.geoip.download.endpoint: "https://geoip.elastic.co/v1/database"

config/pipelines.yml

@@ -70,6 +70,15 @@
 #   will be dropped if they would increase the size of the dead letter queue beyond this setting.
 #   Default is 1024mb
 #   dead_letter_queue.max_bytes: 1024mb
+#
+#   If using dead_letter_queue.enable: true, the interval in milliseconds where if no further events eligible for the DLQ
+#   have been created, a dead letter queue file will be written. A low value here will mean that more, smaller, queue files
+#   may be written, while a larger value will introduce more latency between items being "written" to the dead letter queue, and
+#   being available to be read by the dead_letter_queue input when items are are written infrequently.
+#   Default is 5000.
+#
+#   dead_letter_queue.flush_interval: 5000
+
 #
 #   If using dead_letter_queue.enable: true, the directory path where the data files will be stored.
 #   Default is path.data/dead_letter_queue

docker/LICENSE

@@ -1,4 +1,3 @@
-
                                  Apache License
                            Version 2.0, January 2004
                         http://www.apache.org/licenses/
@@ -179,7 +178,7 @@
    APPENDIX: How to apply the Apache License to your work.
 
       To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
+      boilerplate notice, with the fields enclosed by brackets "{}"
       replaced with your own identifying information. (Don't include
       the brackets!)  The text should be enclosed in the appropriate
       comment syntax for the file format. We also recommend that a
@@ -187,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright [yyyy] [name of copyright owner]
+   Copyright {yyyy} {name of copyright owner}
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

docker/Makefile

@@ -0,0 +1,220 @@
+SHELL=/bin/bash
+ELASTIC_REGISTRY ?= docker.elastic.co
+PY_VERSION ?= 3.6.13
+export PATH := ./bin:$(HOME)/.pyenv/bin:$(HOME)/.pyenv/shims:./venv/bin:$(PATH)
+
+# Determine the version to build.
+ELASTIC_VERSION := $(shell ../vendor/jruby/bin/jruby bin/elastic-version)
+
+ifdef STAGING_BUILD_NUM
+  VERSION_TAG := $(ELASTIC_VERSION)-$(STAGING_BUILD_NUM)
+else
+  VERSION_TAG := $(ELASTIC_VERSION)
+endif
+
+ifdef DOCKER_ARCHITECTURE
+  ARCHITECTURE := $(DOCKER_ARCHITECTURE)
+else
+  ARCHITECTURE := $(shell uname -m)
+endif
+
+IMAGE_FLAVORS ?= oss full ubi8
+DEFAULT_IMAGE_FLAVOR ?= full
+
+IMAGE_TAG := $(ELASTIC_REGISTRY)/logstash/logstash
+HTTPD ?= logstash-docker-artifact-server
+
+FIGLET := pyfiglet -w 160 -f puffy
+
+all: build-from-local-artifacts build-from-local-oss-artifacts public-dockerfiles
+
+lint: venv
+	flake8 tests
+
+# Build from artifacts on the local filesystem, using an http server (running
+# in a container) to provide the artifacts to the Dockerfile.
+build-from-local-full-artifacts: venv dockerfile env2yaml
+	docker run --rm -d --name=$(HTTPD) \
+	           -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \
+	           python:3 bash -c 'cd /mnt && python3 -m http.server'
+	timeout 120 bash -c 'until curl -s localhost:8000 > /dev/null; do sleep 1; done'
+	pyfiglet -f puffy -w 160 "Building: full"; \
+	docker build --network=host -t $(IMAGE_TAG)-full:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-full data/logstash || \
+	  (docker kill $(HTTPD); false); \
+	docker tag $(IMAGE_TAG)-full:$(VERSION_TAG) $(IMAGE_TAG):$(VERSION_TAG);
+	docker kill $(HTTPD)
+
+build-from-local-oss-artifacts: venv dockerfile env2yaml
+	docker run --rm -d --name=$(HTTPD) \
+	           -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \
+	           python:3 bash -c 'cd /mnt && python3 -m http.server'
+	timeout 120 bash -c 'until curl -s localhost:8000 > /dev/null; do sleep 1; done'
+	pyfiglet -f puffy -w 160 "Building: oss"; \
+	docker build --network=host -t $(IMAGE_TAG)-oss:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-oss data/logstash || \
+	  (docker kill $(HTTPD); false);
+	-docker kill $(HTTPD)
+
+build-from-local-ubi8-artifacts: venv dockerfile env2yaml
+	docker run --rm -d --name=$(HTTPD) \
+	           -p 8000:8000 --expose=8000 -v $(ARTIFACTS_DIR):/mnt \
+	           python:3 bash -c 'cd /mnt && python3 -m http.server'
+	timeout 120 bash -c 'until curl -s localhost:8000 > /dev/null; do sleep 1; done'
+	pyfiglet -f puffy -w 160 "Building: ubi8"; \
+	docker build --network=host -t $(IMAGE_TAG)-ubi8:$(VERSION_TAG) -f $(ARTIFACTS_DIR)/Dockerfile-ubi8 data/logstash || \
+	  (docker kill $(HTTPD); false);
+	-docker kill $(HTTPD)
+
+COPY_FILES = $(ARTIFACTS_DIR)/docker/config/pipelines.yml $(ARTIFACTS_DIR)/docker/config/logstash-oss.yml $(ARTIFACTS_DIR)/docker/config/logstash-full.yml $(ARTIFACTS_DIR)/docker/config/log4j2.properties $(ARTIFACTS_DIR)/docker/pipeline/default.conf $(ARTIFACTS_DIR)/docker/bin/docker-entrypoint $(ARTIFACTS_DIR)/docker/env2yaml/env2yaml
+
+$(ARTIFACTS_DIR)/docker/config/pipelines.yml: data/logstash/config/pipelines.yml
+$(ARTIFACTS_DIR)/docker/config/logstash-oss.yml: data/logstash/config/logstash-oss.yml
+$(ARTIFACTS_DIR)/docker/config/logstash-full.yml: data/logstash/config/logstash-full.yml
+$(ARTIFACTS_DIR)/docker/config/log4j2.properties: data/logstash/config/log4j2.properties
+$(ARTIFACTS_DIR)/docker/pipeline/default.conf: data/logstash/pipeline/default.conf
+$(ARTIFACTS_DIR)/docker/bin/docker-entrypoint: data/logstash/bin/docker-entrypoint
+$(ARTIFACTS_DIR)/docker/env2yaml/env2yaml: data/logstash/env2yaml/env2yaml
+
+$(ARTIFACTS_DIR)/docker/%:
+	cp -f $< $@
+
+docker_paths:
+	mkdir -p $(ARTIFACTS_DIR)/docker/
+	mkdir -p $(ARTIFACTS_DIR)/docker/bin
+	mkdir -p $(ARTIFACTS_DIR)/docker/config
+	mkdir -p $(ARTIFACTS_DIR)/docker/env2yaml
+	mkdir -p $(ARTIFACTS_DIR)/docker/pipeline
+
+COPY_IRONBANK_FILES = $(ARTIFACTS_DIR)/ironbank/scripts/config/pipelines.yml $(ARTIFACTS_DIR)/ironbank/scripts/config/logstash.yml $(ARTIFACTS_DIR)/ironbank/scripts/config/log4j2.properties $(ARTIFACTS_DIR)/ironbank/scripts/pipeline/default.conf $(ARTIFACTS_DIR)/ironbank/scripts/bin/docker-entrypoint $(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/env2yaml.go $(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/go.mod $(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/go.sum $(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/vendor/modules.txt $(ARTIFACTS_DIR)/ironbank/LICENSE $(ARTIFACTS_DIR)/ironbank/README.md
+
+$(ARTIFACTS_DIR)/ironbank/scripts/config/pipelines.yml: data/logstash/config/pipelines.yml
+$(ARTIFACTS_DIR)/ironbank/scripts/config/logstash.yml: data/logstash/config/logstash-full.yml
+$(ARTIFACTS_DIR)/ironbank/scripts/config/log4j2.properties: data/logstash/config/log4j2.properties
+$(ARTIFACTS_DIR)/ironbank/scripts/pipeline/default.conf: data/logstash/pipeline/default.conf
+$(ARTIFACTS_DIR)/ironbank/scripts/bin/docker-entrypoint: data/logstash/bin/docker-entrypoint
+$(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/env2yaml.go: data/logstash/env2yaml/env2yaml.go
+$(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/go.mod: ironbank/go/src/env2yaml/go.mod
+$(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/go.sum: ironbank/go/src/env2yaml/go.sum
+$(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/vendor/modules.txt: ironbank/go/src/env2yaml/vendor/modules.txt
+$(ARTIFACTS_DIR)/ironbank/LICENSE: ironbank/LICENSE
+$(ARTIFACTS_DIR)/ironbank/README.md: ironbank/README.md
+
+$(ARTIFACTS_DIR)/ironbank/%:
+	cp -f $< $@
+
+ironbank_docker_paths:
+	mkdir -p $(ARTIFACTS_DIR)/ironbank/
+	mkdir -p $(ARTIFACTS_DIR)/ironbank/scripts
+	mkdir -p $(ARTIFACTS_DIR)/ironbank/scripts/bin
+	mkdir -p $(ARTIFACTS_DIR)/ironbank/scripts/config
+	mkdir -p $(ARTIFACTS_DIR)/ironbank/scripts/go/src/env2yaml/vendor
+	mkdir -p $(ARTIFACTS_DIR)/ironbank/scripts/pipeline
+
+public-dockerfiles: public-dockerfiles_oss public-dockerfiles_full public-dockerfiles_ubi8 public-dockerfiles_ironbank
+
+public-dockerfiles_full: venv templates/Dockerfile.j2 docker_paths $(COPY_FILES)
+	jinja2 \
+	  -D created_date='$(BUILD_DATE)' \
+	  -D elastic_version='$(ELASTIC_VERSION)' \
+	  -D arch='${ARCHITECTURE}' \
+	  -D version_tag='$(VERSION_TAG)' \
+	  -D image_flavor='full' \
+	  -D local_artifacts='false' \
+	  -D release='$(RELEASE)' \
+	  templates/Dockerfile.j2 > $(ARTIFACTS_DIR)/Dockerfile-full && \
+	cd $(ARTIFACTS_DIR)/docker && \
+	cp $(ARTIFACTS_DIR)/Dockerfile-full Dockerfile && \
+	tar -zcf ../logstash-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline
+
+public-dockerfiles_oss: venv templates/Dockerfile.j2 docker_paths $(COPY_FILES)
+	jinja2 \
+	  -D created_date='$(BUILD_DATE)' \
+	  -D elastic_version='$(ELASTIC_VERSION)' \
+	  -D arch='${ARCHITECTURE}' \
+	  -D version_tag='$(VERSION_TAG)' \
+	  -D image_flavor='oss' \
+	  -D local_artifacts='false' \
+	  -D release='$(RELEASE)' \
+	  templates/Dockerfile.j2 > $(ARTIFACTS_DIR)/Dockerfile-oss && \
+	cd $(ARTIFACTS_DIR)/docker && \
+	cp $(ARTIFACTS_DIR)/Dockerfile-oss Dockerfile && \
+	tar -zcf ../logstash-oss-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline
+
+public-dockerfiles_ubi8: venv templates/Dockerfile.j2 docker_paths $(COPY_FILES)
+	jinja2 \
+	  -D created_date='$(BUILD_DATE)' \
+	  -D elastic_version='$(ELASTIC_VERSION)' \
+	  -D arch='${ARCHITECTURE}' \
+	  -D version_tag='$(VERSION_TAG)' \
+	  -D image_flavor='ubi8' \
+	  -D local_artifacts='false' \
+	  -D release='$(RELEASE)' \
+	  templates/Dockerfile.j2 > $(ARTIFACTS_DIR)/Dockerfile-ubi8 && \
+	cd $(ARTIFACTS_DIR)/docker && \
+	cp $(ARTIFACTS_DIR)/Dockerfile-ubi8 Dockerfile && \
+	tar -zcf ../logstash-ubi8-$(VERSION_TAG)-docker-build-context.tar.gz Dockerfile bin config env2yaml pipeline
+
+public-dockerfiles_ironbank: templates/hardening_manifest.yaml templates/Dockerfile.j2 ironbank_docker_paths $(COPY_IRONBANK_FILES)
+	jinja2 \
+	  -D elastic_version='$(ELASTIC_VERSION)' \
+	  templates/hardening_manifest.yaml > $(ARTIFACTS_DIR)/ironbank/hardening_manifest.yaml && \
+	jinja2 \
+	  -D created_date='$(BUILD_DATE)' \
+	  -D elastic_version='$(ELASTIC_VERSION)' \
+	  -D arch='${ARCHITECTURE}' \
+	  -D version_tag='$(VERSION_TAG)' \
+	  -D image_flavor='ironbank' \
+	  -D local_artifacts='false' \
+	  -D release='$(RELEASE)' \
+	  templates/Dockerfile.j2 > $(ARTIFACTS_DIR)/Dockerfile-ironbank && \
+	cd $(ARTIFACTS_DIR)/ironbank && \
+	cp $(ARTIFACTS_DIR)/Dockerfile-ironbank Dockerfile && \
+	tar -zcf ../logstash-ironbank-$(VERSION_TAG)-docker-build-context.tar.gz scripts Dockerfile hardening_manifest.yaml LICENSE README.md
+
+# Push the image to the dedicated push endpoint at "push.docker.elastic.co"
+push:
+	$(foreach FLAVOR, $(IMAGE_FLAVORS), \
+	  docker tag $(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG) push.$(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG); \
+	  docker push push.$(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG); \
+	  docker rmi push.$(IMAGE_TAG)-$(FLAVOR):$(VERSION_TAG); \
+	)
+	# Also push the default version, with no suffix like '-oss' or '-full'
+	docker tag $(IMAGE_TAG):$(VERSION_TAG) push.$(IMAGE_TAG):$(VERSION_TAG);
+	docker push push.$(IMAGE_TAG):$(VERSION_TAG);
+	docker rmi push.$(IMAGE_TAG):$(VERSION_TAG);
+
+# The tests are written in Python. Make a virtualenv to handle the dependencies.
+venv: requirements.txt
+	LOCAL_PY_VER=`python3 --version 2>&1`&&\
+	echo "Was using $$LOCAL_PY_VER" &&\
+	eval "$$(pyenv init -)" && eval "$$(pyenv init --path)" &&\
+	pyenv install --skip-existing $(PY_VERSION) &&\
+	pyenv local $(PY_VERSION) &&\
+	python3 -mvenv venv && \
+	for i in 0 1 2 3 4 5; do sleep "$i"; pip install -r requirements.txt && break; done &&\
+	touch venv
+
+# Compile "env2yaml", the helper for configuring logstash.yml via environment
+# variables.
+env2yaml:
+	docker run --rm \
+	  -v "$(PWD)/data/logstash/env2yaml:/usr/src/env2yaml" \
+		-w /usr/src/env2yaml golang:1 go build
+
+# Generate the Dockerfiles from Jinja2 templates.
+dockerfile: venv templates/Dockerfile.j2
+	$(foreach FLAVOR, $(IMAGE_FLAVORS), \
+	  jinja2 \
+	    -D created_date='$(BUILD_DATE)' \
+	    -D elastic_version='$(ELASTIC_VERSION)' \
+	    -D arch='${ARCHITECTURE}' \
+	    -D version_tag='$(VERSION_TAG)' \
+	    -D image_flavor='$(FLAVOR)' \
+	    -D local_artifacts='true' \
+	    templates/Dockerfile.j2 > $(ARTIFACTS_DIR)/Dockerfile-$(FLAVOR); \
+	)
+
+clean:
+	rm -f ${ARTIFACTS_DIR}/env2yaml/env2yaml ${ARTIFACTS_DIR}/Dockerfile
+	rm -rf venv
+
+.PHONY: clean push

docker/README.md

@@ -0,0 +1,34 @@
+## Description
+
+This repository contains the official [Logstash][logstash] Docker image from
+[Elastic][elastic].
+
+Documentation can be found on the [Elastic website](https://www.elastic.co/guide/en/logstash/current/docker.html).
+
+[logstash]: https://www.elastic.co/products/logstash
+[elastic]: https://www.elastic.co/
+
+## Supported Docker versions
+
+The images have been tested on Docker version 18.09.2, build 6247962
+
+## Requirements
+A full build requires:
+* Docker
+* GNU Make
+* Python 3.5 with Virtualenv
+* JRuby 9.1+
+
+## Running a build
+To build an image check out the corresponding branch for the version and run the rake task
+Like this:
+```
+git checkout 7.0
+rake artifact:docker
+# and for the OSS package
+rake artifact:docker_oss
+```
+
+This image is built on [Centos 7][centos-7].
+
+[centos-7]: https://github.com/CentOS/sig-cloud-instance-images/blob/50281d86d6ed5c61975971150adfd0ede86423bb/docker/Dockerfile

docker/bin/elastic-version

@@ -0,0 +1,24 @@
+#!/usr/bin/env ruby
+#
+# Print the Elastic Stack version for the current branch, as defined in
+# the 'version.json' file.
+#
+require 'yaml'
+
+def get_hard_coded_version
+  version_info = YAML::safe_load(IO.read('../versions.yml'))
+  version_info['logstash']
+end
+
+def qualify(version)
+  qualifier = ENV['VERSION_QUALIFIER']
+  qualifier.nil? || qualifier.empty? ? version : [version, qualifier].join("-")
+end
+
+def get_version
+  version = get_hard_coded_version()
+  version = qualify(version)
+  ENV["RELEASE"] == "1" ? version : [version, "SNAPSHOT"].join("-")
+end
+
+puts get_version

docker/bin/pytest

@@ -0,0 +1,5 @@
+#!/bin/bash
+#
+# A wrapper for `pytest` to handle the appropriate Testinfra arguments.
+
+./venv/bin/pytest --verbose --connection=docker --hosts=logstash-test $@

docker/data/logstash/bin/docker-entrypoint

@@ -0,0 +1,15 @@
+#!/bin/bash -e
+
+# Map environment variables to entries in logstash.yml.
+# Note that this will mutate logstash.yml in place if any such settings are found.
+# This may be undesirable, especially if logstash.yml is bind-mounted from the
+# host system.
+env2yaml /usr/share/logstash/config/logstash.yml
+
+export LS_JAVA_OPTS="-Dls.cgroup.cpuacct.path.override=/ -Dls.cgroup.cpu.path.override=/ $LS_JAVA_OPTS"
+
+if [[ -z $1 ]] || [[ ${1:0:1} == '-' ]] ; then
+  exec logstash "$@"
+else
+  exec "$@"
+fi

docker/data/logstash/config/log4j2.properties

@@ -0,0 +1,16 @@
+status = error
+name = LogstashPropertiesConfig
+
+appender.console.type = Console
+appender.console.name = plain_console
+appender.console.layout.type = PatternLayout
+appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c]%notEmpty{[%X{pipeline.id}]}%notEmpty{[%X{plugin.id}]} %m%n
+
+appender.json_console.type = Console
+appender.json_console.name = json_console
+appender.json_console.layout.type = JSONLayout
+appender.json_console.layout.compact = true
+appender.json_console.layout.eventEol = true
+
+rootLogger.level = ${sys:ls.log.level}
+rootLogger.appenderRef.console.ref = ${sys:ls.log.format}_console

docker/data/logstash/config/logstash-full.yml

@@ -0,0 +1,2 @@
+http.host: "0.0.0.0"
+xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch:9200" ]

docker/data/logstash/config/logstash-oss.yml

@@ -0,0 +1 @@
+http.host: "0.0.0.0"

docker/data/logstash/config/pipelines.yml

@@ -0,0 +1,6 @@
+# This file is where you define your pipelines. You can define multiple.
+# For more information on multiple pipelines, see the documentation:
+#   https://www.elastic.co/guide/en/logstash/current/multiple-pipelines.html
+
+- pipeline.id: main
+  path.config: "/usr/share/logstash/pipeline"

docker/data/logstash/env2yaml/env2yaml.go

@@ -0,0 +1,192 @@
+// env2yaml
+//
+// Merge environment variables into logstash.yml.
+// For example, running Docker with:
+//
+//   docker run -e pipeline.workers=6
+//
+// or
+//
+//   docker run -e PIPELINE_WORKERS=6
+//
+// will cause logstash.yml to contain the line:
+//
+//   pipeline.workers: 6
+//
+package main
+
+import (
+	"errors"
+	"gopkg.in/yaml.v2"
+	"io/ioutil"
+	"log"
+	"os"
+	"strings"
+)
+
+// If the given string can be parsed as YAML, then do so and return the
+// resulting entity. Otherwise, return the string unmodified.
+func FromYamlIfPossible(str string) interface{} {
+	var entity interface{}
+	err := yaml.Unmarshal([]byte(str), &entity)
+	if err == nil {
+		return entity
+	} else {
+		return str
+	}
+}
+
+// Given a setting name, return a downcased version with delimiters removed.
+func squashSetting(setting string) string {
+	downcased := strings.ToLower(setting)
+	de_dotted := strings.Replace(downcased, ".", "", -1)
+	de_underscored := strings.Replace(de_dotted, "_", "", -1)
+	return de_underscored
+}
+
+// Given a setting name like "pipeline.workers" or "PIPELINE_UNSAFE_SHUTDOWN",
+// return the canonical setting name. eg. 'pipeline.unsafe_shutdown'
+func normalizeSetting(setting string) (string, error) {
+	valid_settings := []string{
+		"api.enabled",
+		"api.http.host",
+		"api.http.port",
+		"api.environment",
+		"node.name",
+		"path.data",
+		"pipeline.id",
+		"pipeline.workers",
+		"pipeline.output.workers",
+		"pipeline.batch.size",
+		"pipeline.batch.delay",
+		"pipeline.unsafe_shutdown",
+		"pipeline.java_execution",
+		"pipeline.ecs_compatibility",
+		"pipeline.ordered",
+		"pipeline.plugin_classloaders",
+		"pipeline.separate_logs",
+		"path.config",
+		"config.string",
+		"config.test_and_exit",
+		"config.reload.automatic",
+		"config.reload.interval",
+		"config.debug",
+		"config.support_escapes",
+		"queue.type",
+		"path.queue",
+		"queue.page_capacity",
+		"queue.max_events",
+		"queue.max_bytes",
+		"queue.checkpoint.acks",
+		"queue.checkpoint.writes",
+		"queue.checkpoint.interval",
+		"queue.drain",
+		"dead_letter_queue.enable",
+		"dead_letter_queue.max_bytes",
+		"dead_letter_queue.flush_interval",
+		"path.dead_letter_queue",
+		"http.enabled",     // DEPRECATED: prefer `api.enabled`
+		"http.environment", // DEPRECATED: prefer `api.environment`
+		"http.host",        // DEPRECATED: prefer `api.http.host`
+		"http.port",        // DEPRECATED: prefer `api.http.port`
+		"log.level",
+		"log.format",
+		"modules",
+		"path.logs",
+		"path.plugins",
+		"monitoring.cluster_uuid",
+		"xpack.monitoring.enabled",
+		"xpack.monitoring.collection.interval",
+		"xpack.monitoring.elasticsearch.hosts",
+		"xpack.monitoring.elasticsearch.username",
+		"xpack.monitoring.elasticsearch.password",
+		"xpack.monitoring.elasticsearch.proxy",
+		"xpack.monitoring.elasticsearch.api_key",
+		"xpack.monitoring.elasticsearch.cloud_auth",
+		"xpack.monitoring.elasticsearch.cloud_id",
+		"xpack.monitoring.elasticsearch.sniffing",
+		"xpack.monitoring.elasticsearch.ssl.certificate_authority",
+		"xpack.monitoring.elasticsearch.ssl.verification_mode",
+		"xpack.monitoring.elasticsearch.ssl.truststore.path",
+		"xpack.monitoring.elasticsearch.ssl.truststore.password",
+		"xpack.monitoring.elasticsearch.ssl.keystore.path",
+		"xpack.monitoring.elasticsearch.ssl.keystore.password",
+		"xpack.management.enabled",
+		"xpack.management.logstash.poll_interval",
+		"xpack.management.pipeline.id",
+		"xpack.management.elasticsearch.hosts",
+		"xpack.management.elasticsearch.username",
+		"xpack.management.elasticsearch.password",
+		"xpack.management.elasticsearch.proxy",
+		"xpack.management.elasticsearch.api_key",
+		"xpack.management.elasticsearch.cloud_auth",
+		"xpack.management.elasticsearch.cloud_id",
+		"xpack.management.elasticsearch.sniffing",
+		"xpack.management.elasticsearch.ssl.certificate_authority",
+		"xpack.management.elasticsearch.ssl.verification_mode",
+		"xpack.management.elasticsearch.ssl.truststore.path",
+		"xpack.management.elasticsearch.ssl.truststore.password",
+		"xpack.management.elasticsearch.ssl.keystore.path",
+		"xpack.management.elasticsearch.ssl.keystore.password",
+		"xpack.geoip.download.endpoint",
+		"cloud.id",
+		"cloud.auth",
+	}
+
+	for _, valid_setting := range valid_settings {
+		if squashSetting(setting) == squashSetting(valid_setting) {
+			return valid_setting, nil
+		}
+	}
+	return "", errors.New("Invalid setting: " + setting)
+}
+
+func main() {
+	if len(os.Args) != 2 {
+		log.Fatalf("usage: env2yaml FILENAME")
+	}
+	settingsFilePath := os.Args[1]
+
+	settingsFile, err := ioutil.ReadFile(settingsFilePath)
+	if err != nil {
+		log.Fatalf("error: %v", err)
+	}
+
+	// Read the original settings file into a map.
+	settings := make(map[string]interface{})
+	err = yaml.Unmarshal(settingsFile, &settings)
+	if err != nil {
+		log.Fatalf("error: %v", err)
+	}
+
+	// Merge any valid settings found in the environment.
+	foundNewSettings := false
+	for _, line := range os.Environ() {
+		kv := strings.SplitN(line, "=", 2)
+		key := kv[0]
+		value := kv[1]
+		setting, err := normalizeSetting(key)
+		if err == nil {
+			foundNewSettings = true
+			log.Printf("Setting '%s' from environment.", setting)
+			settings[setting] = FromYamlIfPossible(value)
+		}
+	}
+
+	if foundNewSettings {
+		output, err := yaml.Marshal(&settings)
+		if err != nil {
+			log.Fatalf("error: %v", err)
+		}
+
+		stat, err := os.Stat(settingsFilePath)
+		if err != nil {
+			log.Fatalf("error: %v", err)
+		}
+
+		err = ioutil.WriteFile(settingsFilePath, output, stat.Mode())
+		if err != nil {
+			log.Fatalf("error: %v", err)
+		}
+	}
+}

docker/data/logstash/env2yaml/go.mod

@@ -0,0 +1,5 @@
+module logstash/env2yaml
+
+go 1.21
+
+require gopkg.in/yaml.v2 v2.4.0

docker/data/logstash/env2yaml/go.sum

@@ -0,0 +1,3 @@
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=

docker/data/logstash/pipeline/default.conf

@@ -0,0 +1,12 @@
+input {
+  beats {
+    port => 5044
+  }
+}
+
+output {
+  stdout {
+    codec => rubydebug
+  }
+}
+

docker/examples/logstash.conf

@@ -0,0 +1,14 @@
+input {
+  heartbeat {
+    interval => 5
+    message  => 'Hello from Logstash 💓'
+  }
+}
+
+output {
+  elasticsearch {
+    hosts    => [ 'elasticsearch' ]
+    user     => 'elastic'
+    password => 'changeme'
+  }
+}

docker/ironbank/LICENSE

@@ -0,0 +1,280 @@
+ELASTIC LICENSE AGREEMENT
+
+PLEASE READ CAREFULLY THIS ELASTIC LICENSE AGREEMENT (THIS "AGREEMENT"), WHICH
+CONSTITUTES A LEGALLY BINDING AGREEMENT AND GOVERNS ALL OF YOUR USE OF ALL OF
+THE ELASTIC SOFTWARE WITH WHICH THIS AGREEMENT IS INCLUDED ("ELASTIC SOFTWARE")
+THAT IS PROVIDED IN OBJECT CODE FORMAT, AND, IN ACCORDANCE WITH SECTION 2 BELOW,
+CERTAIN OF THE ELASTIC SOFTWARE THAT IS PROVIDED IN SOURCE CODE FORMAT. BY
+INSTALLING OR USING ANY OF THE ELASTIC SOFTWARE GOVERNED BY THIS AGREEMENT, YOU
+ARE ASSENTING TO THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF YOU DO NOT AGREE
+WITH SUCH TERMS AND CONDITIONS, YOU MAY NOT INSTALL OR USE THE ELASTIC SOFTWARE
+GOVERNED BY THIS AGREEMENT. IF YOU ARE INSTALLING OR USING THE SOFTWARE ON
+BEHALF OF A LEGAL ENTITY, YOU REPRESENT AND WARRANT THAT YOU HAVE THE ACTUAL
+AUTHORITY TO AGREE TO THE TERMS AND CONDITIONS OF THIS AGREEMENT ON BEHALF OF
+SUCH ENTITY.
+
+Posted Date: April 20, 2018
+
+This Agreement is entered into by and between Elasticsearch BV ("Elastic") and
+You, or the legal entity on behalf of whom You are acting (as applicable,
+"You").
+
+1. OBJECT CODE END USER LICENSES, RESTRICTIONS AND THIRD PARTY OPEN SOURCE
+SOFTWARE
+
+  1.1 Object Code End User License. Subject to the terms and conditions of
+  Section 1.2 of this Agreement, Elastic hereby grants to You, AT NO CHARGE and
+  for so long as you are not in breach of any provision of this Agreement, a
+  License to the Basic Features and Functions of the Elastic Software.
+
+  1.2 Reservation of Rights; Restrictions. As between Elastic and You, Elastic
+  and its licensors own all right, title and interest in and to the Elastic
+  Software, and except as expressly set forth in Sections 1.1, and 2.1 of this
+  Agreement, no other license to the Elastic Software is granted to You under
+  this Agreement, by implication, estoppel or otherwise. You agree not to: (i)
+  reverse engineer or decompile, decrypt, disassemble or otherwise reduce any
+  Elastic Software provided to You in Object Code, or any portion thereof, to
+  Source Code, except and only to the extent any such restriction is prohibited
+  by applicable law, (ii) except as expressly permitted in this Agreement,
+  prepare derivative works from, modify, copy or use the Elastic Software Object
+  Code or the Commercial Software Source Code in any manner; (iii) except as
+  expressly permitted in Section 1.1 above, transfer, sell, rent, lease,
+  distribute, sublicense, loan or otherwise transfer, Elastic Software Object
+  Code, in whole or in part, to any third party; (iv) use Elastic Software
+  Object Code for providing time-sharing services, any software-as-a-service,
+  service bureau services or as part of an application services provider or
+  other service offering (collectively, "SaaS Offering") where obtaining access
+  to the Elastic Software or the features and functions of the Elastic Software
+  is a primary reason or substantial motivation for users of the SaaS Offering
+  to access and/or use the SaaS Offering ("Prohibited SaaS Offering"); (v)
+  circumvent the limitations on use of Elastic Software provided to You in
+  Object Code format that are imposed or preserved by any License Key, or (vi)
+  alter or remove any Marks and Notices in the Elastic Software. If You have any
+  question as to whether a specific SaaS Offering constitutes a Prohibited SaaS
+  Offering, or are interested in obtaining Elastic's permission to engage in
+  commercial or non-commercial distribution of the Elastic Software, please
+  contact elastic_license@elastic.co.
+
+  1.3 Third Party Open Source Software. The Commercial Software may contain or
+  be provided with third party open source libraries, components, utilities and
+  other open source software (collectively, "Open Source Software"), which Open
+  Source Software may have applicable license terms as identified on a website
+  designated by Elastic. Notwithstanding anything to the contrary herein, use of
+  the Open Source Software shall be subject to the license terms and conditions
+  applicable to such Open Source Software, to the extent required by the
+  applicable licensor (which terms shall not restrict the license rights granted
+  to You hereunder, but may contain additional rights). To the extent any
+  condition of this Agreement conflicts with any license to the Open Source
+  Software, the Open Source Software license will govern with respect to such
+  Open Source Software only. Elastic may also separately provide you with
+  certain open source software that is licensed by Elastic. Your use of such
+  Elastic open source software will not be governed by this Agreement, but by
+  the applicable open source license terms.
+
+2. COMMERCIAL SOFTWARE SOURCE CODE
+
+  2.1 Limited License. Subject to the terms and conditions of Section 2.2 of
+  this Agreement, Elastic hereby grants to You, AT NO CHARGE and for so long as
+  you are not in breach of any provision of this Agreement, a limited,
+  non-exclusive, non-transferable, fully paid up royalty free right and license
+  to the Commercial Software in Source Code format, without the right to grant
+  or authorize sublicenses, to prepare Derivative Works of the Commercial
+  Software, provided You (i) do not hack the licensing mechanism, or otherwise
+  circumvent the intended limitations on the use of Elastic Software to enable
+  features other than Basic Features and Functions or those features You are
+  entitled to as part of a Subscription, and (ii) use the resulting object code
+  only for reasonable testing purposes.
+
+  2.2 Restrictions. Nothing in Section 2.1 grants You the right to (i) use the
+  Commercial Software Source Code other than in accordance with Section 2.1
+  above, (ii) use a Derivative Work of the Commercial Software outside of a
+  Non-production Environment, in any production capacity, on a temporary or
+  permanent basis, or (iii) transfer, sell, rent, lease, distribute, sublicense,
+  loan or otherwise make available the Commercial Software Source Code, in whole
+  or in part, to any third party. Notwithstanding the foregoing, You may
+  maintain a copy of the repository in which the Source Code of the Commercial
+  Software resides and that copy may be publicly accessible, provided that you
+  include this Agreement with Your copy of the repository.
+
+3. TERMINATION
+
+  3.1 Termination. This Agreement will automatically terminate, whether or not
+  You receive notice of such Termination from Elastic, if You breach any of its
+  provisions.
+
+  3.2 Post Termination. Upon any termination of this Agreement, for any reason,
+  You shall promptly cease the use of the Elastic Software in Object Code format
+  and cease use of the Commercial Software in Source Code format. For the
+  avoidance of doubt, termination of this Agreement will not affect Your right
+  to use Elastic Software, in either Object Code or Source Code formats, made
+  available under the Apache License Version 2.0.
+
+  3.3 Survival. Sections 1.2, 2.2. 3.3, 4 and 5 shall survive any termination or
+  expiration of this Agreement.
+
+4. DISCLAIMER OF WARRANTIES AND LIMITATION OF LIABILITY
+
+  4.1 Disclaimer of Warranties. TO THE MAXIMUM EXTENT PERMITTED UNDER APPLICABLE
+  LAW, THE ELASTIC SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
+  AND ELASTIC AND ITS LICENSORS MAKE NO WARRANTIES WHETHER EXPRESSED, IMPLIED OR
+  STATUTORY REGARDING OR RELATING TO THE ELASTIC SOFTWARE. TO THE MAXIMUM EXTENT
+  PERMITTED UNDER APPLICABLE LAW, ELASTIC AND ITS LICENSORS SPECIFICALLY
+  DISCLAIM ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+  PURPOSE AND NON-INFRINGEMENT WITH RESPECT TO THE ELASTIC SOFTWARE, AND WITH
+  RESPECT TO THE USE OF THE FOREGOING. FURTHER, ELASTIC DOES NOT WARRANT RESULTS
+  OF USE OR THAT THE ELASTIC SOFTWARE WILL BE ERROR FREE OR THAT THE USE OF THE
+  ELASTIC SOFTWARE WILL BE UNINTERRUPTED.
+
+  4.2 Limitation of Liability. IN NO EVENT SHALL ELASTIC OR ITS LICENSORS BE
+  LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DIRECT OR INDIRECT DAMAGES,
+  INCLUDING, WITHOUT LIMITATION, FOR ANY LOSS OF PROFITS, LOSS OF USE, BUSINESS
+  INTERRUPTION, LOSS OF DATA, COST OF SUBSTITUTE GOODS OR SERVICES, OR FOR ANY
+  SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY KIND, IN CONNECTION WITH
+  OR ARISING OUT OF THE USE OR INABILITY TO USE THE ELASTIC SOFTWARE, OR THE
+  PERFORMANCE OF OR FAILURE TO PERFORM THIS AGREEMENT, WHETHER ALLEGED AS A
+  BREACH OF CONTRACT OR TORTIOUS CONDUCT, INCLUDING NEGLIGENCE, EVEN IF ELASTIC
+  HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+5. MISCELLANEOUS
+
+  This Agreement completely and exclusively states the entire agreement of the
+  parties regarding the subject matter herein, and it supersedes, and its terms
+  govern, all prior proposals, agreements, or other communications between the
+  parties, oral or written, regarding such subject matter. This Agreement may be
+  modified by Elastic from time to time, and any such modifications will be
+  effective upon the "Posted Date" set forth at the top of the modified
+  Agreement. If any provision hereof is held unenforceable, this Agreement will
+  continue without said provision and be interpreted to reflect the original
+  intent of the parties. This Agreement and any non-contractual obligation
+  arising out of or in connection with it, is governed exclusively by Dutch law.
+  This Agreement shall not be governed by the 1980 UN Convention on Contracts
+  for the International Sale of Goods. All disputes arising out of or in
+  connection with this Agreement, including its existence and validity, shall be
+  resolved by the courts with jurisdiction in Amsterdam, The Netherlands, except
+  where mandatory law provides for the courts at another location in The
+  Netherlands to have jurisdiction. The parties hereby irrevocably waive any and
+  all claims and defenses either might otherwise have in any such action or
+  proceeding in any of such courts based upon any alleged lack of personal
+  jurisdiction, improper venue, forum non conveniens or any similar claim or
+  defense. A breach or threatened breach, by You of Section 2 may cause
+  irreparable harm for which damages at law may not provide adequate relief, and
+  therefore Elastic shall be entitled to seek injunctive relief without being
+  required to post a bond. You may not assign this Agreement (including by
+  operation of law in connection with a merger or acquisition), in whole or in
+  part to any third party without the prior written consent of Elastic, which
+  may be withheld or granted by Elastic in its sole and absolute discretion.
+  Any assignment in violation of the preceding sentence is void. Notices to
+  Elastic may also be sent to legal@elastic.co.
+
+6. DEFINITIONS
+
+  The following terms have the meanings ascribed:
+
+  6.1 "Affiliate" means, with respect to a party, any entity that controls, is
+  controlled by, or which is under common control with, such party, where
+  "control" means ownership of at least fifty percent (50%) of the outstanding
+  voting shares of the entity, or the contractual right to establish policy for,
+  and manage the operations of, the entity.
+
+  6.2 "Basic Features and Functions" means those features and functions of the
+  Elastic Software that are eligible for use under a Basic license, as set forth
+  at https://www.elastic.co/subscriptions, as may be modified by Elastic from
+  time to time.
+
+  6.3 "Commercial Software" means the Elastic Software Source Code in any file
+  containing a header stating the contents are subject to the Elastic License or
+  which is contained in the repository folder labeled "x-pack", unless a LICENSE
+  file present in the directory subtree declares a different license.
+
+  6.4 "Derivative Work of the Commercial Software" means, for purposes of this
+  Agreement, any modification(s) or enhancement(s) to the Commercial Software,
+  which represent, as a whole, an original work of authorship.
+
+  6.5 "License" means a limited, non-exclusive, non-transferable, fully paid up,
+  royalty free, right and license, without the right to grant or authorize
+  sublicenses, solely for Your internal business operations to (i) install and
+  use the applicable Features and Functions of the Elastic Software in Object
+  Code, and (ii) permit Contractors and Your Affiliates to use the Elastic
+  software as set forth in (i) above, provided that such use by Contractors must
+  be solely for Your benefit and/or the benefit of Your Affiliates, and You
+  shall be responsible for all acts and omissions of such Contractors and
+  Affiliates in connection with their use of the Elastic software that are
+  contrary to the terms and conditions of this Agreement.
+
+  6.6 "License Key" means a sequence of bytes, including but not limited to a
+  JSON blob, that is used to enable certain features and functions of the
+  Elastic Software.
+
+  6.7 "Marks and Notices" means all Elastic trademarks, trade names, logos and
+  notices present on the Documentation as originally provided by Elastic.
+
+  6.8 "Non-production Environment" means an environment for development, testing
+  or quality assurance, where software is not used for production purposes.
+
+  6.9 "Object Code" means any form resulting from mechanical transformation or
+  translation of Source Code form, including but not limited to compiled object
+  code, generated documentation, and conversions to other media types.
+
+  6.10 "Source Code" means the preferred form of computer software for making
+  modifications, including but not limited to software source code,
+  documentation source, and configuration files.
+
+  6.11 "Subscription" means the right to receive Support Services and a License
+  to the Commercial Software.
+
+  
+GOVERNMENT END USER ADDENDUM TO THE ELASTIC LICENSE AGREEMENT
+
+    This ADDENDUM TO THE ELASTIC LICENSE AGREEMENT (this "Addendum") applies
+only to U.S. Federal Government, State Government, and Local Government
+entities ("Government End Users") of the Elastic Software.  This Addendum is
+subject to, and hereby incorporated into, the Elastic License Agreement,
+which is being entered into as of even date herewith, by Elastic and You (the
+"Agreement").  This Addendum sets forth additional terms and conditions
+related to Your use of the Elastic Software. Capitalized terms not defined in
+this Addendum have the meaning set forth in the Agreement.
+
+    1. LIMITED LICENSE TO DISTRIBUTE (DSOP ONLY).  Subject to the terms and
+conditions of the Agreement (including this Addendum), Elastic grants the
+Department of Defense Enterprise DevSecOps Initiative (DSOP) a royalty-free,
+non-exclusive, non-transferable, limited license to reproduce and distribute
+the Elastic Software solely through a software distribution repository
+controlled and managed by DSOP, provided that DSOP: (i) distributes the
+Elastic Software complete and unmodified, inclusive of the Agreement
+(including this Addendum) and (ii) does not remove or alter any proprietary
+legends or notices contained in the Elastic Software.
+
+    2. CHOICE OF LAW.  The choice of law and venue provisions set forth shall
+prevail over those set forth in Section 5 of the Agreement.
+
+      "For U.S. Federal Government Entity End Users. This Agreement and any
+  non-contractual obligation arising out of or in connection with it, is
+  governed exclusively by U.S. Federal law.  To the extent permitted by
+  federal law, the laws of the State of Delaware (excluding Delaware choice
+  of law rules) will apply in the absence of applicable federal law.
+
+      For State and Local Government Entity End Users. This Agreement and any
+  non-contractual obligation arising out of or in connection with it, is
+  governed exclusively by the laws of the state in which you are located
+  without reference to conflict of laws.  Furthermore, the Parties agree that
+  the Uniform Computer Information Transactions Act or any version  thereof,
+  adopted by any state in  any form ('UCITA'), shall not apply to  this
+  Agreement and, to the extent that UCITA is applicable, the Parties agree to
+  opt out of the applicability of UCITA pursuant to the opt-out provision(s)
+  contained therein."
+
+    3. ELASTIC LICENSE MODIFICATION.  Section 5 of the Agreement is hereby
+amended to replace
+
+      "This Agreement may be modified by Elastic from time to time, and any
+  such modifications will be effective upon the "Posted Date" set forth at
+  the top of the modified Agreement."
+
+        with:
+
+      "This Agreement may be modified by Elastic from time to time; provided,
+  however, that any such modifications shall apply only to Elastic Software
+  that is installed after the "Posted Date" set forth at the top of the
+  modified Agreement." 
+  
+V100820.0

docker/ironbank/README.md

@@ -0,0 +1,34 @@
+# Logstash
+Logstash is part of the [Elastic Stack](https://www.elastic.co/products) along with Elasticsearch, Kibana, and Beats. Logstash is a server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite "stash." (Ours is Elasticsearch, naturally.). Logstash has over 200 plugins, and you can write your own very easily as well.
+
+For more info, see <https://www.elastic.co/products/logstash>
+
+### Installation instructions
+
+Please follow the documentation on [how to install Logstash with Docker](https://www.elastic.co/guide/en/logstash/current/docker.html).
+
+## Documentation and Getting Started
+
+You can find the documentation and getting started guides for Logstash
+on the [elastic.co site](https://www.elastic.co/guide/en/logstash/current/getting-started-with-logstash.html).
+
+### Where to file issues and PRs
+
+- [Issues](https://github.com/elastic/logstash/issues)
+- [PRs](https://github.com/elastic/logstash/pulls)
+
+**Please open new issues and pull requests for plugins under its own repository**
+
+For example, if you have to report an issue/enhancement for the Elasticsearch output, please do so [here](https://github.com/logstash-plugins/logstash-output-elasticsearch/issues).
+
+## Need Help?
+
+- [Logstash Forum](https://discuss.elastic.co/c/logstash)
+- [Logstash Documentation](https://www.elastic.co/guide/en/logstash/current/index.html)
+- [Elastic Support](https://www.elastic.co/subscriptions)
+
+## Project Principles
+
+* Community: If a newbie has a bad time, it's a bug.
+* Software: Make it work, then make it right, then make it fast.
+* Technology: If it doesn't do a thing today, we can make it do it tomorrow.

docker/ironbank/go/src/env2yaml/go.mod

@@ -0,0 +1,5 @@
+module env2yaml
+
+go 1.13
+
+require gopkg.in/yaml.v2 v2.3.0

docker/ironbank/go/src/env2yaml/go.sum

@@ -0,0 +1,3 @@
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
+gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

docker/ironbank/go/src/env2yaml/vendor/modules.txt

@@ -0,0 +1,2 @@
+# gopkg.in/yaml.v2 v2.3.0
+gopkg.in/yaml.v2

docker/requirements.txt

@@ -0,0 +1,6 @@
+flake8==3.4.1
+jinja2-cli[yaml]==0.7.0
+jinja2==2.10.1
+retrying==1.3.3
+testinfra==1.6.0
+pyfiglet

docker/templates/Dockerfile.j2

@@ -0,0 +1,198 @@
+# This Dockerfile was generated from templates/Dockerfile.j2
+{% if local_artifacts == 'false' -%}
+{%   set url_root = 'https://artifacts.elastic.co/downloads/logstash' -%}
+{% else -%}
+{%   set url_root = 'http://localhost:8000' -%}
+{% endif -%}
+
+{% if image_flavor == 'oss' -%}
+  {% set tarball = 'logstash-oss-%s-linux-$(arch).tar.gz' % (elastic_version) -%}
+  {% set license = 'Apache 2.0' -%}
+{% else -%}
+  {% set tarball = 'logstash-%s-linux-$(arch).tar.gz' % (elastic_version) -%}
+  {% set license = 'Elastic License' -%}
+{% endif -%}
+
+{% if image_flavor == 'ubi8' -%}
+  {% set base_image = 'docker.elastic.co/ubi8/ubi-minimal' -%}
+  {% set package_manager = 'microdnf'  -%}
+  # Minimal distributions do not ship with en language packs.
+  {% set locale = 'C.UTF-8' -%}
+{% elif image_flavor == 'ironbank' -%}
+    {% set package_manager = 'yum'  -%}
+{% else -%}
+  {% set base_image = 'ubuntu:20.04'  -%}
+  {% set package_manager = 'apt-get' -%}
+  {% set locale = 'en_US.UTF-8' -%}
+{% endif -%}
+
+
+{% if image_flavor == 'ironbank' -%}
+ARG BASE_REGISTRY=registry1.dsop.io
+ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
+ARG BASE_TAG=8.6
+ARG LOGSTASH_VERSION={{ elastic_version }}
+ARG GOLANG_VERSION=1.17.8
+
+FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} AS env2yaml
+
+ARG GOLANG_VERSION
+
+# install golang
+RUN yum update -y && yum install -y git
+COPY go${GOLANG_VERSION}.linux-amd64.tar.gz /opt/go.tar.gz
+RUN tar -C /usr/local -xzf /opt/go.tar.gz
+ENV PATH=$PATH:/usr/local/go/bin
+
+# compile the env2yaml tool
+COPY v2.3.0.tar.gz /opt/env2yaml.tar.gz
+COPY scripts/go /usr/local/src/go
+WORKDIR /usr/local/src/go/src/env2yaml
+RUN mkdir -p vendor/gopkg.in
+RUN tar -zxf /opt/env2yaml.tar.gz -C vendor/gopkg.in
+RUN mv vendor/gopkg.in/yaml-2.3.0 vendor/gopkg.in/yaml.v2
+ENV GOPATH=/usr/local/src/go
+RUN go build -mod vendor
+
+# stage 1: unpack logstash
+FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} AS builder
+
+ARG LOGSTASH_VERSION
+
+WORKDIR /usr/share/
+COPY logstash-${LOGSTASH_VERSION}-linux-x86_64.tar.gz /opt/logstash.tar.gz
+
+RUN tar zxf /opt/logstash.tar.gz && \
+    mv /usr/share/logstash-${LOGSTASH_VERSION} /usr/share/logstash
+
+FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
+
+{% else -%}
+FROM {{ base_image }}
+
+{% endif -%}
+
+RUN for iter in {1..10}; do \
+{% if image_flavor == 'full' or image_flavor == 'oss' -%}
+    export DEBIAN_FRONTEND=noninteractive && \
+{% endif -%}
+    {{ package_manager }} update -y && \
+{% if image_flavor != 'ironbank' -%}
+    {{ package_manager }} upgrade -y && \
+{% endif -%}
+    {{ package_manager }} install -y procps findutils tar gzip curl && \
+{% if image_flavor == 'ubi8' or image_flavor == 'ironbank' -%}
+    {{ package_manager }} install -y which shadow-utils && \
+{% else -%}
+    {{ package_manager }} install -y locales && \
+{% endif -%}
+    {{ package_manager }} clean all && \
+{% if image_flavor == 'full' or image_flavor == 'oss' -%}
+    locale-gen 'en_US.UTF-8' && \
+    {{ package_manager }} clean metadata && \
+{% endif -%}
+    exit_code=0 && break || exit_code=$? && \
+    echo "packaging error: retry $iter in 10s" && \
+    {{ package_manager }} clean all && \
+{% if image_flavor == 'full' or image_flavor == 'oss' -%}
+    {{ package_manager }} clean metadata && \
+{% endif -%}
+    sleep 10; done; \
+    (exit $exit_code)
+
+# Provide a non-root user to run the process.
+RUN groupadd --gid 1000 logstash && \
+    adduser --uid 1000 --gid 1000 \
+      {% if image_flavor != 'ironbank' %} --home {% else %} --home-dir {% endif -%} /usr/share/logstash --no-create-home \
+      logstash
+
+{% if image_flavor == 'ironbank' -%}
+WORKDIR /usr/share/logstash
+COPY --from=env2yaml /usr/local/src/go/src/env2yaml/env2yaml /usr/local/bin/env2yaml
+COPY --from=builder --chown=1000:0 /usr/share/logstash /usr/share/logstash
+{% endif -%}
+
+# Add Logstash itself.
+RUN \
+{% if image_flavor != 'ironbank' -%} curl -Lo - {{ url_root }}/{{ tarball }} | \
+    tar zxf - -C /usr/share && \
+    mv /usr/share/logstash-{{ elastic_version }} /usr/share/logstash && \
+{% endif -%}
+    chown --recursive logstash:logstash /usr/share/logstash/ && \
+    chown -R logstash:root /usr/share/logstash && \
+    chmod -R g=u /usr/share/logstash && \
+    mkdir /licenses/ && \
+    mv /usr/share/logstash/NOTICE.TXT /licenses/NOTICE.TXT && \
+    mv /usr/share/logstash/LICENSE.txt /licenses/LICENSE.txt && \
+    find /usr/share/logstash -type d -exec chmod g+s {} \; && \
+    ln -s /usr/share/logstash /opt/logstash
+
+{% if image_flavor != 'ironbank' -%}
+WORKDIR /usr/share/logstash
+{% endif -%}
+ENV ELASTIC_CONTAINER true
+ENV PATH=/usr/share/logstash/bin:$PATH
+
+# Provide a minimal configuration, so that simple invocations will provide
+# a good experience.
+{% if image_flavor != 'ironbank' -%}
+ADD config/pipelines.yml config/pipelines.yml
+{% if image_flavor == 'oss' -%}
+ADD config/logstash-oss.yml config/logstash.yml
+{% else -%}
+ADD config/logstash-full.yml config/logstash.yml
+{% endif -%}
+ADD config/log4j2.properties config/
+ADD pipeline/default.conf pipeline/logstash.conf
+RUN chown --recursive logstash:root config/ pipeline/
+# Ensure Logstash gets the correct locale by default.
+ENV LANG={{ locale }} LC_ALL={{ locale }}
+ADD env2yaml/env2yaml /usr/local/bin/
+# Place the startup wrapper script.
+ADD bin/docker-entrypoint /usr/local/bin/
+{% else -%}
+COPY scripts/config/pipelines.yml config/pipelines.yml
+COPY scripts/config/logstash.yml config/logstash.yml
+COPY scripts/config/log4j2.properties config/
+COPY scripts/pipeline/default.conf pipeline/logstash.conf
+RUN chown --recursive logstash:root config/ pipeline/
+# Place the startup wrapper script.
+COPY scripts/bin/docker-entrypoint /usr/local/bin/
+{% endif -%}
+
+RUN chmod 0755 /usr/local/bin/docker-entrypoint
+
+USER 1000
+
+EXPOSE 9600 5044
+
+{% if image_flavor != 'ironbank' -%}
+LABEL  org.label-schema.schema-version="1.0" \
+  org.label-schema.vendor="Elastic" \
+  org.opencontainers.image.vendor="Elastic" \
+  org.label-schema.name="logstash" \
+  org.opencontainers.image.title="logstash" \
+  org.label-schema.version="{{ elastic_version }}" \
+  org.opencontainers.image.version="{{ elastic_version }}" \
+  org.label-schema.url="https://www.elastic.co/products/logstash" \
+  org.label-schema.vcs-url="https://github.com/elastic/logstash" \
+  org.label-schema.license="{{ license }}" \
+  org.opencontainers.image.licenses="{{ license }}" \
+  org.opencontainers.image.description="Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'" \
+  org.label-schema.build-date={{ created_date }} \
+{% if image_flavor == 'ubi8' -%}
+  license="{{ license }}" \
+  description="Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'" \
+  name="logstash" \
+  maintainer="info@elastic.co" \
+  summary="Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'" \
+  vendor="Elastic" \
+{% endif -%}
+  org.opencontainers.image.created={{ created_date }}
+{% endif -%}
+
+{% if image_flavor == 'ironbank' -%}
+HEALTHCHECK --interval=10s --timeout=5s --start-period=1m --retries=5 CMD curl -I -f --max-time 5 http://localhost:9600 || exit 1
+{% endif -%}
+
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint"]

docker/templates/hardening_manifest.yaml

@@ -0,0 +1,72 @@
+---
+apiVersion: v1
+
+# The repository name in registry1, excluding /ironbank/
+name: "elastic/logstash/logstash"
+
+# List of tags to push for the repository in registry1
+# The most specific version should be the first tag and will be shown
+# on ironbank.dsop.io
+tags:
+- "{{ elastic_version }}"
+- "latest"
+
+# Build args passed to Dockerfile ARGs
+args:
+  BASE_IMAGE: "redhat/ubi/ubi8"
+  BASE_TAG: "8.6"
+  LOGSTASH_VERSION: "{{ elastic_version }}"
+  GOLANG_VERSION: "1.17.8"
+
+# Docker image labels
+labels:
+  org.opencontainers.image.title: "logstash"
+  ## Human-readable description of the software packaged in the image
+  org.opencontainers.image.description: "Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite 'stash.'"
+  ## License(s) under which contained software is distributed
+  org.opencontainers.image.licenses: "Elastic License"
+  ## URL to find more information on the image
+  org.opencontainers.image.url: "https://www.elastic.co/products/logstash"
+  ## Name of the distributing entity, organization or individual
+  org.opencontainers.image.vendor: "Elastic"
+  org.opencontainers.image.version: "{{ elastic_version }}"
+  ## Keywords to help with search (ex. "cicd,gitops,golang")
+  # mil.dso.ironbank.image.keywords: "FIXME"
+  ## This value can be "opensource" or "commercial"
+  # mil.dso.ironbank.image.type: "FIXME"
+  ## Product the image belongs to for grouping multiple images
+  mil.dso.ironbank.product.name: "Logstash"
+
+# List of resources to make available to the offline build context
+resources:
+- filename: logstash-{{ elastic_version }}-linux-x86_64.tar.gz
+  url: <artifact_path>/logstash-{{ elastic_version }}-linux-x86_64.tar.gz
+  validation:
+    type: sha512
+    value: <INSERT SHA512 VALUE FROM https://artifacts.elastic.co/downloads/logstash/logstash-{{ elastic_version }}-linux-x86_64.tar.gz.sha512>
+- filename: go1.17.8.linux-amd64.tar.gz
+  url: https://dl.google.com/go/go1.17.8.linux-amd64.tar.gz
+  validation:
+    type: sha256
+    value: 980e65a863377e69fd9b67df9d8395fd8e93858e7a24c9f55803421e453f4f99
+- filename: v2.3.0.tar.gz
+  url: https://github.com/go-yaml/yaml/archive/v2.3.0.tar.gz
+  validation:
+    type: sha512
+    value: ba934e9cb5ebd2346d3897308b71d13bc6471a8dbc0dc0d46a02644ee6b6553d20c20393471b81025b572a9b03e3326bde9c3e8be156474f1a1f91ff027b6a4f
+
+# List of project maintainers
+maintainers:
+- name: "Nassim Kammah"
+  username: "nkammah"
+  email: "nassim.kammah@elastic.co"
+- name: "Joao Duarte"
+  username: "joaodiasduarte"
+  email: "joao@elastic.co"
+- name: "Rob Bavey"
+  username: "robbavey"
+  email: "rob.bavey@elastic.co"
+- name: "Kaise Cheng"
+  username: "kaisecheng"
+  email: "kaise.cheng@elastic.co"
+

docker/tox.ini

@@ -0,0 +1,5 @@
+# pytest fixtures (which are wonderful) trigger false positives for these
+# pyflakes checks.
+[flake8]
+ignore = F401,F811
+max-line-length = 120

docs/gs-index.asciidoc

@@ -20,7 +20,6 @@ release-state can be: released | prerelease | unreleased
 :filebeat:              https://www.elastic.co/guide/en/beats/filebeat/{branch}/
 :lsissue:               https://github.com/elastic/logstash/issues/
 :security:              X-Pack Security
-:stack:                 https://www.elastic.co/guide/en/elastic-stack/current/
 
 [[introduction]]
 == Logstash Introduction

docs/include/attributes-ls.asciidoc

@@ -0,0 +1,10 @@
+/////
+These settings control attributes for Logstash core content 
+in the Logstash Reference (LSR) only.
+ 
+Shared attributes for the plugin docs (in the LSR and VPR) should
+go in /docs/include/attributes-lsplugins.asciidoc instead 
+with a corresponding change to the VPR settings in 
+logstash-docs/docs/versioned-plugins/include/attributes-ls-vpr.asciidoc
+/////
+