Update marathon CI pipeline to reflect recent LS released versions. (#17579)

Fixes an error where this was being treated as a number rather than a string

.buildkite/aarch64_pipeline.yml

@@ -0,0 +1,161 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+agents:
+  provider: aws
+  imagePrefix: platform-ingest-logstash-ubuntu-2204-aarch64
+  instanceType: "m6g.4xlarge"
+  diskSizeGb: 200
+
+steps:
+  - group: "Testing Phase"
+    key: "testing-phase"
+    steps:
+      - label: ":rspec: Ruby unit tests"
+        key: "ruby-unit-tests"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          ci/unit_tests.sh ruby
+        retry:
+          automatic:
+            - limit: 3
+
+      - label: ":java: Java unit tests"
+        key: "java-unit-tests"
+        env:
+          # https://github.com/elastic/logstash/pull/15486 for background
+          ENABLE_SONARQUBE: "false"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          ci/unit_tests.sh java
+        retry:
+          automatic:
+            - limit: 3
+
+      - label: ":lab_coat: Integration Tests / part 1-of-3"
+        key: "integration-tests-part-1-of-3"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          ci/integration_tests.sh split 0 3
+        retry:
+          automatic:
+            - limit: 3
+
+      - label: ":lab_coat: Integration Tests / part 2-of-3"
+        key: "integration-tests-part-2-of-3"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          ci/integration_tests.sh split 1 3
+        retry:
+          automatic:
+            - limit: 3
+
+      - label: ":lab_coat: Integration Tests / part 3-of-3"
+        key: "integration-tests-part-3-of-3"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          ci/integration_tests.sh split 2 3
+        retry:
+          automatic:
+            - limit: 3
+
+      - label: ":lab_coat: IT Persistent Queues / part 1-of-3"
+        key: "integration-tests-qa-part-1-of-3"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          export FEATURE_FLAG=persistent_queues
+          ci/integration_tests.sh split 0 3
+        retry:
+          automatic:
+            - limit: 3
+
+      - label: ":lab_coat: IT Persistent Queues / part 2-of-3"
+        key: "integration-tests-qa-part-2-of-3"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          export FEATURE_FLAG=persistent_queues
+          ci/integration_tests.sh split 1 3
+        retry:
+          automatic:
+            - limit: 3
+
+      - label: ":lab_coat: IT Persistent Queues / part 3-of-3"
+        key: "integration-tests-qa-part-3-of-3"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          export FEATURE_FLAG=persistent_queues
+          ci/integration_tests.sh split 2 3
+        retry:
+          automatic:
+            - limit: 3
+
+      - label: ":lab_coat: x-pack unit tests"
+        key: "x-pack-unit-tests"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          x-pack/ci/unit_tests.sh
+        retry:
+          automatic:
+            - limit: 3
+
+      - label: ":lab_coat: x-pack integration"
+        key: "integration-tests-x-pack"
+        command: |
+          set -euo pipefail
+
+          source .buildkite/scripts/common/vm-agent.sh
+          x-pack/ci/integration_tests.sh
+        retry:
+          automatic:
+            - limit: 3
+
+  - group: "Acceptance Phase"
+    depends_on: "testing-phase"
+    key: "acceptance-phase"
+    steps:
+      - label: "Docker [{{matrix}}] flavor acceptance"
+        command:
+          set -euo pipefail
+          
+          source .buildkite/scripts/common/vm-agent.sh && ci/docker_acceptance_tests.sh {{matrix}}
+        retry:
+          automatic:
+            - limit: 3
+        matrix:
+          - "full"
+          - "oss"
+
+      # *** TODO: enable after clarifying if acceptance tests really need vagrant on aarch64
+      # - label: "Acceptance tests on {{matrix.distribution}}"
+      #   agents:
+      #     provider: aws
+      #     imagePrefix: platform-ingest-logstash-{{matrix.distribution}}-aarch64
+      #     instanceType: "m6g.4xlarge"
+      #     diskSizeGb: 200
+      #   command:
+      #     set -euo pipefail
+          
+      #     source .buildkite/scripts/common/vm-agent.sh && ci/acceptance_tests.sh {{matrix.suite}}
+      #   matrix:
+      #     setup:
+      #       suite:
+      #         - "debian"
+      #       distribution:
+      #         - "ubuntu-2204"

.buildkite/benchmark_marathon_pipeline.yml

@@ -0,0 +1,11 @@
+agents:
+  provider: gcp
+  imageProject: elastic-images-prod
+  image: family/platform-ingest-logstash-ubuntu-2204
+  machineType: "n2-standard-16"
+  diskSizeGb: 100
+  diskType: pd-ssd
+
+steps:
+  - label: "Benchmark Marathon"
+    command: .buildkite/scripts/benchmark/marathon.sh

.buildkite/benchmark_pipeline.yml

@@ -0,0 +1,14 @@
+agents:
+  provider: gcp
+  imageProject: elastic-images-prod
+  image: family/platform-ingest-logstash-ubuntu-2204
+  machineType: "n2-standard-16"
+  diskSizeGb: 100
+  diskType: pd-ssd
+
+steps:
+  - label: "Benchmark Snapshot"
+    retry:
+      automatic:
+        - limit: 3
+    command: .buildkite/scripts/benchmark/main.sh

.buildkite/dra_pipeline.yml

@@ -0,0 +1,15 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+steps:
+  - label: ":pipeline: Generate steps"
+    command: |
+      set -euo pipefail
+      
+      echo "--- Building [$${WORKFLOW_TYPE}] artifacts"
+      python3 -m pip install pyyaml
+      echo "--- Building dynamic pipeline steps"
+      python3 .buildkite/scripts/dra/generatesteps.py > steps.yml
+      echo "--- Printing dynamic pipeline steps"
+      cat steps.yml
+      echo "--- Uploading dynamic pipeline steps"
+      cat steps.yml | buildkite-agent pipeline upload

.buildkite/exhaustive_tests_pipeline.yml

@@ -0,0 +1,39 @@
+steps:
+  - label: "Exhaustive tests pipeline"
+    command: |
+      #!/usr/bin/env bash
+      echo "--- Check for docs changes"
+      set +e
+      .buildkite/scripts/common/check-files-changed.sh '^docs/.*'
+      if [[ $$? -eq 0 ]]; then
+        echo "^^^ +++"
+        echo "Skipping running pipeline as all changes are related to docs."
+        exit 0
+      else
+        echo "Changes are not exclusively related to docs, continuing."
+      fi
+
+      set -eo pipefail
+
+      echo "--- Downloading prerequisites"
+      python3 -m pip install ruamel.yaml
+      curl -fsSL --retry-max-time 60 --retry 3 --retry-delay 5 -o /usr/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+      chmod a+x /usr/bin/yq
+
+      echo "--- Printing generated dynamic steps"
+      set +e
+      python3 .buildkite/scripts/exhaustive-tests/generate-steps.py >pipeline_steps.yml
+      if [[ $$? -ne 0 ]]; then
+        echo "^^^ +++"
+        echo "There was a problem rendering the pipeline steps."
+        cat pipeline_steps.yml
+        echo "Exiting now."
+        exit 1
+      else
+        set -eo pipefail
+        cat pipeline_steps.yml | yq .
+      fi
+
+      set -eo pipefail
+      echo "--- Uploading steps to buildkite"
+      cat pipeline_steps.yml | buildkite-agent pipeline upload

.buildkite/health_report_tests_pipeline.yml

@@ -0,0 +1,20 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+agents:
+  provider: gcp
+  imageProject: elastic-images-prod
+  image: family/platform-ingest-logstash-ubuntu-2204
+  machineType: "n2-standard-4"
+  diskSizeGb: 64
+
+steps:
+  - group: ":logstash: Health API integration tests"
+    key: "testing-phase"
+    steps:
+      - label: "main branch"
+        key: "integ-tests-on-main-branch"
+        command:
+          - .buildkite/scripts/health-report-tests/main.sh
+        retry:
+          automatic:
+            - limit: 3

.buildkite/jdk_availability_check_pipeline.yml

@@ -0,0 +1,14 @@
+steps:
+  - label: "JDK Availability check"
+    key: "jdk-availability-check"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+      cpu: "4"
+      memory: "6Gi"
+      ephemeralStorage: "100Gi"
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      export GRADLE_OPTS="-Xmx2g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info"
+      ci/check_jdk_version_availability.sh

.buildkite/linux_jdk_matrix_pipeline.yml

@@ -0,0 +1,96 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+# Before adding an Operating System to the JDK matrix:
+#  - Ensure the image is available in https://github.com/elastic/ci-agent-images/blob/main/vm-images/platform-ingest/logstash-multi-jdk.yml
+#  - If image doesn't exist, review https://docs.elastic.dev/ingest-dev-docs/engineer-productivity/custom-ci-images
+
+env:
+  DEFAULT_MATRIX_OS: "ubuntu-2204"
+  DEFAULT_MATRIX_JDK: "adoptiumjdk_21"
+
+steps:
+  - input: "Test Parameters"
+    if: build.source != "schedule" && build.source != "trigger_job"
+    fields:
+      - select: "Operating System"
+        key: "matrix-os"
+        hint: "The operating system variant(s) to run on:"
+        required: true
+        multiple: true
+        default: "${DEFAULT_MATRIX_OS}"
+        options:
+          - label: "Ubuntu 24.04"
+            value: "ubuntu-2404"
+          - label: "Ubuntu 22.04"
+            value: "ubuntu-2204"
+          - label: "Ubuntu 20.04"
+            value: "ubuntu-2004"
+          - label: "Debian 12"
+            value: "debian-12"
+          - label: "Debian 11"
+            value: "debian-11"
+          - label: "RHEL 9"
+            value: "rhel-9"
+          - label: "RHEL 8"
+            value: "rhel-8"
+          - label: "Oracle Linux 8"
+            value: "oraclelinux-8"
+          - label: "Oracle Linux 7"
+            value: "oraclelinux-7"
+          - label: "Rocky Linux 8"
+            value: "rocky-linux-8"
+          - label: "Rocky Linux 9"
+            value: "rocky-linux-9"
+          - label: "Alma Linux 8"
+            value: "almalinux-8"
+          - label: "Alma Linux 9"
+            value: "almalinux-9"
+          - label: "Amazon Linux (2023)"
+            value: "amazonlinux-2023"
+          - label: "OpenSUSE Leap 15"
+            value: "opensuse-leap-15"
+
+      - select: "Java"
+        key: "matrix-jdk"
+        hint: "The JDK to test with:"
+        required: true
+        multiple: true
+        default: "${DEFAULT_MATRIX_JDK}"
+        options:
+          - label: "Adoptium JDK 21 (Eclipse Temurin)"
+            value: "adoptiumjdk_21"
+          - label: "Adoptium JDK 17 (Eclipse Temurin)"
+            value: "adoptiumjdk_17"
+          - label: "OpenJDK 21"
+            value: "openjdk_21"
+          - label: "Zulu 21"
+            value: "zulu_21"
+          - label: "Zulu 17"
+            value: "zulu_17"
+
+  - wait: ~
+    if: build.source != "schedule" && build.source != "trigger_job"
+
+  - command: |
+      set -euo pipefail
+
+      echo "--- Downloading prerequisites"
+      python3 -m pip install ruamel.yaml
+
+      echo "--- Printing generated dynamic steps"
+      export MATRIX_OSES="$(buildkite-agent meta-data get matrix-os --default=${DEFAULT_MATRIX_OS})"
+      export MATRIX_JDKS="$(buildkite-agent meta-data get matrix-jdk --default=${DEFAULT_MATRIX_JDK})"
+      set +eo pipefail
+      python3 .buildkite/scripts/jdk-matrix-tests/generate-steps.py >pipeline_steps.yml
+      if [[ $$? -ne 0 ]]; then
+        echo "^^^ +++"
+        echo "There was a problem rendering the pipeline steps."
+        cat pipeline_steps.yml
+        echo "Exiting now."
+        exit 1
+      else
+        set -eo pipefail
+        cat pipeline_steps.yml
+      fi
+
+      echo "--- Uploading steps to buildkite"
+      cat pipeline_steps.yml | buildkite-agent pipeline upload

.buildkite/pull-requests.json

@@ -0,0 +1,26 @@
+{
+    "jobs": [
+      {
+        "enabled": true,
+        "pipeline_slug": "logstash-pull-request-pipeline",
+        "allow_org_users": true,
+        "allowed_repo_permissions": ["admin", "write"],
+        "allowed_list": ["dependabot[bot]", "mergify[bot]", "github-actions[bot]", "elastic-vault-github-plugin-prod[bot]"],
+        "set_commit_status": true,
+        "build_on_commit": true,
+        "build_on_comment": true,
+        "trigger_comment_regex": "^(?:(?:buildkite\\W+)?(?:build|test)\\W+(?:this|it))",
+        "always_trigger_comment_regex": "^(?:(?:buildkite\\W+)?(?:build|test)\\W+(?:this|it))",
+        "skip_ci_labels": [ ],
+        "skip_target_branches": [ ],
+        "skip_ci_on_only_changed": [
+          "^.github/",
+          "^docs/",
+          "^.mergify.yml$",
+          "^.pre-commit-config.yaml",
+          "\\.md$"
+        ],
+        "always_require_ci_on_changed": [ ]
+      }
+    ]
+  }

.buildkite/pull_request_pipeline.yml

@@ -0,0 +1,243 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+steps:
+  - label: ":passport_control: License check"
+    key: "license-check"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+      cpu: "4"
+      memory: "6Gi"
+      ephemeralStorage: "100Gi"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      export JRUBY_OPTS="-J-Xmx1g"
+      export GRADLE_OPTS="-Xmx2g -Dorg.gradle.daemon=false -Dorg.gradle.logging.level=info"
+      ci/license_check.sh -m 4G
+
+  - label: ":rspec: Ruby unit tests"
+    key: "ruby-unit-tests"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "4"
+      memory: "8Gi"
+      ephemeralStorage: "100Gi"
+      # Run as a non-root user
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      ci/unit_tests.sh ruby
+    artifact_paths:
+      - "coverage/coverage.json"
+
+  - label: ":java: Java unit tests"
+    key: "java-unit-tests"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+    retry:
+      automatic:
+        - limit: 3
+    env:
+      ENABLE_SONARQUBE: true
+    command: |
+      set -euo pipefail      
+      source .buildkite/scripts/common/container-agent.sh
+      ci/unit_tests.sh java
+    artifact_paths:
+      - "**/build/test-results/javaTests/TEST-*.xml"
+      - "**/jacocoTestReport.xml"
+      - "**/build/classes/**/*.*"
+
+  - label: ":sonarqube: Continuous Code Inspection"
+    if: | 
+      build.pull_request.id != null || 
+      build.branch == "main" || 
+      build.branch =~ /^[0-9]+\.[0-9]+\$/
+    env:
+      VAULT_SONAR_TOKEN_PATH: "kv/ci-shared/platform-ingest/elastic/logstash/sonar-analyze-token"
+    agents:
+      image: "docker.elastic.co/cloud-ci/sonarqube/buildkite-scanner:latest"
+    command:
+      - "buildkite-agent artifact download --step ruby-unit-tests coverage/coverage.json ."
+      - "buildkite-agent artifact download --step java-unit-tests **/jacocoTestReport.xml ."
+      - "buildkite-agent artifact download --step java-unit-tests **/build/classes/**/*.* ."
+      - "/scan-source-code.sh"
+    depends_on:
+      - "ruby-unit-tests"
+      - "java-unit-tests"
+    retry:
+      manual:
+        allowed: true
+
+  - label: ":lab_coat: Integration Tests / part 1-of-3"
+    key: "integration-tests-part-1-of-3"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as a non-root user
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      ci/integration_tests.sh split 0 3
+
+  - label: ":lab_coat: Integration Tests / part 2-of-3"
+    key: "integration-tests-part-2-of-3"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as a non-root user
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      ci/integration_tests.sh split 1 3
+
+  - label: ":lab_coat: Integration Tests / part 3-of-3"
+    key: "integration-tests-part-3-of-3"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as a non-root user
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      ci/integration_tests.sh split 2 3
+
+  - label: ":lab_coat: IT Persistent Queues / part 1-of-3"
+    key: "integration-tests-qa-part-1-of-3"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as non root (logstash) user. UID is hardcoded in image.
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      export FEATURE_FLAG=persistent_queues
+      ci/integration_tests.sh split 0 3
+
+  - label: ":lab_coat: IT Persistent Queues / part 2-of-3"
+    key: "integration-tests-qa-part-2-of-3"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as non root (logstash) user. UID is hardcoded in image.
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      export FEATURE_FLAG=persistent_queues
+      ci/integration_tests.sh split 1 3
+
+  - label: ":lab_coat: IT Persistent Queues / part 3-of-3"
+    key: "integration-tests-qa-part-3-of-3"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as non root (logstash) user. UID is hardcoded in image.
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      export FEATURE_FLAG=persistent_queues
+      ci/integration_tests.sh split 2 3
+
+  - label: ":lab_coat: x-pack unit tests"
+    key: "x-pack-unit-tests"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as non root (logstash) user. UID is hardcoded in image.
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      x-pack/ci/unit_tests.sh
+
+  - label: ":lab_coat: x-pack integration"
+    key: "integration-tests-x-pack"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci-no-root"
+      cpu: "8"
+      memory: "16Gi"
+      ephemeralStorage: "100Gi"
+      # Run as non root (logstash) user. UID is hardcoded in image.
+      imageUID: "1002"
+    retry:
+      automatic:
+        - limit: 3
+    command: |
+      set -euo pipefail
+
+      source .buildkite/scripts/common/container-agent.sh
+      x-pack/ci/integration_tests.sh
+
+  - wait: ~
+    continue_on_failure: true
+
+  - label: "🏁 Annotate JUnit results"
+    # the plugin requires docker run, hence the use of a VM
+    agents:
+      provider: gcp
+      imageProject: elastic-images-prod
+      image: family/platform-ingest-logstash-ubuntu-2204
+      machineType: "n2-standard-2"
+    plugins:
+      - junit-annotate#v2.4.1:
+          artifacts: "**/TEST-*.xml"

.buildkite/scripts/benchmark/README.md

@@ -0,0 +1,22 @@
+## Steps to set up GCP instance to run benchmark script
+- Create an instance "n2-standard-16" with Ubuntu image
+- Install docker
+  - `sudo snap install docker`
+  - `sudo usermod -a -G docker $USER`
+- Install jq
+- Install vault
+  - `sudo snap install vault`
+  - `vault login --method github`
+  - `vault kv get -format json secret/ci/elastic-logstash/benchmark`
+- Setup Elasticsearch index mapping and alias with `setup/*`
+- Import Kibana dashboard with `save-objects/*`
+- Run the benchmark script
+  - Send data to your own Elasticsearch. Customise `VAULT_PATH="secret/ci/elastic-logstash/your/path"`
+  - Run the script `main.sh` 
+    - or run in background `nohup bash -x main.sh > log.log 2>&1 &`
+
+## Notes
+- Benchmarks should only be compared using the same hardware setup.
+- Please do not send the test metrics to the benchmark cluster. You can set `VAULT_PATH` to send data and metrics to your own server.
+- Run `all.sh` as calibration which gives you a baseline of performance in different versions.
+- [#16586](https://github.com/elastic/logstash/pull/16586) allows legacy monitoring using the configuration `xpack.monitoring.allow_legacy_collection: true`, which is not recognized in version 8. To run benchmarks in version 8, use the script of the corresponding branch (e.g. `8.16`) instead of `main` in buildkite.

.buildkite/scripts/benchmark/config/filebeat.yml

@@ -0,0 +1,15 @@
+http.enabled: false
+filebeat.inputs:
+- type: log
+  symlinks: true
+  paths:
+  - "/usr/share/filebeat/flog/*.log"
+logging.level: info
+output.logstash:
+  hosts:
+    - "localhost:5044"
+  ttl: 10ms
+  bulk_max_size: 2048
+# queue.mem:
+#   events: 4096
+#   flush.min_events: 2048

.buildkite/scripts/benchmark/config/logstash.yml

@@ -0,0 +1,10 @@
+api.http.host: 0.0.0.0
+pipeline.workers: ${WORKER} 
+pipeline.batch.size: ${BATCH_SIZE}
+queue.type: ${QTYPE}
+
+xpack.monitoring.allow_legacy_collection: true
+xpack.monitoring.enabled: true
+xpack.monitoring.elasticsearch.username: ${MONITOR_ES_USER}
+xpack.monitoring.elasticsearch.password: ${MONITOR_ES_PW}
+xpack.monitoring.elasticsearch.hosts: ["${MONITOR_ES_HOST}"]

.buildkite/scripts/benchmark/config/pipelines.yml

@@ -0,0 +1,44 @@
+- pipeline.id: main
+  config.string: |
+    input { 
+      beats {
+        port => 5044
+      }
+    } 
+    output { 
+      elasticsearch {
+        hosts => [ "${BENCHMARK_ES_HOST}" ]
+        user => "${BENCHMARK_ES_USER}"
+        password => "${BENCHMARK_ES_PW}"
+      }
+    }
+- pipeline.id: node_stats
+  config.string: |
+    input {
+      http_poller {
+        urls => {
+          NodeStats => {
+            method => get
+            url => "http://localhost:9600/_node/stats"
+          }
+        }
+        schedule => { every => "30s"}
+        codec => "json"
+      }
+    }
+    filter {
+      mutate { 
+        remove_field => [ "host", "[pipelines][.monitoring-logstash]", "event" ]
+        add_field => { "[benchmark][label]" => "${QTYPE}_w${WORKER}b${BATCH_SIZE}" }
+      }
+    }
+    output {
+      elasticsearch {
+        hosts => [ "${BENCHMARK_ES_HOST}" ]
+        user => "${BENCHMARK_ES_USER}"
+        password => "${BENCHMARK_ES_PW}"
+        data_stream_type => "metrics"
+        data_stream_dataset => "nodestats"
+        data_stream_namespace => "logstash"
+      }
+    }

.buildkite/scripts/benchmark/config/uuid

@@ -0,0 +1 @@
+f74f1a28-25e9-494f-ba41-ca9f13d4446d

.buildkite/scripts/benchmark/core.sh

@@ -0,0 +1,331 @@
+#!/usr/bin/env bash
+set -eo pipefail
+
+SCRIPT_PATH="$(dirname "${BASH_SOURCE[0]}")"
+CONFIG_PATH="$SCRIPT_PATH/config"
+source "$SCRIPT_PATH/util.sh"
+
+usage() {
+  echo "Usage: $0 [FB_CNT] [QTYPE] [CPU] [MEM]"
+  echo "Example: $0 4 {persisted|memory|all} 2 2"
+  exit 1
+}
+
+parse_args() {
+  while [[ "$#" -gt 0 ]]; do
+    if [ -z "$FB_CNT" ]; then
+      FB_CNT=$1
+    elif [ -z "$QTYPE" ]; then
+      case $1 in
+        all | persisted | memory)
+            QTYPE=$1
+            ;;
+        *)
+          echo "Error: wrong queue type $1"
+          usage
+          ;;
+      esac
+    elif [ -z "$CPU" ]; then
+      CPU=$1
+    elif [ -z "$MEM" ]; then
+      MEM=$1
+    else
+      echo "Error: Too many arguments"
+      usage
+    fi
+    shift
+  done
+
+  # set default value
+  # number of filebeat
+  FB_CNT=${FB_CNT:-4}
+  # all | persisted | memory
+  QTYPE=${QTYPE:-all}
+  CPU=${CPU:-4}
+  MEM=${MEM:-4}
+  XMX=$((MEM / 2))
+
+  IFS=','
+  # worker multiplier: 1,2,4
+  MULTIPLIERS="${MULTIPLIERS:-1,2,4}"
+  read -ra MULTIPLIERS <<< "$MULTIPLIERS"
+  BATCH_SIZES="${BATCH_SIZES:-500}"
+  read -ra BATCH_SIZES <<< "$BATCH_SIZES"
+  # tags to json array
+  read -ra TAG_ARRAY <<< "$TAGS"
+  JSON_TAGS=$(printf '"%s",' "${TAG_ARRAY[@]}" | sed 's/,$//')
+  JSON_TAGS="[$JSON_TAGS]"
+
+  IFS=' '
+  echo "filebeats: $FB_CNT, cpu: $CPU, mem: $MEM, Queue: $QTYPE, worker multiplier: ${MULTIPLIERS[@]}, batch size: ${BATCH_SIZES[@]}"
+}
+
+get_secret() {
+  VAULT_PATH=${VAULT_PATH:-secret/ci/elastic-logstash/benchmark}
+  VAULT_DATA=$(vault kv get -format json $VAULT_PATH)
+  BENCHMARK_ES_HOST=$(echo $VAULT_DATA | jq -r '.data.es_host')
+  BENCHMARK_ES_USER=$(echo $VAULT_DATA | jq -r '.data.es_user')
+  BENCHMARK_ES_PW=$(echo $VAULT_DATA | jq -r '.data.es_pw')
+
+  MONITOR_ES_HOST=$(echo $VAULT_DATA | jq -r '.data.monitor_es_host')
+  MONITOR_ES_USER=$(echo $VAULT_DATA | jq -r '.data.monitor_es_user')
+  MONITOR_ES_PW=$(echo $VAULT_DATA | jq -r '.data.monitor_es_pw')
+}
+
+pull_images() {
+  echo "--- Pull docker images"
+
+  if [[ -n "$LS_VERSION" ]]; then
+    # pull image if it doesn't exist in local
+    [[ -z $(docker images -q docker.elastic.co/logstash/logstash:$LS_VERSION) ]] && docker pull "docker.elastic.co/logstash/logstash:$LS_VERSION"
+  else
+    # pull the latest snapshot logstash image
+    # select the SNAPSHOT artifact with the highest semantic version number
+    LS_VERSION=$( curl --retry-all-errors --retry 5 --retry-delay 1 -s "https://storage.googleapis.com/artifacts-api/snapshots/main.json" | jq -r '.version' )
+    BUILD_ID=$(curl --retry-all-errors --retry 5 --retry-delay 1 -s "https://storage.googleapis.com/artifacts-api/snapshots/main.json" | jq -r '.build_id')
+    ARCH=$(arch)
+    IMAGE_URL="https://snapshots.elastic.co/${BUILD_ID}/downloads/logstash/logstash-$LS_VERSION-docker-image-$ARCH.tar.gz"
+    IMAGE_FILENAME="$LS_VERSION.tar.gz"
+
+    echo "Download $LS_VERSION from $IMAGE_URL"
+    [[ ! -e $IMAGE_FILENAME ]] && curl -fsSL --retry-max-time 60 --retry 3 --retry-delay 5 -o "$IMAGE_FILENAME" "$IMAGE_URL"
+    [[ -z $(docker images -q docker.elastic.co/logstash/logstash:$LS_VERSION) ]] && docker load -i "$IMAGE_FILENAME"
+  fi
+
+  # pull filebeat image
+  FB_DEFAULT_VERSION="8.13.4"
+  FB_VERSION=${FB_VERSION:-$FB_DEFAULT_VERSION}
+  docker pull "docker.elastic.co/beats/filebeat:$FB_VERSION"
+}
+
+generate_logs() {
+  FLOG_FILE_CNT=${FLOG_FILE_CNT:-4}
+  SINGLE_SIZE=524288000
+  TOTAL_SIZE="$((FLOG_FILE_CNT * SINGLE_SIZE))"
+  FLOG_PATH="$SCRIPT_PATH/flog"
+  mkdir -p $FLOG_PATH
+
+  if [[ ! -e "$FLOG_PATH/log${FLOG_FILE_CNT}.log" ]]; then
+    echo "--- Generate logs in background. log: ${FLOG_FILE_CNT}, each size: 500mb"
+    docker run -d --name=flog --rm -v $FLOG_PATH:/go/src/data mingrammer/flog -t log -w -o "/go/src/data/log.log" -b $TOTAL_SIZE -p $SINGLE_SIZE
+  fi
+}
+
+check_logs() {
+  echo "--- Check log generation"
+
+  local cnt=0
+  until [[ -e "$FLOG_PATH/log${FLOG_FILE_CNT}.log" || $cnt -gt 600 ]]; do
+    echo "wait 30s" && sleep 30
+    cnt=$((cnt + 30))
+  done
+
+  ls -lah $FLOG_PATH
+}
+
+start_logstash() {
+  LS_CONFIG_PATH=$SCRIPT_PATH/ls/config
+  mkdir -p $LS_CONFIG_PATH
+
+  cp $CONFIG_PATH/pipelines.yml $LS_CONFIG_PATH/pipelines.yml
+  cp $CONFIG_PATH/logstash.yml $LS_CONFIG_PATH/logstash.yml
+  cp $CONFIG_PATH/uuid $LS_CONFIG_PATH/uuid
+
+  remove_v9_config
+
+  LS_JAVA_OPTS=${LS_JAVA_OPTS:--Xmx${XMX}g}
+  docker run -d --name=ls --net=host --cpus=$CPU --memory=${MEM}g -e LS_JAVA_OPTS="$LS_JAVA_OPTS" \
+    -e QTYPE="$QTYPE" -e WORKER="$WORKER" -e BATCH_SIZE="$BATCH_SIZE" \
+    -e BENCHMARK_ES_HOST="$BENCHMARK_ES_HOST" -e BENCHMARK_ES_USER="$BENCHMARK_ES_USER" -e BENCHMARK_ES_PW="$BENCHMARK_ES_PW" \
+    -e MONITOR_ES_HOST="$MONITOR_ES_HOST" -e MONITOR_ES_USER="$MONITOR_ES_USER" -e MONITOR_ES_PW="$MONITOR_ES_PW" \
+    -v $LS_CONFIG_PATH/logstash.yml:/usr/share/logstash/config/logstash.yml:ro \
+    -v $LS_CONFIG_PATH/pipelines.yml:/usr/share/logstash/config/pipelines.yml:ro \
+    -v $LS_CONFIG_PATH/uuid:/usr/share/logstash/data/uuid:ro \
+    docker.elastic.co/logstash/logstash:$LS_VERSION
+}
+
+remove_v9_config() {
+  local config_path="$LS_CONFIG_PATH/logstash.yml"
+  local major_version=$(echo $LS_VERSION | cut -d. -f1)
+  if [ "$major_version" -lt 9 ]; then
+    echo "Remove v9 config 'xpack.monitoring.allow_legacy_collection' from logstash.yml"
+
+    if [[ "$(uname)" == "Darwin" ]]; then
+      sed -i '' '/xpack\.monitoring\.allow_legacy_collection/d' "$config_path"
+    else
+      sed -i '/xpack\.monitoring\.allow_legacy_collection/d' "$config_path"
+    fi
+  fi
+}
+
+start_filebeat() {
+  for ((i = 0; i < FB_CNT; i++)); do
+    FB_PATH="$SCRIPT_PATH/fb${i}"
+    mkdir -p $FB_PATH
+
+    cp $CONFIG_PATH/filebeat.yml $FB_PATH/filebeat.yml
+
+    docker run -d --name=fb$i --net=host --user=root \
+        -v $FB_PATH/filebeat.yml:/usr/share/filebeat/filebeat.yml \
+        -v $SCRIPT_PATH/flog:/usr/share/filebeat/flog \
+        docker.elastic.co/beats/filebeat:$FB_VERSION filebeat -e --strict.perms=false
+  done
+}
+
+capture_stats() {
+  CURRENT=$(jq -r '.flow.output_throughput.current' $NS_JSON)
+  local eps_1m=$(jq -r '.flow.output_throughput.last_1_minute' $NS_JSON)
+  local eps_5m=$(jq -r '.flow.output_throughput.last_5_minutes' $NS_JSON)
+  local worker_util=$(jq -r '.pipelines.main.flow.worker_utilization.last_1_minute' $NS_JSON)
+  local worker_concurr=$(jq -r '.pipelines.main.flow.worker_concurrency.last_1_minute' $NS_JSON)
+  local cpu_percent=$(jq -r '.process.cpu.percent' $NS_JSON)
+  local heap=$(jq -r '.jvm.mem.heap_used_in_bytes' $NS_JSON)
+  local non_heap=$(jq -r '.jvm.mem.non_heap_used_in_bytes' $NS_JSON)
+  local q_event_cnt=$(jq -r '.pipelines.main.queue.events_count' $NS_JSON)
+  local q_size=$(jq -r '.pipelines.main.queue.queue_size_in_bytes' $NS_JSON)
+  TOTAL_EVENTS_OUT=$(jq -r '.pipelines.main.events.out' $NS_JSON)
+  printf "current: %s, 1m: %s, 5m: %s, worker_utilization: %s, worker_concurrency: %s, cpu: %s, heap: %s, non-heap: %s, q_events: %s, q_size: %s, total_events_out: %s\n" \
+    $CURRENT $eps_1m $eps_5m $worker_util $worker_concurr $cpu_percent $heap $non_heap $q_event_cnt $q_size $TOTAL_EVENTS_OUT
+}
+
+aggregate_stats() {
+  local file_glob="$SCRIPT_PATH/$NS_DIR/${QTYPE:0:1}_w${WORKER}b${BATCH_SIZE}_*.json"
+  MAX_EPS_1M=$( jqmax '.flow.output_throughput.last_1_minute' "$file_glob" )
+  MAX_EPS_5M=$( jqmax '.flow.output_throughput.last_5_minutes' "$file_glob" )
+  MAX_WORKER_UTIL=$( jqmax '.pipelines.main.flow.worker_utilization.last_1_minute' "$file_glob" )
+  MAX_WORKER_CONCURR=$( jqmax '.pipelines.main.flow.worker_concurrency.last_1_minute' "$file_glob" )
+  MAX_Q_EVENT_CNT=$( jqmax '.pipelines.main.queue.events_count' "$file_glob" )
+  MAX_Q_SIZE=$( jqmax '.pipelines.main.queue.queue_size_in_bytes' "$file_glob" )
+
+  AVG_CPU_PERCENT=$( jqavg '.process.cpu.percent' "$file_glob" )
+  AVG_VIRTUAL_MEM=$( jqavg '.process.mem.total_virtual_in_bytes' "$file_glob" )
+  AVG_HEAP=$( jqavg '.jvm.mem.heap_used_in_bytes' "$file_glob" )
+  AVG_NON_HEAP=$( jqavg '.jvm.mem.non_heap_used_in_bytes' "$file_glob" )
+}
+
+send_summary() {
+  echo "--- Send summary to Elasticsearch"
+
+  # build json
+  local timestamp
+  timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S")
+  SUMMARY="{\"timestamp\": \"$timestamp\", \"version\": \"$LS_VERSION\", \"cpu\": \"$CPU\", \"mem\": \"$MEM\", \"workers\": \"$WORKER\", \"batch_size\": \"$BATCH_SIZE\", \"queue_type\": \"$QTYPE\""
+  not_empty "$TOTAL_EVENTS_OUT" && SUMMARY="$SUMMARY, \"total_events_out\": \"$TOTAL_EVENTS_OUT\""
+  not_empty "$MAX_EPS_1M" && SUMMARY="$SUMMARY, \"max_eps_1m\": \"$MAX_EPS_1M\""
+  not_empty "$MAX_EPS_5M" && SUMMARY="$SUMMARY, \"max_eps_5m\": \"$MAX_EPS_5M\""
+  not_empty "$MAX_WORKER_UTIL" && SUMMARY="$SUMMARY, \"max_worker_utilization\": \"$MAX_WORKER_UTIL\""
+  not_empty "$MAX_WORKER_CONCURR" && SUMMARY="$SUMMARY, \"max_worker_concurrency\": \"$MAX_WORKER_CONCURR\""
+  not_empty "$AVG_CPU_PERCENT" && SUMMARY="$SUMMARY, \"avg_cpu_percentage\": \"$AVG_CPU_PERCENT\""
+  not_empty "$AVG_HEAP" && SUMMARY="$SUMMARY, \"avg_heap\": \"$AVG_HEAP\""
+  not_empty "$AVG_NON_HEAP" && SUMMARY="$SUMMARY, \"avg_non_heap\": \"$AVG_NON_HEAP\""
+  not_empty "$AVG_VIRTUAL_MEM" && SUMMARY="$SUMMARY, \"avg_virtual_memory\": \"$AVG_VIRTUAL_MEM\""
+  not_empty "$MAX_Q_EVENT_CNT" && SUMMARY="$SUMMARY, \"max_queue_events\": \"$MAX_Q_EVENT_CNT\""
+  not_empty "$MAX_Q_SIZE" && SUMMARY="$SUMMARY, \"max_queue_bytes_size\": \"$MAX_Q_SIZE\""
+  not_empty "$TAGS" && SUMMARY="$SUMMARY, \"tags\": $JSON_TAGS"
+  SUMMARY="$SUMMARY}"
+
+  tee summary.json << EOF
+{"index": {}}
+$SUMMARY
+EOF
+
+  # send to ES
+  local resp
+  local err_status
+  resp=$(curl -s -X POST -u "$BENCHMARK_ES_USER:$BENCHMARK_ES_PW" "$BENCHMARK_ES_HOST/benchmark_summary/_bulk" -H 'Content-Type: application/json' --data-binary @"summary.json")
+  echo "$resp"
+  err_status=$(echo "$resp" | jq -r ".errors")
+  if [[ "$err_status" == "true" ]]; then
+    echo "Failed to send summary"
+    exit 1
+  fi
+}
+
+# $1: snapshot index
+node_stats() {
+  NS_JSON="$SCRIPT_PATH/$NS_DIR/${QTYPE:0:1}_w${WORKER}b${BATCH_SIZE}_$1.json" # m_w8b1000_0.json
+
+  # curl inside container because docker on mac cannot resolve localhost to host network interface
+  docker exec -i ls curl localhost:9600/_node/stats > "$NS_JSON" 2> /dev/null
+}
+
+# $1: index
+snapshot() {
+  node_stats $1
+  capture_stats
+}
+
+create_directory() {
+  NS_DIR="fb${FB_CNT}c${CPU}m${MEM}" # fb4c4m4
+  mkdir -p "$SCRIPT_PATH/$NS_DIR"
+}
+
+queue() {
+  for QTYPE in "persisted" "memory"; do
+    worker
+  done
+}
+
+worker() {
+  for m in "${MULTIPLIERS[@]}"; do
+    WORKER=$((CPU * m))
+    batch
+  done
+}
+
+batch() {
+  for BATCH_SIZE in "${BATCH_SIZES[@]}"; do
+    run_pipeline
+    stop_pipeline
+  done
+}
+
+run_pipeline() {
+  echo "--- Run pipeline. queue type: $QTYPE, worker: $WORKER, batch size: $BATCH_SIZE"
+
+  start_logstash
+  start_filebeat
+  docker ps
+
+  echo "(0) sleep 3m" && sleep 180
+  snapshot "0"
+
+  for i in {1..8}; do
+    echo "($i) sleep 30s" && sleep 30
+    snapshot "$i"
+
+    # print docker log when ingestion rate is zero
+    # remove '.' in number and return max val
+    [[ $(max -g "${CURRENT/./}" "0") -eq 0 ]] &&
+      docker logs fb0 &&
+      docker logs ls
+  done
+
+  aggregate_stats
+  send_summary
+}
+
+stop_pipeline() {
+  echo "--- Stop Pipeline"
+
+  for ((i = 0; i < FB_CNT; i++)); do
+    docker stop fb$i
+    docker rm fb$i
+  done
+
+  docker stop ls
+  docker rm ls
+
+  curl -u "$BENCHMARK_ES_USER:$BENCHMARK_ES_PW" -X DELETE $BENCHMARK_ES_HOST/_data_stream/logs-generic-default
+  echo " data stream deleted "
+
+  # TODO: clean page caches, reduce memory fragmentation
+  # https://github.com/elastic/logstash/pull/16191#discussion_r1647050216
+}
+
+clean_up() {
+  # stop log generation if it has not done yet
+  [[ -n $(docker ps | grep flog) ]] && docker stop flog || true
+  # remove image
+  docker image rm docker.elastic.co/logstash/logstash:$LS_VERSION
+}

.buildkite/scripts/benchmark/main.sh

@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+set -eo pipefail
+
+# *******************************************************
+# This script does benchmark by running Filebeats (docker) -> Logstash (docker) -> ES Cloud.
+# Logstash metrics and benchmark results are sent to the same ES Cloud.
+# Highlights:
+# - Use flog (docker) to generate ~2GB log
+# - Pull the snapshot docker image of the main branch every day
+# - Logstash runs two pipelines, main and node_stats
+#   - The main pipeline handles beats ingestion, sending data to the data stream `logs-generic-default`
+#     - It runs for all combinations. (pq + mq) x worker x batch size
+#     - Each test runs for ~7 minutes
+#   - The node_stats pipeline retrieves Logstash /_node/stats every 30s and sends it to the data stream `metrics-nodestats-logstash`
+# - The script sends a summary of EPS and resource usage to index `benchmark_summary`
+# *******************************************************
+
+SCRIPT_PATH="$(dirname "${BASH_SOURCE[0]}")"
+source "$SCRIPT_PATH/core.sh"
+
+## usage:
+##   main.sh FB_CNT QTYPE CPU MEM
+##   main.sh 4 all 4 4          # default launch 4 filebeats to benchmark pq and mq
+##   main.sh 4 memory
+##   main.sh 4 persisted
+##   main.sh 4
+##   main.sh
+## accept env vars:
+##   FB_VERSION=8.13.4          # docker tag
+##   LS_VERSION=8.15.0-SNAPSHOT # docker tag
+##   LS_JAVA_OPTS=-Xmx2g        # by default, Xmx is set to half of memory
+##   MULTIPLIERS=1,2,4          # determine the number of workers (cpu * multiplier)
+##   BATCH_SIZES=125,500
+##   CPU=4                      # number of cpu for Logstash container
+##   MEM=4                      # number of GB for Logstash container
+##   QTYPE=memory               # queue type to test {persisted|memory|all}
+##   FB_CNT=4                   # number of filebeats to use in benchmark
+##   FLOG_FILE_CNT=4            # number of files to generate for ingestion
+##   VAULT_PATH=secret/path     # vault path point to Elasticsearch credentials. The default value points to benchmark cluster.
+##   TAGS=test,other            # tags with "," separator.
+main() {
+  parse_args "$@"
+  get_secret
+
+  generate_logs
+  pull_images
+  check_logs
+
+  create_directory
+  if [[ $QTYPE == "all" ]]; then
+    queue
+  else
+    worker
+  fi
+
+  clean_up
+}
+
+main "$@"

.buildkite/scripts/benchmark/marathon.sh

@@ -0,0 +1,44 @@
+#!/usr/bin/env bash
+set -eo pipefail
+
+# *******************************************************
+# Run benchmark for versions that have flow metrics
+# When the hardware changes, run the marathon task to establish a new baseline.
+# Usage:
+#   nohup bash -x all.sh > log.log 2>&1 &
+# Accept env vars:
+#   STACK_VERSIONS=8.15.0,8.15.1,8.16.0-SNAPSHOT # versions to test. It is comma separator string
+# *******************************************************
+
+SCRIPT_PATH="$(dirname "${BASH_SOURCE[0]}")"
+source "$SCRIPT_PATH/core.sh"
+
+parse_stack_versions() {
+  IFS=','
+  STACK_VERSIONS="${STACK_VERSIONS:-8.9.0,8.10.0,8.11.0,8.12.0,8.13.0,8.14.0,8.15.5,8.16.6,8.17.5,8.18.0,9.0.0}"
+  read -ra STACK_VERSIONS <<< "$STACK_VERSIONS"
+}
+
+main() {
+  parse_stack_versions
+  parse_args "$@"
+  get_secret
+  generate_logs
+  check_logs
+
+  USER_QTYPE="$QTYPE"
+
+  for V in "${STACK_VERSIONS[@]}" ; do
+    LS_VERSION="$V"
+    QTYPE="$USER_QTYPE"
+    pull_images
+    create_directory
+    if [[ $QTYPE == "all" ]]; then
+      queue
+    else
+      worker
+    fi
+  done
+}
+
+main "$@"

.buildkite/scripts/benchmark/save-objects/CHANGELOG.md

@@ -0,0 +1,8 @@
+## 20241210
+Remove scripted field `5m_num` from dashboards
+
+## 20240912
+Updated runtime field `release` to return `true` when `version` contains "SNAPSHOT"
+
+## 20240912
+Initial dashboards

.buildkite/scripts/benchmark/save-objects/README.md

@@ -0,0 +1,14 @@
+benchmark_objects.ndjson contains the following resources
+
+- Dashboards
+  - daily snapshot
+  - released versions
+- Data Views
+  - benchmark
+    - runtime fields
+      - | Fields Name  | Type         | Comment                                                                               |
+        |--------------|---------------------------------------------------------------------------------------|--------------------------------------------------|
+        | versions_num | long         | convert semantic versioning to number for graph sorting                               |
+        | release      | boolean      | `true` for released version. `false` for snapshot version. It is for graph filtering. |
+    
+To import objects to Kibana, navigate to Stack Management > Save Objects and click Import

.buildkite/scripts/benchmark/setup/alias

@@ -0,0 +1,6 @@
+POST /_aliases
+{
+  "actions": [
+    { "add": { "index": "benchmark_summary_v2", "alias": "benchmark_summary" } }
+  ]
+}

.buildkite/scripts/benchmark/setup/benchmark_summary_v2

@@ -0,0 +1,179 @@
+PUT /benchmark_summary_v2/_mapping
+{
+  "properties": {
+    "avg_cpu_percentage": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "avg_heap": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "avg_non_heap": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "avg_virtual_memory": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "batch_size": {
+      "type": "integer",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "cpu": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "max_eps_1m": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "max_eps_5m": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "max_queue_bytes_size": {
+      "type": "integer",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "max_queue_events": {
+      "type": "integer",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "max_worker_concurrency": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "max_worker_utilization": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "mem": {
+      "type": "float",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "queue_type": {
+      "type": "text",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "tag": {
+      "type": "text",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "timestamp": {
+      "type": "date"
+    },
+    "total_events_out": {
+      "type": "integer",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "version": {
+      "type": "text",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "workers": {
+      "type": "integer",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    },
+    "tags" : {
+      "type": "text",
+      "fields": {
+        "keyword": {
+          "type": "keyword",
+          "ignore_above": 256
+        }
+      }
+    }
+  }
+}

.buildkite/scripts/benchmark/util.sh

@@ -0,0 +1,41 @@
+#!/usr/bin/env bash
+
+arch() { uname -m | sed -e "s|amd|x86_|" -e "s|arm|aarch|"; }
+
+# return the min value
+# usage: 
+#  g: float; h: human; d: dictionary; M: month
+#  min -g 3 2 5 1
+#  max -g 1.5 5.2 2.5 1.2 5.7
+#  max -g "null" "0"
+#  min -h 25M 13G 99K 1098M
+min() { printf "%s\n" "${@:2}" | sort "$1" | head -n1 ; }
+
+max() { min ${1}r ${@:2} ; }
+
+# return the average of values
+# usage:
+#   jqavg '.process.cpu.percent' m_w8b1000_*.json
+#   $1: jq field
+#   $2: file path in glob pattern
+jqavg() {
+  jq -r "$1 | select(. != null)" $2 | jq -s . | jq 'add / length'
+}
+
+# return the maximum of values
+# usage:
+#   jqmax '.process.cpu.percent' m_w8b1000_*.json
+#   $1: jq field
+#   $2: file path in glob pattern
+jqmax() {
+  jq -r "$1  | select(. != null)" $2 | jq -s . | jq 'max'
+}
+
+# return true if $1 is non empty and not "null"
+not_empty() {
+  if [[ -n "$1" && "$1" != "null" ]]; then
+    return 0
+  else
+    return 1
+  fi
+}

.buildkite/scripts/common/check-files-changed.sh

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+# **********************************************************
+# Returns true if current checkout compared to parent commit
+# has changes ONLY matching the argument regexp
+#
+# Used primarily to skip running the exhaustive pipeline
+# when only docs changes have happened.
+# ********************************************************
+
+if [[ -z "$1" ]]; then
+  echo "Usage: $0 <regexp>"
+  exit 1
+fi
+
+previous_commit=$(git rev-parse HEAD^)
+changed_files=$(git diff --name-only $previous_commit)
+
+if [[ -n "$changed_files" ]] && [[ -z "$(echo "$changed_files" | grep -vE "$1")" ]]; then
+    echo "All files compared to the previous commit [$previous_commit] match the specified regex: [$1]"
+    echo "Files changed:"
+    git --no-pager diff --name-only HEAD^
+  exit 0
+else
+  exit 1
+fi

.buildkite/scripts/common/container-agent.sh

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+# ********************************************************
+# This file contains prerequisite bootstrap invocations
+# required for Logstash CI when using containerized agents
+# ********************************************************
+
+set -euo pipefail
+
+if [[ $(whoami) == "logstash" ]]
+then
+    export PATH="/home/logstash/.rbenv/bin:$PATH"
+    eval "$(rbenv init -)"
+else
+    export PATH="/usr/local/rbenv/bin:$PATH"
+    eval "$(rbenv init -)"
+fi

.buildkite/scripts/common/qualified-version.sh

@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+
+# ********************************************************
+# Source this script to get the QUALIFIED_VERSION env var
+# or execute it to receive the qualified version on stdout
+# ********************************************************
+
+set -euo pipefail
+
+export QUALIFIED_VERSION="$(
+  # Extract the version number from the version.yml file
+  # e.g.: 8.6.0
+  printf '%s' "$(awk -F':' '{ if ("logstash" == $1) { gsub(/^ | $/,"",$2); printf $2; exit } }' versions.yml)"
+
+  # Qualifier is passed from CI as optional field and specify the version postfix
+  # in case of alpha or beta releases for staging builds only:
+  # e.g: 8.0.0-alpha1
+  printf '%s' "${VERSION_QUALIFIER:+-${VERSION_QUALIFIER}}"
+
+  # add the SNAPSHOT tag unless WORKFLOW_TYPE=="staging" or RELEASE=="1"
+  if [[ ! ( "${WORKFLOW_TYPE:-}" == "staging" || "${RELEASE:+$RELEASE}" == "1" ) ]]; then
+    printf '%s' "-SNAPSHOT"
+  fi
+)"
+
+# if invoked directly, output the QUALIFIED_VERSION to stdout
+if [[ "$0" == "${BASH_SOURCE:-${ZSH_SCRIPT:-}}" ]]; then
+  printf '%s' "${QUALIFIED_VERSION}"
+fi

.buildkite/scripts/common/trigger-pipeline-generate-steps.sh

@@ -0,0 +1,106 @@
+#!/usr/bin/env bash
+
+set -eo pipefail
+
+# *******************************************************
+# this script is used by schedule-type pipelines
+# to automate triggering other pipelines (e.g. DRA) based
+# on ci/branches.json
+#
+# See:
+# https://elasticco.atlassian.net/browse/ENGPRD-318 /
+# https://github.com/elastic/ingest-dev/issues/2664
+# *******************************************************
+
+ACTIVE_BRANCHES_URL="https://storage.googleapis.com/artifacts-api/snapshots/branches.json"
+EXCLUDE_BRANCHES_ARRAY=()
+BRANCHES=()
+
+function install_yq() {
+if ! [[ -x $(which yq) && $(yq --version) == *mikefarah* ]]; then
+  echo "--- Downloading prerequisites"
+  curl -fsSL --retry-max-time 60 --retry 3 --retry-delay 5 -o /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
+  chmod a+x /usr/local/bin/yq
+fi
+}
+
+function parse_pipelines() {
+  IFS="," read -ra PIPELINES <<< "$PIPELINES_TO_TRIGGER"
+}
+
+# converts the (optional) $EXCLUDE_BRANCHES env var, containing a comma separated branches string, to $EXCLUDE_BRANCHES_ARRAY
+function exclude_branches_to_array() {
+  if [[ ! -z "$EXCLUDE_BRANCHES" ]]; then
+    IFS="," read -ra EXCLUDE_BRANCHES_ARRAY <<< "$EXCLUDE_BRANCHES"
+  fi
+}
+
+function check_if_branch_in_exclude_array() {
+  local branch=$1
+  local _excl_br
+  local ret_val="false"
+
+  for _excl_br in "${EXCLUDE_BRANCHES_ARRAY[@]}"; do
+    if [[ "$branch" == "$_excl_br" ]]; then
+      ret_val="true"
+      break
+    fi
+  done
+
+  echo $ret_val
+}
+
+if [[ -z $PIPELINES_TO_TRIGGER ]]; then
+    echo "^^^ +++"
+    echo "Required environment variable [PIPELINES_TO_TRIGGER] is missing."
+    echo "Exiting now."
+    exit 1
+fi
+
+parse_pipelines
+exclude_branches_to_array
+
+set -u
+set +e
+# pull releaseable branches from $ACTIVE_BRANCHES_URL
+readarray -t ELIGIBLE_BRANCHES < <(curl --retry-all-errors --retry 5 --retry-delay 5 -fsSL $ACTIVE_BRANCHES_URL | jq -r '.branches[]')
+if [[ $? -ne 0 ]]; then
+  echo "There was an error downloading or parsing the json output from [$ACTIVE_BRANCHES_URL]. Exiting."
+  exit 1
+fi
+set -e
+
+if [[ ${#EXCLUDE_BRANCHES_ARRAY[@]} -eq 0 ]]; then
+  # no branch exclusions
+  BRANCHES=("${ELIGIBLE_BRANCHES[@]}")
+else
+  # exclude any branches passed via optional $EXCLUDE_BRANCHES
+  for _branch in "${ELIGIBLE_BRANCHES[@]}"; do
+    res=$(check_if_branch_in_exclude_array $_branch)
+    if [[ "$res" == "false" ]]; then
+      BRANCHES+=("$_branch")
+    fi
+  done
+fi
+
+install_yq
+
+echo 'steps:' >pipeline_steps.yaml
+
+for PIPELINE in "${PIPELINES[@]}"; do
+  for BRANCH in "${BRANCHES[@]}"; do
+      cat >>pipeline_steps.yaml <<EOF
+  - trigger: $PIPELINE
+    label: ":testexecute: Triggering ${PIPELINE} / ${BRANCH}"
+    build:
+      branch: "$BRANCH"
+      message: ":testexecute: Scheduled build for ${BRANCH}"
+EOF
+  done
+done
+
+echo "--- Printing generated steps"
+yq . pipeline_steps.yaml
+
+echo "--- Uploading steps to buildkite"
+cat pipeline_steps.yaml | buildkite-agent pipeline upload

.buildkite/scripts/common/vm-agent-multi-jdk.sh

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+# **************************************************************
+# This file contains prerequisite bootstrap invocations
+# required for Logstash CI when using custom multi-jdk VM images
+# It is primarily used by the exhaustive BK pipeline.
+# **************************************************************
+
+set -euo pipefail
+
+source .ci/java-versions.properties
+export BUILD_JAVA_HOME=/opt/buildkite-agent/.java/$LS_BUILD_JAVA
+
+export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$BUILD_JAVA_HOME/bin:$PATH"
+
+eval "$(rbenv init -)"

.buildkite/scripts/common/vm-agent.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+# ********************************************************
+# This file contains prerequisite bootstrap invocations
+# required for Logstash CI when using VM/baremetal agents
+# ********************************************************
+
+set -euo pipefail
+
+export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:/opt/buildkite-agent/.java/bin:$PATH"
+export JAVA_HOME="/opt/buildkite-agent/.java"
+eval "$(rbenv init -)"

.buildkite/scripts/common/vm-images.json

@@ -0,0 +1,13 @@
+{
+    "#comment": "This file lists all custom vm images. We use it to make decisions about randomized CI jobs.",
+    "linux": {
+        "ubuntu": ["ubuntu-2404", "ubuntu-2204", "ubuntu-2004"],
+        "debian": ["debian-12", "debian-11"],
+        "rhel": ["rhel-9", "rhel-8"],
+        "oraclelinux": ["oraclelinux-8", "oraclelinux-7"],
+        "rocky": ["rocky-linux-8"],
+        "amazonlinux": ["amazonlinux-2023"],
+        "opensuse": ["opensuse-leap-15"]
+    },
+    "windows": ["windows-2025", "windows-2022", "windows-2019", "windows-2016"]
+}

.buildkite/scripts/dra/build_docker.sh

@@ -0,0 +1,55 @@
+#!/bin/bash -ie
+#Note - ensure that the -e flag is set to properly set the $? status if any command fails
+echo "####################################################################"
+echo "##################### Starting $0"
+echo "####################################################################"
+
+source ./$(dirname "$0")/common.sh
+
+# WORKFLOW_TYPE is a CI externally configured environment variable that could assume "snapshot" or "staging" values
+info "Building artifacts for the $WORKFLOW_TYPE workflow ..."
+
+case "$WORKFLOW_TYPE" in
+    snapshot)
+        :  # no-op
+        ;;
+    staging)
+        export RELEASE=1
+        ;;
+    *)
+        error "Workflow (WORKFLOW_TYPE variable) is not set, exiting..."
+        ;;
+esac
+
+rake artifact:docker || error "artifact:docker build failed."
+rake artifact:docker_oss || error "artifact:docker_oss build failed."
+rake artifact:docker_wolfi || error "artifact:docker_wolfi build failed."
+rake artifact:dockerfiles || error "artifact:dockerfiles build failed."
+
+STACK_VERSION="$(./$(dirname "$0")/../common/qualified-version.sh)"
+info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+
+info "Saving tar.gz for docker images"
+save_docker_tarballs "${ARCH}" "${STACK_VERSION}"
+
+info "Generated Artifacts"
+for file in build/logstash-*; do shasum $file;done
+
+info "Uploading DRA artifacts in buildkite's artifact store ..."
+# Note the deb, rpm tar.gz AARCH64 files generated has already been loaded by the build_packages.sh
+images="logstash logstash-oss logstash-wolfi"
+for image in ${images}; do
+    buildkite-agent artifact upload "build/$image-${STACK_VERSION}-docker-image-${ARCH}.tar.gz"
+done
+
+# Upload 'docker-build-context.tar.gz' files only when build x86_64, otherwise they will be
+# overwritten when building aarch64 (or viceversa).
+if [ "$ARCH" != "aarch64" ]; then
+    for image in logstash logstash-oss logstash-wolfi logstash-ironbank; do
+        buildkite-agent artifact upload "build/${image}-${STACK_VERSION}-docker-build-context.tar.gz"
+    done
+fi
+
+echo "####################################################################"
+echo "##################### Finishing $0"
+echo "####################################################################"

.buildkite/scripts/dra/build_packages.sh

@@ -0,0 +1,44 @@
+#!/bin/bash -ie
+#Note - ensure that the -e flag is set to properly set the $? status if any command fails
+echo "####################################################################"
+echo "##################### Starting $0"
+echo "####################################################################"
+
+source ./$(dirname "$0")/common.sh
+
+# WORKFLOW_TYPE is a CI externally configured environment variable that could assume "snapshot" or "staging" values
+info "Building artifacts for the $WORKFLOW_TYPE workflow ..."
+
+case "$WORKFLOW_TYPE" in
+    snapshot)
+        :  # no-op
+        ;;
+    staging)
+        export RELEASE=1
+        ;;
+    *)
+        error "Workflow (WORKFLOW_TYPE variable) is not set, exiting..."
+        ;;
+esac
+
+SKIP_DOCKER=1 rake artifact:all || error "rake artifact:all build failed."
+
+STACK_VERSION="$(./$(dirname "$0")/../common/qualified-version.sh)"
+info "Build complete, setting STACK_VERSION to $STACK_VERSION."
+
+info "Generated Artifacts"
+for file in build/logstash-*; do shasum $file;done
+
+info "Creating dependencies report for ${STACK_VERSION}"
+mkdir -p build/distributions/dependencies-reports/
+bin/dependencies-report --csv=build/distributions/dependencies-reports/logstash-${STACK_VERSION}.csv
+
+info "Generated dependencies report"
+shasum build/distributions/dependencies-reports/logstash-${STACK_VERSION}.csv
+
+info "Uploading DRA artifacts in buildkite's artifact store ..."
+buildkite-agent artifact upload "build/logstash*;build/distributions/dependencies-reports/logstash*"
+
+echo "####################################################################"
+echo "##################### Finishing $0"
+echo "####################################################################"

.buildkite/scripts/dra/common.sh

@@ -0,0 +1,42 @@
+function info {
+    echo "--- INFO: $1"
+}
+
+function error {
+    echo "--- ERROR: $1"
+    exit 1
+}
+
+function save_docker_tarballs {
+    local arch="${1:?architecture required}"
+    local version="${2:?stack-version required}"
+    local images="logstash logstash-oss logstash-wolfi"
+
+    for image in ${images}; do
+        tar_file="${image}-${version}-docker-image-${arch}.tar"
+        docker save -o "build/${tar_file}" \
+            "docker.elastic.co/logstash/${image}:${version}" || \
+            error "Unable to save tar file ${tar_file} for ${image} image."
+        # NOTE: if docker save exited with non-zero the error log already exited the script
+        gzip "build/${tar_file}"
+    done
+}
+
+# Since we are using the system jruby, we need to make sure our jvm process
+# uses at least 1g of memory, If we don't do this we can get OOM issues when
+# installing gems. See https://github.com/elastic/logstash/issues/5179
+export JRUBY_OPTS="-J-Xmx4g"
+
+# Extract the version number from the version.yml file
+# e.g.: 8.6.0
+# The suffix part like alpha1 etc is managed by the optional VERSION_QUALIFIER environment variable
+STACK_VERSION=`cat versions.yml | sed -n 's/^logstash\:[[:space:]]\([[:digit:]]*\.[[:digit:]]*\.[[:digit:]]*\)$/\1/p'`
+
+info "Agent is running on architecture [$(uname -i)]"
+
+export VERSION_QUALIFIER=${VERSION_QUALIFIER:-""}
+export DRA_DRY_RUN=${DRA_DRY_RUN:-""}
+
+if [[ ! -z $DRA_DRY_RUN && $BUILDKITE_STEP_KEY == "logstash_publish_dra" ]]; then
+    info "Release manager will run in dry-run mode [$DRA_DRY_RUN]"
+fi

.buildkite/scripts/dra/docker-env-setup.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+set -euo pipefail
+
+DOCKER_REGISTRY="docker.elastic.co"
+DOCKER_REGISTRY_SECRET_PATH="kv/ci-shared/platform-ingest/docker_registry_prod"
+CI_DRA_ROLE_PATH="kv/ci-shared/release/dra-role"
+
+
+function docker_login {
+  DOCKER_USERNAME_SECRET=$(retry -t 5 -- vault kv get -field user "${DOCKER_REGISTRY_SECRET_PATH}")
+  DOCKER_PASSWORD_SECRET=$(retry -t 5 -- vault kv get -field password "${DOCKER_REGISTRY_SECRET_PATH}")
+  docker login -u "${DOCKER_USERNAME_SECRET}" -p "${DOCKER_PASSWORD_SECRET}" "${DOCKER_REGISTRY}" 2>/dev/null
+  unset DOCKER_USERNAME_SECRET DOCKER_PASSWORD_SECRET
+}
+
+function release_manager_login {
+  DRA_CREDS_SECRET=$(retry -t 5 -- vault kv get -field=data -format=json ${CI_DRA_ROLE_PATH})
+  VAULT_ADDR_SECRET=$(echo ${DRA_CREDS_SECRET} | jq -r '.vault_addr')
+  VAULT_ROLE_ID=$(echo ${DRA_CREDS_SECRET} | jq -r '.role_id')
+  VAULT_SECRET_ID=$(echo ${DRA_CREDS_SECRET} | jq -r '.secret_id')
+  export VAULT_ADDR_SECRET VAULT_ROLE_ID VAULT_SECRET_ID
+}

.buildkite/scripts/dra/docker-env-teardown.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -euo pipefail
+
+# Unset all variables ending with _SECRET or _TOKEN
+for var in $(printenv | sed 's;=.*;;' | sort); do
+  if [[ $var != "VAULT_ADDR" && ("$var" == *_SECRET || "$var" == *_TOKEN || "$var" == *VAULT* ) ]]; then
+      unset "$var"
+  fi
+done
+
+if command -v docker &>/dev/null; then
+  DOCKER_REGISTRY="docker.elastic.co"
+  docker logout $DOCKER_REGISTRY
+fi

.buildkite/scripts/dra/generatesteps.py

@@ -0,0 +1,147 @@
+import os
+import sys
+
+import yaml
+
+YAML_HEADER = '# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json\n'
+
+def to_bk_key_friendly_string(key):
+    """
+    Convert and return key to an acceptable format for Buildkite's key: field
+    Only alphanumerics, dashes and underscores are allowed.
+    """
+
+    mapping_table = str.maketrans({'.': '_'})
+
+    return key.translate(mapping_table)
+
+def package_x86_step(branch, workflow_type):
+    step = f'''
+- label: ":package: Build packages / {branch}-{workflow_type.upper()} DRA artifacts"
+  key: "logstash_build_packages_dra"
+  agents:
+    provider: gcp
+    imageProject: elastic-images-prod
+    image: family/platform-ingest-logstash-ubuntu-2204
+    machineType: "n2-standard-16"
+    diskSizeGb: 200
+  command: |
+    export WORKFLOW_TYPE="{workflow_type}"
+    export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$PATH"
+    eval "$(rbenv init -)"
+    .buildkite/scripts/dra/build_packages.sh
+  artifact_paths:
+    - "**/*.hprof"
+'''
+
+    return step
+
+def package_x86_docker_step(branch, workflow_type):
+    step = f'''
+- label: ":package: Build x86_64 Docker / {branch}-{workflow_type.upper()} DRA artifacts"
+  key: "logstash_build_x86_64_docker_dra"
+  agents:
+    provider: gcp
+    imageProject: elastic-images-prod
+    image: family/platform-ingest-logstash-ubuntu-2204
+    machineType: "n2-standard-16"
+    diskSizeGb: 200
+  artifact_paths:
+    - "**/*.hprof"
+  command: |
+    export WORKFLOW_TYPE="{workflow_type}"
+    export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$PATH"
+    export ARCH="x86_64"
+    eval "$(rbenv init -)"
+    .buildkite/scripts/dra/build_docker.sh
+'''
+
+    return step
+
+def package_aarch64_docker_step(branch, workflow_type):
+    step = f'''
+- label: ":package: Build aarch64 Docker / {branch}-{workflow_type.upper()} DRA artifacts"
+  key: "logstash_build_aarch64_docker_dra"
+  agents:
+    provider: aws
+    imagePrefix: platform-ingest-logstash-ubuntu-2204-aarch64
+    instanceType: "m6g.4xlarge"
+    diskSizeGb: 200
+  artifact_paths:
+    - "**/*.hprof"
+  command: |
+    export WORKFLOW_TYPE="{workflow_type}"
+    export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$PATH"
+    export ARCH="aarch64"
+    eval "$(rbenv init -)"
+    .buildkite/scripts/dra/build_docker.sh
+'''
+
+    return step
+
+def publish_dra_step(branch, workflow_type, depends_on):
+    step = f'''
+- label: ":elastic-stack: Publish  / {branch}-{workflow_type.upper()} DRA artifacts"
+  key: "logstash_publish_dra"
+  depends_on: "{depends_on}"
+  agents:
+    provider: gcp
+    imageProject: elastic-images-prod
+    image: family/platform-ingest-logstash-ubuntu-2204
+    machineType: "n2-standard-16"
+    diskSizeGb: 200
+  command: |
+    echo "+++ Restoring Artifacts"
+    buildkite-agent artifact download "build/logstash*" .
+    buildkite-agent artifact download "build/distributions/**/*" .
+    echo "+++ Changing permissions for the release manager"
+    sudo chown -R :1000 build
+    echo "+++ Running DRA publish step"
+    export WORKFLOW_TYPE="{workflow_type}"
+    .buildkite/scripts/dra/publish.sh
+    '''
+
+    return step
+
+def build_steps_to_yaml(branch, workflow_type):
+    steps = []
+    steps.extend(yaml.safe_load(package_x86_step(branch, workflow_type)))
+    steps.extend(yaml.safe_load(package_x86_docker_step(branch, workflow_type)))
+    steps.extend(yaml.safe_load(package_aarch64_docker_step(branch, workflow_type)))
+
+    return steps
+
+if __name__ == "__main__":
+    try:
+        workflow_type = os.environ["WORKFLOW_TYPE"]
+        version_qualifier = os.environ.get("VERSION_QUALIFIER", "")
+    except ImportError:
+        print(f"Missing env variable WORKFLOW_TYPE. Use export WORKFLOW_TYPE=<staging|snapshot>\n.Exiting.")
+        exit(1)
+
+    branch = os.environ["BUILDKITE_BRANCH"]
+
+    structure = {"steps": []}
+
+    if workflow_type.upper() == "SNAPSHOT" and len(version_qualifier)>0:
+        structure["steps"].append({
+            "label": f"no-op pipeline because prerelease builds (VERSION_QUALIFIER is set to [{version_qualifier}]) don't support the [{workflow_type}] workflow",
+            "command": ":",
+            "skip": "VERSION_QUALIFIER (prerelease builds) not supported with SNAPSHOT DRA",
+        })
+    else:
+        # Group defining parallel steps that build and save artifacts
+        group_key = to_bk_key_friendly_string(f"logstash_dra_{workflow_type}")
+
+        structure["steps"].append({
+            "group": f":Build Artifacts - {workflow_type.upper()}",
+            "key": group_key,
+            "steps": build_steps_to_yaml(branch, workflow_type),
+        })
+
+        # Final step: pull artifacts built above and publish them via the release-manager
+        structure["steps"].extend(
+            yaml.safe_load(publish_dra_step(branch, workflow_type, depends_on=group_key)),
+        )
+
+    print(YAML_HEADER + yaml.dump(structure, Dumper=yaml.Dumper, sort_keys=False))

.buildkite/scripts/dra/publish.sh

@@ -0,0 +1,118 @@
+#!/bin/bash -i
+set -euo pipefail
+
+echo "####################################################################"
+echo "##################### Starting $0"
+echo "####################################################################"
+
+source ./$(dirname "$0")/common.sh
+
+# DRA_BRANCH can be used for manually testing packaging with PRs
+# e.g. define `DRA_BRANCH="main"` and `RUN_SNAPSHOT="true"` under Options/Environment Variables in the Buildkite UI after clicking new Build
+BRANCH="${DRA_BRANCH:="${BUILDKITE_BRANCH:=""}"}"
+
+# This is the branch selector that needs to be passed to the release-manager
+# It has to be the name of the branch which originates the artifacts.
+RELEASE_VER=`cat versions.yml | sed -n 's/^logstash\:[[:space:]]\([[:digit:]]*\.[[:digit:]]*\)\.[[:digit:]]*$/\1/p'`
+if [ -n "$(git ls-remote --heads origin $RELEASE_VER)" ] ; then
+    RELEASE_BRANCH=$RELEASE_VER
+else
+    RELEASE_BRANCH="${BRANCH:="main"}"
+fi
+echo "RELEASE BRANCH: $RELEASE_BRANCH"
+
+VERSION_QUALIFIER="${VERSION_QUALIFIER:=""}"
+
+case "$WORKFLOW_TYPE" in
+    snapshot)
+        :
+        ;;
+    staging)
+        ;;
+    *)
+        error "Workflow (WORKFLOW_TYPE variable) is not set, exiting..."
+        ;;
+esac
+
+info "Uploading artifacts for ${WORKFLOW_TYPE} workflow on branch: ${RELEASE_BRANCH} for version: ${STACK_VERSION} with version_qualifier: ${VERSION_QUALIFIER}"
+
+if [ "$RELEASE_VER" != "7.17" ]; then
+  # Version 7.17.x doesn't generates ARM artifacts for Darwin
+  # TODO see if we need to do anything here
+  :
+fi
+
+info "Downloaded ARTIFACTS sha report"
+for file in build/logstash-*; do shasum $file;done
+
+FINAL_VERSION="$(./$(dirname "$0")/../common/qualified-version.sh)"
+
+mv build/distributions/dependencies-reports/logstash-${FINAL_VERSION}.csv build/distributions/dependencies-${FINAL_VERSION}.csv
+
+# set required permissions on artifacts and directory
+chmod -R a+r build/*
+chmod -R a+w build
+
+chmod -R a+r $PWD/*
+chmod -R a+w $PWD
+
+info "Setup docker credentials"
+# TODO disable tracing
+# set +o xtrace
+source ./$(dirname "$0")/docker-env-setup.sh
+release_manager_login
+
+# ensure the latest image has been pulled
+docker pull docker.elastic.co/infra/release-manager:latest
+
+echo "+++ :clipboard: Listing DRA artifacts for version [$STACK_VERSION], branch [$RELEASE_BRANCH], workflow [$WORKFLOW_TYPE], QUALIFIER [$VERSION_QUALIFIER]"
+docker run --rm \
+        --name release-manager \
+        -e VAULT_ROLE_ID \
+        -e VAULT_SECRET_ID \
+        --mount type=bind,readonly=false,src="$PWD",target=/artifacts \
+        docker.elastic.co/infra/release-manager:latest \
+          cli list \
+          --project logstash \
+          --branch "${RELEASE_BRANCH}" \
+          --commit "$(git rev-parse HEAD)" \
+          --workflow "${WORKFLOW_TYPE}" \
+          --version "${STACK_VERSION}" \
+          --artifact-set main \
+          --qualifier "${VERSION_QUALIFIER}"
+
+info "Running the release manager ..."
+
+# collect the artifacts for use with the unified build
+docker run --rm \
+  --name release-manager \
+  -e VAULT_ADDR="${VAULT_ADDR_SECRET}" \
+  -e VAULT_ROLE_ID \
+  -e VAULT_SECRET_ID \
+  --mount type=bind,readonly=false,src="$PWD",target=/artifacts \
+  docker.elastic.co/infra/release-manager:latest \
+    cli collect \
+      --project logstash \
+      --branch ${RELEASE_BRANCH} \
+      --commit "$(git rev-parse HEAD)" \
+      --workflow "${WORKFLOW_TYPE}" \
+      --version "${STACK_VERSION}" \
+      --artifact-set main \
+      --qualifier "${VERSION_QUALIFIER}" \
+      ${DRA_DRY_RUN} | tee rm-output.txt
+
+# extract the summary URL from a release manager output line like:
+# Report summary-8.22.0.html can be found at https://artifacts-staging.elastic.co/logstash/8.22.0-ABCDEFGH/summary-8.22.0.html
+
+SUMMARY_URL=$(grep -E '^Report summary-.* can be found at ' rm-output.txt | grep -oP 'https://\S+' | awk '{print $1}')
+rm rm-output.txt
+
+# and make it easily clickable as a Builkite annotation
+printf "**Summary link:** [${SUMMARY_URL}](${SUMMARY_URL})\n" | buildkite-agent annotate --style=success 
+
+info "Teardown logins"
+$(dirname "$0")/docker-env-teardown.sh
+
+echo "####################################################################"
+echo "##################### Finishing $0"
+echo "####################################################################"

.buildkite/scripts/exhaustive-tests/generate-steps.py

@@ -0,0 +1,219 @@
+import json
+import os
+import random
+import sys
+import typing
+
+from ruamel.yaml import YAML
+from ruamel.yaml.scalarstring import LiteralScalarString
+
+VM_IMAGES_FILE = ".buildkite/scripts/common/vm-images.json"
+VM_IMAGE_PREFIX = "platform-ingest-logstash-multi-jdk-"
+
+ACCEPTANCE_LINUX_OSES = ["ubuntu-2404", "ubuntu-2204", "ubuntu-2004", "debian-11", "rhel-8", "oraclelinux-7", "rocky-linux-8", "opensuse-leap-15", "amazonlinux-2023"]
+
+CUR_PATH = os.path.dirname(os.path.abspath(__file__))
+
+def slugify_bk_key(key: str) -> str:
+    """
+    Convert and return key to an acceptable format for Buildkite's key: field
+    Only alphanumerics, dashes and underscores are allowed.
+    """
+
+    mapping_table = str.maketrans({'.': '_', ' ': '_', '/': '_'})
+
+    return key.translate(mapping_table)
+
+def testing_phase_steps() -> typing.Dict[str, typing.List[typing.Any]]:
+    with open(os.path.join(CUR_PATH, "..", "..", "pull_request_pipeline.yml")) as fp:
+        return YAML().load(fp)
+
+def compat_linux_step(imagesuffix: str) -> dict[str, typing.Any]:
+    linux_command = LiteralScalarString("""#!/usr/bin/env bash
+set -eo pipefail
+source .buildkite/scripts/common/vm-agent.sh
+ci/unit_tests.sh""")
+
+    return compat_step(imagesuffix, command=linux_command)
+
+
+def compat_windows_step(imagesuffix: str) -> dict[str, typing.Any]:
+    windows_command = LiteralScalarString(r'''.\\ci\\unit_tests.ps1''')
+
+    return compat_step(imagesuffix, command=windows_command)
+
+def compat_step(imagesuffix: str, command: LiteralScalarString) -> dict[str, typing.Any]:
+    step = {
+        "label": imagesuffix,
+        "key": slugify_bk_key(f"compat-linux-{imagesuffix}"),
+        "command": command,
+        "agents": {},
+        "retry": {"automatic": [{"limit": 3}]},
+    }
+
+    if "amazon" in imagesuffix.lower():
+        step["agents"] = {
+            "provider": "aws",
+            "imagePrefix": f"{VM_IMAGE_PREFIX}{imagesuffix}",
+            "instanceType": "m5.2xlarge",
+            "diskSizeGb": 200,
+       }
+    else:
+       step["agents"] = {
+            "provider": "gcp",
+            "imageProject": "elastic-images-prod",
+            "image": f"family/{VM_IMAGE_PREFIX}{imagesuffix}",
+            "machineType": "n2-standard-4",
+            "diskSizeGb": 200,
+            "diskType": "pd-ssd",
+       }
+
+    return step
+
+def randomized_linux_oses() -> typing.List[str]:
+    with open(VM_IMAGES_FILE, "r") as fp:
+        all_oses = json.load(fp)
+
+    randomized_oses = []
+    for _, family_oses in all_oses["linux"].items():
+       randomized_oses.append(random.choice(family_oses))
+    return randomized_oses
+
+def randomized_windows_os() -> str:
+    with open(VM_IMAGES_FILE, "r") as fp:
+        all_oses = json.load(fp)
+
+    return random.choice(all_oses["windows"])
+
+def aws_agent(vm_name: str, instance_type: str, image_prefix: str = "platform-ingest-logstash-multi-jdk", disk_size_gb: int = 200) -> dict[str, typing.Any]:
+    return {
+        "provider": "aws",
+        "imagePrefix": f"{image_prefix}-{vm_name}",
+        "instanceType": instance_type,
+        "diskSizeGb": disk_size_gb,
+    }
+
+def gcp_agent(vm_name: str, instance_type: str = "n2-standard-4", image_prefix: str = "family/platform-ingest-logstash-multi-jdk", disk_size_gb: int = 200) -> dict[str, typing.Any]:
+    return {
+        "provider": "gcp",
+        "imageProject": "elastic-images-prod",
+        "image": f"{image_prefix}-{vm_name}",
+        "machineType": instance_type,
+        "diskSizeGb": disk_size_gb,
+        "diskType": "pd-ssd",
+    }
+
+def acceptance_linux_vms() -> typing.List[str]:
+    acceptance_linux_vms = os.getenv("ACCEPTANCE_LINUX_OSES")
+    if acceptance_linux_vms:
+        acceptance_linux_vms = acceptance_linux_vms.split(",")
+    else:
+        acceptance_linux_vms = ACCEPTANCE_LINUX_OSES
+
+    return acceptance_linux_vms
+
+def acceptance_linux_steps() -> list[typing.Any]:
+    steps = []
+
+    build_artifacts_step = {
+        "label": "Build artifacts",
+        "key": "acceptance-build-artifacts",
+        # use the same agent as the one we use for building DRA artifacts
+        "agents": gcp_agent("ubuntu-2204", instance_type="n2-standard-16", image_prefix="family/platform-ingest-logstash"),
+        "command": LiteralScalarString("""#!/usr/bin/env bash
+set -eo pipefail
+source .buildkite/scripts/common/vm-agent.sh
+echo "--- Building all artifacts"
+./gradlew clean bootstrap
+rake artifact:deb artifact:rpm
+"""),
+        "artifact_paths": [
+            "build/*rpm",
+            "build/*deb",
+            "build/*tar.gz",
+        ],
+    }
+
+    steps.append(build_artifacts_step)
+
+    for vm in acceptance_linux_vms():
+        step = {
+            "label": vm,
+            "key": slugify_bk_key(vm),
+            "agents": aws_agent(vm,instance_type="m5.4xlarge") if "amazonlinux" in vm else gcp_agent(vm),
+            "depends_on": "acceptance-build-artifacts",
+            "retry": {"automatic": [{"limit": 3}]},
+            "command": LiteralScalarString("""#!/usr/bin/env bash
+set -eo pipefail
+source .buildkite/scripts/common/vm-agent-multi-jdk.sh
+source /etc/os-release
+ci/acceptance_tests.sh"""),
+        }
+        steps.append(step)
+
+    return steps
+
+def acceptance_docker_steps()-> list[typing.Any]:
+    steps = []
+    for flavor in ["full", "oss", "ubi", "wolfi"]:
+        steps.append({
+            "label": f":docker: {flavor} flavor acceptance",
+            "agents": gcp_agent(vm_name="ubuntu-2204", image_prefix="family/platform-ingest-logstash"),
+            "command": LiteralScalarString(f"""#!/usr/bin/env bash
+set -euo pipefail
+source .buildkite/scripts/common/vm-agent.sh
+ci/docker_acceptance_tests.sh {flavor}"""),
+            "retry": {"automatic": [{"limit": 3}]},
+        })
+
+    return steps
+
+if __name__ == "__main__":
+    LINUX_OS_ENV_VAR_OVERRIDE = os.getenv("LINUX_OS")
+    WINDOWS_OS_ENV_VAR_OVERRIDE = os.getenv("WINDOWS_OS")
+
+    compat_linux_steps = []
+    linux_test_oses = [LINUX_OS_ENV_VAR_OVERRIDE] if LINUX_OS_ENV_VAR_OVERRIDE else randomized_linux_oses()
+    for linux_os in linux_test_oses:
+       compat_linux_steps.append(compat_linux_step(linux_os))
+
+    windows_test_os = WINDOWS_OS_ENV_VAR_OVERRIDE or randomized_windows_os()
+
+    structure = {"steps": []}
+
+    structure["steps"].append({
+        "group": "Testing Phase",
+        "key": "testing-phase",
+        **testing_phase_steps(),
+    })
+
+    structure["steps"].append({
+            "group": "Compatibility / Linux",
+            "key": "compatibility-linux",
+            "depends_on": "testing-phase",
+            "steps": compat_linux_steps,
+    })
+
+    structure["steps"].append({
+            "group": "Compatibility / Windows",
+            "key": "compatibility-windows",
+            "depends_on": "testing-phase",
+            "steps": [compat_windows_step(imagesuffix=windows_test_os)],
+    })
+
+    structure["steps"].append({
+            "group": "Acceptance / Packaging",
+            "key": "acceptance-packaging",
+            "depends_on": ["testing-phase"],
+            "steps": acceptance_linux_steps(),
+    })
+
+    structure["steps"].append({
+            "group": "Acceptance / Docker",
+            "key": "acceptance-docker",
+            "depends_on": ["testing-phase"],
+            "steps": acceptance_docker_steps(),
+    })
+
+    print('# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json')
+    YAML().dump(structure, sys.stdout)

.buildkite/scripts/health-report-tests/README.md

@@ -0,0 +1,18 @@
+## Description
+This package for integration tests of the Health Report API.
+Export `LS_BRANCH` to run on a specific branch. By default, it uses the main branch.
+
+## How to run the Health Report Integration test?
+### Prerequisites
+Make sure you have python installed. Install the integration test dependencies with the following command:
+```shell
+python3 -mpip install -r .buildkite/scripts/health-report-tests/requirements.txt
+```
+
+### Run the integration tests
+```shell
+python3 .buildkite/scripts/health-report-tests/main.py
+```
+
+### Troubleshooting
+- If you get `WARNING: pip is configured with locations that require TLS/SSL,...` warning message, make sure you have python >=3.12.4 installed.

.buildkite/scripts/health-report-tests/bootstrap.py

@@ -0,0 +1,111 @@
+"""
+Health Report Integration test bootstrapper with Python script
+    - A script to resolve Logstash version if not provided
+    - Download LS docker image and spin up
+    - When tests finished, teardown the Logstash
+"""
+import os
+import subprocess
+import time
+import util
+import yaml
+
+
+class Bootstrap:
+    ELASTIC_STACK_RELEASED_VERSION_URL = "https://storage.googleapis.com/artifacts-api/releases/current/"
+
+    def __init__(self) -> None:
+        f"""
+        A constructor of the {Bootstrap}.
+        Returns:
+            Resolves Logstash branch considering provided LS_BRANCH
+            Checks out git branch
+        """
+        logstash_branch = os.environ.get("LS_BRANCH")
+        if logstash_branch is None:
+            # version is not specified, use the main branch, no need to git checkout
+            print(f"LS_BRANCH is not specified, using main branch.")
+        else:
+            # LS_BRANCH accepts major latest as a major.x or specific branch as X.Y
+            if logstash_branch.find(".x") == -1:
+                print(f"Using specified branch: {logstash_branch}")
+                util.git_check_out_branch(logstash_branch)
+            else:
+                major_version = logstash_branch.split(".")[0]
+                if major_version and major_version.isnumeric():
+                    resolved_version = self.__resolve_latest_stack_version_for(major_version)
+                    minor_version = resolved_version.split(".")[1]
+                    branch = major_version + "." + minor_version
+                    print(f"Using resolved branch: {branch}")
+                    util.git_check_out_branch(branch)
+                else:
+                    raise ValueError(f"Invalid value set to LS_BRANCH. Please set it properly (ex: 8.x or 9.0) and "
+                                     f"rerun again")
+
+    def __resolve_latest_stack_version_for(self, major_version: str) -> str:
+        resp = util.call_url_with_retry(self.ELASTIC_STACK_RELEASED_VERSION_URL + major_version)
+        release_version = resp.text.strip()
+        print(f"Resolved latest version for {major_version} is {release_version}.")
+
+        if release_version == "":
+            raise ValueError(f"Cannot resolve latest version for {major_version} major")
+        return release_version
+
+    def install_plugin(self, plugin_path: str) -> None:
+        util.run_or_raise_error(
+            ["bin/logstash-plugin", "install", plugin_path],
+            f"Failed to install {plugin_path}")
+
+    def build_logstash(self):
+        print(f"Building Logstash...")
+        util.run_or_raise_error(
+            ["./gradlew", "clean", "bootstrap", "assemble", "installDefaultGems"],
+            "Failed to build Logstash")
+        print(f"Logstash has successfully built.")
+
+    def apply_config(self, config: dict) -> None:
+        with open(os.getcwd() + "/.buildkite/scripts/health-report-tests/config/pipelines.yml", 'w') as pipelines_file:
+            yaml.dump(config, pipelines_file)
+
+    def run_logstash(self, full_start_required: bool) -> subprocess.Popen:
+        # --config.reload.automatic is to make instance active
+        # it is helpful when testing crash pipeline cases
+        config_path = os.getcwd() + "/.buildkite/scripts/health-report-tests/config"
+        process = subprocess.Popen(["bin/logstash", "--config.reload.automatic", "--path.settings", config_path,
+                                    "-w 1"], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True, shell=False)
+        if process.poll() is not None:
+            print(f"Logstash failed to run, check the the config and logs, then rerun.")
+            return None
+
+        # Read stdout and stderr in real-time
+        logs = []
+        for stdout_line in iter(process.stdout.readline, ""):
+            logs.append(stdout_line.strip())
+            # we don't wait for Logstash fully start as we also test slow pipeline start scenarios
+            if full_start_required is False and "Starting pipeline" in stdout_line:
+                break
+            if full_start_required is True and "Pipeline started" in stdout_line:
+                break
+            if "Logstash shut down" in stdout_line or "Logstash stopped" in stdout_line:
+                print(f"Logstash couldn't spin up.")
+                print(logs)
+                return None
+
+        print(f"Logstash is running with PID: {process.pid}.")
+        return process
+
+    def stop_logstash(self, process: subprocess.Popen):
+        start_time = time.time()    # in seconds
+        process.terminate()
+        for stdout_line in iter(process.stdout.readline, ""):
+            # print(f"STDOUT: {stdout_line.strip()}")
+            if "Logstash shut down" in stdout_line or "Logstash stopped" in stdout_line:
+                print(f"Logstash stopped.")
+                return None
+            # shudown watcher keep running, we should be good with considering time spent
+            if time.time() - start_time > 60:
+                print(f"Logstash didn't stop in 1min, sending SIGTERM signal.")
+                process.kill()
+            if time.time() - start_time > 70:
+                print(f"Logstash didn't stop over 1min, exiting.")
+                return None

.buildkite/scripts/health-report-tests/config/pipelines.yml

@@ -0,0 +1 @@
+# Intentionally left blank

.buildkite/scripts/health-report-tests/config_validator.py

@@ -0,0 +1,70 @@
+import yaml
+from typing import Any, List, Dict
+
+
+class ConfigValidator:
+    REQUIRED_KEYS = {
+        "root": ["name", "config", "conditions", "expectation"],
+        "config": ["pipeline.id", "config.string"],
+        "conditions": ["full_start_required", "wait_seconds"],
+        "expectation": ["status", "symptom", "indicators"],
+        "indicators": ["pipelines"],
+        "pipelines": ["status", "symptom", "indicators"],
+        "DYNAMIC": ["status", "symptom", "diagnosis", "impacts", "details"],    # pipeline-id is a DYNAMIC
+        "details": ["status"],
+        "status": ["state"]
+    }
+
+    def __init__(self):
+        self.yaml_content = None
+
+    def __has_valid_keys(self, data: any, key_path: str, repeated: bool) -> bool:
+        # we reached the value
+        if isinstance(data, str) or isinstance(data, bool) or isinstance(data, int) or isinstance(data, float):
+            return True
+
+        # we have two indicators section and for the next repeated ones, we go deeper
+        first_key = next(iter(data))
+        data = data[first_key] if repeated and key_path == "indicators" else data
+
+        if isinstance(data, dict):
+            # pipeline-id is a DYNAMIC
+            required = self.REQUIRED_KEYS.get("DYNAMIC" if repeated and key_path == "indicators" else key_path, [])
+            repeated = not repeated if key_path == "indicators" else repeated
+            for key in required:
+                if key not in data:
+                    print(f"Missing key '{key}' in '{key_path}'")
+                    return False
+                else:
+                    dic_keys_result = self.__has_valid_keys(data[key], key, repeated)
+                    if dic_keys_result is False:
+                        return False
+        elif isinstance(data, list):
+            for item in data:
+                list_keys_result = self.__has_valid_keys(item, key_path, repeated)
+                if list_keys_result is False:
+                    return False
+        return True
+
+    def load(self, file_path: str) -> None:
+        """Load the YAML file content into self.yaml_content."""
+        self.yaml_content: [Dict[str, Any]] = None
+        try:
+            with open(file_path, 'r') as file:
+                self.yaml_content = yaml.safe_load(file)
+        except yaml.YAMLError as exc:
+            print(f"Error in YAML file: {exc}")
+            self.yaml_content = None
+
+    def is_valid(self) -> bool:
+        """Validate the entire YAML structure."""
+        if self.yaml_content is None:
+            print(f"YAML content is empty.")
+            return False
+
+        if not isinstance(self.yaml_content, dict):
+            print(f"YAML structure is not as expected, it should start with a Dict.")
+            return False
+
+        result = self.__has_valid_keys(self.yaml_content, "root", False)
+        return True if result is True else False

.buildkite/scripts/health-report-tests/logstash_health_report.py

@@ -0,0 +1,16 @@
+"""
+A class to provide information about Logstash node stats.
+"""
+
+import util
+
+
+class LogstashHealthReport:
+    LOGSTASH_HEALTH_REPORT_URL = "http://localhost:9600/_health_report"
+
+    def __init__(self):
+        pass
+
+    def get(self):
+        response = util.call_url_with_retry(self.LOGSTASH_HEALTH_REPORT_URL)
+        return response.json()

.buildkite/scripts/health-report-tests/main.py

@@ -0,0 +1,89 @@
+"""
+ Main entry point of the LS health report API integration test suites
+"""
+import glob
+import os
+import time
+import traceback
+import yaml
+from bootstrap import Bootstrap
+from scenario_executor import ScenarioExecutor
+from config_validator import ConfigValidator
+
+
+class BootstrapContextManager:
+
+    def __init__(self):
+        pass
+
+    def __enter__(self):
+        print(f"Starting Logstash Health Report Integration test.")
+        self.bootstrap = Bootstrap()
+        self.bootstrap.build_logstash()
+
+        plugin_path = os.getcwd() + "/qa/support/logstash-integration-failure_injector/logstash-integration" \
+                                    "-failure_injector-*.gem"
+        matching_files = glob.glob(plugin_path)
+        if len(matching_files) == 0:
+            raise ValueError(f"Could not find logstash-integration-failure_injector plugin.")
+
+        self.bootstrap.install_plugin(matching_files[0])
+        print(f"logstash-integration-failure_injector successfully installed.")
+        return self.bootstrap
+
+    def __exit__(self, exc_type, exc_value, exc_traceback):
+        if exc_type is not None:
+            print(traceback.format_exception(exc_type, exc_value, exc_traceback))
+
+
+def main():
+    with BootstrapContextManager() as bootstrap:
+        scenario_executor = ScenarioExecutor()
+        config_validator = ConfigValidator()
+
+        working_dir = os.getcwd()
+        scenario_files_path = working_dir + "/.buildkite/scripts/health-report-tests/tests/*.yaml"
+        scenario_files = glob.glob(scenario_files_path)
+
+        for scenario_file in scenario_files:
+            print(f"Validating {scenario_file} scenario file.")
+            config_validator.load(scenario_file)
+            if config_validator.is_valid() is False:
+                print(f"{scenario_file} scenario file is not valid.")
+                return
+            else:
+                print(f"Validation succeeded.")
+
+        has_failed_scenario = False
+        for scenario_file in scenario_files:
+            with open(scenario_file, 'r') as file:
+                # scenario_content: Dict[str, Any] = None
+                scenario_content = yaml.safe_load(file)
+                print(f"Testing `{scenario_content.get('name')}` scenario.")
+                scenario_name = scenario_content['name']
+
+                is_full_start_required = scenario_content.get('conditions').get('full_start_required')
+                wait_seconds = scenario_content.get('conditions').get('wait_seconds')
+                config = scenario_content['config']
+                if config is not None:
+                    bootstrap.apply_config(config)
+                    expectations = scenario_content.get("expectation")
+                    process = bootstrap.run_logstash(is_full_start_required)
+                    if process is not None:
+                        if wait_seconds is not None:
+                            print(f"Test requires to wait for `{wait_seconds}` seconds.")
+                            time.sleep(wait_seconds)  # wait for Logstash to start
+                        try:
+                            scenario_executor.on(scenario_name, expectations)
+                        except Exception as e:
+                            print(e)
+                            has_failed_scenario = True
+                        bootstrap.stop_logstash(process)
+
+        if has_failed_scenario:
+            # intentionally fail due to visibility
+            raise Exception("Some of scenarios failed, check the log for details.")
+
+
+if __name__ == "__main__":
+    main()

.buildkite/scripts/health-report-tests/main.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -euo pipefail
+
+export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:/opt/buildkite-agent/.java/bin:$PATH"
+export JAVA_HOME="/opt/buildkite-agent/.java"
+export PYENV_VERSION="3.11.5"
+
+eval "$(rbenv init -)"
+eval "$(pyenv init -)"
+
+echo "--- Installing dependencies"
+python3 -m pip install -r .buildkite/scripts/health-report-tests/requirements.txt
+
+echo "--- Running tests"
+python3 .buildkite/scripts/health-report-tests/main.py

.buildkite/scripts/health-report-tests/requirements.txt

@@ -0,0 +1,2 @@
+requests==2.32.3
+pyyaml==6.0.2

.buildkite/scripts/health-report-tests/scenario_executor.py

@@ -0,0 +1,67 @@
+"""
+A class to execute the given scenario for Logstash Health Report integration test
+"""
+import time
+from logstash_health_report import LogstashHealthReport
+
+
+class ScenarioExecutor:
+    logstash_health_report_api = LogstashHealthReport()
+
+    def __init__(self):
+        pass
+
+    def __has_intersection(self, expects, results):
+        # TODO: this logic is aligned on current Health API response
+        #   there is no guarantee that method correctly runs if provided multi expects and results
+        # we expect expects to be existing in results
+        for expect in expects:
+            for result in results:
+                if result.get('help_url') and "health-report-pipeline-" not in result.get('help_url'):
+                    return False
+                if not all(key in result and result[key] == value for key, value in expect.items()):
+                    return False
+        return True
+
+    def __get_difference(self, differences: list, expectations: dict, reports: dict) -> dict:
+        for key in expectations.keys():
+
+            if type(expectations.get(key)) != type(reports.get(key)):
+                differences.append(f"Scenario expectation and Health API report structure differs for {key}.")
+                return differences
+
+            if isinstance(expectations.get(key), str):
+                if expectations.get(key) != reports.get(key):
+                    differences.append({key: {"expected": expectations.get(key), "got": reports.get(key)}})
+                continue
+            elif isinstance(expectations.get(key), dict):
+                self.__get_difference(differences, expectations.get(key), reports.get(key))
+            elif isinstance(expectations.get(key), list):
+                if not self.__has_intersection(expectations.get(key), reports.get(key)):
+                    differences.append({key: {"expected": expectations.get(key), "got": reports.get(key)}})
+        return differences
+
+    def __is_expected(self, expectations: dict) -> None:
+        reports = self.logstash_health_report_api.get()
+        differences = self.__get_difference([], expectations, reports)
+        if differences:
+            print("Differences found in 'expectation' section between YAML content and stats:")
+            for diff in differences:
+                print(f"Difference: {diff}")
+            return False
+        else:
+            return True
+
+    def on(self, scenario_name: str, expectations: dict) -> None:
+        # retriable check the expectations
+        attempts = 5
+        while self.__is_expected(expectations) is False:
+            attempts = attempts - 1
+            if attempts == 0:
+                break
+            time.sleep(1)
+
+        if attempts == 0:
+            raise Exception(f"{scenario_name} failed.")
+        else:
+            print(f"Scenario `{scenario_name}` expectaion meets the health report stats.")

.buildkite/scripts/health-report-tests/tests/abnormal-termination.yaml

@@ -0,0 +1,32 @@
+name: "Abnormally terminated pipeline"
+config:
+  - pipeline.id: abnormally-terminated-pp
+    config.string: |
+      input { heartbeat { interval => 1 } }
+      filter { failure_injector { crash_at => filter } }
+      output { stdout {} }
+    pipeline.workers: 1
+    pipeline.batch.size: 1
+conditions:
+  full_start_required: true
+  wait_seconds: 5
+expectation:
+  status: "red"
+  symptom: "1 indicator is unhealthy (`pipelines`)"
+  indicators:
+    pipelines:
+      status: "red"
+      symptom: "1 indicator is unhealthy (`abnormally-terminated-pp`)"
+      indicators:
+        abnormally-terminated-pp:
+          status: "red"
+          symptom: "The pipeline is unhealthy; 1 area is impacted and 1 diagnosis is available"
+          diagnosis:
+            - cause: "pipeline is not running, likely because it has encountered an error"
+              action: "view logs to determine the cause of abnormal pipeline shutdown"
+          impacts:
+            - description: "the pipeline is not currently processing"
+              impact_areas: ["pipeline_execution"]
+          details:
+            status:
+              state: "TERMINATED"

.buildkite/scripts/health-report-tests/tests/backpressure-1m.yaml

@@ -0,0 +1,38 @@
+name: "Backpressured in 1min pipeline"
+config:
+  - pipeline.id: backpressure-1m-pp
+    config.string: |
+      input { heartbeat { interval => 0.1 } }
+      filter { failure_injector { degrade_at => [filter] } }
+      output { stdout {} }
+    pipeline.workers: 1
+    pipeline.batch.size: 1
+conditions:
+  full_start_required: true
+  wait_seconds: 70 # give more seconds to make sure time is over the threshold, 1m in this case
+expectation:
+  status: "yellow"
+  symptom: "1 indicator is concerning (`pipelines`)"
+  indicators:
+    pipelines:
+      status: "yellow"
+      symptom: "1 indicator is concerning (`backpressure-1m-pp`)"
+      indicators:
+        backpressure-1m-pp:
+          status: "yellow"
+          symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available"
+          diagnosis:
+            - id: "logstash:health:pipeline:flow:worker_utilization:diagnosis:1m-blocked"
+              cause: "pipeline workers have been completely blocked for at least one minute"
+              action: "address bottleneck or add resources"
+          impacts:
+            - id: "logstash:health:pipeline:flow:impact:blocked_processing"
+              severity: 2
+              description: "the pipeline is blocked"
+              impact_areas: ["pipeline_execution"]
+          details:
+            status:
+              state: "RUNNING"
+            flow:
+              worker_utilization:
+                last_1_minute: 100.0

.buildkite/scripts/health-report-tests/tests/backpressure-5m.yaml

@@ -0,0 +1,39 @@
+name: "Backpressured in 5min pipeline"
+config:
+  - pipeline.id: backpressure-5m-pp
+    config.string: |
+      input { heartbeat { interval => 0.1 } }
+      filter { failure_injector { degrade_at => [filter] } }
+      output { stdout {} }
+    pipeline.workers: 1
+    pipeline.batch.size: 1
+conditions:
+  full_start_required: true
+  wait_seconds: 310 # give more seconds to make sure time is over the threshold, 1m in this case
+expectation:
+  status: "red"
+  symptom: "1 indicator is unhealthy (`pipelines`)"
+  indicators:
+    pipelines:
+      status: "red"
+      symptom: "1 indicator is unhealthy (`backpressure-5m-pp`)"
+      indicators:
+        backpressure-5m-pp:
+          status: "red"
+          symptom: "The pipeline is unhealthy; 1 area is impacted and 1 diagnosis is available"
+          diagnosis:
+            - id: "logstash:health:pipeline:flow:worker_utilization:diagnosis:5m-blocked"
+              cause: "pipeline workers have been completely blocked for at least five minutes"
+              action: "address bottleneck or add resources"
+          impacts:
+            - id: "logstash:health:pipeline:flow:impact:blocked_processing"
+              severity: 1
+              description: "the pipeline is blocked"
+              impact_areas: ["pipeline_execution"]
+          details:
+            status:
+              state: "RUNNING"
+            flow:
+              worker_utilization:
+                last_1_minute: 100.0
+                last_5_minutes: 100.0

.buildkite/scripts/health-report-tests/tests/multipipeline.yaml

@@ -0,0 +1,67 @@
+name: "Multi pipeline"
+config:
+  - pipeline.id: slow-start-pp-multipipeline
+    config.string: |
+      input { heartbeat {} }
+      filter { failure_injector { degrade_at => [register] } }
+      output { stdout {} }
+    pipeline.workers: 1
+    pipeline.batch.size: 1
+  - pipeline.id: normally-terminated-pp-multipipeline
+    config.string: |
+      input { generator { count => 1 } }
+      output { stdout {} }
+    pipeline.workers: 1
+    pipeline.batch.size: 1
+  - pipeline.id: abnormally-terminated-pp-multipipeline
+    config.string: |
+      input { heartbeat { interval => 1 } }
+      filter { failure_injector { crash_at => filter } }
+      output { stdout {} }
+    pipeline.workers: 1
+    pipeline.batch.size: 1
+conditions:
+  full_start_required: false
+  wait_seconds: 10
+expectation:
+  status: "red"
+  symptom: "1 indicator is unhealthy (`pipelines`)"
+  indicators:
+    pipelines:
+      status: "red"
+      symptom: "1 indicator is unhealthy (`abnormally-terminated-pp-multipipeline`) and 2 indicators are concerning (`slow-start-pp-multipipeline`, `normally-terminated-pp-multipipeline`)"
+      indicators:
+        slow-start-pp-multipipeline:
+          status: "yellow"
+          symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available"
+          diagnosis:
+            - cause: "pipeline is loading"
+              action: "if pipeline does not come up quickly, you may need to check the logs to see if it is stalled"
+          impacts:
+            - impact_areas: ["pipeline_execution"]
+          details:
+            status:
+              state: "LOADING"
+        normally-terminated-pp-multipipeline:
+          status: "yellow"
+          symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available"
+          diagnosis:
+            - cause: "pipeline has finished running because its inputs have been closed and events have been processed"
+              action: "if you expect this pipeline to run indefinitely, you will need to configure its inputs to continue receiving or fetching events"
+          impacts:
+            - impact_areas: [ "pipeline_execution" ]
+          details:
+            status:
+              state: "FINISHED"
+        abnormally-terminated-pp-multipipeline:
+          status: "red"
+          symptom: "The pipeline is unhealthy; 1 area is impacted and 1 diagnosis is available"
+          diagnosis:
+            - cause: "pipeline is not running, likely because it has encountered an error"
+              action: "view logs to determine the cause of abnormal pipeline shutdown"
+          impacts:
+            - description: "the pipeline is not currently processing"
+              impact_areas: [ "pipeline_execution" ]
+          details:
+            status:
+              state: "TERMINATED"

.buildkite/scripts/health-report-tests/tests/normal-termination.yaml

@@ -0,0 +1,30 @@
+name: "Successfully terminated pipeline"
+config:
+  - pipeline.id: normally-terminated-pp
+    config.string: |
+      input { generator { count => 1 } }
+      output { stdout {} }
+    pipeline.workers: 1
+    pipeline.batch.size: 1
+conditions:
+  full_start_required: true
+  wait_seconds: 5
+expectation:
+  status: "yellow"
+  symptom: "1 indicator is concerning (`pipelines`)"
+  indicators:
+    pipelines:
+      status: "yellow"
+      symptom: "1 indicator is concerning (`normally-terminated-pp`)"
+      indicators:
+        normally-terminated-pp:
+          status: "yellow"
+          symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available"
+          diagnosis:
+            - cause: "pipeline has finished running because its inputs have been closed and events have been processed"
+              action: "if you expect this pipeline to run indefinitely, you will need to configure its inputs to continue receiving or fetching events"
+          impacts:
+            - impact_areas: ["pipeline_execution"]
+          details:
+            status:
+              state: "FINISHED"

.buildkite/scripts/health-report-tests/tests/slow-start.yaml

@@ -0,0 +1,31 @@
+name: "Slow start pipeline"
+config:
+  - pipeline.id: slow-start-pp
+    config.string: |
+      input { heartbeat {} }
+      filter { failure_injector { degrade_at => [register] } }
+      output { stdout {} }
+    pipeline.workers: 1
+    pipeline.batch.size: 1
+conditions:
+  full_start_required: false
+  wait_seconds: 0
+expectation:
+  status: "yellow"
+  symptom: "1 indicator is concerning (`pipelines`)"
+  indicators:
+    pipelines:
+      status: "yellow"
+      symptom: "1 indicator is concerning (`slow-start-pp`)"
+      indicators:
+        slow-start-pp:
+          status: "yellow"
+          symptom: "The pipeline is concerning; 1 area is impacted and 1 diagnosis is available"
+          diagnosis:
+            - cause: "pipeline is loading"
+              action: "if pipeline does not come up quickly, you may need to check the logs to see if it is stalled"
+          impacts:
+            - impact_areas: ["pipeline_execution"]
+          details:
+            status:
+              state: "LOADING"

.buildkite/scripts/health-report-tests/util.py

@@ -0,0 +1,36 @@
+import os
+import requests
+import subprocess
+from requests.adapters import HTTPAdapter, Retry
+
+
+def call_url_with_retry(url: str, max_retries: int = 5, delay: int = 1) -> requests.Response:
+    f"""
+    Calls the given {url} with maximum of {max_retries} retries with {delay} delay.
+    """
+    schema = "https://" if "https://" in url else "http://"
+    session = requests.Session()
+    # retry on most common failures such as connection timeout(408), etc...
+    retries = Retry(total=max_retries, backoff_factor=delay, status_forcelist=[408, 502, 503, 504])
+    session.mount(schema, HTTPAdapter(max_retries=retries))
+    return session.get(url)
+
+
+def git_check_out_branch(branch_name: str) -> None:
+    f"""
+    Checks out specified branch or fails with error if checkout operation fails.
+    """
+    run_or_raise_error(["git", "checkout", branch_name],
+                       "Error occurred while checking out the " + branch_name + " branch")
+
+
+def run_or_raise_error(commands: list, error_message):
+    f"""
+    Executes the {list} commands and raises an {Exception} if opration fails.
+    """
+    result = subprocess.run(commands, env=os.environ.copy(), universal_newlines=True, stdout=subprocess.PIPE)
+    if result.returncode != 0:
+        full_error_message = (error_message + ", output: " + result.stdout.decode('utf-8')) \
+            if result.stdout else error_message
+        raise Exception(f"{full_error_message}")
+

.buildkite/scripts/jdk-matrix-tests/generate-steps.py

@@ -0,0 +1,398 @@
+import abc
+import copy
+from dataclasses import dataclass, field
+import os
+import sys
+import typing
+from functools import partial
+
+from ruamel.yaml import YAML
+from ruamel.yaml.scalarstring import LiteralScalarString
+
+ENABLED_RETRIES = {"automatic": [{"limit": 3}]}
+
+@dataclass
+class JobRetValues:
+    step_label: str
+    command: str
+    step_key: str
+    depends: str
+    agent: typing.Dict[typing.Any, typing.Any]
+    retry: typing.Optional[typing.Dict[typing.Any, typing.Any]] = None
+    artifact_paths: list = field(default_factory=list)
+
+
+class GCPAgent:
+    def __init__(self, image: str, machineType: str, diskSizeGb: int = 200, diskType: str = "pd-ssd") -> None:
+        self.provider = "gcp"
+        self.imageProject = "elastic-images-prod"
+        self.image = image
+        self.machineType = machineType
+        self.diskSizeGb = diskSizeGb
+        self.diskType = diskType
+
+    def to_dict(self):
+        return {
+            "provider": self.provider,
+            "imageProject": self.imageProject,
+            "image": self.image,
+            "machineType": self.machineType,
+            "diskSizeGb": self.diskSizeGb,
+            "diskType": self.diskType,
+        }
+
+
+class AWSAgent:
+    def __init__(self, imagePrefix: str, instanceType: str, diskSizeGb: int):
+        self.provider = "aws"
+        self.imagePrefix = imagePrefix
+        self.instanceType = instanceType
+        self.diskSizeGb = diskSizeGb
+
+    def to_dict(self):
+        return {
+            "provider": self.provider,
+            "imagePrefix": self.imagePrefix,
+            "instanceType": self.instanceType,
+            "diskSizeGb": self.diskSizeGb,   
+        }
+    
+class DefaultAgent:
+    """
+    Represents an empty agent definition which makes Buildkite use the default agent i.e. a container
+    """
+
+    def __init__(self) -> None:
+        pass
+
+    def to_json(self) -> typing.Dict:
+        return {}
+    
+
+@dataclass
+class BuildkiteEmojis:
+    running: str = ":bk-status-running:"
+    success: str = ":bk-status-passed:"
+    failed: str = ":bk-status-failed:"
+
+def slugify_bk_key(key: str) -> str:
+    """
+    Convert and return key to an acceptable format for Buildkite's key: field
+    Only alphanumerics, dashes and underscores are allowed.
+    """
+
+    mapping_table = str.maketrans({'.': '_', ' ': '_', '/': '_'})
+
+    return key.translate(mapping_table)
+
+def get_bk_metadata(key: str) -> typing.List[str]:
+    try:
+      return os.environ[key].split()
+    except KeyError:
+        print(f"Missing environment variable [{key}]. This should be set before calling this script using buildkite-agent meta-data get. Exiting.")
+        exit(1)
+
+def bk_annotate(body: str, context: str, mode = "") -> str:
+    cmd = f"""buildkite-agent annotate --style=info --context={context} """
+    if mode:
+        cmd += f"--{mode} "
+
+    cmd += f"\"{body}\n\""
+    return cmd
+
+
+class Jobs(abc.ABC):
+    def __init__(self, os: str, jdk: str, group_key: str, agent: typing.Union[GCPAgent, AWSAgent]):
+        self.os = os
+        self.jdk = jdk
+        self.group_key = group_key
+        self.init_annotation_key = f"{os}-{jdk}-initialize-annotation"
+        self.agent = agent
+
+    def init_annotation(self) -> JobRetValues:
+        """
+        Command for creating the header of a new annotation for a group step
+        """
+
+        body = f"### Group: {self.os} / {self.jdk}\n| **Status** | **Test** |\n| --- | ----|"
+
+        return JobRetValues(
+            step_label="Initialize annotation",
+            command=LiteralScalarString(bk_annotate(body=body, context=self.group_key)),
+            step_key=self.init_annotation_key,
+            depends="",
+            agent=DefaultAgent().to_json(),
+        )
+
+    @abc.abstractmethod
+    def all_jobs(self) -> list[typing.Callable[[], typing.Tuple[str, str]]]:
+        pass
+
+
+class WindowsJobs(Jobs):
+    def __init__(self, os: str, jdk: str, group_key: str, agent: typing.Union[GCPAgent, AWSAgent]):
+      super().__init__(os=os, jdk=jdk, group_key=group_key, agent=agent)
+
+    def all_jobs(self) -> list[typing.Callable[[], JobRetValues]]:
+        return [
+          self.init_annotation,
+          self.java_unit_test,
+          self.ruby_unit_test,          
+        ]
+
+    def java_unit_test(self) -> JobRetValues:
+        step_name_human = "Java Unit Test"
+        step_key = f"{self.group_key}-java-unit-test"
+        test_command = rf'''.\\.buildkite\\scripts\\jdk-matrix-tests\\launch-command.ps1 -JDK "{self.jdk}" -StepNameHuman "{step_name_human}" -AnnotateContext "{self.group_key}" -CIScript ".\\ci\\unit_tests.ps1 java" -Annotate
+        '''
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=LiteralScalarString(test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            artifact_paths=["build_reports.zip"],
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def ruby_unit_test(self) -> JobRetValues:
+        step_name_human = "Ruby Unit Test"
+        step_key = f"{self.group_key}-ruby-unit-test"
+        test_command = rf'''.\\.buildkite\\scripts\\jdk-matrix-tests\\launch-command.ps1 -JDK "{self.jdk}" -StepNameHuman "{step_name_human}" -AnnotateContext "{self.group_key}" -CIScript ".\\ci\\unit_tests.ps1 ruby" -Annotate
+        '''
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=LiteralScalarString(test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            artifact_paths=["build_reports.zip"],
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+
+class LinuxJobs(Jobs):
+    def __init__(self, os: str, jdk: str, group_key: str, agent: typing.Union[GCPAgent, AWSAgent]):
+      super().__init__(os=os, jdk=jdk, group_key=group_key, agent=agent)
+
+    def all_jobs(self) -> list[typing.Callable[[], JobRetValues]]:
+        jobs=list()
+        jobs.append(self.init_annotation)
+        jobs.append(self.java_unit_test)
+        jobs.append(self.ruby_unit_test)
+        jobs.extend(self.integration_test_parts(3))
+        jobs.extend(self.pq_integration_test_parts(3))
+        jobs.append(self.x_pack_unit_tests)
+        jobs.append(self.x_pack_integration)
+        return jobs
+
+    def prepare_shell(self) -> str:
+        jdk_dir = f"/opt/buildkite-agent/.java/{self.jdk}"
+        return f"""#!/usr/bin/env bash
+set -euo pipefail
+
+# unset generic JAVA_HOME
+unset JAVA_HOME
+
+# LS env vars for JDK matrix tests
+export BUILD_JAVA_HOME={jdk_dir}
+export RUNTIME_JAVA_HOME={jdk_dir}
+export LS_JAVA_HOME={jdk_dir}
+
+export PATH="/opt/buildkite-agent/.rbenv/bin:/opt/buildkite-agent/.pyenv/bin:$PATH"
+eval "$(rbenv init -)"
+"""
+
+    def failed_step_annotation(self, step_name_human) -> str:
+        return bk_annotate(body=f"| {BuildkiteEmojis.failed} | {step_name_human} |", context=self.group_key, mode="append")
+
+    def succeeded_step_annotation(self, step_name_human) -> str:
+        return bk_annotate(body=f"| {BuildkiteEmojis.success} | {step_name_human} |", context=self.group_key, mode="append")
+
+    def emit_command(self, step_name_human, test_command: str) -> str:
+        return LiteralScalarString(f"""
+{self.prepare_shell()}
+# temporarily disable immediate failure on errors, so that we can update the BK annotation
+set +eo pipefail
+{test_command}
+if [[ $$? -ne 0 ]]; then
+    {self.failed_step_annotation(step_name_human)}
+  exit 1
+else
+    {self.succeeded_step_annotation(step_name_human)}
+fi
+      """)
+
+    def java_unit_test(self) -> JobRetValues:
+        step_name_human = "Java Unit Test"
+        step_key = f"{self.group_key}-java-unit-test"
+        test_command = '''
+export ENABLE_SONARQUBE="false"
+ci/unit_tests.sh java
+        '''
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def ruby_unit_test(self) -> JobRetValues:
+        step_name_human = "Ruby Unit Test"
+        step_key = f"{self.group_key}-ruby-unit-test"
+        test_command = """
+ci/unit_tests.sh ruby
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def integration_test_parts(self, parts) -> list[partial[JobRetValues]]:
+        return [partial(self.integration_tests, part=idx+1, parts=parts) for idx in range(parts)]
+
+    def integration_tests(self, part: int, parts: int) -> JobRetValues:
+        step_name_human = f"Integration Tests - {part}/{parts}"
+        step_key = f"{self.group_key}-integration-tests-{part}-of-{parts}"
+        test_command = f"""
+ci/integration_tests.sh split {part-1} {parts}
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def pq_integration_test_parts(self, parts) -> list[partial[JobRetValues]]:
+        return [partial(self.pq_integration_tests, part=idx+1, parts=parts) for idx in range(parts)]
+
+    def pq_integration_tests(self, part: int, parts: int) -> JobRetValues:
+        step_name_human = f"IT Persistent Queues - {part}/{parts}"
+        step_key = f"{self.group_key}-it-persistent-queues-{part}-of-{parts}"
+        test_command = f"""
+export FEATURE_FLAG=persistent_queues
+ci/integration_tests.sh split {part-1} {parts}
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def x_pack_unit_tests(self) -> JobRetValues:
+        step_name_human = "x-pack unit tests"
+        step_key = f"{self.group_key}-x-pack-unit-test"
+        test_command = """
+x-pack/ci/unit_tests.sh
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+    def x_pack_integration(self) -> JobRetValues:
+        step_name_human = "x-pack integration"
+        step_key = f"{self.group_key}-x-pack-integration"
+        test_command = """
+x-pack/ci/integration_tests.sh
+        """
+
+        return JobRetValues(
+            step_label=step_name_human,
+            command=self.emit_command(step_name_human, test_command),
+            step_key=step_key,
+            depends=self.init_annotation_key,
+            agent=self.agent.to_dict(),
+            retry=copy.deepcopy(ENABLED_RETRIES),
+        )
+
+
+if __name__ == "__main__":
+    matrix_oses = get_bk_metadata(key="MATRIX_OSES")
+    matrix_jdkes = get_bk_metadata(key="MATRIX_JDKS")
+
+    pipeline_name = os.environ.get("BUILDKITE_PIPELINE_NAME", "").lower()
+
+    structure = {"steps": []}
+
+    for matrix_os in matrix_oses:
+        gcpAgent = GCPAgent(
+            image=f"family/platform-ingest-logstash-multi-jdk-{matrix_os}",
+            machineType="n2-standard-4",
+            diskSizeGb=200,
+            diskType="pd-ssd",
+        )
+
+        awsAgent = AWSAgent(
+            imagePrefix=f"platform-ingest-logstash-multi-jdk-{matrix_os}",
+            instanceType="m5.2xlarge",
+            diskSizeGb=200,
+        )
+
+        for matrix_jdk in matrix_jdkes:
+          group_name = f"{matrix_os}/{matrix_jdk}"
+          group_key = slugify_bk_key(group_name)
+
+          agent = awsAgent if "amazon" in matrix_os else gcpAgent
+
+          if "windows" in pipeline_name:
+            jobs = WindowsJobs(os=matrix_os, jdk=matrix_jdk, group_key=group_key, agent=agent)
+          else:
+            jobs = LinuxJobs(os=matrix_os, jdk=matrix_jdk, group_key=group_key, agent=agent)
+
+          group_steps = []
+          for job in jobs.all_jobs():
+            job_values = job()
+
+            step = {
+              "label": f"{job_values.step_label}",
+              "key": job_values.step_key,
+            }
+
+            if job_values.depends:
+                step["depends_on"] = job_values.depends
+
+            if job_values.agent:
+                step["agents"] = job_values.agent
+
+            if job_values.artifact_paths:
+                step["artifact_paths"] = job_values.artifact_paths
+
+            if job_values.retry:
+                step["retry"] = job_values.retry
+
+            step["command"] = job_values.command
+
+            group_steps.append(step)
+
+
+          structure["steps"].append({
+            "group": group_name,
+            "key": slugify_bk_key(group_name),
+            "steps": group_steps})
+
+    print('# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json')
+    YAML().dump(structure, sys.stdout)

.buildkite/scripts/jdk-matrix-tests/launch-command.ps1

@@ -0,0 +1,51 @@
+# ********************************************************
+# This file contains prerequisite bootstrap invocations
+# required for Logstash CI JDK matrix tests
+# ********************************************************
+
+param (
+    [string]$JDK,
+    [string]$CIScript,
+    [string]$StepNameHuman,
+    [string]$AnnotateContext,
+    [switch]$Annotate
+)
+
+# expand previous buildkite folded section (command invocation)
+Write-Host "^^^ +++"
+
+# unset generic JAVA_HOME
+if (Test-Path env:JAVA_HOME) {
+    Remove-Item -Path env:JAVA_HOME
+    Write-Host "--- Environment variable 'JAVA_HOME' has been unset."
+} else {
+    Write-Host "--- Environment variable 'JAVA_HOME' doesn't exist. Continuing."
+}
+
+# LS env vars for JDK matrix tests
+$JAVA_CUSTOM_DIR = "C:\Users\buildkite\.java\$JDK"
+$env:BUILD_JAVA_HOME = $JAVA_CUSTOM_DIR
+$env:RUNTIME_JAVA_HOME = $JAVA_CUSTOM_DIR
+$env:LS_JAVA_HOME = $JAVA_CUSTOM_DIR
+
+Write-Host "--- Running test: $CIScript"
+try {
+    Invoke-Expression $CIScript
+
+    if ($LASTEXITCODE -ne 0) {
+        throw "Test script $CIScript failed with a non-zero code: $LASTEXITCODE"
+    }
+
+    if ($Annotate) {
+        C:\buildkite-agent\bin\buildkite-agent.exe annotate --context="$AnnotateContext" --append "| :bk-status-passed: | $StepNameHuman |`n"
+    }
+} catch {
+    # tests failed
+    Write-Host "^^^ +++"
+    if ($Annotate) {
+        C:\buildkite-agent\bin\buildkite-agent.exe annotate --context="$AnnotateContext" --append "| :bk-status-failed: | $StepNameHuman |`n"
+        Write-Host "--- Archiving test reports"
+        & "7z.exe" a -r .\build_reports.zip .\logstash-core\build\reports\tests
+    }
+    exit 1
+}

.buildkite/scripts/setup_java.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -e
+
+install_java() {
+  # TODO: let's think about regularly creating a custom image for Logstash which may align on version.yml definitions
+  sudo apt update && sudo apt install -y openjdk-21-jdk && sudo apt install -y openjdk-21-jre
+}
+
+install_java

.buildkite/scripts/snyk/report.sh

@@ -0,0 +1,76 @@
+#!/bin/bash
+
+set -e
+
+TARGET_BRANCHES=("main")
+
+install_java_11() {
+  curl -L -s "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.24%2B8/OpenJDK11U-jdk_x64_linux_hotspot_11.0.24_8.tar.gz" | tar -zxf -
+}
+
+# Resolves the branches we are going to track
+resolve_latest_branches() {
+  source .buildkite/scripts/snyk/resolve_stack_version.sh
+}
+
+# Build Logstash specific branch to generate Gemlock file where Snyk scans
+build_logstash() {
+  ./gradlew clean bootstrap assemble installDefaultGems
+}
+
+# Downloads snyk distribution
+download_auth_snyk() {
+  echo "Downloading snyk..."
+  curl https://static.snyk.io/cli/latest/snyk-linux -o snyk
+  chmod +x ./snyk
+
+  vault_path=secret/ci/elastic-logstash/snyk-creds
+  SNYK_TOKEN=$(vault read -field=token "${vault_path}")
+  ./snyk auth "$SNYK_TOKEN"
+}
+
+# Reports vulnerabilities to the Snyk
+report() {
+  REMOTE_REPO_URL=$1
+  echo "Reporting $REMOTE_REPO_URL branch."
+  if [ "$REMOTE_REPO_URL" != "main" ] && [ "$REMOTE_REPO_URL" != "8.x" ]; then
+    MAJOR_VERSION=$(echo "$REMOTE_REPO_URL"| cut -d'.' -f 1)
+    REMOTE_REPO_URL="$MAJOR_VERSION".latest
+    echo "Using '$REMOTE_REPO_URL' remote repo url."
+  fi
+
+  # adding git commit hash to Snyk tag to improve visibility
+  # for big projects Snyk recommends pruning dependencies
+  # https://support.snyk.io/hc/en-us/articles/360002061438-CLI-returns-the-error-Failed-to-get-Vulns
+  GIT_HEAD=$(git rev-parse --short HEAD 2> /dev/null)
+  ./snyk monitor --prune-repeated-subdependencies --all-projects --org=logstash --remote-repo-url="$REMOTE_REPO_URL" --target-reference="$REMOTE_REPO_URL" --detection-depth=6 --exclude=qa,tools,devtools,requirements.txt --project-tags=branch="$TARGET_BRANCH",git_head="$GIT_HEAD" || :
+}
+
+resolve_latest_branches
+download_auth_snyk
+
+# clone Logstash repo, build and report
+for TARGET_BRANCH in "${TARGET_BRANCHES[@]}"
+do
+  if [ "$TARGET_BRANCH" == "7.17" ]; then
+    echo "Installing and configuring JDK11."
+    export OLD_PATH=$PATH
+    install_java_11
+    export PATH=$PWD/jdk-11.0.24+8/bin:$PATH
+  fi
+  git reset --hard HEAD # reset if any generated files appeared
+  # check if target branch exists
+  echo "Checking out $TARGET_BRANCH branch."
+  if git checkout "$TARGET_BRANCH"; then
+    build_logstash
+    report "$TARGET_BRANCH"
+  else
+    echo "$TARGET_BRANCH branch doesn't exist."
+  fi
+  if [ "$TARGET_BRANCH" == "7.17" ]; then
+    # reset state
+    echo "Removing JDK11 installation."
+    rm -rf jdk-11.0.24+8
+    export PATH=$OLD_PATH
+  fi
+done

.buildkite/scripts/snyk/resolve_stack_version.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# This script resolves latest version from VERSION_URL SNAPSHOTS based on given N.x (where N is a precise, ex 8.x)
+# Why Snapshot? - the 7.latest and 8.latest branchs will be accurately places in snapshots, not in releases.
+# Ensure you have set the ELASTIC_STACK_VERSION environment variable.
+
+set -e
+
+VERSION_URL="https://storage.googleapis.com/artifacts-api/snapshots/branches.json"
+
+echo "Fetching versions from $VERSION_URL"
+readarray -t TARGET_BRANCHES < <(curl --retry-all-errors --retry 5 --retry-delay 5 -fsSL $VERSION_URL | jq -r '.branches[]')
+echo "${TARGET_BRANCHES[@]}"
+

.buildkite/serverless_integration_pipeline.yml

@@ -0,0 +1,57 @@
+agents:
+  provider: "gcp"
+  machineType: "n1-standard-4"
+  image: family/core-ubuntu-2204
+
+steps:
+  - label: "DLQ rspec integration test"
+    command: ./.buildkite/scripts/setup_java.sh && ./ci/serverless/dlq_rspec_tests.sh
+    retry:
+      automatic:
+        - limit: 3
+  - label: "es-output test"
+    command: ./.buildkite/scripts/setup_java.sh && ./ci/serverless/es_output_tests.sh
+    retry:
+      automatic:
+        - limit: 3
+  - label: "es-input test"
+    command: ./.buildkite/scripts/setup_java.sh && ./ci/serverless/es_input_tests.sh
+    retry:
+      automatic:
+        - limit: 3
+  - label: "es-filter test"
+    command: ./.buildkite/scripts/setup_java.sh && ./ci/serverless/es_filter_tests.sh
+    retry:
+      automatic:
+        - limit: 3
+  - label: "elastic_integration filter test"
+    command: ./.buildkite/scripts/setup_java.sh && ./ci/serverless/elastic_integration_filter_tests.sh
+    retry:
+      automatic:
+        - limit: 3
+  - label: "central pipeline management test"
+    command: ./.buildkite/scripts/setup_java.sh && ./ci/serverless/cpm_tests.sh
+    # Legacy monitoring is disabled. Serverless does not support /_monitoring/bulk, hence the test always fails to ingest metrics.
+    retry:
+      automatic:
+        - limit: 3
+  - label: "Logstash legacy monitoring test"
+    command: ./.buildkite/scripts/setup_java.sh && ./ci/serverless/monitoring_tests.sh
+    skip: true
+    # Kibana API is disabled as it is not available with the current configuration in QA
+    retry:
+      automatic:
+        - limit: 3
+  - label: "Kibana API test"
+    command: ./.buildkite/scripts/setup_java.sh && ./ci/serverless/kibana_api_tests.sh
+    skip: true
+    # Metricbeat stack monitoring is disabled
+    retry:
+      automatic:
+        - limit: 3
+  - label: "metricbeat test is disabled as metricbeat has not disabled /_ilm yet"
+    command: ./.buildkite/scripts/setup_java.sh && ./ci/serverless/metricbeat_monitoring_tests.sh
+    skip: true
+    retry:
+      automatic:
+        - limit: 3

.buildkite/snyk_report_pipeline.yml

@@ -0,0 +1,14 @@
+agents:
+  image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+  cpu: "2"
+  memory: "4Gi"
+  ephemeralStorage: "64Gi"
+
+steps:
+  # reports main, previous (ex: 7.latest) and current (ex: 8.latest) release branches to Snyk
+  - label: ":hammer: Report to Snyk"
+    command:
+      - .buildkite/scripts/snyk/report.sh
+    retry:
+      automatic:
+        - limit: 3

.buildkite/supported_plugins_test_pipeline.yml

@@ -0,0 +1,77 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+agents:
+  image: "docker.elastic.co/ci-agent-images/platform-ingest/buildkite-agent-logstash-ci"
+  cpu: "8"
+  memory: "16Gi"
+  ephemeralStorage: "200Gi"
+
+steps:
+  - group: "Tier1 plugins test group"
+    key: "tier1_plugins"
+    steps:
+      - label: "Test input file plugin"
+        command: |
+          source .buildkite/scripts/common/vm-agent.sh
+          ./ci/test_plugins.sh -p logstash-input-file
+        # Workaround for https://github.com/elastic/ingest-dev/issues/2676
+        agents:
+          provider: gcp
+          imageProject: elastic-images-prod
+          image: family/platform-ingest-logstash-ubuntu-2204
+          machineType: "n2-standard-4"
+          diskSizeGb: 120
+      - label: "Test rest of Tier1 inputs"
+        command: |
+          source .buildkite/scripts/common/vm-agent.sh
+          ./ci/test_plugins.sh -p logstash-input-azure_event_hubs,logstash-input-beats,logstash-input-elasticsearch,logstash-input-generator,logstash-input-heartbeat,logstash-input-http,logstash-input-http_poller,logstash-input-redis,logstash-input-stdin,logstash-input-syslog,logstash-input-udp
+        # Workaround for https://github.com/elastic/ingest-dev/issues/2676
+        agents:
+          provider: gcp
+          imageProject: elastic-images-prod
+          image: family/platform-ingest-logstash-ubuntu-2204
+          machineType: "n2-standard-4"
+          diskSizeGb: 120
+      - label: "Test Tier1 filters"
+        command: ./ci/test_plugins.sh -t tier1 -k filter
+      - label: "Test Tier1 codecs"
+        command: ./ci/test_plugins.sh -t tier1 -k codec
+      - label: "Test Tier1 outputs"
+        command: ./ci/test_plugins.sh -t tier1 -k output
+      - label: "Test Tier1 integrations"
+        command: |
+          source .buildkite/scripts/common/vm-agent.sh
+          ./ci/test_plugins.sh -t tier1 -k integration
+        # Workaround to avoid errors on chmod of files
+        agents:
+          provider: gcp
+          imageProject: elastic-images-prod
+          image: family/platform-ingest-logstash-ubuntu-2204
+          machineType: "n2-standard-4"
+          diskSizeGb: 120  
+
+  - group: "Tier2 plugins test group"
+    key: "tier2_plugins"
+    steps:
+      - label: "Test Tier2 inputs"
+        command: ./ci/test_plugins.sh -t tier2 -k input
+      - label: "Test Tier2 filters"
+        command: ./ci/test_plugins.sh -t tier2 -k filter
+      - label: "Test Tier2 codecs"
+        command: |
+          source .buildkite/scripts/common/vm-agent.sh
+          ./ci/test_plugins.sh -t tier2 -k codec
+        agents:
+          provider: gcp
+          imageProject: elastic-images-prod
+          image: family/platform-ingest-logstash-ubuntu-2204
+          machineType: "n2-standard-4"
+          diskSizeGb: 120
+      - label: "Test Tier2 outputs"
+        command: ./ci/test_plugins.sh -t tier2 -k output
+
+  - group: "Unsupported plugins test group"
+    key: "unsupported_plugins"
+    steps:
+      - label: "Test unsupported inputs"
+        command: ./ci/test_plugins.sh -t unsupported -k input

.buildkite/trigger_pipelines.yml

@@ -0,0 +1,5 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+steps:
+  - label: ":pipeline: Generate trigger steps for $PIPELINES_TO_TRIGGER"
+    command: ".buildkite/scripts/common/trigger-pipeline-generate-steps.sh"

.buildkite/windows_jdk_matrix_pipeline.yml

@@ -0,0 +1,73 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json
+
+env:
+  DEFAULT_MATRIX_OS: "windows-2022"
+  DEFAULT_MATRIX_JDK: "adoptiumjdk_21"
+
+steps:
+  - input: "Test Parameters"
+    if: build.source != "schedule" && build.source != "trigger_job"
+    fields:
+      - select: "Operating System"
+        key: "matrix-os"
+        hint: "The operating system variant(s) to run on:"
+        required: true
+        multiple: true
+        default: "${DEFAULT_MATRIX_OS}"
+        options:
+          - label: "Windows 2025"
+            value: "windows-2025"
+          - label: "Windows 2022"
+            value: "windows-2022"
+          - label: "Windows 2019"
+            value: "windows-2019"
+          - label: "Windows 2016"
+            value: "windows-2016"
+
+      - select: "Java"
+        key: "matrix-jdk"
+        hint: "The JDK to test with:"
+        required: true
+        multiple: true
+        default: "${DEFAULT_MATRIX_JDK}"
+        options:
+          - label: "Adoptium JDK 21 (Eclipse Temurin)"
+            value: "adoptiumjdk_21"
+          - label: "Adoptium JDK 17 (Eclipse Temurin)"
+            value: "adoptiumjdk_17"
+          - label: "OpenJDK 21"
+            value: "openjdk_21"
+          - label: "OpenJDK 17"
+            value: "openjdk_17"
+          - label: "Zulu 21"
+            value: "zulu_21"
+          - label: "Zulu 17"
+            value: "zulu_17"
+
+  - wait: ~
+    if: build.source != "schedule" && build.source != "trigger_job"
+
+  - command: |
+      set -euo pipefail
+
+      echo "--- Downloading prerequisites"
+      python3 -m pip install ruamel.yaml
+
+      echo "--- Printing generated dynamic steps"
+      export MATRIX_OSES="$(buildkite-agent meta-data get matrix-os --default=${DEFAULT_MATRIX_OS})"
+      export MATRIX_JDKS="$(buildkite-agent meta-data get matrix-jdk --default=${DEFAULT_MATRIX_JDK})"
+      set +eo pipefail
+      python3 .buildkite/scripts/jdk-matrix-tests/generate-steps.py >pipeline_steps.yml
+      if [[ $$? -ne 0 ]]; then
+        echo "^^^ +++"
+        echo "There was a problem rendering the pipeline steps."
+        cat pipeline_steps.yml
+        echo "Exiting now."
+        exit 1
+      else
+        set -eo pipefail
+        cat pipeline_steps.yml
+      fi
+
+      echo "--- Uploading steps to buildkite"
+      cat pipeline_steps.yml | buildkite-agent pipeline upload

.ci/Makefile

@@ -0,0 +1,42 @@
+.SILENT:
+MAKEFLAGS += --no-print-directory
+.SHELLFLAGS = -euc
+SHELL = /bin/bash
+
+#######################
+## Templates
+#######################
+## Mergify template
+define MERGIFY_TMPL
+
+  - name: backport patches to $(BRANCH) branch
+    conditions:
+      - merged
+      - base=main
+      - label=$(BACKPORT_LABEL)
+    actions:
+      backport:
+        branches:
+          - "$(BRANCH)"
+endef
+
+# Add mergify entry for the new backport label
+.PHONY: mergify
+export MERGIFY_TMPL
+mergify: BACKPORT_LABEL=$${BACKPORT_LABEL} BRANCH=$${BRANCH} PUSH_BRANCH=$${PUSH_BRANCH}
+mergify:
+	@echo ">> mergify"
+	echo "$$MERGIFY_TMPL" >> ../.mergify.yml
+	git add ../.mergify.yml
+	git status
+	if [ ! -z "$$(git status --porcelain)" ]; then \
+		git commit -m "mergify: add $(BACKPORT_LABEL) rule"; \
+		git push origin $(PUSH_BRANCH) ; \
+	fi
+
+# Create GitHub backport label
+.PHONY: backport-label
+backport-label: BACKPORT_LABEL=$${BACKPORT_LABEL}
+backport-label:
+	@echo ">> backport-label"
+	gh label create $(BACKPORT_LABEL) --description "Automated backport with mergify" --color 0052cc --force

.ci/java-versions.properties

@@ -0,0 +1,2 @@
+LS_BUILD_JAVA=adoptiumjdk_21
+LS_RUNTIME_JAVA=adoptiumjdk_21

.fossa.yml

@@ -0,0 +1,55 @@
+# Generated by FOSSA CLI (https://github.com/fossas/fossa-cli)
+# Visit https://fossa.com to learn more
+
+version: 2
+cli:
+  server: https://app.fossa.com
+  fetcher: custom
+  project: git@github.com:elastic/logstash.git
+analyze:
+  modules:
+    - name: Logstash gems
+      type: bundler
+      strategy: lockfile
+      target: .
+      path: .
+    - name: benchmark-cli
+      type: gradle
+      target: 'benchmark-cli:'
+      path: .
+    - name: dependencies-report
+      type: gradle
+      target: 'dependencies-report:'
+      path: .
+    - name: logstash-core
+      type: gradle
+      target: 'logstash-core:'
+      path: .
+    - name: logstash-core-benchmarks
+      type: gradle
+      target: 'logstash-core-benchmarks:'
+      path: .
+    - name: logstash-integration-tests
+      type: gradle
+      target: 'logstash-integration-tests:'
+      path: .
+    - name: logstash-xpack
+      type: gradle
+      target: 'logstash-xpack:'
+    #   path: .
+    # - name: docker
+    #   type: pip
+    #   target: docker
+    #   path: docker
+    # - name: Gemfile
+    #   type: gem
+    #   target: qa
+    #   path: qa
+    # - name: Gemfile
+    #   type: gem
+    #   target: qa/integration
+    #   path: qa/integration
+    # - name: Gemfile
+    #   type: gem
+    #   target: tools/paquet
+    #   path: tools/paquet

.github/ISSUE_TEMPLATE.md

@@ -1,14 +0,0 @@
-Please post all product and debugging questions on our [forum](https://discuss.elastic.co/c/logstash). Your questions will reach our wider community members there, and if we confirm that there is a bug, then we can open a new issue here.
-
-For security vulnerabilities please only send reports to security@elastic.co.
-See https://www.elastic.co/community/security for more information.
-
-Logstash Plugins are located in a different organization: https://github.com/logstash-plugins. For bugs on specific Logstash plugins, for example, if Redis Output has a defect, please open it in the respective Redis Output repository. 
-
-For all general issues, please provide the following details for fast resolution:
-
-- Version:
-- Operating System:
-- Config File (if you have sensitive info, please remove it):
-- Sample Data:
-- Steps to Reproduce:

.github/ISSUE_TEMPLATE/bug.md

@@ -0,0 +1,56 @@
+---
+name: Bug
+about: "Report a confirmed bug. For unconfirmed bugs please
+ visit https://discuss.elastic.co/c/logstash"
+labels: "bug,status:needs-triage"
+
+---
+<!--
+GitHub is reserved for bug reports and feature requests; it is not the place
+for general questions. If you have a question or an unconfirmed bug , please
+visit the [forums](https://discuss.elastic.co/c/logstash).  Please also
+check your OS is [supported](https://www.elastic.co/support/matrix#show_os).
+If it is not, the issue is likely to be closed.
+
+Logstash Plugins are located in a different organization: [logstash-plugins](https://github.com/logstash-plugins). For bugs on specific Logstash plugins, for example, if Redis Output has a defect, please open it in the respective Redis Output repository.
+
+For security vulnerabilities please only send reports to security@elastic.co.
+See https://www.elastic.co/community/security for more information.
+
+Please fill in the following details to help us reproduce the bug:
+-->
+
+**Logstash information**:
+
+Please include the following information:
+
+1. Logstash version (e.g. `bin/logstash --version`)
+2. Logstash installation source (e.g. built from source, with a package manager: DEB/RPM, expanded from tar or zip archive, docker)
+3. How is Logstash being run (e.g. as a service/service manager: systemd, upstart, etc. Via command line, docker/kubernetes)
+
+**Plugins installed**: (`bin/logstash-plugin list --verbose`)
+
+**JVM** (e.g. `java -version`):
+
+If the affected version of Logstash is 7.9 (or earlier), or if it is NOT using the bundled JDK or using the 'no-jdk' version in 7.10 (or higher), please provide the following information:
+
+1. JVM version (`java -version`)
+2. JVM installation source (e.g. from the Operating System's package manager, from source, etc).
+3. Value of the `LS_JAVA_HOME` environment variable if set.
+
+**OS version** (`uname -a` if on a Unix-like system):
+
+**Description of the problem including expected versus actual behavior**:
+
+**Steps to reproduce**:
+
+Please include a *minimal* but *complete* recreation of the problem,
+including (e.g.) pipeline definition(s), settings, locale, etc.  The easier
+you make for us to reproduce it, the more likely that somebody will take the
+time to look at it.
+
+ 1.
+ 2.
+ 3.
+
+**Provide logs (if relevant)**:

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,11 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Question
+    url: https://discuss.elastic.co/c/logstash
+    about: Ask (and answer) questions here.
+  - name: Security Vulnerability
+    url: https://www.elastic.co/community/security
+    about: Send security vulnerability reports to security@elastic.co.
+  - name: Plugin Issue
+    url: https://github.com/logstash-plugins
+    about: Plugins for Logstash do the heavy lifting when it comes to integrating with a variety of external technologies and services. If your issue has to do with a specific plugin, please file it in the appropriate repository. 

.github/ISSUE_TEMPLATE/doc-request.md

@@ -0,0 +1,26 @@
+---
+name: Documentation
+about: Report a documentation issue
+labels: "docs,status:needs-triage"
+
+---
+<!--
+Please search [existing issues](https://github.com/elastic/logstash/issues?q=is%3Aopen+is%3Aissue+label%3Adocs). The issue may already exist.
+-->
+
+#### Tell us about the issue
+<!--
+What's the problem? Is information missing? Inaccurate? Just not clear?
+Please include a link to the page (if applicable).
+
+-->
+**Description:**  
+
+
+**URL:** 
+
+Example: https://www.elastic.co/guide/en/logstash/current/introduction.html
+
+
+**Anything else?** 
+

.github/ISSUE_TEMPLATE/feature-request.md

@@ -0,0 +1,21 @@
+---
+name: Feature Request
+about: Request a new feature or suggest an enhancement to an existing one
+labels: "enhancement,status:needs-triage"
+
+---
+<!--
+Please first search existing issues for the feature you are requesting;
+it may already exist, even as a closed issue.
+-->
+
+<!--
+Describe the feature.
+
+Please give us as much context as possible about the feature. For example,
+you could include a story about a time when you wanted to use the feature,
+and also tell us what you had to do instead. The last part is helpful
+because it gives us an idea of how much harder your life is without the
+feature.
+
+-->

.github/ISSUE_TEMPLATE/test-failure.md

@@ -0,0 +1,25 @@
+---
+name: Test Failure
+about: A test failure in CI
+labels: "test failure"
+
+---
+
+<!--
+Please fill out the following information, and ensure you have attempted
+to reproduce locally
+-->
+
+**Build scan**:
+
+**Repro line**:
+
+**Reproduces locally?**:
+
+**Applicable branches**:
+
+**Failure history**:
+<!--
+Link to build stats and possible indication of when this started failing and how often it fails
+-->
+**Failure excerpt**:

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,95 @@
+<!-- Type of change
+Please label this PR with the release version and one of the following labels, depending on the scope of your change:
+- bug
+- enhancement
+- breaking change
+- doc
+-->
+
+## Release notes
+<!-- Add content to appear in  [Release Notes](https://www.elastic.co/guide/en/logstash/current/releasenotes.html), or add [rn:skip] to leave this PR out of release notes -->
+
+
+## What does this PR do?
+
+<!-- Mandatory
+Explain here the changes you made on the PR. Please explain the WHAT: patterns used, algorithms implemented, design architecture, message processing, etc.
+
+Example:
+  Expose 'xpack.monitoring.elasticsearch.proxy' in the docker environment variables and update logstash.yml to surface this config option.
+  
+  This commit exposes the 'xpack.monitoring.elasticsearch.proxy' variable in the docker by adding it in env2yaml.go, which translates from
+  being an environment variable to a proper yaml config.
+  
+  Additionally, this PR exposes this setting for both xpack monitoring & management to the logstash.yml file.
+-->
+
+## Why is it important/What is the impact to the user?
+
+<!-- Mandatory
+Explain here the WHY or the IMPACT to the user, or the rationale/motivation for the changes.
+
+Example:
+  This PR fixes an issue that was preventing the docker image from using the proxy setting when sending xpack monitoring information.
+  and/or
+  This PR now allows the user to define the xpack monitoring proxy setting in the docker container.
+-->
+
+## Checklist
+
+<!-- Mandatory
+Add a checklist of things that are required to be reviewed in order to have the PR approved
+
+List here all the items you have verified BEFORE sending this PR. Please DO NOT remove any item, striking through those that do not apply. (Just in case, strikethrough uses two tildes. ~~Scratch this.~~)
+-->
+
+- [ ] My code follows the style guidelines of this project
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] I have made corresponding changes to the documentation
+- [ ] I have made corresponding change to the default configuration files (and/or docker env variables)
+- [ ] I have added tests that prove my fix is effective or that my feature works
+
+## Author's Checklist
+
+<!-- Recommended
+Add a checklist of things that are required to be reviewed in order to have the PR approved
+-->
+- [ ]
+
+## How to test this PR locally
+
+<!-- Recommended
+Explain here how this PR will be tested by the reviewer: commands, dependencies, steps, etc.
+-->
+
+## Related issues
+
+<!-- Recommended
+Link related issues below. Insert the issue link or reference after the word "Closes" if merging this should automatically close it.
+
+- Closes #123
+- Relates #123
+- Requires #123
+- Superseeds #123
+-->
+- 
+
+## Use cases
+
+<!-- Recommended
+Explain here the different behaviors that this PR introduces or modifies in this project, user roles, environment configuration, etc.
+
+If you are familiar with Gherkin test scenarios, we recommend its usage: https://cucumber.io/docs/gherkin/reference/
+-->
+
+## Screenshots
+
+<!-- Optional
+Add here screenshots about how the project will be changed after the PR is applied. They could be related to web pages, terminal, etc, or any other image you consider important to be shared with the team.
+-->
+
+## Logs
+
+<!-- Recommended
+Paste here output logs discovered while creating this PR, such as stack traces or integration logs, or any other output you consider important to be shared with the team.
+-->

.github/dependabot.yml

@@ -0,0 +1,18 @@
+---
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directories:
+      - '/'
+      - '/.github/actions/*'
+    schedule:
+      interval: "weekly"
+      day: "sunday"
+      time: "22:00"
+    reviewers:
+      - "elastic/observablt-ci"
+      - "elastic/observablt-ci-contractors"
+    groups:
+      github-actions:
+        patterns:
+          - "*"

.github/workflows/backport-active.yml

@@ -0,0 +1,22 @@
+name: Backport to active branches
+
+on:
+  pull_request_target:
+    types: [closed]
+    branches:
+      - main
+
+permissions:
+  pull-requests: write
+  contents: read
+
+jobs:
+  backport:
+    # Only run if the PR was merged (not just closed) and has one of the backport labels
+    if: |
+      github.event.pull_request.merged == true && 
+      contains(toJSON(github.event.pull_request.labels.*.name), 'backport-active-')
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: elastic/oblt-actions/github/backport-active@v1

.github/workflows/critical_vulnerability_scan.yml

@@ -0,0 +1,24 @@
+name: Scan for vulnerabilities
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+  workflow_dispatch:
+
+jobs:
+  scan_image:
+    runs-on: ubuntu-latest
+    steps: 
+      - name: checkout repo content
+        uses: actions/checkout@v4
+      - name: build tar distribution
+        run: ./gradlew clean assembleTarDistribution
+      - run: mkdir scan
+      - run: tar -zxf ../build/logstash-*.tar.gz
+        working-directory: ./scan
+      - name: scan image
+        uses: anchore/scan-action@v3
+        with:
+          path: "./scan"
+          fail-build: true
+          severity-cutoff: critical

.github/workflows/docs-build.yml

@@ -0,0 +1,19 @@
+name: docs-build
+
+on:
+  push:
+    branches:
+      - main
+  pull_request_target: ~
+  merge_group: ~
+
+jobs:
+  docs-preview:
+    uses: elastic/docs-builder/.github/workflows/preview-build.yml@main
+    with:
+      path-pattern: docs/**
+    permissions:
+      deployments: write
+      id-token: write
+      contents: read
+      pull-requests: read

.github/workflows/docs-cleanup.yml

@@ -0,0 +1,14 @@
+name: docs-cleanup
+
+on:
+  pull_request_target:
+    types:
+      - closed
+
+jobs:
+  docs-preview:
+    uses: elastic/docs-builder/.github/workflows/preview-cleanup.yml@main
+    permissions:
+      contents: none
+      id-token: write
+      deployments: write

.github/workflows/gen_release_notes.yml

@@ -0,0 +1,35 @@
+name: Release Notes Draft generator
+
+on:
+  workflow_dispatch:
+    inputs:
+      branch:
+        type: string
+        required: true
+        default: "8.2"
+      last_release:
+        type: string
+        required: true
+        default: "8.2.2"
+
+
+permissions:
+  contents: write
+  pull-requests: write
+  issues: write
+
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: '3.0'
+    - run: git config --global user.email "43502315+logstashmachine@users.noreply.github.com"
+    - run: git config --global user.name "logstashmachine"
+    - name: Create Release Notes Draft
+      run:  ./tools/release/generate_release_notes.rb ${{ github.event.inputs.branch }} ${{ github.event.inputs.last_release }} ${{ github.actor }} ${{ secrets.GITHUB_TOKEN }}

.github/workflows/lint_docs.yml

@@ -0,0 +1,69 @@
+name: Lint the docs!
+on:
+  pull_request:
+    branches: [ "main" ]
+
+permissions:
+  pull-requests: write
+  contents: read
+
+jobs:
+  lint-docs:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16.13.2
+          cache: npm
+
+      - name: Install docs-lint
+        run: npm install -g @elastic/docs-lint
+
+      - name: Install strip-ansi
+        run: npm install strip-ansi
+        
+      - name: Run docs-lint
+        id: run_docs_lint
+        run: |
+          LINT=$(((docs-lint $GITHUB_WORKSPACE/docs --asciidoc) 2>&1) || true)
+          echo "$LINT"
+          LINT="${LINT//'%'/'%25'}"
+          LINT="${LINT//$'\n'/'%0A'}"
+          LINT="${LINT//$'\r'/'%0D'}"
+          LINT="${LINT//$'`'/'\`'}"
+          echo "::set-output name=LINT_RESULT::$LINT"
+
+      - name: Add PR comment
+        uses: actions/github-script@v6
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const report = `${{ steps.run_docs_lint.outputs.LINT_RESULT }}`
+            if (report !== '') {
+              const { default: stripAnsi } = await import('/home/runner/work/docs-lint/docs-lint/node_modules/strip-ansi/index.js')
+              const cleanText = stripAnsi(report)
+              const errorWithContext = `**⚠️ Lint failed**\n~~~\n${cleanText}\n~~~`
+              github.rest.issues.createComment({
+                issue_number: context.issue.number,
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                body: errorWithContext
+              })
+            } else {
+              console.log("🎉 No errors!")
+            }
+
+      - name: Throw error if linter fails
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const report = `${{ steps.run_docs_lint.outputs.LINT_RESULT }}`
+            if (report !== '') {
+              core.setFailed(report)
+            } else {
+              console.log("No errors!")
+            }

.github/workflows/logstash_project_board.yml

@@ -0,0 +1,23 @@
+name: Add to project
+on:
+  issues:
+    types:
+      - opened
+
+jobs:
+  add-to-project:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: octokit/graphql-action@v2.x
+        id: add_to_project
+        with:
+          headers: '{"GraphQL-Features": "projects_next_graphql"}'
+          query: |
+            mutation add_to_project($projectid:ID!,$contentid:ID!) {
+               addProjectV2ItemById(input:{projectId:$projectid contentId:$contentid}) {
+                clientMutationId
+              }
+             }
+          projectid: "PVT_kwDOAGc3Zs0SEg"
+          contentid: ${{ github.event.issue.node_id }}
+          GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}

.github/workflows/mergify-labels-copier.yml

@@ -0,0 +1,23 @@
+name: mergify backport labels copier
+
+on:
+  pull_request:
+    types:
+      - opened
+
+permissions:
+  contents: read
+
+jobs:
+  mergify-backport-labels-copier:
+    runs-on: ubuntu-latest
+    if: startsWith(github.head_ref, 'mergify/bp/')
+    permissions:
+      # Add GH labels
+      pull-requests: write
+      # See https://github.com/cli/cli/issues/6274
+      repository-projects: read
+    steps:
+      - uses: elastic/oblt-actions/mergify/labels-copier@v1
+        with:
+          excluded-labels-regex: "^backport-*"

.github/workflows/platform_ingest_docs_project_board.yml

@@ -0,0 +1,57 @@
+name: Add Docs issue to Ingest project
+
+on:
+  issues:
+    types:
+      - labeled
+env:
+  INGEST_PROJECT_ID: 'PVT_kwDOAGc3Zs4AEzn4'
+  
+  # GitHub labels for each team/area
+  DOCS_LABEL: 'Team:Docs'
+  
+  # ID values for the Area property + its options
+  AREA_FIELD_ID: 'PVTSSF_lADOAGc3Zs4AEzn4zgEgZSo'
+  INGEST_DOCS_OPTION_ID: 'def2f8e6'
+  
+jobs:
+  add_to_ingest_project:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: octokit/graphql-action@v2.x
+        id: add_to_project
+        if: github.event.label.name == env.DOCS_LABEL
+        with:
+          query: |
+            # Variables have to be snake cased because of https://github.com/octokit/graphql-action/issues/164
+            mutation AddToIngestProject($project_id: ID!, $content_id: ID!) {
+              addProjectV2ItemById(input: { projectId: $project_id, contentId: $content_id }) {
+                  item {
+                    id
+                  }
+                }
+              }
+          project_id: ${{ env.INGEST_PROJECT_ID }}
+          content_id: ${{ github.event.issue.node_id }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}
+      # `if` conditions can only be assigned as the "step" level, so there's no way to conditionally pass differing
+      # `areaId` values to our GraphQL mutation. Would be nice if there was support for dictionaries or something in
+      # GH actions to make this a lot more DRY
+      - uses: octokit/graphql-action@v2.x
+        id: set_data_processing_area
+        if: github.event.label.name == env.DOCS_LABEL
+        with:
+          query: |
+            mutation updateIngestArea($item_id: ID!, $project_id: ID!, $area_field_id: ID!, $area_id: String) {
+              updateProjectV2ItemFieldValue(
+                input: { itemId: $item_id, projectId: $project_id, fieldId: $area_field_id, value: { singleSelectOptionId: $area_id } }) {
+                  clientMutationId
+                }
+              }
+          item_id: ${{ fromJSON(steps.add_to_project.outputs.data).addProjectV2ItemById.item.id }}
+          project_id: ${{ env.INGEST_PROJECT_ID }}
+          area_field_id: ${{ env.AREA_FIELD_ID }}
+          area_id: ${{ env.INGEST_DOCS_OPTION_ID }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}

.github/workflows/platform_logstash_project_board.yml

@@ -0,0 +1,57 @@
+name: Add Logstash issue to Logstash Ingest Project
+
+on:
+  issues:
+    types:
+      - labeled
+env:
+  LOGSTASH_PROJECT_ID: 'PVT_kwDOAGc3Zs4AMlnl'
+  
+  # GitHub labels for each team/area
+  LOGSTASH_LABEL: 'Team:Logstash'
+  
+  # ID values for the Area property + its options
+  AREA_FIELD_ID: 'PVTSSF_lADOAGc3Zs4AMlnlzgIB8yM'
+  DATA_PROCESSING_OPTION_ID: '41c049c0'
+  
+jobs:
+  add_to_ingest_project:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: octokit/graphql-action@v2.x
+        id: add_to_logstash_project
+        if: github.event.label.name == env.LOGSTASH_LABEL
+        with:
+          query: |
+            # Variables have to be snake cased because of https://github.com/octokit/graphql-action/issues/164
+            mutation AddToIngestProject($project_id: ID!, $content_id: ID!) {
+              addProjectV2ItemById(input: { projectId: $project_id, contentId: $content_id }) {
+                  item {
+                    id
+                  }
+                }
+              }
+          project_id: ${{ env.LOGSTASH_PROJECT_ID }}
+          content_id: ${{ github.event.issue.node_id }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}
+      # `if` conditions can only be assigned as the "step" level, so there's no way to conditionally pass differing
+      # `areaId` values to our GraphQL mutation. Would be nice if there was support for dictionaries or something in
+      # GH actions to make this a lot more DRY
+      - uses: octokit/graphql-action@v2.x
+        id: set_data_processing_area
+        if: github.event.label.name == env.LOGSTASH_LABEL
+        with:
+          query: |
+            mutation updateIngestArea($item_id: ID!, $project_id: ID!, $area_field_id: ID!, $area_id: String) {
+              updateProjectV2ItemFieldValue(
+                input: { itemId: $item_id, projectId: $project_id, fieldId: $area_field_id, value: { singleSelectOptionId: $area_id } }) {
+                  clientMutationId
+                }
+              }
+          item_id: ${{ fromJSON(steps.add_to_project.outputs.data).addProjectV2ItemById.item.id }}
+          project_id: ${{ env.LOGSTASH_PROJECT_ID }}
+          area_field_id: ${{ env.AREA_FIELD_ID }}
+          area_id: ${{ env.DATA_PROCESSING_OPTION_ID }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}

.github/workflows/pre-commit.yml

@@ -0,0 +1,18 @@
+name: pre-commit
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+      - 8.*
+      - 9.*
+
+permissions:
+  contents: read
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: elastic/oblt-actions/pre-commit@v1

.github/workflows/project-board-assigner.yml

@@ -0,0 +1,76 @@
+name: Add issue to Ingest or Logstash project
+
+on:
+  issues:
+    types:
+      - labeled
+env:
+  INGEST_PROJECT_ID: 'PVT_kwDOAGc3Zs4AEzn4'
+  LOGSTASH_PROJECT_ID: 'PVT_kwDOAGc3Zs4AMlnl'
+  
+  # GitHub labels for each team/area
+  LOGSTASH_LABEL: 'Team:Logstash'
+  DOCS_LABEL: 'Team:Docs'
+  
+  # ID values for the Area property + its options for Ingest Board
+  AREA_FIELD_ID: 'PVTSSF_lADOAGc3Zs4AEzn4zgEgZSo'
+  INGEST_DOCS_OPTION_ID: 'def2f8e6'
+  
+jobs:
+  add_to_ingest_project:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: octokit/graphql-action@v2.x
+        id: add_to_ingest_project
+        if: github.event.label.name == env.DOCS_LABEL
+        with:
+          query: |
+            # Variables have to be snake cased because of https://github.com/octokit/graphql-action/issues/164
+            mutation AddToIngestProject($project_id: ID!, $content_id: ID!) {
+              addProjectV2ItemById(input: { projectId: $project_id, contentId: $content_id }) {
+                  item {
+                    id
+                  }
+                }
+              }
+          project_id: ${{ env.INGEST_PROJECT_ID }}
+          content_id: ${{ github.event.issue.node_id }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}
+      - uses: octokit/graphql-action@v2.x
+        id: add_to_logstash_project
+        if: github.event.label.name == env.LOGSTASH_LABEL
+        with:
+          query: |
+            # Variables have to be snake cased because of https://github.com/octokit/graphql-action/issues/164
+            mutation AddToLogstashProject($project_id: ID!, $content_id: ID!) {
+              addProjectV2ItemById(input: { projectId: $project_id, contentId: $content_id }) {
+                  item {
+                    id
+                  }
+                }
+              }
+          project_id: ${{ env.LOGSTASH_PROJECT_ID }}
+          content_id: ${{ github.event.issue.node_id }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}
+      # `if` conditions can only be assigned as the "step" level, so there's no way to conditionally pass differing
+      # `areaId` values to our GraphQL mutation. Would be nice if there was support for dictionaries or something in
+      # GH actions to make this a lot more DRY
+      - uses: octokit/graphql-action@v2.x
+        id: set_data_processing_area
+        if: github.event.label.name == env.DOCS_LABEL
+        with:
+          query: |
+            mutation updateIngestArea($item_id: ID!, $project_id: ID!, $area_field_id: ID!, $area_id: String) {
+              updateProjectV2ItemFieldValue(
+                input: { itemId: $item_id, projectId: $project_id, fieldId: $area_field_id, value: { singleSelectOptionId: $area_id } }) {
+                  clientMutationId
+                }
+              }
+          item_id: ${{ fromJSON(steps.add_to_project.outputs.data).addProjectV2ItemById.item.id }}
+          project_id: ${{ env.INGEST_PROJECT_ID }}
+          area_field_id: ${{ env.AREA_FIELD_ID }}
+          area_id: ${{ env.INGEST_DOCS_OPTION_ID }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.PROJECT_TOKEN }}

.github/workflows/version_bumps.yml

@@ -0,0 +1,77 @@
+name: Bump dependencies
+on:
+  workflow_dispatch:
+   inputs:
+      branch:
+        description: 'Release Branch'     
+        required: true
+        default: '8.4'
+        type: string
+      bump:
+        description: 'Bump type'     
+        required: true
+        default: 'patch' 
+        type: choice
+        options:
+        - "patch"
+        - "minor"
+        - "major"
+    
+permissions:
+  pull-requests: write
+  contents: write
+
+jobs:
+  version_bumper:
+    name: Bump versions
+    runs-on: ubuntu-latest
+    env:
+      INPUTS_BRANCH: "${{ inputs.branch }}"
+      INPUTS_BUMP: "${{ inputs.bump }}"
+      BACKPORT_LABEL: "backport-${{ inputs.branch }}"
+    steps:
+      - name: Fetch logstash-core team member list
+        uses: tspascoal/get-user-teams-membership@57e9f42acd78f4d0f496b3be4368fc5f62696662 #v3.0.0
+        with: 
+          username: ${{ github.actor }}
+          organization: elastic
+          team: logstash
+          GITHUB_TOKEN: ${{ secrets.READ_ORG_SECRET_JSVD }}
+      - name: Is user a core team member?
+        if: ${{ steps.checkUserMember.outputs.isTeamMember == 'false' }}
+        run: exit 1
+      - name: checkout repo content
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: ${{ env.INPUTS_BRANCH }}
+      - run: git config --global user.email "43502315+logstashmachine@users.noreply.github.com"
+      - run: git config --global user.name "logstashmachine"
+      - run: ./gradlew clean installDefaultGems
+      - run: ./vendor/jruby/bin/jruby -S bundle update --all --${{ env.INPUTS_BUMP }} --strict
+      - run: mv Gemfile.lock Gemfile.jruby-*.lock.release
+      - run: echo "T=$(date +%s)" >> $GITHUB_ENV
+      - run: echo "BRANCH=update_lock_${T}" >> $GITHUB_ENV
+      - run: |
+          git checkout -b $BRANCH
+          git add .
+          git status
+          if [[ -z $(git status --porcelain) ]]; then echo "No changes. We're done."; exit 0; fi
+          git commit -m "Update ${{ env.INPUTS_BUMP }} plugin versions in gemfile lock" -a
+          git push origin $BRANCH
+
+      - name: Update mergify (minor only)
+        if: ${{ inputs.bump == 'minor' }}
+        continue-on-error: true
+        run: make -C .ci mergify BACKPORT_LABEL=$BACKPORT_LABEL BRANCH=$INPUTS_BRANCH PUSH_BRANCH=$BRANCH
+
+      - name: Create Pull Request
+        run: |
+          curl -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -X POST -d "{\"title\": \"bump lock file for ${{ env.INPUTS_BRANCH }}\",\"head\": \"${BRANCH}\",\"base\": \"${{ env.INPUTS_BRANCH }}\"}" https://api.github.com/repos/elastic/logstash/pulls
+
+      - name: Create GitHub backport label (Mergify) (minor only)
+        if: ${{ inputs.bump == 'minor' }}
+        continue-on-error: true
+        run: make -C .ci backport-label BACKPORT_LABEL=$BACKPORT_LABEL
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -16,8 +16,9 @@ out
 local
 test/setup/elasticsearch/elasticsearch-*
 vendor
+!docker/ironbank/go/src/env2yaml/vendor
 .sass-cache
-data
+/data
 .buildpath
 .project
 .DS_Store
@@ -57,3 +58,9 @@ logstash-core/versions-gem-copy.yml
 logstash-core-plugin-api/versions-gem-copy.yml
 config/logstash.keystore
 html_docs
+lib/pluginmanager/plugin_aliases.yml
+logstash-core/src/main/resources/org/logstash/plugins/plugin_aliases.yml
+spec/unit/plugin_manager/plugin_aliases.yml
+logstash-core/src/test/resources/org/logstash/plugins/plugin_aliases.yml
+qa/integration/fixtures/logs_rollover/log4j2.properties
+ci/serverless/config/*.log

.mergify.yml

@@ -0,0 +1,132 @@
+commands_restrictions:
+  backport:
+    conditions:
+      - or:
+        - sender-permission>=write
+        - sender=github-actions[bot]
+defaults:
+  actions:
+    backport:
+      title: "[{{ destination_branch }}] (backport #{{ number }}) {{ title }}"
+      assignees:
+        - "{{ author }}"
+      labels:
+        - "backport"
+pull_request_rules:
+#  - name: ask to resolve conflict
+#    conditions:
+#      - conflict
+#    actions:
+#      comment:
+#        message: |
+#          This pull request is now in conflicts. Could you fix it @{{author}}? 🙏
+#          To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/
+#          ```
+#          git fetch upstream
+#          git checkout -b {{head}} upstream/{{head}}
+#          git merge upstream/{{base}}
+#          git push upstream {{head}}
+#          ```
+
+  - name: notify the backport policy
+    conditions:
+      - -label~=^backport
+      - base=main
+    actions:
+      comment:
+        message: |
+          This pull request does not have a backport label. Could you fix it @{{author}}? 🙏
+          To fixup this pull request, you need to add the backport labels for the needed
+          branches, such as:
+          * `backport-8./d` is the label to automatically backport to the `8./d` branch. `/d` is the digit.
+          * If no backport is necessary, please add the `backport-skip` label
+
+  - name: remove backport-skip label
+    conditions:
+      - label~=^backport-\d
+    actions:
+      label:
+        remove:
+          - backport-skip
+
+  - name: notify the backport has not been merged yet
+    conditions:
+      - -merged
+      - -closed
+      - author=mergify[bot]
+      - "#check-success>0"
+      - schedule=Mon-Mon 06:00-10:00[Europe/Paris]
+    actions:
+      comment:
+        message: |
+          This pull request has not been merged yet. Could you please review and merge it @{{ assignee | join(', @') }}? 🙏
+
+  - name: backport patches to 8.16 branch
+    conditions:
+      - merged
+      - base=main
+      - label=backport-8.16
+    actions:
+      backport:
+        assignees:
+          - "{{ author }}"
+        branches:
+          - "8.16"
+        labels:
+          - "backport"
+        title: "[{{ destination_branch }}] {{ title }} (backport #{{ number }})"
+
+  - name: backport patches to 8.17 branch
+    conditions:
+      - merged
+      - base=main
+      - label=backport-8.17
+    actions:
+      backport:
+        assignees:
+          - "{{ author }}"
+        branches:
+          - "8.17"
+        labels:
+          - "backport"
+        title: "[{{ destination_branch }}] {{ title }} (backport #{{ number }})"
+
+  - name: backport patches to 8.18 branch
+    conditions:
+      - merged
+      - base=main
+      - label=backport-8.18
+    actions:
+      backport:
+        assignees:
+          - "{{ author }}"
+        branches:
+          - "8.18"
+        labels:
+          - "backport"
+        title: "[{{ destination_branch }}] {{ title }} (backport #{{ number }})"
+
+  - name: backport patches to 8.19 branch
+    conditions:
+      - merged
+      - base=main
+      - label=backport-8.19
+    actions:
+      backport:
+        branches:
+          - "8.19"
+
+  - name: backport patches to 9.0 branch
+    conditions:
+      - merged
+      - base=main
+      - label=backport-9.0
+    actions:
+      backport:
+        assignees:
+          - "{{ author }}"
+        branches:
+          - "9.0"
+        labels:
+          - "backport"
+        title: "[{{ destination_branch }}] {{ title }} (backport #{{ number }})"

.pre-commit-config.yaml

@@ -0,0 +1,6 @@
+repos:
+-   repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.6.0
+    hooks:
+    -   id: check-merge-conflict
+        args: ['--assume-in-merge']

.rubocop.yml

@@ -0,0 +1,237 @@
+AllCops:
+  RubyInterpreters:
+    - ruby
+    - rake
+    - jruby
+  Include:
+    - '**/*.rb'
+    - '**/*.gemfile'
+    - '**/*.gemspec'
+    - '**/*.rake'
+    - '**/Gemfile'
+    - '**/Rakefile'
+  Exclude:
+    - 'node_modules/**/*'
+    - 'tmp/**/*'
+    - 'vendor/**/*'
+    - '.git/**/*'
+    - 'build/**/*'
+    - 'config/**/*'
+  DisplayCopNames: true
+  UseCache: false
+
+#################### Lint   ###########################
+##### Enabled Cops #####
+Lint/DeprecatedClassMethods:
+  Enabled: true
+Lint/ErbNewArguments:
+  Enabled: true
+Lint/BigDecimalNew:
+  Enabled: true
+
+#################### Layout ###########################
+##### Enabled/Disabled Cops #####
+Layout/EmptyLineAfterGuardClause:
+  Enabled: false
+Layout/EmptyLineAfterMagicComment:
+  Enabled: true
+Layout/EmptyLineAfterMultilineCondition:
+  Enabled: false
+Layout/EmptyLineBetweenDefs:
+  EnabLEd: true
+Layout/EmptyLines:
+  Enabled: true
+Layout/EmptyLinesAroundAccessModifier:
+  Enabled: false
+Layout/EmptyLinesAroundArguments:
+  Enabled: true
+Layout/EmptyLinesAroundAttributeAccessor:
+  Enabled: true
+Layout/EmptyLinesAroundBeginBody:
+  Enabled: true
+Layout/EmptyLinesAroundBlockBody:
+  Enabled: true
+Layout/EmptyLinesAroundExceptionHandlingKeywords:
+  Enabled: true
+Layout/EmptyLinesAroundMethodBody:
+  Enabled: true
+Layout/EmptyLinesAroundModuleBody:
+  Enabled: true
+Layout/TrailingWhitespace:
+  Enabled: true
+Layout/TrailingEmptyLines:
+  Enabled: true
+Layout/SpaceAfterColon:
+  Enabled: true
+Layout/SpaceAfterComma:
+  Enabled: true
+Layout/SpaceAfterSemicolon:
+  Enabled: true
+Layout/SpaceAroundBlockParameters:
+  Enabled: true
+Layout/SpaceAroundEqualsInParameterDefault:
+  Enabled: true
+Layout/SpaceAroundKeyword:
+  Enabled: true
+Layout/SpaceAroundMethodCallOperator:
+  Enabled: true
+Layout/SpaceAroundOperators:
+  Enabled: true
+Layout/SpaceBeforeBlockBraces:
+  Enabled: true
+Layout/SpaceBeforeBrackets:
+  Enabled: true
+Layout/SpaceBeforeComma:
+  Enabled: true
+Layout/SpaceBeforeComment:
+  Enabled: true
+Layout/SpaceBeforeFirstArg:
+  Enabled: true
+Layout/SpaceBeforeSemicolon:
+  Enabled: true
+Layout/SpaceInsideArrayLiteralBrackets:
+  Enabled: true
+  EnforcedStyle: no_space
+  EnforcedStyleForEmptyBrackets: no_space
+Layout/SpaceInsideArrayPercentLiteral:
+  Enabled: true # no offenses
+Layout/SpaceInsideParens:
+  Enabled: true
+  EnforcedStyle: no_space
+Layout/SpaceInsidePercentLiteralDelimiters:
+  Enabled: true
+Layout/SpaceInsideRangeLiteral:
+  Enabled: true # no offenses
+Layout/SpaceInsideReferenceBrackets:
+  Enabled: true # no offenses
+Layout/SpaceInsideStringInterpolation:
+  Enabled: true
+  EnforcedStyle: no_space
+
+##### Need review #####
+Layout/AccessModifierIndentation:
+  Enabled: false
+Layout/ArgumentAlignment:
+  Enabled: false
+Layout/ArrayAlignment:
+  Enabled: false
+Layout/AssignmentIndentation:
+  Enabled: false
+Layout/BeginEndAlignment:
+  Enabled: false
+Layout/BlockAlignment:
+  Enabled: false
+Layout/BlockEndNewline:
+  Enabled: false
+Layout/CaseIndentation:
+  Enabled: false
+Layout/ClassStructure:
+  Enabled: false
+Layout/ClosingHeredocIndentation:
+  Enabled: false
+Layout/ClosingParenthesisIndentation:
+  Enabled: false
+Layout/CommentIndentation:
+  Enabled: false
+Layout/ConditionPosition:
+  Enabled: false
+Layout/DefEndAlignment:
+  Enabled: false
+Layout/DotPosition:
+  Enabled: false
+Layout/ElseAlignment:
+  Enabled: false
+Layout/EmptyComment:
+  Enabled: false
+Layout/EmptyLinesAroundClassBody:
+  Enabled: false
+Layout/EndAlignment:
+  Enabled: false
+Layout/EndOfLine:
+  Enabled: false
+Layout/ExtraSpacing:
+  Enabled: false
+Layout/FirstArgumentIndentation:
+  Enabled: false
+Layout/FirstArrayElementIndentation:
+  Enabled: false
+Layout/FirstArrayElementLineBreak:
+  Enabled: false
+Layout/FirstHashElementIndentation:
+  Enabled: false
+Layout/FirstHashElementLineBreak:
+  Enabled: false
+Layout/FirstMethodArgumentLineBreak:
+  Enabled: false
+Layout/FirstMethodParameterLineBreak:
+  Enabled: false
+Layout/FirstParameterIndentation:
+  Enabled: false
+Layout/HashAlignment:
+  Enabled: false
+Layout/HeredocArgumentClosingParenthesis:
+  Enabled: false
+Layout/HeredocIndentation:
+  Enabled: false
+Layout/IndentationConsistency:
+  Enabled: false
+Layout/IndentationStyle:
+  Enabled: false
+Layout/IndentationWidth:
+  Enabled: false
+Layout/InitialIndentation:
+  Enabled: false
+Layout/LeadingCommentSpace:
+  Enabled: false
+Layout/LeadingEmptyLines:
+  Enabled: false
+Layout/LineContinuationLeadingSpace:
+  Enabled: false
+Layout/LineContinuationSpacing:
+  Enabled: false
+Layout/LineEndStringConcatenationIndentation:
+  Enabled: false
+Layout/LineLength:
+  Enabled: false
+Layout/MultilineArrayBraceLayout:
+  Enabled: false
+Layout/MultilineArrayLineBreaks:
+  Enabled: false
+Layout/MultilineAssignmentLayout:
+  Enabled: false
+Layout/MultilineBlockLayout:
+  Enabled: false
+Layout/MultilineHashBraceLayout:
+  Enabled: false
+Layout/MultilineHashKeyLineBreaks:
+  Enabled: false
+Layout/MultilineMethodArgumentLineBreaks:
+  Enabled: false
+Layout/MultilineMethodCallBraceLayout:
+  Enabled: false
+Layout/MultilineMethodCallIndentation:
+  Enabled: false
+Layout/MultilineMethodDefinitionBraceLayout:
+  Enabled: false
+Layout/MultilineMethodParameterLineBreaks:
+  Enabled: false
+Layout/MultilineOperationIndentation:
+  Enabled: false
+Layout/ParameterAlignment:
+  Enabled: false
+Layout/RedundantLineBreak:
+  Enabled: false
+Layout/RescueEnsureAlignment:
+  Enabled: false
+Layout/SingleLineBlockChain:
+  Enabled: false
+Layout/SpaceAfterMethodName:
+  Enabled: false
+Layout/SpaceAfterNot:
+  Enabled: false
+Layout/SpaceInLambdaLiteral:
+  Enabled: false
+Layout/SpaceInsideBlockBraces:
+  Enabled: false
+Layout/SpaceInsideHashLiteralBraces:
+  Enabled: false

.ruby-version

@@ -1 +1 @@
-jruby-9.1.12.0
+jruby-9.4.9.0

CONTRIBUTING.md

@@ -3,6 +3,8 @@
 All contributions are welcome: ideas, patches, documentation, bug reports,
 complaints, etc!
 
+If you want to be rewarded for your contributions, sign up for the [Elastic Contributor Program](https://www.elastic.co/community/contributor). Each time you make a valid contribution, you’ll earn points that increase your chances of winning prizes and being recognized as a top contributor.
+
 Programming is not a required skill, and there are many ways to help out!
 It is more important to us that you are able to contribute.
 
@@ -12,7 +14,7 @@ That said, some basic guidelines, which you are free to ignore :)
 
 Want to lurk about and see what others are doing with Logstash?
 
-* The irc channel (#logstash on irc.freenode.org) is a good place for this
+* The #logstash channel on Elastic Stack Community slack (https://elasticstack.slack.com/channels/logstash) is a good place to start. 
 * The [forum](https://discuss.elastic.co/c/logstash) is also
   great for learning from others.
 
@@ -21,12 +23,11 @@ Want to lurk about and see what others are doing with Logstash?
 Have a problem you want Logstash to solve for you?
 
 * You can ask a question in the [forum](https://discuss.elastic.co/c/logstash)
-* Alternately, you are welcome to join the IRC channel #logstash on
-irc.freenode.org and ask for help there!
+* You are welcome to join Elastic Stack Community slack (https://elasticstack.slack.com) and ask for help on the #logstash channel.
 
 ## Have an Idea or Feature Request?
 
-* File a ticket on [GitHub](https://github.com/elastic/logstash/issues). Please remember that GitHub is used only for issues and feature requests. If you have a general question, the [forum](https://discuss.elastic.co/c/logstash) or IRC would be the best place to ask.
+* File a ticket on [GitHub](https://github.com/elastic/logstash/issues). Please remember that GitHub is used only for issues and feature requests. If you have a general question, the [forum](https://discuss.elastic.co/c/logstash) or Elastic Stack Community slack (https://elasticstack.slack.com) is the best place to ask.
 
 ## Something Not Working? Found a Bug?
 
@@ -49,29 +50,69 @@ get in touch with our security team [here](https://www.elastic.co/community/secu
 
 If you have a bugfix or new feature that you would like to contribute to Logstash, and you think it will take
 more than a few minutes to produce the fix (ie; write code), it is worth discussing the change with the Logstash
-users and developers first. You can reach us via [GitHub](https://github.com/elastic/logstash/issues), the [forum](https://discuss.elastic.co/c/logstash), or via IRC (#logstash on freenode irc)
+users and developers first. You can reach us via [GitHub](https://github.com/elastic/logstash/issues), the [forum](https://discuss.elastic.co/c/logstash), or Elastic Stack Community slack (https://elasticstack.slack.com).
 
 Please note that Pull Requests without tests and documentation may not be merged. If you would like to contribute but do not have
-experience with writing tests, please ping us on IRC/forum or create a PR and ask our help.
+experience with writing tests, please ping us on the forum or create a PR and ask for our help.
 
-If you would like to contribute to Logstash, but don't know where to start, you can use the GitHub labels "adoptme"
-and "low hanging fruit". Issues marked with these labels are relatively easy, and provides a good starting
+If you would like to contribute to Logstash, but don't know where to start, you can use the GitHub labels "adoptme",
+"low hanging fruit" and "good first issue". Issues marked with these labels are relatively easy, and provide a good starting
 point to contribute to Logstash.
 
-See: https://github.com/elastic/logstash/labels/adoptme
-https://github.com/elastic/logstash/labels/low%20hanging%20fruit
+See the following links:
+ * https://github.com/elastic/logstash/labels/adoptme
+ * https://github.com/elastic/logstash/labels/low%20hanging%20fruit
+ * https://github.com/elastic/logstash/labels/good%20first%20issue
+
+Or go directly here for an exhaustive list: https://github.com/elastic/logstash/contribute
+
+Sometimes during the development of Logstash core or plugins, configuration parameters for sensitive data such as password, API keys or SSL keyphrases need to be provided to the user.
+To protect sensitive information leaking into the logs, follow the best practices below:
+- Logstash core and plugin should flag any settings that may contain secrets. If your source changes are in Ruby, apply `:password` validation or wrap the object with `Logstash::Util::Password` object.
+- A setting marked as secret should not disclose its value unless retrieved in a non-obvious way. If you are introducing a new class for sensitive object (check `Password.java` and `SecretVariable.java` classes before doing so), make sure to mask the sensitive info by overriding get value (or `toString()` of Java class) default methods.
+- Logstash should not log secrets on any log level by default. Make sure you double-check the loggers if they are touching the objects carrying sensitive info.
+- Logstash has a dedicated flag, disabled by default, that the raw configuration text be logged for debugging purposes only. Use of `config.debug` will log/display sensitive info in the debug logs, so beware of using it in Produciton.
+
+As an example, suppose you have `my_auth` config which carries the sensitive key. Defining with `:password` validated protects `my_auth` being leaked in Logstash core logics. 
+```
+:my_auth => { :validate => :password },
+```
+In the plugin level, make sure to wrap `my_auth` with `Password` object.
+```
+::LogStash::Util::Password.new(my_auth)
+```
 
 Using IntelliJ? See a detailed getting started guide [here](https://docs.google.com/document/d/1kqunARvYMrlfTEOgMpYHig0U-ZqCcMJfhvTtGt09iZg/pub).
 
+## Breaking Changes
+
+When introducing new behaviour, we favor implementing it in a non-breaking way that users can opt into, meaning users' existing configurations continue to work as they expect them to after upgrading Logstash.
+
+But sometimes it is necessary to introduce "breaking changes," whether that is removing an option that doesn't make sense anymore, changing the default value of a setting, or reimplementing a major component differently for performance or safety reasons.
+
+When we do so, we need to acknowledge the work we are placing on the rest of our users the next time they upgrade, and work to ensure that they can upgrade confidently.
+
+Where possible, we:
+ 1. first implement new behaviour in a way that users can explicitly opt into (MINOR),
+ 2. commuicate the pending change in behaviour, including the introduction of deprecation warnings when old behaviour is used (MINOR, potentially along-side #1),
+ 3. change the default to be new behaviour, communicate the breaking change, optionally allow users to opt out in favor of the old behaviour (MAJOR), and eventually
+ 4. remove the old behaviour's implementation from the code-base (MAJOR, potentially along-side #3).
+
+After a pull request is marked as a "breaking change," it becomes necessary to either:
+ - refactor into a non-breaking change targeted at next minor; OR
+ - split into non-breaking change targeted at next minor, plus breaking change targeted at next major
+
 ## Contributing to plugins
 
 Check our [documentation](https://www.elastic.co/guide/en/logstash/current/contributing-to-logstash.html) on how to contribute to plugins or write your own!
 
+Check the _Contributing Documentation and Code Changes_ section to prevent plugin sensitive info from leaking in the debug logs.
+
 ### Logstash Plugin Changelog Guidelines
 
 This document provides guidelines on editing a logstash plugin's CHANGELOG file.
 
-#### What's a CHANGELOG file?
+### What's a CHANGELOG file?
 
 According to [keepachangelog.com](https://keepachangelog.com/en/1.0.0/):
 
@@ -107,14 +148,24 @@ then you should still create an entry in the changelog, using the word `Unreleas
 
 Most code in logstash-plugins comes from self-contained changes in the form of pull requests, so each entry should:
 
-1. be a summary of the Pull Request and contain a markdown link to it.
-2. start with [BREAKING], when it denotes a breaking change.
-  * Note: Breaking changes should warrant a major version bump.
-3. after [BREAKING], start with one of the following keywords:
-    `Added`, `Changed`, `Deprecated`, `Removed`, `Fixed`, `Security`.
-4. keep multiple entries with the same keyword in the same changelog revision together.
+1. Be a summary of the Pull Request and contain a markdown link to the PR.
+2. Begin your entry with an introductory label if appropriate. Labels include:
+    `[DOC]`, `[BREAKING]`, `[SECURITY]`.  
+    NOTE: Your PR may not need a label.
+3. After the label, start with one of the following keywords:
+    `Added`, `Changed`, `Deprecated`, `Removed`, `Fixed`.
+4. Keep multiple entries with the same keyword in the same changelog revision together.
 
-The meaning of the keywords is as follows (copied from [keepachangelog.com](https://keepachangelog.com/en/1.0.0/#how):
+Labels (optional):
+
+- **`[BREAKING]`** for a breaking change.
+ Note that breaking changes should warrant a major version bump.
+- **`[DOC]`** for a change that affects only documentation, and not code.
+- **`[SECURITY]`** for a security fix. If you're working on a security issue, 
+please make sure to follow the process outlined by our security team. 
+If you haven't done so already, please [get in touch with them](https://www.elastic.co/community/security) first.
+
+Keywords (copied from [keepachangelog.com](https://keepachangelog.com/en/1.0.0/#how)):
 
 - **`Added`** for new features.
 - **`Changed`** for changes in existing functionality.
@@ -135,6 +186,9 @@ Example:
 - Changed default value of `execution_bugs` from 30 to 0 [#104](http://example.org)
 - [BREAKING] Removed obsolete option `enable_telnet` option [#100](http://example.org)
 
+## 3.3.3
+- [DOC] Fixed incorrect formatting of code sample [#85](http://example.org)
+
 ## 3.3.2
 - Fixed incorrect serialization of input data when encoding was `Emacs-Mule` [#84](http://example.org)
 
@@ -196,4 +250,3 @@ Keep these in mind as both authors and reviewers of PRs:
   * If no, ask for clarifications on the PR. This will usually lead to changes in the code such as renaming of variables/functions or extracting of functions or simply adding "why" inline comments. But first ask the author for clarifications before assuming any intent on their part.
 
 * I must not focus on personal preferences or nitpicks. If I understand the code in the PR but simply would've implemented the same solution a different way that's great but its not feedback that belongs in the PR. Such feedback only serves to slow down progress for little to no gain.
-

Dockerfile

@@ -1,59 +0,0 @@
-FROM ubuntu:xenial
-
-RUN apt-get update && \
-    apt-get install -y zlib1g-dev build-essential vim rake git curl libssl-dev libreadline-dev libyaml-dev  \
-      libxml2-dev libxslt-dev openjdk-8-jdk-headless curl iputils-ping netcat && \
-    apt-get clean
-
-WORKDIR /root
-
-RUN adduser --disabled-password --gecos "" --home /home/logstash logstash && \
-    mkdir -p /usr/local/share/ruby-build && \
-    mkdir -p /opt/logstash && \
-    mkdir -p /opt/logstash/data && \
-    mkdir -p /mnt/host && \
-    chown logstash:logstash /opt/logstash
-
-USER logstash
-WORKDIR /home/logstash
-
-# used by the purge policy
-LABEL retention="keep"
-
-ADD gradlew /opt/logstash/gradlew
-ADD gradle/wrapper /opt/logstash/gradle/wrapper
-ADD buildSrc /opt/logstash/buildSrc
-RUN /opt/logstash/gradlew wrapper
-
-ADD versions.yml /opt/logstash/versions.yml
-ADD LICENSE.txt /opt/logstash/LICENSE.txt
-ADD NOTICE.TXT /opt/logstash/NOTICE.TXT
-ADD licenses /opt/logstash/licenses
-ADD CONTRIBUTORS /opt/logstash/CONTRIBUTORS
-ADD Gemfile.template /opt/logstash/Gemfile.template
-ADD Rakefile /opt/logstash/Rakefile
-ADD build.gradle /opt/logstash/build.gradle
-ADD rakelib /opt/logstash/rakelib
-ADD config /opt/logstash/config
-ADD spec /opt/logstash/spec
-ADD qa /opt/logstash/qa
-ADD lib /opt/logstash/lib
-ADD pkg /opt/logstash/pkg
-ADD tools /opt/logstash/tools
-ADD logstash-core /opt/logstash/logstash-core
-ADD logstash-core-plugin-api /opt/logstash/logstash-core-plugin-api
-ADD bin /opt/logstash/bin
-ADD modules /opt/logstash/modules
-ADD x-pack /opt/logstash/x-pack
-ADD ci /opt/logstash/ci
-ADD settings.gradle /opt/logstash/settings.gradle
-
-USER root
-RUN rm -rf build && \
-    mkdir -p build && \
-    chown -R logstash:logstash /opt/logstash
-USER logstash
-WORKDIR /opt/logstash
-
-LABEL retention="prune"
-

Dockerfile.base

@@ -1,22 +0,0 @@
-#logstash-base image, use ci/docker_update_base_image.sh to push updates
-FROM ubuntu:xenial
-
-RUN apt-get update && \
-    apt-get install -y zlib1g-dev build-essential vim rake git curl libssl-dev libreadline-dev libyaml-dev  \
-      libxml2-dev libxslt-dev openjdk-8-jdk-headless curl iputils-ping netcat && \
-    apt-get clean
-
-WORKDIR /root
-
-RUN adduser --disabled-password --gecos "" --home /home/logstash logstash && \
-    mkdir -p /usr/local/share/ruby-build && \
-    mkdir -p /opt/logstash && \
-    mkdir -p /mnt/host && \
-    chown logstash:logstash /opt/logstash
-
-USER logstash
-WORKDIR /home/logstash
-RUN mkdir -p /opt/logstash/data
-
-# used by the purge policy
-LABEL retention="keep"

Gemfile.template

@@ -4,122 +4,46 @@
 source "https://rubygems.org"
 gem "logstash-core", :path => "./logstash-core"
 gem "logstash-core-plugin-api", :path => "./logstash-core-plugin-api"
+
 gem "paquet", "~> 0.2"
-gem "ruby-progressbar", "~> 1"
-gem "builder", "~> 3"
-gem "ci_reporter_rspec", "~> 1", :group => :development
-gem "rspec", "~> 3.5", :group => :development
-gem "logstash-devutils", "~> 1", :group => :development
-gem "benchmark-ips", :group => :development
-gem "octokit", "~> 4", :group => :build
-gem "stud", "~> 0.0.22", :group => :build
-gem "rack-test", :require => "rack/test", :group => :development
-gem "fpm", "~> 1.3.3", :group => :build
-gem "rubyzip", "~> 1", :group => :build
+gem "pleaserun", "~>0.0.28", require: false
+gem "rake", "~> 13", require: false
+gem "ruby-progressbar", "~> 1", require: false
+gem "ruby-maven-libs", "~> 3", ">= 3.9.6.1"
+gem "logstash-output-elasticsearch", ">= 11.14.0"
+gem "polyglot", require: false
+gem "treetop", require: false
+gem "minitar", "~> 1", :group => :build
+gem "childprocess", "~> 4", :group => :build
+gem "fpm", "~> 1", ">= 1.14.1", :group => :build # compound due to bugfix https://github.com/jordansissel/fpm/pull/1856
 gem "gems", "~> 1", :group => :build
-gem "flores", "~> 0.0.6", :group => :development
-gem "atomic", "~> 1"
+gem "octokit", "~> 4.25", :group => :build
+gem "rubyzip", "~> 1", :group => :build
+gem "stud", "~> 0.0.22", :group => :build
+# remove fileutils declaration when start using Ruby 3.2+, by default includes `fileutils-v1.7.0`
+# (https://git.ruby-lang.org/ruby.git/commit/?h=ruby_3_2&id=05caafb4731c796890027cafedaac59dc108a23a)
+# note that the reason to use 1.7.0 is due to https://github.com/logstash-plugins/logstash-integration-aws/issues/28
+gem "fileutils", "~> 1.7"
+
+gem "rubocop", :group => :development
+# rubocop-ast 1.43.0 carries a dep on `prism` which requires native c extensions
+gem 'rubocop-ast', '= 1.42.0', :group => :development
 gem "belzebuth", :group => :development
+gem "benchmark-ips", :group => :development
+gem "ci_reporter_rspec", "~> 1", :group => :development
+gem "flores", "~> 0.0.8", :group => :development
 gem "json-schema", "~> 2", :group => :development
-gem "pleaserun", "~>0.0.28"
-gem "rake", "~> 12"
+gem "logstash-devutils", "~> 2.6.0", :group => :development
+gem "rack-test", :require => "rack/test", :group => :development
+gem "rspec", "~> 3.5", :group => :development
 gem "webmock", "~> 3", :group => :development
-gem "logstash-codec-cef"
-gem "logstash-codec-collectd"
-gem "logstash-codec-dots"
-gem "logstash-codec-edn"
-gem "logstash-codec-edn_lines"
-gem "logstash-codec-es_bulk"
-gem "logstash-codec-fluent"
-gem "logstash-codec-graphite"
-gem "logstash-codec-json"
-gem "logstash-codec-json_lines"
-gem "logstash-codec-line"
-gem "logstash-codec-msgpack"
-gem "logstash-codec-multiline"
-gem "logstash-codec-netflow"
-gem "logstash-codec-plain"
-gem "logstash-codec-rubydebug"
-gem "logstash-filter-aggregate"
-gem "logstash-filter-anonymize"
-gem "logstash-filter-cidr"
-gem "logstash-filter-clone"
-gem "logstash-filter-csv"
-gem "logstash-filter-date"
-gem "logstash-filter-de_dot"
-gem "logstash-filter-dissect"
-gem "logstash-filter-dns"
-gem "logstash-filter-drop"
-gem "logstash-filter-elasticsearch"
-gem "logstash-filter-fingerprint"
-gem "logstash-filter-geoip"
-gem "logstash-filter-grok"
-gem "logstash-filter-http"
-gem "logstash-filter-jdbc_static"
-gem "logstash-filter-jdbc_streaming"
-gem "logstash-filter-json"
-gem "logstash-filter-kv"
-gem "logstash-filter-memcached"
-gem "logstash-filter-metrics"
-gem "logstash-filter-mutate"
-gem "logstash-filter-ruby"
-gem "logstash-filter-sleep"
-gem "logstash-filter-split"
-gem "logstash-filter-syslog_pri"
-gem "logstash-filter-throttle"
-gem "logstash-filter-translate"
-gem "logstash-filter-truncate"
-gem "logstash-filter-urldecode"
-gem "logstash-filter-useragent"
-gem "logstash-filter-xml"
-gem "logstash-input-beats"
-gem "logstash-input-azure_event_hubs"
-gem "logstash-input-dead_letter_queue"
-gem "logstash-input-elasticsearch"
-gem "logstash-input-exec"
-gem "logstash-input-file"
-gem "logstash-input-ganglia"
-gem "logstash-input-gelf"
-gem "logstash-input-generator"
-gem "logstash-input-graphite"
-gem "logstash-input-heartbeat"
-gem "logstash-input-http"
-gem "logstash-input-http_poller"
-gem "logstash-input-imap"
-gem "logstash-input-jdbc"
-gem "logstash-input-kafka"
-gem "logstash-input-pipe"
-gem "logstash-input-rabbitmq"
-gem "logstash-input-redis"
-gem "logstash-input-s3"
-gem "logstash-input-snmp"
-gem "logstash-input-snmptrap"
-gem "logstash-input-sqs"
-gem "logstash-input-stdin"
-gem "logstash-input-syslog"
-gem "logstash-input-tcp"
-gem "logstash-input-twitter"
-gem "logstash-input-udp"
-gem "logstash-input-unix"
-gem "logstash-output-elastic_app_search"
-gem "logstash-output-cloudwatch"
-gem "logstash-output-csv"
-gem "logstash-output-elasticsearch"
-gem "logstash-output-email"
-gem "logstash-output-file"
-gem "logstash-output-graphite"
-gem "logstash-output-http"
-gem "logstash-output-kafka"
-gem "logstash-output-lumberjack"
-gem "logstash-output-nagios"
-gem "logstash-output-null"
-gem "logstash-output-pipe"
-gem "logstash-output-rabbitmq"
-gem "logstash-output-redis"
-gem "logstash-output-s3"
-gem "logstash-output-sns"
-gem "logstash-output-sqs"
-gem "logstash-output-stdout"
-gem "logstash-output-tcp"
-gem "logstash-output-udp"
-gem "logstash-output-webhdfs"
+gem "simplecov", "~> 0.22.0", :group => :development
+gem "simplecov-json", require: false, :group => :development
+gem "jar-dependencies", "= 0.4.1" # Gem::LoadError with jar-dependencies 0.4.2
+gem "murmurhash3", "= 0.1.6" # Pins until version 0.1.7-java is released
+gem "date", "= 3.3.3"
+gem "thwait"
+gem "bigdecimal", "~> 3.1"
+gem "psych", "5.2.2"
+gem "cgi", "0.3.7" # Pins until a new jruby version with updated cgi is released
+gem "uri", "0.12.3" # Pins until a new jruby version with updated cgi is released