Skip to content

Commit

Permalink
[8.x] [UII] Add proxy args to install snippets (#193922) (#194642)
Browse files Browse the repository at this point in the history
# Backport

This will backport the following commits from `main` to `8.x`:
- [[UII] Add proxy args to install snippets
(#193922)](#193922)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Jen
Huang","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-01T19:30:24Z","message":"[UII]
Add proxy args to install snippets (#193922)\n\n##
Summary\r\n\r\nResolves #184222. This PR:\r\n\r\n- Ensures custom agent
binary download source URI is respected where\r\never it appears in
command snippets, for both Fleet Server and Elastic\r\nAgent install
instructions\r\n- If a proxy is associated with the source URI, the
appropriate args are\r\nadded to the commands as well\r\n- For `curl`
commands, these are appended as `--proxy <url>` and\r\n`--proxy-header
\"<key>-<value>\"` (repeated for each header key/value\r\npair)\r\n- For
Windows, these are appended as `-Proxy \"<url>\"` and
`-Headers\r\n@{\"<key1>\"=\"<value1>\"; \"<key2>\"=\"<value2>\"}`\r\n-
Adjusts Fleet Server `./elastic-agent install` instructions so
that:\r\n- `--fleet-server-es` is the value of the data output host set
on that\r\nFleet Server policy (must be ES output)\r\n- If a proxy is
associated with that ES output, the corresponding args\r\nare
appended:\r\n`--proxy-url=<url>` and `--proxy-header \"<key>-<value>\"`
(repeated for\r\neach header key/value pair)\r\n\r\nThe internal API at
`/internal/fleet/settings/enrollment` has new\r\nproperties added to its
response to support this:\r\n```\r\n fleet_server: {\r\n es_output?:
Output;\r\n es_output_proxy?: FleetProxy;\r\n };\r\n
download_source_proxy?: FleetProxy;\r\n```\r\n\r\n##
Examples\r\n\r\n**Fleet Server install with proxied custom download and
proxied ES\r\nhost:**\r\n```\r\ncurl -L -O
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-9.0.0-linux-x86_64.tar.gz
--proxy http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate, br\"\r\ntar xzvf
elastic-agent-9.0.0-linux-x86_64.tar.gz\r\ncd
elastic-agent-9.0.0-linux-x86_64\r\nsudo ./elastic-agent install \\\r\n
--fleet-server-es=http://localhost:9999 \\\r\n
--fleet-server-service-token=REDACTED \\\r\n
--fleet-server-policy=027a180f-2f4a-4dd1-a531-bf1d1d64179f \\\r\n
--fleet-server-port=8220 \\\r\n --proxy-url=http://some-proxy:1111
\\\r\n --proxy-header=\"Accept-Language=en-US,en;q=0.5\" \\\r\n
--proxy-header=\"Accept-Encoding=gzip, deflate,
br\"\r\n```\r\n```\r\n$ProgressPreference =
'SilentlyContinue'\r\nInvoke-WebRequest -Uri
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-9.0.0-windows-x86_64.zip
-OutFile elastic-agent-9.0.0-windows-x86_64.zip -Proxy
\"http://some-proxy:1111\" -Headers
@{\"Accept-Language\"=\"en-US,en;q=0.5\";\"Accept-Encoding\"=\"gzip,
deflate, br\"}\r\nExpand-Archive
.\\elastic-agent-9.0.0-windows-x86_64.zip\r\ncd
elastic-agent-9.0.0-windows-x86_64\r\n.\\elastic-agent.exe install `\r\n
--fleet-server-es=http://localhost:9999 `\r\n
--fleet-server-service-token=REDACTED `\r\n
--fleet-server-policy=027a180f-2f4a-4dd1-a531-bf1d1d64179f `\r\n
--fleet-server-port=8220 `\r\n --proxy-url=http://some-proxy:1111 `\r\n
--proxy-header=\"Accept-Language=en-US,en;q=0.5\" `\r\n
--proxy-header=\"Accept-Encoding=gzip, deflate,
br\"\r\n```\r\n\r\n**Elastic Agent install with proxied download source
and proxied Fleet\r\nServer host:**\r\n```\r\ncurl -L -O
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-8.15.1-darwin-aarch64.tar.gz
--proxy http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate, br\"\r\ntar xzvf
elastic-agent-8.15.1-darwin-aarch64.tar.gz\r\ncd
elastic-agent-8.15.1-darwin-aarch64\r\nsudo ./elastic-agent install
--url=https://localhost:2222 --enrollment-token=REDACTED
--proxy-url=http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate,
br\"\r\n```\r\n```\r\n$ProgressPreference =
'SilentlyContinue'\r\nInvoke-WebRequest -Uri
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-8.15.1-windows-x86_64.zip
-OutFile elastic-agent-8.15.1-windows-x86_64.zip -Proxy
\"http://some-proxy:1111\" -Headers
@{\"Accept-Language\"=\"en-US,en;q=0.5\";\"Accept-Encoding\"=\"gzip,
deflate, br\"}\r\nExpand-Archive
.\\elastic-agent-8.15.1-windows-x86_64.zip -DestinationPath .\r\ncd
elastic-agent-8.15.1-windows-x86_64\r\n.\\elastic-agent.exe install
--url=https://localhost:2222 --enrollment-token=REDACTED
--proxy-url=http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate, br\"\r\n```\r\n\r\n### To-do\r\n- [x]
Unit tests\r\n- [x] API integration tests for enrollment settings
endpoint","sha":"121ff399672673844c5a92996c7a379894abeea8","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","v9.0.0","backport:prev-minor"],"number":193922,"url":"https://github.com/elastic/kibana/pull/193922","mergeCommit":{"message":"[UII]
Add proxy args to install snippets (#193922)\n\n##
Summary\r\n\r\nResolves #184222. This PR:\r\n\r\n- Ensures custom agent
binary download source URI is respected where\r\never it appears in
command snippets, for both Fleet Server and Elastic\r\nAgent install
instructions\r\n- If a proxy is associated with the source URI, the
appropriate args are\r\nadded to the commands as well\r\n- For `curl`
commands, these are appended as `--proxy <url>` and\r\n`--proxy-header
\"<key>-<value>\"` (repeated for each header key/value\r\npair)\r\n- For
Windows, these are appended as `-Proxy \"<url>\"` and
`-Headers\r\n@{\"<key1>\"=\"<value1>\"; \"<key2>\"=\"<value2>\"}`\r\n-
Adjusts Fleet Server `./elastic-agent install` instructions so
that:\r\n- `--fleet-server-es` is the value of the data output host set
on that\r\nFleet Server policy (must be ES output)\r\n- If a proxy is
associated with that ES output, the corresponding args\r\nare
appended:\r\n`--proxy-url=<url>` and `--proxy-header \"<key>-<value>\"`
(repeated for\r\neach header key/value pair)\r\n\r\nThe internal API at
`/internal/fleet/settings/enrollment` has new\r\nproperties added to its
response to support this:\r\n```\r\n fleet_server: {\r\n es_output?:
Output;\r\n es_output_proxy?: FleetProxy;\r\n };\r\n
download_source_proxy?: FleetProxy;\r\n```\r\n\r\n##
Examples\r\n\r\n**Fleet Server install with proxied custom download and
proxied ES\r\nhost:**\r\n```\r\ncurl -L -O
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-9.0.0-linux-x86_64.tar.gz
--proxy http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate, br\"\r\ntar xzvf
elastic-agent-9.0.0-linux-x86_64.tar.gz\r\ncd
elastic-agent-9.0.0-linux-x86_64\r\nsudo ./elastic-agent install \\\r\n
--fleet-server-es=http://localhost:9999 \\\r\n
--fleet-server-service-token=REDACTED \\\r\n
--fleet-server-policy=027a180f-2f4a-4dd1-a531-bf1d1d64179f \\\r\n
--fleet-server-port=8220 \\\r\n --proxy-url=http://some-proxy:1111
\\\r\n --proxy-header=\"Accept-Language=en-US,en;q=0.5\" \\\r\n
--proxy-header=\"Accept-Encoding=gzip, deflate,
br\"\r\n```\r\n```\r\n$ProgressPreference =
'SilentlyContinue'\r\nInvoke-WebRequest -Uri
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-9.0.0-windows-x86_64.zip
-OutFile elastic-agent-9.0.0-windows-x86_64.zip -Proxy
\"http://some-proxy:1111\" -Headers
@{\"Accept-Language\"=\"en-US,en;q=0.5\";\"Accept-Encoding\"=\"gzip,
deflate, br\"}\r\nExpand-Archive
.\\elastic-agent-9.0.0-windows-x86_64.zip\r\ncd
elastic-agent-9.0.0-windows-x86_64\r\n.\\elastic-agent.exe install `\r\n
--fleet-server-es=http://localhost:9999 `\r\n
--fleet-server-service-token=REDACTED `\r\n
--fleet-server-policy=027a180f-2f4a-4dd1-a531-bf1d1d64179f `\r\n
--fleet-server-port=8220 `\r\n --proxy-url=http://some-proxy:1111 `\r\n
--proxy-header=\"Accept-Language=en-US,en;q=0.5\" `\r\n
--proxy-header=\"Accept-Encoding=gzip, deflate,
br\"\r\n```\r\n\r\n**Elastic Agent install with proxied download source
and proxied Fleet\r\nServer host:**\r\n```\r\ncurl -L -O
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-8.15.1-darwin-aarch64.tar.gz
--proxy http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate, br\"\r\ntar xzvf
elastic-agent-8.15.1-darwin-aarch64.tar.gz\r\ncd
elastic-agent-8.15.1-darwin-aarch64\r\nsudo ./elastic-agent install
--url=https://localhost:2222 --enrollment-token=REDACTED
--proxy-url=http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate,
br\"\r\n```\r\n```\r\n$ProgressPreference =
'SilentlyContinue'\r\nInvoke-WebRequest -Uri
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-8.15.1-windows-x86_64.zip
-OutFile elastic-agent-8.15.1-windows-x86_64.zip -Proxy
\"http://some-proxy:1111\" -Headers
@{\"Accept-Language\"=\"en-US,en;q=0.5\";\"Accept-Encoding\"=\"gzip,
deflate, br\"}\r\nExpand-Archive
.\\elastic-agent-8.15.1-windows-x86_64.zip -DestinationPath .\r\ncd
elastic-agent-8.15.1-windows-x86_64\r\n.\\elastic-agent.exe install
--url=https://localhost:2222 --enrollment-token=REDACTED
--proxy-url=http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate, br\"\r\n```\r\n\r\n### To-do\r\n- [x]
Unit tests\r\n- [x] API integration tests for enrollment settings
endpoint","sha":"121ff399672673844c5a92996c7a379894abeea8"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193922","number":193922,"mergeCommit":{"message":"[UII]
Add proxy args to install snippets (#193922)\n\n##
Summary\r\n\r\nResolves #184222. This PR:\r\n\r\n- Ensures custom agent
binary download source URI is respected where\r\never it appears in
command snippets, for both Fleet Server and Elastic\r\nAgent install
instructions\r\n- If a proxy is associated with the source URI, the
appropriate args are\r\nadded to the commands as well\r\n- For `curl`
commands, these are appended as `--proxy <url>` and\r\n`--proxy-header
\"<key>-<value>\"` (repeated for each header key/value\r\npair)\r\n- For
Windows, these are appended as `-Proxy \"<url>\"` and
`-Headers\r\n@{\"<key1>\"=\"<value1>\"; \"<key2>\"=\"<value2>\"}`\r\n-
Adjusts Fleet Server `./elastic-agent install` instructions so
that:\r\n- `--fleet-server-es` is the value of the data output host set
on that\r\nFleet Server policy (must be ES output)\r\n- If a proxy is
associated with that ES output, the corresponding args\r\nare
appended:\r\n`--proxy-url=<url>` and `--proxy-header \"<key>-<value>\"`
(repeated for\r\neach header key/value pair)\r\n\r\nThe internal API at
`/internal/fleet/settings/enrollment` has new\r\nproperties added to its
response to support this:\r\n```\r\n fleet_server: {\r\n es_output?:
Output;\r\n es_output_proxy?: FleetProxy;\r\n };\r\n
download_source_proxy?: FleetProxy;\r\n```\r\n\r\n##
Examples\r\n\r\n**Fleet Server install with proxied custom download and
proxied ES\r\nhost:**\r\n```\r\ncurl -L -O
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-9.0.0-linux-x86_64.tar.gz
--proxy http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate, br\"\r\ntar xzvf
elastic-agent-9.0.0-linux-x86_64.tar.gz\r\ncd
elastic-agent-9.0.0-linux-x86_64\r\nsudo ./elastic-agent install \\\r\n
--fleet-server-es=http://localhost:9999 \\\r\n
--fleet-server-service-token=REDACTED \\\r\n
--fleet-server-policy=027a180f-2f4a-4dd1-a531-bf1d1d64179f \\\r\n
--fleet-server-port=8220 \\\r\n --proxy-url=http://some-proxy:1111
\\\r\n --proxy-header=\"Accept-Language=en-US,en;q=0.5\" \\\r\n
--proxy-header=\"Accept-Encoding=gzip, deflate,
br\"\r\n```\r\n```\r\n$ProgressPreference =
'SilentlyContinue'\r\nInvoke-WebRequest -Uri
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-9.0.0-windows-x86_64.zip
-OutFile elastic-agent-9.0.0-windows-x86_64.zip -Proxy
\"http://some-proxy:1111\" -Headers
@{\"Accept-Language\"=\"en-US,en;q=0.5\";\"Accept-Encoding\"=\"gzip,
deflate, br\"}\r\nExpand-Archive
.\\elastic-agent-9.0.0-windows-x86_64.zip\r\ncd
elastic-agent-9.0.0-windows-x86_64\r\n.\\elastic-agent.exe install `\r\n
--fleet-server-es=http://localhost:9999 `\r\n
--fleet-server-service-token=REDACTED `\r\n
--fleet-server-policy=027a180f-2f4a-4dd1-a531-bf1d1d64179f `\r\n
--fleet-server-port=8220 `\r\n --proxy-url=http://some-proxy:1111 `\r\n
--proxy-header=\"Accept-Language=en-US,en;q=0.5\" `\r\n
--proxy-header=\"Accept-Encoding=gzip, deflate,
br\"\r\n```\r\n\r\n**Elastic Agent install with proxied download source
and proxied Fleet\r\nServer host:**\r\n```\r\ncurl -L -O
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-8.15.1-darwin-aarch64.tar.gz
--proxy http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate, br\"\r\ntar xzvf
elastic-agent-8.15.1-darwin-aarch64.tar.gz\r\ncd
elastic-agent-8.15.1-darwin-aarch64\r\nsudo ./elastic-agent install
--url=https://localhost:2222 --enrollment-token=REDACTED
--proxy-url=http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate,
br\"\r\n```\r\n```\r\n$ProgressPreference =
'SilentlyContinue'\r\nInvoke-WebRequest -Uri
https://my-agent-binary-source/beats/elastic-agent/elastic-agent-8.15.1-windows-x86_64.zip
-OutFile elastic-agent-8.15.1-windows-x86_64.zip -Proxy
\"http://some-proxy:1111\" -Headers
@{\"Accept-Language\"=\"en-US,en;q=0.5\";\"Accept-Encoding\"=\"gzip,
deflate, br\"}\r\nExpand-Archive
.\\elastic-agent-8.15.1-windows-x86_64.zip -DestinationPath .\r\ncd
elastic-agent-8.15.1-windows-x86_64\r\n.\\elastic-agent.exe install
--url=https://localhost:2222 --enrollment-token=REDACTED
--proxy-url=http://some-proxy:1111 --proxy-header
\"Accept-Language=en-US,en;q=0.5\" --proxy-header
\"Accept-Encoding=gzip, deflate, br\"\r\n```\r\n\r\n### To-do\r\n- [x]
Unit tests\r\n- [x] API integration tests for enrollment settings
endpoint","sha":"121ff399672673844c5a92996c7a379894abeea8"}}]}]
BACKPORT-->
  • Loading branch information
jen-huang authored Oct 2, 2024
1 parent 6c9c336 commit 7461aa6
Show file tree
Hide file tree
Showing 16 changed files with 907 additions and 188 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,12 @@ properties:
type: string
download_source_id:
type: string
space_ids:
type: array
items:
type: string
data_output_id:
type: string
required:
- id
- name
Expand All @@ -33,10 +39,16 @@ properties:
$ref: ./fleet_server_host.yaml
host_proxy:
$ref: ./proxies.yaml
es_output:
$ref: ./output_create_request_elasticsearch.yaml
es_output_proxy:
$ref: ./proxies.yaml
required:
- agent_policies
- has_active
download_source:
$ref: ./download_sources.yaml
download_source_proxy:
$ref: ./proxies.yaml
required:
- fleet_server
13 changes: 12 additions & 1 deletion x-pack/plugins/fleet/common/types/rest_spec/settings.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,14 @@
* 2.0.
*/

import type { Settings, AgentPolicy, FleetServerHost, FleetProxy, DownloadSource } from '../models';
import type {
Settings,
AgentPolicy,
FleetServerHost,
FleetProxy,
DownloadSource,
Output,
} from '../models';

export interface GetSettingsResponse {
item: Settings;
Expand Down Expand Up @@ -35,16 +42,20 @@ export type EnrollmentSettingsFleetServerPolicy = Pick<
| 'fleet_server_host_id'
| 'download_source_id'
| 'space_ids'
| 'data_output_id'
>;

export interface GetEnrollmentSettingsResponse {
fleet_server: {
policies: EnrollmentSettingsFleetServerPolicy[];
has_active: boolean;
es_output?: Output;
es_output_proxy?: FleetProxy;
host?: FleetServerHost;
host_proxy?: FleetProxy;
};
download_source?: DownloadSource;
download_source_proxy?: FleetProxy;
}
export interface PutSpaceSettingsRequest {
body: {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ import { i18n } from '@kbn/i18n';
import { FormattedMessage } from '@kbn/i18n-react';

import type { PLATFORM_TYPE } from '../../../hooks';
import { useDefaultDownloadSource } from '../../../hooks';
import { useStartServices, useDefaultOutput, useKibanaVersion } from '../../../hooks';
import { useFleetServerHostsForPolicy } from '../../../hooks';
import { useStartServices, useKibanaVersion } from '../../../hooks';

import { PlatformSelector } from '../..';

Expand Down Expand Up @@ -61,24 +61,31 @@ const InstallFleetServerStepContent: React.FunctionComponent<{
}> = ({ serviceToken, fleetServerHost, fleetServerPolicyId, deploymentMode }) => {
const { docLinks } = useStartServices();
const kibanaVersion = useKibanaVersion();
const { output } = useDefaultOutput();
const { downloadSource } = useDefaultDownloadSource();

const commandOutput = output?.type === 'elasticsearch' ? output : undefined;
const { esOutput, esOutputProxy, downloadSource, downloadSourceProxy } =
useFleetServerHostsForPolicy(
fleetServerPolicyId
? {
id: fleetServerPolicyId,
}
: null
);

const installCommands = (['linux', 'mac', 'windows', 'deb', 'rpm'] as PLATFORM_TYPE[]).reduce(
(acc, platform) => {
acc[platform] = getInstallCommandForPlatform(
acc[platform] = getInstallCommandForPlatform({
platform,
commandOutput?.hosts?.[0] ?? '<ELASTICSEARCH_HOST>',
serviceToken ?? '',
fleetServerPolicyId,
esOutputHost: esOutput?.hosts?.[0] ?? '<ELASTICSEARCH_HOST>',
esOutputProxy,
serviceToken: serviceToken ?? '',
policyId: fleetServerPolicyId,
fleetServerHost,
deploymentMode === 'production',
commandOutput?.ca_trusted_fingerprint ?? undefined,
isProductionDeployment: deploymentMode === 'production',
sslCATrustedFingerprint: esOutput?.ca_trusted_fingerprint ?? undefined,
kibanaVersion,
downloadSource
);
downloadSource,
downloadSourceProxy,
});

return acc;
},
Expand Down
Loading

0 comments on commit 7461aa6

Please sign in to comment.