Look for keystore under the correct path (elastic#13332)

Previously, Functionbeat put the keystore file under `/tmp` due to the overrides of the function. But when loading the keystore file before packaging the Beat, data path was not yet initialized, so it looked for the file under the incorrect folder. Furthermore, the file in the compressed package was hardcoded to `data/functionbeat.keystore`. So there was no way for functionbeat to find the keystore when loaded to the cloud provider.

Closes elastic#13079

CHANGELOG.next.asciidoc

@@ -195,6 +195,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
 
 - Fix function name reference for Kinesis streams in CloudFormation templates {pull}11646[11646]
 - Fix Cloudwatch logs timestamp to use timestamp of the log record instead of when the record was processed {pull}13291[13291]
+- Look for the keystore under the correct path. {pull}13332[13332]
 
 ==== Added
 

libbeat/keystore/file_keystore.go

@@ -415,6 +415,11 @@ func (k *FileKeystore) Package() ([]byte, error) {
 	return k.loadRaw()
 }
 
+// ConfiguredPath returns the path to the keystore.
+func (k *FileKeystore) ConfiguredPath() string {
+	return k.Path
+}
+
 func (k *FileKeystore) hashPassword(password, salt []byte) []byte {
 	return pbkdf2.Key(password, salt, iterationsCount, keyLength, sha512.New)
 }

libbeat/keystore/keystore.go

@@ -67,6 +67,7 @@ type Keystore interface {
 // Packager defines a keystore that we can read the raw bytes and be packaged in an artifact.
 type Packager interface {
 	Package() ([]byte, error)
+	ConfiguredPath() string
 }
 
 // Factory Create the right keystore with the configured options.

x-pack/functionbeat/config/config.go

@@ -21,6 +21,7 @@ var (
 	configOverrides = common.MustNewConfigFrom(map[string]interface{}{
 		"path.data":              "/tmp",
 		"path.logs":              "/tmp/logs",
+		"keystore.path":          "/tmp/beats.keystore",
 		"setup.template.enabled": true,
 		"queue.mem": map[string]interface{}{
 			"flush.min_events": 10,
@@ -63,6 +64,7 @@ var (
 		Check:  always,
 		Config: functionLoggingOverrides,
 	}
+
 	// FunctionOverrides contain logging settings
 	FunctionOverrides = append(Overrides, functionOverride)
 )

x-pack/functionbeat/manager/core/makezip.go

@@ -55,19 +55,11 @@ func MakeZip(provider string) ([]byte, error) {
 		&bundle.LocalFile{Path: "pkg/functionbeat-" + provider, FileMode: 0755},
 	}
 
-	rawKeystore, err := keystoreRaw()
+	resources, err = addKeystoreIfConfigured(resources)
 	if err != nil {
 		return nil, err
 	}
 
-	if len(rawKeystore) > 0 {
-		resources = append(resources, &bundle.MemoryFile{
-			Path:     "data/functionbeat.keystore",
-			Raw:      rawKeystore,
-			FileMode: 0600,
-		})
-	}
-
 	bundle := bundle.NewZipWithLimits(
 		packageUncompressedLimit,
 		packageCompressedLimit,
@@ -80,7 +72,29 @@ func MakeZip(provider string) ([]byte, error) {
 	return content, nil
 }
 
-func keystoreRaw() ([]byte, error) {
+func addKeystoreIfConfigured(resources []bundle.Resource) ([]bundle.Resource, error) {
+	ksPackager, err := keystorePackager()
+	if err != nil {
+		return nil, err
+	}
+
+	rawKeystore, err := ksPackager.Package()
+	if err != nil {
+		return nil, err
+	}
+
+	if len(rawKeystore) > 0 {
+		resources = append(resources, &bundle.MemoryFile{
+			Path:     ksPackager.ConfiguredPath(),
+			Raw:      rawKeystore,
+			FileMode: 0600,
+		})
+	}
+
+	return resources, nil
+}
+
+func keystorePackager() (keystore.Packager, error) {
 	cfg, err := cfgfile.Load("", config.Overrides)
 	if err != nil {
 		return nil, fmt.Errorf("error loading config file: %v", err)
@@ -96,5 +110,5 @@ func keystoreRaw() ([]byte, error) {
 		return nil, fmt.Errorf("the configured keystore cannot be packaged")
 	}
 
-	return packager.Package()
+	return packager, nil
 }