Skip to content

Commit

Permalink
add integration tests using a proxy with mTLS for control plane with …
Browse files Browse the repository at this point in the history
…Elastic Defend installed (#5889)
  • Loading branch information
AndersonQ authored Nov 5, 2024
1 parent 9d2c3c9 commit a338543
Show file tree
Hide file tree
Showing 8 changed files with 592 additions and 48 deletions.
2 changes: 1 addition & 1 deletion pkg/testing/define/define.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,12 @@ import (
"github.com/gofrs/uuid/v5"

"github.com/elastic/elastic-agent-libs/kibana"
"github.com/elastic/elastic-agent/pkg/utils"
"github.com/elastic/go-elasticsearch/v8"
"github.com/elastic/go-sysinfo"
"github.com/elastic/go-sysinfo/types"

atesting "github.com/elastic/elastic-agent/pkg/testing"
"github.com/elastic/elastic-agent/pkg/utils"
semver "github.com/elastic/elastic-agent/pkg/version"
"github.com/elastic/elastic-agent/version"

Expand Down
8 changes: 6 additions & 2 deletions pkg/testing/fixture.go
Original file line number Diff line number Diff line change
Expand Up @@ -1376,8 +1376,12 @@ type AgentInspectOutput struct {
Threshold int `yaml:"threshold"`
} `yaml:"reporting"`
Ssl struct {
Renegotiation string `yaml:"renegotiation"`
VerificationMode string `yaml:"verification_mode"`
Renegotiation string `yaml:"renegotiation"`
VerificationMode string `yaml:"verification_mode"`
Certificate string `yaml:"certificate"`
CertificateAuthorities []string `yaml:"certificate_authorities"`
Key string `yaml:"key"`
KeyPassphrasePath string `yaml:"key_passphrase_path"`
} `yaml:"ssl"`
Timeout string `yaml:"timeout"`
} `yaml:"fleet"`
Expand Down
16 changes: 8 additions & 8 deletions pkg/testing/fixture_install.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ type EnrollOpts struct {
CertificateAuthorities []string // --certificate-authorities
Certificate string // --elastic-agent-cert
Key string // --elastic-agent-cert-key
KeyPassphrasePath string // --elastic-agent-cert-key-passphrase
}

func (e EnrollOpts) toCmdArgs() []string {
Expand All @@ -65,10 +66,13 @@ func (e EnrollOpts) toCmdArgs() []string {
if e.Certificate != "" {
args = append(args, "--elastic-agent-cert="+e.Certificate)
}

if e.Key != "" {
args = append(args, "--elastic-agent-cert-key="+e.Key)
}
if e.KeyPassphrasePath != "" {
args = append(args, "--elastic-agent-cert-key-passphrase="+e.KeyPassphrasePath)
}

return args
}

Expand Down Expand Up @@ -113,7 +117,7 @@ type InstallOpts struct {
FleetBootstrapOpts
}

func (i *InstallOpts) toCmdArgs(operatingSystem string) ([]string, error) {
func (i *InstallOpts) ToCmdArgs() []string {
var args []string
if i.BasePath != "" {
args = append(args, "--base-path", i.BasePath)
Expand Down Expand Up @@ -150,7 +154,7 @@ func (i *InstallOpts) toCmdArgs(operatingSystem string) ([]string, error) {
args = append(args, i.EnrollOpts.toCmdArgs()...)
args = append(args, i.FleetBootstrapOpts.toCmdArgs()...)

return args, nil
return args
}

// Install installs the prepared Elastic Agent binary and registers a t.Cleanup
Expand Down Expand Up @@ -196,11 +200,7 @@ func (f *Fixture) installNoPkgManager(ctx context.Context, installOpts *InstallO
}

installArgs := []string{"install"}
installOptsArgs, err := installOpts.toCmdArgs(f.operatingSystem)
if err != nil {
return nil, err
}
installArgs = append(installArgs, installOptsArgs...)
installArgs = append(installArgs, installOpts.ToCmdArgs()...)
out, err := f.Exec(ctx, installArgs, opts...)
if err != nil {
f.DumpProcesses("-install")
Expand Down
41 changes: 21 additions & 20 deletions pkg/testing/tools/tools.go
Original file line number Diff line number Diff line change
Expand Up @@ -74,9 +74,10 @@ func InstallAgentWithPolicy(ctx context.Context, t *testing.T,
return policy, err
}

// InstallAgentForPolicy enrolls the provided agent fixture in Fleet using the
// default Fleet Server, waits for the agent to come online, and returns either
// an error or nil.
// InstallAgentForPolicy enrolls the provided agent fixture with Fleet. If
// either the enroll URL or the enrollmentToken is empty, they'll be generated
// using the default fleet-server. Then if delay enroll isn't set it waits for
// the agent to come online, otherwise it returns immediately.
// If the context (ctx) has a deadline, it will wait for the agent to become
// online until the deadline of the context, or if not, a default 5-minute
// deadline will be applied.
Expand All @@ -92,31 +93,32 @@ func InstallAgentForPolicy(ctx context.Context, t *testing.T,
PolicyID: policyID,
}

t.Logf("Creating enrollment API key...")
enrollmentToken, err := kibClient.CreateEnrollmentAPIKey(ctx, createEnrollmentAPIKeyReq)
if err != nil {
return fmt.Errorf("unable to create enrollment API key: %w", err)
}
if installOpts.EnrollmentToken == "" {
t.Logf("Creating enrollment API key...")
enrollmentToken, err := kibClient.CreateEnrollmentAPIKey(ctx, createEnrollmentAPIKeyReq)
if err != nil {
return fmt.Errorf("failed creating enrollment API key: %w", err)
}

// Get default Fleet Server URL
fleetServerURL, err := fleettools.DefaultURL(ctx, kibClient)
if err != nil {
return fmt.Errorf("unable to get default Fleet Server URL: %w", err)
installOpts.EnrollmentToken = enrollmentToken.APIKey
}

// Enroll agent
t.Logf("Unpacking and installing Elastic Agent")
installOpts.EnrollOpts = atesting.EnrollOpts{
URL: fleetServerURL,
EnrollmentToken: enrollmentToken.APIKey,
if installOpts.URL == "" {
fleetServerURL, err := fleettools.DefaultURL(ctx, kibClient)
if err != nil {
return fmt.Errorf("failed getting fleet server URL: %w", err)
}

installOpts.URL = fleetServerURL
}

output, err := agentFixture.Install(ctx, &installOpts)
if err != nil {
t.Log(string(output))
return fmt.Errorf("unable to enroll Elastic Agent: %w", err)
return fmt.Errorf("failed installing the agent: %w", err)
}
t.Logf(">>> Ran Enroll. Output: %s", output)

t.Logf(">>> Enroll succeeded. Output: %s", output)

timeout := 10 * time.Minute
if deadline, ok := ctx.Deadline(); ok {
Expand All @@ -136,6 +138,5 @@ func InstallAgentForPolicy(ctx context.Context, t *testing.T,
10*time.Second,
"Elastic Agent status is not online",
)

return nil
}
Loading

0 comments on commit a338543

Please sign in to comment.