Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apmpackage: add more elasticsearch privileges #6139

Merged
merged 11 commits into from
Oct 12, 2021
Merged

apmpackage: add more elasticsearch privileges #6139

merged 11 commits into from
Oct 12, 2021

Conversation

axw
Copy link
Member

@axw axw commented Sep 9, 2021
edited
Loading

Motivation/summary

Add privileges to the sampled traces data stream in order to refresh indices, querying index stats, and read documents. This data stream holds only non-sensitive information.

Introduce config vars to the integration package for tail-sampling. These are used in a revised system test, which now uses the Fleet integration.

Checklist

How to test these changes

Can't be manually tested yet, needs UI for configuring tail-sampling policies.

Related issues

Closes #5490

@apmmachine
Copy link
Contributor

apmmachine commented Sep 9, 2021
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2021-10-12T11:02:52.394+0000

  • Duration: 45 min 23 sec

  • Commit: e82931b

Test stats 🧪

Test Results
Failed 0
Passed 6185
Skipped 18
Total 6203

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /hey-apm : Run the hey-apm benchmark.

  • /package : Generate and publish the docker images.

@hop-dev hop-dev mentioned this pull request Sep 16, 2021
Merged
1 task
@axw axw force-pushed the apmpackage-elasticsearch-privileges branch 2 times, most recently from b09bc14 to 221aacf Compare October 6, 2021 02:55
@axw axw force-pushed the apmpackage-elasticsearch-privileges branch from 221aacf to 5335626 Compare October 6, 2021 03:14
axw
axw commented Oct 6, 2021
View reviewed changes
systemtest/containers.go
Comment on lines +492 to +493
vcsRefShort := vcsRef[:6]
apmServerInstallDir := fmt.Sprintf("./data/elastic-agent-%s/install/apm-server-%s-linux-%s", vcsRefShort, stackVersion, arch)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there were some changes to elastic-agent which meant we haven't been running with the custom, injected apm-server binary.

@axw axw marked this pull request as ready for review October 6, 2021 03:15
@axw axw requested a review from a team October 6, 2021 03:15
@axw
Copy link
Member Author

axw commented Oct 6, 2021

/test

marclop
marclop reviewed Oct 6, 2021
View reviewed changes
Copy link
Contributor

@marclop marclop left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, I'll defer a more in depth review for other members of the team that understand the fleet/agent integration better.

@axw
Copy link
Member Author

axw commented Oct 6, 2021

Moving this back into draft as I look into the test failures. Seems to be some kind of test isolation issue.

@axw axw marked this pull request as draft October 6, 2021 06:14
@axw
systemtest: don't delete integration templates
6bb6f32 
We now only install the integration once before running
all the tests. We uninstall any existing apm package,
which will take care of removing outdated integration
index templates.
@axw axw marked this pull request as ready for review October 6, 2021 08:25
@axw
Copy link
Member Author

axw commented Oct 11, 2021

/test

simitt
simitt approved these changes Oct 12, 2021
View reviewed changes
systemtest/fleet_test.go Outdated Show resolved Hide resolved
@axw axw enabled auto-merge (squash) October 12, 2021 07:56
@axw axw merged commit fa65ccc into elastic:master Oct 12, 2021
mergify bot pushed a commit that referenced this pull request Oct 12, 2021
@axw
apmpackage: add more elasticsearch privileges (#6139)
e8b1a84 
* tools: upgrade elastic-package

* apmpackage: add privileges for sampled_traces

* apmpackage: add config vars for tail sampling

* apmpackage: update changelog

* systemtest: test tail-sampling with Fleet

* systemtest: don't delete integration templates

We now only install the integration once before running
all the tests. We uninstall any existing apm package,
which will take care of removing outdated integration
index templates.

* Update systemtest/fleet_test.go

Co-authored-by: Silvia Mitter <silvia.mitter@elastic.co>

Co-authored-by: Silvia Mitter <silvia.mitter@elastic.co>
(cherry picked from commit fa65ccc)
@mergify mergify bot mentioned this pull request Oct 12, 2021
Merged
axw added a commit that referenced this pull request Oct 12, 2021
@mergify @axw
apmpackage: add more elasticsearch privileges (#6139) (#6329)
4f9c3df 
* tools: upgrade elastic-package

* apmpackage: add privileges for sampled_traces

* apmpackage: add config vars for tail sampling

* apmpackage: update changelog

* systemtest: test tail-sampling with Fleet

* systemtest: don't delete integration templates

We now only install the integration once before running
all the tests. We uninstall any existing apm package,
which will take care of removing outdated integration
index templates.

* Update systemtest/fleet_test.go

Co-authored-by: Silvia Mitter <silvia.mitter@elastic.co>

Co-authored-by: Silvia Mitter <silvia.mitter@elastic.co>
(cherry picked from commit fa65ccc)

Co-authored-by: Andrew Wilkins <axw@elastic.co>
@marclop marclop added backport-skip Skip notification from the automated backport with mergify test-plan-skip labels Oct 25, 2021
@axw axw mentioned this pull request Jan 10, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marclop marclop marclop left review comments

@simitt simitt simitt approved these changes

Assignees
No one assigned
Labels
backport-skip Skip notification from the automated backport with mergify test-plan-skip v7.16.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[tail sampling] make sure apm-server has enough privileges for tail-based sampling
4 participants
@axw @apmmachine @simitt @marclop