Skip to content

Commit b333e3a

Browse files
mergify[bot]pchila
andauthored
[8.13](backport #4403) Add a mage target that packages elastic-agent using elastic-agent-core DRA (#4589)
* Add a mage target that packages elastic-agent using elastic-agent-core DRA (#4403) * Extract dependencies download to its own function * Add PackageUsingDRA mage target * filter elastic-agent-core artifacts by platform * update buildkite package script with packageUsingDRA target * Add sha512 validation for downloaded elastic-agent-core packages * Override the elastic agent commit hash when packaging using DRA * change Manifest URL env variable name --------- Co-authored-by: Paolo Chilà <paolo.chila@elastic.co>
1 parent 73d1588 commit b333e3a

File tree

5 files changed

+443
-68
lines changed

5 files changed

+443
-68
lines changed

.buildkite/scripts/steps/package.sh

+2-2
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,8 @@ fi
1313
export AGENT_DROP_PATH=build/elastic-agent-drop
1414
mkdir -p $AGENT_DROP_PATH
1515

16-
# Download the components from the ManifestURL and then package those downloaded into the $AGENT_DROP_PATH
17-
mage clean downloadManifest package ironbank fixDRADockerArtifacts
16+
# Download the components from the MANIFEST_URL and then package those downloaded into the $AGENT_DROP_PATH
17+
mage clean downloadManifest packageUsingDRA ironbank fixDRADockerArtifacts
1818

1919
echo "+++ Generate dependencies report"
2020
BEAT_VERSION_FULL=$(curl -s -XGET "${MANIFEST_URL}" |jq '.version' -r )

dev-tools/mage/manifest/manifest.go

+2-2
Original file line numberDiff line numberDiff line change
@@ -130,7 +130,7 @@ func DownloadComponentsFromManifest(manifest string, platforms []string, platfor
130130
downloadTarget := filepath.Join(targetPath, pkgFilename)
131131
if _, err := os.Stat(downloadTarget); err != nil {
132132
errGrp.Go(func(ctx context.Context, url, target string) func() error {
133-
return func() error { return downloadPackage(ctx, url, target) }
133+
return func() error { return DownloadPackage(ctx, url, target) }
134134
}(downloadsCtx, p, downloadTarget))
135135
}
136136
}
@@ -150,7 +150,7 @@ func DownloadComponentsFromManifest(manifest string, platforms []string, platfor
150150
return nil
151151
}
152152

153-
func downloadPackage(ctx context.Context, downloadUrl string, target string) error {
153+
func DownloadPackage(ctx context.Context, downloadUrl string, target string) error {
154154
parsedURL, errorUrl := url.Parse(downloadUrl)
155155
if errorUrl != nil {
156156
return errorInvalidManifestURL

dev-tools/mage/settings.go

+8-1
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,8 @@ const (
4646
agentPackageVersionEnvVar = "AGENT_PACKAGE_VERSION"
4747
//ManifestUrlEnvVar is the name fo the environment variable containing the Manifest URL to be used for packaging agent
4848
ManifestUrlEnvVar = "MANIFEST_URL"
49+
// AgentCommitHashEnvVar allows to override agent commit hash string during packaging
50+
AgentCommitHashEnvVar
4951

5052
// Mapped functions
5153
agentPackageVersionMappedFunc = "agent_package_version"
@@ -283,7 +285,12 @@ var (
283285
func CommitHash() (string, error) {
284286
var err error
285287
commitHashOnce.Do(func() {
286-
commitHash, err = sh.Output("git", "rev-parse", "HEAD")
288+
// Check commit hash override first
289+
commitHash = EnvOr(AgentCommitHashEnvVar, "")
290+
if commitHash == "" {
291+
// no override found, get the hash from HEAD
292+
commitHash, err = sh.Output("git", "rev-parse", "HEAD")
293+
}
287294
})
288295
return commitHash, err
289296
}

internal/pkg/agent/application/upgrade/artifact/download/verifier.go

+12-4
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ import (
1111
"crypto/sha512"
1212
"encoding/hex"
1313
"fmt"
14+
"hash"
1415
"io"
1516
"net/http"
1617
"net/url"
@@ -130,8 +131,16 @@ func getHashFileName(filename string) string {
130131
// exists and that the checksum in the sidecar file matches the checksum of
131132
// the file. It returns an error if validation fails.
132133
func VerifySHA512Hash(filename string) error {
134+
hasher := sha512.New()
135+
checksumFileName := getHashFileName(filename)
136+
return VerifyChecksum(hasher, filename, checksumFileName)
137+
}
138+
139+
// VerifyChecksum checks that the hash contained in checksumFileName correspond to the hash calculated for filename using
140+
// hasher.Sum()
141+
func VerifyChecksum(hasher hash.Hash, filename, checksumFileName string) error {
133142
// Read expected checksum.
134-
expectedHash, err := readChecksumFile(getHashFileName(filename), filepath.Base(filename))
143+
expectedHash, err := readChecksumFile(checksumFileName, filepath.Base(filename))
135144
if err != nil {
136145
return fmt.Errorf("could not read checksum file: %w", err)
137146
}
@@ -143,12 +152,11 @@ func VerifySHA512Hash(filename string) error {
143152
}
144153
defer f.Close()
145154

146-
hash := sha512.New()
147-
if _, err := io.Copy(hash, f); err != nil {
155+
if _, err := io.Copy(hasher, f); err != nil {
148156
return fmt.Errorf("faled to read file to calculate hash")
149157
}
150158

151-
computedHash := hex.EncodeToString(hash.Sum(nil))
159+
computedHash := hex.EncodeToString(hasher.Sum(nil))
152160
if computedHash != expectedHash {
153161
return &ChecksumMismatchError{
154162
Expected: expectedHash,

0 commit comments

Comments
 (0)