From 0d08bb0a91f817efd7d66a8f818706c9b8afe65d Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Mon, 29 Jan 2024 11:37:28 -0500 Subject: [PATCH] Finalize script --- salt/elasticfleet/enabled.sls | 2 +- .../so-elastic-fleet-artifacts-url-update | 129 +++++++----------- 2 files changed, 51 insertions(+), 80 deletions(-) diff --git a/salt/elasticfleet/enabled.sls b/salt/elasticfleet/enabled.sls index dca7f479f..f5f53c2a5 100644 --- a/salt/elasticfleet/enabled.sls +++ b/salt/elasticfleet/enabled.sls @@ -40,7 +40,7 @@ so-elastic-fleet-auto-configure-elasticsearch-urls: - name: /usr/sbin/so-elastic-fleet-es-url-update - retry: True -so-elastic-fleet-auto-configure-elasticsearch-urls: +so-elastic-fleet-auto-configure-artifact-urls: cmd.run: - name: /usr/sbin/so-elastic-fleet-artifacts-url-update - retry: True diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-artifacts-url-update b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-artifacts-url-update index 685db392f..bcd3ef7f7 100644 --- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-artifacts-url-update +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-artifacts-url-update @@ -11,92 +11,63 @@ if ! is_manager_node; then exit 0 fi -########## -# Set Elastic Agent Artifact Registry URL - - - - -function update_es_urls() { - -# For each element in NEWLIST, create a new entry - -JSON_STRING=$( jq -n \ - --arg NAME "FleetServer_{{ GLOBALS.hostname }}" \ - --arg URL "http://{{ GLOBALS.url_base }}:8443/artifacts/" \ - '{"name":$NAME,"host":$URL,"is_default":true}' - ) - -curl -K /opt/so/conf/elasticsearch/curl.config -L -X POST "localhost:5601/api/fleet/agent_download_sources" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" - -######### - - # Generate updated JSON payload -{% if grains.role not in ['so-import', 'so-eval'] %} - JSON_STRING=$(jq -n --arg UPDATEDLIST $NEW_LIST_JSON '{"name":"so-manager_elasticsearch","type":"elasticsearch","hosts": $UPDATEDLIST,"config_yaml":""}') -{%- else %} - JSON_STRING=$(jq -n --arg UPDATEDLIST $NEW_LIST_JSON '{"name":"so-manager_elasticsearch","type":"elasticsearch","hosts": $UPDATEDLIST,"is_default":true,"is_default_monitoring":true,"config_yaml":""}') -{%- endif %} - # Update Fleet Elasticsearch URLs - curl -K /opt/so/conf/elasticsearch/curl.config -L -X PUT "localhost:5601/api/fleet/outputs/so-manager_elasticsearch" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" +# Function to check if an array contains a value +array_contains () { + local array="$1[@]" + local seeking=$2 + local in=1 + for element in "${!array}"; do + if [[ $element == "$seeking" ]]; then + in=0 + break + fi + done + return $in } -#START HERE - -# Get current list of Artifact URLs -#RAW_JSON=$(curl -K /opt/so/conf/elasticsearch/curl.config 'http://localhost:5601/api/fleet/outputs/so-manager_elasticsearch') -RAW_JSON=$(curl -K /opt/so/conf/elasticsearch/curl.config 'http://localhost:5601/api/fleet/agent_download_sources') - - -# Check to make sure that the server responded with good data - else, bail from script -CHECKSUM=$(jq -r '.page' <<< "$RAW_JSON") -if [ "$CHECKSUM" != "1" ]; then - printf "Failed to query for current Elastic Agent Artifact URLs..." - exit 1 -fi - -# Get the current list of Elastic Agent Artifact URLs & hash them -CURRENT_LIST=$(jq -c -r '.items[].host' <<< "$RAW_JSON") -CURRENT_HASH=$(sha1sum <<< "$CURRENT_LIST" | awk '{print $1}') - - -# Create array & add initial elements -if [ "{{ GLOBALS.hostname }}" = "{{ GLOBALS.url_base }}" ]; then - NEW_LIST=("http://{{ GLOBALS.url_base }}:8443/artifacts/") -else - NEW_LIST=("http://{{ GLOBALS.url_base }}:8443/artifacts/" "http://{{ GLOBALS.hostname }}:8443/artifacts/") -fi - # Query for the current Grid Nodes that are running Logstash (which includes Fleet Nodes) LOGSTASHNODES=$(salt-call --out=json pillar.get logstash:nodes | jq '.local') +# Initialize an array for new hosts from Fleet Nodes +declare -a NEW_LIST=() + # Query for Fleet Nodes & add them to the list (Hostname) -if grep -q "fleet" <<< $LOGSTASHNODES; then - readarray -t FLEETNODES < <(jq -r ' .fleet | keys_unsorted[]' <<< $LOGSTASHNODES) - for NODE in "${FLEETNODES[@]}" - do - NEW_LIST+=("http://$NODE:8443/artifacts/") - done +if grep -q "fleet" <<< "$LOGSTASHNODES"; then + readarray -t FLEETNODES < <(jq -r '.fleet | keys_unsorted[]' <<< "$LOGSTASHNODES") + for NODE in "${FLEETNODES[@]}"; do + NEW_LIST+=("http://$NODE:8443/artifacts/") + done fi -# Sort & hash the new list of Fleet Elasticsearch URLs -NEW_LIST_JSON=$(jq --compact-output --null-input '$ARGS.positional' --args -- "${NEW_LIST[@]}") -NEW_HASH=$(sha1sum <<< "$NEW_LIST_JSON" | awk '{print $1}') +# Create an array for expected hosts and their names +declare -A expected_hosts=( + ["http://{{ GLOBALS.url_base }}:8443/artifacts/"]="FleetServer_{{ GLOBALS.hostname }}" + ["https://artifacts.elastic.co/downloads/"]="Elastic Artifacts" +) -# Compare the current & new list of URLs - if different, update the Fleet Elasticsearch URLs -if [ "$1" = "--force" ]; then - printf "\nUpdating List, since --force was specified.\n" - printf "Current List: $CURRENT_LIST\nNew List: $NEW_LIST_JSON\n" - update_es_urls - exit 0 -fi +# Merge NEW_LIST into expected_hosts +for host in "${NEW_LIST[@]}"; do + expected_hosts[$host]="FleetServer" +done -if [ "$NEW_HASH" = "$CURRENT_HASH" ]; then - printf "\nHashes match - no update needed.\n" - printf "Current List: $CURRENT_LIST\nNew List: $NEW_LIST_JSON\n" - exit 0 -else - printf "\nHashes don't match - update needed.\n" - printf "Current List: $CURRENT_LIST\nNew List: $NEW_LIST_JSON\n" - #update_es_urls -fi +# Fetch the current hosts from the API +current_hosts=$(curl -K /opt/so/conf/elasticsearch/curl.config 'http://localhost:5601/api/fleet/agent_download_sources' | jq -r .items[].host) + +# Convert current hosts to an array +IFS=$'\n' read -rd '' -a current_hosts_array <<<"$current_hosts" + +# Check each expected host +for host in "${!expected_hosts[@]}"; do + array_contains current_hosts_array "$host" || { + echo "$host (${expected_hosts[$host]}) is missing. Adding it..." + + # Prepare the JSON payload + JSON_STRING=$( jq -n \ + --arg NAME "${expected_hosts[$host]}" \ + --arg URL "$host" \ + '{"name":$NAME,"host":$URL}' ) + + # Create the missing host + curl -K /opt/so/conf/elasticsearch/curl.config -L -X POST "localhost:5601/api/fleet/agent_download_sources" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" + } +done