From 409612ff1f178d33582ff18d136dba5a5ea7a10d Mon Sep 17 00:00:00 2001
From: Wes <wlambertts@gmail.com>
Date: Wed, 11 Sep 2024 14:56:57 +0000
Subject: [PATCH] Add script to upgrade integrations

---
 .../sbin/so-elastic-fleet-integration-upgrade | 52 +++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade

diff --git a/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade b/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade
new file mode 100644
index 000000000..1c94c5017
--- /dev/null
+++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade
@@ -0,0 +1,52 @@
+#!/bin/bash
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
+. /usr/sbin/so-elastic-fleet-common-2
+
+RETURN_CODE=0
+
+if [ ! -f /opt/so/state/eaintegrationupgrade.txt ]; then
+  # Let's snag a cookie from Kibana
+  SESSIONCOOKIE=$(curl -s -K /opt/so/conf/elasticsearch/curl.config -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}')
+
+  # List agent policies
+  for AGENT_POLICY in $(elastic_fleet_agent_policy_names); do
+    IFS=$'\n'
+    for INTEGRATION in $(elastic_fleet_integration_policy_names "$AGENT_POLICY"); do
+      if ! [[ "$INTEGRATION" == "elastic-defend-endpoints" ]] && ! [[ "$INTEGRATION" == "fleet_server-"* ]]; then
+      echo "$INTEGRATION"
+      # Get package name so we know what package to look for when checking the current and latest available version
+      PACKAGE_NAME=$(elastic_fleet_integration_policy_package_name "$AGENT_POLICY" "$INTEGRATION")
+      # Get currently installed version of package
+      PACKAGE_VERSION=$(elastic_fleet_integration_policy_package_version "$AGENT_POLICY" "$INTEGRATION")
+      # Get latest available version of package
+      AVAILABLE_VERSION=$(elastic_fleet_package_latest_version_check "$PACKAGE_NAME")
+      INTEGRATION_ID=$(elastic_fleet_integration_id "$AGENT_POLICY" "$INTEGRATION" )
+      if [[ "$PACKAGE_VERSION" != "$AVAILABLE_VERSION" ]]; then
+        # Dry run of upgrade
+        echo "Current $PACKAGE_NAME package version ($PACKAGE_VERSION) is not the same as the latest available package ($AVAILABLE_VERSION)..." 
+        echo "Upgrading $INTEGRATION..."
+        echo "Starting dry run..."
+        DRYRUN_ERRORS=$(elastic_fleet_integration_policy_dryrun_upgrade "$INTEGRATION_ID" | jq .[].hasErrors)
+        # If no errors with dry run, proceed with actual upgrade
+        if [[ "$DRYRUN_ERRORS" == "false" ]]; then
+          echo "No errors detected. Proceeding with upgrade..."
+          elastic_fleet_integration_policy_upgrade "$INTEGRATION_ID"
+        else
+          echo "Errors detected. Stopping upgrade..."
+          exit 1
+        fi
+      fi
+      fi
+    done
+  done
+  if [[ "$RETURN_CODE" != "1" ]]; then
+    touch /opt/so/state/eaintegrationupgrade.txt
+  fi
+  echo
+else
+  exit $RETURN_CODE
+fi