Merge pull request #13666 from Security-Onion-Solutions/m0duspwnens-patch-1

exit 1 if unable to connect to kibana

salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-upgrade

@@ -6,37 +6,87 @@
 
 . /usr/sbin/so-elastic-fleet-common
 
-# Let's snag a cookie from Kibana
+curl_output=$(curl -s -K /opt/so/conf/elasticsearch/curl.config -c - -X GET http://localhost:5601/)
-SESSIONCOOKIE=$(curl -s -K /opt/so/conf/elasticsearch/curl.config -c - -X GET http://localhost:5601/ | grep sid | awk '{print $7}')
+if [ $? -ne 0 ]; then
+    echo "Error: Failed to connect to localhost:5601 to obtain session cookie."
+    exit 1
+fi
+
+SESSIONCOOKIE=$(echo "$curl_output" | grep sid | awk '{print $7}')
+if [ -z "$SESSIONCOOKIE" ]; then
+    echo "Warning: Session cookie is empty."
+fi
 
-# List agent policies
 IFS=$'\n'
-for AGENT_POLICY in $(elastic_fleet_agent_policy_names); do
+agent_policies=$(elastic_fleet_agent_policy_names)
-  for INTEGRATION in $(elastic_fleet_integration_policy_names "$AGENT_POLICY"); do
+if [ $? -ne 0 ]; then
-    if ! [[ "$INTEGRATION" == "elastic-defend-endpoints" ]] && ! [[ "$INTEGRATION" == "fleet_server-"* ]]; then
+    echo "Error: Failed to retrieve agent policies."
-      # Get package name so we know what package to look for when checking the current and latest available version
+    exit 1
-      PACKAGE_NAME=$(elastic_fleet_integration_policy_package_name "$AGENT_POLICY" "$INTEGRATION")
+fi
-      # Get currently installed version of package
+
-      PACKAGE_VERSION=$(elastic_fleet_integration_policy_package_version "$AGENT_POLICY" "$INTEGRATION")
+for AGENT_POLICY in $agent_policies; do
-      # Get latest available version of package
+    integrations=$(elastic_fleet_integration_policy_names "$AGENT_POLICY")
-      AVAILABLE_VERSION=$(elastic_fleet_package_latest_version_check "$PACKAGE_NAME")
+    if [ $? -ne 0 ]; then
-      INTEGRATION_ID=$(elastic_fleet_integration_id "$AGENT_POLICY" "$INTEGRATION" )
+        echo "Error: Failed to retrieve integration policies for agent policy '$AGENT_POLICY'."
-      if [[ "$PACKAGE_VERSION" != "$AVAILABLE_VERSION" ]]; then
+        exit 1
-        # Dry run of upgrade
-        echo "Current $PACKAGE_NAME package version ($PACKAGE_VERSION) is not the same as the latest available package ($AVAILABLE_VERSION)..." 
-        echo "Upgrading $INTEGRATION..."
-        echo "Starting dry run..."
-        DRYRUN_ERRORS=$(elastic_fleet_integration_policy_dryrun_upgrade "$INTEGRATION_ID" | jq .[].hasErrors)
-        # If no errors with dry run, proceed with actual upgrade
-        if [[ "$DRYRUN_ERRORS" == "false" ]]; then
-          echo "No errors detected. Proceeding with upgrade..."
-          elastic_fleet_integration_policy_upgrade "$INTEGRATION_ID"
-        else
-          echo "Errors detected. Stopping upgrade..."
-          exit 1
-        fi
-      fi
     fi
-  done
+
+    for INTEGRATION in $integrations; do
+        if ! [[ "$INTEGRATION" == "elastic-defend-endpoints" ]] && ! [[ "$INTEGRATION" == "fleet_server-"* ]]; then
+            # Get package name so we know what package to look for when checking the current and latest available version
+            PACKAGE_NAME=$(elastic_fleet_integration_policy_package_name "$AGENT_POLICY" "$INTEGRATION")
+            if [ $? -ne 0 ]; then
+                echo "Error: Failed to retrieve package name for integration '$INTEGRATION' in agent policy '$AGENT_POLICY'."
+                exit 1
+            fi
+
+            # Get currently installed version of package
+            PACKAGE_VERSION=$(elastic_fleet_integration_policy_package_version "$AGENT_POLICY" "$INTEGRATION")
+            if [ $? -ne 0 ]; then
+                echo "Error: Failed to retrieve package version for integration '$INTEGRATION' in agent policy '$AGENT_POLICY'."
+                exit 1
+            fi
+
+            # Get latest available version of package
+            AVAILABLE_VERSION=$(elastic_fleet_package_latest_version_check "$PACKAGE_NAME")
+            if [ $? -ne 0 ]; then
+                echo "Error: Failed to retrieve latest available version for package '$PACKAGE_NAME'."
+                exit 1
+            fi
+
+            INTEGRATION_ID=$(elastic_fleet_integration_id "$AGENT_POLICY" "$INTEGRATION")
+            if [ $? -ne 0 ]; then
+                echo "Error: Failed to retrieve integration ID for '$INTEGRATION' in agent policy '$AGENT_POLICY'."
+                exit 1
+            fi
+
+            if [[ "$PACKAGE_VERSION" != "$AVAILABLE_VERSION" ]]; then
+                # Dry run of the upgrade
+                echo "Current $PACKAGE_NAME package version ($PACKAGE_VERSION) is not the same as the latest available package ($AVAILABLE_VERSION)..."
+                echo "Upgrading $INTEGRATION..."
+                echo "Starting dry run..."
+
+                DRYRUN_OUTPUT=$(elastic_fleet_integration_policy_dryrun_upgrade "$INTEGRATION_ID")
+                if [ $? -ne 0 ]; then
+                    echo "Error: Dry run upgrade failed for integration ID '$INTEGRATION_ID'."
+                    exit 1
+                fi
+
+                DRYRUN_ERRORS=$(echo "$DRYRUN_OUTPUT" | jq .[].hasErrors)
+                # If no errors with dry run, proceed with actual upgrade
+                if [[ "$DRYRUN_ERRORS" == "false" ]]; then
+                    echo "No errors detected. Proceeding with upgrade..."
+                    elastic_fleet_integration_policy_upgrade "$INTEGRATION_ID"
+                    if [ $? -ne 0 ]; then
+                        echo "Error: Upgrade failed for integration ID '$INTEGRATION_ID'."
+                        exit 1
+                    fi
+                else
+                    echo "Errors detected during dry run. Stopping upgrade..."
+                    exit 1
+                fi
+            fi
+        fi
+    done
 done
 echo