From bcd2e95fbe3a77a55b98a8487aba43f190b70f5e Mon Sep 17 00:00:00 2001
From: reyesj2 <94730068+reyesj2@users.noreply.github.com>
Date: Tue, 16 Sep 2025 21:22:03 -0500
Subject: [PATCH] add error checking and retries to
 elastic_fleet_integration_policy_upgrade

---
 salt/elasticfleet/tools/sbin/so-elastic-fleet-common         | 4 +++-
 .../sbin/so-elastic-fleet-integration-policy-elastic-defend  | 5 ++++-
 .../tools/sbin_jinja/so-elastic-fleet-integration-upgrade    | 3 +--
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/salt/elasticfleet/tools/sbin/so-elastic-fleet-common b/salt/elasticfleet/tools/sbin/so-elastic-fleet-common
index 42e563562..f76c6d64e 100644
--- a/salt/elasticfleet/tools/sbin/so-elastic-fleet-common
+++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-common
@@ -81,7 +81,9 @@ elastic_fleet_integration_policy_upgrade() {
                     '{"packagePolicyIds":[$INTEGRATIONID]}'
                     )
 
-    curl -K /opt/so/conf/elasticsearch/curl.config -L -X POST "localhost:5601/api/fleet/package_policies/upgrade" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING"
+    if ! curl -sK /opt/so/conf/elasticsearch/curl.config -L -X POST "localhost:5601/api/fleet/package_policies/upgrade" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING" --retry 3 --fail 2>/dev/null; then
+        return 1
+    fi
 }
 
 
diff --git a/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-policy-elastic-defend b/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-policy-elastic-defend
index 312c84be6..9769f2f79 100755
--- a/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-policy-elastic-defend
+++ b/salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-policy-elastic-defend
@@ -15,7 +15,10 @@ do
   elastic_fleet_integration_check "endpoints-initial" "$INTEGRATION"
   if [ -n "$INTEGRATION_ID" ]; then
       printf "\n\nIntegration $NAME exists - Upgrading integration policy\n"
-      elastic_fleet_integration_policy_upgrade "$INTEGRATION_ID"
+      if ! elastic_fleet_integration_policy_upgrade "$INTEGRATION_ID"; then
+        echo -e "\nFailed to upgrade integration policy for ${INTEGRATION##*/}"
+        exit 1
+      fi
   else
     printf "\n\nIntegration does not exist - Creating integration\n"
     if ! elastic_fleet_integration_create "@$INTEGRATION"; then
diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-integration-upgrade b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-integration-upgrade
index 68a644798..f25059f39 100644
--- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-integration-upgrade
+++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-integration-upgrade
@@ -62,8 +62,7 @@ for AGENT_POLICY in $agent_policies; do
                     # If no errors with dry run, proceed with actual upgrade
                     if [[ "$DRYRUN_ERRORS" == "false" ]]; then
                         echo "No errors detected. Proceeding with upgrade..."
-                        elastic_fleet_integration_policy_upgrade "$INTEGRATION_ID"
-                        if [ $? -ne 0 ]; then
+                        if ! elastic_fleet_integration_policy_upgrade "$INTEGRATION_ID"; then
                             echo "Error: Upgrade failed for $PACKAGE_NAME with integration ID '$INTEGRATION_ID'."
                             exit 1
                         fi