-
Notifications
You must be signed in to change notification settings - Fork 427
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add system tests to kibana package #4444
Changes from 9 commits
a618b8c
e224f97
9f9ffce
2615158
3b56c0f
0aca5a7
8196c20
0376cf5
f4eb2d1
1fe63da
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1 @@ | ||
ELASTIC_PASSWORD=changeme | ||
ELASTIC_VERSION=8.5.0-SNAPSHOT | ||
KIBANA_PASSWORD=changeme |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,50 +1,62 @@ | ||
version: "2.3" | ||
services: | ||
elasticsearch: | ||
image: "docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION}" | ||
image: "docker.elastic.co/elasticsearch/elasticsearch:${ELASTIC_VERSION:-8.5.0-SNAPSHOT}" | ||
environment: | ||
- "ES_JAVA_OPTS=-Xms1g -Xmx1g" | ||
- ELASTIC_PASSWORD | ||
- "ELASTIC_PASSWORD=changeme" | ||
ports: | ||
- "127.0.0.1:9201:9200" | ||
volumes: | ||
- "./config/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml" | ||
healthcheck: | ||
test: curl -sfo /dev/null -u elastic:${ELASTIC_PASSWORD} localhost:9200 || exit 1 | ||
test: curl -sfo /dev/null -u elastic:changeme http://localhost:9200 || exit 1 | ||
retries: 300 | ||
interval: 1s | ||
setup: | ||
image: "alpine/curl:latest" | ||
user: root | ||
environment: | ||
- "ES_SERVICE_HOST=http://elasticsearch:9200" | ||
- ELASTIC_PASSWORD | ||
- KIBANA_PASSWORD | ||
- "ELASTIC_PASSWORD=changeme" | ||
- "KIBANA_PASSWORD=changeme" | ||
command: ["/bin/sh", "./setup.sh"] | ||
volumes: | ||
- ./scripts/setup.sh:/setup.sh | ||
- "./scripts/setup.sh:/setup.sh" | ||
kibana: | ||
image: "docker.elastic.co/kibana/kibana:${ELASTIC_VERSION}" | ||
image: "docker.elastic.co/kibana/kibana:${ELASTIC_VERSION:-8.5.0-SNAPSHOT}" | ||
user: "1001:0" | ||
group_add: | ||
- "0" | ||
depends_on: | ||
elasticsearch: | ||
condition: service_healthy | ||
volumes: | ||
- ./config/kibana.yml:/usr/share/kibana/config/kibana.yml | ||
- ${SERVICE_LOGS_DIR}:/usr/share/kibana/logs | ||
- "./config/kibana.yml:/usr/share/kibana/config/kibana.yml" | ||
- "kbn_logs:/usr/share/kibana/logs" | ||
ports: | ||
- "127.0.0.1:5602:5601" | ||
healthcheck: | ||
test: curl -sfo /dev/null localhost:5601 || exit 1 | ||
test: curl -sfo /dev/null http://localhost:5601 || exit 1 | ||
retries: 600 | ||
interval: 1s | ||
log_generation: | ||
image: "alpine/curl:latest" | ||
user: root | ||
depends_on: | ||
kibana: | ||
condition: service_healthy | ||
environment: | ||
- "KIBANA_SERVICE_HOST=http://kibana:5601" | ||
- ELASTIC_PASSWORD | ||
- KIBANA_PASSWORD | ||
command: ["/bin/sh", "./generate-audit-logs.sh"] | ||
- "ELASTIC_PASSWORD=changeme" | ||
- "KIBANA_PASSWORD=changeme" | ||
command: ["/bin/sh", "./generate-logs.sh"] | ||
volumes: | ||
- ./scripts/generate-audit-logs.sh:/generate-audit-logs.sh | ||
- "./scripts/generate-logs.sh:/generate-logs.sh" | ||
- "${SERVICE_LOGS_DIR}:/var/log" | ||
- "kbn_logs:/kbn_logs" | ||
volumes: | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Since Kibana container is not started with |
||
kbn_logs: | ||
driver_opts: | ||
type: tmpfs | ||
device: tmpfs |
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
#!/bin/sh | ||
|
||
# Makes requests to kibana API so that audit logs can be generated | ||
set -e | ||
|
||
# Copy the log files content from this container to /var/log/ which is a bind mounted to ${SERVICE_LOGS_DIR} | ||
# This sh must be executed by a root user in order to have permission to write in the ${SERVICE_LOGS_DIR} folder | ||
copy_log_files () { | ||
for f in /kbn_logs/*; | ||
do | ||
echo "Copy ${f##*/} file..." | ||
|
||
if [[ ! -e /var/log/${f##*/} ]]; then | ||
touch /var/log/${f##*/} | ||
fi | ||
|
||
## appends only new lines | ||
comm -23 "$f" /var/log/${f##*/} >> /var/log/${f##*/} | ||
done | ||
} | ||
|
||
attempt_counter=0 | ||
max_attempts=6 | ||
|
||
until curl -s --request GET \ | ||
--url $KIBANA_SERVICE_HOST/login \ | ||
--user "elastic:$KIBANA_PASSWORD" \ | ||
--header 'Content-Type: application/json' | ||
do | ||
|
||
if [ ${attempt_counter} -eq ${max_attempts} ];then | ||
echo "Max attempts reached" | ||
exit 1 | ||
fi | ||
|
||
printf '.' | ||
attempt_counter=$(($attempt_counter+1)) | ||
sleep 10 | ||
done | ||
|
||
while true | ||
do | ||
curl -s --request GET \ | ||
--url $KIBANA_SERVICE_HOST/api/features \ | ||
--user "elastic:$KIBANA_PASSWORD" \ | ||
--header 'Content-Type: application/json' | ||
|
||
echo "Audit log created" | ||
|
||
copy_log_files | ||
|
||
sleep 10 | ||
done |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,22 @@ | ||
#!/bin/sh | ||
|
||
#Sets a password for kibana_system user | ||
attempt_counter=0 | ||
max_attempts=6 | ||
|
||
set -e | ||
|
||
until curl --request POST $ES_SERVICE_HOST/_security/user/kibana_system/_password \ | ||
--user elastic:$ELASTIC_PASSWORD \ | ||
until curl -s --request POST $ES_SERVICE_HOST/_security/user/kibana_system/_password \ | ||
--user "elastic:$ELASTIC_PASSWORD" \ | ||
--header 'Content-Type: application/json' \ | ||
--data "{\"password\":\"$KIBANA_PASSWORD\"}" | ||
do sleep 10; | ||
done; | ||
--data "{\"password\":\"$KIBANA_PASSWORD\"}" | ||
do | ||
if [ ${attempt_counter} -eq ${max_attempts} ];then | ||
echo "Max attempts reached" | ||
exit 1 | ||
fi | ||
|
||
printf '.' | ||
attempt_counter=$(($attempt_counter+1)) | ||
sleep 10 | ||
done | ||
|
||
echo "Setup complete" |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
input: logfile | ||
data_stream: | ||
vars: | ||
paths: | ||
- "{{SERVICE_LOGS_DIR}}/audit.log" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
.env
doesn't work in the CI env