The built-in 'remote_monitoring_user' has full permissions on monitoring
indices, which is more than Metricbeat needs to collect metrics from
remote components.
Recently this workflow started failing with 'Resource not accessible by
integration' when using the default GitHub Actions access token.
Ref. ridedott/merge-me-action#1581
GitHub updated their Ubuntu 22.04 runner image to 20220821.1, which
bumped Compose from v2.6.1 to v2.9.0.
Compose v2.8.0 introduced a breaking change where the name of certain
resources — such as images — are created with hyphens '-' instead of
underscores '_'.
Ref. https://docs.docker.com/compose/release-notes/#280
List of changes impacting docker-elk:
- [logstash]: The output to Elasticsearch is handled as a data stream.
Starting with v8.0.0, the `elasticsearch` output for Logstash sends
log data to a data stream instead of `logstash-*` indices by default.
The name of the default data stream is `logs-generic-default`.
docker-elk remains unopinionated and simply uses Elastic's defaults
like it always has, so users who prefer to retain the old behaviour
need to explicitly opt-out of data streams in their Logstash
pipelines.
Refs:
- https://www.elastic.co/guide/en/elasticsearch/reference/current/data-streams.html
- https://www.elastic.co/guide/en/logstash/current/plugins-outputs-elasticsearch.html#plugins-outputs-elasticsearch-data-streams
- [logstash]: The (legacy) monitoring data collection is now disabled.
This feature was deprecated since v7.9.0, and removed in v8.0.0.
Ref: https://www.elastic.co/guide/en/logstash/current/monitoring-internal-collection-legacy.html
- [kibana]: An index pattern for `logs-*` indices is automatically
created.
It used to be required to manually create an index pattern for indices
managed by Logstash, even when using the default Logstash indices.
This is no longer the case since the output data is now being handled
as a data stream, and Kibana automatically creates index patterns for
these.
- [elasticsearch]: The command line tool `elasticsearch-setup-passwords`
was deprecated in favour of a new `elasticsearch-reset-password` tool.
Passwords for built-in users must now be generated one by one.
Ref: https://www.elastic.co/guide/en/elasticsearch/reference/current/setup-passwords.html
- [enterprise-search]: Kibana is now the new management interface, and
the only one available moving forward.
The old standalone Enterprise Search interface was removed in v8.0.0.
Ref: https://www.elastic.co/guide/en/enterprise-search/current/user-interfaces.html
The first attempt occasionally fails, probably due to a race with the
listener's startup.
Additionally, perform minor adjustments to the output written to stderr
to ensure it is properly flushed in the CI environment.
Since we restart Logstash to enable the UDP input prior to running this
test, we should also ensure it has successfully come back, otherwise we
start searching for the expected documents in Elasticsearch way too
early and often run into timeouts.
Ensures the workspace is clean before attempting to update any file.
Removes the need for explicitly ignoring Node.js artifacts in Git, since
they get cleaned up by the 'checkout' action before fetching.
Run the update job for each currently supported release series, so that
automated updates can be orchestrated from the main branch via a single
scheduled workflow.
This reverts commit 9016e00e7b and updates
the 'latest' version detection logic to iterate over releases and pick
the latest matching semver, instead of relying on GitHub's
'/releases/latest' API.
This reverts commit 730ffa8de5.
Lately, Elastic's release pipeline has been tagging releases from the
older 6.x series as "latest" in place of releases from the current 7.x
series. This results in weekly PRs from GitHub Actions for _downgrading_
our stack from 7.x to 6.x.
In order to avoid receiving those PRs, we disable the update workflow
entirely until the Elastic 6.x release series is marked as EOL.
Ref. elastic/elasticsearch#75436Closes#611
ci: Update Enterprise Search test for v3 index
App Search API keys are now encrypted in Elasticsearch, so we simply
ensure they exist and don't try to read their value.
Antoine Cotten
Evan
dependabot[bot]
github-actions[bot]
Mustafa Guney