force keystore path to /tmp/keystore

elastic · Aug 27, 2019 · 31f62ce · 31f62ce
1 parent 65db71c
commit 31f62ce
Show file tree

Hide file tree

Showing 5 changed files with 34 additions and 11 deletions.
diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc
@@ -195,6 +195,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
 
 - Fix function name reference for Kinesis streams in CloudFormation templates {pull}11646[11646]
 - Fix Cloudwatch logs timestamp to use timestamp of the log record instead of when the record was processed {pull}13291[13291]
+- Look for the keystore under the correct path. {pull}13332[13332]
 
 ==== Added
 

diff --git a/libbeat/keystore/file_keystore.go b/libbeat/keystore/file_keystore.go
@@ -415,6 +415,11 @@ func (k *FileKeystore) Package() ([]byte, error) {
 	return k.loadRaw()
 }
 
+// ConfiguredPath returns the path to the keystore.
+func (k *FileKeystore) ConfiguredPath() string {
+	return k.Path
+}
+
 func (k *FileKeystore) hashPassword(password, salt []byte) []byte {
 	return pbkdf2.Key(password, salt, iterationsCount, keyLength, sha512.New)
 }
diff --git a/libbeat/keystore/keystore.go b/libbeat/keystore/keystore.go
@@ -67,6 +67,7 @@ type Keystore interface {
 // Packager defines a keystore that we can read the raw bytes and be packaged in an artifact.
 type Packager interface {
 	Package() ([]byte, error)
+	ConfiguredPath() string
 }
 
 // Factory Create the right keystore with the configured options.

diff --git a/x-pack/functionbeat/config/config.go b/x-pack/functionbeat/config/config.go
@@ -21,6 +21,7 @@ var (
 	configOverrides = common.MustNewConfigFrom(map[string]interface{}{
 		"path.data":              "/tmp",
 		"path.logs":              "/tmp/logs",
+		"keystore.path":          "/tmp/beats.keystore",
 		"setup.template.enabled": true,
 		"queue.mem": map[string]interface{}{
 			"flush.min_events": 10,
@@ -63,6 +64,7 @@ var (
 		Check:  always,
 		Config: functionLoggingOverrides,
 	}
+
 	// FunctionOverrides contain logging settings
 	FunctionOverrides = append(Overrides, functionOverride)
 )

diff --git a/x-pack/functionbeat/manager/core/makezip.go b/x-pack/functionbeat/manager/core/makezip.go
@@ -55,19 +55,11 @@ func MakeZip(provider string) ([]byte, error) {
 		&bundle.LocalFile{Path: "pkg/functionbeat-" + provider, FileMode: 0755},
 	}
 
-	rawKeystore, err := keystoreRaw()
+	resources, err = addKeystoreIfConfigured(resources)
 	if err != nil {
 		return nil, err
 	}
 
-	if len(rawKeystore) > 0 {
-		resources = append(resources, &bundle.MemoryFile{
-			Path:     "data/functionbeat.keystore",
-			Raw:      rawKeystore,
-			FileMode: 0600,
-		})
-	}
-
 	bundle := bundle.NewZipWithLimits(
 		packageUncompressedLimit,
 		packageCompressedLimit,
@@ -80,7 +72,29 @@ func MakeZip(provider string) ([]byte, error) {
 	return content, nil
 }
 
-func keystoreRaw() ([]byte, error) {
+func addKeystoreIfConfigured(resources []bundle.Resource) ([]bundle.Resource, error) {
+	ksPackager, err := keystorePackager()
+	if err != nil {
+		return nil, err
+	}
+
+	rawKeystore, err := ksPackager.Package()
+	if err != nil {
+		return nil, err
+	}
+
+	if len(rawKeystore) > 0 {
+		resources = append(resources, &bundle.MemoryFile{
+			Path:     ksPackager.ConfiguredPath(),
+			Raw:      rawKeystore,
+			FileMode: 0600,
+		})
+	}
+
+	return resources, nil
+}
+
+func keystorePackager() (keystore.Packager, error) {
 	cfg, err := cfgfile.Load("", config.Overrides)
 	if err != nil {
 		return nil, fmt.Errorf("error loading config file: %v", err)
@@ -96,5 +110,5 @@ func keystoreRaw() ([]byte, error) {
 		return nil, fmt.Errorf("the configured keystore cannot be packaged")
 	}
 
-	return packager.Package()
+	return packager, nil
 }