Add filesource provider to composable inputs #6362
Description
Describe the enhancement:
There are cases where the ability to get information from files and place that information into a policy. This could be because this information is secret and shouldn't be exposed in an environment variable, or that the information could change while the Elastic Agent is running and an environment variable cannot but the contents of the file can.
Describe a specific use case for the enhancement or feature:
Imagine that inside of the Elastic Agent container that you want to read a secret from kubernetes but you don't want the Elastic Agent to communicate directly with kubernetes because of security reasons. In this environment you can only mount the secret value as content of a file in a container, and this value can change at any time.
To enable this it must be clear that the contents of files can only be read from files that have been whitelisted in the provides configuration, and the provider must watch for changes of these files.
What is the definition of done?
- When the contents of a file can be read from disk and used inside of
inputs. (eg.keyvalue: ${filesource.secretfile}) - When the contents of that file are changed that the
${filesource.secretfile}is updated and the policy is updated with the new value.
Example configuration
providers:
filesource:
secretfile:
path: /etc/secretfile
otherfile:
path: /etc/anotherfile
The nested path: sub-key is in-place to allow future capabilities in the case that more features are added to the provider like reading JSON, YAML content and extracting values from keys. At the moment the default of basically type: raw can be assumed.