Skip to content

Add cloud-defend to agent container images #11450

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mjwolf wants to merge 28 commits into
base: main
Choose a base branch
from
Open

Add cloud-defend to agent container images #11450

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
5495670
Add cloud-defend to agent packages.
mjwolf Nov 26, 2025
c821fdc
Add separate cloud/service package configurations
mjwolf Nov 26, 2025
ff3816b
Use container-specific specs to include cloud-defend
mjwolf Nov 26, 2025
ed3f208
Change PackageTypes to use a list
mjwolf Nov 26, 2025
9d27337
Merge branch 'main' into package-cloud-defend
mjwolf Dec 1, 2025
9b1e075
Set MAGEFILE_VERBOSE (for testing only)
mjwolf Dec 1, 2025
c012add
Merge branch 'package-cloud-defend' of github.com:mjwolf/elastic-agen…
mjwolf Dec 1, 2025
62f2e1b
Merge branch 'main' into package-cloud-defend
mjwolf Dec 3, 2025
e77ca83
Revert "Set MAGEFILE_VERBOSE (for testing only)"
mjwolf Dec 3, 2025
78d9508
Merge branch 'package-cloud-defend' of github.com:mjwolf/elastic-agen…
mjwolf Dec 3, 2025
f702518
Reapply "Set MAGEFILE_VERBOSE (for testing only)"
mjwolf Dec 4, 2025
c9eb0f3
Merge branch 'main' into package-cloud-defend
mjwolf Dec 4, 2025
2b79b9e
Merge branch 'main' into package-cloud-defend
mjwolf Dec 5, 2025
8b4e0c6
Merge branch 'main' into package-cloud-defend
mjwolf Dec 5, 2025
ff6ff94
Revert "Reapply "Set MAGEFILE_VERBOSE (for testing only)""
mjwolf Dec 5, 2025
1df3b9d
Merge branch 'main' into package-cloud-defend
mjwolf Dec 5, 2025
77a713f
Merge branch 'main' into package-cloud-defend
mjwolf Dec 5, 2025
ab822c1
Merge branch 'main' into package-cloud-defend
mjwolf Dec 8, 2025
a07cca9
Merge branch 'main' into package-cloud-defend
mjwolf Dec 9, 2025
257357d
Merge branch 'main' into package-cloud-defend
mjwolf Dec 10, 2025
5f9c2c3
Merge remote-tracking branch 'upstream/main' into package-cloud-defend
mjwolf Dec 10, 2025
a3c2437
Use separate docker component list in packaging.
mjwolf Dec 10, 2025
59cca00
Use agent_docker_binary_spec
mjwolf Dec 10, 2025
d02020a
Include only required components for each package type
mjwolf Dec 10, 2025
9354b42
Revert "Use separate docker component list in packaging."
mjwolf Dec 11, 2025
7b3c377
Merge branch 'main' into package-cloud-defend
mjwolf Dec 11, 2025
efd7d9b
Filter components before package downloading when using USE_PACKAGE_V…
mjwolf Dec 11, 2025
110d8c0
Merge branch 'package-cloud-defend' of github.com:mjwolf/elastic-agen…
mjwolf Dec 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .buildkite/scripts/steps/integration-package.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,6 @@ source .buildkite/scripts/common.sh
export SNAPSHOT="true"
export EXTERNAL="true"
export USE_PACKAGE_VERSION="true"
export MAGEFILE_VERBOSE="true"

mage package
45 changes: 45 additions & 0 deletions changelog/fragments/1764188813-add-cloud-defend-packaging.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# REQUIRED
# Kind can be one of:
# - breaking-change: a change to previously-documented behavior
# - deprecation: functionality that is being removed in a later release
# - bug-fix: fixes a problem in a previous version
# - enhancement: extends functionality but does not break or fix existing behavior
# - feature: new functionality
# - known-issue: problems that we are aware of in a given version
# - security: impacts on the security of a product or a user’s deployment.
# - upgrade: important information for someone upgrading from a prior version
# - other: does not fit into any of the other categories
kind: enhancement

# REQUIRED for all kinds
# Change summary; a 80ish characters long description of the change.
summary: Add cloud-defend to container image agent packages

# REQUIRED for breaking-change, deprecation, known-issue
# Long description; in case the summary is not enough to describe the change
# this field accommodate a description without length limits.
# description:

# REQUIRED for breaking-change, deprecation, known-issue
# impact:

# REQUIRED for breaking-change, deprecation, known-issue
# action:

# REQUIRED for all kinds
# Affected component; usually one of "elastic-agent", "fleet-server", "filebeat", "metricbeat", "auditbeat", "all", etc.
component: elastic-agent

# AUTOMATED
# OPTIONAL to manually add other PR URLs
# PR URL: A link the PR that added the changeset.
# If not present is automatically filled by the tooling finding the PR where this changelog fragment has been added.
# NOTE: the tooling supports backports, so it's able to fill the original PR number instead of the backport PR number.
# Please provide it if you are adding a fragment for a different PR.
# pr: https://github.com/owner/repo/1234

# AUTOMATED
# OPTIONAL to manually add other issue URLs
# Issue URL; optional; the GitHub issue related to this changeset (either closes or is part of).
# If not present is automatically filled by the tooling with the issue linked to the PR number.
# issue: https://github.com/owner/repo/1234
65 changes: 61 additions & 4 deletions dev-tools/packaging/packages.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,16 @@ components:
- *linux-amd64
- *linux-arm64
packageTypes: *all-package-types
- &comp-cloud-defend
projectName: cloud-defend
packageName: cloud-defend-{{.Version}}-{{.Platform}}.{{.Ext}}
rootDir: cloud-defend-{{.Version}}-{{.Platform}}
binaryName: cloud-defend
fips: false
platforms:
- *linux-amd64
packageTypes:
- *pkg-type-docker
- &comp-connectors
projectName: connectors
packageName: connectors-{{.Version}}.zip
Expand Down Expand Up @@ -241,6 +251,20 @@ shared:

# components included in elastic-agent package specs defined before components support in this YAML
- &elastic_agent_components
components:
Copy link
Member

@cmacknz cmacknz Dec 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you might need a docker specific components list to prevent cloud-defend from being packaged into the native .tar.gz build artifact

Copy link
Contributor Author

@mjwolf mjwolf Dec 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It turns out this is caused by a problem in the mage packaging scripts. They were skipping the download of components which didn't apply to the package type, but not skipping the actual packaging of them. I've updated the magefile to skip both steps now.

cloud-defend is the first component not use packageTypes: *all-package-types, so its the first time the problem has surfaced

Copy link
Contributor Author

@mjwolf mjwolf Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When using USE_PACKAGE_VERSION=true, the problem was that the downloading was happening before the component filtering. That's fixed now too

- *comp-agentbeat
- *comp-apm_server
- *comp-cloudbeat
- *comp-cloud-defend
- *comp-connectors
- *comp-endpoint
- *comp-fleet-server
- *comp-pf-elastic-collector
- *comp-pf-elastic-symbolizer
- *comp-pf-host-agent

# components for cloud/service variants (excludes cloud-defend)
- &elastic_agent_cloud_components
components:
- *comp-agentbeat
- *comp-apm_server
Expand Down Expand Up @@ -436,6 +460,14 @@ shared:
<<: *linux_otel_files
<<: *agent_unpacked_components_files

- &agent_cloud_binary_spec
<<: *common
<<: *elastic_agent_cloud_components
files:
<<: *agent_binary_files
<<: *linux_otel_files
<<: *agent_unpacked_components_files

- &agent_binary_fips_spec
<<: *common_fips
<<: *elastic_agent_fips_components
Expand Down Expand Up @@ -538,6 +570,31 @@ shared:
source: '{{ repo.RootDir }}/deploy/kubernetes/elastic-agent-standalone/templates.d'
mode: 0755

- &agent_cloud_docker_spec
<<: *agent_cloud_binary_spec
extra_vars:
dockerfile: 'Dockerfile.elastic-agent.tmpl'
docker_entrypoint: 'docker-entrypoint.elastic-agent.tmpl'
user: '{{ .BeatName }}'
linux_capabilities: ''
beats_install_path: "install"
files:
'elastic-agent.yml':
source: 'elastic-agent.docker.yml'
mode: 0600
config: true
'otel.yml':
source: 'otel.yml'
mode: 0600
config: true
'.elastic-agent.active.commit':
content: >
{{ commit }}
mode: 0644
'hints.inputs.d':
source: '{{ repo.RootDir }}/deploy/kubernetes/elastic-agent-standalone/templates.d'
mode: 0755

- &agent_docker_fips_spec
<<: *agent_binary_fips_spec
extra_vars:
Expand Down Expand Up @@ -1458,7 +1515,7 @@ specs:
arch: amd64
types: [docker]
spec:
<<: *agent_docker_spec
<<: *agent_cloud_docker_spec
# The cloud image is always based on Wolfi
<<: *docker_wolfi_spec
<<: *docker_builder_spec
Expand All @@ -1471,7 +1528,7 @@ specs:
arch: arm64
types: [docker]
spec:
<<: *agent_docker_spec
<<: *agent_cloud_docker_spec
# The cloud image is always based on Wolfi
<<: *docker_wolfi_arm_spec
<<: *docker_builder_arm_spec
Expand All @@ -1485,7 +1542,7 @@ specs:
arch: amd64
types: [ docker ]
spec:
<<: *agent_docker_spec
<<: *agent_cloud_docker_spec
# The service image is always based on Wolfi
<<: *docker_wolfi_spec
<<: *docker_builder_spec
Expand All @@ -1499,7 +1556,7 @@ specs:
arch: arm64
types: [ docker ]
spec:
<<: *agent_docker_spec
<<: *agent_cloud_docker_spec
# The service image is always based on Wolfi
<<: *docker_wolfi_arm_spec
<<: *docker_builder_arm_spec
Expand Down
1 change: 1 addition & 0 deletions dev-tools/packaging/templates/docker/Dockerfile.elastic-agent.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ RUN true && \
chmod 0755 {{ $beatHome }}/data/elastic-agent-*/components/*beat && \
(chmod 0755 {{ $beatHome }}/data/elastic-agent-*/components/osquery* || true) && \
(chmod 0755 {{ $beatHome }}/data/elastic-agent-*/components/apm-server || true) && \
(chmod 0755 {{ $beatHome }}/data/elastic-agent-*/components/cloud-defend || true) && \
(chmod 0755 {{ $beatHome }}/data/elastic-agent-*/components/endpoint-security || true) && \
(chmod 0755 {{ $beatHome }}/data/elastic-agent-*/components/fleet-server || true) && \
(chmod 0755 {{ $beatHome }}/data/elastic-agent-*/components/pf-elastic-collector || true) && \
Expand Down
3 changes: 2 additions & 1 deletion dev-tools/packaging/templates/ironbank/Dockerfile.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,13 +74,14 @@ RUN find / -xdev -perm -4000 -exec chmod u-s {} +
# Provide a non-root user to run the process.
RUN groupadd --gid 1000 ${ELASTIC_PRODUCT} && useradd --uid 1000 --gid 1000 --groups 0 --home-dir /usr/share/${ELASTIC_PRODUCT} --no-create-home ${ELASTIC_PRODUCT}

# Elastic Agent permissions
# Elastic Agent permissions
RUN find /usr/share//elastic-agent/data -type d -exec chmod 0777 {} \; && \
find /usr/share//elastic-agent/data -type f -exec chmod 0666 {} \; && \
chmod 0755 /usr/share//elastic-agent/data/elastic-agent-*/elastic-agent && \
chmod 0755 /usr/share//elastic-agent/data/elastic-agent-*/components/*beat && \
(chmod 0755 /usr/share/elastic-agent/data/elastic-agent-*/components/osquery* || true) && \
(chmod 0755 /usr/share/elastic-agent/data/elastic-agent-*/components/apm-server || true) && \
(chmod 0755 /usr/share/elastic-agent/data/elastic-agent-*/components/cloud-defend || true) && \
(chmod 0755 /usr/share/elastic-agent/data/elastic-agent-*/components/endpoint-security || true) && \
(chmod 0755 /usr/share/elastic-agent/data/elastic-agent-*/components/fleet-server || true) && \
(chmod 0755 /usr/share/elastic-agent/data/elastic-agent-*/components/pf-elastic-collector || true) && \
Expand Down