Add support for excluded paths in packaging (#33894)

* Add support for excluded paths in packaging

After an update in heartbeat we have have a path like
`usr/share/heartbeat/.node/node/lib/node_modules/@elastic/synthetics/templates/lightweight/heartbeat.yml`
which matches the `configFilePattern` which causes a permission check
which the file does not satisfy. It has nothing to do with the actual
heartbeat configuration file.

* Fix linting issues

* Fix one more linting issue

dev-tools/packaging/package_test.go

@@ -37,6 +37,8 @@ import (
 	"strings"
 	"testing"
 
+	"errors"
+
 	"github.com/blakesmith/ar"
 	rpm "github.com/cavaliercoder/go-rpm"
 )
@@ -49,6 +51,7 @@ const (
 )
 
 var (
+	excludedPathsPattern   = regexp.MustCompile(`node_modules`)
 	configFilePattern      = regexp.MustCompile(`/(\w+beat\.yml|apm-server\.yml|elastic-agent\.yml)$`)
 	manifestFilePattern    = regexp.MustCompile(`manifest.yml`)
 	modulesDirPattern      = regexp.MustCompile(`module/.+`)
@@ -185,8 +188,6 @@ func checkZip(t *testing.T, file string) {
 }
 
 const (
-	npcapSettings   = "Windows Npcap installation settings"
-	npcapGrant      = `Insecure.Com LLC \(“The Nmap Project”\) has granted Elasticsearch`
 	npcapLicense    = `Dependency : Npcap \(https://nmap.org/npcap/\)`
 	libpcapLicense  = `Dependency : Libpcap \(http://www.tcpdump.org/\)`
 	winpcapLicense  = `Dependency : Winpcap \(https://www.winpcap.org/\)`
@@ -572,6 +573,9 @@ func readRPM(rpmFile string) (*packageFile, *rpm.PackageFile, error) {
 	pf := &packageFile{Name: filepath.Base(rpmFile), Contents: map[string]packageEntry{}}
 
 	for _, file := range contents {
+		if excludedPathsPattern.MatchString(file.Name()) {
+			continue
+		}
 		pe := packageEntry{
 			File: file.Name(),
 			Mode: file.Mode(),
@@ -599,7 +603,7 @@ func readDeb(debFile string, dataBuffer *bytes.Buffer) (*packageFile, error) {
 	for {
 		header, err := arReader.Next()
 		if err != nil {
-			if err == io.EOF {
+			if errors.Is(err, io.EOF) {
 				break
 			}
 			return nil, err
@@ -650,12 +654,16 @@ func readTarContents(tarName string, data io.Reader) (*packageFile, error) {
 	for {
 		header, err := tarReader.Next()
 		if err != nil {
-			if err == io.EOF {
+			if errors.Is(err, io.EOF) {
 				break
 			}
 			return nil, err
 		}
 
+		if excludedPathsPattern.MatchString(header.Name) {
+			continue
+		}
+
 		p.Contents[header.Name] = packageEntry{
 			File: header.Name,
 			UID:  header.Uid,
@@ -680,6 +688,9 @@ func readZip(t *testing.T, zipFile string, inspectors ...inspector) (*packageFil
 
 	p := &packageFile{Name: filepath.Base(zipFile), Contents: map[string]packageEntry{}}
 	for _, f := range r.File {
+		if excludedPathsPattern.MatchString(f.Name) {
+			continue
+		}
 		p.Contents[f.Name] = packageEntry{
 			File: f.Name,
 			Mode: f.Mode(),
@@ -722,7 +733,7 @@ func readDocker(dockerFile string) (*packageFile, *dockerInfo, error) {
 	for {
 		header, err := tarReader.Next()
 		if err != nil {
-			if err == io.EOF {
+			if errors.Is(err, io.EOF) {
 				break
 			}
 			return nil, nil, err
@@ -768,6 +779,9 @@ func readDocker(dockerFile string) (*packageFile, *dockerInfo, error) {
 			if strings.HasPrefix("/"+name, workingDir) || "/"+name == entrypoint {
 				p.Contents[name] = entry
 			}
+			if excludedPathsPattern.MatchString(name) {
+				continue
+			}
 			// Add also licenses
 			for _, licenseFile := range licenseFiles {
 				if strings.Contains(name, licenseFile) {