Cherry-pick #19584 to 7.x: tlscommon: require cert in ServerConfig.Validate

[axw]

Cherry-pick of PR #19584 to 7.x branch. Original message:

What does this PR do?

When validating server-side TLS config, ensure there is a certificate and key pair.

Why is it important?

It does not make sense to configure server-side TLS without specifying a certificate and key pair. If users enable TLS (ssl.enabled) for a server (e.g. APM Server) but do not specify a certificate or key file, then they should receive a helpful error message indicating that the configuration is missing.

Checklist

• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
  - [ ] I have made corresponding changes to the documentation (The metricbeat docs talk about client cert/key only; the APM Server docs already state that these config fields are required.)
  - [ ] I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

How to test this PR locally

1. build metricbeat
2. run metricbeat with a config like

metricbeat.modules:
  - module: http
    metricsets: ["server"]
    ssl: {}

It should exit with an error containing the phrase "certificate file not configured".

Related issues

elastic/apm-server#3908

[elasticmachine]

Pinging @elastic/integrations-services (Team:Services)

[axw]

Can someone please merge this for me, once it's approved and passes CI? I'm on vacation this week.

[elasticmachine]

💔 Tests Failed

Expand to view the summary

Build stats

• Build Cause: [Pull request #19692 updated]

• Start Time: 2020-07-07T09:10:58.949+0000

• Duration: 123 min 42 sec

Test stats 🧪

Test	Results
Failed	5
Passed	8998
Skipped	1574
Total	10577

Test errors

Expand to view the tests failures

• Name: Build and Test / Filebeat Mac OS X / test_clean_removed_with_clean_inactive – test_registrar.Test
  • Age: 1
  • Duration: 1.139
  • Error Details:
    -------------------- >> begin captured stdout << ---------------------
    registry size: 2
    registry size after remove: 2

--------------------- >> end captured stdout << ----------------------

• Name: Build and Test / Auditbeat oss Mac OS X / TestEventReader – file_integrity

  • Age: 1
  • Duration: 2.33
  • Error Details: Failed

• Name: Build and Test / Auditbeat oss Mac OS X / TestEventReader/created – file_integrity

  • Age: 1
  • Duration: 1.15
  • Error Details: Failed

• Name: Build and Test / Auditbeat oss Mac OS X / TestRaces – file_integrity

  • Age: 1
  • Duration: 48.68
  • Error Details: Failed

• Name: Build and Test / Auditbeat oss Mac OS X / TestData – file_integrity

  • Age: 1
  • Duration: 10.09
  • Error Details: Failed

Steps errors

Expand to view the steps failures

• Name: Mage build unitTest

  • Description: mage build unitTest

  • Duration: 8 min 33 sec

  • Start Time: 2020-07-07T09:34:37.755+0000

  • log

• Name: Recursively delete the current directory from the workspace

  • Description: script returned exit code 1

  • Duration: 0 min 11 sec

  • Start Time: 2020-07-07T09:44:50.868+0000

  • log

• Name: Mage build unitTest

  • Description: mage build unitTest

  • Duration: 4 min 55 sec

  • Start Time: 2020-07-07T09:40:14.192+0000

  • log

• Name: Recursively delete the current directory from the workspace

  • Description: script returned exit code 1

  • Duration: 0 min 18 sec

  • Start Time: 2020-07-07T09:44:17.707+0000

  • log

• Name: Report to Codecov

  • Description: curl -sSLo codecov https://codecov.io/bash for i in auditbeat filebeat heartbeat libbeat metricbeat packetbeat winlogbeat journalbeat do FILE="${i}/build/coverage/full.cov" if [ -f "${FILE}" ]; then bash codecov -f "${FILE}" fi done

  • Duration: 2 min 22 sec

  • Start Time: 2020-07-07T09:47:39.595+0000

  • log

• Name: Report to Codecov

  • Description: curl -sSLo codecov https://codecov.io/bash for i in auditbeat filebeat heartbeat libbeat metricbeat packetbeat winlogbeat journalbeat do FILE="${i}/build/coverage/full.cov" if [ -f "${FILE}" ]; then bash codecov -f "${FILE}" fi done

  • Duration: 2 min 22 sec

  • Start Time: 2020-07-07T09:39:01.263+0000

  • log

• Name: Report to Codecov

  • Description: curl -sSLo codecov https://codecov.io/bash for i in auditbeat filebeat heartbeat libbeat metricbeat packetbeat winlogbeat journalbeat do FILE="${i}/build/coverage/full.cov" if [ -f "${FILE}" ]; then bash codecov -f "${FILE}" fi done

  • Duration: 1 min 27 sec

  • Start Time: 2020-07-07T10:18:43.394+0000

  • log

• Name: Make -C generator/_templates/beat test

  • Description: make -C generator/_templates/beat test

  • Duration: 5 min 16 sec

  • Start Time: 2020-07-07T10:27:49.425+0000

  • log

• Name: Recursively delete the current directory from the workspace

  • Description: script returned exit code 2

  • Duration: 3 min 49 sec

  • Start Time: 2020-07-07T10:33:19.631+0000

  • log

Log output

Expand to view the last 100 lines of log output

[2020-07-07T11:13:11.058Z] + FILE=winlogbeat/build/coverage/full.cov
[2020-07-07T11:13:11.058Z] + [ -f winlogbeat/build/coverage/full.cov ]
[2020-07-07T11:13:11.058Z] + FILE=journalbeat/build/coverage/full.cov
[2020-07-07T11:13:11.058Z] + [ -f journalbeat/build/coverage/full.cov ]
[2020-07-07T11:13:12.229Z] Failed in branch Filebeat oss
[2020-07-07T11:13:12.354Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats
[2020-07-07T11:13:12.663Z] + find . -type f -name TEST*.xml -path */build/* -delete
[2020-07-07T11:13:12.680Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Lint
[2020-07-07T11:13:12.780Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Winlogbeat-oss
[2020-07-07T11:13:12.855Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Elastic-Agent-x-pack
[2020-07-07T11:13:12.928Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Elastic-Agent-Mac-OS-X
[2020-07-07T11:13:13.003Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Auditbeat-crosscompile
[2020-07-07T11:13:13.080Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Dockerlogbeat
[2020-07-07T11:13:13.154Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Journalbeat-oss
[2020-07-07T11:13:13.230Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Generators-Metricbeat-Linux
[2020-07-07T11:13:13.308Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Functionbeat-x-pack
[2020-07-07T11:13:13.382Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Filebeat-x-pack-Mac-OS-X
[2020-07-07T11:13:13.458Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Elastic-Agent-x-pack-Windows
[2020-07-07T11:13:13.534Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Filebeat-Mac-OS-X
[2020-07-07T11:13:13.611Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-OSS-Unit-tests
[2020-07-07T11:13:13.695Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Auditbeat-x-pack-Mac-OS-X
[2020-07-07T11:13:13.775Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Auditbeat-oss-Mac-OS-X
[2020-07-07T11:13:13.850Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Auditbeat-x-pack
[2020-07-07T11:13:13.928Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-crosscompile
[2020-07-07T11:13:14.004Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Auditbeat-x-pack-Windows
[2020-07-07T11:13:14.079Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Heartbeat-oss
[2020-07-07T11:13:14.159Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Auditbeat-oss-Windows
[2020-07-07T11:13:14.243Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Winlogbeat-Windows-x-pack
[2020-07-07T11:13:14.319Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Filebeat-Windows
[2020-07-07T11:13:14.400Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Filebeat-x-pack-Windows
[2020-07-07T11:13:14.473Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-Mac-OS-X
[2020-07-07T11:13:14.546Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Libbeat-x-pack
[2020-07-07T11:13:14.637Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Auditbeat-oss-Linux
[2020-07-07T11:13:14.711Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Packetbeat-oss
[2020-07-07T11:13:14.785Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Winlogbeat-Windows
[2020-07-07T11:13:14.862Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-x-pack-Windows
[2020-07-07T11:13:14.940Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-Windows
[2020-07-07T11:13:15.021Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Functionbeat-Mac-OS-X-x-pack
[2020-07-07T11:13:15.100Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Heartbeat-Mac-OS-X
[2020-07-07T11:13:15.179Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-x-pack-Mac-OS-X
[2020-07-07T11:13:15.262Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Generators-Beat-Linux
[2020-07-07T11:13:15.339Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-Python-integration-tests
[2020-07-07T11:13:15.418Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Heartbeat-Windows
[2020-07-07T11:13:15.496Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Functionbeat-Windows
[2020-07-07T11:13:15.575Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Libbeat-oss
[2020-07-07T11:13:15.652Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Libbeat-crosscompile
[2020-07-07T11:13:15.729Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Generators-Metricbeat-Mac-OS-X
[2020-07-07T11:13:15.807Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Libbeat-stress-tests
[2020-07-07T11:13:15.881Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-OSS-Integration-tests
[2020-07-07T11:13:15.966Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-x-pack
[2020-07-07T11:13:16.044Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Generators-Beat-Mac-OS-X
[2020-07-07T11:13:16.122Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Filebeat-x-pack
[2020-07-07T11:13:16.207Z] Running in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Filebeat-oss
[2020-07-07T11:13:16.591Z] + cat
[2020-07-07T11:13:16.591Z] + /usr/local/bin/runbld ./runbld-script
[2020-07-07T11:13:16.591Z] Picked up JAVA_TOOL_OPTIONS: -Dfile.encoding=UTF8
[2020-07-07T11:13:24.766Z] runbld>>> runbld started
[2020-07-07T11:13:24.766Z] runbld>>> 1.6.12/f45d832f2ba0aa2722ab4ec1fda8ad140f027f8b
[2020-07-07T11:13:25.339Z] runbld>>> The following profiles matched the job 'Beats/beats-beats-mbp/PR-19692' in order of occurrence in the config (last value wins).
[2020-07-07T11:13:26.725Z] runbld>>> Debug logging enabled.
[2020-07-07T11:13:26.725Z] runbld>>> Storing result
[2020-07-07T11:13:26.987Z] runbld>>> Store result: created {:total 2, :successful 2, :failed 0} 1
[2020-07-07T11:13:26.987Z] runbld>>> BUILD: https://c150076387b5421f9154dfbf536e5c60.us-west1.gcp.cloud.es.io:9243/build-1587637540455/t/20200707111326-B364173A
[2020-07-07T11:13:26.987Z] runbld>>> Adding system facts.
[2020-07-07T11:13:27.931Z] runbld>>> Adding vcs info for the latest commit:  3b59bf67f42313f0e9a8da5595205cbdd81859cd
[2020-07-07T11:13:27.931Z] runbld>>> >>>>>>>>>>>> SCRIPT EXECUTION BEGIN >>>>>>>>>>>>
[2020-07-07T11:13:27.931Z] runbld>>> Adding /usr/lib/jvm/java-8-openjdk-amd64/bin to the path.
[2020-07-07T11:13:27.931Z] + echo 'Processing JUnit reports with runbld...'
[2020-07-07T11:13:27.931Z] Processing JUnit reports with runbld...
[2020-07-07T11:13:28.505Z] runbld>>> <<<<<<<<<<<< SCRIPT EXECUTION END <<<<<<<<<<<<
[2020-07-07T11:13:28.505Z] runbld>>> DURATION: 27ms
[2020-07-07T11:13:28.505Z] runbld>>> STDOUT: 40 bytes
[2020-07-07T11:13:28.505Z] runbld>>> STDERR: 49 bytes
[2020-07-07T11:13:28.505Z] runbld>>> WRAPPED PROCESS: SUCCESS (0)
[2020-07-07T11:13:28.505Z] runbld>>> Searching for build metadata in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats
[2020-07-07T11:13:29.454Z] runbld>>> Storing build metadata: 
[2020-07-07T11:13:29.454Z] runbld>>> Adding test report.
[2020-07-07T11:13:29.454Z] runbld>>> Searching for junit test output files with the pattern: TEST-.*\.xml$ in: /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats
[2020-07-07T11:13:30.399Z] runbld>>> Found 112 test output files
[2020-07-07T11:13:30.975Z] runbld>>> No testsuite node found in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-x-pack/x-pack/metricbeat/build/TEST-go-integration-istio.xml
[2020-07-07T11:13:30.975Z] runbld>>> No testsuite node found in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-x-pack/x-pack/metricbeat/build/TEST-go-integration-tomcat.xml
[2020-07-07T11:13:30.975Z] runbld>>> No testsuite node found in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-x-pack/x-pack/metricbeat/build/TEST-go-integration-iis.xml
[2020-07-07T11:13:30.975Z] runbld>>> No testsuite node found in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-x-pack/x-pack/metricbeat/build/TEST-go-integration-openmetrics.xml
[2020-07-07T11:13:30.975Z] runbld>>> No testsuite node found in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-x-pack/x-pack/metricbeat/build/TEST-go-integration-activemq.xml
[2020-07-07T11:13:32.415Z] runbld>>> No testsuite node found in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-OSS-Integration-tests/metricbeat/build/TEST-go-integration-graphite.xml
[2020-07-07T11:13:32.415Z] runbld>>> No testsuite node found in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692/src/github.com/elastic/beats/Metricbeat-OSS-Integration-tests/metricbeat/build/TEST-go-integration-windows.xml
[2020-07-07T11:13:32.676Z] runbld>>> Test output logs contained: Errors: 0 Failures: 5 Tests: 10427 Skipped: 1337
[2020-07-07T11:13:32.938Z] runbld>>> Storing result
[2020-07-07T11:13:32.938Z] runbld>>> FAILURES: 5
[2020-07-07T11:13:34.325Z] runbld>>> Store result: updated {:total 2, :successful 2, :failed 0} 2
[2020-07-07T11:13:34.325Z] runbld>>> BUILD: https://c150076387b5421f9154dfbf536e5c60.us-west1.gcp.cloud.es.io:9243/build-1587637540455/t/20200707111326-B364173A
[2020-07-07T11:13:34.325Z] runbld>>> Email notification disabled by environment variable.
[2020-07-07T11:13:34.325Z] runbld>>> Slack notification disabled by environment variable.
[2020-07-07T11:13:40.302Z] Running on Jenkins in /var/lib/jenkins/workspace/Beats_beats-beats-mbp_PR-19692
[2020-07-07T11:13:40.538Z] [INFO] getVaultSecret: Getting secrets
[2020-07-07T11:13:40.601Z] Masking supported pattern matches of $VAULT_ADDR or $VAULT_ROLE_ID or $VAULT_SECRET_ID
[2020-07-07T11:13:41.426Z] + chmod 755 generate-build-data.sh
[2020-07-07T11:13:41.426Z] + ./generate-build-data.sh https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats-beats-mbp/PR-19692/ https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats-beats-mbp/PR-19692/runs/2 FAILURE 7362218
[2020-07-07T11:13:41.426Z] INFO: curl https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats-beats-mbp/PR-19692/runs/2/steps/?limit=10000 -o steps-info.json
[2020-07-07T11:13:44.654Z] INFO: curl https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats-beats-mbp/PR-19692/runs/2/tests/?status=FAILED -o tests-errors.json

[ChrsMark]

lgtm