[UII] Add proxy args to install snippets (elastic#193922)

## Summary Resolves elastic#184222. This PR: - Ensures custom agent binary download source URI is respected where ever it appears in command snippets, for both Fleet Server and Elastic Agent install instructions - If a proxy is associated with the source URI, the appropriate args are added to the commands as well - For `curl` commands, these are appended as `--proxy <url>` and `--proxy-header "<key>-<value>"` (repeated for each header key/value pair) - For Windows, these are appended as `-Proxy "<url>"` and `-Headers @{"<key1>"="<value1>"; "<key2>"="<value2>"}` - Adjusts Fleet Server `./elastic-agent install` instructions so that: - `--fleet-server-es` is the value of the data output host set on that Fleet Server policy (must be ES output) - If a proxy is associated with that ES output, the corresponding args are appended: `--proxy-url=<url>` and `--proxy-header "<key>-<value>"` (repeated for each header key/value pair) The internal API at `/internal/fleet/settings/enrollment` has new properties added to its response to support this: ``` fleet_server: { es_output?: Output; es_output_proxy?: FleetProxy; }; download_source_proxy?: FleetProxy; ``` ## Examples **Fleet Server install with proxied custom download and proxied ES host:** ``` curl -L -O https://my-agent-binary-source/beats/elastic-agent/elastic-agent-9.0.0-linux-x86_64.tar.gz --proxy http://some-proxy:1111 --proxy-header "Accept-Language=en-US,en;q=0.5" --proxy-header "Accept-Encoding=gzip, deflate, br" tar xzvf elastic-agent-9.0.0-linux-x86_64.tar.gz cd elastic-agent-9.0.0-linux-x86_64 sudo ./elastic-agent install \ --fleet-server-es=http://localhost:9999 \ --fleet-server-service-token=REDACTED \ --fleet-server-policy=027a180f-2f4a-4dd1-a531-bf1d1d64179f \ --fleet-server-port=8220 \ --proxy-url=http://some-proxy:1111 \ --proxy-header="Accept-Language=en-US,en;q=0.5" \ --proxy-header="Accept-Encoding=gzip, deflate, br" ``` ``` $ProgressPreference = 'SilentlyContinue' Invoke-WebRequest -Uri https://my-agent-binary-source/beats/elastic-agent/elastic-agent-9.0.0-windows-x86_64.zip -OutFile elastic-agent-9.0.0-windows-x86_64.zip -Proxy "http://some-proxy:1111" -Headers @{"Accept-Language"="en-US,en;q=0.5";"Accept-Encoding"="gzip, deflate, br"} Expand-Archive .\elastic-agent-9.0.0-windows-x86_64.zip cd elastic-agent-9.0.0-windows-x86_64 .\elastic-agent.exe install ` --fleet-server-es=http://localhost:9999 ` --fleet-server-service-token=REDACTED ` --fleet-server-policy=027a180f-2f4a-4dd1-a531-bf1d1d64179f ` --fleet-server-port=8220 ` --proxy-url=http://some-proxy:1111 ` --proxy-header="Accept-Language=en-US,en;q=0.5" ` --proxy-header="Accept-Encoding=gzip, deflate, br" ``` **Elastic Agent install with proxied download source and proxied Fleet Server host:** ``` curl -L -O https://my-agent-binary-source/beats/elastic-agent/elastic-agent-8.15.1-darwin-aarch64.tar.gz --proxy http://some-proxy:1111 --proxy-header "Accept-Language=en-US,en;q=0.5" --proxy-header "Accept-Encoding=gzip, deflate, br" tar xzvf elastic-agent-8.15.1-darwin-aarch64.tar.gz cd elastic-agent-8.15.1-darwin-aarch64 sudo ./elastic-agent install --url=https://localhost:2222 --enrollment-token=REDACTED --proxy-url=http://some-proxy:1111 --proxy-header "Accept-Language=en-US,en;q=0.5" --proxy-header "Accept-Encoding=gzip, deflate, br" ``` ``` $ProgressPreference = 'SilentlyContinue' Invoke-WebRequest -Uri https://my-agent-binary-source/beats/elastic-agent/elastic-agent-8.15.1-windows-x86_64.zip -OutFile elastic-agent-8.15.1-windows-x86_64.zip -Proxy "http://some-proxy:1111" -Headers @{"Accept-Language"="en-US,en;q=0.5";"Accept-Encoding"="gzip, deflate, br"} Expand-Archive .\elastic-agent-8.15.1-windows-x86_64.zip -DestinationPath . cd elastic-agent-8.15.1-windows-x86_64 .\elastic-agent.exe install --url=https://localhost:2222 --enrollment-token=REDACTED --proxy-url=http://some-proxy:1111 --proxy-header "Accept-Language=en-US,en;q=0.5" --proxy-header "Accept-Encoding=gzip, deflate, br" ``` ### To-do - [x] Unit tests - [x] API integration tests for enrollment settings endpoint
jen-huang · Oct 1, 2024 · 121ff39 · 121ff39
1 parent b5e9413
commit 121ff39
Show file tree

Hide file tree

Showing 17 changed files with 916 additions and 207 deletions.
diff --git a/...k/plugins/fleet/common/openapi/components/schemas/fleet_settings_enrollment_response.yaml b/...k/plugins/fleet/common/openapi/components/schemas/fleet_settings_enrollment_response.yaml
@@ -23,6 +23,12 @@ properties:
               type: string
             download_source_id:
               type: string
+            space_ids:
+              type: array
+              items:
+                type: string
+            data_output_id:
+              type: string
           required:
             - id
             - name
@@ -33,10 +39,16 @@ properties:
         $ref: ./fleet_server_host.yaml
       host_proxy:
         $ref: ./proxies.yaml
+      es_output:
+        $ref: ./output_create_request_elasticsearch.yaml
+      es_output_proxy:
+        $ref: ./proxies.yaml
     required:
       - agent_policies
       - has_active
   download_source:
     $ref: ./download_sources.yaml
+  download_source_proxy:
+    $ref: ./proxies.yaml
 required:
   - fleet_server
diff --git a/x-pack/plugins/fleet/common/types/rest_spec/settings.ts b/x-pack/plugins/fleet/common/types/rest_spec/settings.ts
@@ -5,7 +5,14 @@
  * 2.0.
  */
 
-import type { Settings, AgentPolicy, FleetServerHost, FleetProxy, DownloadSource } from '../models';
+import type {
+  Settings,
+  AgentPolicy,
+  FleetServerHost,
+  FleetProxy,
+  DownloadSource,
+  Output,
+} from '../models';
 
 export interface GetSettingsResponse {
   item: Settings;
@@ -35,16 +42,20 @@ export type EnrollmentSettingsFleetServerPolicy = Pick<
   | 'fleet_server_host_id'
   | 'download_source_id'
   | 'space_ids'
+  | 'data_output_id'
 >;
 
 export interface GetEnrollmentSettingsResponse {
   fleet_server: {
     policies: EnrollmentSettingsFleetServerPolicy[];
     has_active: boolean;
+    es_output?: Output;
+    es_output_proxy?: FleetProxy;
     host?: FleetServerHost;
     host_proxy?: FleetProxy;
   };
   download_source?: DownloadSource;
+  download_source_proxy?: FleetProxy;
 }
 export interface PutSpaceSettingsRequest {
   body: {

diff --git a/...ic/applications/fleet/components/fleet_server_instructions/steps/install_fleet_server.tsx b/...ic/applications/fleet/components/fleet_server_instructions/steps/install_fleet_server.tsx
@@ -13,8 +13,8 @@ import { i18n } from '@kbn/i18n';
 import { FormattedMessage } from '@kbn/i18n-react';
 
 import type { PLATFORM_TYPE } from '../../../hooks';
-import { useDefaultDownloadSource } from '../../../hooks';
-import { useStartServices, useDefaultOutput, useKibanaVersion } from '../../../hooks';
+import { useFleetServerHostsForPolicy } from '../../../hooks';
+import { useStartServices, useKibanaVersion } from '../../../hooks';
 
 import { PlatformSelector } from '../..';
 
@@ -61,24 +61,31 @@ const InstallFleetServerStepContent: React.FunctionComponent<{
 }> = ({ serviceToken, fleetServerHost, fleetServerPolicyId, deploymentMode }) => {
   const { docLinks } = useStartServices();
   const kibanaVersion = useKibanaVersion();
-  const { output } = useDefaultOutput();
-  const { downloadSource } = useDefaultDownloadSource();
 
-  const commandOutput = output?.type === 'elasticsearch' ? output : undefined;
+  const { esOutput, esOutputProxy, downloadSource, downloadSourceProxy } =
+    useFleetServerHostsForPolicy(
+      fleetServerPolicyId
+        ? {
+            id: fleetServerPolicyId,
+          }
+        : null
+    );
 
   const installCommands = (['linux', 'mac', 'windows', 'deb', 'rpm'] as PLATFORM_TYPE[]).reduce(
     (acc, platform) => {
-      acc[platform] = getInstallCommandForPlatform(
+      acc[platform] = getInstallCommandForPlatform({
         platform,
-        commandOutput?.hosts?.[0] ?? '<ELASTICSEARCH_HOST>',
-        serviceToken ?? '',
-        fleetServerPolicyId,
+        esOutputHost: esOutput?.hosts?.[0] ?? '<ELASTICSEARCH_HOST>',
+        esOutputProxy,
+        serviceToken: serviceToken ?? '',
+        policyId: fleetServerPolicyId,
         fleetServerHost,
-        deploymentMode === 'production',
-        commandOutput?.ca_trusted_fingerprint ?? undefined,
+        isProductionDeployment: deploymentMode === 'production',
+        sslCATrustedFingerprint: esOutput?.ca_trusted_fingerprint ?? undefined,
         kibanaVersion,
-        downloadSource
-      );
+        downloadSource,
+        downloadSourceProxy,
+      });
 
       return acc;
     },