Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: elastic/cloudbeat
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 89046cbafb47b8a5a7b1d385c0091da81b553bd3
Choose a base ref
..
head repository: elastic/cloudbeat
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 367b4063af4e79efc52555d15a226ed9315f1545
Choose a head ref
Showing with 3,254 additions and 37 deletions.
  1. +1 −1 .github/workflows/ci-pull_request.yml
  2. +1 −0 .github/workflows/publish-cloudformation.yml
  3. +7 −1 .github/workflows/test-environment.yml
  4. +13 −0 .mergify.yml
  5. +3 −3 .pre-commit-config.yaml
  6. 0 bin/{.elastic-package-0.104.0.pkg → .elastic-package-0.106.0.pkg}
  7. 0 bin/{.gcloud-495.0.0.pkg → .gcloud-497.0.0.pkg}
  8. 0 bin/{.gh-2.58.0.pkg → .gh-2.59.0.pkg}
  9. 0 bin/{.pre-commit-4.0.0.pkg → .pre-commit-4.0.1.pkg}
  10. 0 bin/{.regal-0.27.0.pkg → .regal-0.28.0.pkg}
  11. 0 bin/{.shfmt-3.9.0.pkg → .shfmt-3.10.0.pkg}
  12. +1 −1 bin/bq
  13. +1 −1 bin/docker-credential-gcloud
  14. +1 −1 bin/elastic-package
  15. +1 −1 bin/gcloud
  16. +1 −1 bin/gh
  17. +1 −1 bin/git-credential-gcloud.sh
  18. +1 −1 bin/gsutil
  19. +1 −1 bin/pre-commit
  20. +1 −1 bin/regal
  21. +1 −1 bin/shfmt
  22. +1 −0 deploy/asset-inventory-arm/.gitignore
  23. +444 −0 deploy/asset-inventory-arm/ARM-for-organization-account.dev.json
  24. +450 −0 deploy/asset-inventory-arm/ARM-for-organization-account.json
  25. +368 −0 deploy/asset-inventory-arm/ARM-for-single-account.dev.json
  26. +359 −0 deploy/asset-inventory-arm/ARM-for-single-account.json
  27. +59 −0 deploy/asset-inventory-arm/README.md
  28. +305 −0 deploy/asset-inventory-arm/generate_dev_template.py
  29. +16 −0 deploy/asset-inventory-arm/install-agent-dev.sh
  30. +24 −0 deploy/asset-inventory-arm/install-agent.sh
  31. +67 −0 deploy/asset-inventory-arm/install_agent_az_cli.sh
  32. +4 −0 deploy/asset-inventory-cloudformation/.gitignore
  33. +34 −0 deploy/asset-inventory-cloudformation/README.md
  34. +126 −0 deploy/asset-inventory-cloudformation/config.go
  35. +156 −0 deploy/asset-inventory-cloudformation/ec2-types.yml
  36. +256 −0 deploy/asset-inventory-cloudformation/elastic-agent-ec2-organization.yml
  37. +151 −0 deploy/asset-inventory-cloudformation/elastic-agent-ec2.yml
  38. +209 −0 deploy/asset-inventory-cloudformation/gomain.go
  39. +6 −18 internal/flavors/assetinventory/strategy.go
  40. +110 −0 internal/flavors/assetinventory/strategy_aws.go
  41. +15 −1 internal/flavors/benchmark/azure.go
  42. +45 −0 internal/flavors/benchmark/azure_test.go
  43. +3 −0 justfile
  44. +3 −0 scripts/bump_integration.sh
  45. +2 −0 scripts/publish_cft.sh
  46. +2 −2 tests/integrations_setup/install_aws_asset_inventory_integration.py
  47. +4 −1 tests/integrations_setup/install_azure_asset_inventory_integration.py
2 changes: 1 addition & 1 deletion .github/workflows/ci-pull_request.yml
Original file line number Diff line number Diff line change
@@ -94,7 +94,7 @@ jobs:
run: |
go install gotest.tools/gotestsum
GOOS=linux TEST_DIRECTORY=./... gotestsum --format pkgname -- -race -coverpkg=./... -coverprofile=cover.out.tmp
cat cover.out.tmp | grep -v "mock_.*.go" > cover.out # remove mock files from coverage report
cat cover.out.tmp | grep -v "mock_.*.go" | grep -v "elastic/cloudbeat/deploy" > cover.out # remove mock files and deploy dir
- name: Upload coverage artifact
uses: actions/upload-artifact@v4
1 change: 1 addition & 0 deletions .github/workflows/publish-cloudformation.yml
Original file line number Diff line number Diff line change
@@ -6,6 +6,7 @@ on:
- main
- "[0-9]+.[0-9]+"
paths:
- deploy/asset-inventory-cloudformation/*.yml
- deploy/cloudformation/*.yml
- scripts/publish_cft.sh
- .github/workflows/publish-cloudformation.yml
8 changes: 7 additions & 1 deletion .github/workflows/test-environment.yml
Original file line number Diff line number Diff line change
@@ -118,7 +118,6 @@ env:
WORKING_DIR: deploy/test-environments
INTEGRATIONS_SETUP_DIR: tests/integrations_setup
AWS_DEFAULT_TAGS: "Key=division,Value=engineering Key=org,Value=security Key=team,Value=cloud-security-posture Key=project,Value=test-environments"
GCP_DEFAULT_TAGS: "division=engineering,org=security,team=cloud-security-posture,project=test-environments,owner=${{ github.actor }}"
GCP_ZONE: "us-central1-a"
AZURE_DEFAULT_TAGS: "division=engineering org=security team=cloud-security-posture project=test-environments owner=${{ github.actor }}"
TF_VAR_ec_api_key: ${{ secrets.EC_API_KEY }}
@@ -403,7 +402,14 @@ jobs:
- name: Deploy CSPM GCP agent
id: cspm-gcp-agent
working-directory: deploy/deployment-manager
env:
ACTOR: ${{ github.actor }}
run: |
# GCP labeling rules:
# Only hyphens (-), underscores (_), lowercase characters, and numbers are allowed. International characters are allowed.
# Convert github.actor to lowercase, replace disallowed characters
GCP_LABEL=$(echo "$ACTOR" | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9_-]/_/g')
GCP_DEFAULT_TAGS="division=engineering,org=security,team=cloud-security-posture,project=test-environments,owner=$GCP_LABEL"
. ./set_env.sh && ./deploy.sh && gcloud compute instances update "${DEPLOYMENT_NAME}" --update-labels "${GCP_DEFAULT_TAGS}" --zone="${GCP_ZONE}"
- name: Install CSPM Azure integration
13 changes: 13 additions & 0 deletions .mergify.yml
Original file line number Diff line number Diff line change
@@ -313,6 +313,19 @@ pull_request_rules:
labels:
- "backport"
title: "[{{ destination_branch }}](backport #{{ number }}) {{ title }}"
- name: backport patches to 8.16 branch
conditions:
- merged
- label=backport-v8.16.0
actions:
backport:
assignees:
- "{{ author }}"
branches:
- "8.16"
labels:
- "backport"
title: "[{{ destination_branch }}](backport #{{ number }}) {{ title }}"
- name: backport patches to 8.x branch
conditions:
- merged
6 changes: 3 additions & 3 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
@@ -60,7 +60,7 @@ repos:
args: ["--profile", "black"]

- repo: https://github.com/psf/black
rev: 24.8.0
rev: 24.10.0
hooks:
- id: black

@@ -77,7 +77,7 @@ repos:
files: deploy/cloudformation/.*yml

- repo: https://github.com/aws-cloudformation/cfn-lint
rev: v1.16.0
rev: v1.17.2
hooks:
- id: cfn-python-lint
files: deploy/cloudformation/.*.yml
@@ -184,7 +184,7 @@ repos:
files: security-policies/.*\.(md|markdown)$

- repo: https://github.com/StyraInc/regal
rev: v0.27.0
rev: v0.28.0
hooks:
- id: regal-lint
args: [security-policies/bundle]
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
2 changes: 1 addition & 1 deletion bin/bq
2 changes: 1 addition & 1 deletion bin/docker-credential-gcloud
2 changes: 1 addition & 1 deletion bin/elastic-package
2 changes: 1 addition & 1 deletion bin/gcloud
2 changes: 1 addition & 1 deletion bin/gh
2 changes: 1 addition & 1 deletion bin/git-credential-gcloud.sh
2 changes: 1 addition & 1 deletion bin/gsutil
2 changes: 1 addition & 1 deletion bin/pre-commit
2 changes: 1 addition & 1 deletion bin/regal
2 changes: 1 addition & 1 deletion bin/shfmt
1 change: 1 addition & 0 deletions deploy/asset-inventory-arm/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
dev-flags.conf
Loading