Skip to content

Downloading agent and verifying PGP signature#1959

Merged
eyalkoren merged 13 commits intoelastic:masterfrom
eyalkoren:download-and-verify-agent
Aug 22, 2021
Merged

Downloading agent and verifying PGP signature#1959
eyalkoren merged 13 commits intoelastic:masterfrom
eyalkoren:download-and-verify-agent

Conversation

@eyalkoren
Copy link
Contributor

@eyalkoren eyalkoren commented Aug 3, 2021
edited by zube bot
Loading

What does this PR do?

Closes #1901

We use the Bouncy Castle FIPS PGP implementation for the jar signature validation.
Since the related Bouncy Castle jars are doing self-checksum validation based on the jar they are coming from, we package them as is in a dedicated lib within the jar, alongside a minimal jar of ours that contains the Bouncy Castle implementation for the internal BouncyCastleVerifier#verifyPgpSignature API.
All these jars are loaded by a dedicated class loader.

Checklist

  • I have updated CHANGELOG.asciidoc
  • Unit tests:
    • Testing the new argument is parsed properly
    • Testing downloading capabilities
    • Testing PGP signature verification
    • Testing dedicated PGP validation library class loader
  • End-to-end tests:
    • Testing downloading and verification
    • Testing downloading after already downloaded
    • Testing wrong version
    • Testing attachment with downloading
    • Testing attachment without downloading (embedded agent or configured agent jar)
    • Testing slim CLI jar - through our integration tests on Jetty, Tomcat and WebLogic with agent 1.25.0
  • Add the new CLI option to documentation:
    • in docs
    • in the CLI --help output
  • Add the Bouncy Castle license to our license notice
@github-actions github-actions bot added agent-java community Issues and PRs created by the community labels Aug 3, 2021
@ghost
Copy link

ghost commented Aug 3, 2021
edited by ghost
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2021-08-22T14:53:02.712+0000

  • Duration: 57 min 39 sec

  • Commit: 85c9152

Test stats 🧪

Test Results
Failed 0
Passed 2390
Skipped 17
Total 2407

Trends 🧪

Image of Build Times

Image of Tests

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 2390
Skipped 17
Total 2407

@eyalkoren eyalkoren marked this pull request as ready for review August 4, 2021 16:47
@eyalkoren eyalkoren requested a review from felixbarny August 4, 2021 16:47
@SylvainJuge SylvainJuge self-assigned this Aug 18, 2021
SylvainJuge
SylvainJuge reviewed Aug 18, 2021
View reviewed changes
Copy link
Member

@SylvainJuge SylvainJuge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another question:
Why do we have binary dependencies in the test classpath ? Are they kept in sync through build ?
SylvainJuge
SylvainJuge approved these changes Aug 18, 2021
View reviewed changes
Copy link
Member

@SylvainJuge SylvainJuge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, discussed few details live.
@SylvainJuge SylvainJuge removed the community Issues and PRs created by the community label Aug 19, 2021
@eyalkoren eyalkoren enabled auto-merge (squash) August 22, 2021 15:03
@eyalkoren eyalkoren merged commit c401e5f into elastic:master Aug 22, 2021
@eyalkoren eyalkoren deleted the download-and-verify-agent branch August 23, 2021 05:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

agent-java

2 participants

@eyalkoren @SylvainJuge