From 1300905b2fbdb909359138795eeeec5d759c2891 Mon Sep 17 00:00:00 2001
From: Shaunak Kashyap <ycombinator@gmail.com>
Date: Mon, 24 Aug 2020 08:14:37 -0700
Subject: [PATCH] Cherry-pick to 7.9: Add FLEET_ENROLL_INSECURE env var to
 expose --insecure CLI option (#20713) (#20740)

* Add FLEET_ENROLL_INSECURE env var to expose --insecure CLI option (#20713)

* Add FLEET_ENROLL_INSECURE env var to expose --insecure CLI option

* Adding CHANGELOG entry

* Adding issue to CHANGELOG entry
# Conflicts:
#	x-pack/elastic-agent/CHANGELOG.asciidoc

* Fixing up CHANGELOG
---
 .../templates/docker/docker-entrypoint.elastic-agent.tmpl  | 7 ++++++-
 x-pack/elastic-agent/CHANGELOG.asciidoc                    | 1 +
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/dev-tools/packaging/templates/docker/docker-entrypoint.elastic-agent.tmpl b/dev-tools/packaging/templates/docker/docker-entrypoint.elastic-agent.tmpl
index 4936c8f9139..6c8d45ff41f 100644
--- a/dev-tools/packaging/templates/docker/docker-entrypoint.elastic-agent.tmpl
+++ b/dev-tools/packaging/templates/docker/docker-entrypoint.elastic-agent.tmpl
@@ -6,6 +6,7 @@ set -eo pipefail
 # FLEET_CONFIG_ID - config related to new token [defaul]
 # FLEET_ENROLLMENT_TOKEN - existing enrollment token to be used for enroll
 # FLEET_ENROLL - if set to 1 enroll will be performed
+# FLEET_ENROLL_INSECURE - if set to 1, agent will enroll with fleet using --insecure flag
 # FLEET_SETUP - if  set to 1 fleet setup will be performed
 # FLEET_TOKEN_NAME - token name for a token to be created
 # KIBANA_HOST - actual kibana host [http://localhost:5601]
@@ -54,7 +55,11 @@ function enroll(){
     fi
     echo $apikey
 
-    ./{{ .BeatName }} enroll ${KIBANA_HOST:-http://localhost:5601} $apikey -f
+    if [[ -n "${FLEET_ENROLL_INSECURE}" ]] && [[ ${FLEET_ENROLL_INSECURE} == 1 ]]; then
+      insecure_flag="--insecure"
+    fi
+
+    ./{{ .BeatName }} enroll ${insecure_flag} ${KIBANA_HOST:-http://localhost:5601} $apikey -f
 }
 
 if [[ -n "${FLEET_SETUP}" ]] && [[ ${FLEET_SETUP} == 1 ]]; then setup; fi
diff --git a/x-pack/elastic-agent/CHANGELOG.asciidoc b/x-pack/elastic-agent/CHANGELOG.asciidoc
index 1352bfe2515..8e36647da87 100644
--- a/x-pack/elastic-agent/CHANGELOG.asciidoc
+++ b/x-pack/elastic-agent/CHANGELOG.asciidoc
@@ -99,3 +99,4 @@
 - Add --staging option to enroll command {pull}20026[20026]
 - Add `event.dataset` to all events {pull}20076[20076]
 - Send datastreams fields {pull}20416[20416]
+- Users of the Docker image can now pass `FLEET_ENROLL_INSECURE=1` to include the `--insecure` flag with the `elastic-agent enroll` command {issue}20312[20312] {pull}20713[20713]