From 445168eaf174589e0614ecc746c17f2521c99fba Mon Sep 17 00:00:00 2001 From: Anderson Queiroz Date: Thu, 29 Sep 2022 18:25:41 +0200 Subject: [PATCH 1/3] Add extra protection against accessing null fields to 8.5 migration (#1921) --- cmd/fleet/main.go | 4 ++-- internal/pkg/dl/migration.go | 16 +++++++++++++--- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/cmd/fleet/main.go b/cmd/fleet/main.go index 976564cb8..239f5795e 100644 --- a/cmd/fleet/main.go +++ b/cmd/fleet/main.go @@ -106,7 +106,7 @@ func initLogger(cfg *config.Config, version, commit string) (*logger.Logger, err Str("exe", os.Args[0]). Strs("args", os.Args[1:]). Msg("Boot fleet-server") - log.Debug().Strs("env", os.Environ()).Msg("environment") + log.Debug().Strs("env", os.Environ()).Msg("environment variables") return l, err } @@ -832,7 +832,7 @@ func (f *FleetServer) runSubsystems(ctx context.Context, cfg *config.Config, g * return dl.Migrate(ctx, bulker) }) if err = loggedMigration(); err != nil { - return fmt.Errorf("failed to run subsystems: %w", err) + return fmt.Errorf("failed to run migrations: %w", err) } // Run scheduler for periodic GC/cleanup diff --git a/internal/pkg/dl/migration.go b/internal/pkg/dl/migration.go index 4107dfd38..9069c5e33 100644 --- a/internal/pkg/dl/migration.go +++ b/internal/pkg/dl/migration.go @@ -61,11 +61,16 @@ func migrate(ctx context.Context, bulker bulk.Bulk, fn migrationBodyFn) (int, er for { name, index, body, err := fn() if err != nil { - return updatedDocs, fmt.Errorf(": %w", err) + return updatedDocs, + fmt.Errorf("failed to prepare request for migration %s: %w", + name, err) } resp, err := applyMigration(ctx, name, index, bulker, body) if err != nil { + log.Err(err). + Bytes("http.request.body.content", body). + Msgf("migration %s failed: %w", err) return updatedDocs, fmt.Errorf("failed to apply migration %q: %w", name, err) } @@ -239,7 +244,9 @@ map.put("id", ctx._source.default_api_key_id); // Make current API key empty, so fleet-server will generate a new one // Add current API jey to be retired -ctx._source['` + fieldOutputs + `']['default'].to_retire_api_key_ids.add(map); +if (ctx._source['` + fieldOutputs + `']['default'].to_retire_api_key_ids != null) { + ctx._source['` + fieldOutputs + `']['default'].to_retire_api_key_ids.add(map); +} ctx._source['` + fieldOutputs + `']['default'].api_key=""; ctx._source['` + fieldOutputs + `']['default'].api_key_id=""; ctx._source['` + fieldOutputs + `']['default'].permissions_hash=ctx._source.policy_output_permissions_hash; @@ -273,10 +280,13 @@ func migratePolicyCoordinatorIdx() (string, string, []byte, error) { query := dsl.NewRoot() query.Query().MatchAll() - query.Param("script", `ctx._source.coordinator_idx++;`) + painless := `ctx._source.coordinator_idx++;` + query.Param("script", painless) body, err := query.MarshalJSON() if err != nil { + log.Debug().Str("painlessScript", painless). + Msgf("%s: failed painless script", migrationName) return migrationName, FleetPolicies, nil, fmt.Errorf("could not marshal ES query: %w", err) } From 94721ddba47a91411f0164b989608ebb3417f570 Mon Sep 17 00:00:00 2001 From: Anderson Queiroz Date: Thu, 29 Sep 2022 18:29:13 +0200 Subject: [PATCH 2/3] add msgf missing parameter --- internal/pkg/dl/migration.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/pkg/dl/migration.go b/internal/pkg/dl/migration.go index 9069c5e33..1cf0fc885 100644 --- a/internal/pkg/dl/migration.go +++ b/internal/pkg/dl/migration.go @@ -70,7 +70,7 @@ func migrate(ctx context.Context, bulker bulk.Bulk, fn migrationBodyFn) (int, er if err != nil { log.Err(err). Bytes("http.request.body.content", body). - Msgf("migration %s failed: %w", err) + Msgf("migration %s failed: %w", name, err) return updatedDocs, fmt.Errorf("failed to apply migration %q: %w", name, err) } From 46aa2b48f73ec4637c2366a5423929d92e7da1b3 Mon Sep 17 00:00:00 2001 From: Anderson Queiroz Date: Thu, 29 Sep 2022 20:34:26 +0200 Subject: [PATCH 3/3] . --- internal/pkg/dl/migration.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/pkg/dl/migration.go b/internal/pkg/dl/migration.go index 1cf0fc885..48e169691 100644 --- a/internal/pkg/dl/migration.go +++ b/internal/pkg/dl/migration.go @@ -70,7 +70,7 @@ func migrate(ctx context.Context, bulker bulk.Bulk, fn migrationBodyFn) (int, er if err != nil { log.Err(err). Bytes("http.request.body.content", body). - Msgf("migration %s failed: %w", name, err) + Msgf("migration %s failed", name) return updatedDocs, fmt.Errorf("failed to apply migration %q: %w", name, err) }