Add Integration tests to Auditbeat CI pipeline

[mjwolf]

Proposed commit message

Refactor the CI integration test steps for the Auditbeat pipeline to use build matrices for Linux tests. By doing this, it will be easier to add additional VM types to the integration tests in the future.

With this, the integration tests will run on Ubuntu 20.04, 22.04, 24.04 for both x86_64 and arm64, and RHEL 9 x86_64.

Checklist

• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

[mergify]

This pull request does not have a backport label.
If this is a bug or security fix, could you label this PR @mjwolf? 🙏.
For such, you'll need to label your PR with:

• The upcoming major version of the Elastic Stack
• The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)

To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-v8./d.0 is the label to automatically backport to the 8./d branch. /d is the digit

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2024-02-07T22:21:13.971+0000

• Duration: 12 min 27 sec

Test stats 🧪

Test	Results
Failed	0
Passed	3
Skipped	0
Total	3

💚 Flaky test report

Tests succeeded.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

• /package : Generate the packages and run the E2E tests.

• /beats-tester : Run the installation tests with beats-tester.

• run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

[elasticmachine]

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)

[mmat11]

I guess these can be removed then https://github.com/elastic/beats/blob/main/auditbeat/Jenkinsfile.yml#L33-L50

[dliappis]

Looks good, thank you!

Left a comment to raise awareness on GH status notifications and that by using a matrix, failures will be collapsed under one entry. If you are ok with this I won't object, just wanted to make sure the behavior is clearly understood.

[dliappis]

By using a matrix and having a static context we'll be facing the issue that all failures will be collapsed under the same GH status notification.

For example, right now, with passing tests, the notification looks like:

If we click the link it takes us to:

which represents both Auditbeat Linux x86_64 Integration Tests -- family/platform-ingest-beats-ubuntu-2004 and Auditbeat Linux x86_64 Integration Tests -- family/platform-ingest-beats-ubuntu-2204

So if there is a failure, clicking on the link will take the user to the top of the matrix section, not the specific failed job. Looking at the official BK docs it might be impossible to add {{matrix.image}} -- or another additional property like {{matrix.name}} -- under notify: ["github_commit_stats": {"context": "the message ... {{matrix.property}}"}] (maybe worth testing to be 100% sure).

In any case, my main comment here is to raise awareness about the behavior and that with failures it won't be able to quickly see in the status section which specific image failed.

[dliappis]

nit: re: renaming IMAGE_MACOS_ARM to IMAGE_MACOS_ARM64, ideally we do this in a future PR where we change this as a convention for all the pipelines. For now, it might be ok to leave the name as is, given that there is no 32bit ARM architecture for macOS?

[mergify]

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b auditbeat-integTest-ci upstream/auditbeat-integTest-ci
git merge upstream/main
git push upstream auditbeat-integTest-ci

[elasticmachine]

Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)

[mjwolf]

I'd like to revive this PR. I've added all the Linux 'platform-ingest-beats' VM images that currently exist and removed the variable name changes that weren't necessary.

@leehinman, @dliappis, @pkoutsovasilis could you review this again, since it's changed since you last looked at it?

[rowlandgeoff]

LGTM. @oakrizan can you please review? Any overlap with your current changes?

[oakrizan]

We deliberately were avoiding matrix usage. In addition to what Dimitrios said about matrix - if one of the matrix-based steps fails, then particular GH check will hang in "Pending" state.

[oakrizan]

lgtm