Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix checkpoint @timestamp already exists #20567

Closed
wants to merge 0 commits into from

Conversation

Bernhard-Fluehmann
Copy link
Contributor

@Bernhard-Fluehmann Bernhard-Fluehmann commented Aug 12, 2020

What does this PR do?

Resolves conflicting set of timestamp field

Why is it important?

Some Checkpoint logs contain a time field and the pipeline contained a processor for it. As far as I can see the current implementation causes two errors. 1st the presence of a time field breaks the pipeline since the logs received from filebeat contain a timestamp already. 2nd problem is that the format of the time field is unix time and thus needs to be converted into a iso timestamp first.
The reason why the problem was not detected by the testsuite seems to be that none of the logs of the checkpoint.log file contains the time field. I have added such a log line at the end now.

Checklist

  • [ x] My code follows the style guidelines of this project
  • [ x] I have commented my code, particularly in hard-to-understand areas
    - [ ] I have made corresponding changes to the documentation
    - [ ] I have made corresponding change to the default configuration files
    - [ ] I have added tests that prove my fix is effective or that my feature works
  • [ x] I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Related issues

@elasticmachine
Copy link
Collaborator

Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually?

1 similar comment
@elasticmachine
Copy link
Collaborator

Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually?

@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Aug 12, 2020
@elasticmachine
Copy link
Collaborator

elasticmachine commented Aug 12, 2020

❕ Build Aborted

There is a new build on-going so the previous on-going builds have been aborted.

Pipeline View Test View Changes Artifacts

Expand to view the summary

Build stats

  • Build Cause: [Pull request #20567 updated]

  • Reason: Aborted from #28

  • Start Time: 2020-09-28T11:28:39.709+0000

  • Duration: 14 min 23 sec

  • Commit: a0cb1e5c324cc7f9f99760c23a5569343a7edf51

Steps errors

Expand to view the steps failures

  • Name: Process JUnit reports with runbld
    • Description:

    • Duration: 0 min 17 sec

    • Start Time: 2020-09-28T11:42:45.085+0000

    • log

Log output

Expand to view the last 100 lines of log output

[2020-09-28T11:42:36.253Z]  API version:       1.40
[2020-09-28T11:42:36.253Z]  Go version:        go1.13.15
[2020-09-28T11:42:36.253Z]  Git commit:        4484c46d9d
[2020-09-28T11:42:36.253Z]  Built:             Wed Sep 16 17:02:36 2020
[2020-09-28T11:42:36.253Z]  OS/Arch:           linux/amd64
[2020-09-28T11:42:36.253Z]  Experimental:      false
[2020-09-28T11:42:36.253Z] 
[2020-09-28T11:42:36.253Z] Server: Docker Engine - Community
[2020-09-28T11:42:36.253Z]  Engine:
[2020-09-28T11:42:36.253Z]   Version:          19.03.13
[2020-09-28T11:42:36.253Z]   API version:      1.40 (minimum version 1.12)
[2020-09-28T11:42:36.253Z]   Go version:       go1.13.15
[2020-09-28T11:42:36.253Z]   Git commit:       4484c46d9d
[2020-09-28T11:42:36.253Z]   Built:            Wed Sep 16 17:01:06 2020
[2020-09-28T11:42:36.253Z]   OS/Arch:          linux/amd64
[2020-09-28T11:42:36.253Z]   Experimental:     false
[2020-09-28T11:42:36.253Z]  containerd:
[2020-09-28T11:42:36.253Z]   Version:          1.3.7
[2020-09-28T11:42:36.253Z]   GitCommit:        8fba4e9a7d01810a393d5d25a3621dc101981175
[2020-09-28T11:42:36.253Z]  runc:
[2020-09-28T11:42:36.254Z]   Version:          1.0.0-rc10
[2020-09-28T11:42:36.254Z]   GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
[2020-09-28T11:42:36.254Z]  docker-init:
[2020-09-28T11:42:36.254Z]   Version:          0.18.0
[2020-09-28T11:42:36.254Z]   GitCommit:        fec3683
[2020-09-28T11:42:36.254Z] Unable to find image 'alpine:3.4' locally
[2020-09-28T11:42:36.842Z] 3.4: Pulling from library/alpine
[2020-09-28T11:42:36.842Z] c1e54eec4b57: Pulling fs layer
[2020-09-28T11:42:37.115Z] c1e54eec4b57: Verifying Checksum
[2020-09-28T11:42:37.115Z] c1e54eec4b57: Download complete
[2020-09-28T11:42:37.378Z] c1e54eec4b57: Pull complete
[2020-09-28T11:42:37.378Z] Digest: sha256:b733d4a32c4da6a00a84df2ca32791bb03df95400243648d8c539e7b4cce329c
[2020-09-28T11:42:37.378Z] Status: Downloaded newer image for alpine:3.4
[2020-09-28T11:42:39.656Z] + python .ci/scripts/pre_archive_test.py
[2020-09-28T11:42:39.667Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-20567/src/github.com/elastic/beats/build
[2020-09-28T11:42:39.716Z] WARNING: Unknown parameter(s) found for class type 'hudson.tasks.junit.pipeline.JUnitResultsStep': id,stashedTestReports
[2020-09-28T11:42:39.719Z] Recording test results
[2020-09-28T11:42:40.015Z] None of the test reports contained any result
[2020-09-28T11:42:40.038Z] Stashed 0 file(s)
[2020-09-28T11:42:40.047Z] Archiving artifacts
[2020-09-28T11:42:40.065Z] ‘**/build/TEST*.out’ doesn’t match anything: ‘**’ exists but not ‘**/build/TEST*.out’
[2020-09-28T11:42:40.065Z] No artifacts found that match the file pattern "**/build/TEST*.out". Configuration error?
[2020-09-28T11:42:40.378Z] + python .ci/scripts/search_system_tests.py
[2020-09-28T11:42:40.399Z] [INFO] system-tests=''. If no empty then let's create a tarball
[2020-09-28T11:42:40.756Z] Client: Docker Engine - Community
[2020-09-28T11:42:40.757Z]  Version:           19.03.13
[2020-09-28T11:42:40.757Z]  API version:       1.40
[2020-09-28T11:42:40.757Z]  Go version:        go1.13.15
[2020-09-28T11:42:40.757Z]  Git commit:        4484c46d9d
[2020-09-28T11:42:40.757Z]  Built:             Wed Sep 16 17:02:36 2020
[2020-09-28T11:42:40.757Z]  OS/Arch:           linux/amd64
[2020-09-28T11:42:40.757Z]  Experimental:      false
[2020-09-28T11:42:40.757Z] 
[2020-09-28T11:42:40.757Z] Server: Docker Engine - Community
[2020-09-28T11:42:40.757Z]  Engine:
[2020-09-28T11:42:40.757Z]   Version:          19.03.13
[2020-09-28T11:42:40.757Z]   API version:      1.40 (minimum version 1.12)
[2020-09-28T11:42:40.757Z]   Go version:       go1.13.15
[2020-09-28T11:42:40.757Z]   Git commit:       4484c46d9d
[2020-09-28T11:42:40.757Z]   Built:            Wed Sep 16 17:01:06 2020
[2020-09-28T11:42:40.757Z]   OS/Arch:          linux/amd64
[2020-09-28T11:42:40.757Z]   Experimental:     false
[2020-09-28T11:42:40.757Z]  containerd:
[2020-09-28T11:42:40.757Z]   Version:          1.3.7
[2020-09-28T11:42:40.757Z]   GitCommit:        8fba4e9a7d01810a393d5d25a3621dc101981175
[2020-09-28T11:42:40.757Z]  runc:
[2020-09-28T11:42:40.757Z]   Version:          1.0.0-rc10
[2020-09-28T11:42:40.757Z]   GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
[2020-09-28T11:42:40.757Z]  docker-init:
[2020-09-28T11:42:40.757Z]   Version:          0.18.0
[2020-09-28T11:42:40.757Z]   GitCommit:        fec3683
[2020-09-28T11:42:44.941Z] Stage "Build&Test" skipped due to earlier failure(s)
[2020-09-28T11:42:45.015Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-20567/src/github.com/elastic/beats
[2020-09-28T11:42:45.023Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-20567/src/github.com/elastic/beats/uncategorized-1601293360016
[2020-09-28T11:42:45.325Z] Click here to forcibly terminate running steps
[2020-09-28T11:42:45.370Z] + cat
[2020-09-28T11:42:45.370Z] + /usr/local/bin/runbld ./runbld-test-reports --job-name elastic+beats+pull-request
[2020-09-28T11:42:45.370Z] Picked up JAVA_TOOL_OPTIONS: -Dfile.encoding=UTF8
[2020-09-28T11:42:51.959Z] runbld>>> runbld started
[2020-09-28T11:42:51.959Z] runbld>>> 1.6.12/f45d832f2ba0aa2722ab4ec1fda8ad140f027f8b
[2020-09-28T11:42:53.362Z] runbld>>> The following profiles matched the job 'elastic+beats+pull-request' in order of occurrence in the config (last value wins).
[2020-09-28T11:42:53.362Z] runbld>>> Matches in the system config:
[2020-09-28T11:42:53.362Z] runbld>>> - Matched ^elastic\+beats
[2020-09-28T11:42:53.362Z] runbld>>> - Matched ^elastic\+beats\+pull-request
[2020-09-28T11:42:54.751Z] runbld>>> Debug logging enabled.
[2020-09-28T11:42:54.751Z] runbld>>> Storing result
[2020-09-28T11:42:54.751Z] runbld>>> Store result: created {:total 2, :successful 2, :failed 0} 1
[2020-09-28T11:42:54.751Z] runbld>>> BUILD: https://c150076387b5421f9154dfbf536e5c60.us-west1.gcp.cloud.es.io:9243/build-1597739501209/t/20200928114254-25405F02
[2020-09-28T11:42:54.751Z] runbld>>> Adding system facts.
[2020-09-28T11:42:55.699Z] runbld>>> Sending debug log to infra-root+runbld-debug@e***.co
[2020-09-28T11:42:57.204Z] runbld>>> Error: The source clone was not found in /var/lib/jenkins/workspace/Beats_beats_PR-20567/src/github.com/elastic/beats.  The most common cause is that Jenkins and runbld are configured with different working directories (referred to as 'basedir' in JJB and 'cwd' in runbld config).
[2020-09-28T11:43:02.534Z] ERROR: runbld post build action failed.
[2020-09-28T11:43:02.534Z] ERROR: script returned exit code 1
[2020-09-28T11:43:02.729Z] Running on Jenkins in /var/lib/jenkins/workspace/Beats_beats_PR-20567
[2020-09-28T11:43:02.796Z] [INFO] getVaultSecret: Getting secrets
[2020-09-28T11:43:02.871Z] Masking supported pattern matches of $VAULT_ADDR or $VAULT_ROLE_ID or $VAULT_SECRET_ID
[2020-09-28T11:43:03.453Z] + chmod 755 generate-build-data.sh
[2020-09-28T11:43:03.453Z] + ./generate-build-data.sh https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-20567/ https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-20567/runs/27 ABORTED 863484
[2020-09-28T11:43:03.453Z] INFO: curl https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-20567/runs/27/steps/?limit=10000 -o steps-info.json
[2020-09-28T11:43:03.703Z] INFO: curl https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-20567/runs/27/tests/?status=FAILED -o tests-errors.json

@Bernhard-Fluehmann Bernhard-Fluehmann changed the title Fix checkpoint fix checkpoint @timestamp already exists Aug 12, 2020
@P1llus
Copy link
Member

P1llus commented Aug 12, 2020

@Bernhard-Fluehmann Could you resolve the conflicting changelog? It should be doable through this github web UI in worst case scenario.

Also please add a more descriptive entry in the changelog. Like:
"Adding fix for checkpoint module when timestamp already exists"

@elasticmachine
Copy link
Collaborator

Pinging @elastic/siem (Team:SIEM)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Aug 12, 2020
@P1llus P1llus added the review label Aug 12, 2020
@Bernhard-Fluehmann
Copy link
Contributor Author

@P1llus Done

@P1llus
Copy link
Member

P1llus commented Aug 12, 2020

Jenkins test this please

Copy link
Member

@P1llus P1llus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, though need one more review

@P1llus
Copy link
Member

P1llus commented Aug 12, 2020

@Bernhard-Fluehmann Please do not remove the timestamp rename, the script compilation is something that is an issue on multiple modules on older versions and wont be a problem after 7.9-7.10. The rename processor itself is not the cause of the issue there.

@Bernhard-Fluehmann
Copy link
Contributor Author

@P1llus Done

Copy link
Contributor

@leehinman leehinman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@leehinman
Copy link
Contributor

jenkins run tests

CHANGELOG.next.asciidoc Outdated Show resolved Hide resolved
@Bernhard-Fluehmann
Copy link
Contributor Author

Hi @marc-gr Can you please let me know if it is ok now or what other steps it takes to have this done?

@marc-gr
Copy link
Contributor

marc-gr commented Aug 27, 2020

Hi @marc-gr Can you please let me know if it is ok now or what other steps it takes to have this done?

It is in the right place, but it seems to be conflicting with master, please merge/rebase your branch and it should be good to go after 👍

CHANGELOG.next.asciidoc Outdated Show resolved Hide resolved
@marc-gr
Copy link
Contributor

marc-gr commented Aug 27, 2020

jenkins run tests

@hazcod
Copy link
Contributor

hazcod commented Sep 8, 2020

@Bernhard-Fluehmann could you fix the merge conflict so we can get this in?

@Bernhard-Fluehmann
Copy link
Contributor Author

Bernhard-Fluehmann commented Sep 8, 2020

Will fix it again

@marc-gr
Copy link
Contributor

marc-gr commented Sep 8, 2020

jenkins run tests

@Bernhard-Fluehmann
Copy link
Contributor Author

@marc-gr could you let me know why the builds break? I suppose the testsuite fails on the checkpoint tests. Unfortunately I can not run testsuite locally since it is somehow broken. If you may give me a hint on how to test locally I could sort the problem out.
As well it would be helpful to know how to setup log and log-expected correctly. Initially I added a new log line to the log file which contains an additional field called time, containing a timestamp and the processed output from the pipeline simulate of my testsetup to the expected log. When I had a second look at the expected log file I saw that the format of the fields is not as produced by elasticsearch, instead it is stored in somehow flattened mode. Now I wonder how this output was created and again the right way on doing it. The same applies to the development of pipelines, which are stored in the module in yml format but are most likely developped in devtools in json. Is there a way to develop and simulate directly in yml and beats environmennt, or if not, is there a tool to convert from yml to json?

Copy link
Contributor

@marc-gr marc-gr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello @Bernhard-Fluehmann ! I pulled your branch to see what was wrong and found a typo in the pipeline and few tips to improve the pipeline changes, which I added in the review. Also a merge or a rebase is required (mind the CHANGELOG entry is at the end, since merges usually end up messing with them).

Regarding how to add the new test case, it seems the test suite only checks the firs 100 events in the example log file. For now you can add your log in a separate file as I suggest, since changing the tests to check all events have some implications that we might need to deal in a new issue/PR if we decide to change it. Once you have your new file created and your log line is in it, you can go into the x-pack/filebeat folder and run TESTING_FILEBEAT_MODULES=checkpoint TESTING_FILEBEAT_FILESETS=firewall GENERATE=true MODULES_PATH=module mage -v pythonIntegTest this will regenerate the expected test files with your new pipeline, then you can commit the changes if they are okay. To run the module tests locally, just omit the GENERATE=true.

Please let us know if you need something else or if you want us to take over from this point and do the required commits to your branch. Thanks a lot for taking the time to do this PR ! :)

- rename:
field": "@timestamp"
target_field: "event.created"
if: "ctx.@timestamp != null"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if: "ctx.@timestamp != null"
ignore_missing: true

if: "ctx.@timestamp != null"
- date:
field: "syslog5424_ts"
formats: ["ISO8601"]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
formats: ["ISO8601"]
formats: ["ISO8601", "UNIX"]

not sure if this can come as unix at some point also

value: '{{syslog5424_ts}}'
if: ctx.checkpoint?.time == null
- rename:
field": "@timestamp"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
field": "@timestamp"
field: "@timestamp"

- date:
field: "checkpoint.time"
formats: ["ISO8601", "UNIX"]
if: "ctx.checkpoint?.time != null"
- rename:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would delete this rename block, since the previous date one will take care of this

@@ -10037,3 +10037,4 @@
<134>1 2020-03-30T07:19:22Z gw-da58d3 CheckPoint 8363 - [action:"Accept"; flags:"411908"; ifdir:"inbound"; ifname:"eth0"; logid:"0"; loguid:"{0x5e819d7a,0x0,0x353707c7,0xee78a1dc}"; origin:"192.168.1.100"; originsicname:"cn=cp_mgmt,o=gw-da58d3..tmn8s8"; sequencenum:"1"; version:"5"; __policy_id_tag:"product=VPN-1 & FireWall-1[db_tag={880771B0-FD92-2C4F-82FC-B96FC3DE5A07};mgmt=gw-da58d3;date=1585502566;policy_name=Standard\]"; dst:"192.168.1.255"; inzone:"External"; layer_name:"Network"; layer_uuid:"63b7fe60-76d2-4287-bca5-21af87337b0a"; match_id:"1"; parent_rule:"0"; rule_action:"Accept"; rule_uid:"1fde807b-6300-4b1a-914f-f1c1f3e2e7d2"; outzone:"Local"; product:"VPN-1 & FireWall-1"; proto:"17"; s_port:"50024"; service:"137"; service_id:"nbname"; src:"192.168.1.196"]
<134>1 2020-03-30T07:20:33Z gw-da58d3 CheckPoint 8363 - [action:"Accept"; flags:"411908"; ifdir:"inbound"; ifname:"eth0"; logid:"0"; loguid:"{0x5e819dc1,0x0,0x353707c7,0xee78a1dc}"; origin:"192.168.1.100"; originsicname:"cn=cp_mgmt,o=gw-da58d3..tmn8s8"; sequencenum:"1"; version:"5"; __policy_id_tag:"product=VPN-1 & FireWall-1[db_tag={880771B0-FD92-2C4F-82FC-B96FC3DE5A07};mgmt=gw-da58d3;date=1585502566;policy_name=Standard\]"; dst:"192.168.1.100"; inzone:"External"; layer_name:"Network"; layer_uuid:"63b7fe60-76d2-4287-bca5-21af87337b0a"; match_id:"1"; parent_rule:"0"; rule_action:"Accept"; rule_uid:"1fde807b-6300-4b1a-914f-f1c1f3e2e7d2"; outzone:"Local"; product:"VPN-1 & FireWall-1"; proto:"6"; s_port:"60226"; service:"22"; service_id:"ssh"; src:"192.168.1.205"]
<134>1 2020-03-30T07:20:35Z gw-da58d3 CheckPoint 8363 - [action:"Accept"; flags:"444676"; ifdir:"outbound"; ifname:"eth0"; logid:"0"; loguid:"{0x5e819dc3,0x0,0x353707c7,0xee78a1dc}"; origin:"192.168.1.100"; originsicname:"cn=cp_mgmt,o=gw-da58d3..tmn8s8"; sequencenum:"1"; version:"5"; __policy_id_tag:"product=VPN-1 & FireWall-1[db_tag={880771B0-FD92-2C4F-82FC-B96FC3DE5A07};mgmt=gw-da58d3;date=1585502566;policy_name=Standard\]"; dst:"192.168.1.153"; inzone:"Local"; layer_name:"Network"; layer_uuid:"63b7fe60-76d2-4287-bca5-21af87337b0a"; match_id:"1"; parent_rule:"0"; rule_action:"Accept"; rule_uid:"1fde807b-6300-4b1a-914f-f1c1f3e2e7d2"; outzone:"External"; product:"VPN-1 & FireWall-1"; proto:"17"; s_port:"43103"; service:"514"; service_id:"syslog"; src:"192.168.1.100"]
<134>1 2020-03-30T07:20:35Z gw-da58d3 CheckPoint 7776 - [action:"Accept"; flags:"444676"; ifdir:"outbound"; ifname:"eth0"; logid:"0"; loguid:"{0x5e819dc3,0x0,0x353707c7,0xee78a1dc}"; origin:"192.168.1.100"; originsicname:"cn=cp_mgmt,o=gw-da58d3..tmn8s8"; sequencenum:"1"; time:"1594646954"; version:"5"; __policy_id_tag:"product=VPN-1 & FireWall-1[db_tag={880771B0-FD92-2C4F-82FC-B96FC3DE5A07};mgmt=gw-da58d3;date=1585502566;policy_name=Standard\]"; dst:"192.168.1.153"; inzone:"Local"; layer_name:"Network"; layer_uuid:"63b7fe60-76d2-4287-bca5-21af87337b0a"; match_id:"1"; parent_rule:"0"; rule_action:"Accept"; rule_uid:"1fde807b-6300-4b1a-914f-f1c1f3e2e7d2"; outzone:"External"; product:"VPN-1 & FireWall-1"; proto:"17"; s_port:"43103"; service:"514"; service_id:"syslog"; src:"192.168.1.100"]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tests are only checking the first 100 events, to let this get tested, you need to put this log line in a separate file e.g.: checkpoint_with_time.log

@Bernhard-Fluehmann
Copy link
Contributor Author

Bernhard-Fluehmann commented Sep 15, 2020 via email

@marc-gr
Copy link
Contributor

marc-gr commented Sep 15, 2020

Hi Marc, Thank you for your answer and helpful information. I am on holiday this week, so if you get a chance to take over I would appreciate it. If not I will proceed next week.

Sure will push the changes myself, but I need you to give me push permission to the PR 👍

To make sure I got your comment on date processor right. As far as I understand you, the date processor is save against multiple use and updates existing fields instead of throwing errors. I.e. the same behavior like set procesor. Is this correct?

In this case, we were using a date processor to fill @timestamp (https://www.elastic.co/guide/en/elasticsearch/reference/master/date-processor.html) with checkpoint.time if present, the next rename one was overriding @timestamp with checkpoint.time, so undoing what the previous date processor did. We do not need to rename it since it is included in the list for removal at the end of the pipeline. Hope it clarifies a bit what I was referring to.

Once again thanks a lot for the contribution and your time ❤️

@marc-gr marc-gr self-assigned this Sep 16, 2020
Copy link
Contributor Author

@Bernhard-Fluehmann Bernhard-Fluehmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Copy link
Contributor Author

@Bernhard-Fluehmann Bernhard-Fluehmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@marc-gr
Copy link
Contributor

marc-gr commented Sep 28, 2020

LGTM

@Bernhard-Fluehmann hope your holidays were nice! Do you still want me to do the changes or are you going to?

Thanks!

@Bernhard-Fluehmann
Copy link
Contributor Author

@ Hi Marc, I have tried to proceed with my work and managed to screw up the branch due to updating. I am very sorry on that. Do you have an idea how to fix this and proceed? Regards

@elasticmachine
Copy link
Collaborator

💔 Build Failed

Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: [Pull request #20567 updated]

  • Start Time: 2020-09-28T11:36:26.516+0000

  • Duration: 14 min 20 sec

Steps errors

Expand to view the steps failures

  • Name: make check

    • Description: make check

    • Duration: 3 min 21 sec

    • Start Time: 2020-09-28T11:46:58.499+0000

    • log

  • Name: Notifies GitHub of the status of a Pull Request

    • Description: script returned exit code 2

    • Duration: 0 min 1 sec

    • Start Time: 2020-09-28T11:50:27.127+0000

    • log

  • Name: Process JUnit reports with runbld

    • Description:

    • Duration: 0 min 18 sec

    • Start Time: 2020-09-28T11:50:28.594+0000

    • log

Log output

Expand to view the last 100 lines of log output

[2020-09-28T11:50:20.151Z]  API version:       1.40
[2020-09-28T11:50:20.151Z]  Go version:        go1.13.15
[2020-09-28T11:50:20.151Z]  Git commit:        4484c46d9d
[2020-09-28T11:50:20.151Z]  Built:             Wed Sep 16 17:02:36 2020
[2020-09-28T11:50:20.151Z]  OS/Arch:           linux/amd64
[2020-09-28T11:50:20.151Z]  Experimental:      false
[2020-09-28T11:50:20.151Z] 
[2020-09-28T11:50:20.151Z] Server: Docker Engine - Community
[2020-09-28T11:50:20.151Z]  Engine:
[2020-09-28T11:50:20.151Z]   Version:          19.03.13
[2020-09-28T11:50:20.151Z]   API version:      1.40 (minimum version 1.12)
[2020-09-28T11:50:20.151Z]   Go version:       go1.13.15
[2020-09-28T11:50:20.151Z]   Git commit:       4484c46d9d
[2020-09-28T11:50:20.151Z]   Built:            Wed Sep 16 17:01:06 2020
[2020-09-28T11:50:20.151Z]   OS/Arch:          linux/amd64
[2020-09-28T11:50:20.151Z]   Experimental:     false
[2020-09-28T11:50:20.151Z]  containerd:
[2020-09-28T11:50:20.151Z]   Version:          1.3.7
[2020-09-28T11:50:20.151Z]   GitCommit:        8fba4e9a7d01810a393d5d25a3621dc101981175
[2020-09-28T11:50:20.151Z]  runc:
[2020-09-28T11:50:20.151Z]   Version:          1.0.0-rc10
[2020-09-28T11:50:20.151Z]   GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
[2020-09-28T11:50:20.151Z]  docker-init:
[2020-09-28T11:50:20.151Z]   Version:          0.18.0
[2020-09-28T11:50:20.151Z]   GitCommit:        fec3683
[2020-09-28T11:50:20.151Z] Unable to find image 'alpine:3.4' locally
[2020-09-28T11:50:20.724Z] 3.4: Pulling from library/alpine
[2020-09-28T11:50:20.985Z] c1e54eec4b57: Pulling fs layer
[2020-09-28T11:50:21.245Z] c1e54eec4b57: Verifying Checksum
[2020-09-28T11:50:21.245Z] c1e54eec4b57: Download complete
[2020-09-28T11:50:21.245Z] c1e54eec4b57: Pull complete
[2020-09-28T11:50:21.507Z] Digest: sha256:b733d4a32c4da6a00a84df2ca32791bb03df95400243648d8c539e7b4cce329c
[2020-09-28T11:50:21.507Z] Status: Downloaded newer image for alpine:3.4
[2020-09-28T11:50:23.186Z] + python .ci/scripts/pre_archive_test.py
[2020-09-28T11:50:23.186Z] Copy ./filebeat/build into build/filebeat/build
[2020-09-28T11:50:23.186Z] Copy ./auditbeat/build into build/auditbeat/build
[2020-09-28T11:50:23.197Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-20567/src/github.com/elastic/beats/build
[2020-09-28T11:50:23.232Z] WARNING: Unknown parameter(s) found for class type 'hudson.tasks.junit.pipeline.JUnitResultsStep': id,stashedTestReports
[2020-09-28T11:50:23.235Z] Recording test results
[2020-09-28T11:50:23.418Z] None of the test reports contained any result
[2020-09-28T11:50:23.452Z] Stashed 0 file(s)
[2020-09-28T11:50:23.461Z] Archiving artifacts
[2020-09-28T11:50:23.546Z] ‘**/build/TEST*.out’ doesn’t match anything: ‘**’ exists but not ‘**/build/TEST*.out’
[2020-09-28T11:50:23.546Z] No artifacts found that match the file pattern "**/build/TEST*.out". Configuration error?
[2020-09-28T11:50:23.862Z] + python .ci/scripts/search_system_tests.py
[2020-09-28T11:50:23.880Z] [INFO] system-tests=''. If no empty then let's create a tarball
[2020-09-28T11:50:24.212Z] Client: Docker Engine - Community
[2020-09-28T11:50:24.212Z]  Version:           19.03.13
[2020-09-28T11:50:24.212Z]  API version:       1.40
[2020-09-28T11:50:24.212Z]  Go version:        go1.13.15
[2020-09-28T11:50:24.212Z]  Git commit:        4484c46d9d
[2020-09-28T11:50:24.212Z]  Built:             Wed Sep 16 17:02:36 2020
[2020-09-28T11:50:24.212Z]  OS/Arch:           linux/amd64
[2020-09-28T11:50:24.212Z]  Experimental:      false
[2020-09-28T11:50:24.212Z] 
[2020-09-28T11:50:24.212Z] Server: Docker Engine - Community
[2020-09-28T11:50:24.212Z]  Engine:
[2020-09-28T11:50:24.212Z]   Version:          19.03.13
[2020-09-28T11:50:24.212Z]   API version:      1.40 (minimum version 1.12)
[2020-09-28T11:50:24.212Z]   Go version:       go1.13.15
[2020-09-28T11:50:24.212Z]   Git commit:       4484c46d9d
[2020-09-28T11:50:24.212Z]   Built:            Wed Sep 16 17:01:06 2020
[2020-09-28T11:50:24.212Z]   OS/Arch:          linux/amd64
[2020-09-28T11:50:24.212Z]   Experimental:     false
[2020-09-28T11:50:24.212Z]  containerd:
[2020-09-28T11:50:24.212Z]   Version:          1.3.7
[2020-09-28T11:50:24.212Z]   GitCommit:        8fba4e9a7d01810a393d5d25a3621dc101981175
[2020-09-28T11:50:24.212Z]  runc:
[2020-09-28T11:50:24.212Z]   Version:          1.0.0-rc10
[2020-09-28T11:50:24.212Z]   GitCommit:        dc9208a3303feef5b3839f4323d9beb36df0a9dd
[2020-09-28T11:50:24.212Z]  docker-init:
[2020-09-28T11:50:24.212Z]   Version:          0.18.0
[2020-09-28T11:50:24.212Z]   GitCommit:        fec3683
[2020-09-28T11:50:28.398Z] Stage "Build&Test" skipped due to earlier failure(s)
[2020-09-28T11:50:28.507Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-20567/src/github.com/elastic/beats
[2020-09-28T11:50:28.515Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-20567/src/github.com/elastic/beats/uncategorized-1601293823418
[2020-09-28T11:50:28.888Z] + cat
[2020-09-28T11:50:28.888Z] + /usr/local/bin/runbld ./runbld-test-reports --job-name elastic+beats+pull-request
[2020-09-28T11:50:28.888Z] Picked up JAVA_TOOL_OPTIONS: -Dfile.encoding=UTF8
[2020-09-28T11:50:35.530Z] runbld>>> runbld started
[2020-09-28T11:50:35.530Z] runbld>>> 1.6.12/f45d832f2ba0aa2722ab4ec1fda8ad140f027f8b
[2020-09-28T11:50:37.450Z] runbld>>> The following profiles matched the job 'elastic+beats+pull-request' in order of occurrence in the config (last value wins).
[2020-09-28T11:50:37.450Z] runbld>>> Matches in the system config:
[2020-09-28T11:50:37.450Z] runbld>>> - Matched ^elastic\+beats
[2020-09-28T11:50:37.450Z] runbld>>> - Matched ^elastic\+beats\+pull-request
[2020-09-28T11:50:38.839Z] runbld>>> Debug logging enabled.
[2020-09-28T11:50:38.839Z] runbld>>> Storing result
[2020-09-28T11:50:38.839Z] runbld>>> Store result: created {:total 2, :successful 2, :failed 0} 1
[2020-09-28T11:50:38.839Z] runbld>>> BUILD: https://c150076387b5421f9154dfbf536e5c60.us-west1.gcp.cloud.es.io:9243/build-1597739501209/t/20200928115038-42C2D0AF
[2020-09-28T11:50:38.839Z] runbld>>> Adding system facts.
[2020-09-28T11:50:39.866Z] runbld>>> Sending debug log to infra-root+runbld-debug@e***.co
[2020-09-28T11:50:40.807Z] runbld>>> Error: The source clone was not found in /var/lib/jenkins/workspace/Beats_beats_PR-20567/src/github.com/elastic/beats.  The most common cause is that Jenkins and runbld are configured with different working directories (referred to as 'basedir' in JJB and 'cwd' in runbld config).
[2020-09-28T11:50:46.107Z] ERROR: runbld post build action failed.
[2020-09-28T11:50:46.108Z] ERROR: script returned exit code 1
[2020-09-28T11:50:46.367Z] Running on Jenkins in /var/lib/jenkins/workspace/Beats_beats_PR-20567
[2020-09-28T11:50:46.432Z] [INFO] getVaultSecret: Getting secrets
[2020-09-28T11:50:46.499Z] Masking supported pattern matches of $VAULT_ADDR or $VAULT_ROLE_ID or $VAULT_SECRET_ID
[2020-09-28T11:50:47.142Z] + chmod 755 generate-build-data.sh
[2020-09-28T11:50:47.142Z] + ./generate-build-data.sh https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-20567/ https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-20567/runs/28 FAILURE 860365
[2020-09-28T11:50:47.142Z] INFO: curl https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-20567/runs/28/steps/?limit=10000 -o steps-info.json

@marc-gr
Copy link
Contributor

marc-gr commented Sep 28, 2020

@ Hi Marc, I have tried to proceed with my work and managed to screw up the branch due to updating. I am very sorry on that. Do you have an idea how to fix this and proceed? Regards

No worries, will open a new PR from yours so you do not lose authorship

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Filebeat][Checkpoint module] field [@timestamp] already exists
6 participants