Open rdner opened 3 months ago
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)
The relevant PR introducing v1.47.0 https://github.com/elastic/integrations/pull/8103
The breaking functionality is enabled by default for any system integration. It's enough to add the >=1.47.0 system integration with default settings to break a 7.17.x agent.
Pinging @elastic/sec-linux-platform (Team:Security-Linux Platform)
Versions of the system integration >= 1.47.0 are incompatible with Elastic Agent 7.17.x but are allowed to be installed.
Steps to reproduce:
Start a 8.13.0 stack:
Go
Management->Fleet
, create a policy with a system integration, clickAdd agent
Install and enroll a 7.17.19 agent:
Run the status command after a few minutes and you'll see that Filebeat got stuck in
Updating configuration
Looking at the logs (Linux path) you'll see:
which is coming from this config block:
This change is coming from this PR https://github.com/elastic/integrations/pull/8103
I suppose the main problem here is that the system integration has no condition for the agent versions:
and nothing prevents incompatible versions of the system integration from being installed on 7.17.x