search

elastic / terraform-provider-elasticstack

Terraform provider for Elastic Stack
https://registry.terraform.io/providers/elastic/elasticstack/latest/docs
Apache License 2.0
167 stars 91 forks source link

[Feature] Allow elasticstack_fleet_integration resource to install other versions than latest #858

Open breml opened 3 days ago

breml commented 3 days ago

Is your feature request related to a problem? Please describe.

For our corporate setup, we run 3 Elasticsearch Cluster in Elastic Cloud:

According to the internal guidelines, the Elasticsearch cluster for DEV is always on the most recent version, QUAL is at least one minor version behind and PROD again is at least one minor version behind QUAL. When we test a setup, we would like to test the exact combination together with the respective version of the Fleet Integrations, that are installed. This means, that we want to test a certain combination of Elasticsearch + Versions of Fleet Intgrations first on DEV, then on QUAL and finally roll out the tested combination to PROD. Currently, this is not possible with the Elastic Package Registry and with Terraform, since the elasticstack_fleet_integration ressource refuses to install an older version of a Terraform integration, if a more recent version is available. This is very unfortunate, since it basically forces us to update the Fleet Integrations whenever we update Elasticsearch and we end up in production with a combination of version, that we have never tested before.

Additional context

Related issue: #669

I first raised this issue with the Elastic support and they asked me to also raise the issue here.

daemitus commented 3 days ago

Have you tried force=true? I know I've had issues with out of date integrations historically, but in a sandbox the old otx does install correctly with the flag set. 

resource "elasticstack_fleet_integration" "threat_intel-AlienvaultOTX" {
  name    = "ti_otx"
  version = "1.24.1"
  force   = true
}
---[ REQUEST ]---------------------------------------
POST /api/fleet/epm/packages/ti_otx/1.24.1 HTTP/1.1
Host: localhost:5601
User-Agent: Go-http-client/1.1
Content-Length: 14
Authorization: *******************************
Content-Type: application/json
Kbn-Xsrf: true
Accept-Encoding: gzip

{
 "force": true
}

-----------------------------------------------------: 
2024-10-18T12:50:43.826-0400 [DEBUG] provider.terraform-provider-elasticstack_v0.11.9-pre1: Fleet API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/1.1 200 OK
...the rest...