Custom logstash plugin dependency hell

I am trying to build a custom LogStash plugin for use in an environment which is not connected to the internet. Our enterprise also has very strict control over which artifacts are brought into our isolated environment. That means that if I prepare an offline plugin pack and then import it into the offline environment I would need to individually approve each and every one of the gem files. After building a simple test plugin on a machine with internet access it looks like there are around 200 ruby gems inside that plugin pack that I would need to approve. Yikes!

It appears to me that all of the necessary dependencies for building a simple plugin come bundled with LogStash under the vendor/ directory. Is there really no way to bring in LogStash and then build those dependencies without reaching out to the internet?

Short answer, no, not really. While yes, it is true that many of the dependencies are bundled with Logstash, the development environment requirements are quite different, and depend on an internet connection to pull the other dependencies.

You might be able to create this on a non-airgapped machine and migrate it over, but that would kind of defeat the purpose of the air-gap.

Part of the reason for the Gems in the plugin pack is to guarantee that your version of a plugin has the exact gem versions you used in the source environment. I'd wager that many of them probably are the same as what's already in Logstash, so you might be able to get a pass on some of those. Check the vendor directory and the Gemfile and Gemfile.jruby-1.9.lock files to see what versions are already in your Logstash installation. If they match, then it's not really importing anything new.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.