I have the installation of debian packages automatized with the package "unattended-upgrades", which I think is the "debian & ubuntu way" to do the automatic upgrades. In the "unattended-upgrades" config you must select the allowed origin of the packages, for example:
// Automatically upgrade packages from these (origin:archive) pairs
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
"${distro_id}:${distro_codename}-updates";
"Puppetlabs:${distro_codename}";
};
Debian, Ubuntu and Puppetlabs follow this standard, including the "origin" in the packages, but in the elastic repo this info is missing:
It looks like the field "Origin" it's not related to the package but with the "Release" file of the repository. I double checked debian documentation about deb file creation and that field it's not listed:
The file "dists/$DIST/InRelease" shall contain meta-information about the distribution and checksums for the indices, possibly signed with a GPG clearsign signature (for example created by "gpg -a -s --clearsign"). For older clients there can also be a "dists/$DIST/Release" file without any signature and the file "dists/$DIST/Release.gpg" with a detached GPG signature of the "Release" file, compatible with the format used by the GPG options "-a -b -s".
On Elastic repository it looks like the packages are stored in AWS S3 buckets, so I don't know exactly how is the procedure to add this info, maybe the responsible of upload the packages could show us some light about this topic.
I searched through the deb-s3 code base and there is an option (-o) for setting Origin. So the script above will need to be modified to add -o Elastic and then it needs to be tested on a clone of repo.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.