Missing "origin" field on filebeat & packetbeat deb packages

I have the installation of debian packages automatized with the package "unattended-upgrades", which I think is the "debian & ubuntu way" to do the automatic upgrades. In the "unattended-upgrades" config you must select the allowed origin of the packages, for example:

// Automatically upgrade packages from these (origin:archive) pairs
   Unattended-Upgrade::Allowed-Origins {

Debian, Ubuntu and Puppetlabs follow this standard, including the "origin" in the packages, but in the elastic repo this info is missing:

root@host:~# apt-cache policy
Package files:
 100 /var/lib/dpkg/status
     release a=now
 500 http://apt.puppetlabs.com/ precise/PC1 amd64 Packages
     release o=Puppetlabs,a=precise,n=precise,l=Puppetlabs,c=PC1
     origin apt.puppetlabs.com
 500 https://packages.elastic.co/beats/apt/ stable/main amd64 Packages
     release n=stable,c=main
     origin packages.elastic.co
 500 http://security.debian.org/ jessie/updates/main Translation-en
 500 http://security.debian.org/ jessie/updates/main amd64 Packages
     release v=8,o=Debian,a=stable,n=jessie,l=Debian-Security,c=main
     origin security.debian.org
 500 http://ftp.de.debian.org/debian/ jessie/main Translation-en
 500 http://ftp.de.debian.org/debian/ jessie/main amd64 Packages
     release v=8.3,o=Debian,a=stable,n=jessie,l=Debian,c=main
     origin ftp.de.debian.org
Pinned packages:

I think this is due to the procedure of making the deb files. Maybe elastic could add the "Origin: Elastic" field in the packages:


With this we could easily automatic upgrade the elastic deb packages.

You could open a pull request for this. :slight_smile: This script is used to build the deb packages: https://github.com/elastic/beats/blob/master/dev-tools/packer/platforms/debian/fpm-run.sh.j2#L8

FPM is used to build the deb. It has the following flag that I think could be used for adding origin.

From fpm -h:

--deb-field 'FIELD: VALUE' (deb only) Add custom field to the control file

It looks like the field "Origin" it's not related to the package but with the "Release" file of the repository. I double checked debian documentation about deb file creation and that field it's not listed:


The "Origin" should be specified in the "Release" file, for example:


The documentation says the following:

The file "dists/$DIST/InRelease" shall contain meta-information about the distribution and checksums for the indices, possibly signed with a GPG clearsign signature (for example created by "gpg -a -s --clearsign"). For older clients there can also be a "dists/$DIST/Release" file without any signature and the file "dists/$DIST/Release.gpg" with a detached GPG signature of the "Release" file, compatible with the format used by the GPG options "-a -b -s".

On Elastic repository it looks like the packages are stored in AWS S3 buckets, so I don't know exactly how is the procedure to add this info, maybe the responsible of upload the packages could show us some light about this topic.

The apt repo is updated using a tool called deb-s3.

The exact command is here: https://github.com/elastic/beats/blob/master/dev-tools/packer/docker/deb-rpm-s3/deb-s3.expect

I searched through the deb-s3 code base and there is an option (-o) for setting Origin. So the script above will need to be modified to add -o Elastic and then it needs to be tested on a clone of repo.