Missing "origin" field on filebeat & packetbeat deb packages

fbarbeira · March 16, 2016, 10:19am

I have the installation of debian packages automatized with the package "unattended-upgrades", which I think is the "debian & ubuntu way" to do the automatic upgrades. In the "unattended-upgrades" config you must select the allowed origin of the packages, for example:

// Automatically upgrade packages from these (origin:archive) pairs
   Unattended-Upgrade::Allowed-Origins {
   "${distro_id}:${distro_codename}-security";
   "${distro_id}:${distro_codename}-updates";
   "Puppetlabs:${distro_codename}";
   };

Debian, Ubuntu and Puppetlabs follow this standard, including the "origin" in the packages, but in the elastic repo this info is missing:

root@host:~# apt-cache policy
Package files:
 100 /var/lib/dpkg/status
     release a=now
 500 http://apt.puppetlabs.com/ precise/PC1 amd64 Packages
     release o=Puppetlabs,a=precise,n=precise,l=Puppetlabs,c=PC1
     origin apt.puppetlabs.com
 500 https://packages.elastic.co/beats/apt/ stable/main amd64 Packages
     release n=stable,c=main
     origin packages.elastic.co
 500 http://security.debian.org/ jessie/updates/main Translation-en
 500 http://security.debian.org/ jessie/updates/main amd64 Packages
     release v=8,o=Debian,a=stable,n=jessie,l=Debian-Security,c=main
     origin security.debian.org
 500 http://ftp.de.debian.org/debian/ jessie/main Translation-en
 500 http://ftp.de.debian.org/debian/ jessie/main amd64 Packages
     release v=8.3,o=Debian,a=stable,n=jessie,l=Debian,c=main
     origin ftp.de.debian.org
Pinned packages:
root@host:~#

I think this is due to the procedure of making the deb files. Maybe elastic could add the "Origin: Elastic" field in the packages:

https://wiki.debian.org/RepositoryFormat#Origin

With this we could easily automatic upgrade the elastic deb packages.

andrewkroh · March 17, 2016, 8:11pm

You could open a pull request for this. This script is used to build the deb packages: https://github.com/elastic/beats/blob/master/dev-tools/packer/platforms/debian/fpm-run.sh.j2#L8

FPM is used to build the deb. It has the following flag that I think could be used for adding origin.

From fpm -h:

--deb-field 'FIELD: VALUE' (deb only) Add custom field to the control file

fbarbeira · March 18, 2016, 11:03am

It looks like the field "Origin" it's not related to the package but with the "Release" file of the repository. I double checked debian documentation about deb file creation and that field it's not listed:

https://www.debian.org/doc/debian-policy/ch-controlfields.html

The "Origin" should be specified in the "Release" file, for example:

ftp://ftp.de.debian.org/debian/dists/jessie/Release

The documentation says the following:

The file "dists/$DIST/InRelease" shall contain meta-information about the distribution and checksums for the indices, possibly signed with a GPG clearsign signature (for example created by "gpg -a -s --clearsign"). For older clients there can also be a "dists/$DIST/Release" file without any signature and the file "dists/$DIST/Release.gpg" with a detached GPG signature of the "Release" file, compatible with the format used by the GPG options "-a -b -s".

On Elastic repository it looks like the packages are stored in AWS S3 buckets, so I don't know exactly how is the procedure to add this info, maybe the responsible of upload the packages could show us some light about this topic.

andrewkroh · March 18, 2016, 12:41pm

The apt repo is updated using a tool called deb-s3.

The exact command is here: https://github.com/elastic/beats/blob/master/dev-tools/packer/docker/deb-rpm-s3/deb-s3.expect

I searched through the deb-s3 code base and there is an option (-o) for setting Origin. So the script above will need to be modified to add -o Elastic and then it needs to be tested on a clone of repo.

andrewkroh · March 18, 2016, 1:51pm