Merge pull request #11750 from Security-Onion-Solutions/2.4/defendpolicy

Upgrade Defend Integration policy

salt/elasticfleet/tools/sbin/so-elastic-fleet-common

@@ -68,6 +68,19 @@ elastic_fleet_integration_update() {
     curl -K /opt/so/conf/elasticsearch/curl.config -L -X PUT "localhost:5601/api/fleet/package_policies/$UPDATE_ID" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING"
 }
 
+elastic_fleet_integration_policy_upgrade() {
+
+    INTEGRATION_ID=$1
+
+    JSON_STRING=$( jq -n \
+                    --arg INTEGRATIONID "$INTEGRATION_ID" \
+                    '{"packagePolicyIds":[$INTEGRATIONID]}'
+                    )
+
+    curl -K /opt/so/conf/elasticsearch/curl.config -L -X POST "localhost:5601/api/fleet/package_policies/upgrade" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d "$JSON_STRING"
+}
+
+
 elastic_fleet_package_version_check() {
     PACKAGE=$1
     curl -s -K /opt/so/conf/elasticsearch/curl.config -b "sid=$SESSIONCOOKIE" -L -X GET "localhost:5601/api/fleet/epm/packages/$PACKAGE" | jq -r '.item.version'

salt/elasticfleet/tools/sbin/so-elastic-fleet-integration-policy-elastic-defend

@@ -14,12 +14,8 @@ do
   printf "\n\nInitial Endpoints Policy - Loading $INTEGRATION\n"
   elastic_fleet_integration_check "endpoints-initial" "$INTEGRATION"
   if [ -n "$INTEGRATION_ID" ]; then
-    if [ "$1" = "--force" ]; then
-      printf "\n\nIntegration $NAME exists - Updating integration\n"
-      elastic_fleet_integration_update "$INTEGRATION_ID" "@$INTEGRATION"
-    else
-      printf "\n\nIntegration $NAME exists - Not updating - rerun with --force to force the update.\n"
-    fi
+      printf "\n\nIntegration $NAME exists - Upgrading integration policy\n"
+      elastic_fleet_integration_policy_upgrade "$INTEGRATION_ID"
   else
     printf "\n\nIntegration does not exist - Creating integration\n"
     elastic_fleet_integration_create "@$INTEGRATION"