Skip to content

[8.19](backport #47712) [libbeat] aws auth method: fix service name and region overwrite#50155

Merged
olegsu merged 2 commits into8.19from
mergify/bp/8.19/pr-47712
Apr 16, 2026
Merged

[8.19](backport #47712) [libbeat] aws auth method: fix service name and region overwrite#50155
olegsu merged 2 commits into8.19from
mergify/bp/8.19/pr-47712

Conversation

@mergify
Copy link
Copy Markdown
Contributor

@mergify mergify Bot commented Apr 16, 2026

Proposed commit message

Fix the service name and region overwrite when values are set in the input configuration in the aws auth method that was introduced here.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works. Where relevant, I have used the stresstest.sh script to run them under stress conditions and race detector to verify their stability.
  • I have added an entry in ./changelog/fragments using the changelog tool.

Disruptive User Impact

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Use cases

Screenshots

Logs

This is an automatic backport of pull request #47712 done by [Mergify](https://mergify.com).

@moukoublen @mergify
[libbeat] aws auth method: fix service name and region overwrite (#47712
4fa76f7 
)

(cherry picked from commit 183016c)

# Conflicts:
#	x-pack/libbeat/common/aws/credentials_test.go
@mergify mergify Bot requested a review from a team as a code owner April 16, 2026 12:20
@mergify mergify Bot added backport conflicts There is a conflict in the backported pull request labels Apr 16, 2026
@mergify mergify Bot requested review from AndersonQ and belimawr and removed request for a team April 16, 2026 12:20
@mergify
Copy link
Copy Markdown
Contributor Author

mergify Bot commented Apr 16, 2026

Cherry-pick of 183016c has failed:

On branch mergify/bp/8.19/pr-47712
Your branch is up to date with 'origin/8.19'.

You are currently cherry-picking commit 183016ce9.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   x-pack/libbeat/common/aws/signer.go
	modified:   x-pack/libbeat/common/aws/signer_test.go

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   x-pack/libbeat/common/aws/credentials_test.go

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

@botelastic botelastic Bot added the needs_team Indicates that the issue/PR needs a Team:* label label Apr 16, 2026
@botelastic
Copy link
Copy Markdown

botelastic Bot commented Apr 16, 2026

This pull request doesn't have a Team:<team> label.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 16, 2026

🤖 GitHub comments

Just comment with:

  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

@mergify mergify Bot mentioned this pull request Apr 16, 2026
Merged
6 tasks
@github-actions

This comment has been minimized.

Sign in to view
@olegsu
Copy link
Copy Markdown

olegsu commented Apr 16, 2026

More context: #49956

@olegsu
Resolve conflict in credentials_test.go for #47712 backport
bc3cafe 
The 8.19 branch already used assert.True (cleaner form) while the
cherry-pick from main used assert.Equal(t, true, ...). Both add the
same //nolint:errcheck comments. Keep the HEAD (8.19) assert.True form.

Closes conflict from: cherry-pick 183016c
Backport of: #47712
PR: #50155
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 16, 2026

TL;DR

golangci-lint failed on all three runners (ubuntu, windows, macos) due to a testifylint violation in x-pack/libbeat/common/aws/signer_test.go:171. Replace assert.EqualValues(...) with assert.Equal(...) at that assertion and re-run CI.

Remediation

  • Update x-pack/libbeat/common/aws/signer_test.go:171 from assert.EqualValues(t, tc.expectedRequestHeaders, gotHeaders) to assert.Equal(t, tc.expectedRequestHeaders, gotHeaders).
  • Push the fix and re-run the golangci-lint workflow (or re-run failed checks) to confirm the lint gate passes.
Investigation details

Root Cause

The workflow run fails in step golangci-lint because testifylint flags equal-values and requires assert.Equal instead of assert.EqualValues.

Evidence

x-pack/libbeat/common/aws/signer_test.go:171:4: equal-values: use assert.Equal (testifylint)
	assert.EqualValues(t, tc.expectedRequestHeaders, gotHeaders)
	^
issues found

Validation

  • Not run locally; diagnosis is directly from the failing golangci-lint job logs for this workflow run.

Follow-up

  • After this lint fix is pushed, this workflow should proceed past the current failure point; if anything else fails afterward, it will be a subsequent issue.

What is this? | From workflow: PR Actions Detective

Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 16, 2026

TL;DR

The x-pack/heartbeat: Packaging Linux Buildkite job did not fail due to this PR’s code changes; Docker packaging completed successfully, then the job was terminated by signal and failed during Buildkite plugin teardown with a Vault auth error (403 permission denied / invalid token). Immediate action is to retry the job and investigate CI credential/timeout handling, not application code.

Remediation

  • Re-run the failed Buildkite job (beats-xpack-heartbeat build 26908) to confirm whether this was transient CI infrastructure failure.
  • If it reproduces, rotate/fix the Buildkite Vault token/permissions used by vault-docker-login-buildkite-plugin in pre-exit, and check job timeout/cancellation settings for this packaging step.
Investigation details

Root Cause

This failure is infrastructure/CI teardown, not a compile/test/package defect in repository code.

  • Log shows Docker image build/export finished:
    • /tmp/gh-aw/buildkite-logs/beats-xpack-heartbeat-ubuntu-x-packheartbeat-packaging-linux.txt:92 #29 DONE 298.7s
    • /tmp/gh-aw/buildkite-logs/beats-xpack-heartbeat-ubuntu-x-packheartbeat-packaging-linux.txt:112 #31 DONE 2.3s
  • Then the job receives cancellation and is terminated:
    • /tmp/gh-aw/buildkite-logs/beats-xpack-heartbeat-ubuntu-x-packheartbeat-packaging-linux.txt:122 # Received cancellation signal, interrupting
    • /tmp/gh-aw/buildkite-logs/beats-xpack-heartbeat-ubuntu-x-packheartbeat-packaging-linux.txt:124 signal: terminated
  • Teardown hook fails due to Vault auth/permission:
    • /tmp/gh-aw/buildkite-logs/beats-xpack-heartbeat-ubuntu-x-packheartbeat-packaging-linux.txt:135 Code: 403
    • /tmp/gh-aw/buildkite-logs/beats-xpack-heartbeat-ubuntu-x-packheartbeat-packaging-linux.txt:141 permission denied
    • /tmp/gh-aw/buildkite-logs/beats-xpack-heartbeat-ubuntu-x-packheartbeat-packaging-linux.txt:143 invalid token

PR diff check: this PR only modifies AWS signer files (x-pack/libbeat/common/aws/signer.go and x-pack/libbeat/common/aws/signer_test.go), which are unrelated to Buildkite/Vault teardown behavior.

Evidence

#31 DONE 2.3s
# Received cancellation signal, interrupting
Error: The command was interrupted by a signal: signal: terminated
...
Code: 403
* permission denied
* invalid token

Verification

  • Not run locally; diagnosis is based on the provided Buildkite failure log and PR diff metadata.

Follow-up

If rerun passes, treat as transient CI instability. If rerun fails with same Vault error, this should be escalated to CI/Buildkite secrets ownership rather than fixed in this PR branch.

What is this? | From workflow: PR Buildkite Detective

Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.

@olegsu olegsu merged commit bb5a76c into 8.19 Apr 16, 2026
114 of 117 checks passed
@olegsu olegsu deleted the mergify/bp/8.19/pr-47712 branch April 16, 2026 18:01
@github-actions github-actions Bot mentioned this pull request Apr 23, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@olegsu olegsu olegsu approved these changes

@AndersonQ AndersonQ Awaiting requested review from AndersonQ AndersonQ is a code owner automatically assigned from elastic/elastic-agent-data-plane

@belimawr belimawr Awaiting requested review from belimawr belimawr is a code owner automatically assigned from elastic/elastic-agent-data-plane

Assignees

@moukoublen moukoublen

Labels

backport bug conflicts There is a conflict in the backported pull request needs_team Indicates that the issue/PR needs a Team:* label skip-changelog

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@olegsu @moukoublen