feat: add Agentless Hello World integration (#15729)

Co-authored-by: Andrew Kroh <[email protected]>

Author: nkvoll

.github/CODEOWNERS

@@ -13,6 +13,7 @@
 /packages/abnormal_security @elastic/security-service-integrations
 /packages/activemq @elastic/obs-infraobs-integrations
 /packages/admin_by_request_epm @elastic/security-service-integrations
+/packages/agentless_hello_world @elastic/agentless-team
 /packages/airflow @elastic/obs-infraobs-integrations
 /packages/airlock_digital @elastic/security-service-integrations
 /packages/akamai @elastic/security-service-integrations

packages/agentless_hello_world/_dev/build/build.yml

@@ -0,0 +1,3 @@
+dependencies:
+  ecs:
+    reference: [email protected]

packages/agentless_hello_world/_dev/deploy/docker/config.yml

@@ -0,0 +1,10 @@
+rules:
+  - path: /
+    methods: ["GET"]
+    responses:
+      - status_code: 418
+        headers:
+          Content-Type:
+            - "application/json"
+        body: |-
+          {"this_is": "ignored"}

packages/agentless_hello_world/_dev/deploy/docker/docker-compose.yml

@@ -0,0 +1,14 @@
+services:
+  epr_mock:
+    image: docker.elastic.co/observability/stream:v0.18.0
+    hostname: epr_mock
+    ports:
+      - 8080
+    volumes:
+      - ./config.yml:/config.yml
+    environment:
+      PORT: "8080"
+    command:
+      - http-server
+      - --addr=:8080
+      - --config=/config.yml

packages/agentless_hello_world/changelog.yml

@@ -0,0 +1,5 @@
+- version: "0.1.0"
+  changes:
+    - description: Initial release.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15729

packages/agentless_hello_world/data_stream/generic/_dev/test/pipeline/test-hello-world.json

@@ -0,0 +1,11 @@
+{
+  "events": [
+    {
+      "http": {
+        "response": {
+          "status_code": 200
+        }
+      }
+    }
+  ]
+}

packages/agentless_hello_world/data_stream/generic/_dev/test/pipeline/test-hello-world.json-config.yml

@@ -0,0 +1 @@
+fields: {}

packages/agentless_hello_world/data_stream/generic/_dev/test/pipeline/test-hello-world.json-expected.json

@@ -0,0 +1,23 @@
+{
+    "expected": [
+        {
+            "http": {
+                "response": {
+                    "status_code": 200
+                }
+            },
+            "ecs": {
+                "version": "9.1.0"
+            },
+            "event": {
+                "category": [
+                    "web"
+                ],
+                "kind": "event",
+                "type": [
+                    "info"
+                ]
+            }
+        }
+    ]
+}

packages/agentless_hello_world/data_stream/generic/_dev/test/system/test-default-config.yml

@@ -0,0 +1,7 @@
+input: cel
+service: epr_mock
+data_stream:
+  vars:
+    url: http://{{Hostname}}:{{Port}}
+assert:
+  hit_count: 1

packages/agentless_hello_world/data_stream/generic/agent/stream/cel.yml.hbs

@@ -0,0 +1,20 @@
+config_version: 2
+interval: 20s
+resource.timeout: 15s
+resource.url: "{{url}}"
+state:
+  url: "{{url}}"
+program: |
+  request("GET", state.url)
+    .do_request()
+    .as(resp, {
+        "events": [{
+            "http": {
+              "response": {
+                "status_code": resp.StatusCode
+            }
+          }
+        }]
+    })
+tags:
+  - agentless-hello-world