Bump github.com/elastic/elastic-package from 0.50.1 to 0.51.2

[dependabot]

Bumps github.com/elastic/elastic-package from 0.50.1 to 0.51.2.

Release notes

Sourced from github.com/elastic/elastic-package's releases.

v0.51.1

Changelog

• 4e177394 Add range for missing IPs (#828)

v0.51.0

Changelog

• 035bfdb4 Use CIDRs to decide allowed IPs for testing (#826)
• dcfabeb9 Chore(deps): bump helm.sh/helm/v3 from 3.8.2 to 3.9.0 (#825)
• 643d7cb2 Chore(deps): bump honnef.co/go/tools from 0.3.1 to 0.3.2 (#823)
• 6ebf5de7 Use different namespace for elastic-agent (#723)

Commits

• 88e39ae Allow multicast and broadcast IPs in test documents (#830)
• 4e17739 Add range for missing IPs (#828)
• 035bfdb Use CIDRs to decide allowed IPs for testing (#826)
• dcfabeb Chore(deps): bump helm.sh/helm/v3 from 3.8.2 to 3.9.0 (#825)
• 643d7cb Chore(deps): bump honnef.co/go/tools from 0.3.1 to 0.3.2 (#823)
• 6ebf5de Use different namespace for elastic-agent (#723)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2022-05-25T14:26:10.925+0000

• Duration: 95 min 30 sec

Test stats 🧪

Test	Results
Failed	0
Passed	5028
Skipped	7
Total	5035

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[mtojek]

Hi @v1v! dependabot keeps opening PRs incorrectly prepared as we need to go mod tidy manually. Is it expected behavior or do we have something misconfigured?

[v1v]

Hi @v1v! dependabot keeps opening PRs incorrectly prepared as we need to go mod tidy manually. Is it expected behavior or do we have something misconfigured?

I don't see anything misconfigured in https://github.com/elastic/integrations/blob/main/.github/dependabot.yml based on https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file

The configuration is pretty basic, so I wonder if the .go-version and the Golang version used by dependabot could be the reason? Otherwise, I'm afraid I've no much knowledge about the Golang ecosystem

[v1v]

BTW, I've just found https://github.blog/changelog/2020-10-19-dependabot-go-mod-tidy-and-vendor-support/ so in theory it runs as part of the dependabot since 2020-10

dependabot/dependabot-core#2229 seems to be the original request, and there are some discussions about the goversion

[mtojek]

Running go mod tidy is expected, but the truth is that it's imperfect and requires manual fixes:

[2022-05-25T08:04:41.437Z] github.com/elastic/integrations imports
[2022-05-25T08:04:41.437Z] 	github.com/elastic/package-registry imports
[2022-05-25T08:04:41.437Z] 	go.uber.org/zap tested by
[2022-05-25T08:04:41.437Z] 	go.uber.org/zap.test imports
[2022-05-25T08:04:41.437Z] 	go.uber.org/goleak loaded from go.uber.org/goleak@v1.1.11,
[2022-05-25T08:04:41.437Z] 	but go 1.16 would select v1.1.12
[2022-05-25T08:04:41.437Z] github.com/elastic/integrations imports
[2022-05-25T08:04:41.437Z] 	github.com/elastic/package-registry imports
[2022-05-25T08:04:41.437Z] 	go.uber.org/zap tested by
[2022-05-25T08:04:41.437Z] 	go.uber.org/zap.test imports
[2022-05-25T08:04:41.437Z] 	go.uber.org/goleak imports
[2022-05-25T08:04:41.437Z] 	go.uber.org/goleak/internal/stack loaded from go.uber.org/goleak@v1.1.11,
[2022-05-25T08:04:41.437Z] 	but go 1.16 would select v1.1.12
[2022-05-25T08:04:41.437Z]
[2022-05-25T08:04:41.437Z] To upgrade to the versions selected by go 1.16:
[2022-05-25T08:04:41.437Z] 	go mod tidy -go=1.16 && go mod tidy -go=1.17
[2022-05-25T08:04:41.437Z] If reproducibility with go 1.16 is not needed:
[2022-05-25T08:04:41.437Z] 	go mod tidy -compat=1.17
[2022-05-25T08:04:41.437Z] For other options, see:
[2022-05-25T08:04:41.437Z] 	https://golang.org/doc/modules/pruning
[2022-05-25T08:04:41.437Z] Error: running "go mod tidy" failed with exit code 1

pipeline

I'm wondering if that's a library issue or something that dependabot can handle. Maybe it's worth opening an issue there?

[jsoriano]

I have tried to manually update the dependency with the usual processes and I can reproduce the issue, so there seems to be something weird in elastic-package dependencies, not with dependabot 🤔

I have reproduced it with the following metods:

• Manually modifying go.mod with the version I want to upgrade, and then running go mod tidy.
• Running go get github.com/elastic/elastic-package@v0.51.2, and then go mod tidy.

[jsoriano]

I'm wondering if that's a library issue or something that dependabot can handle. Maybe it's worth opening an issue there?

The thing is that in the repository for package repository infra, the issue has happened also updating elastic-package, but with a different library.

[2022-05-25T08:00:21.632Z] github.com/elastic/package-storage-infra/jobs/indexing imports
[2022-05-25T08:00:21.632Z] 	github.com/elastic/go-ucfg/yaml imports
[2022-05-25T08:00:21.632Z] 	gopkg.in/yaml.v2 tested by
[2022-05-25T08:00:21.632Z] 	gopkg.in/yaml.v2.test imports
[2022-05-25T08:00:21.632Z] 	gopkg.in/check.v1 imports
[2022-05-25T08:00:21.632Z] 	github.com/kr/pretty imports
[2022-05-25T08:00:21.632Z] 	github.com/rogpeppe/go-internal/fmtsort loaded from github.com/rogpeppe/go-internal@v1.6.1,
[2022-05-25T08:00:21.632Z] 	but go 1.16 would select v1.8.0
[2022-05-25T08:00:21.632Z] 
[2022-05-25T08:00:21.632Z] To upgrade to the versions selected by go 1.16:
[2022-05-25T08:00:21.632Z] 	go mod tidy -go=1.16 && go mod tidy -go=1.17
[2022-05-25T08:00:21.632Z] If reproducibility with go 1.16 is not needed:
[2022-05-25T08:00:21.632Z] 	go mod tidy -compat=1.17
[2022-05-25T08:00:21.632Z] For other options, see:
[2022-05-25T08:00:21.632Z] 	https://golang.org/doc/modules/pruning

[elasticmachine]

🌐 Coverage report

Name	Metrics % (covered/total)	Diff
Packages	100.0% (248/248)	💚
Files	96.462% (409/424)	👍
Classes	96.462% (409/424)	👍
Methods	88.458% (4261/4817)	👍
Lines	89.316% (75131/84118)	👍
Conditionals	100.0% (0/0)	💚