Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[8.14](backport #39133) [Auditbeat/FIM/fsnotify]: remove time window where a child file operation of a directory can be lost #39233

Merged
merged 1 commit into from Apr 30, 2024
Merged

[8.14](backport #39133) [Auditbeat/FIM/fsnotify]: remove time window where a child file operation of a directory can be lost #39233

merged 1 commit into from Apr 30, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Apr 26, 2024

Proposed commit message

This PR fixes lost events for file integrity module of Auditbeat. Specifically as captured here there is tiny time window where if a child file get's created right after the internal dir contents snapshot of filepath.Walk and before we add the path to the fsnotify watcher, this file is now off the radar.

Mutliple of this tiny windows have been present during some buildkite CI runs (#39110 (comment), #39109 (comment), #39108 (comment))

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Author's Checklist

N/A

How to test this PR locally

cd auditbeat && for i in {1..15}; do mage build unitTest; done

Related issues

Use cases

N/A

Screenshots

N/A

Logs

N/A

This is an automatic backport of pull request #39133 done by [Mergify](https://mergify.com).

@pkoutsovasilis @mergify
[Auditbeat/FIM/fsnotify]: remove time window where a child file opera…
a637e6a 
…tion of a directory can be lost (#39133)

* fix(auditbeat/fim/fsnotify): remove time window where a child file operation in of a directory can be lost

* fix(auditbeat/fim/fsnotify): remove redundant error wrapping

(cherry picked from commit 074f221)
@mergify mergify bot requested a review from a team as a code owner April 26, 2024 13:03
@mergify mergify bot added the backport label Apr 26, 2024
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Apr 26, 2024
@botelastic
Copy link

botelastic bot commented Apr 26, 2024

This pull request doesn't have a Team:<team> label.

@elasticmachine
Copy link
Collaborator

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Duration: 94 min 10 sec

❕ Flaky test report

No test was executed to be analysed.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@mergify Mergify
Copy link
Contributor Author

mergify bot commented Apr 29, 2024

This pull request has not been merged yet. Could you please review and merge it @pkoutsovasilis? 🙏

@pkoutsovasilis pkoutsovasilis merged commit e9e4824 into 8.14 Apr 30, 2024
34 checks passed
@pkoutsovasilis pkoutsovasilis deleted the mergify/bp/8.14/pr-39133 branch April 30, 2024 18:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pkoutsovasilis pkoutsovasilis pkoutsovasilis approved these changes

Assignees

@pkoutsovasilis pkoutsovasilis

Labels
backport needs_team Indicates that the issue/PR needs a Team:* label
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@elasticmachine @pkoutsovasilis