From 626be5c2a9994325020c95497637a2c04d1d18c0 Mon Sep 17 00:00:00 2001
From: Sherif Abdel-Naby <sherifabdlnaby@gmail.com>
Date: Fri, 25 Feb 2022 22:18:09 +0200
Subject: [PATCH 1/5] =?UTF-8?q?=20=E2=AC=86=EF=B8=8F=20Default=20Stack=20V?=
 =?UTF-8?q?ersion=20`7.16.2`=20=3D>=20`7.17.0`?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .env      | 2 +-
 README.md | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.env b/.env
index 7b43647..e047d26 100644
--- a/.env
+++ b/.env
@@ -1,5 +1,5 @@
 COMPOSE_PROJECT_NAME=elastic
-ELK_VERSION=7.16.2
+ELK_VERSION=7.17.0
 
 #----------- Resources --------------------------#
 ELASTICSEARCH_HEAP=1024m
diff --git a/README.md b/README.md
index 33bcfbb..076b5dc 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@
 <h4 align="center">Configured to be ready to be used for Log, Metrics, APM, Alerting, Machine Learning, and Security (SIEM) usecases.</h4>
 <p align="center">
    <a>
-      <img src="https://img.shields.io/badge/Elastic%20Stack-7.16.2-blue?style=flat&logo=elasticsearch" alt="Elastic Stack Version 7^^">
+      <img src="https://img.shields.io/badge/Elastic%20Stack-7.17.0-blue?style=flat&logo=elasticsearch" alt="Elastic Stack Version 7^^">
    </a>
    <a>
       <img src="https://img.shields.io/github/v/tag/sherifabdlnaby/elastdocker?label=release&amp;sort=semver">
@@ -35,7 +35,7 @@ Suitable for Demoing, MVPs and small production deployments.
 
 Based on [Official Elastic Docker Images](https://www.docker.elastic.co/)
 
-Stack Version: [7.16.2](https://www.elastic.co/blog/elastic-stack-7-16-2-released)
+Stack Version: [7.17.0](https://www.elastic.co/blog/elastic-stack-7-17-0-released)
 > You can change Elastic Stack version by setting `ELK_VERSION` in `.env` file and rebuild your images. Any version >= 7.0.0 is compatible with this template.
 
 ### Main Features 📜
@@ -180,7 +180,7 @@ $ make prune
 
 * Some Configuration are parameterized in the `.env` file.
   * `ELASTIC_PASSWORD`, user `elastic`'s password (default: `changeme` _pls_).
-  * `ELK_VERSION` Elastic Stack Version (default: `7.16.2`)
+  * `ELK_VERSION` Elastic Stack Version (default: `7.17.0`)
   * `ELASTICSEARCH_HEAP`, how much Elasticsearch allocate from memory (default: 1GB -good for development only-)
   * `LOGSTASH_HEAP`, how much Logstash allocate from memory.
   * Other configurations which their such as cluster name, and node name, etc.

From 8814ffb9c62d673f7b72587af1991fd41ff5d726 Mon Sep 17 00:00:00 2001
From: Sherif Abdel-Naby <sherifabdlnaby@gmail.com>
Date: Fri, 25 Feb 2022 22:20:22 +0200
Subject: [PATCH 2/5] Restore Extendable Dockerfiles for Stack Components
 (fixes #53)

---
 docker-compose.nodes.yml                 | 12 ++++++++++--
 docker-compose.yml                       | 18 +++++++++++++++---
 elasticsearch/Dockerfile                 | 12 ++++++++++++
 elasticsearch/scripts/docker-healthcheck | 14 ++++++++++++++
 kibana/Dockerfile                        |  8 ++++++++
 logstash/Dockerfile                      | 10 ++++++++++
 6 files changed, 69 insertions(+), 5 deletions(-)
 create mode 100644 elasticsearch/Dockerfile
 create mode 100644 elasticsearch/scripts/docker-healthcheck
 create mode 100644 kibana/Dockerfile
 create mode 100644 logstash/Dockerfile

diff --git a/docker-compose.nodes.yml b/docker-compose.nodes.yml
index 8056b45..e765924 100644
--- a/docker-compose.nodes.yml
+++ b/docker-compose.nodes.yml
@@ -7,7 +7,11 @@ volumes:
 
 services:
   elasticsearch-1:
-    image: docker.elastic.co/elasticsearch/elasticsearch:${ELK_VERSION}
+    image: elastdocker/elasticsearch:${ELK_VERSION}
+    build:
+      context: elasticsearch/
+      args:
+        ELK_VERSION: ${ELK_VERSION}
     restart: unless-stopped
     environment:
       ELASTIC_USERNAME: ${ELASTIC_USERNAME}
@@ -39,7 +43,11 @@ services:
         soft: 200000
         hard: 200000
   elasticsearch-2:
-    image: docker.elastic.co/elasticsearch/elasticsearch:${ELK_VERSION}
+    image: elastdocker/elasticsearch:${ELK_VERSION}
+    build:
+      context: elasticsearch/
+      args:
+        ELK_VERSION: ${ELK_VERSION}
     restart: unless-stopped
     environment:
       ELASTIC_USERNAME: ${ELASTIC_USERNAME}
diff --git a/docker-compose.yml b/docker-compose.yml
index 2431a45..6866c1e 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -26,7 +26,11 @@ secrets:
 
 services:
   elasticsearch:
-    image: docker.elastic.co/elasticsearch/elasticsearch:${ELK_VERSION}
+    image: elastdocker/elasticsearch:${ELK_VERSION}
+    build:
+      context: elasticsearch/
+      args:
+        ELK_VERSION: ${ELK_VERSION}
     restart: unless-stopped
     environment:
       ELASTIC_USERNAME: ${ELASTIC_USERNAME}
@@ -64,7 +68,11 @@ services:
       test: ["CMD", "sh", "-c", "curl -sf --insecure https://$ELASTIC_USERNAME:$ELASTIC_PASSWORD@localhost:9200/_cat/health | grep -ioE 'green|yellow' || echo 'not green/yellow cluster status'"]
 
   logstash:
-    image: docker.elastic.co/logstash/logstash:${ELK_VERSION}
+    image: elastdocker/logstash:${ELK_VERSION}
+    build:
+      context: logstash/
+      args:
+        ELK_VERSION: $ELK_VERSION
     restart: unless-stopped
     volumes:
       - ./logstash/config/logstash.yml:/usr/share/logstash/config/logstash.yml:ro
@@ -85,7 +93,11 @@ services:
       test: ["CMD", "curl", "-s" ,"-XGET", "http://127.0.0.1:9600"]
 
   kibana:
-    image: docker.elastic.co/kibana/kibana:${ELK_VERSION}
+    image: elastdocker/kibana:${ELK_VERSION}
+    build:
+      context: kibana/
+      args:
+        ELK_VERSION: $ELK_VERSION
     restart: unless-stopped
     volumes:
       - ./kibana/config/:/usr/share/kibana/config:ro
diff --git a/elasticsearch/Dockerfile b/elasticsearch/Dockerfile
new file mode 100644
index 0000000..70e33ff
--- /dev/null
+++ b/elasticsearch/Dockerfile
@@ -0,0 +1,12 @@
+ARG ELK_VERSION
+
+# https://github.com/elastic/elasticsearch-docker
+FROM docker.elastic.co/elasticsearch/elasticsearch:${ELK_VERSION}
+
+# Add healthcheck
+COPY scripts/docker-healthcheck .
+HEALTHCHECK CMD sh ./docker-healthcheck
+
+# Add your elasticsearch plugins setup here
+# Example: RUN elasticsearch-plugin install analysis-icu
+#RUN elasticsearch-plugin install --batch repository-s3
diff --git a/elasticsearch/scripts/docker-healthcheck b/elasticsearch/scripts/docker-healthcheck
new file mode 100644
index 0000000..89f5820
--- /dev/null
+++ b/elasticsearch/scripts/docker-healthcheck
@@ -0,0 +1,14 @@
+#!/bin/bash
+set -eo pipefail
+
+host="$(hostname --ip-address || echo '127.0.0.1')"
+
+if health="$(curl -fsSL "http://$ELASTIC_USERNAME:$ELASTIC_PASSWORD@$host:9200/_cat/health?h=status")"; then
+	health="$(echo "$health" | sed -r 's/^[[:space:]]+|[[:space:]]+$//g')" # trim whitespace (otherwise we'll have "green ")
+	if [ "$health" = 'green' ] || [ "$health" = "yellow" ]; then
+		exit 0
+	fi
+	echo >&2 "unexpected health status: $health"
+fi
+
+exit 1
diff --git a/kibana/Dockerfile b/kibana/Dockerfile
new file mode 100644
index 0000000..62b9868
--- /dev/null
+++ b/kibana/Dockerfile
@@ -0,0 +1,8 @@
+ARG ELK_VERSION
+
+# https://github.com/elastic/kibana-docker
+FROM docker.elastic.co/kibana/kibana:${ELK_VERSION}
+ARG ELK_VERSION
+
+# Add your kibana plugins setup here
+# Example: RUN kibana-plugin install <name|url>
\ No newline at end of file
diff --git a/logstash/Dockerfile b/logstash/Dockerfile
new file mode 100644
index 0000000..673814e
--- /dev/null
+++ b/logstash/Dockerfile
@@ -0,0 +1,10 @@
+ARG ELK_VERSION
+
+# https://github.com/elastic/logstash-docker
+FROM docker.elastic.co/logstash/logstash:${ELK_VERSION}
+
+HEALTHCHECK --interval=240s --timeout=120s --retries=5 \
+  CMD curl -s -XGET 'http://127.0.0.1:9600'
+
+# Add your logstash plugins setup here
+# Example: RUN logstash-plugin install logstash-filter-json

From 7e1c24bc4786a56fe2d0071620c95d11f070ba5e Mon Sep 17 00:00:00 2001
From: Sherif Abdel-Naby <sherifabdlnaby@gmail.com>
Date: Fri, 25 Feb 2022 22:39:55 +0200
Subject: [PATCH 3/5] Add CI (fixes #46)

Signed-off-by: Sherif Abdel-Naby <sherifabdlnaby@gmail.com>
---
 .github/workflows/build.yml | 33 +++++++++++++++++++++++++++++++++
 README.md                   |  3 +++
 2 files changed, 36 insertions(+)
 create mode 100644 .github/workflows/build.yml

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 0000000..0bd0125
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,33 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# A sample workflow which checks out the code, builds a container
+# image using Docker and scans that image for vulnerabilities using
+# Snyk. The results are then uploaded to GitHub Security Code Scanning
+#
+# For more examples, including how to limit scans to only high-severity
+# issues, monitor images for newly disclosed vulnerabilities in Snyk and
+# fail PR checks for new vulnerabilities, see https://github.com/snyk/actions/
+
+name: Build
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ main ]
+
+jobs:
+  Run:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Build & Deploy
+        run: make setup && make up
+      - name: Test Elasticsearch
+        run: timeout 240s sh -c "until curl https://elastic:changeme@localhost:9200 --insecure --silent; do echo 'Elasticsearch Not Up, Retrying...'; sleep 3; done" && echo 'Elasticsearch is up'
+      - name: Test Kibana
+        run: timeout 240s sh -c "until curl https://localhost:5601 --insecure --silent; do echo 'Kibana Not Ready, Retrying...'; sleep 3; done" && echo 'Kibana is up'
+
diff --git a/README.md b/README.md
index 076b5dc..6dbe59c 100644
--- a/README.md
+++ b/README.md
@@ -11,6 +11,9 @@
    <a>
       <img src="https://img.shields.io/github/v/tag/sherifabdlnaby/elastdocker?label=release&amp;sort=semver">
    </a>
+   <a href="https://github.com/sherifabdlnaby/elastdocker/actions/workflows/build.yml">
+      <img src="https://github.com/sherifabdlnaby/elastdocker/actions/workflows/build.yml/badge.svg">
+   </a>
    <a>
       <img src="https://img.shields.io/badge/Log4Shell-mitigated-brightgreen?style=flat&logo=java">
    </a>

From 882388c40d193f421b3410144100b4995f92866f Mon Sep 17 00:00:00 2001
From: Sherif Abdel-Naby <sherifabdlnaby@gmail.com>
Date: Fri, 25 Feb 2022 22:54:44 +0200
Subject: [PATCH 4/5] Tweak auto-release.yml

Signed-off-by: Sherif Abdel-Naby <sherifabdlnaby@gmail.com>
---
 .github/auto-release.yml | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/.github/auto-release.yml b/.github/auto-release.yml
index a804932..63e2824 100644
--- a/.github/auto-release.yml
+++ b/.github/auto-release.yml
@@ -77,11 +77,3 @@ template: |
   ## Changes
 
   $CHANGES
-
-replacers:
-  # Remove irrelevant information from Renovate bot
-  - search: '/(?<=---\s+)+^#.*(Renovate configuration|Configuration)(?:.|\n)*?This PR has been generated .*/gm'
-    replace: ''
-  # Remove Renovate bot banner image
-  - search: '/\[!\[[^\]]*Renovate\][^\]]*\](\([^)]*\))?\s*\n+/gm'
-    replace: ''

From 04637d7b491b7a8d0528a3ee52e60abc4da3ea9f Mon Sep 17 00:00:00 2001
From: Sherif Abdel-Naby <sherifabdlnaby@gmail.com>
Date: Fri, 25 Feb 2022 22:58:48 +0200
Subject: [PATCH 5/5] Tweak auto-release.yml

Signed-off-by: Sherif Abdel-Naby <sherifabdlnaby@gmail.com>
---
 .github/auto-release.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/auto-release.yml b/.github/auto-release.yml
index 63e2824..f6b2032 100644
--- a/.github/auto-release.yml
+++ b/.github/auto-release.yml
@@ -28,9 +28,9 @@ categories:
       - 'enhancement'
       - 'feature'
       - 'patch'
-  - title: '⬆️ Updates'
+  - title: '⬆️ Upgrades'
     labels:
-      - 'dependency-update'
+      - 'upgrades'
   - title: '🐛 Bug Fixes'
     labels:
       - 'fix'
@@ -42,16 +42,16 @@ categories:
       - 'auto-update'
   - title: '📝 Documentation'
     labels:
-      - 'chore'
+      - 'docs'
 
 autolabeler:
-  - label: 'chore'
+  - label: 'docs'
     files:
       - '*.md'
   - label: 'enhancement'
     title: '/enhancement|fixes/i'
 
-  - label: 'dependency-update'
+  - label: 'upgrades'
     title: '/⬆️/i'
 
   - label: 'bugfix'