Add tests for beatsauth extension 1/2

[khushijain21]

Proposed commit message

This PR adds test for translated Elasticsearch exporter configurations works with: mTLS, ca_trusted_fingerprint and verififcation_mode

Checklist

• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Related issues

• Relates [beats receivers] Test that translated Elasticsearch exporter configurations work with: self-signed certificates, mTLS, and proxies #45491

[github-actions]

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

• run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

[mergify]

This pull request does not have a backport label.
If this is a bug or security fix, could you label this PR @khushijain21? 🙏.
For such, you'll need to label your PR with:

• The upcoming major version of the Elastic Stack
• The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)

To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-8./d is the label to automatically backport to the 8./d branch. /d is the digit
• backport-active-all is the label that automatically backports to all active branches.
• backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
• backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

[elasticmachine]

Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)

[cmacknz]

I like this tests but I think they are in the wrong place. As is, they could live with the beatsauth extension itself because they don't depend on anything in Beats.

However, the best version of these tests uses the configuration translation in agent to generate the auth extension configuration and the exporter configuration (I think you'd want the client configuration part of the exporter only to verify there are no TLS parameter conflicts that cause problems).

So I think these tests should move to Elastic Agent. Probably all the configuration translation code should be moved to Elastic Agent but you don't need to do that here.

[cmacknz]

These should be looking at one of the specific metrics, probably bulk.index.total or bulk.create.total depending on which on increments on an initial write.

[cmacknz]

Same comment in the other locations.

One of the metrics incrementing indicating indexing actually failed shouldn't allow the test to pass.

[khushijain21]

using "bulk.create.ok" metric now - since this is incremented only when the the event is successfully indexed

https://github.com/elastic/mock-es/blob/main/pkg/api/api.go#L328

[cmacknz]

However, the best version of these tests uses the configuration translation in agent to generate the auth extension configuration and the exporter configuration (I think you'd want the client configuration part of the exporter only to verify there are no TLS parameter conflicts that cause problems).

Now that I've read #46428, you can get pretty close to this once that PR is merged into this one, if you were able to use the translation output for the extension and exporter as the base for the collector component configuration in the tests.

Also since this says 1/2 in the description I assume there are more tests coming for things like proxies which are as critical as TLS, possibly in a separate PR.