[CI] BK Vault plugin for EC access

[pazone]

What does this PR do?

Introduces BK Vault plugin. Simplifies EC access and prevents possible issues
Windows retry tested in this build

Why is it important?

Checklist

• I have read and understood the pull request guidelines of this project.
• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in ./changelog/fragments using the changelog tool
• I have added an integration test or an E2E test

Disruptive User Impact

How to test this PR locally

Related issues

Questions to ask yourself

• How are we going to support this in production?
• How are we going to measure its adoption?
• How are we going to debug this?
• What are the metrics I should take care of?
• ...

[mergify]

This pull request does not have a backport label. Could you fix it @pazone? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-./d./d is the label that automatically backports to the 8./d branch. /d is the digit
• backport-active-all is the label that automatically backports to all active branches.
• backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
• backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

[v1v]

I really like this approach, so it helps to document the consumers and reduce the overhead in the scripts, those scripts should run in a configured environment for simplicity.

I left a few comments

[v1v]

Overall, it looks good to me. However, I have a few comments:

• There is a question regarding the inclusion of the environment in the name of the anchor plugin ID.
• Please utilize the GitHub issue related to the OGC replacement to provide additional context.
• Make sure to include the removed plugin in one of the steps.

[v1v]

LGTM, thanks Pavel!

[v1v]

I think there are missing changes in some other pipelines:

Start ESS stack for FIPS integration tests
source .buildkite/scripts/steps/ess_start.sh

See https://github.com/elastic/elastic-agent/blob/main/.buildkite/bk.integration-fips.pipeline.yml

[pazone]

Updated the FIPS pipeline

[elastic-sonarqube]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

[elasticmachine]

💛 Build succeeded, but was flaky

• Buildkite Build
• Commit: e94a92d

Failed CI Steps

• arm:sudo: fleet
• fips:x86_64:sudo-false:fleet

History

• 💔 Build #22468 failed 576f34c
• 💚 Build #21978 succeeded c926ff7
• 💔 Build #21969 failed df2e29a
• 💔 Build #21968 failed cfc8a1e
• 💛 Build #21961 was flaky a38103f

cc @pazone

[github-actions]

@Mergifyio backport 8.17 8.18 8.19 9.0 9.1

[mergify]

backport 8.17 8.18 8.19 9.0 9.1

✅ Backports have been created

• #8792 [8.17] (backport #8377) [CI] BK Vault plugin for EC access has been created for branch 8.17 but encountered conflicts
• #8793 [8.18] (backport #8377) [CI] BK Vault plugin for EC access has been created for branch 8.18 but encountered conflicts
• #8794 [8.19] (backport #8377) [CI] BK Vault plugin for EC access has been created for branch 8.19
• #8795 [9.0] (backport #8377) [CI] BK Vault plugin for EC access has been created for branch 9.0 but encountered conflicts
• #8796 [9.1] (backport #8377) [CI] BK Vault plugin for EC access has been created for branch 9.1