elastic
diff --git a/‎.buildkite/pipeline.schedule-daily.yml‎
Lines changed: 2 additions & 2 deletions b/‎.buildkite/pipeline.schedule-daily.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.buildkite/pipeline.schedule-weekly.yml‎
Lines changed: 1 addition & 1 deletion b/‎.buildkite/pipeline.schedule-weekly.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.buildkite/scripts/common.sh‎
Lines changed: 11 additions & 2 deletions b/‎.buildkite/scripts/common.sh‎
Lines changed: 11 additions & 2 deletions
diff --git a/‎.buildkite/scripts/packages/security_detection_engine.sh‎
Lines changed: 70 additions & 0 deletions b/‎.buildkite/scripts/packages/security_detection_engine.sh‎
Lines changed: 70 additions & 0 deletions
diff --git a/‎.buildkite/scripts/test_one_package.sh‎
Lines changed: 10 additions & 1 deletion b/‎.buildkite/scripts/test_one_package.sh‎
Lines changed: 10 additions & 1 deletion
diff --git a/‎.github/CODEOWNERS‎
Lines changed: 6 additions & 2 deletions b/‎.github/CODEOWNERS‎
Lines changed: 6 additions & 2 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/integration_bug.yml‎
Lines changed: 4 additions & 0 deletions b/‎.github/ISSUE_TEMPLATE/integration_bug.yml‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/integration_feature_request.yml‎
Lines changed: 4 additions & 0 deletions b/‎.github/ISSUE_TEMPLATE/integration_feature_request.yml‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎.github/workflows/bump-elastic-stack-version.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/bump-elastic-stack-version.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/catalog-info.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/catalog-info.yml‎
Lines changed: 1 addition & 1 deletion
@@ -34,7 +34,7 @@ steps:
       env:
         SERVERLESS: "false"
         FORCE_CHECK_ALL: "true"
-        STACK_VERSION: 8.19.7-SNAPSHOT
+        STACK_VERSION: 8.19.8-SNAPSHOT
         PUBLISH_COVERAGE_REPORTS: "true"
     depends_on:
       - step: "check"
@@ -48,7 +48,7 @@ steps:
       env:
         SERVERLESS: "false"
         FORCE_CHECK_ALL: "true"
-        STACK_VERSION: 8.19.7-SNAPSHOT
+        STACK_VERSION: 8.19.8-SNAPSHOT
         STACK_LOGSDB_ENABLED: "true"
         PUBLISH_COVERAGE_REPORTS: "false"
     depends_on:
 
@@ -21,7 +21,7 @@ steps:
       env:
         SERVERLESS: "false"
         FORCE_CHECK_ALL: "true"
-        STACK_VERSION: 8.19.7-SNAPSHOT
+        STACK_VERSION: 8.19.8-SNAPSHOT
         PUBLISH_COVERAGE_REPORTS: "false"
         ELASTIC_PACKAGE_DISABLE_ELASTIC_AGENT_WOLFI: "true"
     depends_on:
 
@@ -728,7 +728,7 @@ is_pr_affected() {
             return 1
         fi
         if ! is_supported_capability ; then
-            echo "[${package}] PR is not affected: capabilities not mached with the project (${SERVERLESS_PROJECT})"
+            echo "[${package}] PR is not affected: capabilities not matched with the project (${SERVERLESS_PROJECT})"
             return 1
         fi
         if [[ "${package}" == "fleet_server" ]]; then
@@ -763,10 +763,19 @@ is_pr_affected() {
     # Example:
     # https://buildkite.com/elastic/integrations/builds/25606
     # https://github.com/elastic/integrations/pull/13810
-    if git diff --name-only "${commit_merge}" "${to}" | grep -E -v '^(packages/|\.github/(CODEOWNERS|ISSUE_TEMPLATE|PULL_REQUEST_TEMPLATE|workflows/)|CODE_OF_CONDUCT\.md|README\.md|docs/|catalog-info\.yaml|\.buildkite/(pull-requests\.json|pipeline\.schedule-daily\.yml|pipeline\.schedule-weekly\.yml|pipeline\.backport\.yml))' > /dev/null; then
+    if git diff --name-only "${commit_merge}" "${to}" | grep -E -v '^(packages/|\.github/(CODEOWNERS|ISSUE_TEMPLATE|PULL_REQUEST_TEMPLATE|workflows/)|CODE_OF_CONDUCT\.md|README\.md|docs/|catalog-info\.yaml|\.buildkite/(pull-requests\.json|pipeline\.schedule-daily\.yml|pipeline\.schedule-weekly\.yml|pipeline\.backport\.yml|scripts/packages/.+\.sh))' > /dev/null; then
         echo "[${package}] PR is affected: found non-package files"
         return 0
     fi
+    echoerr "[${package}] git-diff: check custom package checker script file (${commit_merge}..${to})"
+    # Avoid using "-q" in grep in this pipe, it could cause that some files updated are not detected due to SIGPIPE errors when "set -o pipefail"
+    # Example:
+    # https://buildkite.com/elastic/integrations/builds/25606
+    # https://github.com/elastic/integrations/pull/13810
+    if git diff --name-only "${commit_merge}" "${to}" | grep -E "^\.buildkite/scripts/packages/${package}.sh" > /dev/null; then
+        echo "[${package}] PR is affected: found package checker script changes"
+        return 0
+    fi
     echoerr "[${package}] git-diff: check package files (${commit_merge}..${to})"
     # Avoid using "-q" in grep in this pipe, it could cause that some files updated are not detected due to SIGPIPE errors when "set -o pipefail"
     # Example:
 
@@ -0,0 +1,70 @@
+#!/bin/bash
+
+set -euo pipefail
+
+if [[ "${BUILDKITE_PULL_REQUEST}" == "false" ]]; then
+  exit 0
+fi
+
+# Fetch active Kibana versions
+ACTIVE_KIBANA_VERSIONS=$(curl -sL https://raw.githubusercontent.com/elastic/kibana/main/versions.json | yq '.versions[].version' | xargs)
+echo "Active Kibana versions: $ACTIVE_KIBANA_VERSIONS"
+
+# Extract version spec from the manifest
+KIBANA_REQ=$(yq .conditions.kibana.version ./packages/security_detection_engine/manifest.yml)
+echo "Kibana requirement from the security_detection_engine manifest: $KIBANA_REQ"
+
+# Dump a trivial Go program to filter by semver constrains
+TEMP_DIR=$(mktemp -d)
+SEMVER_FILTER_PATH="$TEMP_DIR/semver.go"
+
+cat <<'GO' > "$SEMVER_FILTER_PATH"
+package main
+
+import (
+  "strings"
+	"fmt"
+	"os"
+	"github.com/Masterminds/semver/v3"
+)
+
+func main() {
+	c, err := semver.NewConstraint(os.Args[1])
+  if err != nil {
+		panic(err)
+	}
+
+	for _, s := range strings.Split(os.Args[2], " ") {
+		if v, _ := semver.NewVersion(s); c.Check(v) {
+			fmt.Println(s + "-SNAPSHOT")
+		}
+	}
+}
+GO
+
+# Capture the "returned" array in STACK_VERSIONS
+read -r -a STACK_VERSIONS <<< "$(go run "${SEMVER_FILTER_PATH}" "${KIBANA_REQ}" "${ACTIVE_KIBANA_VERSIONS}" | xargs)"
+
+if [[ ! -n "${STACK_VERSIONS+x}" ]]; then
+	echo "There are no active versions satisfying the constraint ${KIBANA_REQ}."
+  exit 0
+fi
+
+# Trigger OOM testing pipeline for each stack version
+for STACK_VERSION in "${STACK_VERSIONS[@]}"
+do
+  echo "--- [security_detection_engine] Trigger OOM testing pipeline against $STACK_VERSION ECH"
+
+  cat <<YAML | buildkite-agent pipeline upload
+steps:
+  - key: 'run-oom-testing-$(echo "$STACK_VERSION" | sed 's/\./_/g')$BUILDKITE_BUILD_NUMBER'
+    label: ":elastic-cloud::bar_chart: [security_detection_engine] Test for OOM issues against $STACK_VERSION ECH"
+    trigger: "appex-qa-stateful-security-prebuilt-rules-ftr-oom-testing"
+    async: false
+    build:
+      message: "Test security_detection_engine package against $STACK_VERSION ($GITHUB_PR_BASE_OWNER/$GITHUB_PR_BASE_REPO, branch: $GITHUB_PR_BRANCH, commit: $BUILDKITE_COMMIT)"
+      env:
+        STACK_VERSION: $STACK_VERSION
+        ELASTIC_INTEGRATIONS_REPO_COMMIT: $BUILDKITE_COMMIT
+YAML
+done
@@ -35,4 +35,13 @@ if ! process_package "${package}" ; then
 fi
 popd > /dev/null
 
-exit "${exit_code}"
+if [ "${exit_code}" -ne 0 ] ; then
+  exit "${exit_code}"
+fi
+
+custom_package_checker_script_path="${SCRIPTS_BUILDKITE_PATH}/packages/${package}.sh"
+
+if [ -x "$custom_package_checker_script_path" ]; then
+  echo "--- [${package}] Run individual package checker"
+  "$custom_package_checker_script_path"
+fi
@@ -13,6 +13,7 @@
 /packages/abnormal_security @elastic/security-service-integrations
 /packages/activemq @elastic/obs-infraobs-integrations
 /packages/admin_by_request_epm @elastic/security-service-integrations
+/packages/agentless_hello_world @elastic/ingest-managed-jobs
 /packages/airflow @elastic/obs-infraobs-integrations
 /packages/airlock_digital @elastic/security-service-integrations
 /packages/akamai @elastic/security-service-integrations
@@ -85,8 +86,10 @@
 /packages/aws_bedrock/data_stream/invocation @elastic/security-service-integrations
 /packages/aws_bedrock/data_stream/runtime @elastic/obs-infraobs-integrations
 /packages/aws_billing @elastic/obs-infraobs-integrations 
+/packages/aws_cloudtrail_otel @elastic/obs-infraobs-integrations
 /packages/aws_logs @elastic/obs-ds-hosted-services
 /packages/aws_mq @elastic/obs-infraobs-integrations
+/packages/aws_bedrock_agentcore @elastic/obs-infraobs-integrations
 /packages/aws_vpcflow_otel @elastic/obs-infraobs-integrations
 /packages/awsfargate @elastic/obs-infraobs-integrations
 /packages/awsfirehose @elastic/obs-ds-hosted-services
@@ -175,9 +178,9 @@
 /packages/citrix_waf @elastic/integration-experience
 /packages/claroty_ctd @elastic/security-service-integrations
 /packages/claroty_xdome @elastic/security-service-integrations
-/packages/cloud_asset_inventory @elastic/cloud-security-posture
+/packages/cloud_asset_inventory @elastic/contextual-security
 /packages/cloud_defend @elastic/sec-linux-platform
-/packages/cloud_security_posture @elastic/cloud-security-posture
+/packages/cloud_security_posture @elastic/contextual-security
 /packages/cloudflare @elastic/security-service-integrations
 /packages/cloudflare_logpush @elastic/security-service-integrations
 /packages/cockroachdb @elastic/obs-infraobs-integrations
@@ -368,6 +371,7 @@
 /packages/prisma_access @elastic/security-service-integrations
 /packages/prisma_cloud @elastic/security-service-integrations
 /packages/problemchild @elastic/ml-ui @elastic/sec-applied-ml
+/packages/profilingmetrics_otel @elastic/ingest-otel-data
 /packages/prometheus @elastic/obs-infraobs-integrations
 /packages/prometheus/data_stream/collector @elastic/obs-infraobs-integrations
 /packages/prometheus/data_stream/query @elastic/obs-infraobs-integrations
 
@@ -19,10 +19,12 @@ body:
         - Active Directory Entity Analytics [entityanalytics_ad]
         - ActiveMQ [activemq]
         - Admin By Request EPM [admin_by_request_epm]
+        - Agentless Hello World [agentless_hello_world]
         - Airflow [airflow]
         - Airlock Digital [airlock_digital]
         - Akamai [akamai]
         - AlienVault OTX [ti_otx]
+        - Amazon Bedrock AgentCore [aws_bedrock_agentcore]
         - Amazon Bedrock [aws_bedrock]
         - Amazon Data Firehose [awsfirehose]
         - Amazon MQ [aws_mq]
@@ -42,6 +44,7 @@ body:
         - Auditd Manager [auditd_manager]
         - Auth0 [auth0]
         - authentik [authentik]
+        - AWS CloudTrail Logs OpenTelemetry Assets [aws_cloudtrail_otel]
         - AWS Cost and Usage Report (CUR 2.0) [aws_billing]
         - AWS ELB OpenTelemetry Assets [aws_elb_otel]
         - AWS Fargate (for ECS clusters) [awsfargate]
@@ -259,6 +262,7 @@ body:
         - MySQL [mysql]
         - Nagios XI [nagios_xi]
         - NATS [nats]
+        - Neon Cyber [neon_cyber]
         - NetFlow Records [netflow]
         - Netskope [netskope]
         - Network Beaconing Identification [beaconing]
 
@@ -19,10 +19,12 @@ body:
         - Active Directory Entity Analytics [entityanalytics_ad]
         - ActiveMQ [activemq]
         - Admin By Request EPM [admin_by_request_epm]
+        - Agentless Hello World [agentless_hello_world]
         - Airflow [airflow]
         - Airlock Digital [airlock_digital]
         - Akamai [akamai]
         - AlienVault OTX [ti_otx]
+        - Amazon Bedrock AgentCore [aws_bedrock_agentcore]
         - Amazon Bedrock [aws_bedrock]
         - Amazon Data Firehose [awsfirehose]
         - Amazon MQ [aws_mq]
@@ -42,6 +44,7 @@ body:
         - Auditd Manager [auditd_manager]
         - Auth0 [auth0]
         - authentik [authentik]
+        - AWS CloudTrail Logs OpenTelemetry Assets [aws_cloudtrail_otel]
         - AWS Cost and Usage Report (CUR 2.0) [aws_billing]
         - AWS ELB OpenTelemetry Assets [aws_elb_otel]
         - AWS Fargate (for ECS clusters) [awsfargate]
@@ -259,6 +262,7 @@ body:
         - MySQL [mysql]
         - Nagios XI [nagios_xi]
         - NATS [nats]
+        - Neon Cyber [neon_cyber]
         - NetFlow Records [netflow]
         - Netskope [netskope]
         - Network Beaconing Identification [beaconing]
 
@@ -22,10 +22,10 @@ jobs:
     strategy:
       fail-fast: false
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: Install Updatecli in the runner
-        uses: updatecli/updatecli-action@719e3592d124cbf826da704cbe557e1221dd4bba #v2.94.0
+        uses: updatecli/updatecli-action@5ca36367fadc6ad94d590984fd9c696e783ec635 #v2.96.0
 
       - name: Select diff action
         if: ${{ github.event_name == 'pull_request' }}
 
@@ -18,7 +18,7 @@ jobs:
       contents: read
       packages: read
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - uses: elastic/oblt-actions/elastic/validate-catalog@v1