From db3bd24bf33d27d2ecb0dc30effadeb648df19de Mon Sep 17 00:00:00 2001
From: Victor Martinez <VictorMartinezRubio@gmail.com>
Date: Thu, 2 Nov 2023 10:19:16 +0100
Subject: [PATCH 1/2] ironbank: move to ubi9

---
 .ci/packaging.groovy                                      | 2 +-
 Jenkinsfile                                               | 2 +-
 dev-tools/dependencies-report                             | 6 +++---
 dev-tools/packaging/packages.yml                          | 8 ++++----
 .../packaging/templates/ironbank/auditbeat/Dockerfile     | 2 +-
 .../templates/ironbank/auditbeat/hardening_manifest.yaml  | 2 +-
 .../packaging/templates/ironbank/filebeat/Dockerfile      | 2 +-
 .../templates/ironbank/filebeat/hardening_manifest.yaml   | 2 +-
 .../packaging/templates/ironbank/heartbeat/Dockerfile     | 2 +-
 .../templates/ironbank/heartbeat/hardening_manifest.yaml  | 2 +-
 .../packaging/templates/ironbank/metricbeat/Dockerfile    | 2 +-
 .../templates/ironbank/metricbeat/hardening_manifest.yaml | 2 +-
 .../packaging/templates/ironbank/packetbeat/Dockerfile    | 2 +-
 .../templates/ironbank/packetbeat/hardening_manifest.yaml | 2 +-
 x-pack/heartbeat/ironbank/Makefile                        | 2 +-
 15 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/.ci/packaging.groovy b/.ci/packaging.groovy
index e59436813d0..a82058a551d 100644
--- a/.ci/packaging.groovy
+++ b/.ci/packaging.groovy
@@ -332,7 +332,7 @@ def linuxPlatforms() {
 def pushCIDockerImages(Map args = [:]) {
   def arch = args.get('arch', 'amd64')
   catchError(buildResult: 'UNSTABLE', message: 'Unable to push Docker images', stageResult: 'FAILURE') {
-    def defaultVariants = [ '' : 'beats', '-oss' : 'beats', '-ubi8' : 'beats' ]
+    def defaultVariants = [ '' : 'beats', '-oss' : 'beats', '-ubi9' : 'beats' ]
     if (env?.BEATS_FOLDER?.endsWith('auditbeat')) {
       tagAndPush(beatName: 'auditbeat', arch: arch, variants: defaultVariants)
     } else if (env?.BEATS_FOLDER?.endsWith('filebeat')) {
diff --git a/Jenkinsfile b/Jenkinsfile
index 45773de42c7..ecbb2abff46 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -461,7 +461,7 @@ def pushCIDockerImages(Map args = [:]) {
   def arch = args.get('arch', 'amd64')
   def beatsFolder = args.beatsFolder
   catchError(buildResult: 'UNSTABLE', message: 'Unable to push Docker images', stageResult: 'FAILURE') {
-    def defaultVariants = [ '' : 'beats', '-oss' : 'beats', '-ubi8' : 'beats' ]
+    def defaultVariants = [ '' : 'beats', '-oss' : 'beats', '-ubi9' : 'beats' ]
     if (beatsFolder.endsWith('auditbeat')) {
       tagAndPush(beatName: 'auditbeat', arch: arch, variants: defaultVariants)
     } else if (beatsFolder.endsWith('filebeat')) {
diff --git a/dev-tools/dependencies-report b/dev-tools/dependencies-report
index 5e0ec665df7..2d71c9015b1 100755
--- a/dev-tools/dependencies-report
+++ b/dev-tools/dependencies-report
@@ -46,9 +46,9 @@ go list -m -json all $@ | go run go.elastic.co/go-licence-detector \
 # Fill-in required values for UBI images
 # Check headers in $SRCPATH/notice/dependencies.csv.tmpl:
 # name,url,version,revision,license
-ubi8url='https://catalog.redhat.com/software/containers/ubi8/ubi-minimal/5c359a62bed8bd75a2c3fba8'
-ubi8source='https://oss-dependencies.elastic.co/red-hat-universal-base-image-minimal/8/ubi-minimal-8-source.tar.gz'
+ubiurl='https://catalog.redhat.com/software/containers/ubi9/ubi-minimal/615bd9b4075b022acc111bf5'
+ubisource='https://oss-dependencies.elastic.co/red-hat-universal-base-image-minimal/9/ubi-minimal-9-source.tar.gz'
 ubilicense='Custom;https://www.redhat.com/licenses/EULA_Red_Hat_Universal_Base_Image_English_20190422.pdf'
 cat <<EOF >> $outfile
-Red Hat Universal Base Image minimal,$ubi8url,8,,$ubilicense,$ubi8source
+Red Hat Universal Base Image minimal,$ubiurl,9,,$ubilicense,$ubisource
 EOF
diff --git a/dev-tools/packaging/packages.yml b/dev-tools/packaging/packages.yml
index 52ca5d42ad4..dce127270ec 100644
--- a/dev-tools/packaging/packages.yml
+++ b/dev-tools/packaging/packages.yml
@@ -178,13 +178,13 @@ shared:
 
   - &docker_ubi_spec
     extra_vars:
-      image_name: '{{.BeatName}}-ubi8'
-      from: 'docker.elastic.co/ubi8/ubi-minimal'
+      image_name: '{{.BeatName}}-ubi9'
+      from: 'docker.elastic.co/ubi9/ubi-minimal'
 
   - &docker_arm_ubi_spec
     extra_vars:
-      image_name: '{{.BeatName}}-ubi8'
-      from: 'registry.access.redhat.com/ubi8/ubi-minimal:8.2'
+      image_name: '{{.BeatName}}-ubi9'
+      from: 'registry.access.redhat.com/ubi9/ubi-minimal:9.2'
 
   - &elastic_docker_spec
     extra_vars:
diff --git a/dev-tools/packaging/templates/ironbank/auditbeat/Dockerfile b/dev-tools/packaging/templates/ironbank/auditbeat/Dockerfile
index 71c9a84a12a..07dfc081bba 100644
--- a/dev-tools/packaging/templates/ironbank/auditbeat/Dockerfile
+++ b/dev-tools/packaging/templates/ironbank/auditbeat/Dockerfile
@@ -3,7 +3,7 @@
 # Extract Auditbeat and make various file manipulations.
 ################################################################################
 ARG BASE_REGISTRY=registry1.dsop.io
-ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
+ARG BASE_IMAGE=redhat/ubi/ubi9
 ARG BASE_TAG=9.2
 
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as builder
diff --git a/dev-tools/packaging/templates/ironbank/auditbeat/hardening_manifest.yaml b/dev-tools/packaging/templates/ironbank/auditbeat/hardening_manifest.yaml
index fae46ecb0a7..283b93939a1 100644
--- a/dev-tools/packaging/templates/ironbank/auditbeat/hardening_manifest.yaml
+++ b/dev-tools/packaging/templates/ironbank/auditbeat/hardening_manifest.yaml
@@ -13,7 +13,7 @@ tags:
 
 # Build args passed to Dockerfile ARGs
 args:
-  BASE_IMAGE: "redhat/ubi/ubi8"
+  BASE_IMAGE: "redhat/ubi/ubi9"
   BASE_TAG: "9.2"
   ELASTIC_STACK: "{{ beat_version }}"
   ELASTIC_PRODUCT: "auditbeat"
diff --git a/dev-tools/packaging/templates/ironbank/filebeat/Dockerfile b/dev-tools/packaging/templates/ironbank/filebeat/Dockerfile
index 99eeed7d53c..14d582a4f41 100644
--- a/dev-tools/packaging/templates/ironbank/filebeat/Dockerfile
+++ b/dev-tools/packaging/templates/ironbank/filebeat/Dockerfile
@@ -3,7 +3,7 @@
 # Extract Filebeat and make various file manipulations.
 ################################################################################
 ARG BASE_REGISTRY=registry1.dsop.io
-ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
+ARG BASE_IMAGE=redhat/ubi/ubi9
 ARG BASE_TAG=9.2
 
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as builder
diff --git a/dev-tools/packaging/templates/ironbank/filebeat/hardening_manifest.yaml b/dev-tools/packaging/templates/ironbank/filebeat/hardening_manifest.yaml
index 259cd70620d..80350589da7 100644
--- a/dev-tools/packaging/templates/ironbank/filebeat/hardening_manifest.yaml
+++ b/dev-tools/packaging/templates/ironbank/filebeat/hardening_manifest.yaml
@@ -13,7 +13,7 @@ tags:
 
 # Build args passed to Dockerfile ARGs
 args:
-  BASE_IMAGE: "redhat/ubi/ubi8"
+  BASE_IMAGE: "redhat/ubi/ubi9"
   BASE_TAG: "9.2"
   ELASTIC_STACK: "{{ beat_version }}"
   ELASTIC_PRODUCT: "filebeat"
diff --git a/dev-tools/packaging/templates/ironbank/heartbeat/Dockerfile b/dev-tools/packaging/templates/ironbank/heartbeat/Dockerfile
index 3fdbb2bddc9..ae6abe5d993 100644
--- a/dev-tools/packaging/templates/ironbank/heartbeat/Dockerfile
+++ b/dev-tools/packaging/templates/ironbank/heartbeat/Dockerfile
@@ -3,7 +3,7 @@
 # Extract Heartbeat and make various file manipulations.
 ################################################################################
 ARG BASE_REGISTRY=registry1.dsop.io
-ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
+ARG BASE_IMAGE=redhat/ubi/ubi9
 ARG BASE_TAG=9.2
 
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as prep_files
diff --git a/dev-tools/packaging/templates/ironbank/heartbeat/hardening_manifest.yaml b/dev-tools/packaging/templates/ironbank/heartbeat/hardening_manifest.yaml
index 4b5a10ea38d..bb688430563 100644
--- a/dev-tools/packaging/templates/ironbank/heartbeat/hardening_manifest.yaml
+++ b/dev-tools/packaging/templates/ironbank/heartbeat/hardening_manifest.yaml
@@ -13,7 +13,7 @@ tags:
 
 # Build args passed to Dockerfile ARGs
 args:
-  BASE_IMAGE: "redhat/ubi/ubi8"
+  BASE_IMAGE: "redhat/ubi/ubi9"
   BASE_TAG: "9.2"
   ELASTIC_STACK: "{{ beat_version }}"
   ELASTIC_PRODUCT: "heartbeat"
diff --git a/dev-tools/packaging/templates/ironbank/metricbeat/Dockerfile b/dev-tools/packaging/templates/ironbank/metricbeat/Dockerfile
index da982cffa9b..4530f1a1d46 100644
--- a/dev-tools/packaging/templates/ironbank/metricbeat/Dockerfile
+++ b/dev-tools/packaging/templates/ironbank/metricbeat/Dockerfile
@@ -3,7 +3,7 @@
 # Extract Metricbeat and make various file manipulations.
 ################################################################################
 ARG BASE_REGISTRY=registry1.dsop.io
-ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
+ARG BASE_IMAGE=redhat/ubi/ubi9
 ARG BASE_TAG=9.2
 
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as builder
diff --git a/dev-tools/packaging/templates/ironbank/metricbeat/hardening_manifest.yaml b/dev-tools/packaging/templates/ironbank/metricbeat/hardening_manifest.yaml
index fcae778cba2..4332a9e8e61 100644
--- a/dev-tools/packaging/templates/ironbank/metricbeat/hardening_manifest.yaml
+++ b/dev-tools/packaging/templates/ironbank/metricbeat/hardening_manifest.yaml
@@ -13,7 +13,7 @@ tags:
 
 # Build args passed to Dockerfile ARGs
 args:
-  BASE_IMAGE: "redhat/ubi/ubi8"
+  BASE_IMAGE: "redhat/ubi/ubi9"
   BASE_TAG: "9.2"
   ELASTIC_STACK: "{{ beat_version }}"
   ELASTIC_PRODUCT: "metricbeat"
diff --git a/dev-tools/packaging/templates/ironbank/packetbeat/Dockerfile b/dev-tools/packaging/templates/ironbank/packetbeat/Dockerfile
index 17a7e8c86ac..e5b170ae27f 100644
--- a/dev-tools/packaging/templates/ironbank/packetbeat/Dockerfile
+++ b/dev-tools/packaging/templates/ironbank/packetbeat/Dockerfile
@@ -3,7 +3,7 @@
 # Extract Packetbeat and make various file manipulations.
 ################################################################################
 ARG BASE_REGISTRY=registry1.dsop.io
-ARG BASE_IMAGE=ironbank/redhat/ubi/ubi8
+ARG BASE_IMAGE=redhat/ubi/ubi9
 ARG BASE_TAG=9.2
 
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} as builder
diff --git a/dev-tools/packaging/templates/ironbank/packetbeat/hardening_manifest.yaml b/dev-tools/packaging/templates/ironbank/packetbeat/hardening_manifest.yaml
index 0ba0436d33c..1d796f1debe 100644
--- a/dev-tools/packaging/templates/ironbank/packetbeat/hardening_manifest.yaml
+++ b/dev-tools/packaging/templates/ironbank/packetbeat/hardening_manifest.yaml
@@ -13,7 +13,7 @@ tags:
 
 # Build args passed to Dockerfile ARGs
 args:
-  BASE_IMAGE: "redhat/ubi/ubi8"
+  BASE_IMAGE: "redhat/ubi/ubi9"
   BASE_TAG: "9.2"
   ELASTIC_STACK: "{{ beat_version }}"
   ELASTIC_PRODUCT: "packetbeat"
diff --git a/x-pack/heartbeat/ironbank/Makefile b/x-pack/heartbeat/ironbank/Makefile
index e23e376040b..9a531224854 100644
--- a/x-pack/heartbeat/ironbank/Makefile
+++ b/x-pack/heartbeat/ironbank/Makefile
@@ -48,6 +48,6 @@ package: ## Package heartbeat for the artifacts consumed by the ironbank docker
 validate-ironbank: prepare
 	docker build \
 		--build-arg BASE_REGISTRY=docker.elastic.co \
-		--build-arg BASE_IMAGE=ubi8/ubi \
+		--build-arg BASE_IMAGE=ubi9/ubi \
 		--build-arg BASE_TAG=latest \
 		$(LOCATION)

From 1061e75f60c3f4d7f477b26d03cf149a709f97f8 Mon Sep 17 00:00:00 2001
From: Victor Martinez <VictorMartinezRubio@gmail.com>
Date: Fri, 3 Nov 2023 12:33:04 +0100
Subject: [PATCH 2/2] packaging: ubi-minimal 9 requires -y to bypass the prompt

---
 dev-tools/packaging/templates/docker/Dockerfile.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dev-tools/packaging/templates/docker/Dockerfile.tmpl b/dev-tools/packaging/templates/docker/Dockerfile.tmpl
index 9a792ecc1e0..58e0e0fbca1 100644
--- a/dev-tools/packaging/templates/docker/Dockerfile.tmpl
+++ b/dev-tools/packaging/templates/docker/Dockerfile.tmpl
@@ -22,7 +22,7 @@ FROM {{ .from }}
 
 {{- if contains .from "ubi-minimal" }}
 RUN microdnf -y update && \
-    microdnf install findutils shadow-utils && \
+    microdnf -y install findutils shadow-utils && \
     microdnf clean all
 {{- else }}
 RUN for iter in {1..10}; do \