Add elastic apm to dogfood (#11287)

# Checklist for submitter If some of the following don't apply, delete the relevant line. - [ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md) - [ ] Documented any permissions changes - [ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features. - [ ] Added/updated tests - [ ] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2026-05-23 08:58:41 +00:00 · 2023-04-24 11:25:57 -04:00 · 2023-04-24 11:25:57 -04:00 · 443d2471d2
commit 443d2471d2
parent 3908e63b64
2 changed files with 10 additions and 2 deletions
--- a/.github/workflows/dogfood-deploy.yml
+++ b/.github/workflows/dogfood-deploy.yml
@ -28,6 +28,8 @@ env:
  TF_VAR_fleet_license: ${{ secrets.DOGFOOD_LICENSE_KEY }}
  TF_VAR_slack_webhook: ${{ secrets.SLACK_G_HELP_P1_WEBHOOK_URL }}
  TF_VAR_fleet_sentry_dsn: ${{ secrets.DOGFOOD_SENTRY_DSN }}
+  TF_VAR_elastic_url: ${{ secrets.ELASTIC_APM_SERVER_URL }}
+  TF_VAR_elastic_token: ${{ secrets.ELASTIC_APM_SECRET_TOKEN }}

 permissions:
  id-token: write
--- a/infrastructure/dogfood/terraform/aws-tf-module/main.tf
+++ b/infrastructure/dogfood/terraform/aws-tf-module/main.tf
@ -28,8 +28,9 @@ variable "fleet_license" {}
 variable "fleet_image" {
  default = "160035666661.dkr.ecr.us-east-2.amazonaws.com/fleet:1f68e7a5e39339d763da26a0c8ae3e459b2e1f016538d7962312310493381f7c"
 }
-variable "fleet_sentry_dsn" {
-}
+variable "fleet_sentry_dsn" {}
+variable "elastic_url" {}
+variable "elastic_token" {}

 data "aws_caller_identity" "current" {}

@ -40,9 +41,14 @@ locals {
    FLEET_LICENSE_KEY                          = var.fleet_license
    FLEET_LOGGING_DEBUG                        = "true"
    FLEET_LOGGING_JSON                         = "true"
+    FLEET_LOGGING_TRACING_ENABLED              = "true"
+    FLEET_LOGGING_TRACING_TYPE                 = "elasticapm"
    FLEET_MYSQL_MAX_OPEN_CONNS                 = "25"
    FLEET_VULNERABILITIES_DATABASES_PATH       = "/home/fleet"
    FLEET_OSQUERY_ENABLE_ASYNC_HOST_PROCESSING = "false"
+    ELASTIC_APM_SERVER_URL                     = var.elastic_url
+    ELASTIC_APM_SECRET_TOKEN                   = var.elastic_token
+    ELASTIC_APM_SERVICE_NAME                   = "dogfood"
  }
  sentry_secrets = {
    FLEET_SENTRY_DSN = "${aws_secretsmanager_secret.sentry.arn}:FLEET_SENTRY_DSN::"