Skip to content

Commit

Permalink
Merge branch 'main' into eui/v95.1.0
Browse files Browse the repository at this point in the history
  • Loading branch information
cee-chen authored Jun 20, 2024
2 parents 8e19a0c + 16bfe57 commit 251e3e9
Show file tree
Hide file tree
Showing 1,774 changed files with 72,026 additions and 20,626 deletions.
9 changes: 7 additions & 2 deletions .buildkite/ftr_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,8 @@ enabled:
- test/api_integration/config.js
- test/examples/config.js
- test/functional/apps/bundles/config.ts
- test/functional/apps/console/config.ts
- test/functional/apps/console/monaco/config.ts
- test/functional/apps/console/ace/config.ts
- test/functional/apps/context/config.ts
- test/functional/apps/dashboard_elements/controls/common/config.ts
- test/functional/apps/dashboard_elements/controls/options_list/config.ts
Expand Down Expand Up @@ -126,6 +127,7 @@ enabled:
- test/functional/apps/discover/group6/config.ts
- test/functional/apps/discover/group7/config.ts
- test/functional/apps/discover/group8/config.ts
- test/functional/apps/discover/context_awareness/config.ts
- test/functional/apps/getting_started/config.ts
- test/functional/apps/home/config.ts
- test/functional/apps/kibana_overview/config.ts
Expand Down Expand Up @@ -192,7 +194,6 @@ enabled:
- x-pack/test/api_integration/config_security_trial.ts
- x-pack/test/api_integration/apis/aiops/config.ts
- x-pack/test/api_integration/apis/asset_manager/config_when_disabled.ts
- x-pack/test/api_integration/apis/asset_manager/config_when_enabled.ts
- x-pack/test/api_integration/apis/cases/config.ts
- x-pack/test/api_integration/apis/content_management/config.ts
- x-pack/test/api_integration/apis/cloud_security_posture/config.ts
Expand Down Expand Up @@ -326,6 +327,7 @@ enabled:
- x-pack/test/functional/apps/search_playground/config.ts
- x-pack/test/functional/apps/snapshot_restore/config.ts
- x-pack/test/functional/apps/spaces/config.ts
- x-pack/test/functional/apps/spaces/solution_view_flag_enabled/config.ts
- x-pack/test/functional/apps/status_page/config.ts
- x-pack/test/functional/apps/transform/creation/index_pattern/config.ts
- x-pack/test/functional/apps/transform/creation/runtime_mappings_saved_search/config.ts
Expand Down Expand Up @@ -424,6 +426,7 @@ enabled:
- x-pack/test_serverless/functional/test_suites/observability/config.ts
- x-pack/test_serverless/functional/test_suites/observability/config.examples.ts
- x-pack/test_serverless/functional/test_suites/observability/config.saved_objects_management.ts
- x-pack/test_serverless/functional/test_suites/observability/config.context_awareness.ts
- x-pack/test_serverless/functional/test_suites/observability/common_configs/config.group1.ts
- x-pack/test_serverless/functional/test_suites/observability/common_configs/config.group2.ts
- x-pack/test_serverless/functional/test_suites/observability/common_configs/config.group3.ts
Expand All @@ -436,6 +439,7 @@ enabled:
- x-pack/test_serverless/functional/test_suites/search/config.examples.ts
- x-pack/test_serverless/functional/test_suites/search/config.screenshots.ts
- x-pack/test_serverless/functional/test_suites/search/config.saved_objects_management.ts
- x-pack/test_serverless/functional/test_suites/search/config.context_awareness.ts
- x-pack/test_serverless/functional/test_suites/search/common_configs/config.group1.ts
- x-pack/test_serverless/functional/test_suites/search/common_configs/config.group2.ts
- x-pack/test_serverless/functional/test_suites/search/common_configs/config.group3.ts
Expand All @@ -447,6 +451,7 @@ enabled:
- x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.basic.ts
- x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.essentials.ts
- x-pack/test_serverless/functional/test_suites/security/config.saved_objects_management.ts
- x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts
- x-pack/test_serverless/functional/test_suites/security/common_configs/config.group1.ts
- x-pack/test_serverless/functional/test_suites/security/common_configs/config.group2.ts
- x-pack/test_serverless/functional/test_suites/security/common_configs/config.group3.ts
Expand Down
2 changes: 1 addition & 1 deletion .buildkite/pipeline-utils/test-failures/annotate.ts
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ export const annotateTestFailures = async () => {
);
}

if (process.env.SLACK_NOTIFICATIONS_ENABLED === 'true') {
if (process.env.ELASTIC_SLACK_NOTIFICATIONS_ENABLED === 'true') {
buildkite.setMetadata(
'slack:test_failures:body',
getSlackMessage(failures, failureHtmlArtifacts)
Expand Down
21 changes: 21 additions & 0 deletions .buildkite/scripts/common/deployment_credentials.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
#!/usr/bin/env bash

set -euo pipefail

source .buildkite/scripts/common/vault_fns.sh

## Usage
# ./deployment_credentials.sh set <key-path> <key=value> <key=value> ...
# ./deployment_credentials.sh unset <key-path>
# ./deployment_credentials.sh print <key-path>

if [[ "${1:-}" == "set" ]]; then
set_in_legacy_vault "${@:2}"
elif [[ "${1:-}" == "unset" ]]; then
unset_in_legacy_vault "${@:2}"
elif [[ "${1:-}" == "print" ]]; then
print_legacy_vault_read "${2}"
else
echo "Unknown command: $1"
exit 1
fi
58 changes: 56 additions & 2 deletions .buildkite/scripts/common/vault_fns.sh
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
#!/bin/bash

# TODO: remove after https://github.com/elastic/kibana-operations/issues/15 is done
if [[ "${VAULT_ADDR:-}" == *"secrets.elastic.co"* ]]; then
# TODO: rewrite after https://github.com/elastic/kibana-operations/issues/15 is done
export LEGACY_VAULT_ADDR="https://secrets.elastic.co:8200"
if [[ "${VAULT_ADDR:-}" == "$LEGACY_VAULT_ADDR" ]]; then
VAULT_PATH_PREFIX="secret/kibana-issues/dev"
VAULT_KV_PREFIX="secret/kibana-issues/dev"
IS_LEGACY_VAULT_ADDR=true
Expand Down Expand Up @@ -85,3 +86,56 @@ function get_vault_secret_id() {

echo "$VAULT_SECRET_ID"
}

function set_in_legacy_vault() {
key_path=$1
shift
fields=("$@")

VAULT_ROLE_ID="$(get_vault_role_id)"
VAULT_SECRET_ID="$(get_vault_secret_id)"
VAULT_TOKEN_BAK="$VAULT_TOKEN"

# Make sure to either keep this variable name `VAULT_TOKEN` or unset `VAULT_TOKEN`,
# otherwise the VM's default token will be used, that's connected to the ci-prod vault instance
VAULT_TOKEN=$(VAULT_ADDR=$LEGACY_VAULT_ADDR vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_ADDR=$LEGACY_VAULT_ADDR vault login -no-print "$VAULT_TOKEN"

set +e
# shellcheck disable=SC2068
vault write -address=$LEGACY_VAULT_ADDR "secret/kibana-issues/dev/cloud-deploy/$key_path" ${fields[@]}
EXIT_CODE=$?
set -e

VAULT_TOKEN="$VAULT_TOKEN_BAK"

return $EXIT_CODE
}

function unset_in_legacy_vault() {
key_path=$1

VAULT_ROLE_ID="$(get_vault_role_id)"
VAULT_SECRET_ID="$(get_vault_secret_id)"
VAULT_TOKEN_BAK="$VAULT_TOKEN"

# Make sure to either keep this variable name `VAULT_TOKEN` or unset `VAULT_TOKEN`,
# otherwise the VM's default token will be used, that's connected to the ci-prod vault instance
VAULT_TOKEN=$(VAULT_ADDR=$LEGACY_VAULT_ADDR vault write -field=token auth/approle/login role_id="$VAULT_ROLE_ID" secret_id="$VAULT_SECRET_ID")
VAULT_ADDR=$LEGACY_VAULT_ADDR vault login -no-print "$VAULT_TOKEN"

set +e
vault delete -address=$LEGACY_VAULT_ADDR "secret/kibana-issues/dev/cloud-deploy/$key_path"
EXIT_CODE=$?
set -e

VAULT_TOKEN="$VAULT_TOKEN_BAK"

return $EXIT_CODE
}

function print_legacy_vault_read() {
key_path=$1

echo "vault read -address=$LEGACY_VAULT_ADDR secret/kibana-issues/dev/cloud-deploy/$key_path"
}
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,11 @@ buildkite-agent meta-data set "${BUILDKITE_JOB_ID}_is_test_execution_step" "true
source .buildkite/scripts/pipelines/security_solution_quality_gate/prepare_vault_entries.sh

echo "--- Running test script $1"
TARGET_SCRIPT=$1 node .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/start_api_ftr_execution

cd x-pack/test/security_solution_api_integration
set +e

TARGET_SCRIPT=$1 node ./scripts/mki_start_api_ftr_execution
cmd_status=$?
echo "Exit code with status: $cmd_status"
exit $cmd_status
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,13 @@ vault_get security-quality-gate/role-users data -format=json > .ftr/role_users.j
vault_get security-quality-gate/role-users/sec-sol-auto-01 data -format=json > .ftr/sec-sol-auto-01.json
vault_get security-quality-gate/role-users/sec-sol-auto-02 data -format=json > .ftr/sec-sol-auto-02.json
vault_get security-quality-gate/role-users/sec-sol-auto-03 data -format=json > .ftr/sec-sol-auto-03.json
vault_get security-quality-gate/role-users/sec-sol-auto-04 data -format=json > .ftr/sec-sol-auto-04.json
vault_get security-quality-gate/role-users/sec-sol-auto-05 data -format=json > .ftr/sec-sol-auto-05.json
vault_get security-quality-gate/role-users/sec-sol-auto-06 data -format=json > .ftr/sec-sol-auto-06.json
vault_get security-quality-gate/role-users/sec-sol-auto-07 data -format=json > .ftr/sec-sol-auto-07.json
vault_get security-quality-gate/role-users/sec-sol-auto-08 data -format=json > .ftr/sec-sol-auto-08.json
vault_get security-quality-gate/role-users/sec-sol-auto-09 data -format=json > .ftr/sec-sol-auto-09.json
vault_get security-quality-gate/role-users/sec-sol-auto-10 data -format=json > .ftr/sec-sol-auto-10.json

# The vault entries relevant to QA Cloud
export CLOUD_QA_API_KEY=$(vault_get security-solution-quality-gate qa_api_key)
Expand Down
9 changes: 5 additions & 4 deletions .buildkite/scripts/steps/cloud/build_and_deploy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,9 @@ if [ -z "${CLOUD_DEPLOYMENT_ID}" ] || [ "${CLOUD_DEPLOYMENT_ID}" = 'null' ]; the

echo "Writing to vault..."

vault_kv_set "cloud-deploy/$CLOUD_DEPLOYMENT_NAME" username="$CLOUD_DEPLOYMENT_USERNAME" password="$CLOUD_DEPLOYMENT_PASSWORD"
set_in_legacy_vault "$CLOUD_DEPLOYMENT_NAME" \
username="$CLOUD_DEPLOYMENT_USERNAME" \
password="$CLOUD_DEPLOYMENT_PASSWORD"

echo "Enabling Stack Monitoring..."
jq '
Expand Down Expand Up @@ -114,6 +116,7 @@ else
ecctl deployment update "$CLOUD_DEPLOYMENT_ID" --track --output json --file /tmp/deploy.json > "$ECCTL_LOGS"
fi

VAULT_READ_COMMAND=$(print_legacy_vault_read "$CLOUD_DEPLOYMENT_NAME")

CLOUD_DEPLOYMENT_KIBANA_URL=$(ecctl deployment show "$CLOUD_DEPLOYMENT_ID" | jq -r '.resources.kibana[0].info.metadata.aliased_url')
CLOUD_DEPLOYMENT_ELASTICSEARCH_URL=$(ecctl deployment show "$CLOUD_DEPLOYMENT_ID" | jq -r '.resources.elasticsearch[0].info.metadata.aliased_url')
Expand All @@ -125,9 +128,7 @@ Kibana: $CLOUD_DEPLOYMENT_KIBANA_URL
Elasticsearch: $CLOUD_DEPLOYMENT_ELASTICSEARCH_URL
Credentials: \`vault kv get $VAULT_KV_PREFIX/cloud-deploy/$CLOUD_DEPLOYMENT_NAME\`
(Stored in the production vault: VAULT_ADDR=https://vault-ci-prod.elastic.dev, more info: https://docs.elastic.dev/ci/using-secrets)
Credentials: \`$VAULT_READ_COMMAND\`
Kibana image: \`$KIBANA_CLOUD_IMAGE\`
Expand Down
8 changes: 4 additions & 4 deletions .buildkite/scripts/steps/cloud/purge_deployments.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,10 @@
*/

import { execSync } from 'child_process';
import { getKibanaDir } from '#pipeline-utils';

const deploymentsListJson = execSync('ecctl deployment list --output json').toString();
const { deployments } = JSON.parse(deploymentsListJson);
const secretBasePath = process.env.VAULT_ADDR?.match(/secrets\.elastic\.co/g)
? 'secret/kibana-issues/dev'
: 'secret/ci/elastic-kibana';

const prDeployments = deployments.filter((deployment: any) =>
deployment.name.startsWith('kibana-pr-')
Expand Down Expand Up @@ -70,7 +68,9 @@ for (const deployment of deploymentsToPurge) {
console.log(`Scheduling deployment for deletion: ${deployment.name} / ${deployment.id}`);
try {
execSync(`ecctl deployment shutdown --force '${deployment.id}'`, { stdio: 'inherit' });
execSync(`vault delete ${secretBasePath}/cloud-deploy/${deployment.name}`, {

execSync(`.buildkite/scripts/common/deployment_credentials.sh unset ${deployment.name}`, {
cwd: getKibanaDir(),
stdio: 'inherit',
});
} catch (ex) {
Expand Down
10 changes: 9 additions & 1 deletion .buildkite/scripts/steps/cloud/purge_projects.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@

import { execSync } from 'child_process';
import axios from 'axios';
import { getKibanaDir } from '#pipeline-utils';

async function getPrProjects() {
const match = /^(keep.?)?kibana-pr-([0-9]+)-(elasticsearch|security|observability)$/;
Expand Down Expand Up @@ -43,12 +44,19 @@ async function getPrProjects() {
async function deleteProject({
type,
id,
name,
}: {
type: 'elasticsearch' | 'observability' | 'security';
id: number;
name: string;
}) {
try {
await projectRequest.delete(`/api/v1/serverless/projects/${type}/${id}`);

execSync(`.buildkite/scripts/common/deployment_credentials.sh unset ${name}`, {
cwd: getKibanaDir(),
stdio: 'inherit',
});
} catch (e) {
if (e.isAxiosError) {
const message =
Expand All @@ -61,7 +69,7 @@ async function deleteProject({

async function purgeProjects() {
const prProjects = await getPrProjects();
const projectsToPurge = [];
const projectsToPurge: typeof prProjects = [];
for (const project of prProjects) {
const NOW = new Date().getTime() / 1000;
const DAY_IN_SECONDS = 60 * 60 * 24;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,17 @@ source .buildkite/scripts/common/util.sh

echo --- Security Solution OpenAPI Code Generation

echo OpenAPI Common Package

(cd packages/kbn-openapi-common && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true

echo Lists API Common Package

(cd packages/kbn-securitysolution-lists-common && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true

echo Security Solution Plugin

(cd x-pack/plugins/security_solution && yarn openapi:generate)
check_for_changed_files "yarn openapi:generate" true
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
#!/usr/bin/env bash

set -euo pipefail

source .buildkite/scripts/common/util.sh

echo --- Security Solution OpenAPI Bundling

(cd x-pack/plugins/security_solution && yarn openapi:bundle)
check_for_changed_files "yarn openapi:bundle" true
13 changes: 8 additions & 5 deletions .buildkite/scripts/steps/serverless/deploy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -88,15 +88,18 @@ deploy() {

echo "Write to vault..."

vault_kv_set "cloud-deploy/$VAULT_KEY_NAME" username="$PROJECT_USERNAME" password="$PROJECT_PASSWORD" id="$PROJECT_ID"
set_in_legacy_vault "$VAULT_KEY_NAME" \
username="$PROJECT_USERNAME" \
password="$PROJECT_PASSWORD" \
id="$PROJECT_ID"

else
echo "Updating project..."
curl -s \
-H "Authorization: ApiKey $PROJECT_API_KEY" \
-H "Content-Type: application/json" \
"${PROJECT_API_DOMAIN}/api/v1/serverless/projects/${PROJECT_TYPE}/${PROJECT_ID}" \
-XPUT -d "$PROJECT_UPDATE_CONFIGURATION" &> $PROJECT_DEPLOY_LOGS
-XPATCH -d "$PROJECT_UPDATE_CONFIGURATION" &> $PROJECT_DEPLOY_LOGS
fi

echo "Getting project info..."
Expand All @@ -109,16 +112,16 @@ deploy() {
PROJECT_KIBANA_LOGIN_URL="${PROJECT_KIBANA_URL}/login"
PROJECT_ELASTICSEARCH_URL=$(jq -r '.endpoints.elasticsearch' $PROJECT_INFO_LOGS)

VAULT_READ_COMMAND=$(print_legacy_vault_read "$VAULT_KEY_NAME")

cat << EOF | buildkite-agent annotate --style "info" --context "project-$PROJECT_TYPE"
### $PROJECT_TYPE_LABEL Deployment
Kibana: $PROJECT_KIBANA_LOGIN_URL
Elasticsearch: $PROJECT_ELASTICSEARCH_URL
Credentials: \`vault kv get $VAULT_KV_PREFIX/cloud-deploy/$VAULT_KEY_NAME\`
(Stored in the production vault: VAULT_ADDR=https://vault-ci-prod.elastic.dev, more info: https://docs.elastic.dev/ci/using-secrets)
Credentials: \`$VAULT_READ_COMMAND\`
Kibana image: \`$KIBANA_IMAGE\`
EOF
Expand Down
4 changes: 4 additions & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -622,6 +622,7 @@ x-pack/plugins/observability_solution/observability_shared @elastic/observabilit
x-pack/test/security_api_integration/plugins/oidc_provider @elastic/kibana-security
test/common/plugins/otel_metrics @elastic/obs-ux-infra_services-team
packages/kbn-openapi-bundler @elastic/security-detection-rule-management
packages/kbn-openapi-common @elastic/security-detection-rule-management
packages/kbn-openapi-generator @elastic/security-detection-rule-management
packages/kbn-optimizer @elastic/kibana-operations
packages/kbn-optimizer-webpack-helpers @elastic/kibana-operations
Expand Down Expand Up @@ -715,6 +716,7 @@ packages/kbn-search-connectors @elastic/search-kibana
x-pack/plugins/search_connectors @elastic/search-kibana
packages/kbn-search-errors @elastic/kibana-data-discovery
examples/search_examples @elastic/kibana-data-discovery
x-pack/plugins/search_homepage @elastic/search-kibana
packages/kbn-search-index-documents @elastic/search-kibana
x-pack/plugins/search_inference_endpoints @elastic/search-kibana
x-pack/plugins/search_notebooks @elastic/search-kibana
Expand Down Expand Up @@ -752,6 +754,7 @@ packages/kbn-securitysolution-list-api @elastic/security-detection-engine
packages/kbn-securitysolution-list-constants @elastic/security-detection-engine
packages/kbn-securitysolution-list-hooks @elastic/security-detection-engine
packages/kbn-securitysolution-list-utils @elastic/security-detection-engine
packages/kbn-securitysolution-lists-common @elastic/security-detection-engine
packages/kbn-securitysolution-rules @elastic/security-detection-engine
packages/kbn-securitysolution-t-grid @elastic/security-detection-engine
packages/kbn-securitysolution-utils @elastic/security-detection-engine
Expand Down Expand Up @@ -1442,6 +1445,7 @@ x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout @elastic/
/x-pack/plugins/security_solution/public/detections/components/alerts_info @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/flyout/document_details @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/flyout/shared @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/notes @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/resolver @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/threat_intelligence @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/timelines @elastic/security-threat-hunting-investigations
Expand Down
2 changes: 1 addition & 1 deletion api_docs/actions.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/actions
title: "actions"
image: https://source.unsplash.com/400x175/?github
description: API docs for the actions plugin
date: 2024-06-18
date: 2024-06-19
tags: ['contributor', 'dev', 'apidocs', 'kibana', 'actions']
---
import actionsObj from './actions.devdocs.json';
Expand Down
2 changes: 1 addition & 1 deletion api_docs/advanced_settings.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/advancedSettings
title: "advancedSettings"
image: https://source.unsplash.com/400x175/?github
description: API docs for the advancedSettings plugin
date: 2024-06-18
date: 2024-06-19
tags: ['contributor', 'dev', 'apidocs', 'kibana', 'advancedSettings']
---
import advancedSettingsObj from './advanced_settings.devdocs.json';
Expand Down
Loading

0 comments on commit 251e3e9

Please sign in to comment.