Merge branch 'main' into disable-spaces-public-api-in-serverless

.buildkite/ftr_configs.yml

@@ -81,12 +81,18 @@ disabled:
   # Serverless configs, currently only for manual tests runs, CI integration planned
   - x-pack/test_serverless/api_integration/test_suites/common/config.ts
   - x-pack/test_serverless/api_integration/test_suites/observability/config.ts
+  - x-pack/test_serverless/api_integration/test_suites/observability/config.feature_flags.ts
   - x-pack/test_serverless/api_integration/test_suites/search/config.ts
+  - x-pack/test_serverless/api_integration/test_suites/search/config.feature_flags.ts
   - x-pack/test_serverless/api_integration/test_suites/security/config.ts
+  - x-pack/test_serverless/api_integration/test_suites/security/config.feature_flags.ts
   - x-pack/test_serverless/functional/test_suites/common/config.ts
   - x-pack/test_serverless/functional/test_suites/observability/config.ts
+  - x-pack/test_serverless/functional/test_suites/observability/config.feature_flags.ts
   - x-pack/test_serverless/functional/test_suites/search/config.ts
+  - x-pack/test_serverless/functional/test_suites/search/config.feature_flags.ts
   - x-pack/test_serverless/functional/test_suites/security/config.ts
+  - x-pack/test_serverless/functional/test_suites/security/config.feature_flags.ts
 
 defaultQueue: 'n2-4-spot'
 enabled:
@@ -347,7 +353,6 @@ enabled:
   - x-pack/test/reporting_functional/reporting_and_deprecated_security.config.ts
   - x-pack/test/reporting_functional/reporting_and_security.config.ts
   - x-pack/test/reporting_functional/reporting_without_security.config.ts
-  - x-pack/test/reporting_functional/reporting_and_timeout.config.ts
   - x-pack/test/rule_registry/security_and_spaces/config_basic.ts
   - x-pack/test/rule_registry/security_and_spaces/config_trial.ts
   - x-pack/test/rule_registry/spaces_only/config_basic.ts

.buildkite/pipelines/quality-gates/pipeline.kibana-tests.yaml

@@ -0,0 +1,10 @@
+env:
+  ENVIRONMENT: ${ENVIRONMENT?}
+
+steps:
+  - label: ":pipeline::grey_question::seedling: Trigger Kibana Tests for ${ENVIRONMENT}"
+    env:
+      QG_PIPELINE_LOCATION: ".buildkite/pipelines/quality-gates"
+    command: "make -C /agent run-environment-tests"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/quality-gate-seedling:0.0.2"

.buildkite/pipelines/quality-gates/pipeline.tests-production.yaml

@@ -0,0 +1,15 @@
+steps:
+  - label: ":pipeline::kibana::seedling: Trigger Kibana Tests for ${ENVIRONMENT}"
+    command: echo "replace me with Kibana specific tests"
+    agent:
+      image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
+
+  - label: ":pipeline::fleet::seedling: Trigger Fleet Kibana Tests for ${ENVIRONMENT}"
+    command: echo "replace me with Fleet specific Kibana tests"
+    agent:
+      image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
+
+  - label: ":pipeline::lock::seedling: Trigger Security Kibana Tests for ${ENVIRONMENT}"
+    command: echo "replace me with Security specific Kibana tests"
+    agent:
+      image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"

.buildkite/pipelines/quality-gates/pipeline.tests-qa.yaml

@@ -0,0 +1,15 @@
+steps:
+  - label: ":pipeline::kibana::seedling: Trigger Kibana Tests for ${ENVIRONMENT}"
+    command: echo "replace me with Kibana specific tests"
+    agent:
+      image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
+
+  - label: ":pipeline::fleet::seedling: Trigger Fleet Kibana Tests for ${ENVIRONMENT}"
+    command: echo "replace me with Fleet specific Kibana tests"
+    agent:
+      image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
+
+  - label: ":pipeline::lock::seedling: Trigger Security Kibana Tests for ${ENVIRONMENT}"
+    command: echo "replace me with Security specific Kibana tests"
+    agent:
+      image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"

.buildkite/pipelines/quality-gates/pipeline.tests-staging.yaml

@@ -0,0 +1,15 @@
+steps:
+  - label: ":pipeline::kibana::seedling: Trigger Kibana Tests for ${ENVIRONMENT}"
+    command: echo "replace me with Kibana specific tests"
+    agent:
+      image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
+
+  - label: ":pipeline::fleet::seedling: Trigger Fleet Kibana Tests for ${ENVIRONMENT}"
+    command: echo "replace me with Fleet specific Kibana tests"
+    agent:
+      image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
+
+  - label: ":pipeline::lock::seedling: Trigger Security Kibana Tests for ${ENVIRONMENT}"
+    command: echo "replace me with Security specific Kibana tests"
+    agent:
+      image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"

.buildkite/scripts/steps/functional/serverless_ftr.sh

@@ -9,17 +9,20 @@ export JOB="kibana-serverless-$SERVERLESS_ENVIRONMENT"
 if [[ "$SERVERLESS_ENVIRONMENT" == "search" ]]; then
   SERVERLESS_CONFIGS=(
     "x-pack/test_serverless/api_integration/test_suites/search/config.ts"
+    "x-pack/test_serverless/api_integration/test_suites/search/config.feature_flags.ts"
     "x-pack/test_serverless/functional/test_suites/search/config.ts"
   )
 elif [[ "$SERVERLESS_ENVIRONMENT" == "observability" ]]; then
   SERVERLESS_CONFIGS=(
     "x-pack/test_serverless/api_integration/test_suites/observability/config.ts"
+    "x-pack/test_serverless/api_integration/test_suites/observability/config.feature_flags.ts"
     "x-pack/test_serverless/functional/test_suites/observability/config.ts"
     "x-pack/test_serverless/functional/test_suites/observability/cypress/config_headless.ts"
   )
 elif [[ "$SERVERLESS_ENVIRONMENT" == "security" ]]; then
   SERVERLESS_CONFIGS=(
     "x-pack/test_serverless/api_integration/test_suites/security/config.ts"
+    "x-pack/test_serverless/api_integration/test_suites/security/config.feature_flags.ts"
     "x-pack/test_serverless/functional/test_suites/security/config.ts"
   )
 fi

.github/CODEOWNERS

@@ -988,6 +988,7 @@ x-pack/plugins/infra/server/lib/alerting @elastic/actionable-observability
 /.buildkite/ @elastic/kibana-operations
 /kbn_pm/ @elastic/kibana-operations
 /x-pack/dev-tools @elastic/kibana-operations
+catalog-info.yaml @elastic/kibana-operations @elastic/kibana-tech-leads
 
 # Appex QA
 /src/dev/code_coverage @elastic/appex-qa

catalog-info.yaml

@@ -0,0 +1,70 @@
+---
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+  name: kibana
+  description: Kibana is a user interface that lets you visualize your Elasticsearch data and navigate the Elastic Stack.
+
+  annotations:
+    backstage.io/source-location: url:https://github.com/elastic/kibana/tree/main
+    github.com/project-slug: elastic/kibana
+    github.com/team-slug: elastic/kibana-tech-leads
+    buildkite.com/project-slug: elastic/kibana
+
+  tags:
+    - typescript
+    - javascript
+    - dashboards
+    - metrics
+    - visualizations
+    - observability
+
+  links:
+    - title: Documentation
+      url: https://www.elastic.co/guide/en/kibana/current/index.html
+
+spec:
+  type: monorepo
+  owner: group:kibana-tech-leads
+  lifecycle: production
+
+---
+
+apiVersion: backstage.io/v1alpha1
+kind: Resource
+metadata:
+  name: kibana-tests-pipeline
+  description: Definition of the kibana pipeline
+  links:
+    - title: Pipeline
+      url: https://buildkite.com/elastic/kibana-tests
+spec:
+  type: buildkite-pipeline
+  owner: group:kibana-tech-leads
+  system: buildkite
+  implementation:
+    apiVersion: buildkite.elastic.dev/v1
+    kind: Pipeline
+    metadata:
+      name: kibana-tests
+      description: Pipeline that tests the service integration in various environments
+    spec:
+      repository: elastic/kibana
+      pipeline_file: ./.buildkite/pipelines/pipeline.kibana-tests.yaml
+      provider_settings:
+        trigger_mode: none
+      teams:
+        kibana-operations:
+          access_level: MANAGE_BUILD_AND_READ
+        security-engineering-productivity:
+          access_level: BUILD_AND_READ
+        fleet:
+          access_level: BUILD_AND_READ
+        kibana-tech-leads:
+          access_level: BUILD_AND_READ
+        kibana-core:
+          access_level: BUILD_AND_READ
+        cloud-tooling:
+          access_level: BUILD_AND_READ
+        everyone:
+          access_level: READ_ONLY

docs/api-generated/connectors/connector-apis-passthru.asciidoc

@@ -1010,6 +1010,7 @@ Any modifications made to this file will be overwritten.
     <li><a href="#config_properties_servicenow"><code>config_properties_servicenow</code> - Connector request properties for a ServiceNow ITSM connector</a></li>
     <li><a href="#config_properties_servicenow_itom"><code>config_properties_servicenow_itom</code> - Connector request properties for a ServiceNow ITSM connector</a></li>
     <li><a href="#config_properties_swimlane"><code>config_properties_swimlane</code> - Connector request properties for a Swimlane connector</a></li>
+    <li><a href="#config_properties_webhook"><code>config_properties_webhook</code> - Connector request properties for a Webhook connector</a></li>
     <li><a href="#connector_response_properties"><code>connector_response_properties</code> - Connector response properties</a></li>
     <li><a href="#connector_response_properties_cases_webhook"><code>connector_response_properties_cases_webhook</code> - Connector request properties for a Webhook - Case Management connector</a></li>
     <li><a href="#connector_response_properties_email"><code>connector_response_properties_email</code> - Connector response properties for an email connector</a></li>
@@ -1093,6 +1094,7 @@ Any modifications made to this file will be overwritten.
     <li><a href="#secrets_properties_slack_api"><code>secrets_properties_slack_api</code> - Connector secrets properties for a Web API Slack connector</a></li>
     <li><a href="#secrets_properties_slack_webhook"><code>secrets_properties_slack_webhook</code> - Connector secrets properties for a Webhook Slack connector</a></li>
     <li><a href="#secrets_properties_swimlane"><code>secrets_properties_swimlane</code> - Connector secrets properties for a Swimlane connector</a></li>
+    <li><a href="#secrets_properties_webhook"><code>secrets_properties_webhook</code> - Connector secrets properties for a Webhook connector</a></li>
     <li><a href="#updateConnector_400_response"><code>updateConnector_400_response</code> - </a></li>
     <li><a href="#update_connector_request_cases_webhook"><code>update_connector_request_cases_webhook</code> - Update Webhook - Case Managment connector request</a></li>
     <li><a href="#update_connector_request_index"><code>update_connector_request_index</code> - Update index connector request</a></li>
@@ -1450,6 +1452,28 @@ Any modifications made to this file will be overwritten.
 <div class="param">mappings (optional)</div><div class="param-desc"><span class="param-type"><a href="#Connector_mappings_properties_for_a_Swimlane_connector">Connector_mappings_properties_for_a_Swimlane_connector</a></span>  </div>
     </div>  <!-- field-items -->
   </div>
+  <div class="model">
+    <h3><a name="config_properties_webhook"><code>config_properties_webhook</code> - Connector request properties for a Webhook connector</a> <a class="up" href="#__Models">Up</a></h3>
+    <div class='model-description'>Defines properties for connectors when type is <code>.webhook</code>.</div>
+    <div class="field-items">
+      <div class="param">authType (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of authentication to use: basic, SSL, or none. </div>
+        <div class="param-enum-header">Enum:</div>
+        <div class="param-enum">webhook-authentication-basic</div><div class="param-enum">webhook-authentication-ssl</div><div class="param-enum">null</div>
+<div class="param">ca (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> A base64 encoded version of the certificate authority file, which is used to sign and validate certificates. </div>
+<div class="param">certType (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> If the <code>authType</code> is <code>webhook-authentication-ssl</code>, specifies whether the certificate authentication data is in a CRT and key file format or a PFX file format. </div>
+        <div class="param-enum-header">Enum:</div>
+        <div class="param-enum">ssl-crt-key</div><div class="param-enum">ssl-pfx</div>
+<div class="param">hasAuth (optional)</div><div class="param-desc"><span class="param-type"><a href="#boolean">Boolean</a></span> If <code>true</code>, a user name and password must be provided for login type authentication. </div>
+<div class="param">headers (optional)</div><div class="param-desc"><span class="param-type"><a href="#">Object</a></span> A set of key-value pairs sent as headers with the request. </div>
+<div class="param">method (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The HTTP request method, either <code>post</code> or <code>put</code>. </div>
+        <div class="param-enum-header">Enum:</div>
+        <div class="param-enum">post</div><div class="param-enum">put</div>
+<div class="param">url (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The request URL. If you are using the <code>xpack.actions.allowedHosts</code> setting, add the hostname to the allowed hosts. </div>
+<div class="param">verificationMode (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> Controls the verification of certificates. Use <code>full</code> to validate that the provided certificate has an issue date that is within the <code>not_before</code> and <code>not_after</code> dates, chains to a trusted certificate authority (CA), and has a hostname or IP address that matches the names within the certificate. Use <code>certificate</code> to validate the provided certificate and verifies that it is signed by a trusted authority; this option does not check the certificate hostname. Use <code>none</code> to skip certificate validation. </div>
+        <div class="param-enum-header">Enum:</div>
+        <div class="param-enum">certificate</div><div class="param-enum">full</div><div class="param-enum">none</div>
+    </div>  <!-- field-items -->
+  </div>
   <div class="model">
     <h3><a name="connector_response_properties"><code>connector_response_properties</code> - Connector response properties</a> <a class="up" href="#__Models">Up</a></h3>
     <div class='model-description'>The properties vary depending on the connector type.</div>
@@ -1723,7 +1747,7 @@ Any modifications made to this file will be overwritten.
     <h3><a name="connector_response_properties_webhook"><code>connector_response_properties_webhook</code> - Connector response properties for a Webhook connector</a> <a class="up" href="#__Models">Up</a></h3>
     <div class='model-description'></div>
     <div class="field-items">
-      <div class="param">config </div><div class="param-desc"><span class="param-type"><a href="#AnyType">map[String, oas_any_type_not_mapped]</a></span> Defines properties for connectors when type is <code>.webhook</code>. </div>
+      <div class="param">config </div><div class="param-desc"><span class="param-type"><a href="#config_properties_webhook">config_properties_webhook</a></span>  </div>
 <div class="param">connector_type_id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
         <div class="param-enum-header">Enum:</div>
         <div class="param-enum">.webhook</div>
@@ -1959,12 +1983,12 @@ Any modifications made to this file will be overwritten.
     <h3><a name="create_connector_request_webhook"><code>create_connector_request_webhook</code> - Create Webhook connector request</a> <a class="up" href="#__Models">Up</a></h3>
     <div class='model-description'>The Webhook connector uses axios to send a POST or PUT request to a web service.</div>
     <div class="field-items">
-      <div class="param">config </div><div class="param-desc"><span class="param-type"><a href="#AnyType">map[String, oas_any_type_not_mapped]</a></span> Defines properties for connectors when type is <code>.webhook</code>. </div>
+      <div class="param">config </div><div class="param-desc"><span class="param-type"><a href="#config_properties_webhook">config_properties_webhook</a></span>  </div>
 <div class="param">connector_type_id </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The type of connector. </div>
         <div class="param-enum-header">Enum:</div>
         <div class="param-enum">.webhook</div>
 <div class="param">name </div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The display name for the connector. </div>
-<div class="param">secrets </div><div class="param-desc"><span class="param-type"><a href="#AnyType">map[String, oas_any_type_not_mapped]</a></span> Defines secrets for connectors when type is <code>.webhook</code>. </div>
+<div class="param">secrets </div><div class="param-desc"><span class="param-type"><a href="#secrets_properties_webhook">secrets_properties_webhook</a></span>  </div>
     </div>  <!-- field-items -->
   </div>
   <div class="model">
@@ -2392,6 +2416,17 @@ Any modifications made to this file will be overwritten.
       <div class="param">apiToken (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> Swimlane API authentication token. </div>
     </div>  <!-- field-items -->
   </div>
+  <div class="model">
+    <h3><a name="secrets_properties_webhook"><code>secrets_properties_webhook</code> - Connector secrets properties for a Webhook connector</a> <a class="up" href="#__Models">Up</a></h3>
+    <div class='model-description'>Defines secrets for connectors when type is <code>.webhook</code>.</div>
+    <div class="field-items">
+      <div class="param">crt (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> If <code>authType</code> is <code>webhook-authentication-ssl</code> and <code>certType</code> is <code>ssl-crt-key</code>, it is a base64 encoded version of the CRT or CERT file. </div>
+<div class="param">key (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> If <code>authType</code> is <code>webhook-authentication-ssl</code> and <code>certType</code> is <code>ssl-crt-key</code>, it is a base64 encoded version of the KEY file. </div>
+<div class="param">pfx (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> If <code>authType</code> is <code>webhook-authentication-ssl</code> and <code>certType</code> is <code>ssl-pfx</code>, it is a base64 encoded version of the PFX or P12 file. </div>
+<div class="param">password (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The password for HTTP basic authentication or the passphrase for the SSL certificate files. If <code>hasAuth</code> is set to <code>true</code> and <code>authType</code> is <code>webhook-authentication-basic</code>, this property is required. </div>
+<div class="param">user (optional)</div><div class="param-desc"><span class="param-type"><a href="#string">String</a></span> The username for HTTP basic authentication. If <code>hasAuth</code> is set to <code>true</code>  and <code>authType</code> is <code>webhook-authentication-basic</code>, this property is required. </div>
+    </div>  <!-- field-items -->
+  </div>
   <div class="model">
     <h3><a name="updateConnector_400_response"><code>updateConnector_400_response</code> - </a> <a class="up" href="#__Models">Up</a></h3>
     <div class='model-description'></div>