[8.12] [Fleet] Fix secrets exception when installing CSPM or other in…

…tegrations (#174264) (#174432)

# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Fix secrets exception when installing CSPM or other
integrations (#174264)](#174264)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cristina
Amico","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-01-08T09:19:29Z","message":"[Fleet]
Fix secrets exception when installing CSPM or other integrations
(#174264)\n\nCloses
https://github.com/elastic/kibana/issues/173718\r\n\r\n##
Summary\r\n\r\nFix secrets exception when installing CSPM or other
integrations\r\n\r\n### Steps to reproduce:\r\n\r\n- Install
`cloud_security_posture-1.8.0-preview02` (note that a licence\r\nis
needed to install CSPM)\r\n- Select Setup access: manual and Preferred
manual method: Direct access\r\nkeys\r\n- Add some test values a secrets
and try to install\r\n- The integration should install correctly with no
exceptions.\r\n\r\n### Checklist\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n\r\n---------\r\n\r\nCo-authored-by:
Kyle Pollich <[email protected]>\r\nCo-authored-by: Kibana Machine
<[email protected]>","sha":"6a7166c4e8782fe8067b1f8d93952b282db5627a","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","v8.12.0","v8.13.0"],"title":"[Fleet]
Fix secrets exception when installing CSPM or other
integrations","number":174264,"url":"https://github.com/elastic/kibana/pull/174264","mergeCommit":{"message":"[Fleet]
Fix secrets exception when installing CSPM or other integrations
(#174264)\n\nCloses
https://github.com/elastic/kibana/issues/173718\r\n\r\n##
Summary\r\n\r\nFix secrets exception when installing CSPM or other
integrations\r\n\r\n### Steps to reproduce:\r\n\r\n- Install
`cloud_security_posture-1.8.0-preview02` (note that a licence\r\nis
needed to install CSPM)\r\n- Select Setup access: manual and Preferred
manual method: Direct access\r\nkeys\r\n- Add some test values a secrets
and try to install\r\n- The integration should install correctly with no
exceptions.\r\n\r\n### Checklist\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n\r\n---------\r\n\r\nCo-authored-by:
Kyle Pollich <[email protected]>\r\nCo-authored-by: Kibana Machine
<[email protected]>","sha":"6a7166c4e8782fe8067b1f8d93952b282db5627a"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/174264","number":174264,"mergeCommit":{"message":"[Fleet]
Fix secrets exception when installing CSPM or other integrations
(#174264)\n\nCloses
https://github.com/elastic/kibana/issues/173718\r\n\r\n##
Summary\r\n\r\nFix secrets exception when installing CSPM or other
integrations\r\n\r\n### Steps to reproduce:\r\n\r\n- Install
`cloud_security_posture-1.8.0-preview02` (note that a licence\r\nis
needed to install CSPM)\r\n- Select Setup access: manual and Preferred
manual method: Direct access\r\nkeys\r\n- Add some test values a secrets
and try to install\r\n- The integration should install correctly with no
exceptions.\r\n\r\n### Checklist\r\n- [ ] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n\r\n---------\r\n\r\nCo-authored-by:
Kyle Pollich <[email protected]>\r\nCo-authored-by: Kibana Machine
<[email protected]>","sha":"6a7166c4e8782fe8067b1f8d93952b282db5627a"}}]}]
BACKPORT-->

Co-authored-by: Cristina Amico <[email protected]>

x-pack/plugins/fleet/server/services/secrets.test.ts

@@ -1018,9 +1018,11 @@ describe('secrets', () => {
       it('returns single secret reference for required secret', async () => {
         const mockPackagePolicy = {
           vars: {
-            'pkg-secret-1': {
-              value: 'pkg-secret-1-val',
+            'pkg-secret-1': {},
+            'pkg-secret-2': {
+              value: 'pkg-secret-2-val',
             },
+            'dot-notation.stream.pkg-secret-3': {},
           },
           inputs: [],
         } as unknown as NewPackagePolicy;
@@ -1198,6 +1200,7 @@ describe('secrets', () => {
               value: 'pkg-secret-1-val',
             },
             'pkg-secret-2': {},
+            'dot-notation.pkg-secret-3': {},
           },
           inputs: [],
         } as unknown as PackagePolicy;

x-pack/plugins/fleet/server/services/secrets.ts

@@ -241,7 +241,11 @@ export async function extractAndWriteSecrets(opts: {
     values: secretsToCreate.map((secretPath) => secretPath.value.value),
   });
 
-  const policyWithSecretRefs = getPolicyWithSecretReferences(secretPaths, secrets, packagePolicy);
+  const policyWithSecretRefs = getPolicyWithSecretReferences(
+    secretsToCreate,
+    secrets,
+    packagePolicy
+  );
 
   return {
     packagePolicy: policyWithSecretRefs,