Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Retain APIKey when disabling/enabling a rule #131581

Merged
merged 24 commits into from
May 18, 2022
Merged

Retain APIKey when disabling/enabling a rule #131581

merged 24 commits into from
May 18, 2022

Conversation

ersin-erdal
Copy link
Contributor

@ersin-erdal ersin-erdal commented May 4, 2022
edited
Loading

fixes: #131234

Currently we invalidate the API key when a rule is disabled and generate a new one when it is enabled again.
With this PR, we retain the API key when a rule is disabled and generate a new one just in case of the rule somehow doesn't have an API key (disabled before this feature, imported etc.)

This PR also adds an Update API Key button to rules list and rule details page to allow users to generate anew API key manually.

User interaction flow is:

Screenshot 2022-05-06 at 18 08 56

Screenshot 2022-05-06 at 18 09 04

Screenshot 2022-05-06 at 18 09 27

Screenshot 2022-05-06 at 18 10 44

@ersin-erdal ersin-erdal added release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Alerting/RulesFramework Issues related to the Alerting Rules Framework v8.3.0 labels May 4, 2022
ersin-erdal and others added 5 commits May 5, 2022 00:22
@ersin-erdal
Merge branch 'main' of https://github.com/elastic/kibana into 131234-…
9b9717d 
…retain-api-key

� Conflicts:
�	x-pack/plugins/triggers_actions_ui/public/application/sections/rules_list/components/rules_list.test.tsx
�	x-pack/plugins/triggers_actions_ui/public/application/sections/rules_list/components/rules_list.tsx
@ersin-erdal
Merge branch 'main' into 131234-retain-api-key
4c4b6c8
@ersin-erdal
fix failing test
76b3afe
@ersin-erdal
Merge remote-tracking branch 'origin/131234-retain-api-key' into 1312…
ceb4e26 
…34-retain-api-key
@ersin-erdal
Fix failing test
ad84a32
@mdefazio
Copy link
Contributor

mdefazio commented May 6, 2022

Ran through the PR together and had the following updates:

  • Move 'Update API' row action link to be between Disable and Delete --> we want to keep Delete as the last option in that overflow menu
  • Confirmation modal should use primary button styling
  • Will need to get some writers to help with the copy
  • Add option to Update APIKey on detail page
    • Make 'Edit' a base style button (not empty)
    • Keep View in app exposed as empty button
    • Add medium icon button (base style with background, horizontalBoxes icon) to the right of Edit button
    • Add popover menu to icon button with Disable, Update APIKey, and Delete

Here's a quick mockup of the page header buttons on the detail page. I kept refresh exposed alongside View in app. We are updating the page to place the disable button within the page more clearly, but whatever the result of that, I think we'll want to duplicate that action here.

Showing a user with the option to update the api key and one without.

image

@ersin-erdal ersin-erdal marked this pull request as ready for review May 10, 2022 12:48
@ersin-erdal ersin-erdal requested review from a team as code owners May 10, 2022 12:48
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@pmuellr
Copy link
Member

pmuellr commented May 10, 2022

Just starting a review - thinking we should probably have some functional tests, but not quite clear to me what they should do! I don't believe we expose the API key in any HTTP outputs, do we? On purpose. Or via public types. Only immediate thought is to get the rule SO directly in the function test, unencrypted, and see if there is a key set.

pmuellr
pmuellr reviewed May 10, 2022
View reviewed changes
Copy link
Member

@pmuellr pmuellr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I review the server side code - surprised it's so small! Wondering what we're missing :-)

I'll review the UX code next, but thought I'd send along the current comments, which are mostly questions.

x-pack/plugins/alerting/server/rules_client/rules_client.ts Outdated Show resolved Hide resolved
x-pack/plugins/alerting/server/rules_client/tests/disable.test.ts Show resolved Hide resolved
x-pack/plugins/alerting/server/rules_client/tests/disable.test.ts Show resolved Hide resolved
x-pack/plugins/alerting/server/rules_client/tests/enable.test.ts Outdated Show resolved Hide resolved
x-pack/plugins/alerting/server/rules_client/tests/enable.test.ts Show resolved Hide resolved
@mikecote mikecote self-requested a review May 10, 2022 19:02
mikecote
mikecote reviewed May 10, 2022
View reviewed changes
Copy link
Contributor

@mikecote mikecote left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good! Did a pass of the code. I think it would be good to get a 👍 from R&AM team as well (cc @XavierM). Left some feedback and will approve after my questions are answered.

thinking we should probably have some functional tests, but not quite clear to me what they should do!

I do think we should add some functional tests. Something to ensure an API key isn't overwritten on enable when it exists. Ensure disable then enable preserves the API key, maybe?

x-pack/plugins/alerting/server/rules_client/rules_client.ts Show resolved Hide resolved
x-pack/plugins/alerting/server/rules_client/rules_client.ts Outdated Show resolved Hide resolved
x-pack/plugins/alerting/server/rules_client/rules_client.ts Show resolved Hide resolved
...gins/triggers_actions_ui/public/application/components/update_api_key_modal_confirmation.tsx Outdated Show resolved Hide resolved
...gins/triggers_actions_ui/public/application/components/update_api_key_modal_confirmation.tsx Outdated Show resolved Hide resolved
...gins/triggers_actions_ui/public/application/components/update_api_key_modal_confirmation.tsx Outdated Show resolved Hide resolved
...gins/triggers_actions_ui/public/application/components/update_api_key_modal_confirmation.tsx Show resolved Hide resolved
mdefazio
mdefazio requested changes May 11, 2022
View reviewed changes
Copy link
Contributor

@mdefazio mdefazio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tiny nit to lowercase API key.

...gins/triggers_actions_ui/public/application/components/update_api_key_modal_confirmation.tsx Outdated Show resolved Hide resolved
...gers_actions_ui/public/application/sections/rule_details/components/rule_actions_popover.tsx Outdated Show resolved Hide resolved
...actions_ui/public/application/sections/rules_list/components/collapsed_item_actions.test.tsx Outdated Show resolved Hide resolved
...gers_actions_ui/public/application/sections/rules_list/components/collapsed_item_actions.tsx Outdated Show resolved Hide resolved
...gins/triggers_actions_ui/public/application/components/update_api_key_modal_confirmation.tsx Outdated Show resolved Hide resolved
...rs_actions_ui/public/application/sections/rule_details/components/rule_actions_popopver.scss Outdated Show resolved Hide resolved
mikecote
mikecote approved these changes May 11, 2022
View reviewed changes
Copy link
Contributor

@mikecote mikecote left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested locally and LGTM!

@gmmorris
Copy link
Contributor

We should update the user facing docs as they are no longer correct after this PR is merged.

https://www.elastic.co/guide/en/kibana/master/alerting-setup.html#alerting-authorization

@ersin-erdal
Merge branch 'main' of https://github.com/elastic/kibana into 131234-…
72598c3 
…retain-api-key

� Conflicts:
�	x-pack/plugins/alerting/server/rules_client/rules_client.ts
�	x-pack/plugins/alerting/server/rules_client/tests/disable.test.ts
�	x-pack/plugins/alerting/server/rules_client/tests/enable.test.ts
mdefazio
mdefazio approved these changes May 16, 2022
View reviewed changes
Copy link
Contributor

@mdefazio mdefazio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for making those changes!

mdefazio
mdefazio reviewed May 16, 2022
View reviewed changes
Copy link
Contributor

@mdefazio mdefazio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doh, hit approve then saw that it looks like we're still targeting the button instead of a classname (comment)

@ersin-erdal ersin-erdal requested a review from a team as a code owner May 17, 2022 07:47
pmuellr
pmuellr requested changes May 17, 2022
View reviewed changes
Copy link
Member

@pmuellr pmuellr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left a question and request for some small changes

x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/disable.ts Show resolved Hide resolved
...ck/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/retain_api_key.ts Show resolved Hide resolved
...ck/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/retain_api_key.ts Show resolved Hide resolved
x-pack/test/alerting_api_integration/common/fixtures/plugins/alerts/server/routes.ts Outdated Show resolved Hide resolved
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #42 / machine learning - data frame analytics results view content and total feature importance multi class classification job should display the total feature importance in the results view

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
triggersActionsUi 380 388 +8

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
triggersActionsUi 745.7KB 750.5KB +4.9KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
triggersActionsUi 101.1KB 101.3KB +137.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

pmuellr
pmuellr approved these changes May 17, 2022
View reviewed changes
Copy link
Member

@pmuellr pmuellr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@szabosteve szabosteve mentioned this pull request May 18, 2022
Merged
1 task
@ersin-erdal ersin-erdal merged commit de29010 into elastic:main May 18, 2022
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label May 18, 2022
@ersin-erdal ersin-erdal deleted the 131234-retain-api-key branch May 18, 2022 13:13
@banderror banderror mentioned this pull request Oct 24, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mdefazio mdefazio mdefazio approved these changes

@cchaos cchaos cchaos left review comments

@mikecote mikecote mikecote approved these changes

@pmuellr pmuellr pmuellr approved these changes

Assignees
No one assigned
Labels
backport:skip This commit does not require backporting Feature:Alerting/RulesFramework Issues related to the Alerting Rules Framework release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) v8.3.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Retain API key when disabling then enabling an alerting rule
9 participants
@ersin-erdal @mdefazio @elasticmachine @pmuellr @gmmorris @kibana-ci @cchaos @mikecote @kibanamachine