[Fleet] Tagging of integration assets #137184
Conversation
juliaElastic
added
release_note:feature
juliaElastic
changed the title
| const managedTagName = 'Managed'; | ||
| const tagColor = '#FFFFFF'; |
There was a problem hiding this comment.
nit: it will be nice to move this to a constant
botelastic
bot
added
the
Team:Fleet
|
Pinging @elastic/fleet (Team:Fleet) |
x-pack/plugins/fleet/server/services/epm/kibana/assets/install.ts
Outdated
Show resolved
Hide resolved
| const TAG_COLOR = '#FFFFFF'; | ||
| const MANAGED_TAG_NAME = 'Managed'; | ||
|
|
||
| export async function tagKibanaAssets({ |
There was a problem hiding this comment.
Do you think it'd be possible to wrap this in an APM span and track how it impacts installation performance for packages?
| @@ -35,7 +35,7 @@ export default function (ftrContext: FtrProviderContext) { | |||
| authorized: { | |||
| httpCode: 200, | |||
| expectResponse: ({ body }) => { | |||
| expect(body).to.eql({ | |||
| expect(body.tags.slice(0, 1)).to.eql({ | |||
There was a problem hiding this comment.
had to touch this test because with the new logic of adding tags for installed package assets, 2 new tags were added, because Synthetics package is being installed on startup
actual: '{\n' +
' "tags": [\n' +
' {\n' +
' "color": "#FF00FF"\n' +
' "description": "Tag 1 in default space"\n' +
' "id": "default-space-tag-1"\n' +
' "name": "tag-1"\n' +
' }\n' +
' {\n' +
' "color": "#77CC11"\n' +
' "description": "Tag 2 in default space"\n' +
' "id": "default-space-tag-2"\n' +
' "name": "tag-2"\n' +
' }\n' +
' {\n' +
' "color": "#FFFFFF"\n' +
' "description": ""\n' +
' "id": "7833a370-0cfe-11ed-947f-438bf3d7f352"\n' +
' "name": "Elastic Synthetics"\n' +
' }\n' +
' {\n' +
' "color": "#FFFFFF"\n' +
' "description": ""\n' +
' "id": "77aa9d50-0cfe-11ed-947f-438bf3d7f352"\n' +
' "name": "Managed"\n' +
' }\n' +
' ]\n' +
'}',
| @@ -38,7 +38,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { | |||
| await tagManagementPage.waitUntilTableIsLoaded(); | |||
|
|
|||
| const displayedTags = await tagManagementPage.getDisplayedTagNames(); | |||
| expect(displayedTags.length).to.be(3); | |||
| expect(displayedTags.length).to.be.greaterThan(2); | |||
There was a problem hiding this comment.
same reason, there are now 5 tags instead of 3
Error: expected 5 to equal 3
There was a problem hiding this comment.
I thought we fixed a while ago the problem of fleet assets 'polluting' the test data for all the suites by not installing any assets during FTR tests. Why is this still necessary then?
There was a problem hiding this comment.
I'll dig deeper, I'm not familiar that part of the code that installs synthetics package on startup, it would be great to exclude that from SOT tests.
There was a problem hiding this comment.
Yea, especially given we have other tests (SO management mostly) that take as granted that the data injected via the test datasets are the only existing objects during the tests. We already encountered failures / flakiness because of these auto-installed packages in the past, and I would really love to avoid encountering that again. cc @joshdover given he was part of the discussions at that time (IIRC)
There was a problem hiding this comment.
This is the only place I know of where this package gets installed automatically:
I doubt that is getting called in this test though? As an aside, that endpoint should really be a POST and not a GET...
There was a problem hiding this comment.
The installation of synthetics package comes from fleet setup here: https://github.com/elastic/kibana/blob/main/x-pack/plugins/fleet/server/services/setup.ts#L111
const autoUpdateablePackages = compact(
await Promise.all(
AUTO_UPDATE_PACKAGES.map((pkg) =>
isPackageInstalled({
savedObjectsClient: soClient,
pkgName: pkg.name,
}).then((installed) => (installed ? pkg : undefined))
)
)
);
packages = [
...packages,
...autoUpdateablePackages.filter((pkg) => !preconfiguredPackageNames.has(pkg.name)),
];
logger.debug('Setting up initial Fleet packages');
const { nonFatalErrors: preconfiguredPackagesNonFatalErrors } =
await ensurePreconfiguredPackagesAndPolicies(
soClient,
esClient,
policies,
packages,
defaultOutput,
defaultDownloadSource,
DEFAULT_SPACE_ID
);
I found a way to fix that by loading an empty kibana es archive like we do in fleet api tests.
await esArchiver.load('test/functional/fixtures/es_archiver/empty_kibana');
There was a problem hiding this comment.
This is more a workaround that a solution (I'd like to just have fleet NOT install anything by default, or at least to have the option to do so for FTR tests), but I'm in PTO starting today so I won't be able to follow this PR, so it will have to do for now. I'd love you to open an issue to discuss about this problem though, if possible.
There was a problem hiding this comment.
Sure, I can open an issue. I am not sure if there is a way to disable fleet plugin in SOT tests, I'll check.
There was a problem hiding this comment.
@juliaElastic Your link didn't work for me. We shouldn't be installing any packages by default I think.
There was a problem hiding this comment.
I found a workaround by setting an invalid registryUrl, this prevents installing the default packages. I didn't find a better way to disable fleet plugin from SOT tests so far.
|
I checked the local kibana performance with APM, here is what I saw: Adding System package policy took 15s, add tags took 2s
|
This seems a little steep to add several seconds for each package policy. Maybe we should dig in a bit deeper here to see why this takes as long as it does? |
The default
Unless I'm reading the APM chart wrong, it should only occur for the first installation (as the tags are created only once and the GET operations are negligible)? |
Yes, the majority of the time comes from the ES operation to create the tags.
You are right, the tag creation happens once per package installation, subsequent package policy creations should not take this much time. I'll check on cloud pr deployment as well how long does it take. EDIT: on cloud pr deployment I can't find the APM traces yet, overall installing system and apache packages take about 7.5-8s. Compared to staging (without the tagging) it takes 6.3-6.7s. So the difference is about 1s in cloud. |
Can we allow fleet to disable the refresh here by adding a new parameter to the tag client? |
Yes, but this is also a key onboarding flow that we want to optimize. |
|
@joshdover @kpollich Are you okay with merging this feature and improve later when |
I think I would rather this be delayed until 8.5. The performance impacts on first time package installation seem significant enough that we should sort them out before landing this. |
Yes, it is definitely for 8.5 as it is a new feature. My question was rather around whether we should wait for the savedObjectsTagging optimizations. |
|
I don't have a strong preference on whether it's fixed in this PR or not. I'm hoping the change to tagging is just as small as this similar PR: #131339 @pgayvallet do you have any objections to us doing the same for the tag client? |
I am happy to contribute as well if we think this is important for fleet, and kibana core team might not have the capacity. |
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
|
I added the |
💚 Build Succeeded
Metrics [docs]Public APIs missing comments
Public APIs missing exports
Unknown metric groupsAPI count
History
To update your PR or re-run it, just comment with: |
Summary
Solves #123904
Added logic to create Managed and integration name tags and reference them with installed package assets.
To verify:
Tagsview and verify that the tags are created and linked to the assets of each package. TheManagedtag should appear once only.Open questions / issues:
Pending:
Checklist