Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ResponseOps] [Cases] Update mapping for case title #147341

Merged
merged 9 commits into from
Dec 12, 2022
Merged

[ResponseOps] [Cases] Update mapping for case title #147341

merged 9 commits into from
Dec 12, 2022

Conversation

adcoelho
Copy link
Contributor

Connected to #132041

Summary

This is the first in a series of PRs with migrations of the Cases' Saved objects to enable sorting by additional fields in the all-cases view.

In this PR the case title becomes a multi-field with an additional keyword field for sorting.

Added a small integration test to confirm sorting by title works.

@adcoelho adcoelho added Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Cases Cases feature v8.7.0 labels Dec 12, 2022
@adcoelho adcoelho requested a review from a team as a code owner December 12, 2022 10:56
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops-cases (Feature:Cases)

@adcoelho adcoelho added the release_note:skip Skip the PR/issue when compiling release notes label Dec 12, 2022
@adcoelho adcoelho requested a review from a team as a code owner December 12, 2022 12:50
afharo
afharo approved these changes Dec 12, 2022
View reviewed changes
Copy link
Member

@afharo afharo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Core changes LGTM

@afharo afharo mentioned this pull request Dec 12, 2022
Closed
cnasikas
cnasikas approved these changes Dec 12, 2022
View reviewed changes
Copy link
Member

@cnasikas cnasikas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great job! I tested and working as expected. I left some comments.

x-pack/plugins/cases/server/client/utils.ts
@@ -506,6 +507,8 @@ export const sortToSnake = (sortField: string | undefined): SortFieldCase => {
case 'closedAt':
case 'closed_at':
return SortFieldCase.closedAt;
case 'title':
Copy link
Member

@cnasikas cnasikas Dec 12, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you mind if you rename the function form sortToSnake to getSortField or similar? The function does not convert from camel case to snake case any more.

x-pack/plugins/cases/server/saved_object_types/cases.ts Outdated
fields: {
keyword: {
type: 'keyword',
ignore_above: 160,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should remove it (my mistake, I know 🙂 ) in case it will cause a migration if we change it. The backend validation is enough. @rudolf if we change the ignore_above in the future will it trigger a migration (reindex)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you mean having the default value for this field?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mean remove the ignore_above: 160 entirely.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we would always reindex if any key was removed from the mappings (like removing the ignore_above) or if updating the mappings of the existing index fails.

Copy link
Member

@cnasikas cnasikas Dec 12, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @rudolf! What I meant is if we changing the ignore_above value from 160 to 200 will trigger a migration? I am just curious 🙂. We will not add it (never had it before this PR) so we do not have this dilemma in the future.

@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Saved Objects .kibana field count

Every field in each saved object type adds overhead to Elasticsearch. Kibana needs to keep the total field count below Elasticsearch's default limit of 1000 fields. Only specify field mappings for the fields you wish to search on or query. See https://www.elastic.co/guide/en/kibana/master/saved-objects-service.html#_mappings

id before after diff
cases 47 48 +1
Unknown metric groups

ESLint disabled in files

id before after diff
osquery 1 2 +1

ESLint disabled line counts

id before after diff
enterpriseSearch 19 21 +2
fleet 60 66 +6
osquery 109 115 +6
securitySolution 445 451 +6
total +20

Total ESLint disabled count

id before after diff
enterpriseSearch 20 22 +2
fleet 69 75 +6
osquery 110 117 +7
securitySolution 521 527 +6
total +21

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@adcoelho adcoelho merged commit bd31853 into elastic:main Dec 12, 2022
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Dec 12, 2022
saarikabhasi pushed a commit to saarikabhasi/kibana that referenced this pull request Dec 14, 2022
@adcoelho @saarikabhasi
[ResponseOps] [Cases] Update mapping for case title (elastic#147341)
7fc324f 
Connected to elastic#132041

## Summary

This is the first in a series of PRs with migrations of the Cases' Saved
objects to enable sorting by additional fields in the all-cases view.

In this PR the case title becomes a multi-field with an additional
keyword field for sorting.

Added a small integration test to confirm sorting by title works.
@cnasikas cnasikas mentioned this pull request Dec 22, 2022
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rudolf rudolf rudolf left review comments

@cnasikas cnasikas cnasikas approved these changes

@afharo afharo afharo approved these changes

Assignees
No one assigned
Labels
backport:skip This commit does not require backporting Feature:Cases Cases feature release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) v8.7.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@adcoelho @elasticmachine @kibana-ci @rudolf @afharo @cnasikas @kibanamachine