[Security Solution][Endpoint] Update to Endpoint List and associated supporting API to be space aware #194312
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…t endpoint context services
…int metadata to use it
paul-tavares
added
release_note:skip
|
/ci |
…int-list-api-support-spaces-2
…int-list-api-support-spaces-2
|
/ci |
|
/ci |
Flaky Test Runner Stats🟠 Some tests failed. - kibana-flaky-test-suite-runner#7112[❌] x-pack/test/security_solution_api_integration/test_suites/edr_workflows/spaces/trial_license_complete_tier/configs/ess.config.ts: 3/25 tests passed. |
…eported by endpoint in the data indexed
|
Second flaky run: https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/7113 |
Flaky Test Runner Stats🎉 All tests passed! - kibana-flaky-test-suite-runner#7113[✅] x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts: 25/25 tests passed. |
ashokaditya
approved these changes
Oct 16, 2024
| @@ -128,6 +139,14 @@ class AgentClientImpl implements AgentClient { | |||
| return getAgentById(this.internalEsClient, this.soClient, agentId); | |||
| } | |||
|
|
|||
| public async getByIds( | |||
There was a problem hiding this comment.
Perhaps rename this to getAgentsByIds?
There was a problem hiding this comment.
Thanks for the feedback @ashokaditya . I named getByIds() to mirror other APIs available from fleet - thus to remain consistent with their naming conventions.
| .request<Space>({ | ||
| method: 'GET', | ||
| path: `/internal/spaces/_active_space`, | ||
| headers: { 'elastic-api-version': '2023-10-31' }, |
There was a problem hiding this comment.
I think we use 1 for version headers for internal APIs.
There was a problem hiding this comment.
I'll remove the header - looks like this API has not been moved to the versioned router:
| const lastCheckin = new Date(); | ||
| let agentVersion = version; | ||
|
|
||
| if (isServerless) { |
There was a problem hiding this comment.
isServerless would always be false here as it's wrapped in a block that checks for !sServerless.
Comment on lines
+54
to
+56
| // FIXME:PT need to remove the need for this mock. It appears in several test files on our side. | ||
| // Its currently needed due to the direct use of Fleet's `buildAgentStatusRuntimeField()` in | ||
| // `x-pack/plugins/security_solution/server/endpoint/routes/metadata/query_builders.ts:239` |
| @@ -16,8 +16,11 @@ export class EndpointAgentStatusClient extends AgentStatusClient { | |||
| protected readonly agentType: ResponseActionAgentType = 'endpoint'; | |||
|
|
|||
| async getAgentStatuses(agentIds: string[]): Promise<AgentStatusRecords> { | |||
| const metadataService = this.options.endpointService.getEndpointMetadataService(); | |||
| const soClient = this.options.soClient; | |||
There was a problem hiding this comment.
nit: const { soClient, esClient } = this.options;
Comment on lines
+76
to
+78
| const agentIds = (data?.hits?.hits || []) | ||
| .map((hit) => hit._source?.agent.id ?? '') | ||
| .filter((id) => !!id); |
There was a problem hiding this comment.
nit: You can use reduce to iterate over only once on the array.
| * | ||
| * @throws AgentNotFoundError | ||
| */ | ||
| export const getByIds = async ( |
There was a problem hiding this comment.
Also perhaps rename this to getAgentsByIds
There was a problem hiding this comment.
same comment as before - just following Fleet conventions as other getByIds() already exist
…support-spaces-2' into task/olm-8538-endpoint-list-api-support-spaces-2
…int-list-api-support-spaces-2
|
Starting backport for target branches: 8.x https://github.com/elastic/kibana/actions/runs/11386984275 |
paul-tavares
deleted the
task/olm-8538-endpoint-list-api-support-spaces-2
branch
💚 Build Succeeded
Metrics [docs]Public APIs missing comments
History
|
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Oct 17, 2024
…supporting API to be space aware (elastic#194312) ## Summary PR makes the following changes in support of Endpoint management support for Spaces: ### Fleet - Adds new method - `getByIds()` - to the server-side Agent service - Updates some mocks ### Security Solution - Updates the Endpoint host metadata API for both the list and single endpoint to be space aware - Updates the agent status API for Endpoint to be space aware - Updates endpoint policy response API to be space aware - New FTR API integration test suite was created - included changes to some service utilities to enable loading test data per-space (cherry picked from commit 2a786b8)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Oct 17, 2024
…iated supporting API to be space aware (#194312) (#196717) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution][Endpoint] Update to Endpoint List and associated supporting API to be space aware (#194312)](#194312) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Paul Tavares","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-17T14:24:38Z","message":"[Security Solution][Endpoint] Update to Endpoint List and associated supporting API to be space aware (#194312)\n\n## Summary\r\n\r\nPR makes the following changes in support of Endpoint management support\r\nfor Spaces:\r\n\r\n\r\n### Fleet\r\n\r\n- Adds new method - `getByIds()` - to the server-side Agent service\r\n- Updates some mocks\r\n\r\n\r\n### Security Solution\r\n\r\n- Updates the Endpoint host metadata API for both the list and single\r\nendpoint to be space aware\r\n- Updates the agent status API for Endpoint to be space aware\r\n- Updates endpoint policy response API to be space aware\r\n- New FTR API integration test suite was created\r\n- included changes to some service utilities to enable loading test data\r\nper-space","sha":"2a786b88a131472c349f0bda431efe3ed6fbeaf6","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Defend Workflows","backport:prev-minor","v8.17.0"],"title":"[Security Solution][Endpoint] Update to Endpoint List and associated supporting API to be space aware","number":194312,"url":"https://github.com/elastic/kibana/pull/194312","mergeCommit":{"message":"[Security Solution][Endpoint] Update to Endpoint List and associated supporting API to be space aware (#194312)\n\n## Summary\r\n\r\nPR makes the following changes in support of Endpoint management support\r\nfor Spaces:\r\n\r\n\r\n### Fleet\r\n\r\n- Adds new method - `getByIds()` - to the server-side Agent service\r\n- Updates some mocks\r\n\r\n\r\n### Security Solution\r\n\r\n- Updates the Endpoint host metadata API for both the list and single\r\nendpoint to be space aware\r\n- Updates the agent status API for Endpoint to be space aware\r\n- Updates endpoint policy response API to be space aware\r\n- New FTR API integration test suite was created\r\n- included changes to some service utilities to enable loading test data\r\nper-space","sha":"2a786b88a131472c349f0bda431efe3ed6fbeaf6"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194312","number":194312,"mergeCommit":{"message":"[Security Solution][Endpoint] Update to Endpoint List and associated supporting API to be space aware (#194312)\n\n## Summary\r\n\r\nPR makes the following changes in support of Endpoint management support\r\nfor Spaces:\r\n\r\n\r\n### Fleet\r\n\r\n- Adds new method - `getByIds()` - to the server-side Agent service\r\n- Updates some mocks\r\n\r\n\r\n### Security Solution\r\n\r\n- Updates the Endpoint host metadata API for both the list and single\r\nendpoint to be space aware\r\n- Updates the agent status API for Endpoint to be space aware\r\n- Updates endpoint policy response API to be space aware\r\n- New FTR API integration test suite was created\r\n- included changes to some service utilities to enable loading test data\r\nper-space","sha":"2a786b88a131472c349f0bda431efe3ed6fbeaf6"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Paul Tavares <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
PR makes the following changes in support of Endpoint management support for Spaces:
Fleet
getByIds()- to the server-side Agent serviceSecurity Solution
Testing
xpack.securitySolution.enableExperimental.endpointManagementSpaceAwarenessEnabledxpack.fleet.enableExperimental.useSpaceAwarenessPOST /internal/fleet/enable_space_awarenessTip
As an alternative to step 2 and 3 above, you can also just run the
node x-pack/plugins/security_solution/scripts/endpoint/run_endpoint_agent.jsscript with the--spaceIdvalue and it will take care of adding a running endpoint to the given spaceChecklist