[Security Solution][Event Filters] Adds banner about Linux eventing change for 8.16 upgrade #195177
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
💔 Build FailedFailed CI StepsHistoryTo update your PR or re-run it, just comment with: |
parkiino
added
the
Team:Defend Workflows
|
Pinging @elastic/security-defend-workflows (Team:Defend Workflows) |
parkiino
added
release_note:skip
paul-tavares
reviewed
Oct 8, 2024
| import { FormattedMessage } from '@kbn/i18n-react'; | ||
| import { useKibana } from '@kbn/kibana-react-plugin/public'; | ||
|
|
||
| export const EventMergingBanner: React.FC<{ onDismiss: () => void }> = ({ onDismiss }) => { |
There was a problem hiding this comment.
please memoize this component with the use of memo()
There was a problem hiding this comment.
Also - can you add a unit test file for this component
| expect(renderResult.getByTestId('eventMergingCallout')).toBeTruthy(); | ||
| }); | ||
|
|
||
| it('should not show the event merging banner after it has been dismissed', () => { |
There was a problem hiding this comment.
is the dismiss of the banner saved to local storage so that it does not show up again? if so, can you add tests for that?
There was a problem hiding this comment.
yes, it's persisted, and here's the test for it:
7afb218
szwarckonrad
approved these changes
Oct 9, 2024
There was a problem hiding this comment.
Please address @paul-tavares comments and I believe it's worth it to resolve the dot issue ;), otherwise LGTM!
Comment on lines
24
to
42
| <EuiCallOut title={bannerTitle} onDismiss={onDismiss} data-test-subj="eventMergingCallout"> | ||
| <EuiText size="s"> | ||
| <FormattedMessage | ||
| id="xpack.securitySolution.endpoint.policy.eventMergingBanner.body" | ||
| defaultMessage="Elastic Agent 8.16+ will produce less telemetry without reducing system visibility, which may impact existing event filters. To learn more about these changes and how to adjust your settings, visit our " | ||
| /> | ||
| <EuiLink | ||
| href={docLinks?.links.securitySolution.eventMerging} | ||
| target="_blank" | ||
| data-test-subj="eventMergingDocLink" | ||
| > | ||
| <FormattedMessage | ||
| id="xpack.securitySolution.endpoint.eventMergingBanner.doc.link" | ||
| defaultMessage="documentation." | ||
| /> | ||
| </EuiLink> | ||
| </EuiText> | ||
| </EuiCallOut> | ||
| ); |
There was a problem hiding this comment.
To be consistent between different banners, I would put the link icon before the dot, just like in the banner below.
Example of the structure to achieve this -
paul-tavares
approved these changes
Oct 9, 2024
| import { createAppRootMockRenderer } from '../../../../../../common/mock/endpoint'; | ||
| import { EventMergingBanner, type EventMergingBannerProps } from './event_merging_banner'; | ||
|
|
||
| describe('EventMergingBanner component', () => { |
gergoabraham
added
backport:version
joepeeples
reviewed
Oct 9, 2024
...public/management/pages/policy/view/policy_settings_form/components/event_merging_banner.tsx
Outdated
Show resolved
Hide resolved
…y/view/policy_settings_form/components/event_merging_banner.tsx Co-authored-by: Joe Peeples <[email protected]>
gergoabraham
requested review from
gergoabraham
and removed request for
gergoabraham
@joepeeples thank you, updated! up-to-date look: |
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
Page load bundle
History
|
gergoabraham
requested review from
joepeeples
and removed request for
joepeeples
joepeeples
approved these changes
Oct 11, 2024
|
Starting backport for target branches: 8.x https://github.com/elastic/kibana/actions/runs/11293215010 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Oct 11, 2024
…hange for 8.16 upgrade (elastic#195177) ## Summary - [x] Adds a banner notifying users about the Linux eventing changes for 8.16 - [x] Link to documentation opens in new tab - [x] Unit tests # Screenshot <img width="1662" alt="image" src="https://github.com/user-attachments/assets/e94176b1-e57a-426e-8ebc-135f54a57be0"> https://github.com/user-attachments/assets/b2768462-4343-4c85-ad98-36afaba0665c --------- Co-authored-by: Gergő Ábrahám <[email protected]> (cherry picked from commit 3f8a6d8)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Oct 11, 2024
…ting change for 8.16 upgrade (#195177) (#195917) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution][Event Filters] Adds banner about Linux eventing change for 8.16 upgrade (#195177)](#195177) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Candace Park","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-11T13:25:58Z","message":"[Security Solution][Event Filters] Adds banner about Linux eventing change for 8.16 upgrade (#195177)\n\n## Summary\r\n\r\n- [x] Adds a banner notifying users about the Linux eventing changes for\r\n8.16\r\n- [x] Link to documentation opens in new tab \r\n- [x] Unit tests\r\n\r\n# Screenshot\r\n<img width=\"1662\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/e94176b1-e57a-426e-8ebc-135f54a57be0\">\r\n\r\n\r\nhttps://github.com/user-attachments/assets/b2768462-4343-4c85-ad98-36afaba0665c\r\n\r\n---------\r\n\r\nCo-authored-by: Gergő Ábrahám <[email protected]>","sha":"3f8a6d835a89eb2fb369a16f9210c22462113812","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Defend Workflows","v8.16.0","backport:version"],"title":"[Security Solution][Event Filters] Adds banner about Linux eventing change for 8.16 upgrade","number":195177,"url":"https://github.com/elastic/kibana/pull/195177","mergeCommit":{"message":"[Security Solution][Event Filters] Adds banner about Linux eventing change for 8.16 upgrade (#195177)\n\n## Summary\r\n\r\n- [x] Adds a banner notifying users about the Linux eventing changes for\r\n8.16\r\n- [x] Link to documentation opens in new tab \r\n- [x] Unit tests\r\n\r\n# Screenshot\r\n<img width=\"1662\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/e94176b1-e57a-426e-8ebc-135f54a57be0\">\r\n\r\n\r\nhttps://github.com/user-attachments/assets/b2768462-4343-4c85-ad98-36afaba0665c\r\n\r\n---------\r\n\r\nCo-authored-by: Gergő Ábrahám <[email protected]>","sha":"3f8a6d835a89eb2fb369a16f9210c22462113812"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195177","number":195177,"mergeCommit":{"message":"[Security Solution][Event Filters] Adds banner about Linux eventing change for 8.16 upgrade (#195177)\n\n## Summary\r\n\r\n- [x] Adds a banner notifying users about the Linux eventing changes for\r\n8.16\r\n- [x] Link to documentation opens in new tab \r\n- [x] Unit tests\r\n\r\n# Screenshot\r\n<img width=\"1662\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/e94176b1-e57a-426e-8ebc-135f54a57be0\">\r\n\r\n\r\nhttps://github.com/user-attachments/assets/b2768462-4343-4c85-ad98-36afaba0665c\r\n\r\n---------\r\n\r\nCo-authored-by: Gergő Ábrahám <[email protected]>","sha":"3f8a6d835a89eb2fb369a16f9210c22462113812"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Candace Park <[email protected]>
1 task
gergoabraham
added a commit
that referenced
this pull request
Oct 18, 2024
…eployment issue mitigation (#196708) ## Summary closes elastic/security-team#10851 > [!note] >⚠️ needs to be included in v8.16 >⚠️ needs to be merged this week to avoid releasing #195797 on Serverless As backfilled package policies are not automatically redeployed (see #193352), this PR's goal is to provide quick mitigation in the following matters: - update default values in the descriptions of advanced options added in #195797, to harmonize with latest Endpoint changes (elastic/endpoint-dev#15109) - remove backfill/migration of those default values: - we should be _able_ to safely remove the backfills, as they have not yet been released to serverless. and, - we _should_ remove them to make sure that when we update the defaults in the future and apply the backfill, there will be a data change that could trigger policy re-deployment, in case data change is what the trigger will be in #193352. - example scenario of what could go wrong: - if we'd apply backfill now, the package won't be redeployed. - if the user does not touch it until the next release - no redeploy. - if #193352 is implemented and uses data comparison when running migrations - again, no redeploy because we already backfilled the data months before. - cc @ferullo @nfritts - hide banner describing event volume reduction (added in #195177, already released to serverless, but it is what it is) ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Oct 18, 2024
…eployment issue mitigation (elastic#196708) ## Summary closes elastic/security-team#10851 > [!note] >⚠️ needs to be included in v8.16 >⚠️ needs to be merged this week to avoid releasing elastic#195797 on Serverless As backfilled package policies are not automatically redeployed (see elastic#193352), this PR's goal is to provide quick mitigation in the following matters: - update default values in the descriptions of advanced options added in elastic#195797, to harmonize with latest Endpoint changes (elastic/endpoint-dev#15109) - remove backfill/migration of those default values: - we should be _able_ to safely remove the backfills, as they have not yet been released to serverless. and, - we _should_ remove them to make sure that when we update the defaults in the future and apply the backfill, there will be a data change that could trigger policy re-deployment, in case data change is what the trigger will be in elastic#193352. - example scenario of what could go wrong: - if we'd apply backfill now, the package won't be redeployed. - if the user does not touch it until the next release - no redeploy. - if elastic#193352 is implemented and uses data comparison when running migrations - again, no redeploy because we already backfilled the data months before. - cc @ferullo @nfritts - hide banner describing event volume reduction (added in elastic#195177, already released to serverless, but it is what it is) ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 1429979)
gergoabraham
added a commit
to gergoabraham/kibana
that referenced
this pull request
Oct 18, 2024
…eployment issue mitigation (elastic#196708) ## Summary closes elastic/security-team#10851 > [!note] >⚠️ needs to be included in v8.16 >⚠️ needs to be merged this week to avoid releasing elastic#195797 on Serverless As backfilled package policies are not automatically redeployed (see elastic#193352), this PR's goal is to provide quick mitigation in the following matters: - update default values in the descriptions of advanced options added in elastic#195797, to harmonize with latest Endpoint changes (elastic/endpoint-dev#15109) - remove backfill/migration of those default values: - we should be _able_ to safely remove the backfills, as they have not yet been released to serverless. and, - we _should_ remove them to make sure that when we update the defaults in the future and apply the backfill, there will be a data change that could trigger policy re-deployment, in case data change is what the trigger will be in elastic#193352. - example scenario of what could go wrong: - if we'd apply backfill now, the package won't be redeployed. - if the user does not touch it until the next release - no redeploy. - if elastic#193352 is implemented and uses data comparison when running migrations - again, no redeploy because we already backfilled the data months before. - cc @ferullo @nfritts - hide banner describing event volume reduction (added in elastic#195177, already released to serverless, but it is what it is) ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 1429979)
kibanamachine
added a commit
that referenced
this pull request
Oct 18, 2024
…cy re-deployment issue mitigation (#196708) (#196835) # Backport This will backport the following commits from `main` to `8.16`: - [[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation (#196708)](#196708) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Gergő Ábrahám","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-18T10:15:00Z","message":"[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation (#196708)\n\n## Summary\r\n\r\ncloses https://github.com/elastic/security-team/issues/10851\r\n\r\n> [!note]\r\n>⚠️ needs to be included in v8.16\r\n>⚠️ needs to be merged this week to avoid releasing\r\nhttps://github.com//pull/195797 on Serverless\r\n\r\nAs backfilled package policies are not automatically redeployed (see\r\nhttps://github.com//issues/193352), this PR's goal is to\r\nprovide quick mitigation in the following matters:\r\n- update default values in the descriptions of advanced options added in\r\nhttps://github.com//pull/195797, to harmonize with latest\r\nEndpoint changes (https://github.com/elastic/endpoint-dev/issues/15109)\r\n- remove backfill/migration of those default values:\r\n- we should be _able_ to safely remove the backfills, as they have not\r\nyet been released to serverless. and,\r\n- we _should_ remove them to make sure that when we update the defaults\r\nin the future and apply the backfill, there will be a data change that\r\ncould trigger policy re-deployment, in case data change is what the\r\ntrigger will be in #193352.\r\n - example scenario of what could go wrong:\r\n - if we'd apply backfill now, the package won't be redeployed.\r\n- if the user does not touch it until the next release - no redeploy.\r\n- if #193352 is implemented and uses data comparison when running\r\nmigrations - again, no redeploy because we already backfilled the data\r\nmonths before.\r\n - cc @ferullo @nfritts \r\n- hide banner describing event volume reduction (added in\r\nhttps://github.com//pull/195177, already released to\r\nserverless, but it is what it is)\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"142997925e5aafac306056b00be1789271aa5dd0","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Defend Workflows","v8.16.0","backport:version"],"title":"[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation","number":196708,"url":"https://github.com/elastic/kibana/pull/196708","mergeCommit":{"message":"[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation (#196708)\n\n## Summary\r\n\r\ncloses https://github.com/elastic/security-team/issues/10851\r\n\r\n> [!note]\r\n>⚠️ needs to be included in v8.16\r\n>⚠️ needs to be merged this week to avoid releasing\r\nhttps://github.com//pull/195797 on Serverless\r\n\r\nAs backfilled package policies are not automatically redeployed (see\r\nhttps://github.com//issues/193352), this PR's goal is to\r\nprovide quick mitigation in the following matters:\r\n- update default values in the descriptions of advanced options added in\r\nhttps://github.com//pull/195797, to harmonize with latest\r\nEndpoint changes (https://github.com/elastic/endpoint-dev/issues/15109)\r\n- remove backfill/migration of those default values:\r\n- we should be _able_ to safely remove the backfills, as they have not\r\nyet been released to serverless. and,\r\n- we _should_ remove them to make sure that when we update the defaults\r\nin the future and apply the backfill, there will be a data change that\r\ncould trigger policy re-deployment, in case data change is what the\r\ntrigger will be in #193352.\r\n - example scenario of what could go wrong:\r\n - if we'd apply backfill now, the package won't be redeployed.\r\n- if the user does not touch it until the next release - no redeploy.\r\n- if #193352 is implemented and uses data comparison when running\r\nmigrations - again, no redeploy because we already backfilled the data\r\nmonths before.\r\n - cc @ferullo @nfritts \r\n- hide banner describing event volume reduction (added in\r\nhttps://github.com//pull/195177, already released to\r\nserverless, but it is what it is)\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"142997925e5aafac306056b00be1789271aa5dd0"}},"sourceBranch":"main","suggestedTargetBranches":["8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196708","number":196708,"mergeCommit":{"message":"[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation (#196708)\n\n## Summary\r\n\r\ncloses https://github.com/elastic/security-team/issues/10851\r\n\r\n> [!note]\r\n>⚠️ needs to be included in v8.16\r\n>⚠️ needs to be merged this week to avoid releasing\r\nhttps://github.com//pull/195797 on Serverless\r\n\r\nAs backfilled package policies are not automatically redeployed (see\r\nhttps://github.com//issues/193352), this PR's goal is to\r\nprovide quick mitigation in the following matters:\r\n- update default values in the descriptions of advanced options added in\r\nhttps://github.com//pull/195797, to harmonize with latest\r\nEndpoint changes (https://github.com/elastic/endpoint-dev/issues/15109)\r\n- remove backfill/migration of those default values:\r\n- we should be _able_ to safely remove the backfills, as they have not\r\nyet been released to serverless. and,\r\n- we _should_ remove them to make sure that when we update the defaults\r\nin the future and apply the backfill, there will be a data change that\r\ncould trigger policy re-deployment, in case data change is what the\r\ntrigger will be in #193352.\r\n - example scenario of what could go wrong:\r\n - if we'd apply backfill now, the package won't be redeployed.\r\n- if the user does not touch it until the next release - no redeploy.\r\n- if #193352 is implemented and uses data comparison when running\r\nmigrations - again, no redeploy because we already backfilled the data\r\nmonths before.\r\n - cc @ferullo @nfritts \r\n- hide banner describing event volume reduction (added in\r\nhttps://github.com//pull/195177, already released to\r\nserverless, but it is what it is)\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"142997925e5aafac306056b00be1789271aa5dd0"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Gergő Ábrahám <[email protected]>
gergoabraham
added a commit
that referenced
this pull request
Oct 18, 2024
…y re-deployment issue mitigation (#196708) (#196843) # Backport This will backport the following commits from `main` to `8.x`: - [[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation (#196708)](#196708) <!--- Backport version: 9.6.0 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Gergő Ábrahám","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-18T10:15:00Z","message":"[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation (#196708)\n\n## Summary\r\n\r\ncloses https://github.com/elastic/security-team/issues/10851\r\n\r\n> [!note]\r\n>⚠️ needs to be included in v8.16\r\n>⚠️ needs to be merged this week to avoid releasing\r\nhttps://github.com//pull/195797 on Serverless\r\n\r\nAs backfilled package policies are not automatically redeployed (see\r\nhttps://github.com//issues/193352), this PR's goal is to\r\nprovide quick mitigation in the following matters:\r\n- update default values in the descriptions of advanced options added in\r\nhttps://github.com//pull/195797, to harmonize with latest\r\nEndpoint changes (https://github.com/elastic/endpoint-dev/issues/15109)\r\n- remove backfill/migration of those default values:\r\n- we should be _able_ to safely remove the backfills, as they have not\r\nyet been released to serverless. and,\r\n- we _should_ remove them to make sure that when we update the defaults\r\nin the future and apply the backfill, there will be a data change that\r\ncould trigger policy re-deployment, in case data change is what the\r\ntrigger will be in #193352.\r\n - example scenario of what could go wrong:\r\n - if we'd apply backfill now, the package won't be redeployed.\r\n- if the user does not touch it until the next release - no redeploy.\r\n- if #193352 is implemented and uses data comparison when running\r\nmigrations - again, no redeploy because we already backfilled the data\r\nmonths before.\r\n - cc @ferullo @nfritts \r\n- hide banner describing event volume reduction (added in\r\nhttps://github.com//pull/195177, already released to\r\nserverless, but it is what it is)\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"142997925e5aafac306056b00be1789271aa5dd0","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Defend Workflows","v8.16.0","backport:version","v8.17.0"],"title":"[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation","number":196708,"url":"https://github.com/elastic/kibana/pull/196708","mergeCommit":{"message":"[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation (#196708)\n\n## Summary\r\n\r\ncloses https://github.com/elastic/security-team/issues/10851\r\n\r\n> [!note]\r\n>⚠️ needs to be included in v8.16\r\n>⚠️ needs to be merged this week to avoid releasing\r\nhttps://github.com//pull/195797 on Serverless\r\n\r\nAs backfilled package policies are not automatically redeployed (see\r\nhttps://github.com//issues/193352), this PR's goal is to\r\nprovide quick mitigation in the following matters:\r\n- update default values in the descriptions of advanced options added in\r\nhttps://github.com//pull/195797, to harmonize with latest\r\nEndpoint changes (https://github.com/elastic/endpoint-dev/issues/15109)\r\n- remove backfill/migration of those default values:\r\n- we should be _able_ to safely remove the backfills, as they have not\r\nyet been released to serverless. and,\r\n- we _should_ remove them to make sure that when we update the defaults\r\nin the future and apply the backfill, there will be a data change that\r\ncould trigger policy re-deployment, in case data change is what the\r\ntrigger will be in #193352.\r\n - example scenario of what could go wrong:\r\n - if we'd apply backfill now, the package won't be redeployed.\r\n- if the user does not touch it until the next release - no redeploy.\r\n- if #193352 is implemented and uses data comparison when running\r\nmigrations - again, no redeploy because we already backfilled the data\r\nmonths before.\r\n - cc @ferullo @nfritts \r\n- hide banner describing event volume reduction (added in\r\nhttps://github.com//pull/195177, already released to\r\nserverless, but it is what it is)\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"142997925e5aafac306056b00be1789271aa5dd0"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196708","number":196708,"mergeCommit":{"message":"[Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation (#196708)\n\n## Summary\r\n\r\ncloses https://github.com/elastic/security-team/issues/10851\r\n\r\n> [!note]\r\n>⚠️ needs to be included in v8.16\r\n>⚠️ needs to be merged this week to avoid releasing\r\nhttps://github.com//pull/195797 on Serverless\r\n\r\nAs backfilled package policies are not automatically redeployed (see\r\nhttps://github.com//issues/193352), this PR's goal is to\r\nprovide quick mitigation in the following matters:\r\n- update default values in the descriptions of advanced options added in\r\nhttps://github.com//pull/195797, to harmonize with latest\r\nEndpoint changes (https://github.com/elastic/endpoint-dev/issues/15109)\r\n- remove backfill/migration of those default values:\r\n- we should be _able_ to safely remove the backfills, as they have not\r\nyet been released to serverless. and,\r\n- we _should_ remove them to make sure that when we update the defaults\r\nin the future and apply the backfill, there will be a data change that\r\ncould trigger policy re-deployment, in case data change is what the\r\ntrigger will be in #193352.\r\n - example scenario of what could go wrong:\r\n - if we'd apply backfill now, the package won't be redeployed.\r\n- if the user does not touch it until the next release - no redeploy.\r\n- if #193352 is implemented and uses data comparison when running\r\nmigrations - again, no redeploy because we already backfilled the data\r\nmonths before.\r\n - cc @ferullo @nfritts \r\n- hide banner describing event volume reduction (added in\r\nhttps://github.com//pull/195177, already released to\r\nserverless, but it is what it is)\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"142997925e5aafac306056b00be1789271aa5dd0"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/196835","number":196835,"state":"OPEN"},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Screenshot
eventcallout.mov