Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding authc.invalidateAPIKeyAsInternalUser #60717

Merged

Conversation

mikecote
Copy link
Contributor

@mikecote mikecote commented Mar 20, 2020

In this PR, I'm adding a new function to authc which allows to invalidate API keys using the internal user. This new function is pending kibana_system to have the api_key/invalidate privilege which will be merged soon elastic/elasticsearch#53824.

Solves portion of #49398.

@mikecote mikecote added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.0.0 release_note:skip Skip the PR/issue when compiling release notes Feature:Security/Authorization Platform Security - Authorization v7.7.0 labels Mar 20, 2020
@mikecote mikecote self-assigned this Mar 20, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@mikecote mikecote changed the title Adding Adding authc.invalidateAPIKeyAsInternalUser Adding authc.invalidateAPIKeyAsInternalUser Mar 20, 2020
@mikecote mikecote force-pushed the security/invalidate-as-internal-user branch from 6da60b1 to b40f05a Compare March 20, 2020 01:22
@mikecote
Copy link
Contributor Author

@elasticmachine merge upstream

@mikecote mikecote marked this pull request as ready for review March 20, 2020 15:20
@mikecote mikecote requested a review from a team as a code owner March 20, 2020 15:20
@azasypkin azasypkin self-requested a review March 20, 2020 19:07
@azasypkin
Copy link
Member

azasypkin commented Mar 20, 2020

ACK: couldn't get to this PR today, but will review first thing on Monday.

Copy link
Member

@azasypkin azasypkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just few minor nits! Tested locally and it worked as expected (via custom Kibana system user with a role that includes cluster:admin/xpack/security/api_key/invalidate).

@kibanamachine
Copy link
Contributor

💛 Build succeeded, but was flaky


Test Failures

Kibana Pipeline / kibana-xpack-agent / X-Pack API Integration Tests.x-pack/test/api_integration/apis/fleet/agents/enroll·ts.apis Fleet Endpoints fleet_agents_enroll should allow to enroll an agent with a valid enrollment token

Link to Jenkins

Standard Out

Failed Tests Reporter:
  - Test has failed 6 times on tracked branches: https://github.com/elastic/kibana/issues/60865

[00:00:00]       │
[00:00:00]         └-: apis
[00:00:00]           └-> "before all" hook
[00:08:32]           └-: Fleet Endpoints
[00:08:32]             └-> "before all" hook
[00:08:43]             └-: fleet_agents_enroll
[00:08:43]               └-> "before all" hook
[00:08:43]               └-> "before all" hook
[00:08:43]                 │ info [fleet/agents] Loading "mappings.json"
[00:08:43]                 │ info [fleet/agents] Loading "data.json"
[00:08:43]                 │ info [o.e.c.m.MetaDataDeleteIndexService] [kibana-ci-immutable-ubuntu-18-tests-xl-1584968211713258600] [.kibana_1/mYb50P6WRqmeWBFLyUhAGQ] deleting index
[00:08:43]                 │ info [o.e.c.m.MetaDataDeleteIndexService] [kibana-ci-immutable-ubuntu-18-tests-xl-1584968211713258600] [.kibana_2/WfOnkFP6S4acCDsV1MDcTg] deleting index
[00:08:43]                 │ info [fleet/agents] Deleted existing index [".kibana_2",".kibana_1"]
[00:08:43]                 │ info [o.e.c.m.MetaDataCreateIndexService] [kibana-ci-immutable-ubuntu-18-tests-xl-1584968211713258600] [.kibana_1] creating index, cause [api], templates [], shards [1]/[0], mappings [_doc]
[00:08:44]                 │ info [fleet/agents] Created index ".kibana_1"
[00:08:44]                 │ debg [fleet/agents] ".kibana_1" settings {"index":{"auto_expand_replicas":"0-1","number_of_replicas":"0","number_of_shards":"1"}}
[00:08:44]                 │ info [fleet/agents] Indexed 7 docs into ".kibana"
[00:08:44]                 │ info [o.e.c.m.MetaDataMappingService] [kibana-ci-immutable-ubuntu-18-tests-xl-1584968211713258600] [.kibana_1/kXIJwZY3Spi5w4hxKVtkOg] update_mapping [_doc]
[00:08:44]                 │ debg Migrating saved objects
[00:08:45]                 │ proc [kibana]   log   [14:11:23.756] [info][savedobjects-service] Detected mapping change in "dynamic"
[00:08:45]                 │ proc [kibana]   log   [14:11:23.758] [info][savedobjects-service] Creating index .kibana_2.
[00:08:45]                 │ info [o.e.c.m.MetaDataCreateIndexService] [kibana-ci-immutable-ubuntu-18-tests-xl-1584968211713258600] [.kibana_2] creating index, cause [api], templates [], shards [1]/[1], mappings [_doc]
[00:08:45]                 │ info [o.e.c.r.a.AllocationService] [kibana-ci-immutable-ubuntu-18-tests-xl-1584968211713258600] updating number_of_replicas to [0] for indices [.kibana_2]
[00:08:45]                 │ proc [kibana]   log   [14:11:23.838] [info][savedobjects-service] Migrating .kibana_1 saved objects to .kibana_2
[00:08:45]                 │ proc [kibana]   log   [14:11:23.851] [info][savedobjects-service] Pointing alias .kibana to .kibana_2.
[00:08:45]                 │ proc [kibana]   log   [14:11:23.913] [info][savedobjects-service] Finished in 156ms.
[00:08:46]               └-> "before all" hook
[00:08:47]                 │ proc [kibana]  error  [14:11:24.778]  Error: Internal Server Error
[00:08:47]                 │ proc [kibana]     at HapiResponseAdapter.toError (/dev/shm/workspace/install/kibana-6/src/core/server/http/router/response_adapter.js:130:19)
[00:08:47]                 │ proc [kibana]     at HapiResponseAdapter.toHapiResponse (/dev/shm/workspace/install/kibana-6/src/core/server/http/router/response_adapter.js:84:19)
[00:08:47]                 │ proc [kibana]     at HapiResponseAdapter.handle (/dev/shm/workspace/install/kibana-6/src/core/server/http/router/response_adapter.js:79:17)
[00:08:47]                 │ proc [kibana]     at Router.handle (/dev/shm/workspace/install/kibana-6/src/core/server/http/router/router.js:162:34)
[00:08:47]                 │ proc [kibana]     at process._tickCallback (internal/process/next_tick.js:68:7)
[00:08:48]               └-> should not allow to enroll an agent with a invalid enrollment
[00:08:48]                 │ proc [kibana]  error  [14:11:26.068]  Error: Internal Server Error
[00:08:48]                 │ proc [kibana]     at HapiResponseAdapter.toError (/dev/shm/workspace/install/kibana-6/src/core/server/http/router/response_adapter.js:130:19)
[00:08:48]                 │ proc [kibana]     at HapiResponseAdapter.toHapiResponse (/dev/shm/workspace/install/kibana-6/src/core/server/http/router/response_adapter.js:84:19)
[00:08:48]                 │ proc [kibana]     at HapiResponseAdapter.handle (/dev/shm/workspace/install/kibana-6/src/core/server/http/router/response_adapter.js:79:17)
[00:08:48]                 │ proc [kibana]     at Router.handle (/dev/shm/workspace/install/kibana-6/src/core/server/http/router/router.js:162:34)
[00:08:48]                 │ proc [kibana]     at process._tickCallback (internal/process/next_tick.js:68:7)
[00:08:48]                 └-> "before each" hook: global before each
[00:08:48]                 │ info [o.e.x.s.a.AuthenticationService] [kibana-ci-immutable-ubuntu-18-tests-xl-1584968211713258600] Authentication using apikey failed - invalid ApiKey value
[00:08:48]                 │      java.lang.IllegalArgumentException: invalid ApiKey value
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.ApiKeyService.getCredentialsFromHeader(ApiKeyService.java:542) ~[x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.ApiKeyService.authenticateWithApiKeyIfPresent(ApiKeyService.java:295) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.checkForApiKey(AuthenticationService.java:348) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$authenticateAsync$0(AuthenticationService.java:330) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:63) [elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.TokenService.getAndValidateToken(TokenService.java:395) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$authenticateAsync$2(AuthenticationService.java:326) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$lookForExistingAuthentication$6(AuthenticationService.java:386) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lookForExistingAuthentication(AuthenticationService.java:397) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.authenticateAsync(AuthenticationService.java:321) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.AuthenticationService.authenticate(AuthenticationService.java:141) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.authc.AuthenticationService.authenticate(AuthenticationService.java:126) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.xpack.security.rest.SecurityRestFilter.handleRequest(SecurityRestFilter.java:61) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.rest.RestController.dispatchRequest(RestController.java:249) [elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.rest.RestController.tryAllHandlers(RestController.java:331) [elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.rest.RestController.dispatchRequest(RestController.java:189) [elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.http.AbstractHttpServerTransport.dispatchRequest(AbstractHttpServerTransport.java:329) [elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.http.AbstractHttpServerTransport.handleIncomingRequest(AbstractHttpServerTransport.java:383) [elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.http.AbstractHttpServerTransport.incomingRequest(AbstractHttpServerTransport.java:308) [elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.http.netty4.Netty4HttpRequestHandler.channelRead0(Netty4HttpRequestHandler.java:54) [transport-netty4-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at org.elasticsearch.http.netty4.Netty4HttpRequestHandler.channelRead0(Netty4HttpRequestHandler.java:29) [transport-netty4-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:99) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at org.elasticsearch.http.netty4.Netty4HttpPipeliningHandler.channelRead(Netty4HttpPipeliningHandler.java:58) [transport-netty4-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:102) [netty-codec-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.handler.codec.MessageToMessageCodec.channelRead(MessageToMessageCodec.java:111) [netty-codec-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:102) [netty-codec-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:102) [netty-codec-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:321) [netty-codec-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:295) [netty-codec-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.handler.timeout.IdleStateHandler.channelRead(IdleStateHandler.java:286) [netty-handler-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:355) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:377) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:714) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.nio.NioEventLoop.processSelectedKeysPlain(NioEventLoop.java:615) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:578) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493) [netty-transport-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989) [netty-common-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) [netty-common-4.1.45.Final.jar:4.1.45.Final]
[00:08:48]                 │      	at java.lang.Thread.run(Thread.java:830) [?:?]
[00:08:48]                 │ proc [kibana]   log   [14:11:27.235] [info][authentication][plugins][security] Authentication attempt failed: [security_exception] missing authentication credentials for REST request [/_security/_authenticate], with { header={ WWW-Authenticate={ 0="ApiKey" & 1="Basic realm=\"security\" charset=\"UTF-8\"" } } }
[00:08:48]                 └- ✓ pass  (60ms) "apis Fleet Endpoints fleet_agents_enroll should not allow to enroll an agent with a invalid enrollment"
[00:08:48]               └-> should not allow to enroll an agent with a shared id if it already exists 
[00:08:48]                 └-> "before each" hook: global before each
[00:08:48]                 └- ✓ pass  (119ms) "apis Fleet Endpoints fleet_agents_enroll should not allow to enroll an agent with a shared id if it already exists "
[00:08:48]               └-> should allow to enroll an agent with a valid enrollment token
[00:08:48]                 └-> "before each" hook: global before each
[00:08:49]                 └- ✖ fail: "apis Fleet Endpoints fleet_agents_enroll should allow to enroll an agent with a valid enrollment token"
[00:08:49]                 │

Stack Trace

Error: expected 200 "OK", got 500 "Internal Server Error"
    at Test._assertStatus (/dev/shm/workspace/kibana/node_modules/supertest/lib/test.js:268:12)
    at Test._assertFunction (/dev/shm/workspace/kibana/node_modules/supertest/lib/test.js:283:11)
    at Test.assert (/dev/shm/workspace/kibana/node_modules/supertest/lib/test.js:173:18)
    at assert (/dev/shm/workspace/kibana/node_modules/supertest/lib/test.js:131:12)
    at /dev/shm/workspace/kibana/node_modules/supertest/lib/test.js:128:5
    at Test.Request.callback (/dev/shm/workspace/kibana/node_modules/superagent/lib/node/index.js:718:3)
    at parser (/dev/shm/workspace/kibana/node_modules/superagent/lib/node/index.js:906:18)
    at IncomingMessage.res.on (/dev/shm/workspace/kibana/node_modules/superagent/lib/node/parsers/json.js:19:7)
    at endReadableNT (_stream_readable.js:1145:12)
    at process._tickCallback (internal/process/next_tick.js:63:19)

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@peterschretlen
Copy link
Contributor

elastic/elasticsearch#53824 is merged and will be backported in elastic/elasticsearch#53987

@mikecote mikecote merged commit 91e8e3e into elastic:master Mar 23, 2020
mikecote added a commit to mikecote/kibana that referenced this pull request Mar 23, 2020
* Initial work

* Fix type check issues

* Fix test failures

* Fix ESLint issues

* Add back comment

* PR feedback

Co-authored-by: Elastic Machine <[email protected]>
gmmorris added a commit to gmmorris/kibana that referenced this pull request Mar 23, 2020
* master:
  [Uptime] Skip failing location test temporarily (elastic#60938)
  [ML] Disabling datafeed editing when job is running (elastic#60751)
  Adding `authc.invalidateAPIKeyAsInternalUser` (elastic#60717)
  [SIEM] Add license check to ML Rule form (elastic#60691)
  Adding `authc.grantAPIKeyAsInternalUser`  (elastic#60423)
  Support Histogram Data Type (elastic#59387)
  [Upgrade Assistant] Fix edge case where reindex op can falsely be seen as stale (elastic#60770)
  [SIEM] [Cases] Update case icons (elastic#60812)
  [TSVB] Fix percentiles band mode (elastic#60741)
gmmorris added a commit to gmmorris/kibana that referenced this pull request Mar 23, 2020
* master: (26 commits)
  [Alerting] Fixes flaky test in Alert Instances Details page (elastic#60893)
  cleanup visualizations api (elastic#59958)
  Inline timezoneProvider function, remove ui/vis/lib/timezone  (elastic#60475)
  [SIEM] Adds 'Open one signal' Cypress test (elastic#60484)
  [UA] Upgrade assistant migration meta data can become stale (elastic#60789)
  [Metrics Alerts] Remove metric field from doc count on backend (elastic#60679)
  [Uptime] Skip failing location test temporarily (elastic#60938)
  [ML] Disabling datafeed editing when job is running (elastic#60751)
  Adding `authc.invalidateAPIKeyAsInternalUser` (elastic#60717)
  [SIEM] Add license check to ML Rule form (elastic#60691)
  Adding `authc.grantAPIKeyAsInternalUser`  (elastic#60423)
  Support Histogram Data Type (elastic#59387)
  [Upgrade Assistant] Fix edge case where reindex op can falsely be seen as stale (elastic#60770)
  [SIEM] [Cases] Update case icons (elastic#60812)
  [TSVB] Fix percentiles band mode (elastic#60741)
  Fix formatter on range aggregation (elastic#58651)
  Goodbye, legacy data plugin 👋 (elastic#60449)
  [Metrics UI] Alerting for metrics explorer and inventory (elastic#58779)
  [Remote clustersadopt changes to remote info API (elastic#60795)
  Only run xpack siem cypress in PRs when there are siem changes (elastic#60661)
  ...
mikecote added a commit that referenced this pull request Mar 23, 2020
* Initial work

* Fix type check issues

* Fix test failures

* Fix ESLint issues

* Add back comment

* PR feedback

Co-authored-by: Elastic Machine <[email protected]>

Co-authored-by: Elastic Machine <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature:Security/Authorization Platform Security - Authorization release_note:skip Skip the PR/issue when compiling release notes Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v7.7.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants