Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression #70759

Merged
merged 53 commits into from
Jul 9, 2020
Merged

[Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression #70759

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
53 commits
Select commit Hold shift + click to select a range
133ea27
Stateless exception list translation with improved runtime checks
madirey Jul 2, 2020
9e43633
use flatMap and reduce to simplify logic
madirey Jul 3, 2020
e9f74b4
Update to new manifest format
madirey Jul 4, 2020
2a266b3
Merge branch 'master' of github.com:elastic/kibana into user-allowlis…
madirey Jul 4, 2020
ceca5fa
Fix test fixture SO data type
madirey Jul 4, 2020
49d22d2
Fix another test fixture data type
madirey Jul 4, 2020
9428ca5
Fix sha256 reference in artifact_client
madirey Jul 4, 2020
c376638
Refactor to remove usages of 'then' and tidy up a bit
madirey Jul 5, 2020
617d5f1
sync master
madirey Jul 5, 2020
13d9ec8
Zlib compression
Jul 6, 2020
4718110
prefer byteLength to length
Jul 6, 2020
feb1202
Make ingestManager optional for security-solution startup
madirey Jul 6, 2020
4ce792b
Merge branch 'user-allowlist-artifacts-pt3' of github.com:madirey/kib…
madirey Jul 6, 2020
aecf718
Fix download functionality
madirey Jul 7, 2020
56886ad
Use eql for deep equality check
madirey Jul 7, 2020
03e75c9
Fix base64 download bug
madirey Jul 7, 2020
8620510
Add test for artifact download
madirey Jul 7, 2020
a8216e1
Merge branch 'master' of github.com:elastic/kibana into fix-download
madirey Jul 7, 2020
1456697
Add more tests to ensure cached versions of artifacts are correct
madirey Jul 7, 2020
eae1b89
Convert to new format
madirey Jul 7, 2020
ec60546
Deflate
Jul 7, 2020
a32f960
Merge branch 'user-allowlist-artifacts-pt3' of github.com:madirey/kib…
Jul 7, 2020
339c887
missed some refs
madirey Jul 7, 2020
61b2ca8
Merge branch 'master' of github.com:elastic/kibana into user-allowlis…
Jul 7, 2020
aca7b8c
partial fix to wrapper format
madirey Jul 7, 2020
04d5701
update fixtures and integration test
madirey Jul 7, 2020
ed87ad2
Fixing unit tests
Jul 7, 2020
f2c5ba1
Merge branch 'fix-download' of github.com:madirey/kibana into fix-dow…
Jul 7, 2020
70ce85a
Merge branch 'master' of github.com:elastic/kibana into fix-download
madirey Jul 7, 2020
9d331d2
Merge branch 'master' of github.com:elastic/kibana into user-allowlis…
madirey Jul 8, 2020
ead9ae8
sync with fix-download branch
madirey Jul 8, 2020
5095d85
merge master, fix tests
madirey Jul 8, 2020
094c358
small bug fixes
madirey Jul 8, 2020
d6aefee
artifact and manifest versioning changes
madirey Jul 8, 2020
be42e8d
Merge branch 'master' of github.com:elastic/kibana into user-allowlis…
madirey Jul 8, 2020
7e48f52
Merge branch 'user-allowlist-artifacts-pt3' of github.com:madirey/kib…
Jul 8, 2020
0bd3530
Merge branch 'user-allowlist-artifacts-pt3' of github.com:madirey/kib…
Jul 8, 2020
206f222
Merge branch 'master' of github.com:elastic/kibana into user-allowlis…
madirey Jul 8, 2020
ae856b5
Remove access tag from download endpoint
madirey Jul 8, 2020
ced63a9
Merge branch 'user-allowlist-artifacts-pt3' of github.com:madirey/kib…
Jul 8, 2020
69f59fd
Adding decompression to integration test
Jul 8, 2020
4795132
Removing tag from route
Jul 8, 2020
c18948b
add try/catch in ingest callback handler
madirey Jul 8, 2020
8bef643
Fixing
Jul 8, 2020
a2b3a1b
Merging
Jul 8, 2020
a24acc8
Removing last expect from unit test for tag
Jul 8, 2020
04dbbcf
type fixes
madirey Jul 8, 2020
0809b77
Merge branch 'user-allowlist-artifacts-pt3' of github.com:madirey/kib…
madirey Jul 8, 2020
2bf4acb
Add compression type to manifest
madirey Jul 8, 2020
50b49a5
Merge branch 'master' into user-allowlist-artifacts-pt3
elasticmachine Jul 9, 2020
046f271
Merge branch 'master' into user-allowlist-artifacts-pt3
elasticmachine Jul 9, 2020
a4414f9
Merge branch 'master' into user-allowlist-artifacts-pt3
elasticmachine Jul 9, 2020
899a673
Reverting ingestManager back to being required for now
Jul 9, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 25 additions & 6 deletions x-pack/plugins/security_solution/server/endpoint/ingest_integration.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,19 @@ export const getPackageConfigCreateCallback = (
// follow the types/schema expected
let updatedPackageConfig = newPackageConfig as NewPolicyData;

const wrappedManifest = await manifestManager.refresh({ initialize: true });
if (wrappedManifest !== null) {
// get snapshot based on exception-list-agnostic SOs
// with diffs from last dispatched manifest, if it exists
const snapshot = await manifestManager.getSnapshot({ initialize: true });

if (snapshot === null) {
// TODO: log error... should not be in this state
return updatedPackageConfig;
}

if (snapshot.diffs.length > 0) {
// create new artifacts
await manifestManager.syncArtifacts(snapshot, 'add');

// Until we get the Default Policy Configuration in the Endpoint package,
// we will add it here manually at creation time.
// @ts-ignore
Expand All @@ -42,7 +53,7 @@ export const getPackageConfigCreateCallback = (
streams: [],
config: {
artifact_manifest: {
value: wrappedManifest.manifest.toEndpointFormat(),
value: snapshot.manifest.toEndpointFormat(),
},
policy: {
value: policyConfigFactory(),
Expand All @@ -57,9 +68,17 @@ export const getPackageConfigCreateCallback = (
try {
return updatedPackageConfig;
} finally {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit -> We might think about sending a promise instead of counting on finally. I think that will be more readable too

// TODO: confirm creation of package config
// then commit.
await manifestManager.commit(wrappedManifest);
if (snapshot.diffs.length > 0) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit -> I think it will be nice to have try/catch here to avoid bubble up error and have a better way to handle it

const created = await manifestManager.confirmPackageConfigExists(updatedPackageConfig.name);
if (created) {
await manifestManager.commit(snapshot.manifest);

// clean up old artifacts
await manifestManager.syncArtifacts(snapshot, 'delete');
} else {
// TODO: log error
}
}
}
};

Expand Down
32 changes: 17 additions & 15 deletions x-pack/plugins/security_solution/server/endpoint/lib/artifacts/task.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,20 +88,22 @@ export class ManifestTask {
return;
}

manifestManager
.refresh()
.then((wrappedManifest) => {
if (wrappedManifest) {
return manifestManager.dispatch(wrappedManifest);
}
})
.then((wrappedManifest) => {
if (wrappedManifest) {
return manifestManager.commit(wrappedManifest);
}
})
.catch((err) => {
this.logger.error(err);
});
try {
// get snapshot based on exception-list-agnostic SOs
// with diffs from last dispatched manifest
const snapshot = await manifestManager.getSnapshot();
if (snapshot && snapshot.diffs.length > 0) {
// create new artifacts
await manifestManager.syncArtifacts(snapshot, 'add');
// write to ingest-manager package config
await manifestManager.dispatch(snapshot.manifest);
// commit latest manifest state to user-artifact-manifest SO
await manifestManager.commit(snapshot.manifest);
// clean up old artifacts
await manifestManager.syncArtifacts(snapshot, 'delete');
}
} catch (err) {
this.logger.error(err);
}
};
}
30 changes: 18 additions & 12 deletions ...ity_solution/server/endpoint/services/artifacts/manifest_manager/manifest_manager.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,26 +10,26 @@ import { getPackageConfigServiceMock, getManifestManagerMock } from './manifest_

describe('manifest_manager', () => {
describe('ManifestManager sanity checks', () => {
test('ManifestManager can refresh manifest', async () => {
test('ManifestManager can snapshot manifest', async () => {
const manifestManager = getManifestManagerMock();
const manifestWrapper = await manifestManager.refresh();
expect(manifestWrapper!.diffs).toEqual([
const snapshot = await manifestManager.getSnapshot();
expect(snapshot!.diffs).toEqual([
{
id:
'endpoint-exceptionlist-linux-1.0.0-d34a1f6659bd86fc2023d7477aa2e5d2055c9c0fb0a0f10fae76bf8b94bebe49',
type: 'add',
},
]);
expect(manifestWrapper!.manifest).toBeInstanceOf(Manifest);
expect(snapshot!.manifest).toBeInstanceOf(Manifest);
});

test('ManifestManager can dispatch manifest', async () => {
const packageConfigService = getPackageConfigServiceMock();
const manifestManager = getManifestManagerMock({ packageConfigService });
const manifestWrapperRefresh = await manifestManager.refresh();
const manifestWrapperDispatch = await manifestManager.dispatch(manifestWrapperRefresh);
expect(manifestWrapperRefresh).toEqual(manifestWrapperDispatch);
const entries = manifestWrapperDispatch!.manifest.getEntries();
const snapshot = await manifestManager.getSnapshot();
const dispatched = await manifestManager.dispatch(snapshot!.manifest);
expect(dispatched).toEqual(true);
const entries = snapshot!.manifest.getEntries();
const artifact = Object.values(entries)[0].getArtifact();
expect(
packageConfigService.update.mock.calls[0][2].inputs[0].config.artifact_manifest.value
Expand All @@ -56,15 +56,21 @@ describe('manifest_manager', () => {
savedObjectsClient,
});

const manifestWrapperRefresh = await manifestManager.refresh();
const manifestWrapperDispatch = await manifestManager.dispatch(manifestWrapperRefresh);
const snapshot = await manifestManager.getSnapshot();
await manifestManager.syncArtifacts(snapshot!, 'add');

const diff = {
id: 'abcd',
type: 'delete',
};
manifestWrapperDispatch!.diffs.push(diff);
snapshot!.diffs.push(diff);

const dispatched = await manifestManager.dispatch(snapshot!.manifest);
expect(dispatched).toEqual(true);

await manifestManager.commit(snapshot!.manifest);

await manifestManager.commit(manifestWrapperDispatch);
await manifestManager.syncArtifacts(snapshot!, 'delete');

// created new artifact
expect(savedObjectsClient.create.mock.calls[0][0]).toEqual(
Expand Down
Loading