[Security Solution] Put Artifacts by Policy feature behind a feature flag #95284
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… into feature branch
* Initial version of API for trusted apps per policy. * Fixed compilation errors because of missing new property. * Mapping from tags to policies and back. (No testing) * Fixed compilation error after pulling in main. * Fixed failing tests. * Separated out the prefix in tag for policy reference into constant. Co-authored-by: Kibana Machine <[email protected]>
…er Global or Policy Specific (elastic#88707) * Create form supports selecting policies or making Trusted app global * New component `EffectedPolicySelect` - for selecting policies * Enhanced `waitForAction()` test utility to provide a `validate()` option
elastic#89479) * Add Edit button to TA card UI * Support additional url params (`show`, `id`) * Refactor TrustedAppForm to support Editing of an existing entry
…lastic#90333) * New API route for Update (`PUT`) * Connect UI to Update (PUT) API * Add `version` to TrustedApp type and return it on the API responses * Refactor - moved some public/server shared modules to top-level `common/*`
…rusted App item (elastic#90842) * Get One Trusted App API - route, service, handler * Adjust UI to call GET api to retrieve trusted app for edit * Deleted ununsed trusted app types file * Add UI handling of non-existing TA for edit or when id is missing in url
…rusted Apps (elastic#91656) * correct trusted app schema to ensure `version` is not exposed on TS type for POST * Added updated_by, updated_on properties to TrustedApp * Refactored TA List view to fix bug where card was not updated on a successful edit * Test cases for card interaction from the TA List view * Change title of policy selection to `Assignment` * Selectable Policy CSS adjustments based on UX feedback
…port (elastic#92611) * Fix bad merge from master * Fix trusted apps generator * Add `kuery` to the GET (list) Trusted Apps api
…te/update trusted app schema
…feature flag value from state
dasansol92
added
v8.0.0
release_note:skip
|
Pinging @elastic/security-onboarding-and-lifecycle-mgt (Team:Onboarding and Lifecycle Mgt) |
|
I checked it out and did a test run. Find a summary of what I did below. Based on this quick run, things look like they're working as expected! with feature flag turned OFF:
with feature flag turned ON:
Some screenshots: Feature Flag ON |
|
Functionally, things look like they're working from my perspective, so it's a 👍 from me. @paul-tavares should give the code a closer look - I know a lot of this code was previously reviewed when we were working on the feature branch. |
x-pack/plugins/security_solution/public/common/hooks/use_experimental_features.ts
Outdated
Show resolved
Hide resolved
...ugins/security_solution/public/management/pages/trusted_apps/view/trusted_apps_page.test.tsx
Show resolved
Hide resolved
...ugins/security_solution/public/management/pages/trusted_apps/view/trusted_apps_page.test.tsx
Show resolved
Hide resolved
| @@ -65,14 +65,19 @@ import { | |||
| import { SecurityAppStore } from './common/store/store'; | |||
| import { getCaseConnectorUI } from './cases/components/connectors'; | |||
| import { licenseService } from './common/hooks/use_license'; | |||
| import { SecuritySolutionConfigType } from './common/types'; | |||
There was a problem hiding this comment.
(optional) consider renaming so that its clear this is only a subset of the security soluton configuration (the properties exposed to the UI). Maybe SecuritySolutionUiConfigType?
| endpointAppContext: EndpointAppContext | ||
| ): Promise<PutTrustedAppUpdateRequest | PostTrustedAppCreateRequest> => { | ||
| const config = await endpointAppContext.config(); | ||
| const isTrustedAppsByPolicyEnabled = parseExperimentalConfigValue(config.enableExperimental) |
There was a problem hiding this comment.
Wondering if we should avoid the constant parsing and instead do it once in the EndpointAppContext and expose it there. Doing the parsing there would hepefully avoid having this function here be async as well, since we would not have to retrieve the .config() again.
Thoughts?
There was a problem hiding this comment.
You mean move this into x-pack/plugins/security_solution/server/plugin.ts and add the parsed enableExperimental on the EndpointAppContext type?
Make sense for me since it will be available everywhere with the context,
There was a problem hiding this comment.
yes, thats what I mean. I think that might be ok because we're not using the Observable approach to sync up with the config.
|
@elasticmachine merge upstream |
💚 Build SucceededMetrics [docs]Module Count
Async chunks
Page load bundle
History
To update your PR or re-run it, just comment with: |
dasansol92
added a commit
to dasansol92/kibana
that referenced
this pull request
Mar 26, 2021
…flag (elastic#95284) * Added sync_master file for tracking/triggering PRs for merging master into feature branch * removed unnecessary (temporary) markdown file * Trusted apps by policy api (elastic#88025) * Initial version of API for trusted apps per policy. * Fixed compilation errors because of missing new property. * Mapping from tags to policies and back. (No testing) * Fixed compilation error after pulling in main. * Fixed failing tests. * Separated out the prefix in tag for policy reference into constant. Co-authored-by: Kibana Machine <[email protected]> * [SECURITY_SOLUTION][ENDPOINT] Ability to create a Trusted App as either Global or Policy Specific (elastic#88707) * Create form supports selecting policies or making Trusted app global * New component `EffectedPolicySelect` - for selecting policies * Enhanced `waitForAction()` test utility to provide a `validate()` option * [SECURITY SOLUTION][ENDPOINT] UI for editing Trusted Application items (elastic#89479) * Add Edit button to TA card UI * Support additional url params (`show`, `id`) * Refactor TrustedAppForm to support Editing of an existing entry * [SECURITY SOLUTION][ENDPOINT] API (`PUT`) for Trusted Apps Edit flow (elastic#90333) * New API route for Update (`PUT`) * Connect UI to Update (PUT) API * Add `version` to TrustedApp type and return it on the API responses * Refactor - moved some public/server shared modules to top-level `common/*` * [SECURITY SOLUTION][ENDPOINT] Trusted Apps API to retrieve a single Trusted App item (elastic#90842) * Get One Trusted App API - route, service, handler * Adjust UI to call GET api to retrieve trusted app for edit * Deleted ununsed trusted app types file * Add UI handling of non-existing TA for edit or when id is missing in url * [Security Solution][Endpoint] Multiple misc. updates/fixes for Edit Trusted Apps (elastic#91656) * correct trusted app schema to ensure `version` is not exposed on TS type for POST * Added updated_by, updated_on properties to TrustedApp * Refactored TA List view to fix bug where card was not updated on a successful edit * Test cases for card interaction from the TA List view * Change title of policy selection to `Assignment` * Selectable Policy CSS adjustments based on UX feedback * Fix failing server tests * [Security Solution][Endpoint] Trusted Apps list API KQL filtering support (elastic#92611) * Fix bad merge from master * Fix trusted apps generator * Add `kuery` to the GET (list) Trusted Apps api * Refactor schema with Put method after merging changes with master * WIP: allow effectScope only when feature flag is enabled * Fixes errors with non declared logger * Uses experimental features module to allow or not effectScope on create/update trusted app schema * Set default value for effectScope when feature flag is disabled * Adds experimentals into redux store. Also creates hook to retrieve a feature flag value from state * Hides effectPolicy when feature flag is not enabled * Fixes unit test mocking hook and adds new test case * Changes file extension for custom hook * Adds new unit test for custom hook * Hides horizontal bar with feature flag * Compress text area depending on feature flag * Fixes failing test because feature flag * Fixes wrong import and unit test * Thwrows error if invalid feature flag check * Adds snapshoot checks with feature flag enabled/disabled * Test snapshots * Changes type name * Add experimentalFeatures in app context * Fixes type checks due AppContext changes * Fixes test due changes on custom hook Co-authored-by: Paul Tavares <[email protected]> Co-authored-by: Bohdan Tsymbala <[email protected]> Co-authored-by: Kibana Machine <[email protected]> Co-authored-by: Paul Tavares <[email protected]>
dasansol92
added a commit
that referenced
this pull request
Mar 26, 2021
…flag (#95284) (#95497) * Added sync_master file for tracking/triggering PRs for merging master into feature branch * removed unnecessary (temporary) markdown file * Trusted apps by policy api (#88025) * Initial version of API for trusted apps per policy. * Fixed compilation errors because of missing new property. * Mapping from tags to policies and back. (No testing) * Fixed compilation error after pulling in main. * Fixed failing tests. * Separated out the prefix in tag for policy reference into constant. Co-authored-by: Kibana Machine <[email protected]> * [SECURITY_SOLUTION][ENDPOINT] Ability to create a Trusted App as either Global or Policy Specific (#88707) * Create form supports selecting policies or making Trusted app global * New component `EffectedPolicySelect` - for selecting policies * Enhanced `waitForAction()` test utility to provide a `validate()` option * [SECURITY SOLUTION][ENDPOINT] UI for editing Trusted Application items (#89479) * Add Edit button to TA card UI * Support additional url params (`show`, `id`) * Refactor TrustedAppForm to support Editing of an existing entry * [SECURITY SOLUTION][ENDPOINT] API (`PUT`) for Trusted Apps Edit flow (#90333) * New API route for Update (`PUT`) * Connect UI to Update (PUT) API * Add `version` to TrustedApp type and return it on the API responses * Refactor - moved some public/server shared modules to top-level `common/*` * [SECURITY SOLUTION][ENDPOINT] Trusted Apps API to retrieve a single Trusted App item (#90842) * Get One Trusted App API - route, service, handler * Adjust UI to call GET api to retrieve trusted app for edit * Deleted ununsed trusted app types file * Add UI handling of non-existing TA for edit or when id is missing in url * [Security Solution][Endpoint] Multiple misc. updates/fixes for Edit Trusted Apps (#91656) * correct trusted app schema to ensure `version` is not exposed on TS type for POST * Added updated_by, updated_on properties to TrustedApp * Refactored TA List view to fix bug where card was not updated on a successful edit * Test cases for card interaction from the TA List view * Change title of policy selection to `Assignment` * Selectable Policy CSS adjustments based on UX feedback * Fix failing server tests * [Security Solution][Endpoint] Trusted Apps list API KQL filtering support (#92611) * Fix bad merge from master * Fix trusted apps generator * Add `kuery` to the GET (list) Trusted Apps api * Refactor schema with Put method after merging changes with master * WIP: allow effectScope only when feature flag is enabled * Fixes errors with non declared logger * Uses experimental features module to allow or not effectScope on create/update trusted app schema * Set default value for effectScope when feature flag is disabled * Adds experimentals into redux store. Also creates hook to retrieve a feature flag value from state * Hides effectPolicy when feature flag is not enabled * Fixes unit test mocking hook and adds new test case * Changes file extension for custom hook * Adds new unit test for custom hook * Hides horizontal bar with feature flag * Compress text area depending on feature flag * Fixes failing test because feature flag * Fixes wrong import and unit test * Thwrows error if invalid feature flag check * Adds snapshoot checks with feature flag enabled/disabled * Test snapshots * Changes type name * Add experimentalFeatures in app context * Fixes type checks due AppContext changes * Fixes test due changes on custom hook Co-authored-by: Paul Tavares <[email protected]> Co-authored-by: Bohdan Tsymbala <[email protected]> Co-authored-by: Kibana Machine <[email protected]> Co-authored-by: Paul Tavares <[email protected]> Co-authored-by: Paul Tavares <[email protected]> Co-authored-by: Bohdan Tsymbala <[email protected]> Co-authored-by: Kibana Machine <[email protected]> Co-authored-by: Paul Tavares <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This pr includes code from this branch that allows users assign artifacts by policy.
It also includes feature flag management on Ui with a new custom hook that checks if the desired feature is enabled or not.
This hook uses a new key on redux state inside the
appnamespace making it available for all security plugins.In order to use this hook under security app you have to import it and call it on this way:
To enable this feature flag in dev env just write this into your kibana.dev.yml:
Behind the scenes it uses enableExperimental plugin configuration
On the BE, it forces the default value for
effectScopewhen feature flag is not enabled.Feature Flag:
Edit action:
It also includes unit tests.
Checklist
For maintainers