Additional cases changes #6
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…lastic#194354) ## Summary This PR is a follow up to elastic#192665 and addresses a bunch of feedback and fixes including: - [X] Adds support for updating/editing entries - [X] Fixes initial loading experience of the KB Settings Setup/Table - [X] Fixes two bugs where `semantic_text` and `text` must be declared for `IndexEntries` to work - [X] Add new Settings Context Menu items for KB and Alerts - [X] Add support for `required` entries in initial prompt * See [this trace](https://smith.langchain.com/public/84a17a31-8ce8-4bd9-911e-38a854484dd8/r) for included knowledge. Note that the KnowledgeBaseRetrievalTool was not selected. * Note: All prompts were updated to include the `{knowledge_history}` placeholder, and _not behind the feature flag_, as this will just be the empty case until the feature flag is enabled. TODO (in this or follow-up PR): - [ ] Add suggestions to `index` and `fields` inputs - [ ] Adds URL deeplinking to securityAssistantManagement - [ ] Fix bug where updating entry does not re-create embeddings (see [comment](elastic#194354 (comment))) - [ ] Fix loading indicators when adding/editing entries - [ ] API integration tests for update API (@e40pud) ### Checklist Delete any items that are not applicable to this PR. - [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials * Docs being tracked in elastic/security-docs#5337 for when feature flag is enabled - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]> Co-authored-by: Patryk Kopycinski <[email protected]>
…ed (elastic#195196) ## Summary When a user is creating a Lens ES|QL chart we run the suggestions api even if the query hasn't changed. This PR adds a guard to avoid refetching the attributes when the query hasn't changed at all.
Fix elastic#142915 ### Risk Matrix | Risk | Probability | Severity | Mitigation/Notes | |---------------------------|-------------|----------|-------------------------| | Third party plugin types throw type errors | Low | Low | type checks will error when using a deprecated type. Plugin authors should extend the supported types or define new ones inline | ### For maintainers - [X] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) (no breaking changes)
…stic#195616) Part of elastic#194171 Notice in the screen shot below, how opening Kibana home page loads async dashboard chunks. <img width="500" alt="Screenshot 2024-10-09 at 8 38 24 AM" src="https://github.com/user-attachments/assets/2cfdb512-03e4-4634-bb0c-a8d163f98540"> This PR replaces async import with a sync import. The page load bundle size increases but this is no different than the current behavior, just the import is now properly accounted for in page load stats. The next step is to resolve elastic#191642 and reduce the page load impact of registering uiActions (but this is out of scope for this PR).
This introduces a "Logs Overview" component for use in solution UIs behind a feature flag. --------- Co-authored-by: kibanamachine <[email protected]> Co-authored-by: Kerry Gallagher <[email protected]> Co-authored-by: Elastic Machine <[email protected]>
## Summary Remove feature flag for manual rule run --------- Co-authored-by: Elastic Machine <[email protected]>
…c#195395) ## Summary Recently while debugging a production issue where the Synthetics plugin was receiving 401 errors while trying to reach the Synthetics Service health endpoint, we isolated that there was an issue with the mTLS handshake between Kibana and the service. Unfortunately, we were unsure if there was some missing custom config (especially relevant in Serverless Kibana), or if the certificate values were not present in the first place. Adding this warning will help us make this determination better in the future when reviewing Kibana logs, as we will be assured if the config is not defined via this warning.
## Summary Fixes on merge fail https://buildkite.com/elastic/kibana-on-merge/builds/51840
Regression from elastic#195204
)" This reverts commit 15bccdf.
## Summary Related to elastic#192484. This PR adding [new content package types and schemas](elastic/package-spec#777) so that content packages can be returned correctly from EPR to unblock development of those packages. The only current content package is `kubernetes_otel`. You will need to bump up the max allowed spec version and search with beta (prerelease) packages enabled to find it: ``` xpack.fleet.internal.registry.spec.max: '3.4' ``` Tests will come with the rest of work for elastic#192484 --------- Co-authored-by: kibanamachine <[email protected]>
## Summary This PR tags all pipelines that are related to the Kibana serverless release (including requirements like on-merge and artifacts build) with `kibana-serverless-release`. This will allow us to easily find these pipelines in Buildkite.
…#193807) Resolves elastic#186534 ## Summary This PR splits the for-loop in the `ActionScheduler.run` function into the appropriate scheduler classes. Previously, each scheduler had a `generateExecutables` function that would return an array of executables and the `ActionScheduler` would loop through the array and convert the executable to a scheduleable action depending on whether it was a per-alert action, summary action or system action. This refactor renames `generateExecutables` into `getActionsToSchedule` and moves the logic to convert the executables into a schedulable action into the appropriate scheduler class. ## To Verify Create some rules with per-alert and summary and system actions and verify they are triggered as expected. --------- Co-authored-by: Elastic Machine <[email protected]>
…r/server/integration_tests - unrecognized task types should be no workload aggregator errors when there are removed task types (elastic#195496) Resolves elastic#194208 ## Summary The original integration test was checking for the (non) existence of any error logs on startup when there are removed task types, which was not specific enough because there were occasionally error logs like ``` "Task SLO:ORPHAN_SUMMARIES-CLEANUP-TASK \"SLO:ORPHAN_SUMMARIES-CLEANUP-TASK:1.0.0\" failed: ResponseError: search_phase_execution_exception ``` so this PR updates the integration test to check specifically for workload aggregator error logs Co-authored-by: Elastic Machine <[email protected]>
### Summary Remove history and backfill transforms, leaving latest transform in place. Notable changes to latest transform: - it does not read from history output anymore but source indices defined on the definition - it defines a `latest.lookbackPeriod` to limit the amount of data ingested, which defaults to 24h - each metadata aggregation now accepts a `metadata.aggregation.lookbackPeriod` which defaults to the `latest.lookbackPeriod` - `entity.firstSeenTimestamp` is removed. this should be temporary until we have a solution for elastic/elastic-entity-model#174 - latest metrics used to get the latest pre-computed value from history data, but is it now aggregating over the `lookbackPeriod` in the source indices (which can be filtered down with `metrics.filter`) - `latest` block on the entity definition is now mandatory --------- Co-authored-by: kibanamachine <[email protected]> Co-authored-by: Mark Hopkin <[email protected]>
…" screen (elastic#194077) ## Summary Resolves elastic#176291 ### Screenshots #### Discover/Dashboard/Visualize <img width="1517" alt="image" src="https://github.com/user-attachments/assets/c8fb4faf-8d2d-4043-a757-6f092d1fceb3"> #### Stack Management > Data view <img width="1519" alt="image" src="https://github.com/user-attachments/assets/bb3f28bd-0ce9-4c49-ace1-1be875e17ba3"> #### If User does not have privilege to create a Data View <img width="1336" alt="image" src="https://github.com/user-attachments/assets/bb3f4cbc-8213-41c0-bf09-bd47a9d264e4"> ### Checklist Delete any items that are not applicable to this PR. - [x] Use a new SVG resource for the ES|QL illustration - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [x] Any UI touched in this PR is usable by keyboard only (learn more about [keyboard accessibility](https://webaim.org/techniques/keyboard/)) - [ ] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) --------- Co-authored-by: kibanamachine <[email protected]> Co-authored-by: Liam Thompson <[email protected]> Co-authored-by: Andrea Del Rio <[email protected]>
…onnectors (elastic#194081) Allows connector types to add functions to be called when connectors are created, updated, and deleted. Extracted from elastic#189027, commit c97afeb Co-authored-by: Yuliia Naumenko <[email protected]>
…penAI Connector dropdown list (elastic#8936) (elastic#194831)
1) After an elasticsearch image is promoted, this triggers a VM rebuild to update the snapshot cache 1) Moves elasticsearch builds to later in the day, when there's less activity.
…notes management page (elastic#195296)
… alert suppression (elastic#195425) ## Summary GA-ing alert suppression for IM rule, ML rule, Threshold rule, ES|QL rule and New Terms rule. Thanks to @vitaliidm for setting up the groundwork to easily update which rules GA. Rules that remain in technical preview are: EQL.
## Summary It fixes the flaky test raised on elastic#195634 by adding the possibility to pass the timestamp to the function. That helps to eliminate flakiness, by passing the same `currentTimestamp` to both the test and the function. Also, it's a simpler approach that doesn't require mocking global objects or using Jest's fake timers, keeping your test straightforward and easy to understand.
…orm Page (elastic#194516) ## Summary Depends on: elastic#194086 Designs: https://www.figma.com/design/eTr6WsKzhSLcQ24AlgrY8R/Flapping-per-Rule--%3E-%23294?node-id=5265-29867&node-type=frame&t=1VfgdlcjkSHmpbje-0 Adds the rule specific flapping form to the new rule form page. ## To test: 1. change `IS_RULE_SPECIFIC_FLAPPING_ENABLED` to true 2. run `yarn start --run-examples` 3. assert the new flapping UI exists by going to developer examples -> create/edit rule <img width="1162" alt="Screenshot 2024-09-30 at 11 43 16 PM" src="https://github.com/user-attachments/assets/a1275a49-f2ed-43ce-815b-5c0bd93770e5"> ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]> Co-authored-by: Elastic Machine <[email protected]>
…n configView (elastic#195567) ## Closes elastic/search-team#6557 ## Summary Fixes a known bug for Network Drive connector (as this feature is only used in it). The problem happens when there are Rich Configurable Fields that are marked as "advanced" and depend on certain fields - in some cases this field will not be shown until the page is fully reloaded. Criteria that makes the bug happen: 1. Have some RCFs that are marked as "advanced": https://github.com/elastic/connectors/blob/main/connectors/sources/network_drive.py#L405-L414. (`"ui_restrictions": ["advanced"]`) 2. Make it so that this RCF depends on another field, and by default is hidden - for example this field depends on a field "OS" that has "Windows" and "Linux" as available options and Windows is default, but this RCF depends on it being "Linux" 3. Try satisfying the dependency and see if the RCF is displayed - it won't be, unless you save the form and reload it The problem happens because for changes in "advanced" section the configuration is not updated, so the view that's rendered still thinks that the dependency is not satisfied and the field should not be rendered Before: https://github.com/user-attachments/assets/51f9f8b0-a57a-4d96-a183-6dbbd36a919e After: https://github.com/user-attachments/assets/be32f434-0810-4345-bc4e-dc82f617705c ### Checklist - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
… an aggregation or field in Anomaly detection, data frame analytics (elastic#186670) ## Summary This PR adds new ability to toggle visibility for empty fields when choosing an aggregation or field in Anomaly detection and Data frame analytics https://github.com/user-attachments/assets/c3763b6b-b09d-44b1-bd83-6ee418f0602e https://github.com/user-attachments/assets/5d8b0788-dd59-44e4-b324-3a4035b7a0ec ### Checklist Delete any items that are not applicable to this PR. - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [ ] Any UI touched in this PR is usable by keyboard only (learn more about [keyboard accessibility](https://webaim.org/techniques/keyboard/)) - [ ] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [ ] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [ ] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) ### Risk Matrix Delete this section if it is not applicable to this PR. Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release. When forming the risk matrix, consider some of the following examples and how they may potentially impact the change: | Risk | Probability | Severity | Mitigation/Notes | |---------------------------|-------------|----------|-------------------------| | Multiple Spaces—unexpected behavior in non-default Kibana Space. | Low | High | Integration tests will verify that all features are still supported in non-default Kibana Space and when user switches between spaces. | | Multiple nodes—Elasticsearch polling might have race conditions when multiple Kibana nodes are polling for the same tasks. | High | Low | Tasks are idempotent, so executing them multiple times will not result in logical error, but will degrade performance. To test for this case we add plenty of unit tests around this logic and document manual testing procedure. | | Code should gracefully handle cases when feature X or plugin Y are disabled. | Medium | High | Unit tests will verify that any feature flag or plugin combination still results in our service operational. | | [See more potential risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) | ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: kibanamachine <[email protected]>
…Available indices table (elastic#196141) Closes: elastic#196111 ### What was changed?: 1. Added rowHeader attribute for [EuiTable](https://eui.elastic.co/#/tabular-content/tables). ### Screen: <img width="1792" alt="image" src="https://github.com/user-attachments/assets/5f7b0a63-8a7f-42ea-88d8-308cee94dd6d">
## Summary This PR removes `xpack.cloud.serverless.project_type` from FTR config, the value breaks mockIdpPlugin that expects it to be defined as `search`. We will address project type unification separately. Closes elastic#195976
…ic#195253) ## Summary This PR reworks how privileges get computed when a user selects the customize option, and then opts to further customize each available feature, and is particularly necessary because the previous implementation for when bulk actions where applied for customization applied the privilege value on the `base` property instead of on each feature to further easier customization this in turn resulted in quite the buggy experience. See visuals below; ## Visuals ### Before https://github.com/user-attachments/assets/e0bf8c39-5aaf-4489-bfe4-efe4a79650a4 ### After https://github.com/user-attachments/assets/eacbd2db-b9c1-41c2-9c34-8ba21a3f230c <!-- ### Checklist Delete any items that are not applicable to this PR. - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials --> - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios <!-- - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - [ ] Any UI touched in this PR is usable by keyboard only (learn more about [keyboard accessibility](https://webaim.org/techniques/keyboard/)) - [ ] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) - [ ] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [ ] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers) ### Risk Matrix Delete this section if it is not applicable to this PR. Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release. When forming the risk matrix, consider some of the following examples and how they may potentially impact the change: | Risk | Probability | Severity | Mitigation/Notes | |---------------------------|-------------|----------|-------------------------| | Multiple Spaces—unexpected behavior in non-default Kibana Space. | Low | High | Integration tests will verify that all features are still supported in non-default Kibana Space and when user switches between spaces. | | Multiple nodes—Elasticsearch polling might have race conditions when multiple Kibana nodes are polling for the same tasks. | High | Low | Tasks are idempotent, so executing them multiple times will not result in logical error, but will degrade performance. To test for this case we add plenty of unit tests around this logic and document manual testing procedure. | | Code should gracefully handle cases when feature X or plugin Y are disabled. | Medium | High | Unit tests will verify that any feature flag or plugin combination still results in our service operational. | | [See more potential risk examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) | ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --> Co-authored-by: Elastic Machine <[email protected]>
## Summary Moves the CCS tests to its own file ### Checklist - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
…shared components (elastic#193828) **Partially addresses: elastic#171520 **Is a follow-up PR to: elastic#192342 ## Summary Changes: - Adds editable components for `name` and `kql_query` fields - Adds a `FieldFormWrapper` component that abstracts away form creation and data preparation for each field - Adds local context providers to pass data between the main context and field components - Adds some basic layout components to make the "edit" functionality work <img width="1392" alt="Schermafbeelding 2024-10-04 om 17 17 44" src="https://github.com/user-attachments/assets/6272ac84-8159-4b8a-a0d4-88b458f4bc5f"> --------- Co-authored-by: Maxim Palenov <[email protected]>
…bana setting (elastic#194947) ## Summary Fixes: elastic#193097 Adds a new Kibana advanced setting that allows users to limit the maximum amount of unassociated notes. The max value for that used to be hard coded before. https://github.com/user-attachments/assets/34af7f67-9109-4251-a5a3-a1af68f123fe ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Elastic Machine <[email protected]>
…#196165) This is a build/promotion system change only, there is no code related changes here. - Similar to elastic#195944, but for the non-emergency pipeline in staging - For now, only run the staging manual judgement on slice: 'staging-ds-2' - Since slices can be grouped as a comma delimited list, we're choosing to be overly cautious with the regex
) ## Summary After elastic#167205 was merged, the `UserMessage.longMessage` was typed as `longMessage: string | React.ReactNode | ((closePopover: () => void) => React.ReactNode);` With the upcoming React 18 upgrade, an error will become visible because `((closePopover: () => void) => React.ReactNode);` can't be used as a ReactNode but it correctly needs to be called. In this PR I've made the `closePopover` function being optional (to simplify the refactoring) and I've added the typecheck where needed.
`v97.0.0`⏩`v97.0.0-backport.0` _[Questions? Please see our Kibana upgrade FAQ.](https://github.com/elastic/eui/blob/main/wiki/eui-team-processes/upgrading-kibana.md#faq-for-kibana-teams)_ --- # Backport This EUI backport adds a single requested change on top of `v97.0.0` to get it in Kibana before the 8.16 feature freeze: * elastic/eui#8071 The change can be considered a patch release and shouldn't affect any of the existing usages of `EuiSuperDatePicker`
## Summary Closes elastic#195466 As LogDB mode is enabled on MKI QA environment, it causes mappings for certain fields like `host.name` to be set differently. Hence causing tests to fail. As part of the fix, before ingesting data, i am statically setting the mappings so that it does not cause any collision with something outside the scope of the tests
…vileges (elastic#186800) ## Summary This change is the implementation of the `Kibana Privilege Migrations` proposal/RFC and provides a framework that allows developers to replace an existing feature with a new one that has the desired configuration while teaching the platform how the privileges of the deprecated feature can be represented by non-deprecated ones. This approach avoids introducing breaking changes for users who still rely on the deprecated privileges in their existing roles and any automation. Among the use cases the framework is supposed to handle, the most common are the following: * Changing a feature ID from `Alpha` to `Beta` * Splitting a feature `Alpha` into two features, `Beta` and `Gamma` * Moving a capability between privileges within a feature (top-level or sub-feature) * Consolidating capabilities across independent features ## Scope This PR includes only the core functionality proposed in the RFC and most of the necessary guardrails (tests, early validations, etc.) to help engineers start planning and implementing their migrations as soon as possible. The following functionality will be added in follow-ups or once we collect enough feedback: * Telemetry * Developer documentation * UI enhancements (highlighting roles with deprecated privileges and manual migration actions) ## Framework The steps below use a scenario where a feature `Alpha` should be split into two other features `Beta` and `Gamma` as an example. ### Step 1: Create new features with the desired privileges First of all, define new feature or features with the desired configuration as you'd do before. There are no constraints here. <details> <summary>Click to see the code</summary> ```ts deps.features.registerKibanaFeature({ id: 'feature_beta', name: 'Feature Beta', privileges: { all: { savedObject: { all: ['saved_object_1'], read: [] }, ui: ['ui_all'], api: ['api_all'], … omitted for brevity … }, read: { savedObject: { all: [], read: ['saved_object_1'] }, ui: ['ui_read'], api: ['api_read'], … omitted for brevity … }, }, … omitted for brevity … }); deps.features.registerKibanaFeature({ id: 'feature_gamma', name: 'Feature Gamma', privileges: { all: { savedObject: { all: ['saved_object_2'], read: [] }, ui: ['ui_all'], // Note that Feature Gamma, unlike Features Alpha and Beta doesn't provide any API access tags … omitted for brevity … }, read: { savedObject: { all: [], read: ['saved_object_2'] }, ui: ['ui_read'], // Note that Feature Gamma, unlike Features Alpha and Beta doesn't provide any API access tags … omitted for brevity … }, }, … omitted for brevity … }); ``` </details> ### Step 2: Mark existing feature as deprecated Once a feature is marked as deprecated, it should essentially be treated as frozen for backward compatibility reasons. Deprecated features will no longer be available through the Kibana role management UI and will be replaced with non-deprecated privileges. Deprecated privileges will still be accepted if the role is created or updated via the Kibana role management APIs to avoid disrupting existing user automation. To avoid breaking existing roles that reference privileges provided by the deprecated features, Kibana will continue registering these privileges as Elasticsearch application privileges. <details> <summary>Click to see the code</summary> ```ts deps.features.registerKibanaFeature({ // This is a new `KibanaFeature` property available during feature registration. deprecated: { // User-facing justification for privilege deprecation that we can display // to the user when we ask them to perform role migration. notice: i18n.translate('xpack.security...', { defaultMessage: "Feature Alpha is deprecated, refer to {link}...", values: { link: docLinks.links.security.deprecatedFeatureAlpha }, }) }, // Feature id should stay unchanged, and it's not possible to reuse it. id: 'feature_alpha', name: 'Feature Alpha (DEPRECATED)', privileges: { all: { savedObject: { all: ['saved_object_1', 'saved_object_2'], read: [] }, ui: ['ui_all'], api: ['api_all'], … omitted for brevity … }, read: { savedObject: { all: [], read: ['saved_object_1', 'saved_object_2'] }, ui: ['ui_read'], api: ['api_read'], … omitted for brevity … }, }, … omitted for brevity … }); ``` </details> ### Step 3: Map deprecated feature’s privileges to the privileges of the non-deprecated features The important requirement for a successful migration from a deprecated feature to a new feature or features is that it should be possible to express **any combination** of the deprecated feature and sub-feature privileges with the feature or sub-feature privileges of non-deprecated features. This way, while editing a role with deprecated feature privileges in the UI, the admin will be interacting with new privileges as if they were creating a new role from scratch, maintaining consistency. The relationship between the privileges of the deprecated feature and the privileges of the features that are supposed to replace them is expressed with a new `replacedBy` property available on the privileges of the deprecated feature. <details> <summary>Click to see the code</summary> ```ts deps.features.registerKibanaFeature({ // This is a new `KibanaFeature` property available during feature registration. deprecated: { // User-facing justification for privilege deprecation that we can display // to the user when we ask them to perform role migration. notice: i18n.translate('xpack.security...', { defaultMessage: "Feature Alpha is deprecated, refer to {link}...", values: { link: docLinks.links.security.deprecatedFeatureAlpha }, }) }, // Feature id should stay unchanged, and it's not possible to reuse it. id: 'feature_alpha', name: 'Feature Alpha (DEPRECATED)', privileges: { all: { savedObject: { all: ['saved_object_1', 'saved_object_2'], read: [] }, ui: ['ui_all'], api: ['api_all'], replacedBy: [ { feature: 'feature_beta', privileges: ['all'] }, { feature: 'feature_gamma', privileges: ['all'] }, ], … omitted for brevity … }, read: { savedObject: { all: [], read: ['saved_object_1', 'saved_object_2'] }, ui: ['ui_read'], api: ['api_read'], replacedBy: [ { feature: 'feature_beta', privileges: ['read'] }, { feature: 'feature_gamma', privileges: ['read'] }, ], … omitted for brevity … }, }, … omitted for brevity … }); ``` </details> ### Step 4: Adjust the code to rely only on new, non-deprecated features Special care should be taken if the replacement privileges cannot reuse the API access tags from the deprecated privileges and introduce new tags that will be applied to the same API endpoints. In this case, developers should replace the API access tags of the deprecated privileges with the corresponding tags provided by the replacement privileges. This is necessary because API endpoints can only be accessed if the user privileges cover all the tags listed in the API endpoint definition, and without these changes, existing roles referencing deprecated privileges won’t be able to access those endpoints. The UI capabilities are handled slightly differently because they are always prefixed with the feature ID. When migrating to new features with new IDs, the code that interacts with UI capabilities will be updated to use these new feature IDs. <details> <summary>Click to see the code</summary> ```ts // BEFORE deprecation/migration // 1. Feature Alpha defition (not deprecated yet) deps.features.registerKibanaFeature({ id: 'feature_alpha', privileges: { all: { api: ['api_all'], … omitted for brevity … }, }, … omitted for brevity … }); // 2. Route protected by `all` privilege of the Feature Alpha router.post( { path: '/api/domain/my_api', options: { tags: ['access:api_all'] } }, async (_context, request, response) => {} ); // AFTER deprecation/migration // 1. Feature Alpha defition (deprecated, with updated API tags) deps.features.registerKibanaFeature({ deprecated: …, id: 'feature_alpha', privileges: { all: { api: ['api_all_v2'], replacedBy: [ { feature: 'feature_beta', privileges: ['all'] }, ], … omitted for brevity … }, }, … omitted for brevity … }); // 2. Feature Beta defition (new) deps.features.registerKibanaFeature({ id: 'feature_beta', privileges: { all: { api: ['api_all_v2'], … omitted for brevity … } }, … omitted for brevity … }); // 3. Route protected by `all` privilege of the Feature Alpha OR Feature Beta router.post( { path: '/api/domain/my_api', options: { tags: ['access:api_all_v2'] } }, async (_context, request, response) => {} ); ---- // ❌ Old client-side code (supports only deprecated privileges) if (capabilities.feature_alpha.ui_all) { … omitted for brevity … } // ✅ New client-side code (will work for **both** new and deprecated privileges) if (capabilities.feature_beta.ui_all) { … omitted for brevity … } ``` </details> ## How to test The code introduces a set of API integration tests that are designed to validate whether the privilege mapping between deprecated and replacement privileges maintains backward compatibility. You can run the test server with the following config to register a number of [example deprecated features](https://github.com/elastic/kibana/pull/186800/files#diff-d887981d43bbe30cda039340b906b0fa7649ba80230be4de8eda326036f10f6fR20-R49)(`x-pack/test/security_api_integration/plugins/features_provider/server/index.ts`) and the features that replace them, to see the framework in action: ```bash node scripts/functional_tests_server.js --config x-pack/test/security_api_integration/features.config.ts ``` --------- Co-authored-by: kibanamachine <[email protected]>
…tic#196187) ## Summary Re-added the serverless search specific index management tests so that we can ensure the index details page is rendered correctly when the search indices plugin feature flag is disabled. This test will be replaced by index_details tests when the feature flag is enabled, but until that is the default behavior this test ensure we have full coverage for the user experience. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Summarize your PR. If it involves visual changes include a screenshot or gif.
Checklist
Delete any items that are not applicable to this PR.
Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release.
When forming the risk matrix, consider some of the following examples and how they may potentially impact the change:
For maintainers