[Security Solution][Siem migrations] Swap experimental flag for ESS (#208541)

## Summary

This PR enables the SIEM migrations experimental flag by default in
ESS/on-prem.
We keep the experimental flag disabled in serverless (using
`config/serverless.security.yml`) since we don't want to release it yet.

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>

config/serverless.security.yml

@@ -167,5 +167,7 @@ xpack.index_management.enableProjectLevelRetentionChecks: true
 
 # Experimental Security Solution features
 
-# This feature is disabled in Serverless until fully performance tested within a Serverless environment
-xpack.securitySolution.enableExperimental: ['entityStoreDisabled']
+# These features are disabled in Serverless until fully tested
+xpack.securitySolution.enableExperimental: 
+  - entityStoreDisabled
+  - siemMigrationsDisabled

x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts

@@ -242,9 +242,9 @@ export const allowedExperimentalValues = Object.freeze({
   serviceEntityStoreEnabled: true,
 
   /**
-   * Enables the siem migrations feature
+   * Disables the siem migrations feature
    */
-  siemMigrationsEnabled: false,
+  siemMigrationsDisabled: false,
 
   /**
    * Enables the Defend Insights feature

x-pack/solutions/security/plugins/security_solution/public/onboarding/components/onboarding_context.tsx

@@ -72,6 +72,12 @@ const useFilteredConfig = (): OnboardingConfig => {
       if (item.experimentalFlagRequired && !experimentalFeatures[item.experimentalFlagRequired]) {
         return false;
       }
+      if (
+        item.disabledExperimentalFlagRequired &&
+        experimentalFeatures[item.disabledExperimentalFlagRequired]
+      ) {
+        return false;
+      }
       if (item.licenseTypeRequired && !license.isAtLeast(item.licenseTypeRequired)) {
         return false;
       }

x-pack/solutions/security/plugins/security_solution/public/onboarding/config.ts

@@ -28,6 +28,6 @@ export const onboardingConfig: TopicConfig[] = [
     }),
     body: siemMigrationsBodyConfig,
     licenseTypeRequired: 'enterprise',
-    experimentalFlagRequired: 'siemMigrationsEnabled',
+    disabledExperimentalFlagRequired: 'siemMigrationsDisabled',
   },
 ];

x-pack/solutions/security/plugins/security_solution/public/onboarding/types.ts

@@ -108,6 +108,10 @@ export interface OnboardingConfigAvailabilityProps {
    * The experimental features required to enable the item.
    */
   experimentalFlagRequired?: keyof ExperimentalFeatures;
+  /**
+   * The disabled experimental features required to enable the item.
+   */
+  disabledExperimentalFlagRequired?: keyof ExperimentalFeatures;
 }
 
 export interface OnboardingCardConfig<TMetadata extends {} = {}>

x-pack/solutions/security/plugins/security_solution/public/plugin.tsx

@@ -343,7 +343,7 @@ export class Plugin implements IPlugin<PluginSetup, PluginStart, SetupPlugins, S
       investigations: subPlugins.investigations.start(),
       machineLearning: subPlugins.machineLearning.start(),
       siemMigrations: subPlugins.siemMigrations.start(
-        this.experimentalFeatures.siemMigrationsEnabled
+        !this.experimentalFeatures.siemMigrationsDisabled
       ),
     };
   }

x-pack/solutions/security/plugins/security_solution/public/siem_migrations/links.ts

@@ -32,6 +32,6 @@ export const siemMigrationsLinks: LinkItem = {
       defaultMessage: 'SIEM Rule Migrations',
     }),
   ],
-  experimentalKey: 'siemMigrationsEnabled',
+  hideWhenExperimentalKey: 'siemMigrationsDisabled',
   isBeta: true,
 };

x-pack/solutions/security/plugins/security_solution/public/siem_migrations/rules/service/rule_migrations_service.ts

@@ -77,7 +77,9 @@ export class SiemRulesMigrationsService {
   }
 
   public isAvailable() {
-    return ExperimentalFeaturesService.get().siemMigrationsEnabled && licenseService.isEnterprise();
+    return (
+      !ExperimentalFeaturesService.get().siemMigrationsDisabled && licenseService.isEnterprise()
+    );
   }
 
   public startPolling() {

x-pack/solutions/security/plugins/security_solution/server/lib/siem_migrations/routes.ts

@@ -15,7 +15,7 @@ export const registerSiemMigrationsRoutes = (
   config: ConfigType,
   logger: Logger
 ) => {
-  if (config.experimentalFeatures.siemMigrationsEnabled) {
+  if (!config.experimentalFeatures.siemMigrationsDisabled) {
     registerSiemRuleMigrationsRoutes(router, logger);
   }
 };

x-pack/solutions/security/plugins/security_solution/server/lib/siem_migrations/siem_migrations_service.test.ts

@@ -42,10 +42,10 @@ describe('SiemMigrationsService', () => {
     jest.clearAllMocks();
   });
 
-  describe('with siemMigrationsEnabled flag', () => {
+  describe('with experimental flag enabled', () => {
     beforeEach(() => {
       siemMigrationsService = new SiemMigrationsService(
-        { experimentalFeatures: { siemMigrationsEnabled: true } } as ConfigType,
+        { experimentalFeatures: { siemMigrationsDisabled: false } } as ConfigType,
         logger,
         kibanaVersion
       );
@@ -90,10 +90,10 @@ describe('SiemMigrationsService', () => {
     });
   });
 
-  describe('without siemMigrationsEnabled flag', () => {
+  describe('without experimental flag disabled', () => {
     beforeEach(() => {
       siemMigrationsService = new SiemMigrationsService(
-        { experimentalFeatures: { siemMigrationsEnabled: false } } as ConfigType,
+        { experimentalFeatures: { siemMigrationsDisabled: true } } as ConfigType,
         logger,
         kibanaVersion
       );

x-pack/solutions/security/plugins/security_solution/server/lib/siem_migrations/siem_migrations_service.ts

@@ -25,7 +25,7 @@ export class SiemMigrationsService {
   }
 
   setup(params: SiemMigrationsSetupParams) {
-    if (this.config.experimentalFeatures.siemMigrationsEnabled) {
+    if (!this.config.experimentalFeatures.siemMigrationsDisabled) {
       this.rules.setup({ ...params, pluginStop$: this.pluginStop$ });
     }
   }

x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/ess.config.ts

@@ -13,13 +13,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
 
   return {
     ...functionalConfig.getAll(),
-    kbnTestServer: {
-      ...functionalConfig.get('kbnTestServer'),
-      serverArgs: [
-        ...functionalConfig.get('kbnTestServer.serverArgs'),
-        `--xpack.securitySolution.enableExperimental=${JSON.stringify(['siemMigrationsEnabled'])}`,
-      ],
-    },
     testFiles: [require.resolve('..')],
     junit: {
       reportName: 'SIEM Migrations Integration Tests - ESS Env - Trial License',

x-pack/test/security_solution_api_integration/test_suites/siem_migrations/rules/trial_license_complete_tier/configs/serverless.config.ts

@@ -9,7 +9,7 @@ import { createTestConfig } from '../../../../../config/serverless/config.base';
 
 export default createTestConfig({
   kbnTestServerArgs: [
-    `--xpack.securitySolution.enableExperimental=${JSON.stringify(['siemMigrationsEnabled'])}`,
+    `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, // override to empty array so the flag is not disabled
     `--xpack.securitySolutionServerless.productTypes=${JSON.stringify([
       { product_line: 'security', product_tier: 'complete' },
       { product_line: 'endpoint', product_tier: 'complete' },