[8.6] [Security Solution] Parse Snapshot Versions for Kibana Artifacts (#145626) (#145771)

# Backport

This will backport the following commits from `main` to `8.6`:
- [[Security Solution] Parse Snapshot Versions for Kibana Artifacts
(#145626)](https://github.com/elastic/kibana/pull/145626)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"JD
Kurma","email":"JDKurma@gmail.com"},"sourceCommit":{"committedDate":"2022-11-18T19:40:57Z","message":"[Security
Solution] Parse Snapshot Versions for Kibana Artifacts (#145626)\n\n##
Summary\r\n\r\nThere are instances where the cluster info comes with a
snapshot version\r\nsuch as \"8.6.0-SNAPSHOT\". This version string is
used to construct the\r\nmanifest url needed to retrieve kibana
artifacts; however, those\r\nartifacts are categorized under
non-snapshot versions(e.g. \"8.6.0\").\r\nHence, to properly retrieve
the respective kibana artifacts, I am\r\nsplitting the version string at
'-' to get the applicable kibana\r\nartifact version. Similar methods of
splitting are
seen\r\n[here](https://github.com/elastic/kibana/blob/main/x-pack/plugins/monitoring/server/plugin.ts#L58)\r\n\r\nAlso
for additional reference: here is
a\r\n[discussion](https://elastic.slack.com/archives/C5TQ33ND8/p1594726063167100)\r\nfrom
#kibana-core slack channel on splitting at '-' for the
version\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"0db3ab0c1909ca587f897bd0b3be0e58ef3a089f","branchLabelMapping":{"^v8.7.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Telemetry","release_note:skip","Team:
SecuritySolution","auto-backport","v8.6.0"],"number":145626,"url":"https://github.com/elastic/kibana/pull/145626","mergeCommit":{"message":"[Security
Solution] Parse Snapshot Versions for Kibana Artifacts (#145626)\n\n##
Summary\r\n\r\nThere are instances where the cluster info comes with a
snapshot version\r\nsuch as \"8.6.0-SNAPSHOT\". This version string is
used to construct the\r\nmanifest url needed to retrieve kibana
artifacts; however, those\r\nartifacts are categorized under
non-snapshot versions(e.g. \"8.6.0\").\r\nHence, to properly retrieve
the respective kibana artifacts, I am\r\nsplitting the version string at
'-' to get the applicable kibana\r\nartifact version. Similar methods of
splitting are
seen\r\n[here](https://github.com/elastic/kibana/blob/main/x-pack/plugins/monitoring/server/plugin.ts#L58)\r\n\r\nAlso
for additional reference: here is
a\r\n[discussion](https://elastic.slack.com/archives/C5TQ33ND8/p1594726063167100)\r\nfrom
#kibana-core slack channel on splitting at '-' for the
version\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"0db3ab0c1909ca587f897bd0b3be0e58ef3a089f"}},"sourceBranch":"main","suggestedTargetBranches":["8.6"],"targetPullRequestStates":[{"branch":"8.6","label":"v8.6.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: JD Kurma <JDKurma@gmail.com>

x-pack/plugins/security_solution/server/lib/telemetry/artifact.test.ts

@@ -14,11 +14,41 @@ jest.mock('axios');
 const mockedAxios = axios as jest.Mocked<typeof axios>;
 
 describe('telemetry artifact test', () => {
-  test('start should retrieve cluster information', async () => {
+  test('start should set manifest url for snapshot version', async () => {
+    const expectedManifestUrl =
+      'https://artifacts.security.elastic.co/downloads/kibana/manifest/artifacts-8.0.0.zip';
     const mockTelemetryReceiver = createMockTelemetryReceiver();
     const artifact = new Artifact();
     await artifact.start(mockTelemetryReceiver);
     expect(mockTelemetryReceiver.fetchClusterInfo).toHaveBeenCalled();
+    expect(artifact.getManifestUrl()).toEqual(expectedManifestUrl);
+  });
+
+  test('start should set manifest url for non-snapshot version', async () => {
+    const expectedManifestUrl =
+      'https://artifacts.security.elastic.co/downloads/kibana/manifest/artifacts-8.0.0.zip';
+    const mockTelemetryReceiver = createMockTelemetryReceiver();
+    const stubClusterInfo = {
+      name: 'Stub-MacBook-Pro.local',
+      cluster_name: 'elasticsearch',
+      cluster_uuid: '5Pr5PXRQQpGJUTn0czAvKQ',
+      version: {
+        number: '8.0.0',
+        build_type: 'tar',
+        build_hash: '38537ab4a726b42ce8f034aad78d8fca4d4f3e51',
+        build_date: new Date().toISOString(),
+        build_snapshot: true,
+        lucene_version: '9.2.0',
+        minimum_wire_compatibility_version: '7.17.0',
+        minimum_index_compatibility_version: '7.0.0',
+      },
+      tagline: 'You Know, for Search',
+    };
+    mockTelemetryReceiver.fetchClusterInfo = jest.fn().mockReturnValue(stubClusterInfo);
+    const artifact = new Artifact();
+    await artifact.start(mockTelemetryReceiver);
+    expect(mockTelemetryReceiver.fetchClusterInfo).toHaveBeenCalled();
+    expect(artifact.getManifestUrl()).toEqual(expectedManifestUrl);
   });
 
   test('getArtifact should throw an error if manifest url is null', async () => {

x-pack/plugins/security_solution/server/lib/telemetry/artifact.ts

@@ -13,6 +13,7 @@ import type { ESClusterInfo } from './types';
 export interface IArtifact {
   start(receiver: ITelemetryReceiver): Promise<void>;
   getArtifact(name: string): Promise<unknown>;
+  getManifestUrl(): string | undefined;
 }
 
 export class Artifact implements IArtifact {
@@ -25,8 +26,14 @@ export class Artifact implements IArtifact {
   public async start(receiver: ITelemetryReceiver) {
     this.receiver = receiver;
     this.esClusterInfo = await this.receiver.fetchClusterInfo();
-    const version = this.esClusterInfo?.version?.number;
-    this.manifestUrl = `${this.CDN_URL}/downloads/kibana/manifest/artifacts-${version}.zip`;
+    if (this.esClusterInfo?.version?.number) {
+      const version =
+        this.esClusterInfo.version.number.substring(
+          0,
+          this.esClusterInfo.version.number.indexOf('-')
+        ) || this.esClusterInfo.version.number;
+      this.manifestUrl = `${this.CDN_URL}/downloads/kibana/manifest/artifacts-${version}.zip`;
+    }
   }
 
   public async getArtifact(name: string): Promise<unknown> {
@@ -47,9 +54,13 @@ export class Artifact implements IArtifact {
         throw Error(`No artifact for name ${name}`);
       }
     } else {
-      throw Error('No manifest url');
+      throw Error(`No manifest url for version ${this.esClusterInfo?.version?.number}`);
     }
   }
+
+  public getManifestUrl() {
+    return this.manifestUrl;
+  }
 }
 
 export const artifactService = new Artifact();

x-pack/plugins/security_solution/server/lib/telemetry/tasks/configuration.ts

@@ -36,6 +36,7 @@ export function createTelemetryConfigurationTaskConfig() {
         const configArtifact = (await artifactService.getArtifact(
           artifactName
         )) as unknown as TelemetryConfiguration;
+        tlog(logger, `New telemetry configuration artifact: ${JSON.stringify(configArtifact)}`);
         telemetryConfiguration.max_detection_alerts_batch =
           configArtifact.max_detection_alerts_batch;
         telemetryConfiguration.telemetry_max_buffer_size = configArtifact.telemetry_max_buffer_size;

x-pack/plugins/security_solution/server/lib/telemetry/tasks/filterlists.ts

@@ -36,6 +36,7 @@ export function createTelemetryFilterListArtifactTaskConfig() {
         const artifact = (await artifactService.getArtifact(
           artifactName
         )) as unknown as TelemetryFilterListArtifact;
+        tlog(logger, `New filterlist artifact: ${JSON.stringify(artifact)}`);
         filterList.endpointAlerts = artifact.endpoint_alerts;
         filterList.exceptionLists = artifact.exception_lists;
         filterList.prebuiltRulesAlerts = artifact.prebuilt_rules_alerts;