[Fleet] Use deterministic UUID's for default policies (#120776) (#120842)

* Use deterministic UUID's for default policies

* Alter lookup strategy for preconfigured agent policies

* Fix ID check

* Pass ID even when creating default policies

Co-authored-by: Kyle Pollich <kyle.pollich@elastic.co>

x-pack/plugins/fleet/common/constants/preconfiguration.ts

@@ -6,6 +6,7 @@
  */
 
 import { uniqBy } from 'lodash';
+import uuidv5 from 'uuid/v5';
 
 import type { PreconfiguredAgentPolicy } from '../types';
 
@@ -18,6 +19,9 @@ import {
   autoUpgradePoliciesPackages,
 } from './epm';
 
+// UUID v5 values require a namespace. We use UUID v5 for some of our preconfigured ID values.
+export const UUID_V5_NAMESPACE = 'dde7c2de-1370-4c19-9975-b473d0e03508';
+
 export const PRECONFIGURATION_DELETION_RECORD_SAVED_OBJECT_TYPE =
   'fleet-preconfiguration-deletion-record';
 
@@ -25,14 +29,16 @@ export const PRECONFIGURATION_LATEST_KEYWORD = 'latest';
 
 type PreconfiguredAgentPolicyWithDefaultInputs = Omit<
   PreconfiguredAgentPolicy,
-  'package_policies' | 'id'
+  'package_policies'
 > & {
   package_policies: Array<Omit<PreconfiguredAgentPolicy['package_policies'][0], 'inputs'>>;
 };
 
+export const DEFAULT_AGENT_POLICY_ID_SEED = 'default-agent-policy';
 export const DEFAULT_SYSTEM_PACKAGE_POLICY_ID = 'default-system-policy';
 
 export const DEFAULT_AGENT_POLICY: PreconfiguredAgentPolicyWithDefaultInputs = {
+  id: uuidv5(DEFAULT_AGENT_POLICY_ID_SEED, UUID_V5_NAMESPACE),
   name: 'Default policy',
   namespace: 'default',
   description: 'Default agent policy created by Kibana',
@@ -50,9 +56,11 @@ export const DEFAULT_AGENT_POLICY: PreconfiguredAgentPolicyWithDefaultInputs = {
   monitoring_enabled: monitoringTypes,
 };
 
-export const DEFAULT_FLEET_SERVER_POLICY_ID = 'default-fleet-server-policy';
+export const DEFAULT_FLEET_SERVER_POLICY_ID = 'default-fleet-server-agent-policy';
+export const DEFAULT_FLEET_SERVER_AGENT_POLICY_ID_SEED = 'default-fleet-server';
 
 export const DEFAULT_FLEET_SERVER_AGENT_POLICY: PreconfiguredAgentPolicyWithDefaultInputs = {
+  id: uuidv5(DEFAULT_FLEET_SERVER_AGENT_POLICY_ID_SEED, UUID_V5_NAMESPACE),
   name: 'Default Fleet Server policy',
   namespace: 'default',
   description: 'Default Fleet Server agent policy created by Kibana',

x-pack/plugins/fleet/server/services/agent_policy.ts

@@ -34,7 +34,12 @@ import type {
   ListWithKuery,
   NewPackagePolicy,
 } from '../types';
-import { agentPolicyStatuses, packageToPackagePolicy, AGENT_POLICY_INDEX } from '../../common';
+import {
+  agentPolicyStatuses,
+  packageToPackagePolicy,
+  AGENT_POLICY_INDEX,
+  UUID_V5_NAMESPACE,
+} from '../../common';
 import type {
   DeleteAgentPolicyResponse,
   FleetServerPolicy,
@@ -61,9 +66,6 @@ import { getFullAgentPolicy } from './agent_policies';
 
 const SAVED_OBJECT_TYPE = AGENT_POLICY_SAVED_OBJECT_TYPE;
 
-// UUID v5 values require a namespace
-const UUID_V5_NAMESPACE = 'dde7c2de-1370-4c19-9975-b473d0e03508';
-
 class AgentPolicyService {
   private triggerAgentPolicyUpdatedEvent = async (
     soClient: SavedObjectsClientContract,
@@ -132,14 +134,11 @@ class AgentPolicyService {
     };
 
     let searchParams;
-    if (id) {
-      searchParams = {
-        id: String(id),
-      };
-    } else if (
-      preconfiguredAgentPolicy.is_default ||
-      preconfiguredAgentPolicy.is_default_fleet_server
-    ) {
+
+    const isDefaultPolicy =
+      preconfiguredAgentPolicy.is_default || preconfiguredAgentPolicy.is_default_fleet_server;
+
+    if (isDefaultPolicy) {
       searchParams = {
         searchFields: [
           preconfiguredAgentPolicy.is_default_fleet_server
@@ -148,10 +147,15 @@ class AgentPolicyService {
         ],
         search: 'true',
       };
+    } else if (id) {
+      searchParams = {
+        id: String(id),
+      };
     }
+
     if (!searchParams) throw new Error('Missing ID');
 
-    return await this.ensureAgentPolicy(soClient, esClient, newAgentPolicy, searchParams);
+    return await this.ensureAgentPolicy(soClient, esClient, newAgentPolicy, searchParams, id);
   }
 
   private async ensureAgentPolicy(
@@ -163,7 +167,8 @@ class AgentPolicyService {
       | {
           searchFields: string[];
           search: string;
-        }
+        },
+    id?: string | number
   ): Promise<{
     created: boolean;
     policy: AgentPolicy;
@@ -201,7 +206,7 @@ class AgentPolicyService {
     if (agentPolicies.total === 0) {
       return {
         created: true,
-        policy: await this.create(soClient, esClient, newAgentPolicy),
+        policy: await this.create(soClient, esClient, newAgentPolicy, { id: String(id) }),
       };
     }