Disable analyzer alerts if feature flag disabled (#138032) (#138062)

(cherry picked from commit 1693569ef4)

Co-authored-by: Kevin Qualters <56408403+kqualters-elastic@users.noreply.github.com>

x-pack/plugins/security_solution/server/endpoint/routes/resolver.ts

@@ -7,6 +7,7 @@
 import type { StartServicesAccessor } from '@kbn/core/server';
 import type { SecuritySolutionPluginRouter } from '../../types';
 import type { StartPlugins } from '../../plugin';
+import type { ConfigType } from '../../config';
 import {
   validateEvents,
   validateEntities,
@@ -19,7 +20,8 @@ import { handleEvents } from './resolver/events';
 
 export const registerResolverRoutes = async (
   router: SecuritySolutionPluginRouter,
-  startServices: StartServicesAccessor<StartPlugins>
+  startServices: StartServicesAccessor<StartPlugins>,
+  config: ConfigType
 ) => {
   const [, { ruleRegistry }] = await startServices();
   router.post(
@@ -28,7 +30,7 @@ export const registerResolverRoutes = async (
       validate: validateTree,
       options: { authRequired: true },
     },
-    handleTree(ruleRegistry)
+    handleTree(ruleRegistry, config)
   );
 
   router.post(

x-pack/plugins/security_solution/server/endpoint/routes/resolver/tree/handler.ts

@@ -9,14 +9,21 @@ import type { RequestHandler } from '@kbn/core/server';
 import type { TypeOf } from '@kbn/config-schema';
 import type { RuleRegistryPluginStartContract } from '@kbn/rule-registry-plugin/server';
 import type { validateTree } from '../../../../../common/endpoint/schema/resolver';
+import type { ConfigType } from '../../../../config';
 import { Fetcher } from './utils/fetch';
 
 export function handleTree(
-  ruleRegistry: RuleRegistryPluginStartContract
+  ruleRegistry: RuleRegistryPluginStartContract,
+  config: ConfigType
 ): RequestHandler<unknown, unknown, TypeOf<typeof validateTree.body>> {
   return async (context, req, res) => {
     const client = (await context.core).elasticsearch.client;
-    const alertsClient = await ruleRegistry.getRacClientWithRequest(req);
+    const {
+      experimentalFeatures: { insightsRelatedAlertsByProcessAncestry },
+    } = config;
+    const alertsClient = insightsRelatedAlertsByProcessAncestry
+      ? await ruleRegistry.getRacClientWithRequest(req)
+      : undefined;
     const fetcher = new Fetcher(client, alertsClient);
     const body = await fetcher.tree(req.body);
     return res.ok({

x-pack/plugins/security_solution/server/routes/index.ts

@@ -120,7 +120,7 @@ export const initRoutes = (
   patchRulesBulkRoute(router, ml, logger);
   deleteRulesBulkRoute(router, logger);
   performBulkActionRoute(router, ml, logger);
-  registerResolverRoutes(router, getStartServices);
+  registerResolverRoutes(router, getStartServices, config);
 
   registerRuleMonitoringRoutes(router);