[8.x] [SecuritySolution] Load entity store indices from security solution data view (#195862) (#196209)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[SecuritySolution] Load entity store indices from security solution
data view (#195862)](https://github.com/elastic/kibana/pull/195862)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Pablo
Machado","email":"pablo.nevesmachado@elastic.co"},"sourceCommit":{"committedDate":"2024-10-14T20:56:58Z","message":"[SecuritySolution]
Load entity store indices from security solution data view
(#195862)\n\n## Summary\r\n\r\n* Update the Entity Store to retrieve
indices from the security solution\r\ndata view.\r\n* Create a new API
that updates all installed entity engine
indices\r\n(`api/entity_store/engines/apply_dataview_indices`)\r\n\r\n\r\n###
How to test it?\r\n* Install the entity store\r\n* Check if the
transform index has the security solutions data view\r\nindices\r\n*
Call `apply_dataview_indices` API; it should not return changes\r\n*
Update the security solution data view indices\r\n* Call
`apply_dataview_indices` API and if the API response contains
the\r\nupdated indices\r\n* Check if the transform index also got
updated\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"489c0901ffd335879d9652424ab15ef9f39cc4cb","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","v9.0.0","Team:
SecuritySolution","backport:prev-minor","Theme:
entity_analytics","Feature:Entity Analytics","Team:Entity
Analytics"],"title":"[SecuritySolution] Load entity store indices from
security solution data
view","number":195862,"url":"https://github.com/elastic/kibana/pull/195862","mergeCommit":{"message":"[SecuritySolution]
Load entity store indices from security solution data view
(#195862)\n\n## Summary\r\n\r\n* Update the Entity Store to retrieve
indices from the security solution\r\ndata view.\r\n* Create a new API
that updates all installed entity engine
indices\r\n(`api/entity_store/engines/apply_dataview_indices`)\r\n\r\n\r\n###
How to test it?\r\n* Install the entity store\r\n* Check if the
transform index has the security solutions data view\r\nindices\r\n*
Call `apply_dataview_indices` API; it should not return changes\r\n*
Update the security solution data view indices\r\n* Call
`apply_dataview_indices` API and if the API response contains
the\r\nupdated indices\r\n* Check if the transform index also got
updated\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"489c0901ffd335879d9652424ab15ef9f39cc4cb"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195862","number":195862,"mergeCommit":{"message":"[SecuritySolution]
Load entity store indices from security solution data view
(#195862)\n\n## Summary\r\n\r\n* Update the Entity Store to retrieve
indices from the security solution\r\ndata view.\r\n* Create a new API
that updates all installed entity engine
indices\r\n(`api/entity_store/engines/apply_dataview_indices`)\r\n\r\n\r\n###
How to test it?\r\n* Install the entity store\r\n* Check if the
transform index has the security solutions data view\r\nindices\r\n*
Call `apply_dataview_indices` API; it should not return changes\r\n*
Update the security solution data view indices\r\n* Call
`apply_dataview_indices` API and if the API response contains
the\r\nupdated indices\r\n* Check if the transform index also got
updated\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"489c0901ffd335879d9652424ab15ef9f39cc4cb"}}]}]
BACKPORT-->

Co-authored-by: Pablo Machado <pablo.nevesmachado@elastic.co>

x-pack/plugins/entity_manager/server/lib/entities/errors/entity_definition_update_conflict.ts

@@ -0,0 +1,13 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export class EntityDefinitionUpdateConflict extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = 'EntityDefinitionUpdateConflict';
+  }
+}

x-pack/plugins/entity_manager/server/lib/entity_client.ts

@@ -5,17 +5,23 @@
  * 2.0.
  */
 
-import { EntityDefinition } from '@kbn/entities-schema';
+import { EntityDefinition, EntityDefinitionUpdate } from '@kbn/entities-schema';
 import { SavedObjectsClientContract } from '@kbn/core-saved-objects-api-server';
 import { ElasticsearchClient } from '@kbn/core-elasticsearch-server';
 import { Logger } from '@kbn/logging';
-import { installEntityDefinition } from './entities/install_entity_definition';
+import {
+  installEntityDefinition,
+  installationInProgress,
+  reinstallEntityDefinition,
+} from './entities/install_entity_definition';
 import { startTransforms } from './entities/start_transforms';
-import { findEntityDefinitions } from './entities/find_entity_definition';
+import { findEntityDefinitionById, findEntityDefinitions } from './entities/find_entity_definition';
 import { uninstallEntityDefinition } from './entities/uninstall_entity_definition';
 import { EntityDefinitionNotFound } from './entities/errors/entity_not_found';
 
 import { stopTransforms } from './entities/stop_transforms';
+import { EntityDefinitionWithState } from './entities/types';
+import { EntityDefinitionUpdateConflict } from './entities/errors/entity_definition_update_conflict';
 
 export class EntityClient {
   constructor(
@@ -47,6 +53,50 @@ export class EntityClient {
     return installedDefinition;
   }
 
+  async updateEntityDefinition({
+    id,
+    definitionUpdate,
+  }: {
+    id: string;
+    definitionUpdate: EntityDefinitionUpdate;
+  }) {
+    const definition = await findEntityDefinitionById({
+      id,
+      soClient: this.options.soClient,
+      esClient: this.options.esClient,
+      includeState: true,
+    });
+
+    if (!definition) {
+      const message = `Unable to find entity definition with [${id}]`;
+      this.options.logger.error(message);
+      throw new EntityDefinitionNotFound(message);
+    }
+
+    if (installationInProgress(definition)) {
+      const message = `Entity definition [${definition.id}] has changes in progress`;
+      this.options.logger.error(message);
+      throw new EntityDefinitionUpdateConflict(message);
+    }
+
+    const shouldRestartTransforms = (
+      definition as EntityDefinitionWithState
+    ).state.components.transforms.some((transform) => transform.running);
+
+    const updatedDefinition = await reinstallEntityDefinition({
+      definition,
+      definitionUpdate,
+      soClient: this.options.soClient,
+      esClient: this.options.esClient,
+      logger: this.options.logger,
+    });
+
+    if (shouldRestartTransforms) {
+      await startTransforms(this.options.esClient, updatedDefinition, this.options.logger);
+    }
+    return updatedDefinition;
+  }
+
   async deleteEntityDefinition({ id, deleteData = false }: { id: string; deleteData?: boolean }) {
     const [definition] = await findEntityDefinitions({
       id,