mirror of
https://github.com/elastic/kibana.git
synced 2025-04-23 09:19:04 -04:00
151 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Kibana Machine
|
10abaaaf5c
|
[8.16] Use more efficient strategies to process user input (#196858) (#197791)
# Backport This will backport the following commits from `main` to `8.16`: - [Use more efficient strategies to process user input (#196858)](https://github.com/elastic/kibana/pull/196858) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Gerard Soldevila","email":"gerard.soldevila@elastic.co"},"sourceCommit":{"committedDate":"2024-10-22T12:07:25Z","message":"Use more efficient strategies to process user input (#196858)\n\n## Summary\r\n\r\nAddress performance concerns with Regexps","sha":"c9637cf71c97e2290db57302d54b90caffb6b1bf","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","release_note:skip","v9.0.0","backport:all-open"],"title":"Use more efficient strategies to process user input","number":196858,"url":"https://github.com/elastic/kibana/pull/196858","mergeCommit":{"message":"Use more efficient strategies to process user input (#196858)\n\n## Summary\r\n\r\nAddress performance concerns with Regexps","sha":"c9637cf71c97e2290db57302d54b90caffb6b1bf"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196858","number":196858,"mergeCommit":{"message":"Use more efficient strategies to process user input (#196858)\n\n## Summary\r\n\r\nAddress performance concerns with Regexps","sha":"c9637cf71c97e2290db57302d54b90caffb6b1bf"}}]}] BACKPORT--> Co-authored-by: Gerard Soldevila <gerard.soldevila@elastic.co> |
||
|
Kibana Machine
|
76993eb1f6
|
[8.16] [OAS] Support setting availability (#196647) (#197025)
# Backport This will backport the following commits from `main` to `8.16`: - [[OAS] Support setting availability (#196647)](https://github.com/elastic/kibana/pull/196647) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jean-Louis Leysens","email":"jeanlouis.leysens@elastic.co"},"sourceCommit":{"committedDate":"2024-10-21T10:30:45Z","message":"[OAS] Support setting availability (#196647)\n\n## Summary\r\n\r\nClose https://github.com/elastic/kibana/issues/181995\r\n\r\nRelated https://github.com/elastic/kibana/pull/195325\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co>","sha":"608cc70be56fa63cb68a93d480e545fa95c0846a","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","release_note:skip","v9.0.0","Feature:OAS","v8.16.0","backport:version"],"title":"[OAS] Support setting availability","number":196647,"url":"https://github.com/elastic/kibana/pull/196647","mergeCommit":{"message":"[OAS] Support setting availability (#196647)\n\n## Summary\r\n\r\nClose https://github.com/elastic/kibana/issues/181995\r\n\r\nRelated https://github.com/elastic/kibana/pull/195325\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co>","sha":"608cc70be56fa63cb68a93d480e545fa95c0846a"}},"sourceBranch":"main","suggestedTargetBranches":["8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196647","number":196647,"mergeCommit":{"message":"[OAS] Support setting availability (#196647)\n\n## Summary\r\n\r\nClose https://github.com/elastic/kibana/issues/181995\r\n\r\nRelated https://github.com/elastic/kibana/pull/195325\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co>","sha":"608cc70be56fa63cb68a93d480e545fa95c0846a"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Jean-Louis Leysens <jeanlouis.leysens@elastic.co> |
||
Jeramy Soucy
|
d216933327
|
[8.x] Set spaces and roles CRUD APIs to public (#193534) (#196242)
# Backport This will backport the following commits from `main` to `8.x`: - [Set spaces and roles CRUD APIs to public (#193534)](https://github.com/elastic/kibana/pull/193534) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jeramy Soucy","email":"jeramy.soucy@elastic.co"},"sourceCommit":{"committedDate":"2024-10-03T14:28:54Z","message":"Set spaces and roles CRUD APIs to public (#193534)\n\nCloses #192153\r\n\r\n## Summary\r\n\r\nThis PR sets the spaces and roles CRUD operation HTTP API endpoints to\r\npublic in both stateful and serverless offerings, and additionally,\r\nswitches to the versioned router to register these endpoints.\r\n\r\nPrior to this PR, the access level was not explicitly set, thus any\r\nendpoints registered in serverless were by default internal. CRUD\r\noperations for spaces and roles are being set to public to support the\r\nrollout of custom roles in serverless, which coincides with enabling\r\nmultiple spaces.\r\n\r\n### Note\r\n- Currently, roles APIs are only available in serverless via a feature\r\nflag (`xpack.security.roleManagementEnabled`)\r\n- Spaces APIs are already registered in serverless, however, the maximum\r\nnumber of spaces is by default 1, rendering create and delete operations\r\nunusable. By overriding `xpack.spaces.maxSpaces` to a number greater\r\nthan 1 (stateful default is 1000), it will effectively enable use of the\r\nspaces CRUD operations in serverless.\r\n\r\n## Tests\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/management/multiple_spaces_enabled.ts\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/management/spaces.ts\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/platform_security/authorization.ts\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/platform_security/roles_routes_feature_flag.ts\r\n- Unit tests for each endpoint (to account for versioned router)\r\n- Flaky Test Runner:\r\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/7002\r\n\r\n## Manual Testing\r\n1. Start ES & Kibana in serverless mode with config options to enable\r\nrole management and multiple spaces\r\n\r\nElasticsearch:\r\n```\r\nxpack.security.authc.native_roles.enabled: true\r\n```\r\n KIbana:\r\n```\r\n xpack.security.roleManagementEnabled: true\r\n xpack.spaces.maxSpaces: 100\r\n```\r\n3. Issue each CRUD HTTP API without including the internal origin header\r\n('x-elastic-internal-origin') and verify you do not receive a 400 with\r\nthe message \"method [get|post|put|delete] exists but is not available\r\nwith the current configuration\"\r\n4. Repeat steps 1 & 2 from the current head of main and verify that you\r\nDO receive a 400 with the message \"method [get|post|put|delete] exists\r\nbut is not available with the current configuration\"\r\n\r\nRegression testing - ensure that interfaces which leverage spaces and\r\nroles APIs are functioning properly\r\n- Spaces management\r\n- Space navigation\r\n- Roles management\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"26f2928b0887c9fda4403c0ce3fcc332b7c0e69a","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","Feature:Security/Spaces","release_note:skip","Feature:Security/Authorization","v9.0.0","backport:prev-minor","Project:Serverless"],"number":193534,"url":"https://github.com/elastic/kibana/pull/193534","mergeCommit":{"message":"Set spaces and roles CRUD APIs to public (#193534)\n\nCloses #192153\r\n\r\n## Summary\r\n\r\nThis PR sets the spaces and roles CRUD operation HTTP API endpoints to\r\npublic in both stateful and serverless offerings, and additionally,\r\nswitches to the versioned router to register these endpoints.\r\n\r\nPrior to this PR, the access level was not explicitly set, thus any\r\nendpoints registered in serverless were by default internal. CRUD\r\noperations for spaces and roles are being set to public to support the\r\nrollout of custom roles in serverless, which coincides with enabling\r\nmultiple spaces.\r\n\r\n### Note\r\n- Currently, roles APIs are only available in serverless via a feature\r\nflag (`xpack.security.roleManagementEnabled`)\r\n- Spaces APIs are already registered in serverless, however, the maximum\r\nnumber of spaces is by default 1, rendering create and delete operations\r\nunusable. By overriding `xpack.spaces.maxSpaces` to a number greater\r\nthan 1 (stateful default is 1000), it will effectively enable use of the\r\nspaces CRUD operations in serverless.\r\n\r\n## Tests\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/management/multiple_spaces_enabled.ts\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/management/spaces.ts\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/platform_security/authorization.ts\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/platform_security/roles_routes_feature_flag.ts\r\n- Unit tests for each endpoint (to account for versioned router)\r\n- Flaky Test Runner:\r\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/7002\r\n\r\n## Manual Testing\r\n1. Start ES & Kibana in serverless mode with config options to enable\r\nrole management and multiple spaces\r\n\r\nElasticsearch:\r\n```\r\nxpack.security.authc.native_roles.enabled: true\r\n```\r\n KIbana:\r\n```\r\n xpack.security.roleManagementEnabled: true\r\n xpack.spaces.maxSpaces: 100\r\n```\r\n3. Issue each CRUD HTTP API without including the internal origin header\r\n('x-elastic-internal-origin') and verify you do not receive a 400 with\r\nthe message \"method [get|post|put|delete] exists but is not available\r\nwith the current configuration\"\r\n4. Repeat steps 1 & 2 from the current head of main and verify that you\r\nDO receive a 400 with the message \"method [get|post|put|delete] exists\r\nbut is not available with the current configuration\"\r\n\r\nRegression testing - ensure that interfaces which leverage spaces and\r\nroles APIs are functioning properly\r\n- Spaces management\r\n- Space navigation\r\n- Roles management\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"26f2928b0887c9fda4403c0ce3fcc332b7c0e69a"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/193534","number":193534,"mergeCommit":{"message":"Set spaces and roles CRUD APIs to public (#193534)\n\nCloses #192153\r\n\r\n## Summary\r\n\r\nThis PR sets the spaces and roles CRUD operation HTTP API endpoints to\r\npublic in both stateful and serverless offerings, and additionally,\r\nswitches to the versioned router to register these endpoints.\r\n\r\nPrior to this PR, the access level was not explicitly set, thus any\r\nendpoints registered in serverless were by default internal. CRUD\r\noperations for spaces and roles are being set to public to support the\r\nrollout of custom roles in serverless, which coincides with enabling\r\nmultiple spaces.\r\n\r\n### Note\r\n- Currently, roles APIs are only available in serverless via a feature\r\nflag (`xpack.security.roleManagementEnabled`)\r\n- Spaces APIs are already registered in serverless, however, the maximum\r\nnumber of spaces is by default 1, rendering create and delete operations\r\nunusable. By overriding `xpack.spaces.maxSpaces` to a number greater\r\nthan 1 (stateful default is 1000), it will effectively enable use of the\r\nspaces CRUD operations in serverless.\r\n\r\n## Tests\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/management/multiple_spaces_enabled.ts\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/management/spaces.ts\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/platform_security/authorization.ts\r\n-\r\nx-pack/test_serverless/api_integration/test_suites/common/platform_security/roles_routes_feature_flag.ts\r\n- Unit tests for each endpoint (to account for versioned router)\r\n- Flaky Test Runner:\r\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/7002\r\n\r\n## Manual Testing\r\n1. Start ES & Kibana in serverless mode with config options to enable\r\nrole management and multiple spaces\r\n\r\nElasticsearch:\r\n```\r\nxpack.security.authc.native_roles.enabled: true\r\n```\r\n KIbana:\r\n```\r\n xpack.security.roleManagementEnabled: true\r\n xpack.spaces.maxSpaces: 100\r\n```\r\n3. Issue each CRUD HTTP API without including the internal origin header\r\n('x-elastic-internal-origin') and verify you do not receive a 400 with\r\nthe message \"method [get|post|put|delete] exists but is not available\r\nwith the current configuration\"\r\n4. Repeat steps 1 & 2 from the current head of main and verify that you\r\nDO receive a 400 with the message \"method [get|post|put|delete] exists\r\nbut is not available with the current configuration\"\r\n\r\nRegression testing - ensure that interfaces which leverage spaces and\r\nroles APIs are functioning properly\r\n- Spaces management\r\n- Space navigation\r\n- Roles management\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"26f2928b0887c9fda4403c0ce3fcc332b7c0e69a"}}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Kibana Machine
|
0158fec36f
|
[8.x] [Http] Make HTTP resource routes respond without the versioned header (#195940) (#196324)
# Backport This will backport the following commits from `main` to `8.x`: - [[Http] Make HTTP resource routes respond without the versioned header (#195940)](https://github.com/elastic/kibana/pull/195940) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jean-Louis Leysens","email":"jeanlouis.leysens@elastic.co"},"sourceCommit":{"committedDate":"2024-10-15T14:09:42Z","message":"[Http] Make HTTP resource routes respond without the versioned header (#195940)\n\n## Summary\r\n\r\nFollow up on https://github.com/elastic/kibana/pull/195464\r\n\r\nAdds public route registrar option `httpResource` to distinguish API\r\nroutes from routes intended to be used for loading resources, [for\r\nex]( |
||
|
Kibana Machine
|
bf56b4ea3a
|
[8.x] [Core] log on external requests to internal routes (#195696) (#195974)
# Backport This will backport the following commits from `main` to `8.x`: - [[Core] log on external requests to internal routes (#195696)](https://github.com/elastic/kibana/pull/195696) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Christiane (Tina) Heiligers","email":"christiane.heiligers@elastic.co"},"sourceCommit":{"committedDate":"2024-10-11T18:02:31Z","message":"[Core] log on external requests to internal routes (#195696)\n\nfix [#194772](https://github.com/elastic/kibana/issues/194772)\r\n\r\nKibana logs a warning when detecting requests from integrations with\r\ninternal APIs when the restriction is not enforced or explicitly set to\r\n`false`.\r\nConsumers can use these logs to audit their integrations and make\r\nchanges before the restriction becomes enforced.\r\n\r\n### Note ###\r\nAfter 9.0, the restriction will be enforced. Explicitly disabling the\r\nrestriction effectively opts into using internal routes, which are\r\nsubject to change and not recommended for non-Elastic consumption.\r\n\r\nBypassing the restriction for specific routes by adding the necessary\r\nheader or query parameter that allows access is also not recommended for\r\nnon-Elastic consumption.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n## How to test this ##\r\n\r\n#### Test as an external consumer making a request to an internal route\r\n####\r\n\r\n<details>\r\n<summary>1. Enforce restricted internal APIs & enable logging:</summary>\r\n\r\n```//kibana.yml\r\nserver.restrictInternalApis: true // or don't declare\r\n...\r\nlogging\r\n appenders:\r\n http-custom:\r\n type: console\r\n layout:\r\n type: pattern\r\n highlight: true\r\n pattern: \"HTTP_CUSTOM--[%date][%level][%logger]---%message\"\r\n root:\r\n appenders: [console]\r\n level: warn\r\n loggers\r\n - name: http.server.kbn-internal-api-restricted\r\n level: warn\r\n appenders: [http-custom]\r\n```\r\n</details>\r\n\r\n2. Start ES (any license)\r\n3. Start Kbn\r\n\r\n<details>\r\n<summary>4. GET global settings:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n5. The response from the curl request shoud be:\r\n```\r\n{\"statusCode\":400,\"error\":\"Bad Request\",\"message\":\"uri [/internal/kibana/global_settings] with method [get] exists but is not available with the current configuration\"}\r\n```\r\n6. You should see an error log from the\r\n`http.server.kbnInternalApiRestricted` logger:\r\n```\r\nHTTP_CUSTOM--[2024-10-10T13:04:51.287-07:00][ERROR][http.server.kbn-internal-api-restricted]---Access to uri [/internal/kibana/global_settings] with method [get] is not available with the current configuration\r\n```\r\n\r\n#### Bypass the restriction for the global settings route (opt in to use\r\nthe internal route)\r\nKeeping the same configuration and with ES and Kbn still running, add\r\nthe 'x-elastic-internal-origin' header to the curl request ####\r\n\r\n<details>\r\n<summary>1. Opt in to use the global settings route:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'x-elastic-internal-origin: kibana' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n2. The response from the curl request shoud be:\r\n```\r\n{\"settings\":{\"buildNum\":{\"userValue\":9007199254740991},\"isDefaultIndexMigrated\":{\"userValue\":true}}}\r\n```\r\n3. You shouldn't see any new logs from the\r\n`http.server.kbnInternalApiRestricted` logger\r\n\r\n#### Test as an external consumer explicitly disabling the restriction\r\ncompletely (not recommended and not guaranteed) ####\r\n\r\n<details>\r\n<summary>1. Disable restricted internal APIs & enable logging:</summary>\r\n\r\n```//kibana.yml\r\nserver.restrictInternalApis: false\r\n...\r\nlogging\r\n appenders:\r\n http-custom:\r\n type: console\r\n layout:\r\n type: pattern\r\n highlight: true\r\n pattern: \"HTTP_CUSTOM--[%date][%level][%logger]---%message\"\r\n root:\r\n appenders: [console]\r\n level: warn\r\n loggers\r\n - name: http.server.kbn-internal-api-restricted\r\n level: warn\r\n appenders: [http-custom]\r\n```\r\n</details>\r\n\r\n2. Start ES (any license)\r\n3. Start Kbn\r\n\r\n<details>\r\n<summary>4. GET global settings:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n5. The response from the curl request shoud be:\r\n```\r\n{\"settings\":{\"buildNum\":{\"userValue\":9007199254740991},\"isDefaultIndexMigrated\":{\"userValue\":true}}}\r\n```\r\n6. You should see a warning log from the\r\n`http.server.kbnInternalApiRestricted` logger:\r\n```\r\nHTTP_CUSTOM--[2024-10-10T13:31:48.729-07:00][WARN ][http.server.kbn-internal-api-restricted]---Access to uri [/internal/kibana/global_settings] with method [get] is deprecated\r\n```\r\n<details>\r\n<summary>7. Add the internal origin header to the request:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'x-elastic-internal-origin: kibana' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n8. The response from the curl request shoud be:\r\n```\r\n{\"settings\":{\"buildNum\":{\"userValue\":9007199254740991},\"isDefaultIndexMigrated\":{\"userValue\":true}}}\r\n```\r\n9. You shouldn't see any new logs from the\r\n`http.server.kbnInternalApiRestricted` logger.\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"d0bdbdddb200a2656567c9b9f05d1e934c5a4cea","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","release_note:skip","v9.0.0","backport:prev-minor"],"title":"[Core] log on external requests to internal routes","number":195696,"url":"https://github.com/elastic/kibana/pull/195696","mergeCommit":{"message":"[Core] log on external requests to internal routes (#195696)\n\nfix [#194772](https://github.com/elastic/kibana/issues/194772)\r\n\r\nKibana logs a warning when detecting requests from integrations with\r\ninternal APIs when the restriction is not enforced or explicitly set to\r\n`false`.\r\nConsumers can use these logs to audit their integrations and make\r\nchanges before the restriction becomes enforced.\r\n\r\n### Note ###\r\nAfter 9.0, the restriction will be enforced. Explicitly disabling the\r\nrestriction effectively opts into using internal routes, which are\r\nsubject to change and not recommended for non-Elastic consumption.\r\n\r\nBypassing the restriction for specific routes by adding the necessary\r\nheader or query parameter that allows access is also not recommended for\r\nnon-Elastic consumption.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n## How to test this ##\r\n\r\n#### Test as an external consumer making a request to an internal route\r\n####\r\n\r\n<details>\r\n<summary>1. Enforce restricted internal APIs & enable logging:</summary>\r\n\r\n```//kibana.yml\r\nserver.restrictInternalApis: true // or don't declare\r\n...\r\nlogging\r\n appenders:\r\n http-custom:\r\n type: console\r\n layout:\r\n type: pattern\r\n highlight: true\r\n pattern: \"HTTP_CUSTOM--[%date][%level][%logger]---%message\"\r\n root:\r\n appenders: [console]\r\n level: warn\r\n loggers\r\n - name: http.server.kbn-internal-api-restricted\r\n level: warn\r\n appenders: [http-custom]\r\n```\r\n</details>\r\n\r\n2. Start ES (any license)\r\n3. Start Kbn\r\n\r\n<details>\r\n<summary>4. GET global settings:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n5. The response from the curl request shoud be:\r\n```\r\n{\"statusCode\":400,\"error\":\"Bad Request\",\"message\":\"uri [/internal/kibana/global_settings] with method [get] exists but is not available with the current configuration\"}\r\n```\r\n6. You should see an error log from the\r\n`http.server.kbnInternalApiRestricted` logger:\r\n```\r\nHTTP_CUSTOM--[2024-10-10T13:04:51.287-07:00][ERROR][http.server.kbn-internal-api-restricted]---Access to uri [/internal/kibana/global_settings] with method [get] is not available with the current configuration\r\n```\r\n\r\n#### Bypass the restriction for the global settings route (opt in to use\r\nthe internal route)\r\nKeeping the same configuration and with ES and Kbn still running, add\r\nthe 'x-elastic-internal-origin' header to the curl request ####\r\n\r\n<details>\r\n<summary>1. Opt in to use the global settings route:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'x-elastic-internal-origin: kibana' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n2. The response from the curl request shoud be:\r\n```\r\n{\"settings\":{\"buildNum\":{\"userValue\":9007199254740991},\"isDefaultIndexMigrated\":{\"userValue\":true}}}\r\n```\r\n3. You shouldn't see any new logs from the\r\n`http.server.kbnInternalApiRestricted` logger\r\n\r\n#### Test as an external consumer explicitly disabling the restriction\r\ncompletely (not recommended and not guaranteed) ####\r\n\r\n<details>\r\n<summary>1. Disable restricted internal APIs & enable logging:</summary>\r\n\r\n```//kibana.yml\r\nserver.restrictInternalApis: false\r\n...\r\nlogging\r\n appenders:\r\n http-custom:\r\n type: console\r\n layout:\r\n type: pattern\r\n highlight: true\r\n pattern: \"HTTP_CUSTOM--[%date][%level][%logger]---%message\"\r\n root:\r\n appenders: [console]\r\n level: warn\r\n loggers\r\n - name: http.server.kbn-internal-api-restricted\r\n level: warn\r\n appenders: [http-custom]\r\n```\r\n</details>\r\n\r\n2. Start ES (any license)\r\n3. Start Kbn\r\n\r\n<details>\r\n<summary>4. GET global settings:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n5. The response from the curl request shoud be:\r\n```\r\n{\"settings\":{\"buildNum\":{\"userValue\":9007199254740991},\"isDefaultIndexMigrated\":{\"userValue\":true}}}\r\n```\r\n6. You should see a warning log from the\r\n`http.server.kbnInternalApiRestricted` logger:\r\n```\r\nHTTP_CUSTOM--[2024-10-10T13:31:48.729-07:00][WARN ][http.server.kbn-internal-api-restricted]---Access to uri [/internal/kibana/global_settings] with method [get] is deprecated\r\n```\r\n<details>\r\n<summary>7. Add the internal origin header to the request:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'x-elastic-internal-origin: kibana' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n8. The response from the curl request shoud be:\r\n```\r\n{\"settings\":{\"buildNum\":{\"userValue\":9007199254740991},\"isDefaultIndexMigrated\":{\"userValue\":true}}}\r\n```\r\n9. You shouldn't see any new logs from the\r\n`http.server.kbnInternalApiRestricted` logger.\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"d0bdbdddb200a2656567c9b9f05d1e934c5a4cea"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195696","number":195696,"mergeCommit":{"message":"[Core] log on external requests to internal routes (#195696)\n\nfix [#194772](https://github.com/elastic/kibana/issues/194772)\r\n\r\nKibana logs a warning when detecting requests from integrations with\r\ninternal APIs when the restriction is not enforced or explicitly set to\r\n`false`.\r\nConsumers can use these logs to audit their integrations and make\r\nchanges before the restriction becomes enforced.\r\n\r\n### Note ###\r\nAfter 9.0, the restriction will be enforced. Explicitly disabling the\r\nrestriction effectively opts into using internal routes, which are\r\nsubject to change and not recommended for non-Elastic consumption.\r\n\r\nBypassing the restriction for specific routes by adding the necessary\r\nheader or query parameter that allows access is also not recommended for\r\nnon-Elastic consumption.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n## How to test this ##\r\n\r\n#### Test as an external consumer making a request to an internal route\r\n####\r\n\r\n<details>\r\n<summary>1. Enforce restricted internal APIs & enable logging:</summary>\r\n\r\n```//kibana.yml\r\nserver.restrictInternalApis: true // or don't declare\r\n...\r\nlogging\r\n appenders:\r\n http-custom:\r\n type: console\r\n layout:\r\n type: pattern\r\n highlight: true\r\n pattern: \"HTTP_CUSTOM--[%date][%level][%logger]---%message\"\r\n root:\r\n appenders: [console]\r\n level: warn\r\n loggers\r\n - name: http.server.kbn-internal-api-restricted\r\n level: warn\r\n appenders: [http-custom]\r\n```\r\n</details>\r\n\r\n2. Start ES (any license)\r\n3. Start Kbn\r\n\r\n<details>\r\n<summary>4. GET global settings:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n5. The response from the curl request shoud be:\r\n```\r\n{\"statusCode\":400,\"error\":\"Bad Request\",\"message\":\"uri [/internal/kibana/global_settings] with method [get] exists but is not available with the current configuration\"}\r\n```\r\n6. You should see an error log from the\r\n`http.server.kbnInternalApiRestricted` logger:\r\n```\r\nHTTP_CUSTOM--[2024-10-10T13:04:51.287-07:00][ERROR][http.server.kbn-internal-api-restricted]---Access to uri [/internal/kibana/global_settings] with method [get] is not available with the current configuration\r\n```\r\n\r\n#### Bypass the restriction for the global settings route (opt in to use\r\nthe internal route)\r\nKeeping the same configuration and with ES and Kbn still running, add\r\nthe 'x-elastic-internal-origin' header to the curl request ####\r\n\r\n<details>\r\n<summary>1. Opt in to use the global settings route:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'x-elastic-internal-origin: kibana' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n2. The response from the curl request shoud be:\r\n```\r\n{\"settings\":{\"buildNum\":{\"userValue\":9007199254740991},\"isDefaultIndexMigrated\":{\"userValue\":true}}}\r\n```\r\n3. You shouldn't see any new logs from the\r\n`http.server.kbnInternalApiRestricted` logger\r\n\r\n#### Test as an external consumer explicitly disabling the restriction\r\ncompletely (not recommended and not guaranteed) ####\r\n\r\n<details>\r\n<summary>1. Disable restricted internal APIs & enable logging:</summary>\r\n\r\n```//kibana.yml\r\nserver.restrictInternalApis: false\r\n...\r\nlogging\r\n appenders:\r\n http-custom:\r\n type: console\r\n layout:\r\n type: pattern\r\n highlight: true\r\n pattern: \"HTTP_CUSTOM--[%date][%level][%logger]---%message\"\r\n root:\r\n appenders: [console]\r\n level: warn\r\n loggers\r\n - name: http.server.kbn-internal-api-restricted\r\n level: warn\r\n appenders: [http-custom]\r\n```\r\n</details>\r\n\r\n2. Start ES (any license)\r\n3. Start Kbn\r\n\r\n<details>\r\n<summary>4. GET global settings:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n5. The response from the curl request shoud be:\r\n```\r\n{\"settings\":{\"buildNum\":{\"userValue\":9007199254740991},\"isDefaultIndexMigrated\":{\"userValue\":true}}}\r\n```\r\n6. You should see a warning log from the\r\n`http.server.kbnInternalApiRestricted` logger:\r\n```\r\nHTTP_CUSTOM--[2024-10-10T13:31:48.729-07:00][WARN ][http.server.kbn-internal-api-restricted]---Access to uri [/internal/kibana/global_settings] with method [get] is deprecated\r\n```\r\n<details>\r\n<summary>7. Add the internal origin header to the request:</summary>\r\n\r\n```\r\ncurl --location 'localhost:5601/abc/internal/kibana/global_settings' \\\r\n--header 'Content-Type: application/json' \\\r\n--header 'Accept-Encoding: gzip, deflate, br' \\\r\n--header 'kbn-xsrf: kibana' \\\r\n--header 'Kbn-Version: 9.0.0' \\\r\n--header 'x-elastic-internal-origin: kibana' \\\r\n--header 'Authorization: Basic ZWxhc3RpYzpjaGFuZ2VtZQ=='\r\n```\r\n</details>\r\n\r\n8. The response from the curl request shoud be:\r\n```\r\n{\"settings\":{\"buildNum\":{\"userValue\":9007199254740991},\"isDefaultIndexMigrated\":{\"userValue\":true}}}\r\n```\r\n9. You shouldn't see any new logs from the\r\n`http.server.kbnInternalApiRestricted` logger.\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"d0bdbdddb200a2656567c9b9f05d1e934c5a4cea"}}]}] BACKPORT--> Co-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co> |
||
|
Kibana Machine
|
8bd34c49e5
|
[8.x] [HTTP] Copy array returned by `getRoutes` (#195647) (#195714)
# Backport This will backport the following commits from `main` to `8.x`: - [[HTTP] Copy array returned by `getRoutes` (#195647)](https://github.com/elastic/kibana/pull/195647) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jean-Louis Leysens","email":"jeanlouis.leysens@elastic.co"},"sourceCommit":{"committedDate":"2024-10-10T08:53:59Z","message":"[HTTP] Copy array returned by `getRoutes` (#195647)\n\n## Summary\r\n\r\nSmall follow up based on\r\nhttps://github.com/elastic/kibana/pull/192675#discussion_r1793601519","sha":"a481da68e58cb20d6407c9866c1511717addfdb0","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:http","Team:Core","release_note:skip","v9.0.0","v8.16.0","backport:version"],"title":"[HTTP] Copy array returned by `getRoutes`","number":195647,"url":"https://github.com/elastic/kibana/pull/195647","mergeCommit":{"message":"[HTTP] Copy array returned by `getRoutes` (#195647)\n\n## Summary\r\n\r\nSmall follow up based on\r\nhttps://github.com/elastic/kibana/pull/192675#discussion_r1793601519","sha":"a481da68e58cb20d6407c9866c1511717addfdb0"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195647","number":195647,"mergeCommit":{"message":"[HTTP] Copy array returned by `getRoutes` (#195647)\n\n## Summary\r\n\r\nSmall follow up based on\r\nhttps://github.com/elastic/kibana/pull/192675#discussion_r1793601519","sha":"a481da68e58cb20d6407c9866c1511717addfdb0"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Jean-Louis Leysens <jeanlouis.leysens@elastic.co> |
||
|
Kibana Machine
|
95ebd3a84c
|
[8.x] [HTTP/OAS] Ability to exclude routes from introspection (#192675) (#195652)
# Backport This will backport the following commits from `main` to `8.x`: - [[HTTP/OAS] Ability to exclude routes from introspection (#192675)](https://github.com/elastic/kibana/pull/192675) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jean-Louis Leysens","email":"jeanlouis.leysens@elastic.co"},"sourceCommit":{"committedDate":"2024-10-09T16:31:42Z","message":"[HTTP/OAS] Ability to exclude routes from introspection (#192675)","sha":"2327681de7306c20bcca69fe77660c0a586c979d","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","release_note:skip","v9.0.0","Feature:OAS","v8.16.0","backport:version"],"title":"[HTTP/OAS] Ability to exclude routes from introspection","number":192675,"url":"https://github.com/elastic/kibana/pull/192675","mergeCommit":{"message":"[HTTP/OAS] Ability to exclude routes from introspection (#192675)","sha":"2327681de7306c20bcca69fe77660c0a586c979d"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/192675","number":192675,"mergeCommit":{"message":"[HTTP/OAS] Ability to exclude routes from introspection (#192675)","sha":"2327681de7306c20bcca69fe77660c0a586c979d"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Jean-Louis Leysens <jeanlouis.leysens@elastic.co> |
||
|
Kibana Machine
|
07b6f6c5aa
|
[8.x] [Http] Added version header to unversioned, public routes (#195464) (#195646)
# Backport This will backport the following commits from `main` to `8.x`: - [[Http] Added version header to unversioned, public routes (#195464)](https://github.com/elastic/kibana/pull/195464) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jean-Louis Leysens","email":"jeanlouis.leysens@elastic.co"},"sourceCommit":{"committedDate":"2024-10-09T16:33:54Z","message":"[Http] Added version header to unversioned, public routes (#195464)","sha":"61251bfdaffdb621558fff96d78cc8b2260c0abe","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:http","Team:Core","release_note:skip","v9.0.0","v8.16.0","backport:version"],"title":"[Http] Added version header to unversioned, public routes","number":195464,"url":"https://github.com/elastic/kibana/pull/195464","mergeCommit":{"message":"[Http] Added version header to unversioned, public routes (#195464)","sha":"61251bfdaffdb621558fff96d78cc8b2260c0abe"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195464","number":195464,"mergeCommit":{"message":"[Http] Added version header to unversioned, public routes (#195464)","sha":"61251bfdaffdb621558fff96d78cc8b2260c0abe"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Jean-Louis Leysens <jeanlouis.leysens@elastic.co> |
||
|
Kibana Machine
|
bc434697c9
|
[8.x] [Http] Gracefully onboarding internal routes to `VersionedRouter` (#194789) (#194902)
# Backport This will backport the following commits from `main` to `8.x`: - [[Http] Gracefully onboarding internal routes to `VersionedRouter` (#194789)](https://github.com/elastic/kibana/pull/194789) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jean-Louis Leysens","email":"jeanlouis.leysens@elastic.co"},"sourceCommit":{"committedDate":"2024-10-04T06:47:36Z","message":"[Http] Gracefully onboarding internal routes to `VersionedRouter` (#194789)\n\n## Summary\r\n\r\nIf an internal route goes from unversioned -> versioned today this will\r\nsurface as a breaking change. This PR allows internal routes to\r\ngracefully onboard to the versioned router.\r\n\r\nThe fix is to default to version `1` of an internal route if no version\r\nis provided. In this way old clients can continue to interact with the\r\nnew servers as developers onboard to the versioned router and roll out\r\nv2+ of an internal route.\r\n\r\n## Notes\r\n\r\nWe could use `buildNr` to narrow down internal routes defaulting to v1\r\nto older clients only. IMO this would be more accurate, but also of\r\nmarginal value. My rationale is: by requiring explicit versions during\r\ndev time the risk of us shipping new builds that don't provide a version\r\nis effectively nullified. Additionally we already run this risk with our\r\npublic route default behaviour (we even require that public routes have\r\nexplicit version in dev to mitigate this same risk for existing public\r\nclients).\r\n\r\nIf reviewers feel otherwise I'm happy to revisit this!\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n\r\n### Risk Matrix\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| By defaulting internal routes to v1 it's possible that behaviour\r\nbecomes less predictable. | Low | Low | This is already true for public\r\nroutes and we are allowing a more limited/more predictable version of\r\nthat here. |","sha":"afecfd8889b042501d8de72b6eb6d8a1b98cb586","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:http","Team:Core","release_note:skip","v9.0.0","v8.16.0","backport:version"],"title":"[Http] Gracefully onboarding internal routes to `VersionedRouter`","number":194789,"url":"https://github.com/elastic/kibana/pull/194789","mergeCommit":{"message":"[Http] Gracefully onboarding internal routes to `VersionedRouter` (#194789)\n\n## Summary\r\n\r\nIf an internal route goes from unversioned -> versioned today this will\r\nsurface as a breaking change. This PR allows internal routes to\r\ngracefully onboard to the versioned router.\r\n\r\nThe fix is to default to version `1` of an internal route if no version\r\nis provided. In this way old clients can continue to interact with the\r\nnew servers as developers onboard to the versioned router and roll out\r\nv2+ of an internal route.\r\n\r\n## Notes\r\n\r\nWe could use `buildNr` to narrow down internal routes defaulting to v1\r\nto older clients only. IMO this would be more accurate, but also of\r\nmarginal value. My rationale is: by requiring explicit versions during\r\ndev time the risk of us shipping new builds that don't provide a version\r\nis effectively nullified. Additionally we already run this risk with our\r\npublic route default behaviour (we even require that public routes have\r\nexplicit version in dev to mitigate this same risk for existing public\r\nclients).\r\n\r\nIf reviewers feel otherwise I'm happy to revisit this!\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n\r\n### Risk Matrix\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| By defaulting internal routes to v1 it's possible that behaviour\r\nbecomes less predictable. | Low | Low | This is already true for public\r\nroutes and we are allowing a more limited/more predictable version of\r\nthat here. |","sha":"afecfd8889b042501d8de72b6eb6d8a1b98cb586"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194789","number":194789,"mergeCommit":{"message":"[Http] Gracefully onboarding internal routes to `VersionedRouter` (#194789)\n\n## Summary\r\n\r\nIf an internal route goes from unversioned -> versioned today this will\r\nsurface as a breaking change. This PR allows internal routes to\r\ngracefully onboard to the versioned router.\r\n\r\nThe fix is to default to version `1` of an internal route if no version\r\nis provided. In this way old clients can continue to interact with the\r\nnew servers as developers onboard to the versioned router and roll out\r\nv2+ of an internal route.\r\n\r\n## Notes\r\n\r\nWe could use `buildNr` to narrow down internal routes defaulting to v1\r\nto older clients only. IMO this would be more accurate, but also of\r\nmarginal value. My rationale is: by requiring explicit versions during\r\ndev time the risk of us shipping new builds that don't provide a version\r\nis effectively nullified. Additionally we already run this risk with our\r\npublic route default behaviour (we even require that public routes have\r\nexplicit version in dev to mitigate this same risk for existing public\r\nclients).\r\n\r\nIf reviewers feel otherwise I'm happy to revisit this!\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n\r\n### Risk Matrix\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes |\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n| By defaulting internal routes to v1 it's possible that behaviour\r\nbecomes less predictable. | Low | Low | This is already true for public\r\nroutes and we are allowing a more limited/more predictable version of\r\nthat here. |","sha":"afecfd8889b042501d8de72b6eb6d8a1b98cb586"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Jean-Louis Leysens <jeanlouis.leysens@elastic.co> |
||
Elena Shostak
|
0b748f0b36
|
[8.x] [Authz] Added support for security route configuration option (#191973) (#194667)
# Backport This will backport the following commits from `main` to `8.x`: - [[Authz] Added support for security route configuration option (#191973)](https://github.com/elastic/kibana/pull/191973) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Elena Shostak","email":"165678770+elena-shostak@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-09-30T11:13:26Z","message":"[Authz] Added support for security route configuration option (#191973)\n\n## Summary\r\n\r\nExtended `KibanaRouteOptions` to include security configuration at the\r\nroute definition level.\r\n\r\n## Security Config\r\nTo facilitate iterative development security config is marked as\r\noptional for now.\r\n\r\n- `authz` supports both simple configuration (e.g., single privilege\r\nrequirements) and more complex configurations that involve anyRequired\r\nand allRequired privilege sets.\r\n- `authc` property has been added and is expected to replace the\r\nexisting `authRequired` option. This transition will be part of an\r\nupcoming deprecation process in scope of\r\nhttps://github.com/elastic/kibana/issues/191711\r\n- For versioned routes, the `authc` and `authz` configurations can be\r\napplied independently for each version, enabling version-specific\r\nsecurity configuration. If none provided for the specific version it\r\nwill fall back to the route root security option.\r\n- Validation logic has been added that ensures only supported\r\nconfigurations are specified.\r\n- Existing `registerOnPostAuth` hook has been modified to incorporate\r\nchecks based on the new `authz` property in the security configuration.\r\n- Comprehensive documentation will be added in the separate PR before\r\nsunsetting new security configuration and deprecating old one.\r\n\r\n## How to Test\r\nYou can modify any existing route or use the example routes below\r\n### Routes\r\n\r\n<details>\r\n<summary><b>Route 1:\r\n/api/security/authz_examples/authz_disabled</b></summary>\r\n\r\n```javascript\r\nrouter.get(\r\n {\r\n path: '/api/security/authz_examples/authz_disabled',\r\n security: {\r\n authz: {\r\n enabled: false,\r\n reason: 'This route is opted out from authorization',\r\n },\r\n },\r\n validate: false,\r\n },\r\n createLicensedRouteHandler(async (context, request, response) => {\r\n try {\r\n return response.ok({\r\n body: {\r\n message: 'This route is opted out from authorization',\r\n },\r\n });\r\n } catch (error) {\r\n return response.customError(wrapIntoCustomErrorResponse(error));\r\n }\r\n })\r\n);\r\n```\r\n</details>\r\n\r\n<details>\r\n<summary><b>Route 2:\r\n/api/security/authz_examples/simple_privileges_1</b></summary>\r\n\r\n```javascript\r\nrouter.get(\r\n {\r\n path: '/api/security/authz_examples/simple_privileges_1',\r\n security: {\r\n authz: {\r\n requiredPrivileges: ['manageSpaces', 'taskManager'],\r\n },\r\n },\r\n validate: false,\r\n },\r\n createLicensedRouteHandler(async (context, request, response) => {\r\n try {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n },\r\n });\r\n } catch (error) {\r\n return response.customError(wrapIntoCustomErrorResponse(error));\r\n }\r\n })\r\n);\r\n```\r\n</details>\r\n\r\n<details>\r\n<summary><b>Route 3:\r\n/api/security/authz_examples/simple_privileges_2</b></summary>\r\n\r\n```javascript\r\nrouter.get(\r\n {\r\n path: '/api/security/authz_examples/simple_privileges_2',\r\n security: {\r\n authz: {\r\n requiredPrivileges: [\r\n 'manageSpaces',\r\n {\r\n anyRequired: ['taskManager', 'features'],\r\n },\r\n ],\r\n },\r\n },\r\n validate: false,\r\n },\r\n createLicensedRouteHandler(async (context, request, response) => {\r\n try {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n },\r\n });\r\n } catch (error) {\r\n return response.customError(wrapIntoCustomErrorResponse(error));\r\n }\r\n })\r\n);\r\n```\r\n</details>\r\n\r\n<details>\r\n<summary><b>Versioned Route:\r\n/internal/security/authz_versioned_examples/simple_privileges_1</b></summary>\r\n\r\n```javascript\r\nrouter.versioned\r\n .get({\r\n path: '/internal/security/authz_versioned_examples/simple_privileges_1',\r\n access: 'internal',\r\n enableQueryVersion: true,\r\n })\r\n .addVersion(\r\n {\r\n version: '1',\r\n validate: false,\r\n security: {\r\n authz: {\r\n requiredPrivileges: ['manageSpaces', 'taskManager'],\r\n },\r\n authc: {\r\n enabled: 'optional',\r\n },\r\n },\r\n },\r\n (context, request, response) => {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n version: '1',\r\n },\r\n });\r\n }\r\n )\r\n .addVersion(\r\n {\r\n version: '2',\r\n validate: false,\r\n security: {\r\n authz: {\r\n requiredPrivileges: ['manageSpaces'],\r\n },\r\n authc: {\r\n enabled: true,\r\n },\r\n },\r\n },\r\n (context, request, response) => {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n version: '2',\r\n },\r\n });\r\n }\r\n );\r\n```\r\n</details>\r\n\r\n\r\n\r\n### Checklist\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n__Closes: https://github.com/elastic/kibana/issues/191710__\r\n__Related: https://github.com/elastic/kibana/issues/191712,\r\nhttps://github.com/elastic/kibana/issues/191713__\r\n\r\n### Release Note\r\nExtended `KibanaRouteOptions` to include security configuration at the\r\nroute definition level.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"9a7e9124cf86d8a7a7ce25732bf11163ec7df52d","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","chore","Team:Security","Feature:Security/Authentication","Feature:Security/Authorization","backport:skip","v9.0.0"],"number":191973,"url":"https://github.com/elastic/kibana/pull/191973","mergeCommit":{"message":"[Authz] Added support for security route configuration option (#191973)\n\n## Summary\r\n\r\nExtended `KibanaRouteOptions` to include security configuration at the\r\nroute definition level.\r\n\r\n## Security Config\r\nTo facilitate iterative development security config is marked as\r\noptional for now.\r\n\r\n- `authz` supports both simple configuration (e.g., single privilege\r\nrequirements) and more complex configurations that involve anyRequired\r\nand allRequired privilege sets.\r\n- `authc` property has been added and is expected to replace the\r\nexisting `authRequired` option. This transition will be part of an\r\nupcoming deprecation process in scope of\r\nhttps://github.com/elastic/kibana/issues/191711\r\n- For versioned routes, the `authc` and `authz` configurations can be\r\napplied independently for each version, enabling version-specific\r\nsecurity configuration. If none provided for the specific version it\r\nwill fall back to the route root security option.\r\n- Validation logic has been added that ensures only supported\r\nconfigurations are specified.\r\n- Existing `registerOnPostAuth` hook has been modified to incorporate\r\nchecks based on the new `authz` property in the security configuration.\r\n- Comprehensive documentation will be added in the separate PR before\r\nsunsetting new security configuration and deprecating old one.\r\n\r\n## How to Test\r\nYou can modify any existing route or use the example routes below\r\n### Routes\r\n\r\n<details>\r\n<summary><b>Route 1:\r\n/api/security/authz_examples/authz_disabled</b></summary>\r\n\r\n```javascript\r\nrouter.get(\r\n {\r\n path: '/api/security/authz_examples/authz_disabled',\r\n security: {\r\n authz: {\r\n enabled: false,\r\n reason: 'This route is opted out from authorization',\r\n },\r\n },\r\n validate: false,\r\n },\r\n createLicensedRouteHandler(async (context, request, response) => {\r\n try {\r\n return response.ok({\r\n body: {\r\n message: 'This route is opted out from authorization',\r\n },\r\n });\r\n } catch (error) {\r\n return response.customError(wrapIntoCustomErrorResponse(error));\r\n }\r\n })\r\n);\r\n```\r\n</details>\r\n\r\n<details>\r\n<summary><b>Route 2:\r\n/api/security/authz_examples/simple_privileges_1</b></summary>\r\n\r\n```javascript\r\nrouter.get(\r\n {\r\n path: '/api/security/authz_examples/simple_privileges_1',\r\n security: {\r\n authz: {\r\n requiredPrivileges: ['manageSpaces', 'taskManager'],\r\n },\r\n },\r\n validate: false,\r\n },\r\n createLicensedRouteHandler(async (context, request, response) => {\r\n try {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n },\r\n });\r\n } catch (error) {\r\n return response.customError(wrapIntoCustomErrorResponse(error));\r\n }\r\n })\r\n);\r\n```\r\n</details>\r\n\r\n<details>\r\n<summary><b>Route 3:\r\n/api/security/authz_examples/simple_privileges_2</b></summary>\r\n\r\n```javascript\r\nrouter.get(\r\n {\r\n path: '/api/security/authz_examples/simple_privileges_2',\r\n security: {\r\n authz: {\r\n requiredPrivileges: [\r\n 'manageSpaces',\r\n {\r\n anyRequired: ['taskManager', 'features'],\r\n },\r\n ],\r\n },\r\n },\r\n validate: false,\r\n },\r\n createLicensedRouteHandler(async (context, request, response) => {\r\n try {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n },\r\n });\r\n } catch (error) {\r\n return response.customError(wrapIntoCustomErrorResponse(error));\r\n }\r\n })\r\n);\r\n```\r\n</details>\r\n\r\n<details>\r\n<summary><b>Versioned Route:\r\n/internal/security/authz_versioned_examples/simple_privileges_1</b></summary>\r\n\r\n```javascript\r\nrouter.versioned\r\n .get({\r\n path: '/internal/security/authz_versioned_examples/simple_privileges_1',\r\n access: 'internal',\r\n enableQueryVersion: true,\r\n })\r\n .addVersion(\r\n {\r\n version: '1',\r\n validate: false,\r\n security: {\r\n authz: {\r\n requiredPrivileges: ['manageSpaces', 'taskManager'],\r\n },\r\n authc: {\r\n enabled: 'optional',\r\n },\r\n },\r\n },\r\n (context, request, response) => {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n version: '1',\r\n },\r\n });\r\n }\r\n )\r\n .addVersion(\r\n {\r\n version: '2',\r\n validate: false,\r\n security: {\r\n authz: {\r\n requiredPrivileges: ['manageSpaces'],\r\n },\r\n authc: {\r\n enabled: true,\r\n },\r\n },\r\n },\r\n (context, request, response) => {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n version: '2',\r\n },\r\n });\r\n }\r\n );\r\n```\r\n</details>\r\n\r\n\r\n\r\n### Checklist\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n__Closes: https://github.com/elastic/kibana/issues/191710__\r\n__Related: https://github.com/elastic/kibana/issues/191712,\r\nhttps://github.com/elastic/kibana/issues/191713__\r\n\r\n### Release Note\r\nExtended `KibanaRouteOptions` to include security configuration at the\r\nroute definition level.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"9a7e9124cf86d8a7a7ce25732bf11163ec7df52d"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/191973","number":191973,"mergeCommit":{"message":"[Authz] Added support for security route configuration option (#191973)\n\n## Summary\r\n\r\nExtended `KibanaRouteOptions` to include security configuration at the\r\nroute definition level.\r\n\r\n## Security Config\r\nTo facilitate iterative development security config is marked as\r\noptional for now.\r\n\r\n- `authz` supports both simple configuration (e.g., single privilege\r\nrequirements) and more complex configurations that involve anyRequired\r\nand allRequired privilege sets.\r\n- `authc` property has been added and is expected to replace the\r\nexisting `authRequired` option. This transition will be part of an\r\nupcoming deprecation process in scope of\r\nhttps://github.com/elastic/kibana/issues/191711\r\n- For versioned routes, the `authc` and `authz` configurations can be\r\napplied independently for each version, enabling version-specific\r\nsecurity configuration. If none provided for the specific version it\r\nwill fall back to the route root security option.\r\n- Validation logic has been added that ensures only supported\r\nconfigurations are specified.\r\n- Existing `registerOnPostAuth` hook has been modified to incorporate\r\nchecks based on the new `authz` property in the security configuration.\r\n- Comprehensive documentation will be added in the separate PR before\r\nsunsetting new security configuration and deprecating old one.\r\n\r\n## How to Test\r\nYou can modify any existing route or use the example routes below\r\n### Routes\r\n\r\n<details>\r\n<summary><b>Route 1:\r\n/api/security/authz_examples/authz_disabled</b></summary>\r\n\r\n```javascript\r\nrouter.get(\r\n {\r\n path: '/api/security/authz_examples/authz_disabled',\r\n security: {\r\n authz: {\r\n enabled: false,\r\n reason: 'This route is opted out from authorization',\r\n },\r\n },\r\n validate: false,\r\n },\r\n createLicensedRouteHandler(async (context, request, response) => {\r\n try {\r\n return response.ok({\r\n body: {\r\n message: 'This route is opted out from authorization',\r\n },\r\n });\r\n } catch (error) {\r\n return response.customError(wrapIntoCustomErrorResponse(error));\r\n }\r\n })\r\n);\r\n```\r\n</details>\r\n\r\n<details>\r\n<summary><b>Route 2:\r\n/api/security/authz_examples/simple_privileges_1</b></summary>\r\n\r\n```javascript\r\nrouter.get(\r\n {\r\n path: '/api/security/authz_examples/simple_privileges_1',\r\n security: {\r\n authz: {\r\n requiredPrivileges: ['manageSpaces', 'taskManager'],\r\n },\r\n },\r\n validate: false,\r\n },\r\n createLicensedRouteHandler(async (context, request, response) => {\r\n try {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n },\r\n });\r\n } catch (error) {\r\n return response.customError(wrapIntoCustomErrorResponse(error));\r\n }\r\n })\r\n);\r\n```\r\n</details>\r\n\r\n<details>\r\n<summary><b>Route 3:\r\n/api/security/authz_examples/simple_privileges_2</b></summary>\r\n\r\n```javascript\r\nrouter.get(\r\n {\r\n path: '/api/security/authz_examples/simple_privileges_2',\r\n security: {\r\n authz: {\r\n requiredPrivileges: [\r\n 'manageSpaces',\r\n {\r\n anyRequired: ['taskManager', 'features'],\r\n },\r\n ],\r\n },\r\n },\r\n validate: false,\r\n },\r\n createLicensedRouteHandler(async (context, request, response) => {\r\n try {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n },\r\n });\r\n } catch (error) {\r\n return response.customError(wrapIntoCustomErrorResponse(error));\r\n }\r\n })\r\n);\r\n```\r\n</details>\r\n\r\n<details>\r\n<summary><b>Versioned Route:\r\n/internal/security/authz_versioned_examples/simple_privileges_1</b></summary>\r\n\r\n```javascript\r\nrouter.versioned\r\n .get({\r\n path: '/internal/security/authz_versioned_examples/simple_privileges_1',\r\n access: 'internal',\r\n enableQueryVersion: true,\r\n })\r\n .addVersion(\r\n {\r\n version: '1',\r\n validate: false,\r\n security: {\r\n authz: {\r\n requiredPrivileges: ['manageSpaces', 'taskManager'],\r\n },\r\n authc: {\r\n enabled: 'optional',\r\n },\r\n },\r\n },\r\n (context, request, response) => {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n version: '1',\r\n },\r\n });\r\n }\r\n )\r\n .addVersion(\r\n {\r\n version: '2',\r\n validate: false,\r\n security: {\r\n authz: {\r\n requiredPrivileges: ['manageSpaces'],\r\n },\r\n authc: {\r\n enabled: true,\r\n },\r\n },\r\n },\r\n (context, request, response) => {\r\n return response.ok({\r\n body: {\r\n authzResult: request.authzResult,\r\n version: '2',\r\n },\r\n });\r\n }\r\n );\r\n```\r\n</details>\r\n\r\n\r\n\r\n### Checklist\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n__Closes: https://github.com/elastic/kibana/issues/191710__\r\n__Related: https://github.com/elastic/kibana/issues/191712,\r\nhttps://github.com/elastic/kibana/issues/191713__\r\n\r\n### Release Note\r\nExtended `KibanaRouteOptions` to include security configuration at the\r\nroute definition level.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"9a7e9124cf86d8a7a7ce25732bf11163ec7df52d"}}]}] BACKPORT--> |
||
|
Kibana Machine
|
2c670dc76b
|
[8.x] Upgrade http dependencies (#180986) (#194616)
# Backport This will backport the following commits from `main` to `8.x`: - [Upgrade http dependencies (#180986)](https://github.com/elastic/kibana/pull/180986) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alejandro Fernández Haro","email":"alejandro.haro@elastic.co"},"sourceCommit":{"committedDate":"2024-10-01T16:50:47Z","message":"Upgrade http dependencies (#180986)\n\nCo-authored-by: florent-leborgne <florent.leborgne@elastic.co>\r\nCo-authored-by: Rudolf Meijering <skaapgif@gmail.com>","sha":"d570d60b0bd950faaebf39e3e2f4f7481c116ac6","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Docs","Feature:http","release_note:breaking","Team:Core","Team:Security","v9.0.0","Team:Defend Workflows","backport:prev-minor","Team:Detection Engine"],"title":"Upgrade http dependencies","number":180986,"url":"https://github.com/elastic/kibana/pull/180986","mergeCommit":{"message":"Upgrade http dependencies (#180986)\n\nCo-authored-by: florent-leborgne <florent.leborgne@elastic.co>\r\nCo-authored-by: Rudolf Meijering <skaapgif@gmail.com>","sha":"d570d60b0bd950faaebf39e3e2f4f7481c116ac6"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/180986","number":180986,"mergeCommit":{"message":"Upgrade http dependencies (#180986)\n\nCo-authored-by: florent-leborgne <florent.leborgne@elastic.co>\r\nCo-authored-by: Rudolf Meijering <skaapgif@gmail.com>","sha":"d570d60b0bd950faaebf39e3e2f4f7481c116ac6"}}]}] BACKPORT--> Co-authored-by: Alejandro Fernández Haro <alejandro.haro@elastic.co> |
||
|
Kibana Machine
|
022813ba21
|
[8.x] [core] get headers from fakeRequest in secondary user client (#192394) (#193815)
# Backport This will backport the following commits from `main` to `8.x`: - [[core] get headers from fakeRequest in secondary user client (#192394)](https://github.com/elastic/kibana/pull/192394) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Kevin Lacabane","email":"kevin.lacabane@elastic.co"},"sourceCommit":{"committedDate":"2024-09-13T02:32:13Z","message":"[core] get headers from fakeRequest in secondary user client (#192394)\n\n## Summary\r\n\r\nCloses https://github.com/elastic/kibana/issues/192004\r\n\r\nCalling `client.asSecondaryAuthUser` from a client scoped to a fake\r\nrequest instantiated with `getKibanaFakeRequest` returns the following\r\nerror:\r\n`Error: asSecondaryAuthUser called from a client scoped to a request\r\nwithout 'authorization' header.`.\r\n\r\nThis is because we use the same branch when dealing with a real or fake\r\nrequest and expect the headers to be cached. There are existing tests to\r\nverify a fake request works but these requests are raw objects not\r\ncreated through `getKibanaFakeRequest`\r\n\r\n### Testing\r\nThis snippet does not throw\r\n```\r\nconst fakeRequest = getFakeKibanaRequest({ id: apiKey.id, api_key: apiKey.apiKey });\r\nconst esClient = server.core.elasticsearch.client.asScoped(fakeRequest).asSecondaryAuthUser;\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"0987f70112aeeef0ffa9b670d86a5b5f82d60454","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor"],"title":"[core] get headers from fakeRequest in secondary user client","number":192394,"url":"https://github.com/elastic/kibana/pull/192394","mergeCommit":{"message":"[core] get headers from fakeRequest in secondary user client (#192394)\n\n## Summary\r\n\r\nCloses https://github.com/elastic/kibana/issues/192004\r\n\r\nCalling `client.asSecondaryAuthUser` from a client scoped to a fake\r\nrequest instantiated with `getKibanaFakeRequest` returns the following\r\nerror:\r\n`Error: asSecondaryAuthUser called from a client scoped to a request\r\nwithout 'authorization' header.`.\r\n\r\nThis is because we use the same branch when dealing with a real or fake\r\nrequest and expect the headers to be cached. There are existing tests to\r\nverify a fake request works but these requests are raw objects not\r\ncreated through `getKibanaFakeRequest`\r\n\r\n### Testing\r\nThis snippet does not throw\r\n```\r\nconst fakeRequest = getFakeKibanaRequest({ id: apiKey.id, api_key: apiKey.apiKey });\r\nconst esClient = server.core.elasticsearch.client.asScoped(fakeRequest).asSecondaryAuthUser;\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"0987f70112aeeef0ffa9b670d86a5b5f82d60454"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/192394","number":192394,"mergeCommit":{"message":"[core] get headers from fakeRequest in secondary user client (#192394)\n\n## Summary\r\n\r\nCloses https://github.com/elastic/kibana/issues/192004\r\n\r\nCalling `client.asSecondaryAuthUser` from a client scoped to a fake\r\nrequest instantiated with `getKibanaFakeRequest` returns the following\r\nerror:\r\n`Error: asSecondaryAuthUser called from a client scoped to a request\r\nwithout 'authorization' header.`.\r\n\r\nThis is because we use the same branch when dealing with a real or fake\r\nrequest and expect the headers to be cached. There are existing tests to\r\nverify a fake request works but these requests are raw objects not\r\ncreated through `getKibanaFakeRequest`\r\n\r\n### Testing\r\nThis snippet does not throw\r\n```\r\nconst fakeRequest = getFakeKibanaRequest({ id: apiKey.id, api_key: apiKey.apiKey });\r\nconst esClient = server.core.elasticsearch.client.asScoped(fakeRequest).asSecondaryAuthUser;\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"0987f70112aeeef0ffa9b670d86a5b5f82d60454"}}]}] BACKPORT--> Co-authored-by: Kevin Lacabane <kevin.lacabane@elastic.co> |
||
Alejandro Fernández Haro
|
71ad243504
|
[8.x] [Feature Flags Service] Hello world 👋 (#188562) (#193519)
# Backport This will backport the following commits from `main` to `8.x`: - [[Feature Flags Service] Hello world 👋 (#188562)](https://github.com/elastic/kibana/pull/188562) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alejandro Fernández Haro","email":"alejandro.haro@elastic.co"},"sourceCommit":{"committedDate":"2024-09-18T16:02:55Z","message":"[Feature Flags Service] Hello world 👋 (#188562)\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Jean-Louis Leysens <jloleysens@gmail.com>","sha":"02ce1b91014eb59f019854b01325bbdf983d2218","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","Team:Operations","Team:Security","release_note:skip","Team:Observability","Team:Fleet","v9.0.0","Team: SecuritySolution","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-logs"],"number":188562,"url":"https://github.com/elastic/kibana/pull/188562","mergeCommit":{"message":"[Feature Flags Service] Hello world 👋 (#188562)\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Jean-Louis Leysens <jloleysens@gmail.com>","sha":"02ce1b91014eb59f019854b01325bbdf983d2218"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/188562","number":188562,"mergeCommit":{"message":"[Feature Flags Service] Hello world 👋 (#188562)\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Jean-Louis Leysens <jloleysens@gmail.com>","sha":"02ce1b91014eb59f019854b01325bbdf983d2218"}}]}] BACKPORT--> |
||
|
Kibana Machine
|
ef0b11577c
|
[8.x] Adds 'discontinued' to OAS meta (#192331) (#192791)
# Backport This will backport the following commits from `main` to `8.x`: - [Adds 'discontinued' to OAS meta (#192331)](https://github.com/elastic/kibana/pull/192331) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Christiane (Tina) Heiligers","email":"christiane.heiligers@elastic.co"},"sourceCommit":{"committedDate":"2024-09-13T00:06:41Z","message":"Adds 'discontinued' to OAS meta (#192331)\n\n## Summary\r\n\r\nIn this PR, we add support for a discontinued field to our router\r\nconversion logic at the operation level. `discontinued` indicates the\r\nversion or date when the deprecation will be removed, as a string.\r\n\r\nCloses https://github.com/elastic/kibana/issues/192292\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Jean-Louis Leysens <jloleysens@gmail.com>","sha":"303d8f27e4c8cdfd541e7e6b27548cbffaf454fd","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:http","Team:Core","release_note:skip","v9.0.0","Feature:OAS","v8.16.0"],"title":"Adds 'discontinued' to OAS meta","number":192331,"url":"https://github.com/elastic/kibana/pull/192331","mergeCommit":{"message":"Adds 'discontinued' to OAS meta (#192331)\n\n## Summary\r\n\r\nIn this PR, we add support for a discontinued field to our router\r\nconversion logic at the operation level. `discontinued` indicates the\r\nversion or date when the deprecation will be removed, as a string.\r\n\r\nCloses https://github.com/elastic/kibana/issues/192292\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Jean-Louis Leysens <jloleysens@gmail.com>","sha":"303d8f27e4c8cdfd541e7e6b27548cbffaf454fd"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/192331","number":192331,"mergeCommit":{"message":"Adds 'discontinued' to OAS meta (#192331)\n\n## Summary\r\n\r\nIn this PR, we add support for a discontinued field to our router\r\nconversion logic at the operation level. `discontinued` indicates the\r\nversion or date when the deprecation will be removed, as a string.\r\n\r\nCloses https://github.com/elastic/kibana/issues/192292\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\r\nCo-authored-by: Jean-Louis Leysens <jloleysens@gmail.com>","sha":"303d8f27e4c8cdfd541e7e6b27548cbffaf454fd"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> |
||
Christiane (Tina) Heiligers
|
3a68f8b3ae
|
[http] api_integration tests handle internal route restriction (#192407)
fix https://github.com/elastic/kibana/issues/192052 ## Summary Internal APIs will be [restricted](https://github.com/elastic/kibana/issues/163654) from public access as of 9.0.0. In non-serverless environments, this breaking change will result in a 400 error if an external request is made to an internal Kibana API (route `access` option as `"internal"` or `"public"`). This PR allows API owners of non-xpack plugins to run their `ftr` API integration tests against the restriction and adds examples of how to handle it. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios Note to reviewers: The header needed to allow access to internal apis shouldn't change your test output, with or without the restriction enabled. ### How to test the changes work: #### Non x-pack: 1. Set `server.restrictInternalApis: true` in `test/common/config.js` 2. Ensure your tests pass #### x-pack: 1. Set `server.restrictInternalApis: true` in `x-pack/test/api_integration/apis/security/config.ts` 2. Ensure the spaces tests pass --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> |
||
Jean-Louis Leysens
|
abe016c0b4
|
[HTTP] Router validation discrimination (#190300)
## Summary Help TS better discriminate between types in our Router validation union. |
||
Luke Elmers
|
b6287708f6
|
Adds AGPL 3.0 license (#192025)
Updates files outside of x-pack to be triple-licensed under Elastic License 2.0, AGPL 3.0, or SSPL 1.0. |
||
|
Alejandro Fernández Haro
|
3db4cebf92
|
[Flaky #190197] Find random **available** port (#190200) | ||
|
Alejandro Fernández Haro
|
11b750b10a
|
Minimize shared-common everywhere (#188606)
## Summary  At the moment, our package generator creates all packages with the type `shared-common`. This means that we cannot enforce boundaries between server-side-only code and the browser, and vice-versa. - [x] I started fixing `packages/core/*` - [x] It took me to fixing `src/core/` type to be identified by the `plugin` pattern (`public` and `server` directories) vs. a package (either common, or single-scoped) - [x] Unsurprisingly, this extended to packages importing core packages hitting the boundaries eslint rules. And other packages importing the latter. - [x] Also a bunch of `common` logic that shouldn't be so _common_ 🙃 ### For maintainers - [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
Tiago Costa
|
5859c69bb0
|
chore(NA): upgrade typescript into v5.1.6 (#186437)
This PR bumps the Typescript version used on Kibana into v5.1.6. The full set of changes can be found [here](https://devblogs.microsoft.com/typescript/announcing-typescript-5-0/) and [here](https://devblogs.microsoft.com/typescript/announcing-typescript-5-1/). In order to make assumptions over the codebase and all the type of errors I choose to mark the failures with `@ts-expect-error` and let each team decide how to handle it. There is a list below with the files (and teams those belong to) where the annotations were added. If each team could provide help of fixing the ones under their domain it would be fantastic. It can be done in this PR or in subsequent ones. Here it goes the list for follow up: @elastic/kibana-core - [ ] [packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e700e121788da393439b09ccb5dcd68c9fe4bb6b2663f84509e1fc0cdbcfdba9) - [ ] [packages/core/notifications/core-notifications-browser-internal/src/toasts/global_toast_list.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-9418144cd53fe450cb5a924b05348ea61af12d7d95a28dda6a22b9058540d11e) @elastic/kibana-data-discovery - [ ] [packages/kbn-es-query/src/es_query/from_filters.ts](https://github.com/elastic/kibana/pull/186437/files#diff-d58aad3fd7135aae181c5cf501f48a27de1c08656e80933d91c00ac9b96033a6) - [ ] [src/plugins/field_formats/common/constants/base_formatters.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8864ffe2a1866a9c2c0a535057e4e1c39bb4507ffdb2866f23fb6f66b0211cf2) - [ ] [src/plugins/field_formats/common/converters/color.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-dad100b5dbd1511598d1b1e01cf6043dd3e5adb2c59ea2f2da5ddc8f0da811f4) - [ ] [src/plugins/field_formats/common/utils/geo_utils.ts](https://github.com/elastic/kibana/pull/186437/files#diff-6e35aec0659afb9e67a2767219e792f918bdbd68e0d710c9cb62aa1bce3e8f58) @elastic/obs-knowledge-team - [ ] [packages/kbn-eslint-plugin-i18n/rules/formatted_message_should_start_with_the_right_id.ts](https://github.com/elastic/kibana/pull/186437/files#diff-50a9be879e214228ea2f620e25d170878b91083624f195b52bc3546dd7513863) - [ ] [packages/kbn-eslint-plugin-i18n/rules/i18n_translate_should_start_with_the_right_id.ts](https://github.com/elastic/kibana/pull/186437/files#diff-246cad304aec6af53e6d8f5b1a94631cced481a18842b792fd678468b91b4a97) - [ ] [packages/kbn-eslint-plugin-i18n/rules/strings_should_be_translated_with_formatted_message.ts](https://github.com/elastic/kibana/pull/186437/files#diff-359f9b0e4e216505f6c4be2202ce3e40c796760735ee21f075c7f364da32c830) - [ ] [packages/kbn-eslint-plugin-i18n/rules/strings_should_be_translated_with_i18n.ts](https://github.com/elastic/kibana/pull/186437/files#diff-461be6c6ed7c6dca2880b5bb4a0b46630d92ba15ae053ab5beda06461e28334c) - [ ] [packages/kbn-eslint-plugin-telemetry/rules/event_generating_elements_should_be_instrumented.ts](https://github.com/elastic/kibana/pull/186437/files#diff-ecc2ed1c091c51e909b8be3d1bc44b51bf074028dc36eefd7c18511f2a677a70) @elastic/kibana-esql - [x] [packages/kbn-esql-validation-autocomplete/src/definitions/functions.ts](https://github.com/elastic/kibana/pull/186437/files#diff-d45c72297609bbbbde2e3ad05e7f2d01bc3641ebcaed291e2608835bbc488cb5) @elastic/kibana-management - [ ] [packages/kbn-management/settings/components/field_row/description/description.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-c8721036237a95d1884e92898998cd074b1ce11bd47be544a5555508df281131) - [ ] [x-pack/plugins/upgrade_assistant/public/application/components/es_deprecations/deprecation_types/reindex/flyout/progress.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-643342b210c85ad16ce48332f8fc4a897f04b360478e0dc85c66764c8dfa2fea) @elastic/kibana-security - [x] [packages/kbn-user-profile-components/src/user_profiles_selectable.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-56f068e23fe0c835822be949e6d5a4b1c3e4c6122674d85edcd755247e8ba5b3) @elastic/appex-sharedux - [ ] [src/plugins/bfetch/public/test_helpers/xhr.ts](https://github.com/elastic/kibana/pull/186437/files#diff-3cbb61cec7f75035395d5839574750039ed9f0c426b4cdc30101584f20679844) @elastic/kibana-visualizations - [x] [src/plugins/chart_expressions/expression_partition_vis/public/__stories__/shared/config.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5b63b4a12b145aa1dd32502a443b78d5d34032b7d1e81c2f2ddc95018ec220a2) - [x] [src/plugins/data/common/search/tabify/tabify.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-0e813655cdaa11de2798a95e96d1681a3ba3733cd44d6e3ded92e42923a4f8a4) - [x] [src/plugins/data/public/search/session/sessions_mgmt/lib/get_expiration_status.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8e383e294d0beacaac5a59bbfb71db2eb34ec19bb17110558892dba4e78c9e5c) - [x] [src/plugins/expressions/common/test_helpers/expression_functions/sum.ts](https://github.com/elastic/kibana/pull/186437/files#diff-ecd1d48194777bcf42b216ad9175ed7d27ab42b7534e58e398bd4f69910c7fd0) - [x] [src/plugins/vis_default_editor/public/components/controls/components/number_list/utils.ts](https://github.com/elastic/kibana/pull/186437/files#diff-83d6ea7d32a99c1655754bd7aa2b2bd18379336dfd08587d05c3879d94466ca5) - [x] [src/plugins/vis_types/heatmap/public/editor/components/heatmap.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-2ccd19b338a26292b3183fedce9ab9f0e0278c70478fe120b4bc8eaf708c1f30) @elastic/kibana-presentation - [ ] [src/plugins/presentation_util/public/components/floating_actions/floating_actions.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-d9ec87fc178c67a0666faed87b03608fff2de870d3a7426b7d6f32ea467c5efe) @elastic/response-ops - [ ] [x-pack/examples/triggers_actions_ui_example/public/connector_types/system_log_example/system_log_example_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-844871414a2b89346d98713776d43b6b7748fd09d9bfa29df8db039ef7029c17) - [ ] [x-pack/plugins/alerting/public/services/maintenance_windows_api/transform_maintenance_window_response.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8ce933ffaafd5cbb9be4fcebceb103354c6ccef3bf903472bab00aa63df05fbf) - [ ] [x-pack/plugins/alerting/server/alerts_client/lib/build_updated_recovered_alert.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-9c6f9f83811a8109a98c135c3c38d5e1f5f4b0ed43c50191c5f3356904f98743) - [ ] [x-pack/plugins/alerting/server/application/maintenance_window/methods/archive/archive_maintenance_window.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b5b5bc1b7dcd9f9231fa3106ec0249503878c6fa08beddcdad386bff2de817fd) - [ ] [x-pack/plugins/alerting/server/application/maintenance_window/methods/finish/finish_maintenance_window.ts](https://github.com/elastic/kibana/pull/186437/files#diff-be29c2527f016d3e0aa6f7114497b27f01328ba97fe4b8c10687e26274837eab) - [ ] [x-pack/plugins/alerting/server/application/maintenance_window/methods/update/update_maintenance_window.ts](https://github.com/elastic/kibana/pull/186437/files#diff-a41ce34fdcee991ff0dadb69b1f79ffdca65a1d403ba61cbe64f9a169dbd71af) - [ ] [x-pack/plugins/alerting/server/routes/maintenance_window/apis/archive/archive_maintenance_window_route.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-77786589c9983c6f73738c8e5727dda1d6d28d1fd43174333f4bc1d6e01aacbb) - [ ] [x-pack/plugins/alerting/server/routes/maintenance_window/apis/find/find_maintenance_windows_route.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-390a8118418248ce86b341bfc983bffe766cde153f3e0af1e50ee3c782d14f32) - [ ] [x-pack/plugins/alerting/server/routes/maintenance_window/apis/finish/finish_maintenance_window_route.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-597891acbb306fdf24fee4a354565e528d48922193bac3a9df2431c242f58801) - [ ] [x-pack/plugins/alerting/server/routes/maintenance_window/apis/get/get_maintenance_window_route.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-424da348dc22e6e40122808ec0dc3be4308311b8b6cf2980612cfe32035bc4b1) - [ ] [x-pack/plugins/alerting/server/routes/maintenance_window/apis/get_active/get_active_maintenance_windows_route.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-2e05b51211b744c4c62f4aa6114f05ae25a58bc7cc9104acb696c31dc079923a) - [ ] [x-pack/plugins/alerting/server/routes/maintenance_window/apis/update/update_maintenance_window_route.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5db167da59aa1095e7addc5a212e5b6d8eb56510ee2e8380d756518b9ed01391) - [ ] [x-pack/plugins/alerting/server/rules_client/common/snooze_utils.ts](https://github.com/elastic/kibana/pull/186437/files#diff-00934c9c89eafd3ba6f4dadf6eeb722ffcacfa3d2938d0ad87e0f94d7b74b2c7) - [x] [x-pack/plugins/cases/public/components/create/utils.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-ee83142469c3a5f01ca2d451d265103d37c6aa674871134274ad19ab524d7bdc) - [x] [x-pack/plugins/cases/public/components/system_actions/cases/cases_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-48a40eef52d23999ba7e8f7be4a45b1888e9e23a7e7e2274005106fa512150a5) - [ ] [x-pack/plugins/stack_alerts/public/rule_types/components/index_select_popover.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-b5f375535c5a86461c05426871068165875dcf48397cb6e9bd8fbd28887ae01f) - [ ] [x-pack/plugins/stack_alerts/public/rule_types/components/source_fields_select.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-590e8e70a0107e1636381c82d9c220f94cfc6f9eb989ff0cf4bf1ab1dbf910ef) - [ ] [x-pack/plugins/stack_alerts/public/rule_types/es_query/expression/es_query_expression.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-f8d25e40e49c3e4c349180c07884ab6c32f0632a8e7942e38d0c807ea121ac31) - [ ] [x-pack/plugins/stack_alerts/public/rule_types/es_query/expression/esql_query_expression.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-ac4ad1bbcbfd2fea2717f4b5a66026c718e3b1798b9c8ec8de6788a177ee065f) - [ ] [x-pack/plugins/stack_alerts/public/rule_types/es_query/expression/expression.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-7e37c942e8193d2a6d98ec3f700b4ccd9776e8ca486236db66c2c12003dcba3e) - [ ] [x-pack/plugins/stack_alerts/public/rule_types/geo_containment/rule_form/rule_form.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-9aea6a712f0c62b3d537198adb76e919e1d5dcc0ca9a677f5209fb242b711a1c) - [ ] [x-pack/plugins/stack_alerts/public/rule_types/threshold/expression.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-98fa95151dfe9b742538a07e55b155ad1ae21a4d0689855fb81777fcb096fa1a) - [x] [x-pack/plugins/stack_connectors/public/connector_types/cases_webhook/webhook_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-ac3cca4b207b481d51a9d0cd7ea40b6cad60fa3bc65b3f468390dc6c17079e6b) - [x] [x-pack/plugins/stack_connectors/public/connector_types/email/email_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-df59d955c778b3600f2cc6ab081e23e81111c551a47b49fea17248e361179bad) - [x] [x-pack/plugins/stack_connectors/public/connector_types/es_index/es_index_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-7e43267b14964eac9970e05136122295c94b5b5e3eedc68f2669aa341f5191bb) - [x] [x-pack/plugins/stack_connectors/public/connector_types/jira/jira_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-6cd6e35801151cdb651ba089a9894d3bd7d11c14f5043e3fec9dcbd5d8cecf84) - [x] [x-pack/plugins/stack_connectors/public/connector_types/lib/servicenow/helpers.ts](https://github.com/elastic/kibana/pull/186437/files#diff-26ec61b32587b6e6ecae3729aa4aa21b686a98a913f0f9cdc826201e8ccfbb3d) - [x] [x-pack/plugins/stack_connectors/public/connector_types/opsgenie/close_alert.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-0cc8ad009225394e3646aec29f40ca6b6946f4bfde6c785b574cae2c3b593509) - [x] [x-pack/plugins/stack_connectors/public/connector_types/opsgenie/create_alert/index.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-3242adfea72e5c25b06189b36e4ee140a79925f410954e79d653680869a3b8a3) - [x] [x-pack/plugins/stack_connectors/public/connector_types/pagerduty/pagerduty_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-e7198fbd573a6103e3f0eaeda983901085a86a49b4d1d6a3888efd4e54a45861) - [x] [x-pack/plugins/stack_connectors/public/connector_types/resilient/resilient_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-75d81bebd5447946d113884982c084df04022df804a6fa349e3cf1772f77fa90) - [x] [x-pack/plugins/stack_connectors/public/connector_types/servicenow_itom/servicenow_itom_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-7a5300760de357f71a6721045455121deb11b67579fbb5ad17b0f1a579b9127d) - [x] [x-pack/plugins/stack_connectors/public/connector_types/servicenow_itsm/servicenow_itsm_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-320b09f607fa17dd1bcd84672c8f2f4ff34bc05b981c08cb8db78e1971fad43d) - [x] [x-pack/plugins/stack_connectors/public/connector_types/servicenow_sir/servicenow_sir_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-fc487b524b7ac74a468beb79134d0c2a07eef7e82dc5e138f082e61aedcca9b5) - [x] [x-pack/plugins/stack_connectors/public/connector_types/slack_api/slack_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-01413de2d6e5de199a018b16ded374fd9f12790e4bf4e51ac01ed627915fec0d) - [ ] [x-pack/plugins/task_manager/server/monitoring/task_run_statistics.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b1a95078ab7e8f39fb4934879f96292ceb6f82a5bc6bacbca529c4a5444e1665) - [ ] [x-pack/plugins/task_manager/server/task_type_dictionary.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b99902e9dfa7d87ad6bf02ee4cda92aad211fd3ecff70ab4393f1a1d92fd9fd9) - [x] [x-pack/plugins/triggers_actions_ui/public/application/sections/rule_form/rule_form_consumer_selection.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-3610e524bbb22f9e7ff338f5d26ec772a6535ae624b3d624afdad42643206864) - [x] [x-pack/plugins/triggers_actions_ui/public/common/expression_items/for_the_last.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-f943db0c37a2e9db987e0471ab1e4e05547b05bd1921944725044127123121b9) - [x] [x-pack/plugins/triggers_actions_ui/public/common/expression_items/group_by_over.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-7458115ab3dc2dd6466775bad827b1dfd8e34d1c4159a188abf6846d37db3dc1) - [x] [x-pack/plugins/triggers_actions_ui/public/common/expression_items/of.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-3314770802ed035c53a28a0ecc61701f968ac30bb06dcb84290caadab750f1f3) - [x] [x-pack/plugins/triggers_actions_ui/public/common/expression_items/threshold.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-e75015dc2f0470d4df164a2a67dd6741614b39713f96aa9335c3c2ea30300110) - [x] [x-pack/plugins/triggers_actions_ui/public/common/expression_items/value.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-8f76afb4de6908d9acf5b5e993ca11f23e02836d630be7a0849aa9bf30c39018) - [ ] [x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/event_log.ts](https://github.com/elastic/kibana/pull/186437/files#diff-70de70757d814d10d09f2ee53aff8409c74d87627732656db8a192a9dc9b44a9) @elastic/ml-ui - [x] [x-pack/packages/ml/aiops_log_rate_analysis/get_log_rate_analysis_type.ts](https://github.com/elastic/kibana/pull/186437/files#diff-91eed9746e6e89d160dd171be309a72f91c96c5e19068e5afc96961b2d65284d) - [x] [x-pack/packages/ml/query_utils/src/build_base_filter_criteria.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e755af1f2f0047f4496a94e6b88d005c34de16a9588f3faba5ef5af7e936ebf2) - [x] [x-pack/plugins/aiops/public/components/log_rate_analysis/log_rate_analysis_content/log_rate_analysis_content.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-d21e8cc4c066ea812d2572e693a8490104349261d376275070eaebee0024e18d) - [x] [x-pack/plugins/ml/public/application/explorer/explorer_charts/utils/draw_anomaly_explorer_charts_cursor.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5fe3935901f2e0ce9dc834841cd7ed10fe093a83500dd5a8e5e1c58df10ee575) - [x] [x-pack/plugins/ml/public/application/jobs/jobs_list/components/datafeed_chart_flyout/datafeed_chart_flyout.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-d1103856290d202f43808e560babeeaaf90f1d50b198315f8117f6b9ed78b7d5) - [x] [x-pack/plugins/ml/public/embeddables/job_creation/common/job_details.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-0de793fefb4d9f2483f07b1ca700f81abe3a5e8cedd18edee5d53038734721be) - [ ] [x-pack/plugins/ml/scripts/apidoc_scripts/schema_extractor/schema_extractor.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-6b4df415cc22862a0f51e0efc5b3ffcd6159dfdedfa4e58d4b8119c0eefa11e0) - [ ] [x-pack/plugins/ml/server/lib/alerts/register_anomaly_detection_alert_type.ts](https://github.com/elastic/kibana/pull/186437/files#diff-71fccaf2dd3c66b6270dc3bf286761d17d83648677044bdbcda547f114293f96) - [x] [x-pack/plugins/ml/server/models/job_service/jobs.ts](https://github.com/elastic/kibana/pull/186437/files#diff-117572abd5e46abdd015659b9d42d3f567ce194da876b8543c1d7b1b00a31b91) - [x] [x-pack/plugins/transform/public/app/sections/create_transform/components/step_details/step_details_form.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-25e5edc62ee2a7768685332bd3b716a2a2bfcc6aa4e113169af27e5287364057) @elastic/search-kibana - [ ] [x-pack/plugins/enterprise_search/public/applications/analytics/components/add_analytics_collections/add_analytics_collection_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-932dcfd135690493a73b5ea7672920675cf597533ed9f5caa8c4f5813217b95d) - [ ] [x-pack/plugins/enterprise_search/public/applications/analytics/components/analytics_collection_view/analytics_collection_data_view_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b6c2a1dd70abcb1ce0b8aa2a4ee7d758d6d8d82acb6d1c1270ddae3065b23db3) - [ ] [x-pack/plugins/enterprise_search/public/applications/analytics/components/analytics_collection_view/analytics_collection_explore_table_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-feb52400dba49e5b7a64a214458fc3a7af242878368170d9df87921024439e28) - [ ] [x-pack/plugins/enterprise_search/public/applications/analytics/components/analytics_collection_view/analytics_collection_integrate/api_key_modal/generate_analytics_api_key_modal.logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-807ec904b8b0ee7ec6916501ddc9eaa01adc1c4c83288a76cf652f69582ea050) - [ ] [x-pack/plugins/enterprise_search/public/applications/analytics/components/analytics_collection_view/analytics_collection_toolbar/analytics_collection_toolbar_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-7272575e7ba5c7acaa19bdbdd4608e193dc676b94cd9944c06f5bc69c6cf0930) - [ ] [x-pack/plugins/enterprise_search/public/applications/analytics/components/analytics_overview/analytics_collections_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-0d1c4d240c45aebaa735bb7f06d5311c05274b601c409b2b14454f95d1325621) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/app_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5f62c8eeaf06710e3a73e32a3ac2e687685740ae3e04b73cdf8299d816a75d73) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/analytics/analytics_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-16164984dc6aaccd02e30597a3f3669856a906b10b1c5d539e1d3714647cba47) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/api_logs/api_log/api_log_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-2637e43c60989203ca6007a541e7e4a8ce637158427e4b80cce937e29373fe2b) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/api_logs/api_logs_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-433210633b338895845de7857f0e438d21874088b85075683525943be06b4d33) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/components/add_domain/add_domain_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-67625817cbc98db8ed97a966a784b7e73812210b8970e3466340ab14ccd8052c) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/components/crawl_custom_settings_flyout/crawl_custom_settings_flyout_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-050fc78aeb732e9c72fe784e4822a1999164f35bb63feb4ad84dab84a1b3d0a2) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/components/crawl_select_domains_modal/crawl_select_domains_modal_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-19470ae1eef70cf5a310e85832fb055848dcbd7b27c6a8cf6e3b27bb6e672632) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/components/domains_table.test.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-017cd4c0cf7059b8efbec69079694c07d87b7e3b6afc2a840b45acbd805334ee) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/components/manage_crawls_popover/automatic_crawl_scheduler_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-3715fa4fa3d67127e3e30f9809649b0ca5b1f52034aef7cf5f72cf1827066108) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/components/manage_crawls_popover/manage_crawls_popover_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-bf15713b8a2f0b15ac46684215596244e5834373621546a17f31572cf591cafa) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/crawl_detail_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-bc66c6da767c9005073a9f7fd718ef1125e463aaf6010ebb5972563635fd2710) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/crawler_domains_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5234db544b010f2c0866ba30ad84106cef537ab346713d2dd2857d4d54539eea) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/crawler_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-60292906b206600afee4fdd41bc88ae290ed94213e9b2826433367909622c0e9) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/crawler/crawler_single_domain_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-734ea0c74b844227497c80480e713c257be3f5947eefce78fecff62c44007c5a) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/credentials/credentials_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-43869ef7ea914bd42f1983a591bdf394c2de826ebf408be5ade4e369db4da173) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/components/suggestions_logic.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-22886b69abcc90af7bc5d5470b10e70fcbf838c77f7631154ed8d3628f125471) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curation/curation_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-0592460c84735fdb5f214a78a15876d4306c4fa50f5fab7cd0a60a4e74d3af05) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/curations_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b4b801ac411666b925304467a6630dddfa4167ea758c7ed0f0a30d71d0f2205f) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curation_suggestion/curation_suggestion_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-52f01a7141997aa1ba474afb5424bfdf2ffbe705eee8f3a7e5baf75613086381) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_history/components/ignored_queries_panel/ignored_queries_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-fe224d354808e91d93cf1ecbfffd3e7f970a73af0527f652dcf8948de26cba3d) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/curations/views/curations_settings/curations_settings_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8a003b86811ad2113cbd3e7288a2194b8e3039a4f88a481da946a6a11fed51c7) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/document_creation/document_creation_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b71ba6db13e3d95744d92bc36b3776537968e20b0df322ed45d8bdbc0c51d400) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/documents/document_detail_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-eed43fc66e965cff2495e11b5740d750729d5f328382b75541f8722f739cd811) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/engine/engine_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-6b45da7bde43aa8c93f93d2c3ccb27db723eab03f12e27d08bb388f1fe329735) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_creation/engine_creation_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5b8b5bb81b8590358fee0797c082b474939ed2caf853a0fb419737b10cfd4302) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/engine_overview/engine_overview_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-42121d5ecf073610bde08eff5e3290645f48f3299025301219eb49724f88f106) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/engines/components/audit_logs_modal/audit_logs_modal_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-c35eadf677d47802835ee5496bbdfc62465a9729f6b6f36362dfab90c86c02f1) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/engines/components/tables/meta_engines_table.test.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-3f85ca056bb6d1b1ad8f69e12f1d7bc1c787e01359ec4f661af121f6a3aeeb37) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/engines/components/tables/meta_engines_table_expanded_row.test.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-66cd24bdd2a0fa6ee2f5677ff4e341f3117fa1720765ba58d3e19d485eff1ef2) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/engines/components/tables/meta_engines_table_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-dba03b6166512f7e454f6ab109ec7dfcb67d6b79fb8450374c310b6a054408b4) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/engines/components/tables/test_helpers/shared_columns.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-3acd3ed82136fb64bb588acb62d372a5322b79cce544cfdcd8b51d37d3b9bc75) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/engines/engines_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-0b628318fc6e35cb0c1b995e3f482c7bde5f1cfd58e8cd2fe945c73d30d0068f) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/log_retention/log_retention_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-745974ad84ae42576a8b33d46a5eac0b3cd0b46aee5d62095881986896980cea) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/meta_engine_creation/meta_engine_creation_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e98525f3bf3f2344c9c5a00657e27eb144d99725ac02aac3b1ac80aa92685881) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/multi_input_rows/multi_input_rows_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-f7e0d0d5e8b1eb37740ee5c62bbc704387c4147aa539bc853810e9085d6cb429) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/relevance_tuning/relevance_tuning_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8f932314a95e85fb9e58bdfb28af437b2d3be46a00caa15052d09619f96bf26e) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/result/result_token.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-9166a998b5c1303ade597f246e8ad70391ca5b5f4b7f8284a7fa2aac3144b718) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/result_settings/result_settings_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-25b0692cb22d32991d999219bcc03873f57e2284a20536a1f33d5b33e3e589ba) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/result_settings/sample_response/sample_response_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-bdc84c70ef71d4206af2a0d091358e70e832510871c5731b855788b479290af5) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/role_mappings/role_mappings_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-de400b8adb84d4473ce0154f2ce70ecd375320a638098ad8762f4a1504853ffa) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/schema/reindex_job/reindex_job_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-3a9731c43c4d5d826ac0cc6889945b0f0515840bc914fcebd5ba5c9babab6540) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/schema/schema_base_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-1f5ebe9c073bf1d71e45f037531e2e768939269162485cd8e873175fc623826f) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/schema/schema_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-97064383218315e027edd75fb3294be638513b2dd33686a720d25dcf81480cab) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/schema/schema_meta_engine_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-7a2997faf930df6eb55f8ad06257de4bc23ca82c211b7e2c5468c1d7d87539ea) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/search/search_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-17ac74c0f7616bc16c0d0ab9099e7ddc9ea3f46b0c5c889f6866c485a6c5c3e8) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/search_ui/search_ui_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-0e79531841906180db0b5c56ef96308ad057a3f948abbfd291564cc895fcba68) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/source_engines/source_engines_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-3d2abfe70e0c4230e85a7fd76e524b4fe38c68d99f5125a462cdee199b18d962) - [ ] [x-pack/plugins/enterprise_search/public/applications/app_search/components/synonyms/synonyms_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e1c7d85f9983b5706417342b8beedc82e8ee9ef70ba6c9d73a4300f6947660b4) - [ ] [x-pack/plugins/enterprise_search/public/applications/applications/components/search_application/add_indices_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-529444e45111837f6bb988d9f7360628c4b8380edda3cc327cce976faabda928) - [ ] [x-pack/plugins/enterprise_search/public/applications/applications/components/search_application/connect/generate_api_key_modal/generate_search_application_api_key_modal.logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-7cf47fd139eb63cfd8005e77f5443a1d003108150cb629ba18526bbbbf999384) - [ ] [x-pack/plugins/enterprise_search/public/applications/applications/components/search_application/search_application_name_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-ccd01f44d22293edba039f982513ff00a4221646fcd259b341ffa1ba23b9ffb1) - [ ] [x-pack/plugins/enterprise_search/public/applications/applications/components/search_applications/create_search_application_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-665e77c4aac1ed37ef7b7a56c3a00e397e18c2328e6c3b4b197a1e638713a4ab) - [ ] [x-pack/plugins/enterprise_search/public/applications/applications/components/search_applications/search_application_indices_flyout_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5b3e4c1cee4fe88660556dcdf24c1b798a58d955ccd6cfc348c463adebc435e2) - [ ] [x-pack/plugins/enterprise_search/public/applications/applications/components/search_applications/search_applications_list_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b713b27e34672130767b511020550400f4e6a014f4074f4d133a24e574d0383c) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/__mocks__/ml_models.mock.ts](https://github.com/elastic/kibana/pull/186437/files#diff-51fc7400f9c06bfe66d9facf9c5b7ede20b950b4ea6b3bfe90483a9a9d04379e) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/api/connector/cached_fetch_connector_by_id_api_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-d5bd161f3e13a935080e62fab12345cf71787141c84b51683b65203368815baf) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/api/index/cached_fetch_index_api_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8718567dee7cf1c2faac6606078846a61bb816f047f96096588c1037ea00ddd3) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/api/ml_models/cached_fetch_models_api_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e6a0231e6f62f472e2ec5e64222abc2027b350bc2c77541cc431d011865f4aec) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/attach_index_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-79a81a7e0a5f17c62a54b4db76b512559548272ba4ae0e6242a4e56828d980a9) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/connector_name_and_description_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-a18949bc9ba6cacb814ea1bf1789044733606c8ce1f365f64b48b8a3d8349a86) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/connectors_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-1e9e7d5ee108b305b6fa421fd0f8096293a747c2d1a4bd5940e62ce6670f7d62) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/new_index/method_connector/add_connector_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-6f0bb1b86af9c43332d5336db0dca356c6d388d19194c4e6ce64c06cf19c7f3b) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/new_index/method_connector/new_connector_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-026a404fcff68f31283634f8f8171732bc933fdb3722920caab7c0be09e65510) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/new_index/new_search_index_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8619f347277f8e8aac68a2370d219ed59921a152b4b385f1f0b6054a8419cc21) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/components/generate_api_key_modal/generate_api_key_modal.logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-27a49e3c9216a34e7d4283af21aeefa7fe5ba98fc7edd27fea3f951ecb73e1bd) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/connector/connector_name_and_description/connector_name_and_description_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-cbdbbf6c4bcef9cbc55e29e9b4ce40cca08335e955fbd4b101a0e800f484a1c3) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/connector/sync_rules/connector_filtering_logic.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-7b1624e663c6afcffdcbf97e05093f14f720e6d16e1aa0cdde701571adcea63b) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/automatic_crawl_scheduler/automatic_crawl_scheduler_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-af7abfa1ebfa988adacb86c9cae8b9d0d4ec964d90018b4eb9bb16de375545d9) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/crawl_custom_settings_flyout/crawl_custom_settings_flyout_domain_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-060bbb12f4ecde17aee4eb0ab01dcb720241503675d55fe2632c3c1acc4f73ed) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/crawl_custom_settings_flyout/crawl_custom_settings_flyout_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-fb31bc222ccd5331c7f3dd1dfa7eea9bdf22d37ac97d72f4c7a67436bb810e5b) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/crawl_custom_settings_flyout/crawl_custom_settings_flyout_multi_crawl_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-80a226902a53fe0e17209a77741f42bd8fed172c1d2735665d0f406e1c93123c) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/crawl_details_flyout/crawl_detail_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-39c2166d4e03e6d636acfb64863da5d23e27e619cdda4a63e09c493da6eeb25e) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/crawler_configuration/crawler_configuration_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-7da484a261c1c87c9fd813b5d3f5d11edbb36e8949900482dc8610610e2f1478) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/crawler_domain_detail/authentication_panel/authentication_panel_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-0e98ee7ecfa61c14defca8ad0ec2df6a314aedf1fc7d9eb28641977952086ba6) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/crawler_domain_detail/crawler_domain_detail_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-d23490a2df1a98796f27c5626e28083382e9693a17ca9e8cb58418664fdae1ec) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/crawler_domain_detail/extraction_rules/extraction_rules_logic.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-aa7881c821ad64d7a975816cac4bce44a9da7133da8d36ce26fd2368e7626f8f) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/domain_management/add_domain/add_domain_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5978330358dfdc9eaa88f20d4120ada3191e86f1886238471d9118811295f833) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/domain_management/delete_domain_modal_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-2c57dd1144a4564b34e92cc6716039f97473b99350930e3575ef0518aa3934b9) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/crawler/domain_management/domains_table.test.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-e808b09c9d7389ca1aba6e9c5d13529ef20b428d087fdc8892296a42ad0f2e69) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/index_name_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e9988365f51f1a6c87eef4b1b127cdf111a1968ffe57b6ac33504cbc0171bd91) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/overview.logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-a72173f361b17a7293bc83e94385e3bea853e9fbda62f4f5cf553c96b84d90cd) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/pipelines/ml_inference/ml_inference_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-d94da0f264e490e3486a9aa392de72c3988570b79744087f6c5724fc5d7f302c) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/pipelines/ml_inference/test_pipeline_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-de43e776aa2fd3de8c1bd42e39fbe524ebe85b7287d9ed1355a733557ddb94b7) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/pipelines/ml_inference/text_expansion_callout/text_expansion_callout_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-468580957fe38bbdff908443a007a97b5a817dee1cd917becdad1be90c4a3606) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/pipelines/pipelines_json_configurations_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-d77f51637904e4d4672b6b2d7f7ced6df73af142e8ba3fb5a074c700b5cf0fd0) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/pipelines/pipelines_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-88bb9a545df5ab8a9e354d7b998f3d1ce747d8f755319c822a97a7a61cbb38e5) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/sync_jobs/sync_jobs_view_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8f35ce0853cbe2749c95d586d2c69a458e852a5931022626f03bcc021ab31a35) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_indices/indices_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-4f34d73edf0dd3ee9ae34be81bba138749fd9aebfacee306f9c9912bc18fb908) - [ ] [x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/settings/settings_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-9abf25b8cd7b3311c09efcf537fe708f558eaad127f9ae56552c30ec38be3dbc) - [ ] [x-pack/plugins/enterprise_search/public/applications/shared/api_logic/create_api_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b1431abb686615818a7e768d59bd8d3c00c143ff8e87501b40f06214c40b35cf) - [ ] [x-pack/plugins/enterprise_search/public/applications/shared/flash_messages/flash_messages_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-cd22dcfbb976160b2eb28d781fe64ca311f72e5904e8ac139498018302a5f1da) - [ ] [x-pack/plugins/enterprise_search/public/applications/shared/http/http_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-bf7f398a500b979b731c2b1da940e0b5bf1cd7364aa918139d1a92474f77564d) - [ ] [x-pack/plugins/enterprise_search/public/applications/shared/kibana/kibana_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-71787c22cb75097f06736441c4c2bfadd2b8081ce08c25b7053d9a785449b489) - [ ] [x-pack/plugins/enterprise_search/public/applications/shared/licensing/licensing_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-f9f9a7485e95322395d0d062617ea55aa7eabb125ce79b1ddb09df7acc7b74e1) - [ ] [x-pack/plugins/enterprise_search/public/applications/shared/tables/inline_editable_table/inline_editable_table_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-69d88e8fc383a1feef672934174d857f54ae8dba8caafab8891aeac3db08732f) - [ ] [x-pack/plugins/enterprise_search/public/applications/shared/url_combo_box/url_combo_box_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e0672ab52a42dd7ef1c19a7065aa482fb2480d8ffc3dc0ede50685bbb4e23d42) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/app_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-7d683e507c5a37393e10abec02e78038767132f1713de32909c329de9a7e7752) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/api_keys/api_keys_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-1d201f70e2652f03ac4e07639dc8fcfcdda2f273fa1f042f81913533725bdd5e) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/components/add_source/add_custom_source/add_custom_source_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-cce3cf43dc74255a871b9d0997af7d81f4ca4c9530e0fc6832cc7d75b907bbae) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/components/add_source/add_external_connector/external_connector_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-ee7c158ad37746c929b42d54321e2a13260d1ff64ce72a84f29bea4300966095) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/components/add_source/add_source_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-60271cee3cf40f475f212f4c14e1581629fb74186e5cc0b5cc61e799a0fecd24) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/components/add_source/github_via_app_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-ebc66e8f6a619feb731b82fbcec83ce75f01acdcf7e32341cf645e646df1440e) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/components/display_settings/display_settings_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-3b256d71f9acb2e34dd1c8364117968218ff3da43d9c51b12851d1ba2f814b68) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/components/schema/schema_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-56458e080954c6ce153fa9de6107398ca7fb370e8483a236da8a8d20d2a02895) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/components/synchronization/synchronization_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-1e3afdd7e36facb46861631967318967f4b23e8a1dad28ef21e1d7f8f107c428) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/source_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-1ed94b9a614533248f07877178a4ba9603e5ab97815c1d607f1b626af91bb9a2) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/content_sources/sources_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-10a9c1b0ad1b25a158844418286fc32ba3a6d87d221cfd1a1fcc96ee76cbd519) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/groups/group_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-fa49b84f3486800a7b48b5bf9587198979aa6c7e9bd60ce4d704f35da822d368) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/groups/groups_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-a1ca9ba9edef5d8b857987c4d9efdab1d848903626690c0f9c9b626769856385) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/oauth_authorize/oauth_authorize_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-15b23ad5ad81a95fd6fb8ca75b57a0f53a232f59f50e1862fe693d4bca13847f) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/overview/gated_form_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-246706b91ff4301b4e24195af76fdc0b84fec96414789408038d7d04fc13ea58) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/overview/overview_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e4c385f600899d70e84568281952d82ff1eaafd88d11a1c2fece6242387d9324) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/role_mappings/role_mappings_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-2dff45e703ab1e1d65358bfc98811a3b440641b5c782919e6e51cfb15074ff6f) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/search_authorize/search_authorize_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-cac68f64f0cea04a3ff54ffd14bc996baa7bc44b7665c8a39d9cf91fb53c2144) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/security/security_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b067f22de71e80a6cc9d6d1bb34db8f0772011130c8ac50bbacacc3572b7a45b) - [ ] [x-pack/plugins/enterprise_search/public/applications/workplace_search/views/settings/settings_logic.ts](https://github.com/elastic/kibana/pull/186437/files#diff-66ec90541af1c1d04c9bf500a858f403039f85c9c99a635288ad08def479a2cb) @elastic/fleet - [ ] [x-pack/plugins/fleet/common/services/package_to_package_policy.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-89fb3d99874cf8558d4e11b8ea7c3fb0f681663ae0e958a319663884635f1556) - [ ] [x-pack/plugins/fleet/server/services/epm/archive/parse.ts](https://github.com/elastic/kibana/pull/186437/files#diff-232dc9fd708e4f1495f59c12729834fecd84bd8af70d4c21363da14e79aa30c1) @elastic/kibana-gis - [ ] [x-pack/plugins/maps/public/classes/layers/vector_layer/blended_vector_layer/blended_vector_layer.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8a7def56c98651ea1f9876addb48421bca83b9158dd9acb70a52bf413fc398d0) - [ ] [x-pack/plugins/maps/public/classes/sources/es_geo_grid_source/es_geo_grid_source.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-69ccffa0f157cee961253b280ca40860bc2915a1fd772e15d23ceba6137cc414) @elastic/stack-monitoring - [ ] [x-pack/plugins/monitoring/server/lib/calculate_auto.ts](https://github.com/elastic/kibana/pull/186437/files#diff-22169ee25bba1c0b7cf3c8c23e24e99d96097e44e3296bda33513290ec94665d) @elastic/obs-ux-infra_services-team - [ ] [x-pack/plugins/observability_solution/apm/common/utils/flatten_object.ts](https://github.com/elastic/kibana/pull/186437/files#diff-54f4a14d914e1c4a73da2de122a1510a18d5515ad6494612b774ce74c2afc5b0) - [ ] [x-pack/plugins/observability_solution/apm/public/components/app/service_map/use_cytoscape_event_handlers.ts](https://github.com/elastic/kibana/pull/186437/files#diff-d890cf784e20969087617da20bd51703ec00ae888ba8c5bf4aeefa7b2deaf702) - [ ] [x-pack/plugins/observability_solution/exploratory_view/public/components/shared/exploratory_view/configurations/lens_columns/overall_column.ts](https://github.com/elastic/kibana/pull/186437/files#diff-b51184245cd445d7e0b85568910f22e346df3035298d0394f202089d7fe2c949) - [ ] [x-pack/plugins/observability_solution/infra/public/alerting/inventory/components/metric.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-aa69368d04202fb45b0d66c56653bdd106d29d7bdf6475400d9e12c7fe5959ea) - [ ] [x-pack/plugins/observability_solution/infra/public/alerting/log_threshold/components/expression_editor/criterion.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-fa742f7340759fa0d359a3bb4417f5d07794923b4b57a5f47f0905512966f1a1) - [ ] [x-pack/plugins/observability_solution/infra/public/alerting/log_threshold/components/expression_editor/threshold.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-5191c0e1e37ac03af1f6a4d36cda26915c76eacc892723d9bf82af4ac857fc66) - [ ] [x-pack/plugins/observability_solution/infra/server/lib/infra_ml/queries/metrics_host_anomalies.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-7d05012bd4ade42b1b471607a01d641a435baa9c48125168570dd28c38e16399) - [ ] [x-pack/plugins/observability_solution/infra/server/lib/infra_ml/queries/metrics_k8s_anomalies.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-8a437b5818061218847730f933aa481ece98a284c100d413ff7bfa3966e9ace0) - [ ] [x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/private_formatters/common_formatters.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5e3452befed70ce7ba037850a269d7e130228bd570b94da61206c093edf24cbb) - [ ] [x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/browser.ts](https://github.com/elastic/kibana/pull/186437/files#diff-6690c075d5b3f8a2d848b62473eb836441e582a17ea6f6f85c8e63bd3f59105d) - [ ] [x-pack/plugins/observability_solution/synthetics/server/synthetics_service/formatters/public_formatters/http.ts](https://github.com/elastic/kibana/pull/186437/files#diff-845abe4f787fee19b5f0656d434835080ed0d4a405e8fb3554aea1eced106112) - [ ] [x-pack/plugins/observability_solution/uptime/server/legacy_uptime/lib/requests/get_ping_histogram.ts](https://github.com/elastic/kibana/pull/186437/files#diff-fa004e86bd085c7f13fdb42972e221ecf0e1366af018fef20aa720a356ecfba5) @elastic/obs-ai-assistant - [ ] [x-pack/plugins/observability_solution/observability_ai_assistant_app/public/rule_connector/ai_assistant_params.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-ea91d7daec5aa3f0c58d217308838b61c2ced3b7b61ec08bf4e65643c4d0f2ad) - [ ] [x-pack/plugins/observability_solution/observability_ai_assistant_app/public/utils/builders.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e69a9ff8cbd46cc3dfb0fd9d8fd166e0db4cb29baa8200cd2e6dc19b6cf48115) @elastic/search-kibana - [ ] [x-pack/plugins/search_playground/public/components/view_query/view_query_action.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-b5e8d0638619def1c273d21336793e7c611fe1a43506ea89ea858a325b1d193f) @elastic/kibana-security - [x] [x-pack/plugins/security/server/authentication/providers/anonymous.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5907942d0f69e399c09244c6b22a4454cb2de11686cfd924057ee455fd55abc4) - [x] [x-pack/plugins/security/server/lib/flatten_object.ts](https://github.com/elastic/kibana/pull/186437/files#diff-144d405c4cb888c816c967f663e02aed8b522a164c37f900ee3ea4fc496cc50a) @elastic/security-solution - [x] [x-pack/plugins/security_solution/common/api/detection_engine/rule_management/import_rules/rule_to_import.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-9c85853d1dc8a73e5d8a3774b0da907fc41ffe1a6099b2d3a9884398070eaac4) - [x] [x-pack/plugins/security_solution/common/endpoint/generate_data.ts](https://github.com/elastic/kibana/pull/186437/files#diff-12dc63d6524a714b19d487bcf75486270eea7d5d52e6d1ecdeaa935545f33ac0) - [x] [x-pack/plugins/security_solution/public/common/components/guided_onboarding_tour/tour.test.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-4511e3f72ca02b041c93cb355572b860c3ea12663b6411a7b0bf90b25c2fa3e6) - [x] [x-pack/plugins/security_solution/public/common/components/matrix_histogram/index.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-832594ad881dbd3568c22065d852c8f286d84562c4a114a194a170f535e02b50) - [x] [x-pack/plugins/security_solution/public/common/components/ml/links/create_explorer_link.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-b6cc2f3a0f043136c6162c73e964fad5d7a7f26cba993f9cee22922790060cff) - [x] [x-pack/plugins/security_solution/public/entity_analytics/components/asset_criticality_file_uploader/reducer.test.ts](https://github.com/elastic/kibana/pull/186437/files#diff-dfcea3ca5c8b630b42ad6ecc88130a025698d3c9e4f2e7c6ef1c7f9c062e3bea) - [x] [x-pack/plugins/security_solution/public/explore/users/pages/details/breadcrumbs.ts](https://github.com/elastic/kibana/pull/186437/files#diff-a803b4f0dbfb6f4bb8397333b6e0abe19c9274ec12850325dfe53c31630ba9a7) - [x] [x-pack/plugins/security_solution/public/management/services/exceptions_list/check_artifact_has_data.ts](https://github.com/elastic/kibana/pull/186437/files#diff-4611c7360f013788e308783c956e8fb60160d3ec92d55c6a5a2feff6202357d3) - [x] [x-pack/plugins/security_solution/scripts/run_cypress/parallel.ts](https://github.com/elastic/kibana/pull/186437/files#diff-9f40ced6d29c4fc2709af881680400293d8ce1bc9ebb07b9138d6d99c83c09c9) @elastic/security-threat-hunting-investigations - [x] [x-pack/plugins/security_solution/common/utils/field_formatters.ts](https://github.com/elastic/kibana/pull/186437/files#diff-245eb47c4e23306ad09acb7dc0d67773edf102c243ce16395562918ed3ffff19) - [x] [x-pack/plugins/timelines/common/utils/field_formatters.ts](https://github.com/elastic/kibana/pull/186437/files#diff-cdd49607e6de50d407a10b887f6bf2c930cadb11663d26649b56438f9727548c) - [x] [x-pack/plugins/security_solution/public/timelines/containers/index.tsx](https://github.com/elastic/kibana/pull/186437/files#diff-c63c93153b6f7dcc62fd19575609db16b14c783d5562e901c6240de2ae19796a) - [x] [x-pack/plugins/security_solution/server/lib/timeline/utils/compare_timelines_status.ts](https://github.com/elastic/kibana/pull/186437/files#diff-e5698692c8fee698a4ca6f44c140c5ef8b65ebed6d944fc4d6c60cb8ec72ab1e) @elastic/obs-ux-management-team - [x] [x-pack/test/alerting_api_integration/observability/helpers/alerting_wait_for_helpers.ts](https://github.com/elastic/kibana/pull/186437/files#diff-3f2b755a964c21d5e0be45a480f691bbfeb07a0793488fbee2b56eeed544a06d) - [x] [x-pack/test/api_integration/apis/slos/helper/wait_for_index_state.ts](https://github.com/elastic/kibana/pull/186437/files#diff-5e8ee3140d4987b39ac117159a26b200124e3ae64a7fff896abd96ec8cc113ae) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: nickofthyme <nicholas.partridge@elastic.co> Co-authored-by: Mark Hopkin <mark.hopkin@elastic.co> Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co> Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co> Co-authored-by: Walter Rafelsberger <walter.rafelsberger@elastic.co> Co-authored-by: adcoelho <antonio.coelho@elastic.co> Co-authored-by: Kurt <kc13greiner@users.noreply.github.com> Co-authored-by: Maryam Saeidi <maryam.saeidi@elastic.co> Co-authored-by: Jan Monschke <jan.monschke@elastic.co> |
||
Nick Partridge
|
49a985625b
|
Upgrade prettier dependencies (#188032)
## Summary - Upgrade `prettier` to `v2.8.x`. - Upgrade related decencies. - Adds `prettier` group to renovate config. - Fixes bootstrapping type error. ## Main Changes ### Add parentheses for `TypeofTypeAnnotation` to improve readability [link](https://github.com/prettier/prettier/blob/main/CHANGELOG.md#add-parentheses-for-typeoftypeannotation-to-improve-readability-14458-by-fisker) ```ts // Input type A = (typeof node.children)[]; // Prettier 2.8.4 type A = typeof node.children[]; // Prettier 2.8.5 type A = (typeof node.children)[]; ``` ### Add parentheses to head of `ExpressionStatement` instead of the whole statement [link](https://github.com/prettier/prettier/blob/main/CHANGELOG.md#add-parentheses-to-head-of-expressionstatement-instead-of-the-whole-statement-14077-by-fisker) ```ts // Input ({}).toString.call(foo) === "[object Array]" ? foo.forEach(iterateArray) : iterateObject(foo); // Prettier 2.8.1 ({}.toString.call(foo) === "[object Array]" ? foo.forEach(iterateArray) : iterateObject(foo)); // Prettier 2.8.2 ({}).toString.call(foo.forEach) === "[object Array]" ? foo.forEach(iterateArray) : iterateObject(foo); ``` ## Details This started because I noticed we were on `typescript@^5` but still on an old prettier that complained about use of new TS features such as [`satisfies`](https://www.typescriptlang.org/docs/handbook/release-notes/typescript-4-9.html#the-satisfies-operator). --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
Pierre Gayvallet
|
85a90a71e4
|
Add FTR tests for stream/buffer error responses (#188937)
## Summary Fix https://github.com/elastic/kibana/issues/56305 |
||
|
Jean-Louis Leysens
|
a8091ab0ac
|
[OAS/HTTP] Empty response bodies (status only) and descriptions for responses (#188632)
## Summary
* Adds the ability to exclude a response schema when declaring route
schemas
* Adds the ability to provide a description of a the response
See code comments for more info.
## Example
You can declare a response with no validation to imply an empty object
in OAS
```
router.versioned.post({ version: '2023-10-31', access: 'public', path: '...' })
.addVersion({
validation: {
responses: {
201: { description: 'Resource created!' }
}
}
}, () => {})
```
Will result in
```jsonc
{
//...
201: { description: 'Resource created!' }
//...
}
```
## Risks
No notable risks
|
||
|
Pierre Gayvallet
|
e5638db74e
|
[core rendering] get rid of getInjectedVar (#188755)
## Summary Fix https://github.com/elastic/kibana/issues/54376 Fix https://github.com/elastic/kibana/issues/127733 - get rid of the `InjectedMetadata.vars` and `getInjectedVar` deprecated "API" - Add `apmConfig` as an explicit `InjectedMetadata` property instead of passing it via `vars` - Inject the apm config from the `rendering` service instead of `httpResource`, as it's just how it should be and how all other things get injected. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
elena-shostak
|
bb10859e2b
|
CHIPS cookie support (#188519)
## Summary Added CHIPS support. `statehood` doesn't support partitioned cookie out of the box. We can leverage [contextualize](https://github.com/hapijs/statehood/blob/master/lib/index.js#L35) function in statehood with a trick, modifying `isSameSite` property. `Partitioned` attribute is appended only if embedding is not disabled. ## How to test 1. Add to kibana config: ```yml server.securityResponseHeaders.disableEmbedding: false xpack.security.sameSiteCookies: 'None' xpack.security.secureCookies: true ``` 2. ES and Kibana need to run over https to test that, because of `SameSite=None` settings. Check the `sid` cookie was set with `Partitioned` attribute. `Set-Cookie` header has `Partitioned` attribute.  Stored cookie has a `Partition Key` <img width="1233" alt="Screenshot 2024-07-10 at 18 04 13" src="https://github.com/user-attachments/assets/cc0c453e-e33f-4999-bcff-d2acd3a0fcd2"> ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios __Fixes: https://github.com/elastic/kibana/issues/180974__ ### Release Notes Added CHIPS cookie support. --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> |
||
|
Jean-Louis Leysens
|
6a7a400c70
|
[HTTP/OAS] zod support (#186190)
|
||
|
Jean-Louis Leysens
|
2ebb171f8a
|
[main] Emergency release test run PR (#188513) (#188557)
# Backport Close https://github.com/elastic/kibana-team/issues/984 This will backport the following commits from `deploy-fix@1721023892` to `main`: - [Emergency release test run PR (#188513)](https://github.com/elastic/kibana/pull/188513) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jean-Louis Leysens","email":"jeanlouis.leysens@elastic.co"},"sourceCommit":{"committedDate":"2024-07-17T12:25:39Z","message":"Emergency release test run PR (#188513)\n\n## Summary\r\n\r\nThis PR introduces ~a noop commit~ an irrelevant comment change that can\r\nbe used in our emergency release run.","sha":"bf17a5f40964e17b0a79c1f6fa1a54d0f3a9c700","branchLabelMapping":{"^v8.16.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":[],"number":188513,"url":"https://github.com/elastic/kibana/pull/188513","mergeCommit":{"message":"Emergency release test run PR (#188513)\n\n## Summary\r\n\r\nThis PR introduces ~a noop commit~ an irrelevant comment change that can\r\nbe used in our emergency release run.","sha":"bf17a5f40964e17b0a79c1f6fa1a54d0f3a9c700"}},"sourceBranch":"deploy-fix@1721023892","suggestedTargetBranches":[],"targetPullRequestStates":[]}] BACKPORT--> |
||
|
Pierre Gayvallet
|
49cfa96cc5
|
ssl.redirectHttpFromPort: use host from request instead of config (#188088)
## Summary Fix https://github.com/elastic/kibana/issues/24870 |
||
|
elena-shostak
|
cc50c8dc94
|
Permissions Policy Reporting (#186892)
## Summary
1. Added top-level `permissionsPolicy` configuration setting.
2. Added support for `report_to` directive.
3. Added support for `Permissions-Policy-Report-Only` header to enable
reporting mode.
4. The [spec](https://www.w3.org/TR/permissions-policy/#reporting)
mentions `featureId` in the reporting body, however the field is
`policyId` in Chromium.
## How to test
- Add in your `kibana.dev.yml`.
```
server.customResponseHeaders.Reporting-Endpoints: violations-endpoint="https://localhost:5601/kibana/internal/security/analytics/_record_violations"
server.securityResponseHeaders.permissionsPolicy: 'microphone=()'
server.securityResponseHeaders.permissionsPolicyReportOnly: 'camera=()'
```
- Make sure you have [dev tools configured for Reporting
API](https://developer.chrome.com/docs/capabilities/web-apis/reporting-api#use_devtools).
- In the browser console invoke `navigator.mediaDevices.getUserMedia({
audio: true, video: true }).catch((e) => {});`
- Open Dev Tools -> Application -> Reporting API.
You should see 2 reports for permissions violation, one with `report`
disposition and another with `enforce` disposition.
<img width="1285" alt="Screenshot 2024-06-27 at 13 36 12"
src="
|
||
Milton Hultgren
|
02bc5cff27
|
[core-http-router] Add helpers for 201, 207 and 422 status codes (#186379)
Closes #186336 by adding helper functions for creating 201, 207 and 422 responses. |
||
|
Jean-Louis Leysens
|
67933dcb47
|
[OAS] Deprecations (#186062)
## Summary Adds support for the [`deprecated` field](https://swagger.io/specification/) at the operation level to our router conversion logic. Close https://github.com/elastic/kibana/issues/186003 |
||
|
Jean-Louis Leysens
|
dc78221e2a
|
[HTTP/OAS] Make SO CRUD and resolve APIs internal on serverless (#184408)
|
||
|
Jean-Louis Leysens
|
dd1864b876
|
[OAS] Refactor description -> summary (#184651)
## Summary Per [the OAS docs](https://swagger.io/specification/), they have an info object with a `summary` and `description` field. This PR refactors the existing router `description` field to to OAS `summary` (that is how it has been used) and introduces a "new" `description` field that will be used for the longer form descriptions. ## Resources * https://swagger.io/specification/ --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: lcawl <lcawley@elastic.co> |
||
|
Pierre Gayvallet
|
dea26c6450
|
Add http2 support for Kibana server (#183465)
## Summary Part of https://github.com/elastic/kibana/issues/7104 Add support for `http2` to the Kibana server. `http2` can be enabled by setting `server.protocol: http2` in the Kibana config file. *Note: by default, enabling `http2` requires a valid `h2c` configuration, meaning that it can only run over HTTPS with TLS1.2+* ```yaml ## kibana.yaml server.protocol: http2 server.ssl.enabled: true server.ssl.key: path/to/key server.ssl.certificate: path/my/cerf ``` ## What is this PR doing ### Add HTTP2 support for the Kibana server #### - Plug http2 to the Kibana server Even if HAPI was never officially updated to really support HTTP2, node's `http`/`https`/`http2` modules are compatible enough to be able to just instantiate an http2 server/listener and provide it to HAPI "as a plain https listener". There were some tweaks to do (mostly silencing a few warnings that HAPI was causing by sending http2-illegal headers such as `Connection`), but overall, it went smoothly. #### - Add config validation By default, Kibana will require a valid `h2c` configuration to accept enabling `http2`. It means that TLS must be enabled and that TLS1.2+ should at least be in the list of supported SSL protocols (`server.ssl.supportedProtocols`). Note that default value of this setting includes TLS1.2 and 1.3. #### - Add escape hatch to run `h2` without `h2c` In some situations, it may be required to enable http2 without a valid `h2c` configuration. Kibana supports it, by setting `server.http2.allowUnsecure` to `true`. (*Note, however, that if http2 is enabled without TLS, ALPN protocol negotiation won't work, meaning that most http2 agents/clients will fail connecting unless they're explictly configured to use http2.*) ### Add documentation about this new feature #### - Update the user-facing doc about this new `server.protocol` setting Update the user-facing Kibana settings documentation to include this `http.protocol` setting (and refer to `server.http2.allowUnsecure`) **Note: this setting, and this feature, are considered as experimental** ### Adapt our dev tooling to support running Kibana with http2 enabled #### - Add a `--http2` flag to the dev CLI Enabling this flag will add the proper configuration settings to run Kibana with `http2` enabled in an (almost) valid `h2c` configutation. *Note: when using this flag, even if listening on the same port, the Kibana server will be accessible over https, meaning that you need to use https in your browser to access it. Aka `http://localhost:5601` won't work, you need to use `https://localhost:5601`. Also, we're using the self-signed dev certificates, meaning that you must go though the scary warning of your browser* #### - Implement an http2-compatible base-path proxy The current base path proxy is based on `hapi` and `hapi/h2o2`. I tried for a bunch hours trying to hack around to make it work with http2 proxying, but ultimately gave up and implemented a new version from scratch. Note that with some additional efforts, this new http2 basepath proxy could probably fully replace the existing one and be used for both http1 and http2 traffic, but it's an optimization / refactoring that did not feel required for this PR. ### Adapt the FTR to run suites against http2 #### - Add support to run FTR test suite against an h2c-enabled Kibana Note that with ALPN, clients using http1 should be (and are) able to communicate with http2 Kibana, given h2c/alpn allows protocol negitiation. So adapting our FTR tooling was not really about making it work with http2 (which worked out of the box), but making it work with **the self signed certifcates we use for https on dev mode** Note that I'm not a big fan of what I had to do, however, realistically this was the only possible approach if we want to run arbitrary test suites with TLS/HTTP2 enabled without massively changing our FTR setup. Operations and QA, feel free to chime in there, as this is your territory. #### - Change some FTR test suites to run against an HTTP2-enabled server I added a quick `configureHTTP2` helper function to take any "final" FTR suite config and mutate it to enable `http2`. I then enabled it on a few suites locally, to make sure the suites were passing correctly. I kept two suites running with http2 enabled: - the `console` oss functional tests - the `home` oss functional tests We could possibly enable it for more, but we need to figure out what kind of strategy we want on that matter (see below) ## What is this pull request NOT doing #### - Making sure everything works when HTTP2 is enabled I navigated the applications quite a bit, and did not see anything broken, however I obviously wasn't able to do a full coverage. Also, the self-signed certificate was a huge pain to detect issues really caused by http2 compared to issues because the local setup isn't valid `h2c`. In theory though (famous last words) anything not doing http/1.1 specific hacks such as bfetch should work fine with http2, given that even if using non-http2 clients, ALPN should just allow to fallback to http/1.x (this part was tested) #### - Enabling HTTP2 by default PR isn't doing it for obvious reasons. #### - Enabling HTTP2 for all FTR suites First of all, it's not that easy, because it requires adapting various parts of the config (and even some var env...), and we don't have any proper way to override config "at the end". For instance, if you add the http2 config on a top level config (e.g. the oss functional one that is reuse by the whole world - learned the hard way), it won't work because higher-level configs redefined (and override) the `browser` part of the config, loosing the settings added to run the browser in insecure mode. Secondly, I'm not sure we really need to run that many suites with http2 enabled. I learned working on that PR that we only have like one suite where https is enabled for the Kibana server, and I feel like it could be fine to have the same for http2. In theory it's just a protocol change, unless parts of our apps (e.g. bfetch) are doing things that are specific to http/1.1, switching to http2 should be an implementation detail. But I'd love to get @elastic/kibana-operations and @elastic/appex-qa opinion on that one, given they have more expertise than I do on that area. - Running performances tests We should absolutely run perf testing between http/1.1 over https and http/2, to make sure that it goes into the right directly (at least in term of user perceived speed), but I did not do it in the scope of this PR (and @dmlemeshko is on PTO so... 😅) ## Release Note Add support for `http2` to the Kibana server. `http2` can be enabled by setting `server.protocol: http2` in the Kibana config file. Note: by default, enabling `http2` requires a valid `h2c` configuration, meaning that it can only run over HTTPS with TLS1.2+ Please refer to the Kibana config documentation for more details. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Jean-Louis Leysens
|
55406f2a66
|
[CDN] Allow disabling CDN by passing "null" (#184578)
Close https://github.com/elastic/kibana/issues/184575 ## How to test 1. Add `server.cdn.url: null` to kibana.dev.yml 2. Start ES + Kibana 3. Open Kibana, should work as usual by loading assets from Kibana server |
||
|
Jean-Louis Leysens
|
975eeed255
|
[HTTP/OAS] Commit OAS snapshot (#183338)
Close https://github.com/elastic/kibana/issues/181992 ## Summary First iteration of a CLI to capture an OAS snapshot. ## How to test Run `node ./scripts/capture_oas_snapshot.js --update --include-path /api/status` and see result in `oas_docs/bundle.json`. If you have the [bump CLI](https://www.npmjs.com/package/bump-cli) installed you can preview the hosted output with `bump preview ./oas_docs/bundle.json` ## Notes * Added ability to filter by `version`, `access` (public/internal) and excluding paths explicitly to the OAS generation lib * Follows the same general pattern as our other "capture" CLIs like `packages/kbn-check-mappings-update-cli` * Result includes only `/api/status` for now, waiting for other paths to add missing parts --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Pierre Gayvallet
|
db316ad475
|
[http] explicitly create the server listener (#183591)
## Summary Related to https://github.com/elastic/kibana/issues/7104 Adapted from https://github.com/elastic/kibana/pull/183465 For `http2` support, we will have to change the way we configure the HAPI server to manually provide the listener instead of passing down the options for HAPI to create it. This PR prepares that work, by creating the `http` or `https` (`tls`) listener and passing it when creating the HAPI server instead of just passing the `tls` options. **Note:** no integration tests were added, because we already have the right coverage for both tls and non-tls mode, so any change of behavior introduced by the PR should be detectable by them. |
||
|
Pierre Gayvallet
|
3290d395c8
|
Add httpVersion and protocol fields to KibanaRequest (#183725)
## Summary Part of https://github.com/elastic/kibana/issues/7104 Prepare the work for `http2` support by introducing the `httpVersion` and `protocol` fields to the `KibanaRequest` type and implementation. Proper handling of h2 protocol for those fields will be added in the PR implementing http2 (https://github.com/elastic/kibana/pull/183465) |
||
|
Pierre Gayvallet
|
148eeec0fe
|
Update supertest and superagent to latest version (#183587)
## Summary Related to https://github.com/elastic/kibana/issues/7104 Update supertest, superagent, and the corresponding type package, to their latest version. (of course, types had some signature changes and we're massively using supertest in all our FTR suites so the whole Kibana multiverse has to review it) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Milton Hultgren
|
4ff673c5f2
|
[kbn-server-route-repository] Allow custom response (#182679)
This PR changes `registerRoutes` to: 1. Pass the `response` object into the `handler` inside of the `wrappedHandler` to give access to the route handler to create Kibana responses 2. Check if the result of the `handler` is already a Kibana response and only wrap it into a Kibana response if it isn't. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Jean-Louis Leysens
|
1e80b0114e
|
[HTTP/OAS] Added response schemas for /api/status (#181277)
## Summary Part https://github.com/elastic/kibana/issues/180056. Adds new response schemas to the `/api/status` endpoint for the purposes of OAS generation. ## How to test 1. Start ES 2. Add `server.oas.enabled: true` to `kibana.dev.yml` 3. Start Kibana `yarn start --no-base-path` 4. `curl -s -uelastic:changeme http://localhost:5601/api/oas\?pathStartsWith\=/api/status | jq` <details> <summary>output</summary> ```json { "openapi": "3.0.0", "info": { "title": "Kibana HTTP APIs", "version": "0.0.0" }, "servers": [ { "url": "http://localhost:5601" } ], "paths": { "/api/status": { "get": { "summary": "Get Kibana's current status.", "responses": { "200": { "description": "Get Kibana's current status.", "content": { "application/json; Elastic-Api-Version=2023-10-31": { "schema": { "description": "Kibana's operational status. A minimal response is sent for unauthorized users.", "anyOf": [ { "$ref": "#/components/schemas/core.status.response" }, { "$ref": "#/components/schemas/core.status.redactedResponse" } ] } } } }, "503": { "description": "Get Kibana's current status.", "content": { "application/json; Elastic-Api-Version=2023-10-31": { "schema": { "description": "Kibana's operational status. A minimal response is sent for unauthorized users.", "anyOf": [ { "$ref": "#/components/schemas/core.status.response" }, { "$ref": "#/components/schemas/core.status.redactedResponse" } ] } } } } }, "parameters": [ { "in": "header", "name": "elastic-api-version", "description": "The version of the API to use", "schema": { "type": "string", "enum": [ "2023-10-31" ], "default": "2023-10-31" } }, { "name": "v7format", "in": "query", "required": false, "schema": { "type": "boolean" }, "description": "Set to \"true\" to get the response in v7 format." }, { "name": "v8format", "in": "query", "required": false, "schema": { "type": "boolean" }, "description": "Set to \"true\" to get the response in v8 format." } ], "operationId": "/api/status#0" } } }, "components": { "schemas": { "core.status.response": { "description": "Kibana's operational status as well as a detailed breakdown of plugin statuses indication of various loads (like event loop utilization and network traffic) at time of request.", "type": "object", "properties": { "name": { "description": "Kibana instance name.", "type": "string" }, "uuid": { "description": "Unique, generated Kibana instance UUID. This UUID should persist even if the Kibana process restarts.", "type": "string" }, "version": { "type": "object", "properties": { "number": { "description": "A semantic version number.", "type": "string" }, "build_hash": { "description": "A unique hash value representing the git commit of this Kibana build.", "type": "string" }, "build_number": { "description": "A monotonically increasing number, each subsequent build will have a higher number.", "type": "number" }, "build_snapshot": { "description": "Whether this build is a snapshot build.", "type": "boolean" }, "build_flavor": { "description": "The build flavour determines configuration and behavior of Kibana. On premise users will almost always run the \"traditional\" flavour, while other flavours are reserved for Elastic-specific use cases.", "anyOf": [ { "enum": [ "serverless" ], "type": "string" }, { "enum": [ "traditional" ], "type": "string" } ] }, "build_date": { "description": "The date and time of this build.", "type": "string" } }, "additionalProperties": false, "required": [ "number", "build_hash", "build_number", "build_snapshot", "build_flavor", "build_date" ] }, "status": { "type": "object", "properties": { "overall": { "type": "object", "properties": { "level": { "description": "Service status levels as human and machine readable values.", "anyOf": [ { "enum": [ "available" ], "type": "string" }, { "enum": [ "degraded" ], "type": "string" }, { "enum": [ "unavailable" ], "type": "string" }, { "enum": [ "critical" ], "type": "string" } ] }, "summary": { "description": "A human readable summary of the service status.", "type": "string" }, "detail": { "description": "Human readable detail of the service status.", "type": "string" }, "documentationUrl": { "description": "A URL to further documentation regarding this service.", "type": "string" }, "meta": { "description": "An unstructured set of extra metadata about this service.", "type": "object", "additionalProperties": {} } }, "additionalProperties": false, "required": [ "level", "summary", "meta" ] }, "core": { "description": "Statuses of core Kibana services.", "type": "object", "properties": { "elasticsearch": { "type": "object", "properties": { "level": { "description": "Service status levels as human and machine readable values.", "anyOf": [ { "enum": [ "available" ], "type": "string" }, { "enum": [ "degraded" ], "type": "string" }, { "enum": [ "unavailable" ], "type": "string" }, { "enum": [ "critical" ], "type": "string" } ] }, "summary": { "description": "A human readable summary of the service status.", "type": "string" }, "detail": { "description": "Human readable detail of the service status.", "type": "string" }, "documentationUrl": { "description": "A URL to further documentation regarding this service.", "type": "string" }, "meta": { "description": "An unstructured set of extra metadata about this service.", "type": "object", "additionalProperties": {} } }, "additionalProperties": false, "required": [ "level", "summary", "meta" ] }, "savedObjects": { "type": "object", "properties": { "level": { "description": "Service status levels as human and machine readable values.", "anyOf": [ { "enum": [ "available" ], "type": "string" }, { "enum": [ "degraded" ], "type": "string" }, { "enum": [ "unavailable" ], "type": "string" }, { "enum": [ "critical" ], "type": "string" } ] }, "summary": { "description": "A human readable summary of the service status.", "type": "string" }, "detail": { "description": "Human readable detail of the service status.", "type": "string" }, "documentationUrl": { "description": "A URL to further documentation regarding this service.", "type": "string" }, "meta": { "description": "An unstructured set of extra metadata about this service.", "type": "object", "additionalProperties": {} } }, "additionalProperties": false, "required": [ "level", "summary", "meta" ] } }, "additionalProperties": false, "required": [ "elasticsearch", "savedObjects" ] }, "plugins": { "description": "A dynamic mapping of plugin ID to plugin status.", "type": "object", "additionalProperties": { "type": "object", "properties": { "level": { "description": "Service status levels as human and machine readable values.", "anyOf": [ { "enum": [ "available" ], "type": "string" }, { "enum": [ "degraded" ], "type": "string" }, { "enum": [ "unavailable" ], "type": "string" }, { "enum": [ "critical" ], "type": "string" } ] }, "summary": { "description": "A human readable summary of the service status.", "type": "string" }, "detail": { "description": "Human readable detail of the service status.", "type": "string" }, "documentationUrl": { "description": "A URL to further documentation regarding this service.", "type": "string" }, "meta": { "description": "An unstructured set of extra metadata about this service.", "type": "object", "additionalProperties": {} } }, "additionalProperties": false, "required": [ "level", "summary", "meta" ] } } }, "additionalProperties": false, "required": [ "overall", "core", "plugins" ] }, "metrics": { "description": "Metric groups collected by Kibana.", "type": "object", "properties": { "elasticsearch_client": { "description": "Current network metrics of Kibana's Elasticsearch client.", "type": "object", "properties": { "totalActiveSockets": { "description": "Count of network sockets currently in use.", "type": "number" }, "totalIdleSockets": { "description": "Count of network sockets currently idle.", "type": "number" }, "totalQueuedRequests": { "description": "Count of requests not yet assigned to sockets.", "type": "number" } }, "additionalProperties": false, "required": [ "totalActiveSockets", "totalIdleSockets", "totalQueuedRequests" ] }, "last_updated": { "description": "The time metrics were collected.", "type": "string" }, "collection_interval_in_millis": { "description": "The interval at which metrics should be collected.", "type": "number" } }, "additionalProperties": false, "required": [ "elasticsearch_client", "last_updated", "collection_interval_in_millis" ] } }, "additionalProperties": false, "required": [ "name", "uuid", "version", "status", "metrics" ] }, "core.status.redactedResponse": { "description": "A minimal representation of Kibana's operational status.", "type": "object", "properties": { "status": { "type": "object", "properties": { "overall": { "type": "object", "properties": { "level": { "description": "Service status levels as human and machine readable values.", "anyOf": [ { "enum": [ "available" ], "type": "string" }, { "enum": [ "degraded" ], "type": "string" }, { "enum": [ "unavailable" ], "type": "string" }, { "enum": [ "critical" ], "type": "string" } ] } }, "additionalProperties": false, "required": [ "level" ] } }, "additionalProperties": false, "required": [ "overall" ] } }, "additionalProperties": false, "required": [ "status" ] } }, "securitySchemes": { "basicAuth": { "type": "http", "scheme": "basic" }, "apiKeyAuth": { "type": "apiKey", "in": "header", "name": "Authorization" } } }, "security": [ { "basicAuth": [] } ] } ``` </details> Related to https://github.com/elastic/kibana/pull/181622 ## Notes * Tip from @lcawl : "If you want to see Bump previews of your files too, I’ve been doing it via the preview command per https://docs.bump.sh/help/continuous-integration/cli/#bump-preview-file" |
||
|
Milton Hultgren
|
8a52c11239
|
[http] Expose isKibanaReponse helper in public API (#182392)
For some other changes I'm working on, I need to be able to distinguish if a route handler returned a `IKibanaResponse` / `KibanaResponse` object or some other object that needs to be wrapped before being sent back. Rather than duplicating this little helper I want to expose it as part of the public API of `core.http`. |
||
|
Jean-Louis Leysens
|
bef50072db
|
[HTTP/OAS] Support specifying content types (#181697)
## Summary Related to https://github.com/elastic/kibana/issues/180056 Adds the ability to specify a content type for the request / response of an API. The current approach is to use the `options.accepts` value already present on the route but to also add the ability to specify a content type per response, otherwise fallback to `application/json`. ## Notes * Fixed an issue where we might not be iterating over response codes correctly (and updated test cases) * Refactored the `generate_oas.ts` script to be more maintainable (apologies for the noise) |
||
|
Jean-Louis Leysens
|
7fc54940fb
|
[HTTP] Remove description from options in versioned router options (#181989)
## Summary Ensure that we only provide one option for providing `description` to versioned routes. |
||
|
Jean-Louis Leysens
|
97e1d9f4b8
|
[HTTP/OAS] Lazy response schemas (#181622)
## Summary
Based on the introduction of new response schemas for OAS generation we
are going to start the long tail of introducing missing response (`joi`)
schemas. We have roughly 520 known public APIs, most of which do not
have response schemas defined. We expected a fairly large increase in
`@kbn/config-schema` definitions in the coming weeks/months. Regardless
of actual outcome and given how slow schema instantiation is, this
presents a slight concern for startup time.
## Proposed changes
Give consumers guidance and a way to pass in validation lazily. Under
the hood we make sure that the lazy schemas only get called once.
```ts
/**
* A validation schema factory.
*
* @note Used to lazily create schemas that are otherwise not needed
* @note Assume this function will only be called once
*
* @return A @kbn/config-schema schema
* @public
*/
export type LazyValidator = () => Type<unknown>;
/** @public */
export interface VersionedRouteCustomResponseBodyValidation {
/** A custom validation function */
custom: RouteValidationFunction<unknown>;
}
/** @public */
export type VersionedResponseBodyValidation =
| LazyValidator
| VersionedRouteCustomResponseBodyValidation;
/**
* Map of response status codes to response schemas
*
* @note Instantiating response schemas is expensive, especially when it is
* not needed in most cases. See example below to ensure this is lazily
* provided.
*
* @note The {@link TypeOf} type utility from @kbn/config-schema can extract
* types from lazily created schemas
*
* @example
* ```ts
* // Avoid this:
* const badResponseSchema = schema.object({ foo: foo.string() });
* // Do this:
* const goodResponseSchema = () => schema.object({ foo: foo.string() });
*
* type ResponseType = TypeOf<typeof goodResponseSchema>;
* ...
* .addVersion(
* { ... validation: { response: { 200: { body: goodResponseSchema } } } },
* handlerFn
* )
* ...
* ```
* @public
*/
export interface VersionedRouteResponseValidation {
[statusCode: number]: {
body: VersionedResponseBodyValidation;
};
unsafe?: { body?: boolean };
}
```
## Notes
* Expected (worst case) in low resource environments is an additional
1.5 seconds to start up time and additional ~70MB to memory pressure
which is not a great trade-off for functionality that is only used when
OAS generation is on.
Related https://github.com/elastic/kibana/pull/181277
|
||
|
Pierre Gayvallet
|
2911f597a4
|
Add translation files to CDN assets (#181650)
## Summary
Part of https://github.com/elastic/kibana/issues/72880
- Generate translation files for all locales (including all internal
plugins) during the CDN asset generation task
- Adapt the `rendering` service to use the translation files from the
CDN if configured/enabled
### How to test
Connect to the serverless project that was created for the PR, and
confirm the translation file is being loaded from the CDN
<img width="907" alt="Screenshot 2024-04-25 at 15 55 23"
src="
|
||
|
Pierre Gayvallet
|
0f3ecf739e
|
[Security into Core] expose userProfile service from Core (#180372)
## Summary Fix https://github.com/elastic/kibana/issues/178932 - Introduce the new `userProfile` core service, both on the browser and server-side. - Have the security plugin register its API to Core for re-exposition --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Jean-Louis Leysens
|
654c0dc467
|
[HTTP/OAS] HTTP API (#181144)
## Summary Adds a new core-owned experimental HTTP API: `GET /api/oas` with the following query params for filtering: - `pluginId` - request a specific plugin's OAS - `pathStartsWith` - request OAS for paths that start with the given string The current rationale is that this will provide sufficient scoping to allow developers and docs maintainers to request only the OAS they need (since Kibana's surface area is HUGE). Also added a new experimental config: `server.oas.enabled: <boolean>`. Set this to `true` to play around with this feature locally. ## How to test 1. Add `server.oas.enabled: true` to `kibana.dev.yml` 2. Start Kibana with `yarn start --no-base-path` 3. `curl -uelastic:changeme http://localhost:5601/api/oas\?pathStartsWith\=/api/status | jq` 4. You should have a JSON representation of an OAS doc containing the `/api/status` endpoint! <details> <summary>example</summary> ```json { "openapi": "3.0.0", "info": { "title": "Kibana HTTP APIs", "version": "0.0.0" }, "servers": [ { "url": "http://localhost:5601" } ], "paths": { "/api/status": { "get": { "responses": {}, "parameters": [ { "in": "header", "name": "elastic-api-version", "schema": { "type": "string", "enum": [ "2023-10-31" ], "default": "2023-10-31" } }, { "name": "v7format", "in": "query", "required": false, "schema": { "type": "boolean" } }, { "name": "v8format", "in": "query", "required": false, "schema": { "type": "boolean" } } ], "operationId": "/api/status#0" } } }, "components": { "schemas": {}, "securitySchemes": { "basicAuth": { "type": "http", "scheme": "basic" }, "apiKeyAuth": { "type": "apiKey", "in": "header", "name": "Authorization" } } }, "security": [ { "basicAuth": [] } ] } ``` </details> ## Risks * The work to generate OAS can be expensive (for both CPU and memory). To mitigate, the endpoint will only be registered provided a specific config and we are using concurrency control (`Semaphore`) to allow only one of these operations to be handled at a time. ## Future work * We must start the long tail work of furnishing endpoints with missing response schemas. I intend to do so for the `/api/status` route next --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Jean-Louis Leysens
|
29fb11b358
|
[HTTP/OAS] @kbn/router-to-openapispec (#180683)
## Summary Introduces a new package for generating OAS from Kibana's routers. This first iteration includes: * E2E conversion of Core's `Router` and `CoreVersionedRouter` routes into a single OAS document (not written to disk or shared anywhere yet...) * Support for [`$ref`](https://swagger.io/docs/specification/using-ref/?sbsearch=%24ref) by introducing the `meta.id` field `@kbn/config-schema`'s base type. This is intended to be used only response/request schemas initially. ## TODO - [x] More unit tests --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> |
||
|
Jean-Louis Leysens
|
8da3ec4413
|
[HTTP/OAS] Prepare router and versioned router for generating OAS (#180275)
## Summary Part of https://github.com/elastic/kibana/issues/180056 ## Notes * Extracted and adapted from https://github.com/elastic/kibana/pull/156357 |