* Move kibana-keystore from data/ to config/
This is a breaking change to move the location of kibana-keystore.
Keystores in other stack products live in the config directory, so this
updates our current path to be consistent.
Closes#25746
* add breaking changes
* update comment
* wip
* fix docs
* read from both keystore locations, write priority to non-deprecated
* note data directory fallback
* add tests for get_keystore
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* Remove support for deprecated xpack.telemetry configurations
In 7.5, we moved telemetry to OSS and dropped the xpack prefix for the
telemetry plugin configuration options. We deprecated the usage of the
xpack prefix so any existing usage would trigger a warning at startup.
In 8.0, we remove support for the deprecated xpack prefix configs for
telemetry.
* Move telemetry settings into its own document
* Use external reference instead of anchor
* Update docs/migration/migrate_8_0.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/migration/migrate_8_0.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/settings/telemetry-settings.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/settings/telemetry-settings.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/settings/telemetry-settings.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/settings/telemetry-settings.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/settings/telemetry-settings.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/settings/telemetry-settings.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/settings/telemetry-settings.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Update docs/settings/telemetry-settings.asciidoc
Co-Authored-By: gchaps <33642766+gchaps@users.noreply.github.com>
* Remove depecrated xpack.telemetry.* config from xpack_main/index.js
Co-authored-by: Alejandro Fernández Haro <alejandro.haro@elastic.co>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Alejandro Fernández Haro <afharo@gmail.com>
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
Previously, if any of the following were true, we would log HTTP responses.
- `logging.json` was set
- `logging.dest` was set
- `TTY` was detected
The logging format should not dictate what is logged
Signed-off-by: Tyler Smalley <tyler.smalley@elastic.co>
* [csp] reject legacy browsers by default
The csp.strict config is now enabled by default, so legacy browsers like
IE11 will not be able to access Kibana unless the deployment has
explicitly enabled it.
* docs: csp.strict breaking change
* csp: warn legacy browsers that do not support CSP
The new csp.warnLegacyBrowsers configuration is enabled by default, and
it shows a warning message to any legacy browser when they access Kibana
to indicate that they are not enforcing the basic security protections
of the current install.
The protections check is the same as csp.strict, so this feature is
designed to be used as an alternative to aid in BWC. When csp.strict is
enabled, warnLegacyBrowsers is effectively ignored.
* fix ChromeService tests
* more test fixes
* csp injectvars in legacy test bundle
* update warning text and make it translatable
* no need to warn in legacy browser unit tests
* tests for chrome legacy browser warning
* document legacy browser warning breaking change
* update csp warning toast message
* add period, remove dev code
* Remove mode.initialize and change useRbacForRequest to useRbac
* Updating saved object api tests
* Fixing spaces api integration tests
* Removing unused "expect legacy forbidden" declarations and imports
* Updating docs
* Update docs/migration/migrate_7_0.asciidoc
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Update docs/migration/migrate_7_0.asciidoc
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Updating comment that mentions the scenario when we aren't using RBAC
* Adding back the authorization section of the config
When a config setting is marked as unused using the deprecations, it's
still required to show up in the config declarations so an error isn't
thrown on startup.
* Adding note about watcher jobs
* Update docs/migration/migrate_7_0.asciidoc
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Disabling TLSv1 from being enabled by default
* Adding breaking change docs
* Update docs/migration/migrate_7_0.asciidoc
Co-Authored-By: kobelb <brandon.kobel@gmail.com>
* Using the schema defaults
* Fixing type definitions
* Adjusting logic for no supported protocols
* Adding minSize: 1 to the supported protocols
* [config] logging.useUTC -> logging.timezone
* docs
* [env] exit if starting as root
* fix import path
* add link and timezone example
* Revert "[env] exit if starting as root"
This reverts commit f6e9090833a5180fe360a9ff54543c37c0ca3a58.
