## Summary
The legacy `@elastic/kibana-gis` team is now a part of
`@elastic/kibana-presentation`. So we should move ownership of all code
to the correct team.
In an attempt to make Reviewing easier and more accurate, the
implementation of Misconfiguration Data grid on Host.name flyout in
Alerts Page will be split into 2 Phases
Phase 1: Move Functions, Utils or Helpers, Hooks, constants to Package
Phase 2: Implementing the feature
This is **Phase 2** of the process
<img width="1712" alt="Screenshot 2024-09-11 at 2 16 20 PM"
src="https://github.com/user-attachments/assets/29ab56db-8561-486c-ae8d-c254b932cea4">
How to test:
Pre req: In order to test this, you need to generate some fake alerts.
This [repo](https://github.com/elastic/security-documents-generator)
will help you do that
1. Generate Some Alerts
2. Use the Reindex API to get some Findings data in (change the
host.name field to match the host.name from alerts generated if you want
to test Findings table in the left panel flyout)
3. Turn on Risky Entity Score if you want to test if both Risk
Contribution and Insights tabs shows up, follow this
[guide](https://www.elastic.co/guide/en/security/current/turn-on-risk-engine.html)
to turn on Risk Entity Score
## Summary
We have to extract few components from `index_management` plugin to
shared packages for onboarding project. These extracted files would be
separated into small subject matter packages within a common folder -
`index-management` in `x-pack/packages/`.
What is covered in this PR?
* Created new folder `index-management` under [
x-pack/packages/](https://github.com/elastic/kibana/tree/main/x-pack/packages)
as a home for subject matter packages.
* moved existing package -
[@kbn/index-management](https://github.com/elastic/kibana/tree/main/x-pack/packages/index-management)
under `x-pack/packages/index-management`
* update name of
[@kbn/index-management](https://github.com/elastic/kibana/tree/main/x-pack/packages/index-management)
to `@kbn/index-management-shared-types`
* updated related files which use `@kbn/index-management` to use
`@kbn/index-management-shared-types`
**Note**
Extracting components required for onboarding project will be part of
another PR
~blocked by https://github.com/elastic/kibana/issues/192004~
This change adds an `includeState: boolean` option to methods querying
entity definitions. When true this adds an `EntityDefinitionState`
object containing all the definition components and their state
(installed or not) and stats. Since this may only be used internally (eg
builtin definition installation process) and for troubleshooting,
`includeState` is false by default
#### Testing
- install a definition
- call `GET
kbn:/internal/entities/definition/<definition-id>?includeState=true`
- check and validate the definition `state` block
- manually remove transform/pipeline/template components
- check and validate the definition `state` block
## Summary
Kibana needs to more tightly control the set of visible features within
a space, in order to support the new solution-based navigation.
Added `scope` field to the features configuration. This enhancement is
intended to prevent new features from appearing in Space Visibility
Toggles.
### Checklist
- [x]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
__Fixes: https://github.com/elastic/kibana/issues/191299__
## Release Note
Added `scope` field to the features configuration. This enhancement is
intended to prevent new features from appearing in Space Visibility
Toggles.
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Description
This PR adds an inventory plugin, which renders an inventory UI.
Currently only data streams are rendered. This is part of the LogsAI
initiative - basically we need a UI for tasks like structuring data,
extracting entities, listing the results etc. This is mostly POC-level
stuff. Eventually some of this code might be handed over to ECO but
let's cross that bridge when we get to it.
## Notes for reviewers:
@elastic/appex-ai-infra @elastic/security-generative-ai: added a
`truncateList` utility function that takes the first n elements of an
array and appends a `{l-n} more` string value if there are more values
than n. Really simple but I expect will also be very often used because
we cannot send a huge amount of items to the LLM.
@elastic/kibana-core @elastic/kibana-operations: just boiler plate stuff
for adding a new plugin (and thank you for enabling us to run
`quick_checks` locally!
@elastic/obs-knowledge-team: added support for streaming using an
Observable.
@elastic/obs-ux-management-team: added links to the Inventory UI in the
Observability plugin
@elastic/obs-entities: I've added an entity manager client to be able to
fetch entity definitions on the server. Maybe there's a better way? LMK.
@elastic/obs-ux-logs-team: added a deeplink to the Inventory UI. I've
also moved CODEOWNERS for this package to
@elastic/obs-ux-management-team as they own the Observability plugin
where this is mostly used.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
`v95.9.0`⏩`v95.10.1`
> [!note]
> **EuiDataGrid**'s header cells have received a major UX change in
order to support interactive children within header content. Column
header actions now must be hovered and then clicked directly, or opened
with the Enter key, as opposed to being able to click the entire header
cell to see the actions popover.
_[Questions? Please see our Kibana upgrade
FAQ.](https://github.com/elastic/eui/blob/main/wiki/eui-team-processes/upgrading-kibana.md#faq-for-kibana-teams)_
---
## [`v95.10.0`](https://github.com/elastic/eui/releases/v95.10.0)
- Updated `EuiDataGrid` to support interactive header cell content
([#7898](https://github.com/elastic/eui/pull/7898))
- Updated `EuiSearchBar`'s `field_value_selection` filter type with a
new `autoSortOptions` config, allowing consumers to configure whether or
not selected options are automatically sorted to the top of the filter
list ([#7958](https://github.com/elastic/eui/pull/7958))
- Updated `getDefaultEuiMarkdownPlugins` to support the following new
default plugin configurations:
([#7985](https://github.com/elastic/eui/pull/7985))
- `parsingConfig.linkValidator`, which allows configuring
`allowRelative` and `allowProtocols`
- `parsingConfig.emoji`, which allows configuring emoticon parsing
- `processingConfig.linkProps`, which allows configuring rendered links
with any props that `EuiLink` accepts
- See our **Markdown plugins** documentation for example
`EuiMarkdownFormat` and `EuiMarkdownEditor` usage
- Updated `EuiDatePicker` to support `append` and `prepend` nodes in its
form control layout ([#7987](https://github.com/elastic/eui/pull/7987))
**Bug fixes**
- Fixed border rendering bug with inline `EuiDatePicker`s with
`shadow={false}` ([#7987](https://github.com/elastic/eui/pull/7987))
- Fixed `EuiSuperSelect`'s placeholder text color to match other form
controls ([#7995](https://github.com/elastic/eui/pull/7995))
**Accessibility**
- Improved the keyboard navigation and screen reader output for
`EuiDataGrid` header cells
([#7898](https://github.com/elastic/eui/pull/7898))
## [`v95.10.1`](https://github.com/elastic/eui/releases/v95.10.1)
**Bug fixes**
- Fixed a visual bug in compact density `EuiDataGrid`s, where the header
cell height would increase when the actions button became visible
([#7999](https://github.com/elastic/eui/pull/7999))
---------
Co-authored-by: Lene Gadewoll <lene.gadewoll@elastic.co>
## Summary
Upgrades `@testing-library/user-event` to `^14.5.2`. See the release
notes for `v14` for breaking changes:
https://github.com/testing-library/user-event/releases/tag/v14.0.0
I was facing an
[issue](https://github.com/testing-library/user-event/issues/662) with
`v13.5.0` with `userEvent.click()` in a PR
(https://github.com/elastic/kibana/pull/189729) and was able to verify
that `v14.4.3` onwards fixes it so I decided to update that package.
What a rabbit hole 😅 !
- In `user-event` `v14` events return a promise, so this PR updates
usage of the likes of `userEvent.click` with `await userEvent.click`.
Regex to search for `userEvent` calls that miss `await` except `.setup`:
`(?<!await\s)userEvent\.(?!setup\b)`
- The way to handle pointer events needed changing from `, undefined, {
skipPointerEventsCheck: true });` to `, { pointerEventsCheck: 0 });`.
- I tried a bit to do the refactor with codemods, but there were quite
some edge cases so it ended up being done manually.
- I looked into all failing tests and tried my best to update them, but
for some of them I lacked the context to make them work again. If you're
a code owner and find a skipped test in this PR please give it a try to
fix and push in this PR or let me know if it's fine for you to fix in
follow ups.
List of files where I had to skip tests (`git diff main...HEAD
-G'\.skip' --name-only`):
### `packages/kbn-dom-drag-drop`
- `packages/kbn-dom-drag-drop/src/droppable.test.tsx`
### `x-pack/plugins/cases`
- `x-pack/plugins/cases/public/components/templates/form.test.tsx`
-
`x-pack/plugins/cases/public/components/user_actions/user_actions_list.test.tsx`
### `x-pack/plugins/cloud_security_posture`
-
`x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/policy_template_form.test.tsx`
### `x-pack/plugins/lens`
-
`x-pack/plugins/lens/public/datasources/form_based/dimension_panel/format_selector.test.tsx`
### `x-pack/plugins/observability_solution`
-
`x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitor_add_edit/fields/request_body_field.test.tsx`
### `x-pack/plugins/security_solution`
-
`x-pack/plugins/security_solution/public/management/components/console/components/command_input/integration_tests/command_input.test.tsx`
-
`x-pack/plugins/security_solution/public/management/components/endpoint_responder/command_render_components/integration_tests/kill_process_action.test.tsx`
-
`x-pack/plugins/security_solution/public/management/components/endpoint_responder/command_render_components/integration_tests/release_action.test.tsx`
-
`x-pack/plugins/security_solution/public/management/components/endpoint_responder/command_render_components/integration_tests/status_action.test.tsx`
-
`x-pack/plugins/security_solution/public/management/components/endpoint_responder/command_render_components/integration_tests/upload_action.test.tsx`
-
`x-pack/plugins/security_solution/public/management/components/endpoint_response_actions_list/integration_tests/response_actions_log.test.tsx`
-
`x-pack/plugins/security_solution/public/management/pages/event_filters/view/components/event_filters_flyout.test.tsx`
-
`x-pack/plugins/security_solution/public/management/pages/response_actions/view/response_actions_list_page.test.tsx`
----
I plan to do a talk on Kibana Demo Days to walk through some of the
breaking changes and learnings.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
## Summary
This is a follow-up to https://github.com/elastic/kibana/pull/184974
that updates the KB Entries API's (and underlying schema) to support
`IndexEntries` in addition to `DocumentEntries`. `IndexEntries` are
entries in the Knowledge Base that are not backed by an embedded raw
text source, but rather by an entire Index or Data Stream. The user can
set the data source name, the specific field to query (must be ELSER
embeddings in this initial implementation), and a description for when
the assistant should search this data source for Knowledge Base content.
This essentially enables the user to create custom retrieval tools
backed by their own data.
The changes in this PR, as with the other recent KB enhancements, are
behind the following feature flag:
```
xpack.securitySolution.enableExperimental:
- 'assistantKnowledgeBaseByDefault'
```
however as code change is required to test the new mappings. For this
you can update the `knowledgeBaseDataStream` in
`x-pack/plugins/elastic_assistant/server/ai_assistant_service/index.ts`
to
```ts
this.knowledgeBaseDataStream = this.createDataStream({
resource: 'knowledgeBase',
kibanaVersion: options.kibanaVersion,
fieldMap: knowledgeBaseFieldMapV2, // Update this to the V2 mapping
});
```
Change set includes:
- [X] ES Knowledge Base data stream schema and OAS has been updated to
support `IndexEntries`.
- [X] OAS schema files have been moved to the `/entries` sub-directory
- [ ] Backend KB services have been updated to support `IndexEntries`
- [X] Storage methods updated
- [ ] Retrieval methods updated (will round out these endpoint when
working the UI next)
---
With these API changes, I've also introduced a few sample `*.http` files
for easier development/testing. These files are supported out of the box
in JetBrains IDE's or in VSCode with the
[httpyac](https://httpyac.github.io/) (and many other) extensions. Since
the configuration for these files includes a `-` in the name, that's why
you'll see a few @elastic/kibana-operations files updated.
You can read more about `http` files
[here](https://www.jetbrains.com/help/webstorm/http-client-in-product-code-editor.html)
and for the spec see this repo
[here](https://github.com/JetBrains/http-request-in-editor-spec/blob/master/spec.md).
If we find these useful, we could add support to our [OpenAPI
Generator](https://openapi-generator.tech/docs/generators/jetbrains-http-client)
to create these automatically. They currently live co-located next to
the OAS and generated schema files here:
```
x-pack/packages/kbn-elastic-assistant-common/impl/schemas/knowledge_base/entries/bulk_crud_knowledge_base_entries_route.http
x-pack/packages/kbn-elastic-assistant-common/impl/schemas/knowledge_base/entries/crud_knowledge_base_entries_route.http
```
and the main config here:
```
x-pack/packages/kbn-elastic-assistant-common/env/http-client.env.json
```
The `x-pack/packages/kbn-elastic-assistant-common/.gitignore` has been
updated to ignore `http-client.private.env.json` files locally, which is
how you can override the config as you'd like. This is helpful to add
variables like `basePath` as below:
```
{
"dev": {
"basePath": "/kbn"
}
}
```
To use them, just open the corresponding `*.http` for the API you want
to test, and click `Send`, and the response will open in another tab.
Here is what that looks like for creating one of the new `IndexEntry` KB
documents that have been introduced in this PR:
<p align="center">
<img width="500"
src="https://github.com/user-attachments/assets/c9e70d1a-28d2-4eb3-9853-ab6d8e1c7acf"
/>
</p>
### Checklist
Delete any items that are not applicable to this PR.
- [X] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
* Feature currently behind feature flag. Documentation to be added
before flag is removed. Tracked in
https://github.com/elastic/security-docs/issues/5337
- [X] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This PR establishes appropriate privileges across Endpoint tiers. In
Endpoint Complete, users will be able to create, update, and delete Host
Isolation Exceptions. Upon downgrading to Endpoint Essentials, users
should still be able to view and remove items from the Blocklist but
will not have the ability to edit or create new entries.
Please see linked issue for more details on current behaviour.
Expected privileges:
Endpoint Essentials - User can read and delete HIE
Endpoint Complete - User can read, delete and write HIE
https://github.com/user-attachments/assets/69d14a51-6004-45b7-9c78-62066441f4ab
## Summary
Part of https://github.com/elastic/kibana/issues/138222
in @types/react@18 types [have become more
strict](https://github.com/DefinitelyTyped/DefinitelyTyped/pull/56210).
This PR addresses a bunch of easy fixes. The most common are:
### 1 Removal of implicit children
For components that do implement children but relied on their implicit
declaration from React.FunctionComponent or React.Component:
```diff
interface Props {
+ children?: React.ReactNode;
}
class SomeClassComponents React.Component<Props> {
render() {
return <div>{this.props.children}</div>
}
}
const SomeFunctionComponent: React.FunctionComponent<Props> = props => <div>{props.children}</div>
```
or
```diff
- const SomeFunctionComponent: React.FunctionComponent<Props> = props => <div>{props.children}</div>
+ const SomeFunctionComponent: React.FunctionComponent<React.PropsWithChildren<Props>> = props => <div>{props.children}</div>
```
*Note 1:*
The most common change occurs in unit tests where `renderHook` and
`wrapper` are used. I had to re-type the props so that `children` were
there
```diff
const { result } = renderHook(
() => {
return useLicense();
},
{
- wrapper: ({ children }) => (
+ wrapper: ({ children }: React.PropsWithChildren<{}>) => (
<TestProviders license={license}>{children}</TestProviders>
),
}
);
```
```diff
- const { result } = renderHook<GetCasesColumn, UseCasesColumnsReturnValue>(
+ const { result } = renderHook<React.PropsWithChildren<GetCasesColumn>, UseCasesColumnsReturnValue>(
() => useCasesColumns(defaultColumnArgs),
{
wrapper: ({ children }) => <TestProviders>{children}</TestProviders>,
}
);
```
*Note 2:*
With @types/react@17 the components that don't have any props apart from
`children` I had to use `React.PropsWithChildren<{}>`, whereas in
@types/react@18 the argument becomes optional, so it can be omitted, and
type simpler with `React.PropsWithChildren` without an argument
### 2 `this.context` becomes `unknown` (was `any`)
In a couple of places where `this.context` is used, I had to type it
### 3 `ComponentType` from enzyme is no longer compatible with
`ComponentType` from react
This one is a bummer, but where `wrappingComponent` with enzyme is used
I had to cast it to type from `enzyme`
```diff
- import { mount } from 'enzyme'
+ import { mount, ComponentType } from 'enzyme'
wrapper = mount(<ClosureOptions {...props} />, {
- wrappingComponent: TestProviders,
+ wrappingComponent: TestProviders as ComponentType<{}>,
});
```
## Summary
This PR adds a new functionality to the `kbn-expandable-flyout` package
and its usage in the Security Solution application.
The package's flyout now support to be rendered in `overlay` or `push`
mode, following [EUI's
recommendation](https://eui.elastic.co/#/layout/flyout#push-versus-overlay).
A gear icon button is rendered in the top right corner, next to the
close button. When clicked, a menu appears where users can select `push`
or `overlay` values. `overlay` is the default value. If `push` is
selected, a `Reset to default` empty button can be used to reset to
`overlay`.
Overlay option selected (by default)
Push option selected
The flyout should be toggled between `overlay` and `push` mode in all
the pages it's been currently used in:
- alerts page
- rule creation page
- explore pages (host, users...)
- case detail page
https://github.com/user-attachments/assets/b4cec138-802c-430d-8f37-01258e6afef3
But the flyout cannot be set to `push` mode when opened from Timeline.
Timeline is a modal (an EUI Portal to be precise), and getting the
portal as well as the overlay mask to correctly resize according to the
flyout's width (which is dynamic, changes with the screen size and also
changes if the flyout is in collapsed or expanded mode) is very
difficult.
A future PR might add this functionality to TImeline. At this time, the
flyout offers the option to disable the `push/overlay` toggle as well as
an icon to show a tooltip to explain why.
https://github.com/user-attachments/assets/e00961c8-cc75-4eb9-b34d-544bc4391d5c
#### Notes
The package also offers a way to hide the gear icon entirely. In the
future, we might need a bit more flexibility if we want to be able to
show the gear icon with options others than the `push/overlay` entry.
Finally the state of the flyout type (`overlay` vs `push`) is saved in
local storage so that users don't have to set the value over and over
again. This state is persisted within the `kbn-expandable-flyout`
package so that developers don't have to worry about setting it up. The
package uses its internal `urlKey` to guarantee that the key used to
save in localStorage is unique. This means that `memory` flyouts cannot
persist the `push` or `overlay` states, this is expected.
500315b5-07d4-4498-aab9-ee2e2be0253b
### Notes
The package's README has been updated.
New Storybook stories have been added to reflect the new push/overlay
functionality.
https://github.com/elastic/kibana/issues/182593
## Summary
In an attempt to make Reviewing easier and more accurate, the
implementation of Misconfiguration Data grid on Host.name flyout in
Alerts Page will be split into 2 Phases
Phase 1: Move Functions, Utils or Helpers, Hooks, constants to Package
Phase 2: Implementing the feature
This is Phase 1 of the process
This PR also include a small bug fix mentioned here
https://github.com/elastic/kibana/pull/191677#pullrequestreview-2279906960
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Resolves https://github.com/elastic/security-docs-internal/issues/36 by
improving the Security AI Assistant API docs content. Adds missing and
improves existing operation summaries and operation descriptions to
adhere to our [OAS
standards](450494532/API+reference+docs).
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
The previous https://github.com/elastic/kibana/pull/190105 was way too
big and made it hard to review without missing any bugs or potential
bugs, Thus we decided we are going to make series of smaller PR to make
things more manageable
We will be splitting it into 4 PR
Phase 1: Creating empty packages for csp and csp-common
Phase 2: Move Types from CSP plugin to the Package + Deleting duplicates
in the CSP plugin where possible
Phase 3: Move Functions, Utils or Helpers, Hooks to Package
Phase 4: Misconfiguration Preview feature (with Cypress test and other
required test)
<img width="681" alt="353329193-5ad22c4e-81c2-4a8b-89f7-fdbc2a686c2d"
src="https://github.com/user-attachments/assets/b369625a-efc5-4292-a690-2c5dffb5483d">
This is Phase 4 of the Process,
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Create `PATCH kbn:/internal/entities/definition` allowing update of
stored definition. The endpoint accepts an update object representing a
partial entity definition with a few key properties that cannot be
updated. The update process will stop and delete the existing transforms
and create new ones, there's
https://github.com/elastic/elastic-entity-model/issues/136 logged as a
follow up improvement.
### Testing
- call `PUT kbn:/internal/entities/definition/{id}` with an update
payload (see [update
schema](7a7fbdf1cd/x-pack/packages/kbn-entities-schema/src/schema/entity_definition.ts (L62)))
- call `GET kbn:/internal/entities/definition` and verify the update in
reflected in the stored definition
- verify the updated properties are reflected in the corresponding
transform/pipeline components
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Inference endpoints were ignoring different deployments, only looking at
the first deployment. This is wrong: we should be checking the specific
inference endpoint's trained model reference deployment. This fixes
that.
The previous https://github.com/elastic/kibana/pull/190105 was way too
big and made it hard to review without missing any bugs or potential
bugs, Thus we decided we are going to make series of smaller PR to make
things more manageable
We will be splitting it into 4 PR
Phase 1: Creating empty packages for csp and csp-common
Phase 2: Move Types from CSP plugin to the Package + Deleting duplicates
in the CSP plugin where possible
Phase 3: Move Functions, Utils or Helpers, Hooks to Package
Phase 4: Misconfiguration Preview feature (with Cypress test and other
required test)
This is **Phase 3** of the Process,
This also includes moving rule versions type
This PR is the continuation of this PR
https://github.com/elastic/kibana/pull/190933
NOTE:
Merge phase 2 first before this
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Prep work for React@18 bump
https://github.com/elastic/kibana/issues/138222
In React@18 `useCallback` types has changed that introduced breaking
changes:
https://github.com/DefinitelyTyped/DefinitelyTyped/issues/46691
Fixed using:
https://github.com/eps1lon/types-react-codemod?tab=readme-ov-file#usecallback-implicit-any
**Tried to do my best with fixing the types, but if you disagree or have
a better idea how it should be solved feel free to suggest changes or
commit directly to the branch 🙏**
---------
Co-authored-by: Sergi Massaneda <sergi.massaneda@elastic.co>
Co-authored-by: Sébastien Loix <sabee77@gmail.com>
Co-authored-by: Nick Peihl <nick.peihl@elastic.co>
Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co>
Co-authored-by: Felix Stürmer <felix.stuermer@elastic.co>
Co-authored-by: nickofthyme <nicholas.partridge@elastic.co>
Co-authored-by: Davis McPhee <davis.mcphee@elastic.co>
Co-authored-by: Vitalii Dmyterko <92328789+vitaliidm@users.noreply.github.com>
Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co>
Co-authored-by: Anton Dosov <anton.dosov@elastic.co>
Adds a `@kbn/observability-utils` package.
```md
# @kbn/observability-utils
This package contains utilities for Observability plugins. It's a separate package
to get out of dependency hell. You can put anything in here that is stateless and
has no dependency on other plugins (either directly or via other packages).
The utility functions should be used via direct imports to minimize impact on
bundle size and limit the risk on importing browser code to the server and vice versa.
```
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
## Summary
This PR extracts the kibana privilege component into a package, to
support the work that's been done to integrate role privilege selection
within the newly improved spaces administration app, and is the last in
the series of PR to make this possible. Without this undertaken we would
be creating cyclic dependency between the security and spaces plugin,
the image below provides a visual representation on how this PR resolves
the aforementioned issue;
[^legend]
[^legend]: item marked in blue is the package created in this PR.
This particular component, alongside the components that it's composed
of will now be housed in `@kbn/security-ui-components` (P.S. I'm not too
entirely sure about the naming, suggestions welcome).
<!--
### Checklist
Delete any items that are not applicable to this PR.
- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
### Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.
When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:
| Risk | Probability | Severity | Mitigation/Notes |
|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |
### For maintainers
- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
-->
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
>[!Note]
> This Change is only applicable to Serverless Security Solution as of
now. In follow-up PRs, support will be added to ESS as well based
data-sources such as index or intergrations.
## Summary
Resolves https://github.com/elastic/kibana/issues/189151
This PR is foundation for the work described in
https://github.com/elastic/kibana/issues/186783. This just enables
expandable flyout for entity details, which is currently only used in
security solution, in discover as well.
As a part of **One Discover** work, we need to make sure that cell
rendering in Discover should behave exactly like it does in security
solution.
To enable this, a new `shared-browser` package
`@kbn/security-solution-common` in `x-pack/packages/security-solution`
has been created which can used to share components between `security
solution` and `discover`. Below is the usage pattern
```mermaid
flowchart TD
disc-utils[@kbn/discover-utils] --> sscommon
sscommon[@kbn/security-solution-common] --> ssplugin[security_solution]
sscommon[@kbn/security-solution-common] --> discover[discover]
disc-utils[@kbn/discover-utils] --> discover
```
## Desk Testing Guide.
1. Enable Security profile in serverless by adding below to `kibana.yml`
```yaml
discover.experimental.enabledProfiles: ['security-root-profile']
```
2. Load Some data
4. Navigate to discover and add `host.name` as one of the column.
5. Should open an expandable flyout as shown below.
https://github.com/user-attachments/assets/92b84c89-8769-45dd-bf7e-a9fe527fdcf0
## Code Review Guide
Most of the changes in the PR are code-organization. There are NO
changes in security solution but only the changes to import statements.
You can focus regarding the changes in below packages:
- x-pack/packages/security-solution/common
- packages/kbn-discover-utils
- packages/kbn-expandable-flyout
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
The previous https://github.com/elastic/kibana/pull/190105 was way too
big and made it hard to review without missing any bugs or potential
bugs, Thus we decided we are going to make series of smaller PR to make
things more manageable
We will be splitting it into 4 PR
Phase 1: Creating empty packages for csp and csp-common
Phase 2: Move Types from CSP plugin to the Package + Deleting duplicates
in the CSP plugin where possible
Phase 3: Move Functions, Utils or Helpers, Hooks to Package
Phase 4: Misconfiguration Preview feature (with Cypress test and other
required test)
This is **Phase 2** of the Process
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
addresses https://github.com/elastic/kibana/issues/190964
Second in the series of PRs to address general DQD tech debt. Currently
this PR build on the work of
https://github.com/elastic/kibana/pull/190970.
So this PR restructures components to colocate component throughout the
hierarchy.
So instead of:
```bash
root/
component1/
childOfComponent1/
grandChildOfComponent1/
component2/
use_hook_used_for_1/
use_hook_used_for_2/
```
we use:
```bash
root/
component1/
hooks/
use_hook_used_for_1/
childOfComponent1/
grandChildOfComponent1/
component2/
hooks/
use_hook_used_for_2/
```
PROs of such scaffold:
- complete and clear hierarchical visibility into component structure of
the entire DQD codebase
- ability to easily introduce and integrate a new change and calculate
its impact on the tree of components
- ability to easily remove colocated functionality without having to
scout through the convoluted DQD code
- clear understanding of where shared code should live as opposed to
know when its shoved into top level by default with other non shared
code
- since nesting too deep has an import name readability tax it forces us
to think about not splitting our components into too many small parts
but rather keep it balanced, as opposed to now where flat structure
incentivizes free and cheap fragmentation as seen with component like
<body />.
CONS:
- import names have too many `../../../../../../../../../`. It is
fixable by ts paths/webpack aliases, but on the other hand especially if
there are many of those it's an indication of potential architectural
smell, that needs to be addressed (which is a PRO).
Imho, overall visibility trumps any cons and facilitates greater ease of
adding new and changing existing functionality with more confidence.
## Before
## After
## Summary
This PR is a precursor to https://github.com/elastic/kibana/pull/189871,
as part of the spaces improvement initiative there's a need to be able
to share the user privilege assignment component between the roles
experience and the new spaces experience to prevent duplication of
business logic and cohesiveness in the privilege assignment experience.
The aforementioned PR extracts the required component into it's own
package so it might be consumed as needed, this PR is particularly
concerned with extracting business logic said UI component depends on
that exists still within the security plugin. For context; the security
plugin already depends on the spaces plugin, so having the spaces plugin
in turn statically depend on the security plugin creates a cyclic
dependency. That being said to complement the eventual state of said
component so it might be imported elsewhere outside of the security
plugin there's a need to extract further logic into standalone packages,
so that the spaces plugin can consume this plugin without the afore
mentioned cyclic dependency problem.
#### Visually;
##### Problem;
##### Proposal
[^legend]
[^legend]: items marked in blue are the packages created in this PR,
whilst the entire diagram is the proposed future state
<!--### Checklist
Delete any items that are not applicable to this PR.
- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
### Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.
When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:
| Risk | Probability | Severity | Mitigation/Notes |
|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |
### For maintainers
- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
-->
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Updates usage of `js-yaml` `load` and `dump` to `safeLoad` and
`safeDump`, in preparation for a major version update of dependency,
where the default behavior will be that of the safe function variants.
## Note to reviewers
`safeDump` will throw if it encounters invalid types (e.g. `undefined`),
whereas the `dump` function will still write the file including the
invalid types. This may have an affect within your use cases - if
throwing is not acceptable or is unhandled. To avoid this the
`skipInvalid` option can be used (see
https://github.com/nodeca/js-yaml#dump-object---options-) - this will
write the file, stripping out any invalid types from the input.
Please consider this when reviewing the changes to your code. If the
`skipInvalid` option is needed, please add it, or let us know to make
the change.
---------
Co-authored-by: Sid <siddharthmantri1@gmail.com>
Co-authored-by: “jeramysoucy” <jeramy.soucy@elastic.co>
Co-authored-by: Elena Shostak <elena.shostak@elastic.co>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
addresses #185881
## Data Quality Dashboard UI Overhaul (Phase 1)
This PR introduces UI changes to the Data Quality Dashboard, focusing on
improving user experience and improving on existing data quality check
process.
## Notable changes:
- Update List View UI
- Move in-row check expansion into a Flyout
- Remove summary tab from index check
- Update index check UI
- Add table action to trigger manual individual index check without
opening index check properties
- Add in-flyout button to trigger manual individual check
- Add additional index stats panel within flyout
## Notable technical changes:
- remove prop drilling of new and existing omnipresent props by unifying
them in a series of context providers at the top of DQ dashboard
- introduce TestDataQualityProviders separate from external
TestProviders (renamed to TestExternalProviders) in tests. Change
affected tests.
- introduce `useIndicesCheck` hook to unify logic of index checking to
be able to call index checking from anywhere within DQD code without
relying on flaky and complicated useEffect driven logic of state
updates.
- introduce `useIsMounted`, hook to resolve issues with react state
update leaks
- introduce throttled `useCurrentWindowWidth` to handle custom index
flyout sizing for different screens.
- cleanup and refactor whatever is directly related or affected by
aforementioned code/test changes (including traces of removal of summary
tab)
- add extensive behavioral unit tests
# UI Changes (Before / After)
## List View Layout made more spacious
## Check All Layout made more spacious
## Total Stats Rollup converted to badges
## ILM Phase Filter repositioned
## Pattern Title Section
- Rearranged into accordion trigger button. Initially open by default.
- IlmPhase badges and Pattern title are now stacked horizontally.
- Index check result emoji converted to 'Pass' | 'Fail' badge
- Pattern stats text rearranged as badged text. Incompatible fields show
as red badges (when present), the rest - hollow.
## Latest Pattern Indices Check Table
- Added a new actions column with 2 actions (from left to right):
- View details (replaces row expander functionality (and icon) and
instead opens the index check results in a flyout)
- Check now **(NEW)** (adds ability to inline check the index without
opening it.)
- Index check result emoji turned to 'Pass' | 'Fail' badge
- `IlmPhase`, `Size`, `Last Check` columns width is shrunk to give more
space for index name
## Flyout Header
- Added index name with result check badge as title
- Added last check time as subtitle
- Added Tabs section for Latest Check and History **(REMOVED in latest
revision)**
## Flyout Stats Panel
- Added new index stats panel
## Index Check Fields Tab
- Tabs converted to a button group
- Summary Tab is **REMOVED**
- All field count badges have hollow color, except for red color for
`incompatible fields` tab (when count > 0) and `ecs compliant fields`
tab (when `@timestamp` is missing)
## Index Check Fields Callouts
- Callout header is removed (to avoid duplication with active tab name)
- Actions are converted into sticky footer (shows when scrolled sticky
to bottom, otherwise renders after the table)
- Same for every index check fields tab
## Compare Table List Values
- List values in compare tables are now horizontally stacked instead of
vertical to save space (applies to all compare tables in each index
check fields tab)
## Compare Table Columns
- `ECS description` field width increased at the expense of `field`
field, to make room for more readable description (applies respectively
to all compare tables within index check fields tabs)
## Flyout footer
- Add `Check now` button, that checks currently open index again and
updates the results in place.
Closes#187638
## Summary
In this [PR](https://github.com/elastic/kibana/pull/186190), we
introduced @kbn/zod package and an OAS convertor to automatically
generate Open API Specifications for the routes that use zod for their
validation. In this PR, we add an eslint rule to enforce importing from
@kbn/zod instead of zod directly.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
