## Summary
This PR brings Unified Search to APM
https://github.com/elastic/kibana/issues/152147
## Scope of Implementation
1. We are only adding the search capability for now.
2. Filters and Saved queries are not part of this scope
### Pending Items
- [x] Add Unit tests
- [x] Fix existing broken Unit tests
- [x] Fix existing broken Cy tests -
https://github.com/elastic/kibana/pull/154059
- [x] Replace the search bar for mobile
- [x] Work on feedback after deploying this branch
- [x] Add validation for Free Text. Awaiting -
https://github.com/elastic/kibana/issues/154239
- [x] Add logic to pass custom filters to Unified Search. Awaiting -
https://github.com/elastic/kibana/issues/154437
### Pages using Unified Search
- [x] Service Inventory
- [x] Service Map
- [x] Service Overview
- [x] Transactions Overview
- [x] Errors
- [x] Trace Overview
- [x] Dependencies Inventory
- [x] Agent Explorer
- [x] Storage Explorer
### Pages still using old Custom Implementation
- [ ] Trace Explorer - Out of scope for this PR
- [ ] Service Group - Changing this logic could take some additional
time as this would mean we allowing our SearchBar component to accept a
custom submit function which does not updates the URL, as in every other
implementation, we update the URL. I would mark this as a follow up
ticket/stretch goal - https://github.com/elastic/kibana/issues/154320
- [x] Alerts - ~~It uses a Custom Search bar built by Actionable Obs
team. Not sure if it's in this scope.~~ Seems they are already using US
## Things to consider
- [x] ~~What do we do with the old components - `KueryBar` and
`ApmDatePicker`. Should we delete them ?~~ The existing component will
stay as its still used in Certain places, see `Pages still using old
Custom Implementation` of this PR
- [x] Other implementation are supporting Free Text Search, hence this
one is too and is not checking for valid KQL. I hope my understanding is
correct here - If needed, then awaiting -
https://github.com/elastic/kibana/issues/154239
[Update] - We will add validations for free text to replicate the
previous behaviour which we had with our own custom implementation
- [ ] The UX of the search bar is a bit off when it comes to long
placeholders. May be we need a shorter text for placeholder -
@boriskirov ?
- [x] ~~When navigating from Service Inventory page to Traces or
Dependencies page, we are only persisting URL state for the selected
time range. Shouldn't KQL query be also part of it. If yes, that would a
stretch goal but good thing to consider.~~ @gbamparop @sqren - As
discussed during the demo, we will keep this functionality as it is,
which means while navigating to a different page, the search bar will be
reset, but the when navigating between tabs on the same page, search bar
will persist.
- [x] ~~On the Initial page load, the Unified Search Bar Input box does
not loads immediately. You only see the DateTimePicker and the button.
Once the component has completely loaded, only then the text box appear.
I see other pages like Log Streams brings up a Full Page loader unless
the component has loaded and then once certain things have loaded, they
remove the full page loader and start showing the search bar. Opinion
?~~ @boriskirov @gbamparop @sqren - Added a EUI Skeleton to handle this
issue.
https://user-images.githubusercontent.com/7416358/228291762-0ca55e9a-7de9-4312-aa58-f484441430ce.mov
---------
Co-authored-by: Katerina Patticha <kate@kpatticha.com>
## Summary
This replaces all references to the Ruby repository with references to
the Python repository for connectors.
---------
Co-authored-by: Navarone Feekery <13634519+navarone-feekery@users.noreply.github.com>
Co-authored-by: Liam Thompson <32779855+leemthompo@users.noreply.github.com>
Closes https://github.com/elastic/kibana/issues/153817
## Summary
This PR implements logical checks within the security plugin's
capabilities switcher to account for features that opt out of the Kibana
security model (e.g. Enterprise Search features). It also more
explicitly handles default cases (when a feature is neither a Kibana or
ES feature), exclusions (features handled exclusively by other plugins),
and the catalogue feature (we now qualify each catalogue feature
capability). In these cases (opt-out, default, exclusion, etc.), the
capabilities switcher will ignore the capability and neither enable nor
disable it (see detailed list below).
We are now effectively ignoring only these:
- `spaces` feature ID (handled by spaces plugin capabilities switcher)
- `fileUpload` feature ID (handled by file_upload plugin capabilities
switcher)
- `catalogue` capabilities that are not 'spaces' and are not referenced
by at least one Kibana or ES feature
- `navLinks` that are not referenced by at least one Kibana feature
- Anything that is not a global settings, management, catalogue, nav
link, Kibana, or ES feature
On the flip side we always affect everything under the `management`
feature.
This PR _should_ unblock the ability to implement parallel execution of
capabilities switchers, https://github.com/elastic/kibana/pull/152982.
### Related Tests
-
x-pack/plugins/security/server/authorization/disable_ui_capabilities.test.ts
- x-pack/test/ui_capabilities/security_and_spaces/config.ts
- x-pack/test/functional/apps/home/config.ts
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Addresses https://github.com/elastic/kibana/issues/153077,
https://github.com/elastic/kibana/issues/153077
This PR addresses two bugs in the manage rules component for shared
exception lists:
- Fixes issue where numeric tags were getting overwritten after
selecting a tag after it
- Fixes issue where tag selection was not "exact" match, to be the same
behavior as in the manage rules table
## Summary
Fix a small bug when the user archives a maintenance window with no
events, the maintenance window is considered finished, but it should be
archived.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
Related meta issue: https://github.com/elastic/kibana/issues/150375
This PR ensures that when data view is changed, the query entity
dropdown values update to reflect the fields for the newly chosen data
view. This makes it easier for example to build a link to Discover to
view documents in a data view which contains useful contextual data, and
has fields of the same name as those used in the job but which was not
used to create the job e.g. data views which share a common `host.name`
field.
<img width="448" alt="image"
src="https://user-images.githubusercontent.com/7405507/233050903-d423ab1f-b5c7-479e-98a8-c49761eebe3d.png">
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Fix a bug where when we remove fields from `rRule` during a maintenance
window update, the removed fields are not removed because of how ES does
partial updates.
Due to the complexity of the `rRule` schema, we decided to simply delete
and re-create the maintenance window with the same ID, otherwise, we
would have to diff and null each of the removed fields specifically.
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
## Summary
Copy changes according to [this
issue](https://github.com/elastic/security-team/issues/6410)
Section 1:
- empty state component text changes
- new learn more button instead of text link
Section 5:
- scanning in progress prompt text changes
---------
Co-authored-by: Paulo Henrique <paulo.scape@gmail.com>
## Summary
The PR updates how credentials are created and managed for packages
including Transforms. Previously, everything will be installed as
`kibana_system` user, which has limited permissions to a specific set of
indices defined internally. This PR changes so that a secondary
authorization is passed to the creation of Transforms, making the
permissions/privileges dependent on the logged-in user.
### Installing a package containing transforms
- If the package has transforms assets to be installed, it will show
warning/info call out message indicating that the transforms will be
created and started with the current user's credentials/roles.
<img width="1226" alt="Screen Shot 2023-04-11 at 17 45 58"
src="https://user-images.githubusercontent.com/43350163/231305549-ad4c981c-e186-4431-8229-5083e9ed6fc3.png">
<img width="1226" alt="Screen Shot 2023-04-11 at 17 46 03"
src="https://user-images.githubusercontent.com/43350163/231305550-7b47e95d-f876-456a-beb4-d71336a3f2cf.png">
-It will parse the authorization header (schema and credentials) from
the Kibana request to the package handlers.
- If the package contains transforms, and if **run_as_kibana_system:
false in the any of the transform yml config** , then generate an API
key from the above credential (as that Kibana user with the roles and
permissions at the time of generation), and use it in `transform/_put`
requests.
- If user has **sufficient permissions**:
- Transforms will be successfully created and started. They will be
marked in the saved object reference with `deferred: false`
- Transform `_meta` will have `installed_by: {username}`
<img width="582" alt="Screen Shot 2023-04-11 at 14 11 43"
src="https://user-images.githubusercontent.com/43350163/231305101-20a63860-6d0c-4324-ba49-bea116de1f96.png">
- Package will be successfully installed
- If user has **insufficient permissions**:
- Transforms will be successfully created, but fail to start. They will
be marked in the saved object reference with `deferred: true`
- Package will still be successfully installed. It will show warning
that the package has some deferred installations.
### Deferred installations
If a package has deferred installations (a.k.a assets that were included
in the package, but require additional permissions to operate
correctly), it will:
- Show a warning on the `Installed integrations` page:
<img width="1216" alt="Screen Shot 2023-04-06 at 15 59 46"
src="https://user-images.githubusercontent.com/43350163/230955445-fcb575af-d02b-4b0f-96f7-7506fa4a8f02.png">
- Show a warning badge with explanation on the tab:
<img width="750" alt="Screen Shot 2023-04-10 at 12 17 26"
src="https://user-images.githubusercontent.com/43350163/230955055-2fa85f1f-b7f8-4473-997a-1e4fec5453b9.png">
- Show a new `Deferred installations` section as well as call out
message to prompt user to re-authorize inside the `Assets` tab:
<img width="1216" alt="Screen Shot 2023-04-06 at 15 59 09"
src="https://user-images.githubusercontent.com/43350163/230955326-457074da-9f04-4aa6-aa15-f2c7ff14c6f1.png">
If the currently logged-in user has sufficient permissions
(`manage_transform` ES cluster privilege/`transform_admin` Kibana role),
the Reauthorize buttons will be enabled:
<img width="1054" alt="Screen Shot 2023-04-10 at 12 24 18"
src="https://user-images.githubusercontent.com/43350163/230960881-aa122119-c408-41c9-ab0c-90c18f65205e.png">
### Reauthorizing installations
- For transforms:
- Clicking the `Reauthorize` button will send an `_transform/_update`
API request with a `headers: {es-secondary-authorization: 'ApiKey
{encoded_api}'` and then a `_transform/_start` to start operations.
- Transform `_meta` will be updated with addition of
`last_authorized_by: {username}`
<img width="593" alt="Screen Shot 2023-04-11 at 14 12 38"
src="https://user-images.githubusercontent.com/43350163/231305257-eb79cf47-dbc1-4d93-b47f-0ff698ba8e6d.png">
- If `order` is specified in `_meta` of the transform, they will be
updated and started sequentially. Else, they will be executed
concurrently.
## Reviewers note:
-For **kibana-core**: saved object for Fleet's EsAsset was extended with
`deferred: boolean`, thus changing the hash.
### Checklist
Delete any items that are not applicable to this PR.
- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [ ] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [ ] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
### Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to
identify risks that should be tested prior to the change/feature
release.
When forming the risk matrix, consider some of the following examples
and how they may potentially impact the change:
| Risk | Probability | Severity | Mitigation/Notes |
|---------------------------|-------------|----------|-------------------------|
| Multiple Spaces—unexpected behavior in non-default Kibana Space.
| Low | High | Integration tests will verify that all features are still
supported in non-default Kibana Space and when user switches between
spaces. |
| Multiple nodes—Elasticsearch polling might have race conditions
when multiple Kibana nodes are polling for the same tasks. | High | Low
| Tasks are idempotent, so executing them multiple times will not result
in logical error, but will degrade performance. To test for this case we
add plenty of unit tests around this logic and document manual testing
procedure. |
| Code should gracefully handle cases when feature X or plugin Y are
disabled. | Medium | High | Unit tests will verify that any feature flag
or plugin combination still results in our service operational. |
| [See more potential risk
examples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx) |
### For maintainers
- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Resolves: #153755
This PR intends to make rule type param validation function required.
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Enables APM instrumentation for Elasticsearch when running performance
journeys, for a more complete understanding of where time is being
spent:
<img width="1418" alt="CleanShot 2023-04-18 at 20 30 32@2x"
src="https://user-images.githubusercontent.com/352732/232870884-151aed23-347b-485e-8490-4b56b6beaa33.png">
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
