Security solution's serverless QA quality gates which were added in
https://github.com/elastic/kibana/pull/167494 are failing when trying to
run cypress tests. I've marked them to soft fail here so we can unblock
the serverless release pipeline.
cc @watson @elastic/kibana-operations @MadameSheema @charlie-pichette
@YulNaumenko
# Summary
fixes https://github.com/elastic/observability-bi/issues/65
## Context
Observability-bi uses the
[signal](https://docs.elastic.dev/observability-bi/observability-marker#signals)
`has_apm_services` based on the telemetry field `has_any_services` to
determine whether a cluster has documents for at least one APM service
for the given day.
## Problem
Previously we determined if the cluster has any service by checking ONLY
the officially supported agents. There might be cases where the cluster
has agents that are not on the agent's list. Leading to the wrong
result.
Modified to check if there is any document with the field `service.name`
and added `has_any_services_per_official_agent` to track the official
agent's services
### Side effects
Modifying `has_any_service` telemetry (most likely) will increase the
metrics using this field.
---------
Co-authored-by: Achyut Jhunjhunwala <achyut.jhunjhunwala@elastic.co>
## Summary
This PR Consolidates `Console` and `Search profiler` to one tab as `Dev
tools`
## Screen recording
f6b2cb0f-f27c-43f2-9151-09875673a115
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
When running these test yesterday this test was always failing, so I
updated the telemetry config tests to be robust enough to pass on N
runs. The current test will only pass on the 1st run since we update the
labels in the 2nd test.
## Summary
Closes#167176
Sets the minimum date in the snooze scheduler datepicker to the current
date at `00:00`. This is useful especially when the user is trying to
create a recurring schedule that starts today, and should start at a
time earlier than the current time on future occurrences.
## Summary
#### Code update:
`/detection_engine/routes/signals/set_alert_tags_route.ts`
- When enabling the alert tags cypress test, noticed it was failing as
the tag updates did not show in the UI until a few seconds later upon a
second refresh. I was able to recreate this locally on serverless, not
on ESS. I updated the alerts tag route to include `refresh: true` and
that seemed to fix this issue.
- `/detection_engine/routes/signals/open_close_signals_route.ts`
- When testing on serverless, alert status was stale after update.
Confirmed this with tests that were failing for ESS. Upon updating route
to use `refresh: true`, tests began passing and could see expected
behavior. This may make the call a bit heavier so we will want to see if
there are any performance impacts.
Closes https://github.com/elastic/kibana/issues/168480
## Summary
This PR removes the `storeInSessionStorage` setting from the serverless
common settings allowlist, so that the setting is hidden from Advanced
Settings in all serverless projects.
**How to test:**
1. Start Es with `yarn es serverless` and Kibana with `yarn
serverless-{es/oblt/security}`
2. Go to Management -> Advanced Settings
3. Verify that the setting is not on the page.
## Summary
Improve rule interval circuit breaker error message to the following
endpoints:
- create
- update
- bulk edit
- bulk enable
### Bulk modification
### Modifying a single rule
### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Xavier Mouligneau <xavier.mouligneau@elastic.co>
Reverts https://github.com/elastic/kibana/pull/168553
Seeing these errors when updating existing alerts as data mappings
```
[2023-10-13T11:06:44.254-04:00][ERROR][plugins.alerting] ResponseError: illegal_argument_exception
Root causes:
illegal_argument_exception: can't merge a non-nested mapping [faas.trigger] with a nested mapping
at KibanaTransport.request (/Users/ying/Code/kibana_prs/node_modules/@elastic/transport/src/Transport.ts:535:17)
at processTicksAndRejections (node:internal/process/task_queues:95:5)
```
Needs further investigation as ECS mappings should be backwards
compatible
https://github.com/elastic/kibana/issues/168674
With newly introduced constraint of the date selected in the datepicker
being within the last 18 months AND after the 1st of October 2023 we
want to mitigate the default behaviour of EUI datepicker that sets the
date of currently viewed month. This PR check on date change (when
selecting months in the dropdown) and if its not within the constraints
it does nothing (i.e. doesn't set the date at all).
## Summary
Currently, we have our cypress tests properly integrated with the first
quality gate.
In this quality gate, our tests are executed as part of the PR process
using the serverless FTR environment. This environment uses the latest
elasticsearch snapshot and the kibana source code, but it is not a real
serverless environment because is not a deployed project on the cloud.
In order to continue assuring that we don’t introduce new issues, we
want to execute automated tests in the second quality gate as well. The
second quality gate is a deployed serverless project in the QA
environment.
We want to start moving slowly in that direction and at the same time
make sure we don't introduce flakiness, and the tests perform well.
In this PR we are creating the `@serverlessQA` tag. Tests including that
label will be executed on the second quality gate. We are also adding
the label to one of the tests we know that is stable in serverless to
test the full integration.
Note that currently, we have some known limitations in this gate pending
to be solved and we are working on it:
- Execution of the tests is sequential
- No differentiation between teams during the execution is done over the
AET umbrella
- The environment is set in `complete` so tests that exercise the
`essential` behaviour should not be added.
- Please ping me in case you want to add more tests into that gate to
asses the risk before we have the gate tested and all the serverless
tests stabilized.
---------
Co-authored-by: Georgii Gorbachev <banderror@gmail.com>
Co-authored-by: dkirchan <diamantis.kirchantzoglou@elastic.co>
## Summary
- implements the first phase of [rule external actions Serverless
PLI](https://docs.google.com/spreadsheets/d/1BR9kjzSR0F6o6huxbJidk5ro4CVYfhmLog9ArEbxA8g/edit#gid=301346322).
Phase 1 is defined by support of PLI capabilities in actions plugins and
described [here](https://github.com/elastic/kibana/issues/163751). It
allows only hiding actions that are not in tier. Upselling messages,
will be introduced in phase 2, according to response ops ticket
### Essentials Tier
Serverless config:
```yaml
xpack.securitySolutionServerless.productTypes:
[
{ product_line: 'security', product_tier: 'essentials' },
{ product_line: 'endpoint', product_tier: 'complete' },
]
```
For Essentials, only 3 rule actions available:
- email
- index
- slack
<img width="2525" alt="Screenshot 2023-10-11 at 11 13 57"
src="2a10d077-3090-494d-953f-2880c2afdccf">
### Complete Tier
Serverless config:
```yaml
xpack.securitySolutionServerless.productTypes:
[
{ product_line: 'security', product_tier: 'complete' },
{ product_line: 'endpoint', product_tier: 'complete' },
]
```
<img width="2530" alt="Screenshot 2023-10-11 at 11 17 10"
src="1e5912a5-a358-409b-8fd6-e526e047fe54">
### Checklist
Delete any items that are not applicable to this PR.
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
We don't have a specific need to release this publicly for now, so we're
going to keep it internal until we have need for it.
This is a followup to https://github.com/elastic/kibana/pull/167365,
which made this route public in the first place.
## Summary
Response schema fixed. from field formatter response to scripted field.
I suspect this slipped through since its not enforced aside from dev
environment.
Discovered and broken out from
https://github.com/elastic/kibana/pull/161611
Closes#163540
## Summary
The upper bound time filtering operator used in security solution's
alert table didn't include the equality (was `lt`, unlike the lower
bound `gte`). Due to this, filtering by a single point in time (`from ==
to`) always yielded empty results.
---------
Co-authored-by: Xavier Mouligneau <xavier.mouligneau@elastic.co>
Fixes the Python "Getting started" serverless guide to use the correct
package.
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Closes https://github.com/elastic/kibana/issues/168016
The PR moves the Feedback button outside the Action Portal in Serverless
Mode
## Serverless
### Before
### After
## Stateful
Both before and After is same
