mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 17:59:23 -04:00
641de501a2
# Backport This will backport the following commits from `main` to `8.x`: - [[Authz] Migrate outstanding SharedUX routes with access tags (#206260)](https://github.com/elastic/kibana/pull/206260) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Eyo O. Eyo","email":"7893459+eokoneyo@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-01-13T13:52:06Z","message":"[Authz] Migrate outstanding SharedUX routes with access tags (#206260)\n\n## Summary\r\n\r\nRelates to https://github.com/elastic/kibana-team/issues/1235, this PR\r\ntackles routes could not have been migrated automatically by the\r\nsecurity team. Following the guidance by the security provided in the\r\naforementioned issue instances where the tag approach had been\r\npreviously used to configure access have been migrated to use the\r\n`requiredPrivilege` property on `security.authz` for route definitions.\r\n\r\n### Checklist\r\n<!--\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-->\r\n- [x] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n\r\n<!--\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n-->\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"e6e4eda1519c23c05ec9f36be639bc45ab7463ef","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:SharedUX","backport:prev-minor"],"title":"[Authz] Migrate outstanding SharedUX routes with access tags","number":206260,"url":"https://github.com/elastic/kibana/pull/206260","mergeCommit":{"message":"[Authz] Migrate outstanding SharedUX routes with access tags (#206260)\n\n## Summary\r\n\r\nRelates to https://github.com/elastic/kibana-team/issues/1235, this PR\r\ntackles routes could not have been migrated automatically by the\r\nsecurity team. Following the guidance by the security provided in the\r\naforementioned issue instances where the tag approach had been\r\npreviously used to configure access have been migrated to use the\r\n`requiredPrivilege` property on `security.authz` for route definitions.\r\n\r\n### Checklist\r\n<!--\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-->\r\n- [x] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n\r\n<!--\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n-->\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"e6e4eda1519c23c05ec9f36be639bc45ab7463ef"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206260","number":206260,"mergeCommit":{"message":"[Authz] Migrate outstanding SharedUX routes with access tags (#206260)\n\n## Summary\r\n\r\nRelates to https://github.com/elastic/kibana-team/issues/1235, this PR\r\ntackles routes could not have been migrated automatically by the\r\nsecurity team. Following the guidance by the security provided in the\r\naforementioned issue instances where the tag approach had been\r\npreviously used to configure access have been migrated to use the\r\n`requiredPrivilege` property on `security.authz` for route definitions.\r\n\r\n### Checklist\r\n<!--\r\nCheck the PR satisfies following conditions. \r\n\r\nReviewers should verify this PR satisfies this list as well.\r\n\r\n- [ ] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n- [ ] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [ ] If a plugin configuration key changed, check if it needs to be\r\nallowlisted in the cloud and added to the [docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-->\r\n- [x] This was checked for breaking HTTP API changes, and any breaking\r\nchanges have been approved by the breaking-change committee. The\r\n`release_note:breaking` label should be applied in these situations.\r\n\r\n<!--\r\n- [ ] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n- [ ] The PR description includes the appropriate Release Notes section,\r\nand the correct `release_note:*` label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n### Identify risks\r\n\r\nDoes this PR introduce any risks? For example, consider risks like hard\r\nto test bugs, performance regression, potential of data loss.\r\n\r\nDescribe the risk, its severity, and mitigation for each identified\r\nrisk. Invite stakeholders and evaluate how to proceed before merging.\r\n\r\n- [ ] [See some risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)\r\n- [ ] ...\r\n\r\n-->\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"e6e4eda1519c23c05ec9f36be639bc45ab7463ef"}}]}] BACKPORT--> Co-authored-by: Eyo O. Eyo <7893459+eokoneyo@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| content-management | ||
| core | ||
| kbn-ambient-common-types | ||
| kbn-ambient-ftr-types | ||
| kbn-ambient-storybook-types | ||
| kbn-ambient-ui-types | ||
| kbn-apm-synthtrace | ||
| kbn-apm-synthtrace-client | ||
| kbn-axe-config | ||
| kbn-babel-preset | ||
| kbn-babel-register | ||
| kbn-babel-transform | ||
| kbn-bazel-runner | ||
| kbn-bfetch-error | ||
| kbn-calculate-auto | ||
| kbn-capture-oas-snapshot-cli | ||
| kbn-charts-theme | ||
| kbn-check-mappings-update-cli | ||
| kbn-check-prod-native-modules-cli | ||
| kbn-ci-stats-core | ||
| kbn-ci-stats-performance-metrics | ||
| kbn-ci-stats-reporter | ||
| kbn-ci-stats-shipper-cli | ||
| kbn-cli-dev-mode | ||
| kbn-code-owners | ||
| kbn-cypress-config | ||
| kbn-dependency-usage | ||
| kbn-dev-cli-errors | ||
| kbn-dev-cli-runner | ||
| kbn-dev-proc-runner | ||
| kbn-dev-utils | ||
| kbn-docs-utils | ||
| kbn-es | ||
| kbn-es-archiver | ||
| kbn-eslint-config | ||
| kbn-eslint-plugin-css | ||
| kbn-eslint-plugin-disable | ||
| kbn-eslint-plugin-eslint | ||
| kbn-eslint-plugin-i18n | ||
| kbn-eslint-plugin-imports | ||
| kbn-eslint-plugin-telemetry | ||
| kbn-expect | ||
| kbn-failed-test-reporter-cli | ||
| kbn-find-used-node-modules | ||
| kbn-flot-charts | ||
| kbn-ftr-common-functional-services | ||
| kbn-ftr-common-functional-ui-services | ||
| kbn-ftr-screenshot-filename | ||
| kbn-gen-ai-functional-testing | ||
| kbn-generate | ||
| kbn-generate-console-definitions | ||
| kbn-get-repo-files | ||
| kbn-grid-layout | ||
| kbn-import-locator | ||
| kbn-import-resolver | ||
| kbn-io-ts-utils | ||
| kbn-jest-serializers | ||
| kbn-journeys | ||
| kbn-json-ast | ||
| kbn-kibana-manifest-schema | ||
| kbn-lint-packages-cli | ||
| kbn-lint-ts-projects-cli | ||
| kbn-managed-vscode-config | ||
| kbn-managed-vscode-config-cli | ||
| kbn-management | ||
| kbn-manifest | ||
| kbn-mapbox-gl | ||
| kbn-mock-idp-plugin | ||
| kbn-mock-idp-utils | ||
| kbn-openapi-bundler | ||
| kbn-openapi-generator | ||
| kbn-optimizer | ||
| kbn-optimizer-webpack-helpers | ||
| kbn-peggy | ||
| kbn-peggy-loader | ||
| kbn-performance-testing-dataset-extractor | ||
| kbn-picomatcher | ||
| kbn-plugin-check | ||
| kbn-plugin-generator | ||
| kbn-plugin-helpers | ||
| kbn-relocate | ||
| kbn-repo-file-maps | ||
| kbn-repo-linter | ||
| kbn-repo-path | ||
| kbn-repo-source-classifier | ||
| kbn-repo-source-classifier-cli | ||
| kbn-saved-search-component | ||
| kbn-scout | ||
| kbn-scout-info | ||
| kbn-scout-reporting | ||
| kbn-set-map | ||
| kbn-some-dev-log | ||
| kbn-sort-package-json | ||
| kbn-spec-to-console | ||
| kbn-stdio-dev-helpers | ||
| kbn-storybook | ||
| kbn-styled-components-mapping-cli | ||
| kbn-telemetry-tools | ||
| kbn-test | ||
| kbn-test-eui-helpers | ||
| kbn-test-jest-helpers | ||
| kbn-test-subj-selector | ||
| kbn-tooling-log | ||
| kbn-ts-projects | ||
| kbn-ts-type-check-cli | ||
| kbn-use-tracked-promise | ||
| kbn-validate-next-docs-cli | ||
| kbn-web-worker-stub | ||
| kbn-whereis-pkg-cli | ||
| kbn-yarn-lock-validator | ||
| react/kibana_context | ||
| response-ops/rule_form | ||
| serverless/storybook/config | ||
| shared-ux | ||
| README.md | ||
Kibana-related packages
This folder contains packages that are intended for use in Kibana and Kibana plugins.
tl;dr:
- Don't publish to npm registry
- Always use the
@kbnnamespace - Always set
"private": trueinpackage.json
Using these packages
We no longer publish these packages to the npm registry. Now, instead of specifying a version when including these packages, we rely on yarn workspaces, which sets up a symlink to the package.
For example if you want to use the @kbn/i18n package in Kibana itself, you
can specify the dependency like this:
"@kbn/i18n": "1.0.0"
However, if you want to use this from a Kibana plugin, you need to use a link:
dependency and account for the relative location of the Kibana repo, so it would
instead be:
"@kbn/i18n": "link:../../kibana/src/platform/packages/shared/kbn-i18n"
then run yarn kbn bootstrap from the plugin directory.
Creating a new package
Run the following command from the root of the Kibana repo:
node scripts/generate package @kbn/<PACKAGE_NAME> --web --owner @elastic/<TEAM_NAME>
Unit tests for a package
Currently there is only one tool being used in order to test packages which is Jest. Below we will explain how it should be done.
Jest
A package should follow the pattern of having .test.js files as siblings of the source code files, and these run by Jest.
A package using the .test.js naming convention will have those tests automatically picked up by Jest and run by the unit test runner, currently mapped to the Kibana test script in the root package.json.
yarn testruns all unit tests.yarn jestruns all Jest tests in Kibana.
In order for the plugin or package to use Jest, a jest.config.js file must be present in it's root. However, there are safeguards for this in CI should a test file be added without a corresponding config file.
Each package can also specify its own test script in the package's package.json, for cases where you'd prefer to run the tests from the local package directory.