[kbn/es serverless] Allow ES serverless resources (ex. users, users_roles, etc) to be overwritten via yarn es serverless command#167087
Merged
paul-tavares merged 23 commits intoelastic:mainfrom Sep 27, 2023
Conversation
paul-tavares
changed the title
users, user_roles and roles.yml to be overwritten without having to change source code
…m-users-roles' into task/olm-serverless-es-file-realm-users-roles
…-es-file-realm-users-roles # Conflicts: # packages/kbn-es/src/cli_commands/serverless.ts
paul-tavares
added
release_note:skip
Ikuni17
reviewed
Sep 26, 2023
Contributor
Ikuni17
left a comment
Ikuni17
left a comment
There was a problem hiding this comment.
Thanks for doing this Paul! The code changes LGTM. I will submit a proper review after it is out of draft and I test locally.
...ty_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/README.md
Outdated
Show resolved
Hide resolved
Contributor
|
Pinging @elastic/security-defend-workflows (Team:Defend Workflows) |
Ikuni17
approved these changes
Sep 26, 2023
paul-tavares
changed the title
users, user_roles and roles.yml to be overwritten without having to change source code users, users_roles, etc) to be overwritten via yarn es serverless command
tomsonpl
approved these changes
Sep 27, 2023
Contributor
tomsonpl
left a comment
tomsonpl
left a comment
There was a problem hiding this comment.
Looks good to me, great job 👍
…-es-file-realm-users-roles # Conflicts: # x-pack/plugins/security_solution/public/common/components/markdown_editor/plugins/index.ts
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]
History
To update your PR or re-run it, just comment with: |
paul-tavares
deleted the
task/olm-serverless-es-file-realm-users-roles
branch
paul-tavares
added a commit
that referenced
this pull request
Oct 4, 2023
…oles to cypress e2e test setup (#167446) ## Summary Goal of this PR is to re-enable the serverless tests that require the login credentials for users that have the pre-defined roles from serverless assigned to them. ### `@kbn/test` changes - Added support for `esServerlessOptions` to FTR config. Currently allows for `resources` to be defined - `resources` overrides were introduced [in this PR](#167087) - new FTR option will allow for testing serverless with a set of users/roles that are specific to the project type ### Security Solution Plugin - Added `esServerlessOptions` to the Defend Workflows cypress configurations - Un-skips all serverless specific tests (now that we have support for users/roles that are specific to the Security project) - Changed the default username for cypress `login()` task to be `endpoint_operations_analyst` - Note that the previously used `endpoint_operations_analyst` role was also updated to match the definition used for serverless. - Added new common `fleet_server_services` cli module with reusable methods for working with fleet server, including generic `startFleetServer()` method - New CLI script: `node x-pack/plugins/security_solution/scripts/endpoint/start_fleet_server.js` - Starts a fleet server locally (via Docker) and connects it to the Kibana - Supports running fleet server locally for serverless as well
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
@kbn/espackage--resourcesoption to thees serverlesscommandserverless_resourcesto be overwrittenSecurity Solution Plugin
users,users_rolesandroles.ymlfiles that includes:roles.ymlfile (sync'ed with project controller version)users/users_rolesfile that includes one one per security project role (name the same as the role)node x-pack/plugins/security_solution/scripts/endpoint/start_es_serverless_with_security_users.js- that will start ES in serverless mode and inject the customized--resourcesinto the commandesores serverlesscan still continue to be passed to this new script. I will pass them along.closes #167092
➡️ Run example: Override
usersandusers_roleswith customized version➡️
yarn es serverless --help➡️ Start ES with Security Roles/Users
Checklist