[Fleet] Upgrade managed package policies in a background task

[nchaulet]

Summary

Resolve #188666

Upgrading managed package policies is taking a long time, even when trying to optimize the code. To avoid setup that are too long that PR move the process of upgrading managed package policies from the fleet setup to a background task triggered by the setup.

In addition to this I still implemented a few optimization to make that code path a little quicker:

• Implemented a cache on getPackageInfo and getAssetsMap the cache is scopped to the task with small size so it should not impact to much Kibana memory

I capture a few APM trace of that background task with 100 synthetics package policies, and it went from ~5 minute to do the upgrade to ~1 minute

Todo

• Write some integration tests for the upgradeManagedPackagePolicies
• Unit test cache

[obltmachine]

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

• /oblt-deploy : Deploy a Kibana instance using the Observability test environments.
• run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

[nchaulet]

/ci

[nchaulet]

Should we make those key configurable through kibana config under fleet.internal.*

[criamico]

It could be useful, but is there a risk that the user adds a number too small or too big and creates some issue? If we decide to do it we should document it very clearly.

[nchaulet]

yes I think if we make this configurable it will be under an internal keyword probably that could be useful for supportability (SDH with a scenario we did not think of)

[nchaulet]

We can start without making this configurable, those size are pretty small it should not have a huge impact

[nchaulet]

There is no reason for this to change during an upgrade and that codepath was extremely slow

[criamico]

Do we have tests that cover this removal? Just making sure that we don't inadvertently break anything.

[nchaulet]

We do not, but it seems that codepath was doing nothing, it seems it was only here for supporting an UI that do not exists anymore #190613

[criamico]

Thanks for checking!

[nchaulet]

/ci

[nchaulet]

Curious to get your though on that pattern for caching, it seems easier to use that passing packageInfo through all codebase

[criamico]

I agree, currently we have to pass the packageInfo object around and is not the best pattern. With this we could probably replace it.

[elasticmachine]

Pinging @elastic/fleet (Team:Fleet)

[nchaulet]

@elasticmachine merge upstream

[criamico]

It could be useful, but is there a risk that the user adds a number too small or too big and creates some issue? If we decide to do it we should document it very clearly.

[criamico]

I agree, currently we have to pass the packageInfo object around and is not the best pattern. With this we could probably replace it.

[criamico]

Do we have tests that cover this removal? Just making sure that we don't inadvertently break anything.

[nchaulet]

@elasticmachine merge upstream

[criamico]

LGTM 🚢

[kibana-ci]

💛 Build succeeded, but was flaky

• Buildkite Build
• Commit: e5796a9

Failed CI Steps

• FTR Configs #27

Test Failures

• [job] [logs] FTR Configs #27 / Cloud Security Posture Test adding Cloud Security Posture Integrations CNVM CNVM AWS Hyperlink on PostInstallation Modal should have the correct URL

Metrics [docs]

Unknown metric groups

ESLint disabled in files

id	before	after	diff
fleet	13	12	-1

Total ESLint disabled count

id	before	after	diff
fleet	57	56	-1

History

• 💛 Build #230431 was flaky 5fc1c2b
• 💚 Build #229848 succeeded 852c171
• 💚 Build #229762 succeeded 0fc55f7
• 💛 Build #229540 was flaky e8da1e4
• 💔 Build #229497 failed 2f23da6
• 💔 Build #229469 failed 3fb0b29

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @nchaulet

[ymao1]

response ops changes LGTM.