Skip to content

[8.x] [UII] Restrict non-local ES output types for agentless integrations and policies (#207296)#208131

Merged
jen-huang merged 3 commits intoelastic:8.xfrom
jen-huang:backport/8.x/pr-207296
Jan 24, 2025
Merged

[8.x] [UII] Restrict non-local ES output types for agentless integrations and policies (#207296)#208131
jen-huang merged 3 commits intoelastic:8.xfrom
jen-huang:backport/8.x/pr-207296

Conversation

@jen-huang
Copy link
Contributor

@jen-huang jen-huang commented Jan 24, 2025

Backport

This will backport the following commits from main to 8.x:

Questions ?

Please refer to the Backport tool documentation

@jen-huang
[UII] Restrict non-local ES output types for agentless integrations a…
f961e15 
…nd policies (elastic#207296)

## Summary

Resolves elastic#202090.
Incidentally also fixes and unskips the failing test reported in
elastic#203346.

This PR makes it so that:

- Agentless agent policies and package policies (those with
`supports_agentless: true` set) cannot be directly set to use a
non-local ES output for integration data
  - This restriction applies to UI and API level
- When a non-local ES output would be updated to be the global Fleet
default integration data output, existing agentless policies without an
explicit output set will have their output directly set to the current
default output ID
- This is the same mechanism used today to ensure that Fleet Server and
Synthetics integrations do not accidentally have their output set to
non-ES as well

## Testing
1. Apply
[patch](https://gist.github.com/jen-huang/dfc3e02ceb63976ad54bd1f50c524cb4)
to skip actual agentless creation
2. Create different types of outputs in addition to default local ES
3. Enable beta integrations
4. Add an agentless integration, for example Box Connector, observe that
outputs list only shows ES outputs:
<img width="1422" alt="image"
src="https://github.com/user-attachments/assets/72e43220-702f-4bb7-8e37-8be69aa4e6ea"
/>
5. Switch to agent-based setup technology, observe that outputs list now
shows all outputs
6. Create the agentless integration, go to its agent policy
7. Observe that outputs list only enables ES outputs:
<img width="1425" alt="image"
src="https://github.com/user-attachments/assets/3bc5985f-07bf-407a-8b62-4248b28904a5"
/>
8. Play around with setting global default outputs, it should be not
possible to get into a state where an agentless policy is using a
non-local ES output

### Checklist

Check the PR satisfies following conditions.

Reviewers should verify this PR satisfies this list as well.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [x] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
(cherry picked from commit d4cc532)

# Conflicts:
#	oas_docs/bundle.json
#	oas_docs/bundle.serverless.json
#	oas_docs/output/kibana.yaml
#	x-pack/platform/plugins/shared/fleet/server/services/agent_policy.ts
#	x-pack/platform/plugins/shared/fleet/server/services/output.test.ts
#	x-pack/platform/plugins/shared/fleet/server/types/models/agent_policy.ts
#	x-pack/test/fleet_api_integration/apis/agent_policy/agent_policy.ts
@jen-huang jen-huang added the backport This PR is a backport of another PR label Jan 24, 2025
@jen-huang jen-huang enabled auto-merge (squash) January 24, 2025 00:46
@botelastic botelastic bot added the Team:Fleet Team label for Observability Data Collection Fleet team label Jan 24, 2025
@jen-huang jen-huang mentioned this pull request Jan 24, 2025
Merged
3 tasks
@elasticmachine
Copy link
Contributor

elasticmachine commented Jan 24, 2025

Pinging @elastic/fleet (Team:Fleet)

@kibanamachine
[CI] Auto-commit changed files from 'node scripts/capture_oas_snapsho…
f9b11f7 
…t --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules --include-path /api/actions --include-path /api/security/role --include-path /api/spaces --include-path /api/dashboards --update --no-serverless'
@kibanamachine
[CI] Auto-commit changed files from 'make api-docs'
8ffac6b
@elasticmachine
Copy link
Contributor

elasticmachine commented Jan 24, 2025

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
fleet 1.8MB 1.8MB +40.0B

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
fleet 171.1KB 171.1KB +71.0B

@jen-huang jen-huang merged commit 7a0a44e into elastic:8.x Jan 24, 2025
@jen-huang jen-huang deleted the backport/8.x/pr-207296 branch January 24, 2025 09:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jlind23 jlind23 jlind23 approved these changes

@kibanamachine kibanamachine Awaiting requested review from kibanamachine

Assignees

No one assigned

Labels

backport This PR is a backport of another PR Team:Fleet Team label for Observability Data Collection Fleet team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jen-huang @elasticmachine @jlind23 @kibanamachine