[AI4DSOC] Move AI4DSOC components from kbn-elastic-assistant to security_solution

[stephmilovic]

Summary

I made a bad call and put the AI4DSOC alert flyout components in kbn-elastic-assistant. This PR corrects that mistake and moves the files to security_solution.

Waiting to merge until Tuesday to avoid being included in the demo build

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[kqualters-elastic]

The root of the problem is that the AssistantContext is completely coupled to the security solution plugin, even though it existing in a package makes that seem like it's not the case. Should either be it's own plugin with a set of dependencies, or used only within security solution. This tight coupling has led to numerous issues I've heard of anecdotally, and one that got me, preventing some changes I was trying to make to security solution routes to help performance in #212808 . Hiding dependencies in a context (as also cases and some other plugins also do) is not a pattern we should use long term, leads to tons of issues like this, duplicated code, performance problems, etc.

[stephmilovic]

The root of the problem is that the AssistantContext is completely coupled to the security solution plugin

@kqualters-elastic yeah I get that but does something in this PR specifically bother you? Not sure this is the place for this discussion...?

[stephmilovic]

@elasticmachine merge upstream

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: 90eb144

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id	before	after	diff
automaticImport	800	783	-17
securitySolution	7342	7337	-5
total			-22

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id	before	after	diff
@kbn/elastic-assistant	152	166	+14

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
securitySolution	9.1MB	9.1MB	-2.3KB

Public APIs missing exports

Total count of every type that is part of your API that should be exported but is not. This will cause broken links in the API documentation system. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats exports for more detailed information.

id	before	after	diff
@kbn/elastic-assistant	11	13	+2

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id	before	after	diff
securitySolution	91.0KB	91.0KB	+4.0B

Unknown metric groups

API count

id	before	after	diff
@kbn/elastic-assistant	188	198	+10

ESLint disabled line counts

id	before	after	diff
@kbn/elastic-assistant	14	13	-1
securitySolution	586	587	+1
total			-0

Total ESLint disabled count

id	before	after	diff
@kbn/elastic-assistant	15	14	-1
securitySolution	673	674	+1
total			-0

History

• 💔 Build #296366 failed 302191a
• 💔 Build #296346 failed bb3f7c0

[andrew-goldstein]

This PR is not tagged as being backported to 8.19, but consider backporting this change to simplify future backports and testing, (avoiding diverging implementations).

[andrew-goldstein]

This PR is not tagged as being backported to 8.19, but consider backporting this change to simplify future backports and testing, (avoiding diverging implementations).

[andrew-goldstein]

This PR is not tagged as being backported to 8.19, but consider backporting this change to simplify future backports and testing, (avoiding diverging implementations).

[stephmilovic]

Unfortunately, backporting this would lead to a cascade of backports including the following and likely more. I think we may be past that point... @PhilippeOberti what are your thoughts here?

#218018
#219004
#214889
#215246
#216744
#217421
#217696
#217744

[PhilippeOberti]

I don't think we should backport this... Like @stephmilovic said above, we'd have to backport a bunch of PRs (24 to be exact) and I don't think it's a good idea...

[PhilippeOberti]

If we truly believe we should, I'll get started on backporting the PRs. Thankfully I kept most of them very targeted and with low impact on the rest of the code, but some of them will be more involved...

[PhilippeOberti]

The thing to keep in mind is many other PRs from other teams (outside of the 24 I linked above which are just for the alert summary work) have not been backported as well. So we'd have to sync with the rest of the group to make sure that we backport everything? Or you'd have a bunch of code in 8.19 that is untestable and it would make no sense... while also adding risk to break something in the process...

[stephmilovic]

Synced with Andrew over zoom. He just wants me to bring the changes to this specific file over to 8.19, since it exists there, in order to bring it up to speed with main. This is going to be a manual PR, not using the backport tool, so limited to the changes to this file. He wasn't suggesting we backport the whole PR, just the file changes. Sorry for the confusion @PhilippeOberti

[PhilippeOberti]

Haaaaaa that makes sense, all good then!! 😆

[andrew-goldstein]

This PR is not tagged as being backported to 8.19, but consider backporting this change to simplify future backports and testing, (avoiding diverging implementations).

[andrew-goldstein]

This PR is not tagged as being backported to 8.19, but consider backporting this change to simplify future backports and testing, (avoiding diverging implementations).

[andrew-goldstein]

This PR is not tagged as being backported to 8.19, but consider backporting this change to simplify future backports and testing, (avoiding diverging implementations).

[andrew-goldstein]

Thanks @stephmilovic!
✅ Desk tested locally
LGTM