Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] IBM and Jira connectors cannot be used after an upgrade #81592

Closed
MadameSheema opened this issue Oct 26, 2020 · 5 comments · Fixed by #81673
Closed

[Security Solution] IBM and Jira connectors cannot be used after an upgrade #81592

MadameSheema opened this issue Oct 26, 2020 · 5 comments · Fixed by #81673
Assignees
Labels
bug Fixes for quality problems that affect the customer experience Feature:Alerting fixed Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.10.0

Comments

@MadameSheema
Copy link
Member

Kibana & Elasticsearch version:

  • 7.10 BC3

Describe the bug:

  • IBM and Jira connectors cannot be used after an upgrade

Initial status:

  • To have a elasticsearch and kibana instances in 7.9.2v
  • To have Jira, IBM and SN connectors configured
  • To have a case pushed to all the third parties, being SN the last one.

Steps to reproduce:

  1. Upgrade the instances to 7.10
  2. Open the created case
  3. Select a Jira connector

Current behavior:

  • The following error is displayed

Screenshot 2020-10-26 at 11 27 33

  • The same error is displayed when you try to change the connector to IBM resilient

Expected behavior:

  • No error is displayed
  • The connector can be used
@MadameSheema MadameSheema added bug Fixes for quality problems that affect the customer experience Team:Threat Hunting Security Solution Threat Hunting Team v7.10.0 Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Oct 26, 2020
@pmuellr
Copy link
Member

pmuellr commented Oct 26, 2020

Looks like the problem is that the migrations lump together cases and emails to run all the migrations, so cases will get the same hasAuth migration that is supposed to be just for emails:

const migrationActions = encryptedSavedObjects.createMigration<RawAction, RawAction>(
(doc): doc is SavedObjectUnsanitizedDoc<RawAction> =>
!!doc.attributes.config?.casesConfiguration || doc.attributes.actionTypeId === '.email',
pipeMigrations(renameCasesConfigurationObject, addHasAuthConfigurationObject)
);

I think we should add a filter at the top of the email migrator, like:

if (!doc.attributes.actionTypeId !== '.email') {
    return doc;
  }

Cases has a similar kind of check, which is probably good enough, checking an expected cases attribute - is more of a "duck typing" kind of test rather than explicit actionTypeId test, which is probably better since otherwise we'll have to enumerate all the case types and then we'll forget one someday.

@pmuellr pmuellr added Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) labels Oct 26, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-alerting-services (Team:Alerting Services)

@pmuellr
Copy link
Member

pmuellr commented Oct 26, 2020

Next 7.10.0 build candidate looks to be 2020-10-28.

@MadameSheema
Copy link
Member Author

Reopening the issue to remember to validate it during next BC.

@ghost
Copy link

ghost commented Nov 24, 2020

@kobelb kobelb added the needs-team Issues missing a team label label Jan 31, 2022
@botelastic botelastic bot removed the needs-team Issues missing a team label label Jan 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Fixes for quality problems that affect the customer experience Feature:Alerting fixed Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.10.0
Projects
None yet
6 participants