Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add mock identity provider for serverless (2nd attempt) #171513

Merged
merged 45 commits into from
Nov 23, 2023
Merged

Add mock identity provider for serverless (2nd attempt) #171513

merged 45 commits into from
Nov 23, 2023

Conversation

thomheymann
Copy link
Contributor

Attempting to merge #170852 again now that the release artefact step has been fixed as part of #171457

thomheymann and others added 30 commits November 8, 2023 11:58
@thomheymann
Add mock identity provider for serverless
13a3831
@thomheymann
Merge branch 'main' of https://github.com/elastic/kibana into serverl…
5358334 
…ess-role-selector
@kibanamachine
[CI] Auto-commit changed files from 'node scripts/eslint --no-cache -…
bc21dd2 
…-fix'
@kibanamachine
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
b48a2c8 
…fix'
@kibanamachine
[CI] Auto-commit changed files from 'node scripts/generate codeowners'
12cf10e
@thomheymann
Fix errors
0fec2e0
@thomheymann
Merge branch 'serverless-role-selector' of https://github.com/thomhey…
22b9e23 
…mann/kibana into serverless-role-selector
@thomheymann
Explicit exports
478cd79
@kibanamachine
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
e4f17ac 
…fix'
@thomheymann
Fix logout flow and login selector validation
4f99a74
@thomheymann
Merge branch 'serverless-role-selector' of https://github.com/thomhey…
19af2ef 
…mann/kibana into serverless-role-selector
@thomheymann
Add user roles
0e60429
@thomheymann
Fix cyclic project reference
f863db3
@kibanamachine
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
4882634 
…fix'
@thomheymann
Fix unit tests
022f61b
@thomheymann
Merge branch 'serverless-role-selector' of https://github.com/thomhey…
f7ce3a1 
…mann/kibana into serverless-role-selector
@thomheymann
Merge branch 'main' of https://github.com/elastic/kibana into serverl…
b635222 
…ess-role-selector
@thomheymann
Merge branch 'main' into serverless-role-selector
a993ab5
@thomheymann
Add unit tests
ebbf87d
@thomheymann
Merge branch 'serverless-role-selector' of https://github.com/thomhey…
d8fd42e 
…mann/kibana into serverless-role-selector
@kibanamachine
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
936d0fc 
…fix'
@thomheymann
Merge branch 'main' into serverless-role-selector
3bf667b
@thomheymann @azasypkin
Update packages/kbn-es/src/utils/docker.ts
e1958ae 
Co-authored-by: Aleh Zasypkin <[email protected]>
@thomheymann
Merge branch 'main' of https://github.com/elastic/kibana into serverl…
e55955d 
…ess-role-selector
@thomheymann
Fix unit test
6324b49
@thomheymann
Merge branch 'main' into serverless-role-selector
52bb13c
@thomheymann
Merge branch 'main' into serverless-role-selector
59a49fb
@thomheymann
Merge branch 'main' into serverless-role-selector
11eb3c9
@thomheymann
Merge branch 'main' into serverless-role-selector
d8b0b01
@thomheymann
Merge branch 'main' into serverless-role-selector
9449096
@thomheymann thomheymann added the release_note:skip Skip the PR/issue when compiling release notes label Nov 20, 2023
@thomheymann thomheymann marked this pull request as ready for review November 20, 2023 10:50
@thomheymann thomheymann requested a review from a team as a code owner November 20, 2023 10:50
jbudz
jbudz reviewed Nov 20, 2023
View reviewed changes
src/cli/serve/serve.js Outdated Show resolved Hide resolved
@dmlemeshko dmlemeshko requested a review from jbudz November 20, 2023 17:30
@dmlemeshko dmlemeshko mentioned this pull request Nov 20, 2023
Merged
jbudz
jbudz previously approved these changes Nov 20, 2023
View reviewed changes
@jbudz jbudz self-requested a review November 21, 2023 13:09
@jbudz jbudz dismissed their stale review November 21, 2023 13:09

out of date

azasypkin
azasypkin approved these changes Nov 21, 2023
View reviewed changes
Copy link
Member

@azasypkin azasypkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM from the security side.

jbudz
jbudz reviewed Nov 21, 2023
View reviewed changes
packages/kbn-es/src/utils/docker.ts
// for the ip which is not validated. As such we are getting the error
// Hostname/IP does not match certificate's altnames: IP: 127.0.0.1 is not in the cert's list:
// To work around that we are overriding the function checkServerIdentity too
checkServerIdentity: () => {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did we try binding to localhost instead of 127.0.0.1? While this is a test environment..disabling identity checks for every node url regardless of endpoint seems heavy handed.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it was added in #165522 to adjust FTR waiting for cluster to be ready. @Ikuni17 you probably the best person to ask this question

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I missed that this was already committed and moved to a different spot. I'll table this discussion for another issue.

@dmlemeshko dmlemeshko enabled auto-merge (squash) November 21, 2023 18:44
@dmlemeshko dmlemeshko merged commit 9220e4d into elastic:main Nov 23, 2023
26 checks passed
@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
mockIdpPlugin - 19 +19
Unknown metric groups

API count

id before after diff
mockIdpPlugin - 25 +25

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@kibanamachine kibanamachine added v8.12.0 backport:skip This commit does not require backporting labels Nov 23, 2023
darnautov pushed a commit to darnautov/kibana that referenced this pull request Nov 23, 2023
@dmlemeshko @kibanamachine
[kbn-test] Disable TLS for svl Kibana (elastic#171434)
7556105 
## Summary

This PR disables TLS mode for Kibana run in serverless.
Related to elastic#170417 enabling serverless roles testing 
Blocked by elastic#171513

PR is created in cooperation with @azasypkin and intended to simplify
the automated testing process for serverless:
starting Kibana with TLS enabled adds unnecessary complexity to the
process of getting session cookie and overall Kibana APIs calling with
Dev certificate in the tests.
The selected approach is to disable TLS for Kibana and simply rely on
elastic#171513 to configure mocked idp realm for Serverless ES with TLS
enabled.

---------

Co-authored-by: kibanamachine <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmlemeshko dmlemeshko dmlemeshko left review comments

@jbudz jbudz jbudz approved these changes

@azasypkin azasypkin azasypkin approved these changes

Assignees
No one assigned
Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes v8.12.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@thomheymann @kibana-ci @azasypkin @jbudz @dmlemeshko @kibanamachine