Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Fleet] Filter space aware entities in Fleet UI/API #184869

Merged
merged 21 commits into from
Jun 17, 2024

Conversation

nchaulet
Copy link
Member

@nchaulet nchaulet commented Jun 5, 2024

Summary

Related to https://github.com/elastic/ingest-dev/issues/2893

That PR allow to filter all the different Fleet documents to only display the one in the current space.

For this every saved object client we use need to be correctly scoped to use the request current space, and we need to add filter .fleet-* index to only return the currrent namespace documents.

The feature is behind the useSpaceAwareness feature flag.

I am still working on writing tests, but it should be ready for first reviews

UI

The UI now filter related Fleet entities by space

API

  • Uninstall tokens
  • Package policies
  • Agent policies (is already using a regular kibana request scoped client)
  • Enrollment tokens
  • Agents
    • Agents Read API
    • Agents Write API

Tests

Manual test, with the useSpaceAwareness feature flag enabled, you could create multiple space, and enroll create agent policies/enroll agent in multiple space and check those agent are not visible in the other spaces

Automated API tests

The following APIs should be covered with automated API integration tests

  • Enrollment tokens
  • Uninstall tokens
  • Agents Read API
  • Agent policies
  • Package policy

Not done in that PR

space aware agent actions, and the related write APIs are not done in that PR to keep it reviewable.

@apmmachine
Copy link
Contributor

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

  • /oblt-deploy : Deploy a Kibana instance using the Observability test environments.
  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

@nchaulet nchaulet force-pushed the feature-fleet-space-filtering branch 2 times, most recently from 0fce71c to 77d1b3c Compare June 7, 2024 14:26
@nchaulet nchaulet force-pushed the feature-fleet-space-filtering branch from 77d1b3c to a6ec617 Compare June 7, 2024 17:11
@nchaulet
Copy link
Member Author

nchaulet commented Jun 7, 2024

/ci

@nchaulet nchaulet force-pushed the feature-fleet-space-filtering branch from cc01e74 to 7b1baf9 Compare June 7, 2024 19:00
@nchaulet
Copy link
Member Author

nchaulet commented Jun 7, 2024

/ci

@nchaulet nchaulet force-pushed the feature-fleet-space-filtering branch from 7b1baf9 to 2c193b6 Compare June 10, 2024 12:32
@nchaulet
Copy link
Member Author

/ci

@nchaulet nchaulet added release_note:skip Skip the PR/issue when compiling release notes Team:Fleet Team label for Observability Data Collection Fleet team labels Jun 10, 2024
@nchaulet nchaulet force-pushed the feature-fleet-space-filtering branch from fa8f3a3 to 9716075 Compare June 10, 2024 14:39
@nchaulet
Copy link
Member Author

/ci

@nchaulet nchaulet force-pushed the feature-fleet-space-filtering branch from 6c2e51b to 7b950e0 Compare June 10, 2024 18:36
@nchaulet
Copy link
Member Author

/ci

@nchaulet nchaulet self-assigned this Jun 10, 2024
@nchaulet nchaulet marked this pull request as ready for review June 10, 2024 18:44
@nchaulet nchaulet requested review from a team as code owners June 10, 2024 18:44
@elasticmachine
Copy link
Contributor

Pinging @elastic/fleet (Team:Fleet)

@@ -46,11 +68,12 @@ export async function getAgentsPerOutput(

const { items: agentPolicies } = await agentPolicyService.list(soClient, {
esClient,
withAgentCount: true,
Copy link
Contributor

@juliaElastic juliaElastic Jun 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is the withAgentCount parameter still used elsewhere to call agentPolicyService.list?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like it's used in observability_solution, I reverted that change, and use a scoped to space saved object client instead

@juliaElastic
Copy link
Contributor

The code looks good, I tried to test locally on the UI to create an agent policy in a new space, but it's visible in Default space also. Is this supposed to work?

@nchaulet
Copy link
Member Author

@juliaElastic Did you turn on the useSpaceAwarness feature flag?

@juliaElastic
Copy link
Contributor

Did you turn on the useSpaceAwarness feature flag?

No, that was probably the issue, thanks.

@juliaElastic
Copy link
Contributor

juliaElastic commented Jun 11, 2024

With the useSpaceAwareness feature flag (typo in description) I can test that the agent policy created in a non-default space is only visible there.
However in the Add agents instructions I'm seeing the Fleet Server instructions if the fleet-server is enrolled in the default space. Is it expected?
And after enrolling an agent to this agent policy, it is not visible in the non-default space, only in the default space (agent policy column is blank there).

image image image

@nchaulet
Copy link
Member Author

nchaulet commented Jun 11, 2024

@juliaElastic thanks for the testing

However in the Add agents instructions I'm seeing the Fleet Server instructions if the fleet-server is enrolled in the default space. Is it expected?

It's not sure what we should do in that case, we should probably be able to enroll agents, but I created another issue to tackle that #186045

And after enrolling an agent to this agent policy, it is not visible in the non-default space, only in the default space (agent policy column is blank there).

Are you running the latest snapshot of Fleet server? It needs that fleet-server change to work elastic/fleet-server#3535

@juliaElastic
Copy link
Contributor

Are you running the latest snapshot of Fleet server? It needs that fleet-server change to work elastic/fleet-server#3535

It seems I had an old snapshot, I can see the agent under the custom space with the newest one.

image

Copy link
Contributor

@juliaElastic juliaElastic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@nchaulet
Copy link
Member Author

@elasticmachine merge upstream

@nchaulet
Copy link
Member Author

@elasticmachine merge upstream

@nchaulet
Copy link
Member Author

@elasticmachine merge upstream

@nchaulet
Copy link
Member Author

@elasticmachine merge upstream

@nchaulet
Copy link
Member Author

@elasticmachine merge upstream

@nchaulet
Copy link
Member Author

@elasticmachine merge upstream

@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #30 / lens app - TSVB Open in Lens Dashboard to TSVB to Lens should convert a by reference TSVB viz to a Lens viz

Metrics [docs]

Unknown metric groups

API count

id before after diff
fleet 1337 1338 +1

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @nchaulet

@nchaulet nchaulet merged commit a2c068a into elastic:main Jun 17, 2024
22 checks passed
@nchaulet nchaulet deleted the feature-fleet-space-filtering branch June 17, 2024 14:03
@kibanamachine kibanamachine added v8.15.0 backport:skip This commit does not require backporting labels Jun 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Fleet Team label for Observability Data Collection Fleet team v8.15.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants