-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Deprecations] Logs Sources settings in all spaces #203042
[Deprecations] Logs Sources settings in all spaces #203042
Conversation
Pinging @elastic/kibana-core (Team:Core) |
Pinging @elastic/kibana-security (Team:Security) |
Pinging @elastic/obs-ux-logs-team (Team:obs-ux-logs) |
08bf159
to
acf77fd
Compare
🤖 GitHub commentsExpand to view the GitHub comments
Just comment with:
|
|
||
/** | ||
* Given a list of namespace strings, returns a subset that the user is authorized to search in. | ||
* If a wildcard '*' is used, it is expanded to an explicit list of namespace strings. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to make it super clear that the explicit list of namespace strings only includes the namespaces the current user has access to othewise consumers might incorrectly interpret that as a list of all namespaces.
* If a wildcard '*' is used, it is expanded to an explicit list of namespace strings. | |
* If a wildcard '*' is used, it is expanded to an explicit list of namespace strings the current user has access to. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And it's worth noting that this will include any namespace the user has ANY access to.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks ok at a glance. The new APIs need tests, especially given that they're public and carry risks. It'd be helpful to point out the risks associated with using these APIs.
Initial code review only. I'll re-review once concerns are addressed.
getSearchableNamespaces: (namespaces: string[] | undefined) => Promise<string[]>; | ||
|
||
/** | ||
* Returns a new Saved Objects client scoped to the new namespace. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
* Returns a new Saved Objects client scoped to the new namespace. | |
* Returns a new Saved Objects client scoped to the current user and current namespace. |
We're not creating a namespace, only a client that is scoped to one
packages/core/saved-objects/core-saved-objects-api-server/src/saved_objects_client.ts
Outdated
Show resolved
Hide resolved
getSearchableNamespaces: (namespaces: string[] | undefined) => Promise<string[]>; | ||
|
||
/** | ||
* Returns a new Saved Objects repository scoped to the new namespace. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
* Returns a new Saved Objects repository scoped to the new namespace. | |
* Returns a new Saved Objects repository scoped to a specific namespace. |
@@ -25,4 +25,9 @@ export interface ISavedObjectsSpacesExtension { | |||
* If a wildcard '*' is used, it is expanded to an explicit list of namespace strings. | |||
*/ | |||
getSearchableNamespaces: (namespaces: string[] | undefined) => Promise<string[]>; | |||
/** | |||
* Returns a new Saved Objects Spaces Extension scoped to the new namespace. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
* Returns a new Saved Objects Spaces Extension scoped to the new namespace. | |
* Returns a new Saved Objects Spaces Extension scoped to a specific namespace. |
export const getLogSourcesSettingDeprecationInfo = async ( | ||
params: LogSourcesSettingDeprecationParams | ||
): Promise<DeprecationsDetails[]> => { | ||
const allAvailableSpaces = await params.context.savedObjectsClient.getSearchableNamespaces(['*']); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Requires end users to actively enable Log sources in each space.
We need that documented.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I don't fully understand this comment. We're reading a SO, and it's perfectly fine if the SO doesn't exist. Why would we need Log sources to be enabled in each space for this logic to work?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🚀
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
x-pack/plugins/reporting/server/deprecations/migrate_existing_indices_ilm_policy.test.ts lgtm
💚 Build Succeeded
Metrics [docs]Public APIs missing comments
Unknown metric groupsAPI count
History
cc @afharo |
## Summary #203042 highlighted these APIs not having comments. ### Checklist - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials
## Summary elastic#203042 highlighted these APIs not having comments. ### Checklist - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials (cherry picked from commit 25b171d)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for improving this 👌
Starting backport for target branches: 8.x https://github.com/elastic/kibana/actions/runs/12352858418 |
💔 All backports failed
Manual backportTo create the backport manually run:
Questions ?Please refer to the Backport tool documentation |
(cherry picked from commit 2ed3442) # Conflicts: # x-pack/platform/plugins/private/translations/translations/zh-CN.json
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
…204476) # Backport This will backport the following commits from `main` to `8.x`: - [[Deprecations] Logs Sources settings in all spaces (#203042)](#203042) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Alejandro Fernández Haro","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-12-16T12:40:56Z","message":"[Deprecations] Logs Sources settings in all spaces (#203042)","sha":"2ed34427c056e935f77c6dded03afc11f82d301c","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Core","Team:Security","release_note:skip","v9.0.0","backport:prev-minor","ci:project-deploy-observability","Team:obs-ux-logs"],"number":203042,"url":"https://github.com/elastic/kibana/pull/203042","mergeCommit":{"message":"[Deprecations] Logs Sources settings in all spaces (#203042)","sha":"2ed34427c056e935f77c6dded03afc11f82d301c"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/203042","number":203042,"mergeCommit":{"message":"[Deprecations] Logs Sources settings in all spaces (#203042)","sha":"2ed34427c056e935f77c6dded03afc11f82d301c"}}]}] BACKPORT-->
## Summary elastic#203042 highlighted these APIs not having comments. ### Checklist - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials
Summary
Resolves #202649.
Logs Sources deprecations now check all spaces for the deprecated configuration:
From the any space (including those not having any deprecations):
How to test the deprecation
Open the "Logs settings" and select Indices/Data view deprecated options:
The automated mitigation API
PUT /api/logs_shared/deprecations/migrate_log_view_settings
is also fixed to loop through all the spaces to resolve the issue.In order to achieve this piece of work, I had to extend the current Saved Objects client to expose 1 new method:
asScopedToNamespace
: Returns a new client scoped to the specified Space ID.Checklist
Identify risks