Skip to content

Commit

Permalink
[8.11] [Fleet] Append space ID to security solution tag (#170789) (#1…
Browse files Browse the repository at this point in the history
…71034)

# Backport

This will backport the following commits from `main` to `8.11`:
- [[Fleet] Append space ID to security solution tag
(#170789)](#170789)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Kyle
Pollich","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-11-10T16:01:36Z","message":"[Fleet]
Append space ID to security solution tag (#170789)\n\n##
Summary\r\n\r\nFixes
https://github.com/elastic/kibana/issues/166798\r\n\r\nAppends the
current space ID to the ID of the security solution tag.\r\n\r\nNote: If
there are integrations suffering from the above bug (might
be\r\n\"stuck\" in `installing` status, showing concurrent installation
errors,\r\netc), they should be reinstalled via the API in their
corresponding\r\nspace, e.g.\r\n\r\n```\r\n# In Kibana dev tools for the
space in which the integration is installed\r\nPOST
kbn:/api/fleet/epm/packages/cisco_asa/2.27.1\r\n{\r\n \"force\":
true\r\n}\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<[email protected]>","sha":"dd2fda271187f718def78002516861736dc48cf7","branchLabelMapping":{"^v8.12.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","backport:prev-minor","v8.12.0"],"number":170789,"url":"https://github.com/elastic/kibana/pull/170789","mergeCommit":{"message":"[Fleet]
Append space ID to security solution tag (#170789)\n\n##
Summary\r\n\r\nFixes
https://github.com/elastic/kibana/issues/166798\r\n\r\nAppends the
current space ID to the ID of the security solution tag.\r\n\r\nNote: If
there are integrations suffering from the above bug (might
be\r\n\"stuck\" in `installing` status, showing concurrent installation
errors,\r\netc), they should be reinstalled via the API in their
corresponding\r\nspace, e.g.\r\n\r\n```\r\n# In Kibana dev tools for the
space in which the integration is installed\r\nPOST
kbn:/api/fleet/epm/packages/cisco_asa/2.27.1\r\n{\r\n \"force\":
true\r\n}\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<[email protected]>","sha":"dd2fda271187f718def78002516861736dc48cf7"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.12.0","labelRegex":"^v8.12.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/170789","number":170789,"mergeCommit":{"message":"[Fleet]
Append space ID to security solution tag (#170789)\n\n##
Summary\r\n\r\nFixes
https://github.com/elastic/kibana/issues/166798\r\n\r\nAppends the
current space ID to the ID of the security solution tag.\r\n\r\nNote: If
there are integrations suffering from the above bug (might
be\r\n\"stuck\" in `installing` status, showing concurrent installation
errors,\r\netc), they should be reinstalled via the API in their
corresponding\r\nspace, e.g.\r\n\r\n```\r\n# In Kibana dev tools for the
space in which the integration is installed\r\nPOST
kbn:/api/fleet/epm/packages/cisco_asa/2.27.1\r\n{\r\n \"force\":
true\r\n}\r\n```\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<[email protected]>","sha":"dd2fda271187f718def78002516861736dc48cf7"}}]}]
BACKPORT-->

Co-authored-by: Kyle Pollich <[email protected]>
  • Loading branch information
kibanamachine and kpollich authored Nov 10, 2023
1 parent feb7053 commit b07686d
Show file tree
Hide file tree
Showing 2 changed files with 106 additions and 51 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -688,55 +688,108 @@ describe('tagKibanaAssets', () => {
);
});

it('should respect SecuritySolution tags', async () => {
savedObjectTagClient.get.mockRejectedValue(new Error('not found'));
savedObjectTagClient.create.mockImplementation(({ name }: { name: string }) =>
Promise.resolve({ id: name.toLowerCase(), name })
);
const kibanaAssets = {
dashboard: [
{ id: 'dashboard1', type: 'dashboard' },
{ id: 'dashboard2', type: 'dashboard' },
{ id: 'search_id1', type: 'search' },
{ id: 'search_id2', type: 'search' },
],
} as any;
const assetTags = [
{
text: 'Security Solution',
asset_types: ['dashboard'],
},
];
await tagKibanaAssets({
savedObjectTagAssignmentService,
savedObjectTagClient,
kibanaAssets,
pkgTitle: 'TestPackage',
pkgName: 'test-pkg',
spaceId: 'default',
importedAssets: [],
assetTags,
describe('Security Solution tag', () => {
it('creates tag in default space', async () => {
savedObjectTagClient.get.mockRejectedValue(new Error('not found'));
savedObjectTagClient.create.mockImplementation(({ name }: { name: string }) =>
Promise.resolve({ id: name.toLowerCase(), name })
);
const kibanaAssets = {
dashboard: [
{ id: 'dashboard1', type: 'dashboard' },
{ id: 'dashboard2', type: 'dashboard' },
{ id: 'search_id1', type: 'search' },
{ id: 'search_id2', type: 'search' },
],
} as any;
const assetTags = [
{
text: 'Security Solution',
asset_types: ['dashboard'],
},
];
await tagKibanaAssets({
savedObjectTagAssignmentService,
savedObjectTagClient,
kibanaAssets,
pkgTitle: 'TestPackage',
pkgName: 'test-pkg',
spaceId: 'default',
importedAssets: [],
assetTags,
});
expect(savedObjectTagClient.create).toHaveBeenCalledWith(
managedTagPayloadArg1,
managedTagPayloadArg2
);
expect(savedObjectTagClient.create).toHaveBeenCalledWith(
{
color: '#4DD2CA',
description: '',
name: 'TestPackage',
},
{ id: 'fleet-pkg-test-pkg-default', overwrite: true, refresh: false }
);
expect(savedObjectTagClient.create).toHaveBeenCalledWith(
{
color: expect.any(String),
description: 'Tag defined in package-spec',
name: 'Security Solution',
},
{ id: 'security-solution-default', overwrite: true, refresh: false }
);
});

it('creates tag in non-default space', async () => {
savedObjectTagClient.get.mockRejectedValue(new Error('not found'));
savedObjectTagClient.create.mockImplementation(({ name }: { name: string }) =>
Promise.resolve({ id: name.toLowerCase(), name })
);
const kibanaAssets = {
dashboard: [
{ id: 'dashboard1', type: 'dashboard' },
{ id: 'dashboard2', type: 'dashboard' },
{ id: 'search_id1', type: 'search' },
{ id: 'search_id2', type: 'search' },
],
} as any;
const assetTags = [
{
text: 'Security Solution',
asset_types: ['dashboard'],
},
];
await tagKibanaAssets({
savedObjectTagAssignmentService,
savedObjectTagClient,
kibanaAssets,
pkgTitle: 'TestPackage',
pkgName: 'test-pkg',
spaceId: 'my-secondary-space',
importedAssets: [],
assetTags,
});
expect(savedObjectTagClient.create).toHaveBeenCalledWith(managedTagPayloadArg1, {
...managedTagPayloadArg2,
id: 'fleet-managed-my-secondary-space',
});
expect(savedObjectTagClient.create).toHaveBeenCalledWith(
{
color: expect.any(String),
description: '',
name: 'TestPackage',
},
{ id: 'fleet-pkg-test-pkg-my-secondary-space', overwrite: true, refresh: false }
);
expect(savedObjectTagClient.create).toHaveBeenCalledWith(
{
color: expect.anything(),
description: 'Tag defined in package-spec',
name: 'Security Solution',
},
{ id: 'security-solution-my-secondary-space', overwrite: true, refresh: false }
);
});
expect(savedObjectTagClient.create).toHaveBeenCalledWith(
managedTagPayloadArg1,
managedTagPayloadArg2
);
expect(savedObjectTagClient.create).toHaveBeenCalledWith(
{
color: '#4DD2CA',
description: '',
name: 'TestPackage',
},
{ id: 'fleet-pkg-test-pkg-default', overwrite: true, refresh: false }
);
expect(savedObjectTagClient.create).toHaveBeenCalledWith(
{
color: expect.any(String),
description: 'Tag defined in package-spec',
name: 'Security Solution',
},
{ id: 'security-solution-default', overwrite: true, refresh: false }
);
});

it('should only call savedObjectTagClient.create for basic tags if there are no assetTags to assign', async () => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ const PACKAGE_TAG_COLOR = '#4DD2CA';
const MANAGED_TAG_NAME = 'Managed';
const LEGACY_MANAGED_TAG_ID = 'managed';
const SECURITY_SOLUTION_TAG_NAME = 'Security Solution';
const SECURITY_SOLUTION_TAG_ID = 'security-solution-default';
const SECURITY_SOLUTION_TAG_ID_BASE = 'security-solution';

// the tag service only accepts 6-digits hex colors
const TAG_COLORS = [
Expand Down Expand Up @@ -65,8 +65,10 @@ const getLegacyPackageTagId = (pkgName: string) => pkgName;
In that case return id `security-solution-default`
*/
export const getPackageSpecTagId = (spaceId: string, pkgName: string, tagName: string) => {
if (tagName.toLowerCase() === SECURITY_SOLUTION_TAG_NAME.toLowerCase())
return SECURITY_SOLUTION_TAG_ID;
if (tagName.toLowerCase() === SECURITY_SOLUTION_TAG_NAME.toLowerCase()) {
return `${SECURITY_SOLUTION_TAG_ID_BASE}-${spaceId}`;
}

// UUID v5 needs a namespace (uuid.DNS) to generate a predictable uuid
const uniqueId = uuidv5(`${tagName.toLowerCase()}`, uuidv5.DNS);
return `fleet-shared-tag-${pkgName}-${uniqueId}-${spaceId}`;
Expand Down

0 comments on commit b07686d

Please sign in to comment.