Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Trusted Apps signer API. #83661

Merged
merged 26 commits into from
Nov 30, 2020
Merged

Trusted Apps signer API. #83661

merged 26 commits into from
Nov 30, 2020

Conversation

efreeti
Copy link
Contributor

@efreeti efreeti commented Nov 18, 2020

Summary

Support for signer condition in trusted apps config for windows in API.

In addition to implementing the feature separated out the service layer in the server implementation for trusted apps and introduced more granular types that helped making the transformation/mapping code type safe and remove tslint/eslint directives to ignore problems. New structures leads to testing separate layers separately.

Checklist

@efreeti efreeti self-assigned this Nov 18, 2020
@paul-tavares
Copy link
Contributor

I took a quick look at this seems fine, although I'm not sure what the changes for signer are, it seems that most changes are refactoring, am I right?

I can take a closer look once it comes out of draft

@efreeti
Copy link
Contributor Author

efreeti commented Nov 20, 2020

Umm, I would say majority of the changes are about the signer just I had to introduce some more granular types to achieve type safety in solution (and remove some @tslint-ignores), that had a bit of effect on some other files also in frontend. Maybe one change that was no directly related was separating out service layer.

@efreeti efreeti added Feature:Endpoint Elastic Endpoint feature release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v7.11.0 labels Nov 23, 2020
@efreeti efreeti added the v8.0.0 label Nov 23, 2020
@efreeti efreeti requested a review from a team November 23, 2020 16:38
@efreeti efreeti marked this pull request as ready for review November 23, 2020 16:38
@efreeti efreeti requested review from a team as code owners November 23, 2020 16:38
@elasticmachine
Copy link
Contributor

Pinging @elastic/endpoint-app-team (Feature:Endpoint)

Copy link
Contributor

@kevinlog kevinlog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks like it's mostly separating out a service layer and organizing the schema. Makes sense since we have a new requirement to allow the Signer field only for Windows 👍

@@ -0,0 +1,79 @@
/*
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggestion: move this service to .../server/endpoint/services/ directory

Copy link
Contributor

@parkiino parkiino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the PR walkthrough!

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 8.0MB 8.0MB -882.0B

Distributable file count

id before after diff
default 43139 43140 +1

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
lists 173.5KB 173.6KB +117.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@efreeti efreeti merged commit de5edaa into elastic:master Nov 30, 2020
@efreeti efreeti deleted the btsymbala/signer-api branch November 30, 2020 14:42
efreeti added a commit to efreeti/kibana that referenced this pull request Nov 30, 2020
* Separated out service layer for trusted apps.

* Improved the type structure a bit to avoid using explicit string literals and to add possibility to return OS specific parts of trusted app object in type safe manner.

* Added support for mapping of trusted app to exception item and back.

* Changed schema to support signer in the API.

* Renamed utils to mapping.

* Exported some types in lists plugin and used them in trusted apps.

* Added tests for mapping.

* Added tests for service.

* Switched deletion to use exceptions for not found case.

* Added resetting of the mocks in service layer tests.

* Added handlers tests.

* Refactored mapping tests to be more granular based on the case.

* Restored lowercasing of hash.

* Added schema tests for signer field.

* Removed the grouped tests (they were split into tests for separate concerns).

* Corrected the tests.

* Lowercased the hashes in the service test.

* Moved the lowercasing to the right location.

* Fixed the tests.

* Added test for lowercasing hash value.

* Introduced OperatingSystem enum instead of current types.

* Removed os list constant in favour of separate lists in places that use it (each place has own needs to the ordering).

* Fixed the missed OperatingSystem enum usage.
phillipb added a commit to phillipb/kibana that referenced this pull request Nov 30, 2020
…bana into add-metadata-to-node-details

* 'add-metadata-to-node-details' of github.com:phillipb/kibana:
  [APM] ML anomaly detection integration: Displaying anomaly job results in the Transaction duration chart is not as intended  (elastic#84415)
  Support for painless language autocomplete within monaco (elastic#80577)
  [Lens] Time scale ui (elastic#83904)
  removing beta callouts (elastic#84510)
  [Lens] (Accessibility) add aria-label to chart type icon (elastic#84493)
  Trusted Apps signer API. (elastic#83661)
  increase stdout max listeners for legacy logging (elastic#84497)
  [APM] Service overview: Add throughput chart (elastic#84439)
  [Discover] Unskip main functional tests (elastic#84300)
  Uptime overview overhaul (elastic#83406)
  [APM] Adjust time formats based on the difference between start and end (elastic#84470)
  [ML] Renaming saved object repair to sync (elastic#84311)
  [UsageCollection] Remove `formatBulkUpload` and other unused APIs (elastic#84313)
  [Visualizations] Adds visConfig.title and uiState to build pipeline function (elastic#84456)
  [Elasticsearch Migration] Update docs re UsageCollection (elastic#84322)
  TSVB field list performance issue on using annotations (elastic#84407)
  [Security Solution] Exceptions Cypress tests (elastic#81759)
  [ML] Fix spaces job ID check (elastic#84404)
  [Security Solution][Detections] Handle dupes when processing threshold rules (elastic#83062)
efreeti added a commit that referenced this pull request Nov 30, 2020
* Separated out service layer for trusted apps.

* Improved the type structure a bit to avoid using explicit string literals and to add possibility to return OS specific parts of trusted app object in type safe manner.

* Added support for mapping of trusted app to exception item and back.

* Changed schema to support signer in the API.

* Renamed utils to mapping.

* Exported some types in lists plugin and used them in trusted apps.

* Added tests for mapping.

* Added tests for service.

* Switched deletion to use exceptions for not found case.

* Added resetting of the mocks in service layer tests.

* Added handlers tests.

* Refactored mapping tests to be more granular based on the case.

* Restored lowercasing of hash.

* Added schema tests for signer field.

* Removed the grouped tests (they were split into tests for separate concerns).

* Corrected the tests.

* Lowercased the hashes in the service test.

* Moved the lowercasing to the right location.

* Fixed the tests.

* Added test for lowercasing hash value.

* Introduced OperatingSystem enum instead of current types.

* Removed os list constant in favour of separate lists in places that use it (each place has own needs to the ordering).

* Fixed the missed OperatingSystem enum usage.
gmmorris added a commit to gmmorris/kibana that referenced this pull request Nov 30, 2020
* master: (25 commits)
  [Alerting] fixes buggy default message behaviour (elastic#84202)
  [Graph] Use new ES client and change license API (elastic#84398)
  [DOCS] Adds redirect to known plugins page (elastic#84001)
  Update IndexPatternSelect to get fields from indexPatternService instead of savedObject attributes (elastic#84376)
  Adding timestamps to created events so the sorting is stable (elastic#84515)
  [DOCS] Redirects for drilldown links (elastic#83846)
  [Fleet] Support for showing an Integration Detail Custom (UI Extension) tab (elastic#83805)
  [Enterprise Search] Migrate shared Schema components (elastic#84381)
  [Discover] Unskip date_nanos and shard links functional tests (elastic#82878)
  [APM] ML anomaly detection integration: Displaying anomaly job results in the Transaction duration chart is not as intended  (elastic#84415)
  Support for painless language autocomplete within monaco (elastic#80577)
  [Lens] Time scale ui (elastic#83904)
  removing beta callouts (elastic#84510)
  [Lens] (Accessibility) add aria-label to chart type icon (elastic#84493)
  Trusted Apps signer API. (elastic#83661)
  increase stdout max listeners for legacy logging (elastic#84497)
  [APM] Service overview: Add throughput chart (elastic#84439)
  [Discover] Unskip main functional tests (elastic#84300)
  Uptime overview overhaul (elastic#83406)
  [APM] Adjust time formats based on the difference between start and end (elastic#84470)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature:Endpoint Elastic Endpoint feature release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v7.11.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants