[Response Ops][Alerting] Alert preview index mappings should be allow…

…-listed for update (#191522) Resolves #189211 ## Summary Adds alert preview index prefix to the list of valid prefixes so that alert preview index mappings are correctly updated on upgrade. ## To Verify 1. Start an older version of Kibana (I used 8.12) with `yarn es snapshot --license trial --ssl -E path.data=../test_189211` and `yarn start --ssl` 2. Create a detection rule and run the rule preview before creating the rule. Go to Index Management and you should see a preview index in the list `.internal.preview.alerts-security.alerts-default-000001` 3. Using the same ES data, run Kibana on `main`. Preview a detection rule. You should see the following the logs: ``` Found unexpected concrete index name \".internal.preview.alerts-security.alerts-service-desk-000007\" while expecting index with one of the following prefixes: [.ds-.alerts-,.internal.alerts-,.alerts-] Not updating mappings or settings for this index. ``` 4. Using the same ES data, run Kibana on this branch. Preview a detection rule. You should no longer see the above log message. Co-authored-by: Elastic Machine <[email protected]>
elastic · Sep 5, 2024 · 185ac94 · 185ac94
1 parent 1bcc3d6
commit 185ac94
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 4 deletions.
diff --git a/x-pack/plugins/alerting/server/alerts_service/resource_installer_utils.test.ts b/x-pack/plugins/alerting/server/alerts_service/resource_installer_utils.test.ts
@@ -38,7 +38,13 @@ describe('getIndexTemplateAndPattern', () => {
       pattern: '.internal.alerts-test.alerts-default-*',
       basePattern: '.alerts-test.alerts-*',
       alias: '.alerts-test.alerts-default',
-      validPrefixes: ['.ds-.alerts-', '.internal.alerts-', '.alerts-'],
+      validPrefixes: [
+        '.ds-.alerts-',
+        '.internal.alerts-',
+        '.alerts-',
+        '.internal.preview.alerts-',
+        '.preview.alerts-',
+      ],
       name: '.internal.alerts-test.alerts-default-000001',
     });
   });
@@ -49,7 +55,13 @@ describe('getIndexTemplateAndPattern', () => {
       pattern: '.internal.alerts-test.alerts-special-*',
       basePattern: '.alerts-test.alerts-*',
       alias: '.alerts-test.alerts-special',
-      validPrefixes: ['.ds-.alerts-', '.internal.alerts-', '.alerts-'],
+      validPrefixes: [
+        '.ds-.alerts-',
+        '.internal.alerts-',
+        '.alerts-',
+        '.internal.preview.alerts-',
+        '.preview.alerts-',
+      ],
       name: '.internal.alerts-test.alerts-special-000001',
     });
   });
@@ -67,7 +79,13 @@ describe('getIndexTemplateAndPattern', () => {
       basePattern: '.alerts-test.alerts-*',
       alias: '.alerts-test.alerts-special',
       name: '.internal.alerts-test.alerts-special-000001',
-      validPrefixes: ['.ds-.alerts-', '.internal.alerts-', '.alerts-'],
+      validPrefixes: [
+        '.ds-.alerts-',
+        '.internal.alerts-',
+        '.alerts-',
+        '.internal.preview.alerts-',
+        '.preview.alerts-',
+      ],
       secondaryAlias: `siem.signals-special`,
     });
   });

diff --git a/x-pack/plugins/alerting/server/alerts_service/resource_installer_utils.ts b/x-pack/plugins/alerting/server/alerts_service/resource_installer_utils.ts
@@ -13,7 +13,13 @@ interface GetComponentTemplateNameOpts {
   context?: string;
   name?: string;
 }
-export const VALID_ALERT_INDEX_PREFIXES = ['.ds-.alerts-', '.internal.alerts-', '.alerts-'];
+export const VALID_ALERT_INDEX_PREFIXES = [
+  '.ds-.alerts-',
+  '.internal.alerts-',
+  '.alerts-',
+  '.internal.preview.alerts-',
+  '.preview.alerts-',
+];
 
 export const getComponentTemplateName = ({ context, name }: GetComponentTemplateNameOpts = {}) =>
   `.alerts-${context ? `${context}.alerts` : name ? name : 'framework'}-mappings`;