Skip to content

Commit

Permalink
[8.11] [Fleet] Modify bulk unenroll to include inactive agents (#170249
Browse files Browse the repository at this point in the history 
…) (#170825)

# Backport

This will backport the following commits from `main` to `8.11`:
- [[Fleet] Modify bulk unenroll to include inactive agents
(#170249)](#170249)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cristina
Amico","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-11-08T08:29:23Z","message":"[Fleet]
Modify bulk unenroll to include inactive agents (#170249)\n\nFixes
https://github.com/elastic/kibana/issues/169977\r\n## Summary\r\n[Fleet]
Modify bulk unenroll to include inactive agents when
passing\r\n`\"includeInactive\": true`.\r\n\r\n- This flag only works
when the agents are selected by query.\r\n- Updated the hook in the UI
to include the new flag.\r\n\r\n\r\n### Testing\r\n\r\n#### API\r\n-
Enroll some agents and make them inactive\r\n- From dev tools, run the
bulk_unenroll api with option\r\n`includeInactive`:\r\n```\r\nPOST
kbn:/api/fleet/agents/bulk_unenroll\r\n{\r\n \"agents\":
\"last_checkin<=2023-11-06\",\r\n \"revoke\": true,\r\n
\"includeInactive\": true\r\n}\r\n```\r\nThis should remove all the
agents selected in the kuery, also the\r\ninactive ones.\r\n\r\n####
UI\r\n- Enroll some agents and make them inactive\r\n- Select all agents
on all pages, from the bulk actions click on\r\n\"unenroll agents\"\r\n-
It should remove all the agents, inactive ones too.\r\n\r\n\r\n###
Checklist\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n\r\n\r\n### For
maintainers\r\n\r\n- [ ] This was checked for breaking API changes and
was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
Kibana Machine
<[email protected]>","sha":"b2e3284d0f64fa73d807eaf33c951fa21416674a","branchLabelMapping":{"^v8.12.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","backport:prev-minor","v8.12.0"],"number":170249,"url":"https://github.com/elastic/kibana/pull/170249","mergeCommit":{"message":"[Fleet]
Modify bulk unenroll to include inactive agents (#170249)\n\nFixes
https://github.com/elastic/kibana/issues/169977\r\n## Summary\r\n[Fleet]
Modify bulk unenroll to include inactive agents when
passing\r\n`\"includeInactive\": true`.\r\n\r\n- This flag only works
when the agents are selected by query.\r\n- Updated the hook in the UI
to include the new flag.\r\n\r\n\r\n### Testing\r\n\r\n#### API\r\n-
Enroll some agents and make them inactive\r\n- From dev tools, run the
bulk_unenroll api with option\r\n`includeInactive`:\r\n```\r\nPOST
kbn:/api/fleet/agents/bulk_unenroll\r\n{\r\n \"agents\":
\"last_checkin<=2023-11-06\",\r\n \"revoke\": true,\r\n
\"includeInactive\": true\r\n}\r\n```\r\nThis should remove all the
agents selected in the kuery, also the\r\ninactive ones.\r\n\r\n####
UI\r\n- Enroll some agents and make them inactive\r\n- Select all agents
on all pages, from the bulk actions click on\r\n\"unenroll agents\"\r\n-
It should remove all the agents, inactive ones too.\r\n\r\n\r\n###
Checklist\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n\r\n\r\n### For
maintainers\r\n\r\n- [ ] This was checked for breaking API changes and
was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
Kibana Machine
<[email protected]>","sha":"b2e3284d0f64fa73d807eaf33c951fa21416674a"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.12.0","labelRegex":"^v8.12.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/170249","number":170249,"mergeCommit":{"message":"[Fleet]
Modify bulk unenroll to include inactive agents (#170249)\n\nFixes
https://github.com/elastic/kibana/issues/169977\r\n## Summary\r\n[Fleet]
Modify bulk unenroll to include inactive agents when
passing\r\n`\"includeInactive\": true`.\r\n\r\n- This flag only works
when the agents are selected by query.\r\n- Updated the hook in the UI
to include the new flag.\r\n\r\n\r\n### Testing\r\n\r\n#### API\r\n-
Enroll some agents and make them inactive\r\n- From dev tools, run the
bulk_unenroll api with option\r\n`includeInactive`:\r\n```\r\nPOST
kbn:/api/fleet/agents/bulk_unenroll\r\n{\r\n \"agents\":
\"last_checkin<=2023-11-06\",\r\n \"revoke\": true,\r\n
\"includeInactive\": true\r\n}\r\n```\r\nThis should remove all the
agents selected in the kuery, also the\r\ninactive ones.\r\n\r\n####
UI\r\n- Enroll some agents and make them inactive\r\n- Select all agents
on all pages, from the bulk actions click on\r\n\"unenroll agents\"\r\n-
It should remove all the agents, inactive ones too.\r\n\r\n\r\n###
Checklist\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n\r\n\r\n### For
maintainers\r\n\r\n- [ ] This was checked for breaking API changes and
was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
Kibana Machine
<[email protected]>","sha":"b2e3284d0f64fa73d807eaf33c951fa21416674a"}}]}]
BACKPORT-->

Co-authored-by: Cristina Amico <[email protected]>
  • Loading branch information
@kibanamachine @criamico
kibanamachine and criamico authored Nov 8, 2023
1 parent f0a4ac0 commit f083d2d
Show file tree
Hide file tree
Showing 9 changed files with 112 additions and 21 deletions.
20 changes: 12 additions & 8 deletions x-pack/plugins/fleet/common/openapi/bundled.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2740,14 +2740,6 @@
"schema": {
"type": "object",
"properties": {
"revoke": {
"type": "boolean",
"description": "Revokes API keys of agents"
},
"force": {
"type": "boolean",
"description": "Unenroll hosted agents too"
},
"agents": {
"oneOf": [
{
Expand All @@ -2762,6 +2754,18 @@
"description": "list of agent IDs"
}
]
},
"revoke": {
"type": "boolean",
"description": "Revokes API keys of agents"
},
"force": {
"type": "boolean",
"description": "Unenrolls hosted agents too"
},
"includeInactive": {
"type": "boolean",
"description": "When passing agents by KQL query, unenrolls inactive agents too"
}
},
"required": [
Expand Down
17 changes: 11 additions & 6 deletions x-pack/plugins/fleet/common/openapi/bundled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1719,12 +1719,6 @@ paths:
schema:
type: object
properties:
revoke:
type: boolean
description: Revokes API keys of agents
force:
type: boolean
description: Unenroll hosted agents too
agents:
oneOf:
- type: string
Expand All @@ -1733,6 +1727,17 @@ paths:
items:
type: string
description: list of agent IDs
revoke:
type: boolean
description: Revokes API keys of agents
force:
type: boolean
description: Unenrolls hosted agents too
includeInactive:
type: boolean
description: >-
When passing agents by KQL query, unenrolls inactive agents
too
required:
- agents
example:
Expand Down
15 changes: 9 additions & 6 deletions x-pack/plugins/fleet/common/openapi/paths/agents@bulk_unenroll.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,6 @@ post:
schema:
type: object
properties:
revoke:
type: boolean
description: Revokes API keys of agents
force:
type: boolean
description: Unenroll hosted agents too
agents:
oneOf:
- type: string
Expand All @@ -37,6 +31,15 @@ post:
items:
type: string
description: list of agent IDs
revoke:
type: boolean
description: Revokes API keys of agents
force:
type: boolean
description: Unenrolls hosted agents too
includeInactive:
type: boolean
description: When passing agents by KQL query, unenrolls inactive agents too
required:
- agents
example:
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/fleet/common/types/rest_spec/agent.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,7 @@ export interface PostBulkAgentUnenrollRequest {
agents: string[] | string;
force?: boolean;
revoke?: boolean;
includeInactive?: boolean;
};
}

Expand Down
2 changes: 2 additions & 0 deletions ...fleet/public/applications/fleet/sections/agents/components/agent_unenroll_modal/index.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ export const AgentUnenrollAgentModal: React.FunctionComponent<Props> = ({
: await sendPostBulkAgentUnenroll({
agents: Array.isArray(agents) ? agents.map((agent) => agent.id) : agents,
revoke: forceUnenroll,
// includeInactive is only used when the agents are selected by query, it's ignored in the case of agent ids
includeInactive: true,
});
if (error) {
throw error;
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/fleet/server/routes/agent/unenroll_handler.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ export const postBulkAgentsUnenrollHandler: RequestHandler<
revoke: request.body?.revoke,
force: request.body?.force,
batchSize: request.body?.batchSize,
showInactive: request.body?.includeInactive,
});

return response.ok({ body: { actionId: results.actionId } });
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/fleet/server/services/agents/unenroll.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@ export async function unenrollAgents(
force?: boolean;
revoke?: boolean;
batchSize?: number;
showInactive?: boolean;
}
): Promise<{ actionId: string }> {
if ('agentIds' in options) {
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/fleet/server/types/rest_spec/agent.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,7 @@ export const PostBulkAgentUnenrollRequestSchema = {
force: schema.maybe(schema.boolean()),
revoke: schema.maybe(schema.boolean()),
batchSize: schema.maybe(schema.number()),
includeInactive: schema.maybe(schema.boolean()),
}),
};

Expand Down
75 changes: 74 additions & 1 deletion x-pack/test/fleet_api_integration/apis/agents/unenroll.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
import expect from '@kbn/expect';
import { v4 as uuidv4 } from 'uuid';

import { AGENTS_INDEX } from '@kbn/fleet-plugin/common';
import { FtrProviderContext } from '../../../api_integration/ftr_provider_context';
import { setupFleetAndAgents } from './services';
import { skipIfNoDockerRegistry } from '../../helpers';
Expand Down Expand Up @@ -149,7 +150,7 @@ export default function (providerContext: FtrProviderContext) {
expect(actionStatus.nbAgentsFailed).to.eql(2);
});

it('/agents/bulk_unenroll should allow to unenroll multiple agents by id from an regular agent policy', async () => {
it('/agents/bulk_unenroll should allow to unenroll multiple agents by id from a regular agent policy', async () => {
// set policy to regular
await supertest
.put(`/api/fleet/agent_policies/policy1`)
Expand Down Expand Up @@ -188,6 +189,78 @@ export default function (providerContext: FtrProviderContext) {
expect(body.total).to.eql(0);
});

it('/agents/bulk_unenroll should allow to unenroll active and inactive agents by kuery with includeInactive', async () => {
// Agent inactive
await esClient.update({
id: 'agent4',
refresh: 'wait_for',
index: AGENTS_INDEX,
body: {
doc: {
policy_id: 'policy1',
policy_revision_idx: 1,
last_checkin: new Date(Date.now() - 1000 * 60).toISOString(), // policy timeout 1 min
},
},
});
// unenroll all agents that had last checkin before "now"
await supertest
.post(`/api/fleet/agents/bulk_unenroll`)
.set('kbn-xsrf', 'xxx')
.send({
agents: `last_checkin<="${new Date(Date.now()).toISOString()}"`,
revoke: true,
includeInactive: true,
})
.expect(200);

const { body } = await supertest.get(`/api/fleet/agents`);
expect(body.total).to.eql(0);
});
it('/agents/bulk_unenroll should allow to unenroll inactive agents that never had last checkin by kuery with includeInactive', async () => {
// Agent inactive
await esClient.update({
id: 'agent4',
refresh: 'wait_for',
index: AGENTS_INDEX,
body: {
doc: {
policy_id: 'policy1',
policy_revision_idx: 1,
last_checkin: new Date(Date.now() - 1000 * 60).toISOString(), // policy timeout 1 min
},
},
});
// agent inactive through enrolled_at as no last_checkin
await esClient.create({
id: 'agent5',
refresh: 'wait_for',
index: AGENTS_INDEX,
document: {
active: true,
access_api_key_id: 'api-key-4',
policy_id: 'policy1',
type: 'PERMANENT',
local_metadata: { host: { hostname: 'host6' } },
user_provided_metadata: {},
enrolled_at: new Date(Date.now() - 1000 * 60).toISOString(), // policy timeout 1 min
},
});
// unenroll all agents
await supertest
.post(`/api/fleet/agents/bulk_unenroll`)
.set('kbn-xsrf', 'xxx')
.send({
agents: 'active: true',
revoke: true,
includeInactive: true,
})
.expect(200);

const { body } = await supertest.get(`/api/fleet/agents`);
expect(body.total).to.eql(0);
});

it('/agents/bulk_unenroll should allow to unenroll multiple agents by kuery in batches async', async () => {
const { body } = await supertest
.post(`/api/fleet/agents/bulk_unenroll`)
Expand Down

0 comments on commit f083d2d

Please sign in to comment.