Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[8.x] [HTTP] Set explicit access for `public` HTTP APIs (#192554) #193735

Merged
merged 1 commit into from
Sep 23, 2024
Merged

[8.x] [HTTP] Set explicit access for `public` HTTP APIs (#192554) #193735

merged 1 commit into from
Sep 23, 2024

Conversation

kibanamachine
Copy link
Contributor

Backport

This will backport the following commits from main to 8.x:

Questions ?

Please refer to the Backport tool documentation

@jloleysens
[HTTP] Set explicit access for public HTTP APIs (elastic#192554)
e90578c 
## Summary

We will be enforcing restricted access to internal HTTP APIs [from
9.0](elastic#186781). This PR is part 1
of audit checking that our public APIs have their access tag set
explicitly to ensure they are still available to end users after we
start enforcing HTTP API restrictions. APIs reviewed in this PR
([docs](https://www.elastic.co/guide/en/kibana/current/dashboard-import-api.html)):

<img width="260" alt="Screenshot 2024-09-11 at 11 25 55"
src="https://github.com/user-attachments/assets/499b1f1f-8e01-4463-9410-4500e438cd23">

## Note to reviewers

This audit is focussed on set `access: 'public'` where needed. Per the
screenshot our public-facing documentation is taken as the source of
truth for which APIs should be public. This may differ per offering so
please consider whether a given HTTP API should be public on both
serverless and stateful offerings.

## Risks

* If we miss an API that should be public, end users will encounter a
`400` response when they try to use the HTTP API on 9.0
* If we set an API's access to "public" it will not have the same
restrictions applied to it.

(cherry picked from commit 3fa5bdf)
@kibanamachine kibanamachine enabled auto-merge (squash) September 23, 2024 14:58
@kibanamachine kibanamachine mentioned this pull request Sep 23, 2024
Merged
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #26 / Alerting eventLog in space space1 should generate expected uuids for events for flapping alerts that go active while flapping and eventually recover

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
@kbn/core-saved-objects-server-internal 70 72 +2
Unknown metric groups

API count

id before after diff
@kbn/core-saved-objects-server-internal 71 73 +2

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @jloleysens

@kibanamachine kibanamachine merged commit 3cab9c2 into elastic:8.x Sep 23, 2024
25 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@jloleysens jloleysens

Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kibanamachine @kibana-ci @jloleysens