[ResponseOps][Cases] Fix case actions bug in serverless security #195281
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
adcoelho
added
bug
|
Pinging @elastic/response-ops (Team:ResponseOps) |
|
Pinging @elastic/response-ops-cases (Feature:Cases) |
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Async chunks
Page load bundle
To update your PR or re-run it, just comment with: cc @adcoelho |
jloleysens
approved these changes
Oct 8, 2024
js-jankisalvi
approved these changes
Oct 8, 2024
| }): Owner => { | ||
| // This is a workaround for a very specific bug with the cases action in serverless security | ||
| // More info here: https://github.com/elastic/kibana/issues/186270 | ||
| if (isServerlessSecurity) { |
There was a problem hiding this comment.
I am curious why we don't need check for o11y.
There was a problem hiding this comment.
I am also curious. Stack cases are not available in o11y. What is the current behavior if you create a stack alert from the stack management page?
There was a problem hiding this comment.
Stack rules are not available in serverless observability. So this scenario won't happen.
|
Starting backport for target branches: 8.x |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Oct 9, 2024
…stic#195281) Fixes elastic#186270 ## Summary This PR ensures that cases created by the case action in stack management rules in serverless security projects are assigned the correct owner. ### How to test 1. Add the following line to `serverless.yml` - `xpack.cloud.serverless.project_id: test-123` 2. Start elastic search in serverless security mode - `yarn es serverless --projectType security` 3. Start Kibana in serverless security mode - `yarn start --serverless=security` 4. Go to stack and create a rule with the cases action. 5. When an alert is triggered confirm you can view the case in `Security > Cases` --------- Co-authored-by: kibanamachine <[email protected]> (cherry picked from commit 02cc5a8)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
2 tasks
kibanamachine
added a commit
that referenced
this pull request
Oct 9, 2024
#195281) (#195600) # Backport This will backport the following commits from `main` to `8.x`: - [[ResponseOps][Cases] Fix case actions bug in serverless security (#195281)](#195281) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Antonio","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-09T13:41:20Z","message":"[ResponseOps][Cases] Fix case actions bug in serverless security (#195281)\n\nFixes #186270\r\n\r\n## Summary\r\n\r\nThis PR ensures that cases created by the case action in stack\r\nmanagement rules in serverless security projects are assigned the\r\ncorrect owner.\r\n\r\n\r\n### How to test\r\n\r\n1. Add the following line to `serverless.yml` -\r\n`xpack.cloud.serverless.project_id: test-123`\r\n2. Start elastic search in serverless security mode - `yarn es\r\nserverless --projectType security`\r\n3. Start Kibana in serverless security mode - `yarn start\r\n--serverless=security`\r\n4. Go to stack and create a rule with the cases action.\r\n5. When an alert is triggered confirm you can view the case in `Security\r\n> Cases`\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"02cc5a83b860713bc61868b766deda2c4e114bda","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:ResponseOps","v9.0.0","Feature:Cases","backport:prev-minor","v8.16.0"],"title":"[ResponseOps][Cases] Fix case actions bug in serverless security","number":195281,"url":"https://github.com/elastic/kibana/pull/195281","mergeCommit":{"message":"[ResponseOps][Cases] Fix case actions bug in serverless security (#195281)\n\nFixes #186270\r\n\r\n## Summary\r\n\r\nThis PR ensures that cases created by the case action in stack\r\nmanagement rules in serverless security projects are assigned the\r\ncorrect owner.\r\n\r\n\r\n### How to test\r\n\r\n1. Add the following line to `serverless.yml` -\r\n`xpack.cloud.serverless.project_id: test-123`\r\n2. Start elastic search in serverless security mode - `yarn es\r\nserverless --projectType security`\r\n3. Start Kibana in serverless security mode - `yarn start\r\n--serverless=security`\r\n4. Go to stack and create a rule with the cases action.\r\n5. When an alert is triggered confirm you can view the case in `Security\r\n> Cases`\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"02cc5a83b860713bc61868b766deda2c4e114bda"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195281","number":195281,"mergeCommit":{"message":"[ResponseOps][Cases] Fix case actions bug in serverless security (#195281)\n\nFixes #186270\r\n\r\n## Summary\r\n\r\nThis PR ensures that cases created by the case action in stack\r\nmanagement rules in serverless security projects are assigned the\r\ncorrect owner.\r\n\r\n\r\n### How to test\r\n\r\n1. Add the following line to `serverless.yml` -\r\n`xpack.cloud.serverless.project_id: test-123`\r\n2. Start elastic search in serverless security mode - `yarn es\r\nserverless --projectType security`\r\n3. Start Kibana in serverless security mode - `yarn start\r\n--serverless=security`\r\n4. Go to stack and create a rule with the cases action.\r\n5. When an alert is triggered confirm you can view the case in `Security\r\n> Cases`\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"02cc5a83b860713bc61868b766deda2c4e114bda"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Antonio <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #186270
Summary
This PR ensures that cases created by the case action in stack management rules in serverless security projects are assigned the correct owner.
How to test
serverless.yml-xpack.cloud.serverless.project_id: test-123yarn es serverless --projectType securityyarn start --serverless=securitySecurity > Cases