Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[8.x] [EDR Workflows] Deprecate public metadata/transforms api endpoint in favour of an internal one (#194829) #195565

Merged
merged 1 commit into from
Oct 9, 2024
Merged

[8.x] [EDR Workflows] Deprecate public metadata/transforms api endpoint in favour of an internal one (#194829) #195565

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions oas_docs/output/kibana.serverless.staging.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8053,6 +8053,7 @@ paths:
- Security Endpoint Management API
/api/endpoint/metadata/transforms:
get:
deprecated: true
operationId: GetEndpointMetadataTransform
responses:
'200':
Expand Down
1 change: 1 addition & 0 deletions oas_docs/output/kibana.serverless.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8053,6 +8053,7 @@ paths:
- Security Endpoint Management API
/api/endpoint/metadata/transforms:
get:
deprecated: true
operationId: GetEndpointMetadataTransform
responses:
'200':
Expand Down
1 change: 1 addition & 0 deletions oas_docs/output/kibana.staging.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11424,6 +11424,7 @@ paths:
- Security Endpoint Management API
/api/endpoint/metadata/transforms:
get:
deprecated: true
operationId: GetEndpointMetadataTransform
responses:
'200':
Expand Down
1 change: 1 addition & 0 deletions oas_docs/output/kibana.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11424,6 +11424,7 @@ paths:
- Security Endpoint Management API
/api/endpoint/metadata/transforms:
get:
deprecated: true
operationId: GetEndpointMetadataTransform
responses:
'200':
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/security_solution/common/api/endpoint/metadata/get_metadata.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ paths:

/api/endpoint/metadata/transforms:
get:
deprecated: true
summary: Get metadata transforms
operationId: GetEndpointMetadataTransform
x-codegen-enabled: false
Expand Down
4 changes: 4 additions & 0 deletions x-pack/plugins/security_solution/common/endpoint/constants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,8 +65,12 @@ export const BASE_INTERNAL_ENDPOINT_ROUTE = `/internal${BASE_ENDPOINT_ROUTE}`;
// Endpoint API routes
export const HOST_METADATA_LIST_ROUTE = `${BASE_ENDPOINT_ROUTE}/metadata`;
export const HOST_METADATA_GET_ROUTE = `${HOST_METADATA_LIST_ROUTE}/{id}`;

/** @deprecated public route, use {@link METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE} internal route */
export const METADATA_TRANSFORMS_STATUS_ROUTE = `${BASE_ENDPOINT_ROUTE}/metadata/transforms`;

export const METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE = `${BASE_INTERNAL_ENDPOINT_ROUTE}/metadata/transforms`;

export const BASE_POLICY_RESPONSE_ROUTE = `${BASE_ENDPOINT_ROUTE}/policy_response`;
export const BASE_POLICY_ROUTE = `${BASE_ENDPOINT_ROUTE}/policy`;
export const AGENT_POLICY_SUMMARY_ROUTE = `${BASE_POLICY_ROUTE}/summaries`;
Expand Down
1 change: 1 addition & 0 deletions ...docs/openapi/ess/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -438,6 +438,7 @@ paths:
- Security Endpoint Management API
/api/endpoint/metadata/transforms:
get:
deprecated: true
operationId: GetEndpointMetadataTransform
responses:
'200':
Expand Down
1 change: 1 addition & 0 deletions ...enapi/serverless/security_solution_endpoint_management_api_2023_10_31.bundled.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -388,6 +388,7 @@ paths:
- Security Endpoint Management API
/api/endpoint/metadata/transforms:
get:
deprecated: true
operationId: GetEndpointMetadataTransform
responses:
'200':
Expand Down
4 changes: 2 additions & 2 deletions x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/mocks.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ import {
BASE_POLICY_RESPONSE_ROUTE,
HOST_METADATA_GET_ROUTE,
HOST_METADATA_LIST_ROUTE,
METADATA_TRANSFORMS_STATUS_ROUTE,
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
} from '../../../../common/endpoint/constants';
import type { PendingActionsHttpMockInterface } from '../../../common/lib/endpoint/endpoint_pending_actions/mocks';
import { pendingActionsHttpMock } from '../../../common/lib/endpoint/endpoint_pending_actions/mocks';
Expand Down Expand Up @@ -120,7 +120,7 @@ export const failedTransformStateMock = {
export const transformsHttpMocks = httpHandlerMockFactory<TransformHttpMocksInterface>([
{
id: 'metadataTransformStats',
path: METADATA_TRANSFORMS_STATUS_ROUTE,
path: METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
method: 'get',
handler: () => failedTransformStateMock,
},
Expand Down
6 changes: 3 additions & 3 deletions x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ import type {
import {
ENDPOINT_FIELDS_SEARCH_STRATEGY,
HOST_METADATA_LIST_ROUTE,
METADATA_TRANSFORMS_STATUS_ROUTE,
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
METADATA_UNITED_INDEX,
metadataCurrentIndexPattern,
} from '../../../../../common/endpoint/constants';
Expand Down Expand Up @@ -421,8 +421,8 @@ export async function handleLoadMetadataTransformStats(http: HttpStart, store: E

try {
const transformStatsResponse: TransformStatsResponse = await http.get(
METADATA_TRANSFORMS_STATUS_ROUTE,
{ version: '2023-10-31' }
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
{ version: '1' }
);

dispatch({
Expand Down
4 changes: 2 additions & 2 deletions ...curity_solution/public/management/pages/endpoint_hosts/store/mock_endpoint_result_list.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ import {
ENDPOINT_DEFAULT_SORT_DIRECTION,
ENDPOINT_DEFAULT_SORT_FIELD,
HOST_METADATA_LIST_ROUTE,
METADATA_TRANSFORMS_STATUS_ROUTE,
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
} from '../../../../../common/endpoint/constants';
import type { TransformStats, TransformStatsResponse } from '../types';

Expand Down Expand Up @@ -178,7 +178,7 @@ const endpointListApiPathHandlerMocks = ({
return pendingActionsResponseMock();
},

[METADATA_TRANSFORMS_STATUS_ROUTE]: (): TransformStatsResponse => ({
[METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE]: (): TransformStatsResponse => ({
count: transforms.length,
transforms,
}),
Expand Down
20 changes: 20 additions & 0 deletions x-pack/plugins/security_solution/server/endpoint/routes/metadata/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import type { SecuritySolutionPluginRouter } from '../../../types';
import {
HOST_METADATA_GET_ROUTE,
HOST_METADATA_LIST_ROUTE,
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
METADATA_TRANSFORMS_STATUS_ROUTE,
} from '../../../../common/endpoint/constants';
import { withEndpointAuthz } from '../with_endpoint_authz';
Expand Down Expand Up @@ -94,6 +95,7 @@ export function registerEndpointRoutes(
access: 'public',
path: METADATA_TRANSFORMS_STATUS_ROUTE,
options: { authRequired: true, tags: ['access:securitySolution'] },
deprecated: true,
})
.addVersion(
{
Expand All @@ -106,4 +108,22 @@ export function registerEndpointRoutes(
getMetadataTransformStatsHandler(endpointAppContext, logger)
)
);

router.versioned
.get({
access: 'internal',
path: METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
options: { authRequired: true, tags: ['access:securitySolution'] },
})
.addVersion(
{
version: '1',
validate: false,
},
withEndpointAuthz(
{ all: ['canReadSecuritySolution'] },
logger,
getMetadataTransformStatsHandler(endpointAppContext, logger)
)
);
}
10 changes: 5 additions & 5 deletions x-pack/plugins/security_solution/server/endpoint/routes/metadata/metadata.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ import {
ENDPOINT_DEFAULT_SORT_FIELD,
HOST_METADATA_GET_ROUTE,
HOST_METADATA_LIST_ROUTE,
METADATA_TRANSFORMS_STATUS_ROUTE,
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
METADATA_UNITED_INDEX,
} from '../../../../common/endpoint/constants';
import { TRANSFORM_STATES } from '../../../../common/constants';
Expand Down Expand Up @@ -506,8 +506,8 @@ describe('test endpoint routes', () => {
({ routeConfig, routeHandler } = getRegisteredVersionedRouteMock(
routerMock,
'get',
METADATA_TRANSFORMS_STATUS_ROUTE,
'2023-10-31'
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
'1'
));

const contextOverrides = {
Expand Down Expand Up @@ -539,8 +539,8 @@ describe('test endpoint routes', () => {
({ routeConfig, routeHandler } = getRegisteredVersionedRouteMock(
routerMock,
'get',
METADATA_TRANSFORMS_STATUS_ROUTE,
'2023-10-31'
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
'1'
));
await routeHandler(
createRouteHandlerContext(mockScopedClient, mockSavedObjectClient),
Expand Down
26 changes: 24 additions & 2 deletions ...on/test_suites/edr_workflows/authentication/trial_license_complete_tier/endpoint_authz.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ import {
HOST_METADATA_LIST_ROUTE,
ISOLATE_HOST_ROUTE_V2,
KILL_PROCESS_ROUTE,
METADATA_TRANSFORMS_STATUS_ROUTE,
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
SUSPEND_PROCESS_ROUTE,
UNISOLATE_HOST_ROUTE_V2,
} from '@kbn/security-solution-plugin/common/endpoint/constants';
Expand All @@ -31,6 +31,7 @@ import { ROLE } from '../../../../config/services/security_solution_edr_workflow
export default function ({ getService }: FtrProviderContext) {
const endpointTestResources = getService('endpointTestResources');
const utils = getService('securitySolutionUtils');
const samlAuth = getService('samlAuth');

interface ApiCallsInterface {
method: keyof Pick<TestAgent, 'post' | 'get'>;
Expand Down Expand Up @@ -70,7 +71,8 @@ export default function ({ getService }: FtrProviderContext) {
},
{
method: 'get',
path: METADATA_TRANSFORMS_STATUS_ROUTE,
path: METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
version: '1',
body: undefined,
},
{
Expand Down Expand Up @@ -210,6 +212,11 @@ export default function ({ getService }: FtrProviderContext) {
}]`, async () => {
await t1AnalystSupertest[apiListItem.method](replacePathIds(apiListItem.path))
.set('kbn-xsrf', 'xxx')
.set(
apiListItem.version ? 'Elastic-Api-Version' : 'foo',
apiListItem.version || '2023-10-31'
)
.set(samlAuth.getInternalRequestHeader())
.send(getBodyPayload(apiListItem))
.expect(200);
});
Expand Down Expand Up @@ -246,6 +253,11 @@ export default function ({ getService }: FtrProviderContext) {
}]`, async () => {
await platformEnginnerSupertest[apiListItem.method](replacePathIds(apiListItem.path))
.set('kbn-xsrf', 'xxx')
.set(
apiListItem.version ? 'Elastic-Api-Version' : 'foo',
apiListItem.version || '2023-10-31'
)
.set(samlAuth.getInternalRequestHeader())
.send(getBodyPayload(apiListItem))
.expect(200);
});
Expand Down Expand Up @@ -283,6 +295,11 @@ export default function ({ getService }: FtrProviderContext) {
await endpointOperationsAnalystSupertest[apiListItem.method](
replacePathIds(apiListItem.path)
)
.set(
apiListItem.version ? 'Elastic-Api-Version' : 'foo',
apiListItem.version || '2023-10-31'
)
.set(samlAuth.getInternalRequestHeader())
.set('kbn-xsrf', 'xxx')
.send(getBodyPayload(apiListItem))
.expect(200);
Expand All @@ -304,6 +321,11 @@ export default function ({ getService }: FtrProviderContext) {
}]`, async () => {
await adminSupertest[apiListItem.method](replacePathIds(apiListItem.path))
.set('kbn-xsrf', 'xxx')
.set(
apiListItem.version ? 'Elastic-Api-Version' : 'foo',
apiListItem.version || '2023-10-31'
)
.set(samlAuth.getInternalRequestHeader())
.send(getBodyPayload(apiListItem))
.expect(200);
});
Expand Down
14 changes: 7 additions & 7 deletions ...pi_integration/test_suites/edr_workflows/metadata/trial_license_complete_tier/metadata.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,12 @@ import {
ENDPOINT_DEFAULT_SORT_FIELD,
HOST_METADATA_LIST_ROUTE,
METADATA_DATASTREAM,
METADATA_TRANSFORMS_STATUS_ROUTE,
METADATA_UNITED_INDEX,
METADATA_UNITED_TRANSFORM,
METADATA_UNITED_TRANSFORM_V2,
metadataTransformPrefix,
METADATA_CURRENT_TRANSFORM_V2,
METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE,
} from '@kbn/security-solution-plugin/common/endpoint/constants';
import { AGENTS_INDEX } from '@kbn/fleet-plugin/common';
import { indexFleetEndpointPolicy } from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_fleet_endpoint_policy';
Expand Down Expand Up @@ -426,9 +426,9 @@ export default function ({ getService }: FtrProviderContext) {
const ca = config.get('servers.kibana').certificateAuthorities;

await t1AnalystSupertest
.get(METADATA_TRANSFORMS_STATUS_ROUTE)
.get(METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE)
.set('kbn-xsrf', 'xxx')
.set('Elastic-Api-Version', '2023-10-31')
.set('Elastic-Api-Version', '1')
.ca(ca)
.expect(401);
});
Expand All @@ -438,9 +438,9 @@ export default function ({ getService }: FtrProviderContext) {
await endpointDataStreamHelpers.stopTransform(getService, `${unitedTransformName}*`);

const { body } = await adminSupertest
.get(METADATA_TRANSFORMS_STATUS_ROUTE)
.get(METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE)
.set('kbn-xsrf', 'xxx')
.set('Elastic-Api-Version', '2023-10-31')
.set('Elastic-Api-Version', '1')
.expect(200);

const transforms = (body.transforms as TransformGetTransformStatsTransformStats[]).filter(
Expand All @@ -466,9 +466,9 @@ export default function ({ getService }: FtrProviderContext) {

it('correctly returns started transform stats', async () => {
const { body } = await adminSupertest
.get(METADATA_TRANSFORMS_STATUS_ROUTE)
.get(METADATA_TRANSFORMS_STATUS_INTERNAL_ROUTE)
.set('kbn-xsrf', 'xxx')
.set('Elastic-Api-Version', '2023-10-31')
.set('Elastic-Api-Version', '1')
.expect(200);

const transforms = (body.transforms as TransformGetTransformStatsTransformStats[]).filter(
Expand Down