Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Fleet] flag package policy SO to trigger agent policy bump #200536

Merged
merged 20 commits into from
Nov 25, 2024
Merged
Show file tree
Hide file tree
Changes from 16 commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
c46cff2
bump policy if SO different from full policy
juliaElastic Nov 18, 2024
0985863
move logic to async task
juliaElastic Nov 18, 2024
7cd7cf5
use new field bump_agent_policy_revision to trigger revision bump
juliaElastic Nov 18, 2024
33e2a37
[CI] Auto-commit changed files from 'node scripts/check_mappings_upda…
kibanamachine Nov 18, 2024
65eee0f
[CI] Auto-commit changed files from 'node scripts/jest_integration -u…
kibanamachine Nov 19, 2024
600590a
refactor
juliaElastic Nov 20, 2024
58c89a9
[CI] Auto-commit changed files from 'node scripts/capture_oas_snapsho…
kibanamachine Nov 20, 2024
409bbf7
[CI] Auto-commit changed files from 'node scripts/check_mappings_upda…
kibanamachine Nov 20, 2024
32dc285
fix test
juliaElastic Nov 20, 2024
92a2a62
add missing header to /enable_space_awareness doc
juliaElastic Nov 20, 2024
6704eb9
[CI] Auto-commit changed files from 'make api-docs'
kibanamachine Nov 20, 2024
3409529
[CI] Auto-commit changed files from 'node scripts/jest_integration -u…
kibanamachine Nov 20, 2024
2878cbd
bump agent policies in bulk
juliaElastic Nov 20, 2024
eeb2c54
fix test, updated create_agent_policies script to use spaces
juliaElastic Nov 20, 2024
9daf046
Merge branch 'main' into so-migration-deploy-policies
juliaElastic Nov 20, 2024
2681c7c
Merge branch 'main' into so-migration-deploy-policies
juliaElastic Nov 21, 2024
26e46d4
use isCancelled instead of cancelled
juliaElastic Nov 22, 2024
4ce6b39
Merge branch 'main' into so-migration-deploy-policies
juliaElastic Nov 22, 2024
d8c9711
fix test
juliaElastic Nov 22, 2024
e031878
Merge branch 'main' into so-migration-deploy-policies
juliaElastic Nov 25, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions oas_docs/bundle.json
Original file line number Diff line number Diff line change
Expand Up @@ -36623,6 +36623,7 @@
"type": "boolean"
},
"use_space_awareness_migration_started_at": {
"nullable": true,
"type": "string"
},
"use_space_awareness_migration_status": {
Expand Down Expand Up @@ -36824,6 +36825,7 @@
"type": "boolean"
},
"use_space_awareness_migration_started_at": {
"nullable": true,
"type": "string"
},
"use_space_awareness_migration_status": {
Expand Down
2 changes: 2 additions & 0 deletions oas_docs/bundle.serverless.json
Original file line number Diff line number Diff line change
Expand Up @@ -36623,6 +36623,7 @@
"type": "boolean"
},
"use_space_awareness_migration_started_at": {
"nullable": true,
"type": "string"
},
"use_space_awareness_migration_status": {
Expand Down Expand Up @@ -36824,6 +36825,7 @@
"type": "boolean"
},
"use_space_awareness_migration_started_at": {
"nullable": true,
"type": "string"
},
"use_space_awareness_migration_status": {
Expand Down
2 changes: 2 additions & 0 deletions oas_docs/output/kibana.serverless.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29843,6 +29843,7 @@ paths:
secret_storage_requirements_met:
type: boolean
use_space_awareness_migration_started_at:
nullable: true
type: string
use_space_awareness_migration_status:
enum:
Expand Down Expand Up @@ -29976,6 +29977,7 @@ paths:
secret_storage_requirements_met:
type: boolean
use_space_awareness_migration_started_at:
nullable: true
type: string
use_space_awareness_migration_status:
enum:
Expand Down
2 changes: 2 additions & 0 deletions oas_docs/output/kibana.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32607,6 +32607,7 @@ paths:
secret_storage_requirements_met:
type: boolean
use_space_awareness_migration_started_at:
nullable: true
type: string
use_space_awareness_migration_status:
enum:
Expand Down Expand Up @@ -32739,6 +32740,7 @@ paths:
secret_storage_requirements_met:
type: boolean
use_space_awareness_migration_started_at:
nullable: true
type: string
use_space_awareness_migration_status:
enum:
Expand Down
2 changes: 2 additions & 0 deletions packages/kbn-check-mappings-update-cli/current_fields.json
Original file line number Diff line number Diff line change
Expand Up @@ -511,6 +511,7 @@
],
"fleet-message-signing-keys": [],
"fleet-package-policies": [
"bump_agent_policy_revision",
"created_at",
"created_by",
"description",
Expand Down Expand Up @@ -692,6 +693,7 @@
"version"
],
"ingest-package-policies": [
"bump_agent_policy_revision",
"created_at",
"created_by",
"description",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1715,6 +1715,9 @@
},
"fleet-package-policies": {
"properties": {
"bump_agent_policy_revision": {
"type": "boolean"
},
"created_at": {
"type": "date"
},
Expand Down Expand Up @@ -2300,6 +2303,9 @@
},
"ingest-package-policies": {
"properties": {
"bump_agent_policy_revision": {
"type": "boolean"
},
"created_at": {
"type": "date"
},
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ describe('checking migration metadata changes on all registered SO types', () =>
"fleet-agent-policies": "f57d3b70e4175a19a18f18ee72a379ceec82e1fc",
"fleet-fleet-server-host": "69be15f6b6f2a2875ad3c7050ddea7a87f505417",
"fleet-message-signing-keys": "93421f43fed2526b59092a4e3c65d64bc2266c0f",
"fleet-package-policies": "2f4d524adb49a5281d3af0b66bb3003ba0ff2e44",
"fleet-package-policies": "8be2cabfed89e103e0d413f2900e9cf6cd31bc68",
"fleet-preconfiguration-deletion-record": "c52ea1e13c919afe8a5e8e3adbb7080980ecc08e",
"fleet-proxy": "6cb688f0d2dd856400c1dbc998b28704ff70363d",
"fleet-setup-lock": "0dc784792c79b5af5a6e6b5dcac06b0dbaa90bde",
Expand All @@ -124,7 +124,7 @@ describe('checking migration metadata changes on all registered SO types', () =>
"ingest-agent-policies": "5e95e539826a40ad08fd0c1d161da0a4d86ffc6d",
"ingest-download-sources": "279a68147e62e4d8858c09ad1cf03bd5551ce58d",
"ingest-outputs": "55988d5f778bbe0e76caa7e6468707a0a056bdd8",
"ingest-package-policies": "53a94064674835fdb35e5186233bcd7052eabd22",
"ingest-package-policies": "dfa7b1045a2667a822181f40f012786724492439",
"ingest_manager_settings": "111a616eb72627c002029c19feb9e6c439a10505",
"inventory-view": "b8683c8e352a286b4aca1ab21003115a4800af83",
"kql-telemetry": "93c1d16c1a0dfca9c8842062cf5ef8f62ae401ad",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugins/fleet/dev_docs/space_awareness.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ xpack.fleet.enableExperimental: ['useSpaceAwareness', 'subfeaturePrivileges']
After the feature flag is enabled you will have to do another step to opt-in for the feature, that call will migrate the current space agnostic saved objects to new space aware saved objects.

```shell
curl -u elastic:changeme -XPOST "http://localhost:5601/internal/fleet/enable_space_awareness" -H "kbn-xsrf: reporting" -H 'elastic-api-version: 1'
curl -u elastic:changeme -XPOST "http://localhost:5601/internal/fleet/enable_space_awareness" -H "kbn-xsrf: reporting" -H 'elastic-api-version: 1' -H 'x-elastic-internal-origin: 1'
```

## Space aware entities in Fleet
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,7 @@ import { ToolingLog } from '@kbn/tooling-log';
import yargs from 'yargs';
import { chunk } from 'lodash';

import { LEGACY_PACKAGE_POLICY_SAVED_OBJECT_TYPE } from '../../common/constants';
import { LEGACY_AGENT_POLICY_SAVED_OBJECT_TYPE } from '../../common';
import { AGENT_POLICY_SAVED_OBJECT_TYPE } from '../../common/constants';

import { packagePolicyFixture } from './fixtures';

Expand All @@ -30,20 +29,18 @@ const printUsage = () =>

const INDEX_BULK_OP = '{ "index":{ "_id": "{{id}}" } }\n';

const space = 'default';
function getPolicyId(idx: number | string) {
return `test-policy-${idx}`;
return `test-policy-${space}-${idx}`;
}

async function createAgentPoliciesDocsBulk(range: number[]) {
const auth = 'Basic ' + Buffer.from(ES_SUPERUSER + ':' + ES_PASSWORD).toString('base64');
const body = range
.flatMap((idx) => [
INDEX_BULK_OP.replace(
/{{id}}/,
`${LEGACY_AGENT_POLICY_SAVED_OBJECT_TYPE}:${getPolicyId(idx)}`
),
INDEX_BULK_OP.replace(/{{id}}/, `${AGENT_POLICY_SAVED_OBJECT_TYPE}:${getPolicyId(idx)}`),
JSON.stringify({
[LEGACY_AGENT_POLICY_SAVED_OBJECT_TYPE]: {
[AGENT_POLICY_SAVED_OBJECT_TYPE]: {
namespace: 'default',
monitoring_enabled: ['logs', 'metrics', 'traces'],
name: `Test Policy ${idx}`,
Expand All @@ -60,11 +57,11 @@ async function createAgentPoliciesDocsBulk(range: number[]) {
schema_version: '1.1.1',
is_protected: false,
},
type: LEGACY_AGENT_POLICY_SAVED_OBJECT_TYPE,
namespaces: [space],
type: AGENT_POLICY_SAVED_OBJECT_TYPE,
references: [],
managed: false,
coreMigrationVersion: '8.8.0',
typeMigrationVersion: '10.3.0',
created_at: new Date().toISOString(),
updated_at: new Date().toISOString(),
}) + '\n',
Expand All @@ -81,7 +78,7 @@ async function createAgentPoliciesDocsBulk(range: number[]) {
const data = await res.json();

if (!data.items) {
logger.error('Error creating agent policies docs: ' + JSON.stringify(data));
logger.error('Error creating agent policy docs: ' + JSON.stringify(data));
process.exit(1);
}
return data;
Expand All @@ -91,14 +88,14 @@ async function createEnrollmentToken(range: number[]) {
const auth = 'Basic ' + Buffer.from(ES_SUPERUSER + ':' + ES_PASSWORD).toString('base64');
const body = range
.flatMap((idx) => [
INDEX_BULK_OP.replace(/{{id}}/, `test-enrollment-token-${idx}`),
INDEX_BULK_OP.replace(/{{id}}/, `test-enrollment-token-${space}-${idx}`),
JSON.stringify({
active: true,
api_key_id: 'faketest123',
api_key: 'test==',
name: `Test Policy ${idx}`,
policy_id: `${getPolicyId(idx)}`,
namespaces: [],
namespaces: [space],
created_at: new Date().toISOString(),
}) + '\n',
])
Expand All @@ -115,7 +112,7 @@ async function createEnrollmentToken(range: number[]) {
const data = await res.json();

if (!data.items) {
logger.error('Error creating agent policies docs: ' + JSON.stringify(data));
logger.error('Error creating enrollment key docs: ' + JSON.stringify(data));
process.exit(1);
}
return data;
Expand All @@ -125,14 +122,12 @@ async function createPackagePolicies(range: number[]) {
const auth = 'Basic ' + Buffer.from(ES_SUPERUSER + ':' + ES_PASSWORD).toString('base64');
const body = range
.flatMap((idx) => [
INDEX_BULK_OP.replace(
/{{id}}/,
`${LEGACY_PACKAGE_POLICY_SAVED_OBJECT_TYPE}:test-policy-${idx}`
),
INDEX_BULK_OP.replace(/{{id}}/, `fleet-package-policies:test-policy-${space}-${idx}`),
JSON.stringify(
packagePolicyFixture({
idx,
agentPolicyId: getPolicyId(idx),
space,
})
) + '\n',
])
Expand All @@ -150,7 +145,7 @@ async function createPackagePolicies(range: number[]) {
const data = await res.json();

if (!data.items) {
logger.error('Error creating agent policies docs: ' + JSON.stringify(data));
logger.error('Error creating package policy docs: ' + JSON.stringify(data));
process.exit(1);
}
return data;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,13 @@
export const packagePolicyFixture = ({
agentPolicyId,
idx,
space,
}: {
idx: number;
agentPolicyId: string;
space: string;
}) => ({
'ingest-package-policies': {
'fleet-package-policies': {
name: `system-test-${idx}`,
namespace: '',
description: '',
Expand Down Expand Up @@ -790,11 +792,12 @@ export const packagePolicyFixture = ({
updated_at: '2024-08-30T13:45:51.197Z',
updated_by: 'system',
},
type: 'ingest-package-policies',
namespaces: [space],
type: 'fleet-package-policies',
references: [],
managed: false,
coreMigrationVersion: '8.8.0',
typeMigrationVersion: '10.14.0',
typeMigrationVersion: '10.1.0',
updated_at: '2024-08-30T13:45:51.197Z',
created_at: '2024-08-30T13:45:51.197Z',
});
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,6 @@ require('./create_agent_policies').run();
Usage:

cd x-pack/plugins/fleet
node scripts/create_agents/index.js
node scripts/create_agent_policies/index.js

*/
2 changes: 2 additions & 0 deletions x-pack/plugins/fleet/server/plugin.ts
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,7 @@ import { registerFieldsMetadataExtractors } from './services/register_fields_met
import { registerUpgradeManagedPackagePoliciesTask } from './services/setup/managed_package_policies';
import { registerDeployAgentPoliciesTask } from './services/agent_policies/deploy_agent_policies_task';
import { DeleteUnenrolledAgentsTask } from './tasks/delete_unenrolled_agents_task';
import { registerBumpAgentPoliciesTask } from './services/agent_policies/bump_agent_policies_task';

export interface FleetSetupDeps {
security: SecurityPluginSetup;
Expand Down Expand Up @@ -619,6 +620,7 @@ export class FleetPlugin
// Register task
registerUpgradeManagedPackagePoliciesTask(deps.taskManager);
registerDeployAgentPoliciesTask(deps.taskManager);
registerBumpAgentPoliciesTask(deps.taskManager);

this.bulkActionsResolver = new BulkActionsResolver(deps.taskManager, core);
this.checkDeletedFilesTask = new CheckDeletedFilesTask({
Expand Down
24 changes: 24 additions & 0 deletions x-pack/plugins/fleet/server/saved_objects/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -619,6 +619,7 @@ export const getSavedObjectTypes = (
updated_by: { type: 'keyword' },
created_at: { type: 'date' },
created_by: { type: 'keyword' },
bump_agent_policy_revision: { type: 'boolean' },
},
},
modelVersions: {
Expand Down Expand Up @@ -763,6 +764,16 @@ export const getSavedObjectTypes = (
},
],
},
'15': {
changes: [
{
type: 'mappings_addition',
addedMappings: {
bump_agent_policy_revision: { type: 'boolean' },
},
},
],
},
},
migrations: {
'7.10.0': migratePackagePolicyToV7100,
Expand Down Expand Up @@ -823,6 +834,19 @@ export const getSavedObjectTypes = (
updated_by: { type: 'keyword' },
created_at: { type: 'date' },
created_by: { type: 'keyword' },
bump_agent_policy_revision: { type: 'boolean' },
},
},
modelVersions: {
'1': {
changes: [
{
type: 'mappings_addition',
addedMappings: {
bump_agent_policy_revision: { type: 'boolean' },
},
},
],
},
},
},
Expand Down
Loading