[Alerts] Replaces legacy es client with the ElasticsearchClient for a…

…lerts and triggers_actions_ui plugins. (#93364)

* [Alerts] Replaces legasy es client with the ElasticsearchClient

* fixed build

* fixed build

* fixed ci build

* fixed ci build

* fixed infra callCLuster

* fixed infra callCLuster

* fixed infra callCLuster

* fixed ci build

* fixed ci build

* fixed ci build

* fixed infra tests

* fixed security tests

* fixed security tests

* fixed security tests

* fixed tests

* fixed monitoring unit tests

* fixed monitoring unit tests

* fixed type checks

* fixed type checks

* fixed type checks

* migrated lists plugin

* fixed type checks

* fixed tests

* fixed security tests

* fixed type checks

* fixed tests

* fixed type checks

* fixed tests

* fixed tests

* fixed tests

* fixed due to comments

* fixed tests

* fixed comment

* fixed tests

* fixed tests

* fixed searh

* fixed searh

* fixed test

* fixed due to comment

* fixed detections failing test and replaces scopedClusterClient exposure with IScopedClusterClient instead of ElasticsearchClient asCurrentUser

* fixed test

* fixed test

* fixed test

* fixed typecheck

* fixed typecheck

* fixed typecheck

* fixed merge

x-pack/plugins/alerting/README.md

@@ -116,9 +116,8 @@ This is the primary function for an alert type. Whenever the alert needs to exec
 
 |Property|Description|
 |---|---|
-|services.callCluster(path, opts)|Use this to do Elasticsearch queries on the cluster Kibana connects to. This function is the same as any other `callCluster` in Kibana but in the context of the user who created the alert when security is enabled.|
+|services.scopedClusterClient|This is an instance of the Elasticsearch client. Use this to do Elasticsearch queries in the context of the user who created the alert when security is enabled.|
 |services.savedObjectsClient|This is an instance of the saved objects client. This provides the ability to do CRUD on any saved objects within the same space the alert lives in.<br><br>The scope of the saved objects client is tied to the user who created the alert (only when security isenabled).|
-|services.getLegacyScopedClusterClient|This function returns an instance of the LegacyScopedClusterClient scoped to the user who created the alert when security is enabled.|
 |services.alertInstanceFactory(id)|This [alert instance factory](#alert-instance-factory) creates instances of alerts and must be used in order to execute actions. The id you give to the alert instance factory is a unique identifier to the alert instance.|
 |services.log(tags, [data], [timestamp])|Use this to create server logs. (This is the same function as server.log)|
 |startedAt|The date and time the alert type started execution.|

x-pack/plugins/alerting/server/mocks.ts

@@ -70,10 +70,8 @@ const createAlertServicesMock = <
     alertInstanceFactory: jest
       .fn<jest.Mocked<AlertInstance<InstanceState, InstanceContext>>, [string]>()
       .mockReturnValue(alertInstanceFactoryMock),
-    callCluster: elasticsearchServiceMock.createLegacyScopedClusterClient().callAsCurrentUser,
-    getLegacyScopedClusterClient: jest.fn(),
     savedObjectsClient: savedObjectsClientMock.create(),
-    scopedClusterClient: elasticsearchServiceMock.createScopedClusterClient().asCurrentUser,
+    scopedClusterClient: elasticsearchServiceMock.createScopedClusterClient(),
   };
 };
 export type AlertServicesMock = ReturnType<typeof createAlertServicesMock>;

x-pack/plugins/alerting/server/plugin.ts

@@ -31,7 +31,6 @@ import {
   SavedObjectsServiceStart,
   IContextProvider,
   ElasticsearchServiceStart,
-  ILegacyClusterClient,
   StatusServiceSetup,
   ServiceStatus,
   SavedObjectsBulkGetObject,
@@ -420,12 +419,8 @@ export class AlertingPlugin {
     elasticsearch: ElasticsearchServiceStart
   ): (request: KibanaRequest) => Services {
     return (request) => ({
-      callCluster: elasticsearch.legacy.client.asScoped(request).callAsCurrentUser,
       savedObjectsClient: this.getScopedClientWithAlertSavedObjectType(savedObjects, request),
-      scopedClusterClient: elasticsearch.client.asScoped(request).asCurrentUser,
-      getLegacyScopedClusterClient(clusterClient: ILegacyClusterClient) {
-        return clusterClient.asScoped(request);
-      },
+      scopedClusterClient: elasticsearch.client.asScoped(request),
     });
   }
 

x-pack/plugins/alerting/server/routes/_mock_handler_arguments.ts

@@ -5,9 +5,11 @@
  * 2.0.
  */
 
-import { KibanaRequest, KibanaResponseFactory, ILegacyClusterClient } from 'kibana/server';
+import { KibanaRequest, KibanaResponseFactory } from 'kibana/server';
 import { identity } from 'lodash';
 import type { MethodKeysOf } from '@kbn/utility-types';
+// eslint-disable-next-line @kbn/eslint/no-restricted-paths
+import { ScopedClusterClientMock } from '../../../../../src/core/server/elasticsearch/client/mocks';
 import { httpServerMock } from '../../../../../src/core/server/mocks';
 import { alertsClientMock, AlertsClientMock } from '../alerts_client.mock';
 import { AlertsHealth, AlertType } from '../../common';
@@ -18,12 +20,12 @@ export function mockHandlerArguments(
   {
     alertsClient = alertsClientMock.create(),
     listTypes: listTypesRes = [],
-    esClient = elasticsearchServiceMock.createLegacyClusterClient(),
+    esClient = elasticsearchServiceMock.createScopedClusterClient(),
     getFrameworkHealth,
   }: {
     alertsClient?: AlertsClientMock;
     listTypes?: AlertType[];
-    esClient?: jest.Mocked<ILegacyClusterClient>;
+    esClient?: jest.Mocked<ScopedClusterClientMock>;
     getFrameworkHealth?: jest.MockInstance<Promise<AlertsHealth>, []> &
       (() => Promise<AlertsHealth>);
   },
@@ -37,7 +39,7 @@ export function mockHandlerArguments(
   const listTypes = jest.fn(() => listTypesRes);
   return [
     ({
-      core: { elasticsearch: { legacy: { client: esClient } } },
+      core: { elasticsearch: { client: esClient } },
       alerting: {
         listTypes,
         getAlertsClient() {

x-pack/plugins/alerting/server/routes/health.test.ts

@@ -15,6 +15,8 @@ import { encryptedSavedObjectsMock } from '../../../encrypted_saved_objects/serv
 import { alertsClientMock } from '../alerts_client.mock';
 import { HealthStatus } from '../types';
 import { alertsMock } from '../mocks';
+// eslint-disable-next-line @kbn/eslint/no-restricted-paths
+import { elasticsearchClientMock } from '../../../../../src/core/server/elasticsearch/client/mocks';
 const alertsClient = alertsClientMock.create();
 
 jest.mock('../lib/license_api_access.ts', () => ({
@@ -63,18 +65,19 @@ describe('healthRoute', () => {
     healthRoute(router, licenseState, encryptedSavedObjects);
     const [, handler] = router.get.mock.calls[0];
 
-    const esClient = elasticsearchServiceMock.createLegacyClusterClient();
-    esClient.callAsInternalUser.mockReturnValue(Promise.resolve({}));
+    const esClient = elasticsearchServiceMock.createScopedClusterClient();
+    esClient.asInternalUser.transport.request.mockReturnValue(
+      elasticsearchClientMock.createSuccessTransportRequestPromise({})
+    );
 
     const [context, req, res] = mockHandlerArguments({ esClient, alertsClient }, {}, ['ok']);
 
     await handler(context, req, res);
 
     expect(verifyApiAccess).toHaveBeenCalledWith(licenseState);
 
-    expect(esClient.callAsInternalUser.mock.calls[0]).toMatchInlineSnapshot(`
+    expect(esClient.asInternalUser.transport.request.mock.calls[0]).toMatchInlineSnapshot(`
       Array [
-        "transport.request",
         Object {
           "method": "GET",
           "path": "/_xpack/usage",
@@ -91,8 +94,10 @@ describe('healthRoute', () => {
     healthRoute(router, licenseState, encryptedSavedObjects);
     const [, handler] = router.get.mock.calls[0];
 
-    const esClient = elasticsearchServiceMock.createLegacyClusterClient();
-    esClient.callAsInternalUser.mockReturnValue(Promise.resolve({}));
+    const esClient = elasticsearchServiceMock.createScopedClusterClient();
+    esClient.asInternalUser.transport.request.mockReturnValue(
+      elasticsearchClientMock.createSuccessTransportRequestPromise({})
+    );
 
     const [context, req, res] = mockHandlerArguments(
       { esClient, alertsClient, getFrameworkHealth: alerting.getFrameworkHealth },
@@ -130,8 +135,10 @@ describe('healthRoute', () => {
     healthRoute(router, licenseState, encryptedSavedObjects);
     const [, handler] = router.get.mock.calls[0];
 
-    const esClient = elasticsearchServiceMock.createLegacyClusterClient();
-    esClient.callAsInternalUser.mockReturnValue(Promise.resolve({}));
+    const esClient = elasticsearchServiceMock.createScopedClusterClient();
+    esClient.asInternalUser.transport.request.mockReturnValue(
+      elasticsearchClientMock.createSuccessTransportRequestPromise({})
+    );
 
     const [context, req, res] = mockHandlerArguments(
       { esClient, alertsClient, getFrameworkHealth: alerting.getFrameworkHealth },
@@ -169,8 +176,10 @@ describe('healthRoute', () => {
     healthRoute(router, licenseState, encryptedSavedObjects);
     const [, handler] = router.get.mock.calls[0];
 
-    const esClient = elasticsearchServiceMock.createLegacyClusterClient();
-    esClient.callAsInternalUser.mockReturnValue(Promise.resolve({ security: {} }));
+    const esClient = elasticsearchServiceMock.createScopedClusterClient();
+    esClient.asInternalUser.transport.request.mockReturnValue(
+      elasticsearchClientMock.createSuccessTransportRequestPromise({ security: {} })
+    );
 
     const [context, req, res] = mockHandlerArguments(
       { esClient, alertsClient, getFrameworkHealth: alerting.getFrameworkHealth },
@@ -208,8 +217,10 @@ describe('healthRoute', () => {
     healthRoute(router, licenseState, encryptedSavedObjects);
     const [, handler] = router.get.mock.calls[0];
 
-    const esClient = elasticsearchServiceMock.createLegacyClusterClient();
-    esClient.callAsInternalUser.mockReturnValue(Promise.resolve({ security: { enabled: true } }));
+    const esClient = elasticsearchServiceMock.createScopedClusterClient();
+    esClient.asInternalUser.transport.request.mockReturnValue(
+      elasticsearchClientMock.createSuccessTransportRequestPromise({ security: { enabled: true } })
+    );
 
     const [context, req, res] = mockHandlerArguments(
       { esClient, alertsClient, getFrameworkHealth: alerting.getFrameworkHealth },
@@ -247,9 +258,11 @@ describe('healthRoute', () => {
     healthRoute(router, licenseState, encryptedSavedObjects);
     const [, handler] = router.get.mock.calls[0];
 
-    const esClient = elasticsearchServiceMock.createLegacyClusterClient();
-    esClient.callAsInternalUser.mockReturnValue(
-      Promise.resolve({ security: { enabled: true, ssl: {} } })
+    const esClient = elasticsearchServiceMock.createScopedClusterClient();
+    esClient.asInternalUser.transport.request.mockReturnValue(
+      elasticsearchClientMock.createSuccessTransportRequestPromise({
+        security: { enabled: true, ssl: {} },
+      })
     );
 
     const [context, req, res] = mockHandlerArguments(
@@ -288,9 +301,11 @@ describe('healthRoute', () => {
     healthRoute(router, licenseState, encryptedSavedObjects);
     const [, handler] = router.get.mock.calls[0];
 
-    const esClient = elasticsearchServiceMock.createLegacyClusterClient();
-    esClient.callAsInternalUser.mockReturnValue(
-      Promise.resolve({ security: { enabled: true, ssl: { http: { enabled: true } } } })
+    const esClient = elasticsearchServiceMock.createScopedClusterClient();
+    esClient.asInternalUser.transport.request.mockReturnValue(
+      elasticsearchClientMock.createSuccessTransportRequestPromise({
+        security: { enabled: true, ssl: { http: { enabled: true } } },
+      })
     );
 
     const [context, req, res] = mockHandlerArguments(

x-pack/plugins/alerting/server/routes/health.ts

@@ -5,6 +5,7 @@
  * 2.0.
  */
 
+import { ApiResponse } from '@elastic/elasticsearch';
 import type { AlertingRouter } from '../types';
 import { ILicenseState } from '../lib/license_state';
 import { verifyApiAccess } from '../lib/license_api_access';
@@ -39,14 +40,14 @@ export function healthRoute(
       }
       try {
         const {
-          security: {
-            enabled: isSecurityEnabled = false,
-            ssl: { http: { enabled: isTLSEnabled = false } = {} } = {},
-          } = {},
-        }: XPackUsageSecurity = await context.core.elasticsearch.legacy.client
-          // `transport.request` is potentially unsafe when combined with untrusted user input.
-          // Do not augment with such input.
-          .callAsInternalUser('transport.request', {
+          body: {
+            security: {
+              enabled: isSecurityEnabled = false,
+              ssl: { http: { enabled: isTLSEnabled = false } = {} } = {},
+            } = {},
+          },
+        }: ApiResponse<XPackUsageSecurity> = await context.core.elasticsearch.client.asInternalUser.transport // Do not augment with such input. // `transport.request` is potentially unsafe when combined with untrusted user input.
+          .request({
             method: 'GET',
             path: '/_xpack/usage',
           });

x-pack/plugins/alerting/server/task_runner/task_runner.test.ts

@@ -206,7 +206,7 @@ describe('Task Runner', () => {
     expect(call.createdBy).toBe('alert-creator');
     expect(call.updatedBy).toBe('alert-updater');
     expect(call.services.alertInstanceFactory).toBeTruthy();
-    expect(call.services.callCluster).toBeTruthy();
+    expect(call.services.scopedClusterClient).toBeTruthy();
     expect(call.services).toBeTruthy();
 
     const logger = taskRunnerFactoryInitializerParams.logger;

x-pack/plugins/alerting/server/types.ts

@@ -13,9 +13,7 @@ import { PluginSetupContract, PluginStartContract } from './plugin';
 import { AlertsClient } from './alerts_client';
 export * from '../common';
 import {
-  ElasticsearchClient,
-  ILegacyClusterClient,
-  ILegacyScopedClusterClient,
+  IScopedClusterClient,
   KibanaRequest,
   SavedObjectAttributes,
   SavedObjectsClientContract,
@@ -63,13 +61,8 @@ export interface AlertingRequestHandlerContext extends RequestHandlerContext {
 export type AlertingRouter = IRouter<AlertingRequestHandlerContext>;
 
 export interface Services {
-  /**
-   * @deprecated Use `scopedClusterClient` instead.
-   */
-  callCluster: ILegacyScopedClusterClient['callAsCurrentUser'];
   savedObjectsClient: SavedObjectsClientContract;
-  scopedClusterClient: ElasticsearchClient;
-  getLegacyScopedClusterClient(clusterClient: ILegacyClusterClient): ILegacyScopedClusterClient;
+  scopedClusterClient: IScopedClusterClient;
 }
 
 export interface AlertServices<

x-pack/plugins/alerting/server/usage/alerts_telemetry.test.ts

@@ -5,27 +5,31 @@
  * 2.0.
  */
 
+// eslint-disable-next-line @kbn/eslint/no-restricted-paths
+import { elasticsearchClientMock } from '../../../../../src/core/server/elasticsearch/client/mocks';
 import { getTotalCountInUse } from './alerts_telemetry';
 
 describe('alerts telemetry', () => {
   test('getTotalCountInUse should replace first "." symbol to "__" in alert types names', async () => {
-    const mockEsClient = jest.fn();
-    mockEsClient.mockReturnValue({
-      aggregations: {
-        byAlertTypeId: {
-          value: {
-            types: { '.index-threshold': 2, 'logs.alert.document.count': 1, 'document.test.': 1 },
+    const mockEsClient = elasticsearchClientMock.createClusterClient().asScoped().asInternalUser;
+    mockEsClient.search.mockReturnValue(
+      elasticsearchClientMock.createSuccessTransportRequestPromise({
+        aggregations: {
+          byAlertTypeId: {
+            value: {
+              types: { '.index-threshold': 2, 'logs.alert.document.count': 1, 'document.test.': 1 },
+            },
           },
         },
-      },
-      hits: {
-        hits: [],
-      },
-    });
+        hits: {
+          hits: [],
+        },
+      })
+    );
 
     const telemetry = await getTotalCountInUse(mockEsClient, 'test');
 
-    expect(mockEsClient).toHaveBeenCalledTimes(1);
+    expect(mockEsClient.search).toHaveBeenCalledTimes(1);
 
     expect(telemetry).toMatchInlineSnapshot(`
 Object {

x-pack/plugins/alerting/server/usage/alerts_telemetry.ts

@@ -5,8 +5,7 @@
  * 2.0.
  */
 
-import { LegacyAPICaller } from 'kibana/server';
-import { SearchResponse } from 'elasticsearch';
+import { ElasticsearchClient } from 'kibana/server';
 import { AlertsUsage } from './types';
 
 const alertTypeMetric = {
@@ -36,7 +35,7 @@ const alertTypeMetric = {
 };
 
 export async function getTotalCountAggregations(
-  callCluster: LegacyAPICaller,
+  esClient: ElasticsearchClient,
   kibanaInex: string
 ): Promise<
   Pick<
@@ -223,7 +222,7 @@ export async function getTotalCountAggregations(
     },
   };
 
-  const results = await callCluster('search', {
+  const { body: results } = await esClient.search({
     index: kibanaInex,
     body: {
       query: {
@@ -256,7 +255,7 @@ export async function getTotalCountAggregations(
   return {
     count_total: totalAlertsCount,
     count_by_type: Object.keys(results.aggregations.byAlertTypeId.value.types).reduce(
-      // ES DSL aggregations are returned as `any` by callCluster
+      // ES DSL aggregations are returned as `any` by esClient.search
       // eslint-disable-next-line @typescript-eslint/no-explicit-any
       (obj: any, key: string) => ({
         ...obj,
@@ -295,8 +294,8 @@ export async function getTotalCountAggregations(
   };
 }
 
-export async function getTotalCountInUse(callCluster: LegacyAPICaller, kibanaInex: string) {
-  const searchResult: SearchResponse<unknown> = await callCluster('search', {
+export async function getTotalCountInUse(esClient: ElasticsearchClient, kibanaInex: string) {
+  const { body: searchResult } = await esClient.search({
     index: kibanaInex,
     body: {
       query: {
@@ -316,7 +315,7 @@ export async function getTotalCountInUse(callCluster: LegacyAPICaller, kibanaIne
       0
     ),
     countByType: Object.keys(searchResult.aggregations.byAlertTypeId.value.types).reduce(
-      // ES DSL aggregations are returned as `any` by callCluster
+      // ES DSL aggregations are returned as `any` by esClient.search
       // eslint-disable-next-line @typescript-eslint/no-explicit-any
       (obj: any, key: string) => ({
         ...obj,