Merge branch 'ftr/split-functional_with_es_ssl-config' of github.com:…

…dmlemeshko/kibana into ftr/split-functional_with_es_ssl-config

.eslintrc.js

@@ -902,7 +902,10 @@ module.exports = {
       files: ['x-pack/plugins/profiling/**/*.{js,mjs,ts,tsx}'],
       rules: {
         'react-hooks/rules-of-hooks': 'error', // Checks rules of Hooks
-        'react-hooks/exhaustive-deps': ['error', { additionalHooks: '^(useAsync)$' }],
+        'react-hooks/exhaustive-deps': [
+          'error',
+          { additionalHooks: '^(useAsync|useTimeRangeAsync|useAutoAbortedHttpClient)$' },
+        ],
       },
     },
     {

docs/setup/settings.asciidoc

@@ -26,11 +26,11 @@ Set to `false` to disable Console. *Default: `true`*
 Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src[Content Security Policy `script-src` directive].
 
 `csp.disableUnsafeEval`::
-experimental[] Set this to `true` to remove the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src#unsafe_eval_expressions[`unsafe-eval`] source expression from the `script-src` directive. *Default: `false`*
+deprecated:[8.7.0,Use `csp.script_src: ['unsafe-eval']` instead if you wish to enable `unsafe-eval`. This config option will have no effect in a future version.] Set this to `false` to add the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src#unsafe_eval_expressions[`unsafe-eval`] source expression to the `script-src` directive. *Default: `true`*
 +
-By enabling `csp.disableUnsafeEval`, Kibana will use a custom version of the Handlebars template library.
+When `csp.disableUnsafeEval` is set to `true`, Kibana will use a custom version of the Handlebars template library.
 Handlebars is used in various locations in the Kibana frontend where custom templates can be supplied by the user when for instance setting up a visualisation.
-If you experience any issues rendering Handlebars templates after turning on `csp.disableUnsafeEval`, please revert this setting to `false` and https://github.com/elastic/kibana/issues/new/choose[open an issue] in the Kibana GitHub repository.
+If you experience any issues rendering Handlebars templates, please set this setting to `false` and https://github.com/elastic/kibana/issues/new/choose[open an issue] in the Kibana GitHub repository.
 
 `csp.worker_src`::
 Add sources for the https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/worker-src[Content Security Policy `worker-src` directive].

package.json

@@ -424,8 +424,8 @@
     "@opentelemetry/semantic-conventions": "^1.4.0",
     "@reduxjs/toolkit": "1.7.2",
     "@slack/webhook": "^5.0.4",
-    "@tanstack/react-query": "^4.24.2",
-    "@tanstack/react-query-devtools": "^4.24.2",
+    "@tanstack/react-query": "^4.24.4",
+    "@tanstack/react-query-devtools": "^4.24.4",
     "@turf/along": "6.0.1",
     "@turf/area": "6.0.1",
     "@turf/bbox": "6.0.1",

packages/core/http/core-http-server-internal/src/csp/config.ts

@@ -39,13 +39,7 @@ const getDirectiveValueValidator = ({ allowNone, allowNonce }: DirectiveValidati
 
 const configSchema = schema.object(
   {
-    disableUnsafeEval: schema.conditional(
-      // Default disableUnsafeEval to false if it's not a distributable release
-      schema.contextRef('dist'),
-      true,
-      schema.boolean({ defaultValue: false }),
-      schema.boolean({ defaultValue: true })
-    ),
+    disableUnsafeEval: schema.boolean({ defaultValue: true }),
     script_src: schema.arrayOf(schema.string(), {
       defaultValue: [],
       validate: getDirectiveValidator({ allowNone: false, allowNonce: false }),

packages/core/http/core-http-server-internal/src/csp/csp_config.test.ts

@@ -8,7 +8,6 @@
 
 import { CspConfig } from './csp_config';
 import { cspConfig, CspConfigType } from './config';
-import { mockConfig } from './csp_config.test.mocks';
 
 // CSP rules aren't strictly additive, so any change can potentially expand or
 // restrict the policy in a way we consider a breaking change. For that reason,
@@ -34,6 +33,7 @@ describe('CspConfig', () => {
     expect(CspConfig.DEFAULT).toMatchInlineSnapshot(`
       CspConfig {
         "disableEmbedding": false,
+        "disableUnsafeEval": true,
         "header": "script-src 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
         "strict": true,
         "warnLegacyBrowsers": true,
@@ -140,36 +140,15 @@ describe('CspConfig', () => {
         );
       });
 
-      test('when "disableUnsafeEval" is not set, and the default value is "false", the `unsafe-eval` CSP should be set', () => {
-        // The default value for `disableUnsafeEval` depends on whether Kibana is a distributable or not. To test both scenarios, we mock the config.
-        const mockedConfig = mockConfig.create(false).schema.validate({});
-
-        const config = new CspConfig({
-          ...mockedConfig,
-          script_src: ['foo', 'bar'],
-        });
-
-        expect(config.header).toEqual(
-          `script-src 'self' 'unsafe-eval' foo bar; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'`
-        );
-
-        mockConfig.reset();
-      });
-
-      test('when "disableUnsafeEval" is not set, and the default value is "true", the `unsafe-eval` CSP should not be set', () => {
-        // The default value for `disableUnsafeEval` depends on whether Kibana is a distributable or not. To test both scenarios, we mock the config.
-        const mockedConfig = mockConfig.create(true).schema.validate({});
-
+      test('when "disableUnsafeEval" is not set, the `unsafe-eval` CSP should not be set', () => {
         const config = new CspConfig({
-          ...mockedConfig,
+          ...defaultConfig,
           script_src: ['foo', 'bar'],
         });
 
         expect(config.header).toEqual(
           `script-src 'self' foo bar; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'`
         );
-
-        mockConfig.reset();
       });
     });
 

packages/core/http/core-http-server-internal/src/csp/csp_config.ts

@@ -21,6 +21,7 @@ export class CspConfig implements ICspConfig {
 
   readonly #directives: CspDirectives;
   public readonly strict: boolean;
+  public readonly disableUnsafeEval: boolean;
   public readonly warnLegacyBrowsers: boolean;
   public readonly disableEmbedding: boolean;
   public readonly header: string;
@@ -37,6 +38,7 @@ export class CspConfig implements ICspConfig {
     }
     this.header = this.#directives.getCspHeader();
     this.strict = rawCspConfig.strict;
+    this.disableUnsafeEval = rawCspConfig.disableUnsafeEval;
     this.warnLegacyBrowsers = rawCspConfig.warnLegacyBrowsers;
     this.disableEmbedding = rawCspConfig.disableEmbedding;
   }

packages/kbn-apm-synthtrace-client/src/lib/timerange.ts

@@ -6,6 +6,7 @@
  * Side Public License, v 1.
  */
 
+import type { Moment } from 'moment';
 import { Interval } from './interval';
 
 export class Timerange {
@@ -20,9 +21,14 @@ export class Timerange {
   }
 }
 
-export function timerange(from: Date | number, to: Date | number) {
-  return new Timerange(
-    from instanceof Date ? from : new Date(from),
-    to instanceof Date ? to : new Date(to)
-  );
+type DateLike = Date | number | Moment | string;
+
+function getDateFrom(date: DateLike): Date {
+  if (date instanceof Date) return date;
+  if (typeof date === 'number' || typeof date === 'string') return new Date(date);
+  return date.toDate();
+}
+
+export function timerange(from: Date | number | Moment, to: Date | number | Moment) {
+  return new Timerange(getDateFrom(from), getDateFrom(to));
 }

packages/kbn-apm-synthtrace/src/lib/apm/aggregators/create_service_summary_metrics_aggregator.ts

@@ -0,0 +1,43 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0 and the Server Side Public License, v 1; you may not use this file except
+ * in compliance with, at your election, the Elastic License 2.0 or the Server
+ * Side Public License, v 1.
+ */
+import { ApmFields, hashKeysOf } from '@kbn/apm-synthtrace-client';
+import { identity, noop, pick } from 'lodash';
+import { createApmMetricAggregator } from './create_apm_metric_aggregator';
+
+const KEY_FIELDS: Array<keyof ApmFields> = [
+  'agent.name',
+  'service.environment',
+  'service.name',
+  'service.language.name',
+];
+
+export function createServiceSummaryMetricsAggregator(flushInterval: string) {
+  return createApmMetricAggregator(
+    {
+      filter: () => true,
+      getAggregateKey: (event) => {
+        // see https://github.com/elastic/apm-server/blob/main/x-pack/apm-server/aggregation/txmetrics/aggregator.go
+        return hashKeysOf(event, KEY_FIELDS);
+      },
+      flushInterval,
+      init: (event) => {
+        const set = pick(event, KEY_FIELDS);
+
+        return {
+          ...set,
+          'metricset.name': 'service_summary',
+          'metricset.interval': flushInterval,
+          'processor.event': 'metric',
+          'processor.name': 'metric',
+        };
+      },
+    },
+    noop,
+    identity
+  );
+}

packages/kbn-apm-synthtrace/src/lib/apm/client/apm_synthtrace_es_client/get_routing_transform.ts

@@ -34,7 +34,8 @@ export function getRoutingTransform() {
           } else if (
             metricsetName === 'transaction' ||
             metricsetName === 'service_transaction' ||
-            metricsetName === 'service_destination'
+            metricsetName === 'service_destination' ||
+            metricsetName === 'service_summary'
           ) {
             index = `metrics-apm.${metricsetName}.${document['metricset.interval']!}-default`;
           } else {

packages/kbn-apm-synthtrace/src/lib/apm/client/apm_synthtrace_es_client/index.ts

@@ -21,6 +21,7 @@ import { Logger } from '../../../utils/create_logger';
 import { fork, sequential } from '../../../utils/stream_utils';
 import { createBreakdownMetricsAggregator } from '../../aggregators/create_breakdown_metrics_aggregator';
 import { createServiceMetricsAggregator } from '../../aggregators/create_service_metrics_aggregator';
+import { createServiceSummaryMetricsAggregator } from '../../aggregators/create_service_summary_metrics_aggregator';
 import { createSpanMetricsAggregator } from '../../aggregators/create_span_metrics_aggregator';
 import { createTransactionMetricsAggregator } from '../../aggregators/create_transaction_metrics_aggregator';
 import { getApmServerMetadataTransform } from './get_apm_server_metadata_transform';
@@ -111,6 +112,7 @@ export class ApmSynthtraceEsClient {
       index: dataStreams,
       allow_no_indices: true,
       ignore_unavailable: true,
+      expand_wildcards: ['open', 'hidden'],
     });
   }
 
@@ -123,6 +125,9 @@ export class ApmSynthtraceEsClient {
         createServiceMetricsAggregator('1m'),
         createServiceMetricsAggregator('10m'),
         createServiceMetricsAggregator('60m'),
+        createServiceSummaryMetricsAggregator('1m'),
+        createServiceSummaryMetricsAggregator('10m'),
+        createServiceSummaryMetricsAggregator('60m'),
         createSpanMetricsAggregator('1m'),
         createSpanMetricsAggregator('10m'),
         createSpanMetricsAggregator('60m'),

packages/kbn-apm-synthtrace/src/scenarios/services_without_transactions.ts

@@ -0,0 +1,49 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0 and the Server Side Public License, v 1; you may not use this file except
+ * in compliance with, at your election, the Elastic License 2.0 or the Server
+ * Side Public License, v 1.
+ */
+import { apm, ApmFields } from '@kbn/apm-synthtrace-client';
+import { Scenario } from '../cli/scenario';
+
+const scenario: Scenario<ApmFields> = async ({ logger, scenarioOpts }) => {
+  return {
+    generate: ({ range }) => {
+      const withTx = apm
+        .service('service-with-transactions', 'production', 'java')
+        .instance('instance');
+
+      const withErrorsOnly = apm
+        .service('service-with-errors-only', 'production', 'java')
+        .instance('instance');
+
+      const withAppMetricsOnly = apm
+        .service('service-with-app-metrics-only', 'production', 'java')
+        .instance('instance');
+
+      return range
+        .interval('1m')
+        .rate(1)
+        .generator((timestamp) => {
+          return [
+            withTx.transaction('GET /api').duration(100).timestamp(timestamp),
+            withErrorsOnly
+              .error({
+                message: 'An unknown error occurred',
+              })
+              .timestamp(timestamp),
+            withAppMetricsOnly
+              .appMetrics({
+                'system.memory.actual.free': 1,
+                'system.memory.total': 2,
+              })
+              .timestamp(timestamp),
+          ];
+        });
+    },
+  };
+};
+
+export default scenario;