Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[EPM][Security Solution] Implementing dataset component templates #70517

Conversation

jonathan-buttner
Copy link
Contributor

This PR adds support for installing two component templates for each dataset that specifies the elasticsearch field.

A settings and mappings component template will be created depending on whether mappings and/or settings is included in the dataset of the package in the registry.

The fields being added to the Dataset interface correspond to here: https://github.com/elastic/package-registry/blob/master/util/dataset.go#L42 and this PR: https://github.com/elastic/package-registry/pull/552/files

Endpoint package installed component templates

image

image

Endpoint package mapping now including dynamic: false

image

image

@jonathan-buttner jonathan-buttner added v8.0.0 release_note:skip Skip the PR/issue when compiling release notes Feature:EPM Fleet team's Elastic Package Manager (aka Integrations) project Team:Endpoint Data Visibility Team managing the endpoint resolver Feature:Endpoint Elastic Endpoint feature v7.9.0 Team:Fleet Team label for Observability Data Collection Fleet team Feature:Ingest Management labels Jul 1, 2020
@jonathan-buttner jonathan-buttner requested review from jfsiii, skh, ruflin, michaelolo24 and a team July 1, 2020 21:43
@elasticmachine
Copy link
Contributor

Pinging @elastic/endpoint-data-visibility-team (Team:Endpoint Data Visibility)

@elasticmachine
Copy link
Contributor

Pinging @elastic/endpoint-app-team (Feature:Endpoint)

@elasticmachine
Copy link
Contributor

Pinging @elastic/ingest-management (Team:Ingest Management)

Copy link
Contributor

@jfsiii jfsiii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the link to the Registry type and updating Ingest's TS types. LGTM

componentPromises.push(settings.clusterPromise);
}

// TODO: Check return values for errors
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add/link a ticket?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good call. I created a new ticket here: #70586

I'll update the second link once this PR is merged.

}): IndexTemplate {
const template = getBaseTemplate(type, templateName, mappings, packageName);
const template = getBaseTemplate(type, templateName, mappings, packageName, composedOfTemplates);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

5 params is hefty, but seemingly not introduced here and can be reduced later

@ruflin
Copy link
Contributor

ruflin commented Jul 2, 2020

I wonder how #64760 plays into this? I assume these are additional components? Mentioning here so we can plan on the naming side for it.

@jonathan-buttner
Copy link
Contributor Author

I wonder how #64760 plays into this? I assume these are additional components? Mentioning here so we can plan on the naming side for it.

Yeah I guess I kind of stole the names that we'd probably use 😆 . We can always refactor it so that the Elasticsearch overrides from the manifest.yml would have names like <template name>-override-<mappings|settings> something like that maybe?

@jonathan-buttner
Copy link
Contributor Author

@elasticmachine merge upstream

...registryElasticsearch['index_template.mappings'],
// temporary change until https://github.com/elastic/elasticsearch/issues/58956 is resolved
properties: {
'@timestamp': {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I'll be able to remove this once this: elastic/elasticsearch#58642 is merged.

@ruflin
Copy link
Contributor

ruflin commented Jul 3, 2020

++ on refactoring and making sure the "override" are in its own place and cannot conflict. Perhaps we should use _override to not conflict with a potential namespace. But not important at the moment.

@@ -29,7 +29,7 @@ export default function ({ getService }: FtrProviderContext) {
return response.body;
};
const listResponse = await fetchPackageList();
expect(listResponse.response.length).to.be(11);
expect(listResponse.response.length).to.be(12);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Incrementing because I add the overrides package.

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Build metrics

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@jonathan-buttner jonathan-buttner merged commit 321fb87 into elastic:master Jul 6, 2020
@jonathan-buttner jonathan-buttner deleted the ingest-support-mappings-settings branch July 6, 2020 19:09
jonathan-buttner added a commit to jonathan-buttner/kibana that referenced this pull request Jul 6, 2020
…astic#70517)

* Implementing dataset component templates

* Fixing test

* Temporary fix to include timestamp with any component template created

* Update package registry docker image for CI.

* Adapt to new registry filesystem layout.

* Adjust tests to changed registry behavior.

* Adding a test for mappings and settings overrides

* Wrap all the tests in the docker check

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Sonja Krause-Harder <sonja.krause-harder@elastic.co>
jen-huang pushed a commit that referenced this pull request Jul 6, 2020
…0517) (#70862)

* Implementing dataset component templates

* Fixing test

* Temporary fix to include timestamp with any component template created

* Update package registry docker image for CI.

* Adapt to new registry filesystem layout.

* Adjust tests to changed registry behavior.

* Adding a test for mappings and settings overrides

* Wrap all the tests in the docker check

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Sonja Krause-Harder <sonja.krause-harder@elastic.co>

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: Sonja Krause-Harder <sonja.krause-harder@elastic.co>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature:Endpoint Elastic Endpoint feature Feature:EPM Fleet team's Elastic Package Manager (aka Integrations) project release_note:skip Skip the PR/issue when compiling release notes Team:Endpoint Data Visibility Team managing the endpoint resolver Team:Fleet Team label for Observability Data Collection Fleet team v7.9.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants