-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression #70759
[Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression #70759
Conversation
Pinging @elastic/endpoint-app-team (Feature:Endpoint) |
Pinging @elastic/endpoint-response (Team:Endpoint Response) |
this.logger.debug('wrappedManifest was null, aborting dispatch'); | ||
return null; | ||
} | ||
public async syncArtifacts(snapshot: ManifestSnapshot, diffType?: 'add' | 'delete') { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: would maybe make diffType a type and have add
and delete
as their own types as well.
…ana into user-allowlist-artifacts-pt3
…ana into user-allowlist-artifacts-pt3
return diffs; | ||
}, []); | ||
|
||
const adds = filteredDiffs.filter((diff) => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit -> to be more readable it will be nice have branch logic to show that you are only doing add || delete on this function.
// TODO: confirm creation of package config | ||
// then commit. | ||
await manifestManager.commit(wrappedManifest); | ||
if (snapshot.diffs.length > 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit -> I think it will be nice to have try/catch here to avoid bubble up error and have a better way to handle it
@@ -57,9 +70,18 @@ export const getPackageConfigCreateCallback = ( | |||
try { | |||
return updatedPackageConfig; | |||
} finally { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit -> We might think about sending a promise instead of counting on finally. I think that will be more readable too
@elasticmachine merge upstream |
@elasticmachine merge upstream |
@elasticmachine merge upstream |
* master: (39 commits) [APM] Add warning to notify user about legacy ML jobs (elastic#71030) updates consumer to siem (elastic#71117) Index pattern creation flow - fix spelling (elastic#71192) [Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression (elastic#70759) [SECURITY] Rearrange rule name's column in Alert Table (elastic#71020) [SECURITY] Alerts back to Detections (elastic#71142) [Security Solution][Exceptions Builder] - Fixes operator selection bug (elastic#71178) [SIEM][Detection Engine] Speeds up value list imports by enabling streaming of files. [APM] Update ML job ID in data telemetry tasks (elastic#71044) [Resolver] Remove `currentPanelView` selector (elastic#71154) add meta.managed to index templates (elastic#71135) Clarify trial subscription levels (elastic#70900) [Security Solution] fix panel links (elastic#71148) skip flaky suite (elastic#69632) skip suite failing ES Promotion (elastic#71018) [ML] DF Analytics: add results field to wizard and show regression stats (elastic#70893) [SIEM] update wordings (elastic#71119) [SECURITY SOLUTION] Rename to hosts and administration (elastic#70913) [ML] Improvements for urlState hook. (elastic#70576) Removing uptime guide (elastic#71124) ...
…ssion (#70759) (#71246) * Stateless exception list translation with improved runtime checks * use flatMap and reduce to simplify logic * Update to new manifest format * Fix test fixture SO data type * Fix another test fixture data type * Fix sha256 reference in artifact_client * Refactor to remove usages of 'then' and tidy up a bit * Zlib compression * prefer byteLength to length * Make ingestManager optional for security-solution startup * Fix download functionality * Use eql for deep equality check * Fix base64 download bug * Add test for artifact download * Add more tests to ensure cached versions of artifacts are correct * Convert to new format * Deflate * missed some refs * partial fix to wrapper format * update fixtures and integration test * Fixing unit tests * small bug fixes * artifact and manifest versioning changes * Remove access tag from download endpoint * Adding decompression to integration test * Removing tag from route * add try/catch in ingest callback handler * Fixing * Removing last expect from unit test for tag * type fixes * Add compression type to manifest * Reverting ingestManager back to being required for now Co-authored-by: Alex Kahan <alexander.kahan@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Alex Kahan <alexander.kahan@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
ml?: MlSetup; | ||
lists?: ListPluginSetup; | ||
} | ||
|
||
export interface StartPlugins { | ||
ingestManager: IngestManagerStartContract; | ||
taskManager: TaskManagerStartContract; | ||
ingestManager?: IngestManagerStartContract; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since both ingestManager
and taskManager
are required plugins, these shouldn't be typed as optional here and the downstream null checks are unnecessary. Is this a temporary situation, or can we clean this up?
💚 Build SucceededBuild metrics
History
To update your PR or re-run it, just comment with: |
Summary
Addresses feedback and TODOs from [SIEM][Security Solution][Endpoint] Endpoint Artifact Manifest Management + Artifact Download and Distribution #67707 and [Security Solution][Endpoint] Update to new manifest format (without compression) #70752
Adds compression of artifacts (in progress).
To do in this PR:
async/await
tothen
To address in a follow-up PR:
datasource updatepackage config race prevention (UNBLOCKED by: [Ingest Manager] Implement concurrency control for package configs #70680)@ts-ignore
type errorsif(someType.is(...))
toas
)exact
map
... some of these should just be for loopsChecklist
Delete any items that are not applicable to this PR.
For maintainers