Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression #70759

Merged
merged 53 commits into from
Jul 9, 2020

Conversation

madirey
Copy link
Contributor

@madirey madirey commented Jul 5, 2020

Summary

To do in this PR:

To address in a follow-up PR:

  • make ingestManager an optional plugin
  • datasource update package config race prevention (UNBLOCKED by: [Ingest Manager] Implement concurrency control for package configs #70680)
  • fix @ts-ignore type errors
  • additional runtime type checking improvements (prefer if(someType.is(...)) to as)
  • limit cache size
  • implement exact
  • clean up matcher function types
  • unicode tests
  • address any remaining TODOs
  • audit usages of map ... some of these should just be for loops
  • revisit callback from ingestManager ... use promises?

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@madirey madirey requested review from a team as code owners July 5, 2020 17:59
@madirey madirey changed the title [Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression [TODO] [Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression Jul 5, 2020
@madirey madirey added Feature:Endpoint Elastic Endpoint feature Team:Endpoint Response Endpoint Response Team v7.9.0 v8.0.0 labels Jul 5, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/endpoint-app-team (Feature:Endpoint)

@elasticmachine
Copy link
Contributor

Pinging @elastic/endpoint-response (Team:Endpoint Response)

@madirey madirey added the release_note:skip Skip the PR/issue when compiling release notes label Jul 5, 2020
this.logger.debug('wrappedManifest was null, aborting dispatch');
return null;
}
public async syncArtifacts(snapshot: ManifestSnapshot, diffType?: 'add' | 'delete') {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: would maybe make diffType a type and have add and delete as their own types as well.

alexk307
alexk307 previously approved these changes Jul 6, 2020
@alexk307 alexk307 dismissed their stale review July 6, 2020 15:03

not done yet

return diffs;
}, []);

const adds = filteredDiffs.filter((diff) => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit -> to be more readable it will be nice have branch logic to show that you are only doing add || delete on this function.

// TODO: confirm creation of package config
// then commit.
await manifestManager.commit(wrappedManifest);
if (snapshot.diffs.length > 0) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit -> I think it will be nice to have try/catch here to avoid bubble up error and have a better way to handle it

@@ -57,9 +70,18 @@ export const getPackageConfigCreateCallback = (
try {
return updatedPackageConfig;
} finally {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit -> We might think about sending a promise instead of counting on finally. I think that will be more readable too

@alexk307
Copy link

alexk307 commented Jul 9, 2020

@elasticmachine merge upstream

@peluja1012
Copy link
Contributor

@elasticmachine merge upstream

@peluja1012
Copy link
Contributor

@elasticmachine merge upstream

@peluja1012 peluja1012 merged commit c3622e3 into elastic:master Jul 9, 2020
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jul 9, 2020
* master: (39 commits)
  [APM] Add warning to notify user about legacy ML jobs (elastic#71030)
  updates consumer to siem (elastic#71117)
  Index pattern creation flow - fix spelling (elastic#71192)
  [Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression (elastic#70759)
  [SECURITY] Rearrange rule name's column in Alert Table (elastic#71020)
  [SECURITY] Alerts back to Detections (elastic#71142)
  [Security Solution][Exceptions Builder] - Fixes operator selection bug (elastic#71178)
  [SIEM][Detection Engine] Speeds up value list imports by enabling streaming of files.
  [APM] Update ML job ID in data telemetry tasks (elastic#71044)
  [Resolver] Remove `currentPanelView` selector (elastic#71154)
  add meta.managed to index templates (elastic#71135)
  Clarify trial subscription levels (elastic#70900)
  [Security Solution] fix panel links (elastic#71148)
  skip flaky suite (elastic#69632)
  skip suite failing ES Promotion (elastic#71018)
  [ML] DF Analytics: add results field to wizard and show regression stats (elastic#70893)
  [SIEM] update wordings (elastic#71119)
  [SECURITY SOLUTION] Rename to hosts and administration (elastic#70913)
  [ML] Improvements for urlState hook. (elastic#70576)
  Removing uptime guide (elastic#71124)
  ...
madirey added a commit that referenced this pull request Jul 9, 2020
…ssion (#70759) (#71246)

* Stateless exception list translation with improved runtime checks

* use flatMap and reduce to simplify logic

* Update to new manifest format

* Fix test fixture SO data type

* Fix another test fixture data type

* Fix sha256 reference in artifact_client

* Refactor to remove usages of 'then' and tidy up a bit

* Zlib compression

* prefer byteLength to length

* Make ingestManager optional for security-solution startup

* Fix download functionality

* Use eql for deep equality check

* Fix base64 download bug

* Add test for artifact download

* Add more tests to ensure cached versions of artifacts are correct

* Convert to new format

* Deflate

* missed some refs

* partial fix to wrapper format

* update fixtures and integration test

* Fixing unit tests

* small bug fixes

* artifact and manifest versioning changes

* Remove access tag from download endpoint

* Adding decompression to integration test

* Removing tag from route

* add try/catch in ingest callback handler

* Fixing

* Removing last expect from unit test for tag

* type fixes

* Add compression type to manifest

* Reverting ingestManager back to being required for now

Co-authored-by: Alex Kahan <alexander.kahan@elastic.co>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>

Co-authored-by: Alex Kahan <alexander.kahan@elastic.co>
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
ml?: MlSetup;
lists?: ListPluginSetup;
}

export interface StartPlugins {
ingestManager: IngestManagerStartContract;
taskManager: TaskManagerStartContract;
ingestManager?: IngestManagerStartContract;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since both ingestManager and taskManager are required plugins, these shouldn't be typed as optional here and the downstream null checks are unnecessary. Is this a temporary situation, or can we clean this up?

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Build metrics

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature:Endpoint Elastic Endpoint feature release_note:skip Skip the PR/issue when compiling release notes Team:Endpoint Response Endpoint Response Team v7.9.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants