Add setting to manage policy templates behavior in Kibana #825
Conversation
mrodm
force-pushed
the
add_policy_tiles_behaviour
branch
from
f84211b
to
dca0eef
Compare
mrodm
force-pushed
the
add_policy_tiles_behaviour
branch
from
c4a5290
to
0b8c6e2
Compare
There was a problem hiding this comment.
Added this new setting just for integrations.
Tried to look into kibana's code here: https://github.com/elastic/kibana/blob/e5b0b8108b392dae070b87175cf2d43522576c4d/x-pack/plugins/fleet/public/applications/integrations/sections/epm/screens/home/hooks/use_available_packages.tsx#L82
IIUC Kibana just shows different tiles in case of integrations packages. Input packages would just show one tile. Is my understanding correct?
Or, should it be added also for input packages ?
There was a problem hiding this comment.
I wonder why we support multiple policy templates in input packages 🤔 What could be a use case? I think we don't have any input package with more than one. Maybe we should change the spec to be more explicit about this.
Some previous discussion about this here: https://github.com/elastic/package-spec/pull/325/files#r860573848
There was a problem hiding this comment.
At least, currently all input packages defined in the integrations repository have just one policy template.
Forcing input packages to have just one policy template could be done by adding maxItems setting (it could be done in this PR or in a separate PR):
--- spec/input/manifest.spec.yml
+++ spec/input/manifest.spec.yml
@@ -38,6 +38,7 @@ spec:
policy_templates:
description: List of policy templates offered by this package.
type: array
+ maxItems: 1
items:
type: object
additionalProperties: falseWhat could be a use case?
I was thinking for instance in the "Custom logs" input package, would that make sense to add a new policy template there to read logs from another source? or would it be better to create a new input package?
There was a problem hiding this comment.
IIUC Kibana just shows different tiles in case of integrations packages. Input packages would just show one tile. Is my understanding correct?
Kibana does not enforce the distinction between integration and input type packages when it comes to displaying the tiles, it only reads the number of policy_templates
There was a problem hiding this comment.
I was thinking for instance in the "Custom logs" input package, would that make sense to add a new policy template there to read logs from another source? or would it be better to create a new input package?
Yes, in this case it would be better to create another input package.
Maybe a use case could be to have an input that collects from the same source, but with a different method. But in this case maybe it would be better to do #744.
I would be more leaned towards limiting input packages to a single policy.
There was a problem hiding this comment.
As it is not clear whether or not input packages should have a limitation in the number of policy templates, I would suggest not doing that for now.
spec/integration/manifest.spec.yml
Outdated
| # requires a conditional JSON schema to update the value depending | ||
| # on the policy_templates length | ||
| policy_templates_behavior: | ||
| description: > | ||
| Behavior to manage the policy templates (policy_templates field) defined that must be available in Kibana as tiles. | ||
| This is just applicable for those packages that define more than one policy template. By default for these packages, Kibana | ||
| shows all the policy templates defined in the manifest separately plus another one referring to the | ||
| whole integration (that contains all the policy templates definitions) available to the user. | ||
|
|
||
| If the `integration_package_only` option is selected, then just one policy template for the whole integration containing all policy | ||
| templates will be available in Kibana. If the `policy_templates_only` option is selected, then just the policy templates defined | ||
| in the manifest will be available in Kibana without the specific policy template for the whole integration. If the `default` option | ||
| is selected, then Kibana keeps the same behavior described above. | ||
| type: string |
There was a problem hiding this comment.
Not sure about the wording or even the naming for the options here.
WDYT ? Any other suggestions?
There was a problem hiding this comment.
Proposed rewording in the comment above.
spec/integration/manifest.spec.yml
Outdated
| Behavior to manage the policy templates (policy_templates field) defined that must be available in Kibana as tiles. | ||
| This is just applicable for those packages that define more than one policy template. By default for these packages, Kibana | ||
| shows all the policy templates defined in the manifest separately plus another one referring to the | ||
| whole integration (that contains all the policy templates definitions) available to the user. | ||
|
|
||
| If the `integration_package_only` option is selected, then just one policy template for the whole integration containing all policy | ||
| templates will be available in Kibana. If the `policy_templates_only` option is selected, then just the policy templates defined | ||
| in the manifest will be available in Kibana without the specific policy template for the whole integration. If the `default` option | ||
| is selected, then Kibana keeps the same behavior described above. |
There was a problem hiding this comment.
Simplified wording, removing references to the visual representation. Also proposing these three values:
combined_policy: to indicate that there is a single policy template that combines them all.individual_policies: to indicate that policies are available individually, without a combined policy.all: the default value, where both the combined policy and the individual policies are available.
| Behavior to manage the policy templates (policy_templates field) defined that must be available in Kibana as tiles. | |
| This is just applicable for those packages that define more than one policy template. By default for these packages, Kibana | |
| shows all the policy templates defined in the manifest separately plus another one referring to the | |
| whole integration (that contains all the policy templates definitions) available to the user. | |
| If the `integration_package_only` option is selected, then just one policy template for the whole integration containing all policy | |
| templates will be available in Kibana. If the `policy_templates_only` option is selected, then just the policy templates defined | |
| in the manifest will be available in Kibana without the specific policy template for the whole integration. If the `default` option | |
| is selected, then Kibana keeps the same behavior described above. | |
| Expected behavior when there are more than one policy template defined. | |
| When set to `combined_policy`, a single policy template is available, that | |
| combines all the defined templates. When set to `individual_policies`, all | |
| policies are individually available, but there is no combined policy. | |
| The default value is `all`, where the combined policy template is available | |
| along with the individual policies. |
There was a problem hiding this comment.
I like this proposal that does not mention any reference to tiles in Kibana.
And it also looks easier to understand what each option is aimed for.
Thanks!
I'll do the required changes.
spec/integration/manifest.spec.yml
Outdated
| # requires a conditional JSON schema to update the value depending | ||
| # on the policy_templates length | ||
| policy_templates_behavior: | ||
| description: > | ||
| Behavior to manage the policy templates (policy_templates field) defined that must be available in Kibana as tiles. | ||
| This is just applicable for those packages that define more than one policy template. By default for these packages, Kibana | ||
| shows all the policy templates defined in the manifest separately plus another one referring to the | ||
| whole integration (that contains all the policy templates definitions) available to the user. | ||
|
|
||
| If the `integration_package_only` option is selected, then just one policy template for the whole integration containing all policy | ||
| templates will be available in Kibana. If the `policy_templates_only` option is selected, then just the policy templates defined | ||
| in the manifest will be available in Kibana without the specific policy template for the whole integration. If the `default` option | ||
| is selected, then Kibana keeps the same behavior described above. | ||
| type: string |
There was a problem hiding this comment.
Proposed rewording in the comment above.
spec/integration/manifest.spec.yml
Outdated
| - integration_package_only | ||
| - policy_templates_only | ||
| - default |
There was a problem hiding this comment.
Options proposed above.
| - integration_package_only | |
| - policy_templates_only | |
| - default | |
| - combined_policy | |
| - individual_policies | |
| - all |
There was a problem hiding this comment.
I wonder why we support multiple policy templates in input packages 🤔 What could be a use case? I think we don't have any input package with more than one. Maybe we should change the spec to be more explicit about this.
Some previous discussion about this here: https://github.com/elastic/package-spec/pull/325/files#r860573848
💚 Build Succeeded
History
cc @mrodm |
mrodm
changed the title
What does this PR do?
Adds a new setting
policy_templates_behaviorto manage how the policy templates / tiles are shown to the user in Kibana.Values that admit this new field:
Why is it important?
There are some integrations that do not require to show a tile for the integration itself, or vice-versa, there could be integrations that it is not desired to show each of the policy templates (child policy templates) defined as tiles, just the one referring to the integration itself (parent tile)
Checklist
test/packagesthat prove my change is effective.spec/changelog.yml.Related issues