[FR] [DAC] Add index_or_dataview Property #3857
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
eric-forte-elastic
added
enhancement
eric-forte-elastic
requested review from
Mikaayenson and
terrancedejesus
as code owners
Mikaayenson
reviewed
Jul 5, 2024
|
@eric-forte-elastic any reason why we can't do this in #3830 ? |
traut
reviewed
Jul 8, 2024
traut
approved these changes
Jul 8, 2024
terrancedejesus
approved these changes
Jul 9, 2024
There was a problem hiding this comment.
Great work 👍🏽
- Added a comment about ES|QL rules having no index nor dataview
- Checked other
...RuleDataclasses that inherityQueryRuleDataand they seem fine with these updates - Did not review for small nits
As always, I'd run a build package with the changes before merging to ensure that packaging, rule validation and schema's are all good. Approving not to block.
Looking at the implementation, I think we could do this in 3830 (originally there was some concern that we might not be able to) However, since we have most the implementation discussion in this issue and we expect that we may merge to main fairly shortly, I think it is best to keep them separate. |
Mikaayenson
approved these changes
Jul 10, 2024
eric-forte-elastic
deleted the
3697-frdac-update-handling-data-views-from-kibana
branch
Mikaayenson
reviewed
Jul 11, 2024
| """Return the index or dataview depending on which is set. If neither returns empty list.""" | ||
| if self.index is not None: | ||
| return self.index | ||
| elif self.dataview is not None: |
There was a problem hiding this comment.
This should be self.data_view_id.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issues
#3697
Summary
This PR adds a property to
QueryRuleDatathat allows you to use either index or data view depending on which one is set. This PR is dependent on a validation update to main that prevents both indexes and data views from being set.Please review and merge #3830 first and backport this to DAC-Feature before reviewing this PR. Update: 3830 is now Merged.
Note: There are a few remaining
data.indexcalls that do not appear to support using this property. For example, invalidate_eqlthis update is not supported asdata.indexis used as an index parameter to theself.es_client.eql.searchfunction call which does not support data views.Testing
Make a package using
maketo make sure the new property fills the requirements of the updated function calls that used to use.index.