Skip to content

Commit

Permalink
Merge branch 'main' into risk-engine-limit-space
Browse files Browse the repository at this point in the history
  • Loading branch information
kibanamachine authored Sep 27, 2023
2 parents b23bf42 + 7b4e6a6 commit 850fe43
Show file tree
Hide file tree
Showing 265 changed files with 3,627 additions and 2,510 deletions.
1 change: 0 additions & 1 deletion .buildkite/ftr_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -278,7 +278,6 @@ enabled:
- x-pack/test/functional/apps/home/config.ts
- x-pack/test/functional/apps/index_lifecycle_management/config.ts
- x-pack/test/functional/apps/index_management/config.ts
- x-pack/test/functional/apps/index_management/index_details_page/config.ts
- x-pack/test/functional/apps/infra/config.ts
- x-pack/test/functional/apps/ingest_pipelines/config.ts
- x-pack/test/functional/apps/lens/group1/config.ts
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@
"@elastic/datemath": "5.0.3",
"@elastic/elasticsearch": "npm:@elastic/elasticsearch-canary@8.9.1-canary.1",
"@elastic/ems-client": "8.4.0",
"@elastic/eui": "88.3.0",
"@elastic/eui": "88.5.0",
"@elastic/filesaver": "1.1.2",
"@elastic/node-crypto": "1.2.1",
"@elastic/numeral": "^2.5.1",
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,9 @@ export const getEuiContextMapping = (): EuiTokensObject => {
defaultMessage: 'Breadcrumbs',
description: 'Label on the breadcrumbs nav element',
}),
'euiCallOut.dismissAriaLabel': i18n.translate('core.euiCallOut.dismissAriaLabel', {
defaultMessage: 'Dismiss this callout',
}),
'euiCardSelect.select': i18n.translate('core.euiCardSelect.select', {
defaultMessage: 'Select',
description: 'Displayed button text when a card option can be selected.',
Expand Down Expand Up @@ -1509,6 +1512,17 @@ export const getEuiContextMapping = (): EuiTokensObject => {
'euiSaturation.ariaLabel': i18n.translate('core.euiSaturation.ariaLabel', {
defaultMessage: 'HSV color mode saturation and value 2-axis slider',
}),
'euiSearchBox.ariaLabel': i18n.translate('core.euiSearchBox.ariaLabel', {
defaultMessage:
'This is a search bar. After typing your query, hit enter to filter the results lower in the page.',
}),
'euiSearchBox.incrementalAriaLabel': i18n.translate('core.euiSearchBox.incrementalAriaLabel', {
defaultMessage:
'This is a search bar. As you type, the results lower in the page will automatically filter.',
}),
'euiSearchBox.placeholder': i18n.translate('core.euiSearchBox.placeholder', {
defaultMessage: 'Search...',
}),
'euiSelectable.loadingOptions': i18n.translate('core.euiSelectable.loadingOptions', {
defaultMessage: 'Loading options',
description: 'Placeholder message while data is asynchronously loaded',
Expand Down
11 changes: 10 additions & 1 deletion packages/kbn-es/src/cli_commands/serverless.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ import getopts from 'getopts';
import { ToolingLog } from '@kbn/tooling-log';
import { getTimeReporter } from '@kbn/ci-stats-reporter';

import { basename } from 'path';
import { SERVERLESS_RESOURCES_PATHS } from '../paths';
import { Cluster } from '../cluster';
import {
ES_SERVERLESS_REPO_ELASTICSEARCH,
Expand All @@ -37,6 +39,13 @@ export const serverless: Command = {
--ssl Enable HTTP SSL on the ES cluster
--skipTeardown If this process exits, leave the ES cluster running in the background
--waitForReady Wait for the ES cluster to be ready to serve requests
--resources Overrides resources under ES 'config/' directory, which are by default
mounted from 'packages/kbn-es/src/serverless_resources/users'. Value should
be a valid file path (relative or absolute). This option can be used multiple
times if needing to override multiple files. The following files can be overwritten:
${SERVERLESS_RESOURCES_PATHS.map((filePath) => basename(filePath)).join(
' | '
)}
-E Additional key=value settings to pass to ES
-F Absolute paths for files to mount into containers
Expand All @@ -63,7 +72,7 @@ export const serverless: Command = {
files: 'F',
},

string: ['tag', 'image', 'basePath'],
string: ['tag', 'image', 'basePath', 'resources'],
boolean: ['clean', 'ssl', 'kill', 'background', 'skipTeardown', 'waitForReady'],

default: defaults,
Expand Down
15 changes: 13 additions & 2 deletions packages/kbn-es/src/serverless_resources/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ password: changeme

### Adding users

1. Add the user:encrypted_password to `users` file. The encrypted password for `elastic_serverless` is `changeme` if you want to reuse the value.
1. Add the `user:encrypted_password` to `users` file. The encrypted password for `elastic_serverless` is `changeme` if you want to reuse the value.
1. Set the new user's roles in `users_roles` file.
1. Add the username to `operator_users.yml` in the array for file realm users.

Expand Down Expand Up @@ -46,4 +46,15 @@ If a node is configured to use this `service_tokens` file, then you can authenti
curl -H "Authorization: Bearer AAEAAWVsYXN0aWMva2liYW5hL2tpYmFuYS1kZXY6VVVVVVVVTEstKiBaNA" http://localhost:9200/_security/_authenticate
```

The name of the token (`kibana-dev`) is important because the `operator_users.yml` file designates that token as an operator and allows us to seed a serverless cluster with this token.
The name of the token (`kibana-dev`) is important because the `operator_users.yml` file designates that token as an operator and allows us to seed a serverless cluster with this token.


## Overriding resources

The files found in this directory can be overwritten with customized versions by using the `--resources` option of the `yarn es serverless` command.
Assuming a customized `users` and `users_roles` are located in `/tmp/my_es/` directory and executing the below command from the root of Kibana, here is an example:

```shell
yarn es serverless --resources=/tmp/my_es/users --resources=/tmp/my_es/users_roles
```

Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
operator:
- usernames: ["elastic_serverless", "system_indices_superuser"]
- usernames: ["elastic_serverless", "system_indices_superuser", "soc_manager"]
realm_type: "file"
auth_type: "realm"
- usernames: [ "elastic/kibana" ]
Expand Down
1 change: 1 addition & 0 deletions packages/kbn-es/src/serverless_resources/users
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
elastic_serverless:$2a$10$nN6sRtQl2KX9Gn8kV/.NpOLSk6Jwn8TehEDnZ7aaAgzyl/dy5PYzW
system_indices_superuser:$2a$10$nN6sRtQl2KX9Gn8kV/.NpOLSk6Jwn8TehEDnZ7aaAgzyl/dy5PYzW
soc_manager:$2a$10$nN6sRtQl2KX9Gn8kV/.NpOLSk6Jwn8TehEDnZ7aaAgzyl/dy5PYzW
1 change: 1 addition & 0 deletions packages/kbn-es/src/serverless_resources/users_roles
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
superuser:elastic_serverless
system_indices_superuser:system_indices_superuser
soc_manager:soc_manager
29 changes: 29 additions & 0 deletions packages/kbn-es/src/utils/docker.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -445,6 +445,35 @@ describe('setupServerlessVolumes()', () => {
expect(volumeCmd).toHaveLength(20);
expect(pathsNotIncludedInCmd).toEqual([]);
});

test('should use resource overrides', async () => {
mockFs(existingObjectStore);
const volumeCmd = await setupServerlessVolumes(log, {
basePath: baseEsPath,
resources: ['./relative/path/users', '/absolute/path/users_roles'],
});

expect(volumeCmd).toContain(
'/absolute/path/users_roles:/usr/share/elasticsearch/config/users_roles'
);
expect(volumeCmd).toContain(
`${process.cwd()}/relative/path/users:/usr/share/elasticsearch/config/users`
);
});

test('should throw if an unknown resource override is used', async () => {
mockFs(existingObjectStore);

await expect(async () => {
await setupServerlessVolumes(log, {
basePath: baseEsPath,
resources: ['/absolute/path/invalid'],
});
}).rejects.toThrow(
'Unsupported ES serverless --resources value(s):\n /absolute/path/invalid\n\n' +
'Valid resources: operator_users.yml | role_mapping.yml | roles.yml | service_tokens | users | users_roles'
);
});
});

describe('runServerlessEsNode()', () => {
Expand Down
35 changes: 33 additions & 2 deletions packages/kbn-es/src/utils/docker.ts
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,11 @@ export interface ServerlessOptions extends EsClusterExecOptions, BaseOptions {
background?: boolean;
/** Wait for the ES cluster to be ready to serve requests */
waitForReady?: boolean;
/**
* Resource file(s) to overwrite
* (see list of files that can be overwritten under `packages/kbn-es/src/serverless_resources/users`)
*/
resources?: string | string[];
}

interface ServerlessEsNodeArgs {
Expand Down Expand Up @@ -470,7 +475,7 @@ export function getDockerFileMountPath(hostPath: string) {
* Setup local volumes for Serverless ES
*/
export async function setupServerlessVolumes(log: ToolingLog, options: ServerlessOptions) {
const { basePath, clean, ssl, files } = options;
const { basePath, clean, ssl, files, resources } = options;
const objectStorePath = resolve(basePath, 'stateless');

log.info(chalk.bold(`Checking for local serverless ES object store at ${objectStorePath}`));
Expand Down Expand Up @@ -509,12 +514,38 @@ export async function setupServerlessVolumes(log: ToolingLog, options: Serverles
volumeCmds.push(...fileCmds);
}

const resourceFileOverrides: Record<string, string> = resources
? (Array.isArray(resources) ? resources : [resources]).reduce((acc, filePath) => {
acc[basename(filePath)] = resolve(process.cwd(), filePath);
return acc;
}, {} as Record<string, string>)
: {};

const serverlessResources = SERVERLESS_RESOURCES_PATHS.reduce<string[]>((acc, path) => {
acc.push('--volume', `${path}:${SERVERLESS_CONFIG_PATH}${basename(path)}`);
const fileName = basename(path);
let localFilePath = path;

if (resourceFileOverrides[fileName]) {
localFilePath = resourceFileOverrides[fileName];
log.info(`'${fileName}' resource overridden with: ${localFilePath}`);
delete resourceFileOverrides[fileName];
}

acc.push('--volume', `${localFilePath}:${SERVERLESS_CONFIG_PATH}${fileName}`);

return acc;
}, []);

if (Object.keys(resourceFileOverrides).length > 0) {
throw new Error(
`Unsupported ES serverless --resources value(s):\n ${Object.values(
resourceFileOverrides
).join(' \n')}\n\nValid resources: ${SERVERLESS_RESOURCES_PATHS.map((filePath) =>
basename(filePath)
).join(' | ')}`
);
}

volumeCmds.push(
...getESp12Volume(),
...serverlessResources,
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,7 @@ describe('UserProfilesPopover', () => {
isOpen={false}
ownFocus={true}
panelPaddingSize="none"
repositionToCrossAxis={true}
>
<EuiContextMenuPanel
items={Array []}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ describe('UserProfilesPopover', () => {
isOpen={false}
ownFocus={true}
panelPaddingSize="none"
repositionToCrossAxis={true}
>
<EuiContextMenuPanel
items={Array []}
Expand Down
Loading

0 comments on commit 850fe43

Please sign in to comment.