Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Deprecate outdated detection rules Bulk APIs #129448

Merged
merged 1 commit into from
Apr 12, 2022
Merged

[Security Solution] Deprecate outdated detection rules Bulk APIs #129448

merged 1 commit into from
Apr 12, 2022

Conversation

xcrzx
Copy link
Contributor

@xcrzx xcrzx commented Apr 5, 2022
edited
Loading

Addresses: #127756

Summary

The following endpoints are not used from Kibana anymore and have been deprecated:

To let our users know about these deprecations we:

  • Log a message whenever any of these APIs is called: 
    Deprecated endpoint: /api/detection_engine/rules/_bulk_delete API is deprecated since v8.2. Please use the /api/detection_engine/rules/_bulk_action API instead. See https://www.elastic.co/guide/en/security/master/rule-api-overview.html for more detail.
  • Respond with a warning header: 
    299 Kibana "Deprecated endpoint: /api/detection_engine/rules/_bulk_delete API is deprecated since v8.2. Please use the /api/detection_engine/rules/_bulk_action API instead. See https://www.elastic.co/guide/en/security/master/rule-api-overview.html for more detail."

@xcrzx xcrzx added release_note:deprecation Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. auto-backport Deprecated - use backport:version if exact versions are needed Team:Detection Rule Management Security Detection Rule Management Team v8.2.0 v8.3.0 labels Apr 5, 2022
@xcrzx xcrzx self-assigned this Apr 5, 2022
@xcrzx xcrzx force-pushed the bulk-apis-deprecate branch 4 times, most recently from b552997 to 24a7839 Compare April 5, 2022 13:50
@xcrzx xcrzx marked this pull request as ready for review April 5, 2022 14:53
@xcrzx xcrzx requested a review from a team as a code owner April 5, 2022 14:53
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

banderror
banderror reviewed Apr 6, 2022
View reviewed changes
Copy link
Contributor

@banderror banderror left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just a few comments @xcrzx

@xcrzx xcrzx force-pushed the bulk-apis-deprecate branch from 24a7839 to 5cb5c6d Compare April 6, 2022 16:43
@xcrzx xcrzx requested a review from a team as a code owner April 6, 2022 16:43
@KOTungseth KOTungseth requested a review from jmikell821 April 7, 2022 13:30
@xcrzx xcrzx force-pushed the bulk-apis-deprecate branch from 5cb5c6d to f356856 Compare April 11, 2022 14:02
@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Test Failures

  • [job] [logs] OSS CI Group #11 / visualize app visualize ciGroup11 visual builder Time Series basics Clicking on the chart should create a filter for series with multiple split by terms fields one of which has formatting

Metrics [docs]

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
core 318.9KB 319.0KB +45.0B

History

  • 💔 Build #36569 failed 5cb5c6d73c38fb6f133944774aaae182aaff44cd
  • 💛 Build #36171 was flaky 24a7839f96b44f209df49fe82963759e3ccf94d4
  • 💔 Build #36120 failed f72cb77b3f16a48f401cdba9759cc9f20b42c85d

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @xcrzx

gchaps
gchaps approved these changes Apr 11, 2022
View reviewed changes
Copy link
Contributor

@gchaps gchaps left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

doclink LGTM

banderror
banderror approved these changes Apr 12, 2022
View reviewed changes
Copy link
Contributor

@banderror banderror left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome, thank you so much!
I just reviewed the latest changes, I didn't test the PR.

@xcrzx xcrzx merged commit a897747 into elastic:main Apr 12, 2022
vitaliidm
vitaliidm reviewed Apr 12, 2022
View reviewed changes
x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/utils/deprecation.ts
* @returns string
*/
export const buildDeprecatedBulkEndpointMessage = (path: string) => {
const docsLink = getDocLinks({ kibanaBranch: 'main' }).siem.ruleApiOverview;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wonder, is it might be better to give a link to a latest stable release, rather main branch?

@kibanamachine kibanamachine mentioned this pull request Apr 12, 2022
Merged
kibanamachine pushed a commit that referenced this pull request Apr 12, 2022
@xcrzx
Deprecate outdated detection rules Bulk APIs (#129448)
5f0ed45 
(cherry picked from commit a897747)
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.2

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

@xcrzx xcrzx deleted the bulk-apis-deprecate branch April 12, 2022 12:42
kibanamachine added a commit that referenced this pull request Apr 12, 2022
@kibanamachine @xcrzx
Deprecate outdated detection rules Bulk APIs (#129448) (#129997)
719af45 
(cherry picked from commit a897747)

Co-authored-by: Dmitrii Shevchenko <dmitrii.shevchenko@elastic.co>
@banderror banderror mentioned this pull request Apr 12, 2022
Closed
9 tasks
@banderror banderror linked an issue Apr 12, 2022 that may be closed by this pull request
[Security Solution] Deprecate some of the Bulk API endpoints #127756
Closed
9 tasks
@banderror banderror mentioned this pull request Apr 18, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vitaliidm vitaliidm vitaliidm left review comments

@banderror banderror banderror approved these changes

@gchaps gchaps gchaps approved these changes

@jmikell821 jmikell821 Awaiting requested review from jmikell821

Assignees

@xcrzx xcrzx

Labels
auto-backport Deprecated - use backport:version if exact versions are needed release_note:deprecation Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.2.0 v8.3.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Security Solution] Deprecate some of the Bulk API endpoints
7 participants
@xcrzx @elasticmachine @kibana-ci @kibanamachine @banderror @gchaps @vitaliidm