Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[POC] Connector adapters for alerting rule actions #159866

Closed
wants to merge 2 commits into from
Closed

[POC] Connector adapters for alerting rule actions #159866

wants to merge 2 commits into from

Conversation

mikecote
Copy link
Contributor

@mikecote mikecote commented Jun 16, 2023
edited
Loading

In this POC, I prototyped how we can have a connector, Email in this case, adapt itself to alerting rule actions so the user doesn't have to pass-through certain or any action parameters themselves through mustache.

The adapters support the following capabilities:

  • Ability to disable compatibility with certain action groups (ex: disallow "recovered" hook for JIRA because we cannot recover their incidents)
  • Ability to disable certain "run when" options (ex: disallow "on every rule run" hook for incident type connectors)
  • Ability to disable throttled summaries (ex: it doesn't make sense to create a JIRA ticket with a daily summary)
  • Ability to inject params after the rule action variables are rendered with the user input. Access to the same payload so you have access to the full alert object.
  • Ability to have a different rule action params schema for a connector type (ex: email connector has kibanaFooterLink as a param, but I can remove it from being a valid/allowed param for alerting rules). TODO: modify code to enforce validation.

Adapter example: https://github.com/elastic/kibana/pull/159866/files#diff-c496e4ab30fb220a62f4646a3bae3459ba9db34c3ca105fab312c5a604c23383R425

You can also load the UI and notice that I made it reflect the configuration for email connector so you can only, for demo purposes, select active action groups and you can only select on action group change. More to do in the cases scenario where we want to hide it from the connectors list and replace it with a checkbox..

@mikecote mikecote added Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Actions/ConnectorTypes Issues related to specific Connector Types on the Actions Framework Feature:Actions/Framework Issues related to the Actions Framework labels Jun 16, 2023
@mikecote mikecote self-assigned this Jun 16, 2023
@kibana-ci
Copy link
Collaborator

kibana-ci commented Jun 16, 2023
edited
Loading

💔 Build Failed

Failed CI Steps

Test Failures

  • [job] [logs] Jest Tests #15 / action_form action_form in alert does not render "Add connector" button for preconfigured only action type
  • [job] [logs] Jest Tests #15 / action_form action_form in alert does not render action types disabled by config
  • [job] [logs] Jest Tests #15 / action_form action_form in alert recognizes actions with broken connectors
  • [job] [logs] Jest Tests #15 / action_form action_form in alert render action types which is preconfigured only (disabled by config and with preconfigured connectors)
  • [job] [logs] Jest Tests #15 / action_form action_form in alert renders action types disabled by license
  • [job] [logs] Jest Tests #15 / action_form action_form in alert renders available action cards
  • [job] [logs] Jest Tests #15 / action_form action_form in alert renders available action groups for the selected action type
  • [job] [logs] Jest Tests #15 / action_form action_form in alert renders available connectors for the selected action type
  • [job] [logs] Jest Tests #15 / action_form action_form in alert renders disabled action groups for custom recovered action groups
  • [job] [logs] Jest Tests #15 / action_form action_form in alert renders disabled action groups for selected action type
  • [job] [logs] Jest Tests #15 / action_form action_form in alert renders only preconfigured connectors for the selected preconfigured action type
  • [job] [logs] Jest Tests #15 / action_form beta badge (action_type_form) does not render beta badge when isExperimental=false
  • [job] [logs] Jest Tests #15 / action_form beta badge (action_type_form) does not render beta badge when isExperimental=undefined
  • [job] [logs] Jest Tests #15 / action_form beta badge (action_type_form) renders beta badge when isExperimental=true
  • [job] [logs] Jest Tests #15 / action_type_form calls "setActionParamsProperty" to set the default value for the empty dedupKey
  • [job] [logs] Jest Tests #15 / action_type_form does not call "setActionParamsProperty" because dedupKey is not empty
  • [job] [logs] Jest Tests #15 / action_type_form renders the actionParamsField with the execution mode set to ActionForm
  • [job] [logs] Jest Tests #15 / action_type_form shows an error icon when there is a form error and the action accordion is closed
  • [job] [logs] Jest Tests #6 / ActionForm - Slack API Connector show error message when no channel has been selected
  • [job] [logs] Jest Tests #9 / alert_form alert_form > action_form action_form in alert renders available action cards
  • [job] [logs] Security Solution Tests #5 / Detections : Page Filters Alert Page Filters Customization should not sync to the URL in edit mode but only in view mode
  • [job] [logs] Security Solution Tests #5 / Detections : Page Filters Number fields are not visible in field edit panel
  • [job] [logs] Explore - Security Solution Tests #2 / Entity Analytics Dashboard With anomalies data renders table with pagination
  • [job] [logs] Jest Tests #6 / Stack Connectors Plugin setup() should register built in connector types
  • [job] [logs] Jest Tests #10 / Task Runner actionsPlugin.execute is called per alert alert that is scheduled
  • [job] [logs] Jest Tests #10 / Task Runner actionsPlugin.execute is called per alert alert that is scheduled (with ephemeral support)
  • [job] [logs] Jest Tests #10 / Task Runner actionsPlugin.execute is called when notifyWhen=onActionGroupChange and alert state has changed
  • [job] [logs] Jest Tests #10 / Task Runner actionsPlugin.execute is called when notifyWhen=onActionGroupChange and alert state has changed (with ephemeral support)
  • [job] [logs] Jest Tests #10 / Task Runner fire actions under a custom recovery group when specified on an alert type for alertInstances which are in the recovered state
  • [job] [logs] Jest Tests #10 / Task Runner fire actions under a custom recovery group when specified on an alert type for alertInstances which are in the recovered state (with ephemeral support)
  • [job] [logs] Jest Tests #10 / Task Runner fire recovered actions for execution for the alertInstances which is in the recovered state
  • [job] [logs] Jest Tests #10 / Task Runner fire recovered actions for execution for the alertInstances which is in the recovered state (with ephemeral support)
  • [job] [logs] Jest Tests #10 / Task Runner includes the apiKey in the request used to initialize the actionsClient
  • [job] [logs] Jest Tests #10 / Task Runner includes the apiKey in the request used to initialize the actionsClient (with ephemeral support)
  • [job] [logs] Jest Tests #10 / Task Runner should skip alertInstances which weren't active on the previous execution
  • [job] [logs] Jest Tests #10 / Task Runner should skip alertInstances which weren't active on the previous execution (with ephemeral support)
  • [job] [logs] Jest Tests #10 / Task Runner skips firing actions for active alert if alert is muted
  • [job] [logs] Jest Tests #10 / Task Runner skips firing actions for active alert if alert is muted (with ephemeral support)
  • [job] [logs] Jest Tests #10 / Task Runner skips firing actions for active alert when alert is muted even if notifyWhen === onActionGroupChange
  • [job] [logs] Jest Tests #10 / Task Runner skips firing actions for active alert when alert is muted even if notifyWhen === onActionGroupChange (with ephemeral support)
  • [job] [logs] Jest Tests #10 / Task Runner snoozing works as expected with muteAll: false; snoozeSchedule: [{"rRule":{"dtstart":"9999-12-31T12:34:56.789Z","tzid":"UTC","count":1},"duration":100000000}]
  • [job] [logs] Jest Tests #10 / Task Runner snoozing works as expected with muteAll: false; snoozeSchedule: null
  • [job] [logs] Jest Tests #10 / Task Runner snoozing works as expected with muteAll: false; snoozeSchedule: undefined
  • [job] [logs] Jest Tests #10 / Task Runner triggers summary actions (Per rule run)

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
triggersActionsUi 558 559 +1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
triggersActionsUi 1.4MB 1.4MB +1.1KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
triggersActionsUi 85.7KB 85.8KB +159.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @mikecote

@cnasikas cnasikas mentioned this pull request Jun 23, 2023
Closed
15 tasks
@mikecote mikecote closed this Jul 13, 2023
@cnasikas cnasikas mentioned this pull request Jul 23, 2023
Closed
2 tasks
@cnasikas cnasikas mentioned this pull request Sep 8, 2023
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@mikecote mikecote

Labels
Feature:Actions/ConnectorTypes Issues related to specific Connector Types on the Actions Framework Feature:Actions/Framework Issues related to the Actions Framework Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mikecote @kibana-ci @kibanamachine