Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Alerting] Enable updating system actions through the Bulk Edit Rule API #168226

Merged
merged 18 commits into from
Oct 27, 2023
Merged

[Alerting] Enable updating system actions through the Bulk Edit Rule API #168226

merged 18 commits into from
Oct 27, 2023

Conversation

cnasikas
Copy link
Member

@cnasikas cnasikas commented Oct 6, 2023
edited by guskovaue
Loading

Summarize your PR. If it involves visual changes include a screenshot or gif.

Meta: #160367
Depends on: #167871, #167884

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@cnasikas cnasikas added release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Alerting/RulesFramework Issues related to the Alerting Rules Framework labels Oct 6, 2023
@guskovaue
Copy link
Contributor

@elasticmachine merge upstream

@kibanamachine
Copy link
Contributor

merge conflict between base and head

@kibana-ci
Copy link
Collaborator

kibana-ci commented Oct 27, 2023
edited
Loading

💔 Build Failed

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #77 / Actions and Triggers app Rule Details Header should disable the rule
  • [job] [logs] FTR Configs #77 / Actions and Triggers app Rule Details Header should disable the rule
  • [job] [logs] x-pack/test/alerting_api_integration/security_and_spaces/group2/config_non_dedicated_task_runner.ts / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts superuser at space1 should schedule actions on legacy alerts
  • [job] [logs] x-pack/test/alerting_api_integration/security_and_spaces/group2/config.ts / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts superuser at space1 should schedule actions on legacy alerts
  • [job] [logs] x-pack/test/alerting_api_integration/security_and_spaces/group2/config_non_dedicated_task_runner.ts / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts superuser at space1 should schedule actions on legacy alerts
  • [job] [logs] x-pack/test/alerting_api_integration/security_and_spaces/group2/config.ts / alerting api integration security and spaces enabled - Group 2 Alerts legacy alerts alerts superuser at space1 should schedule actions on legacy alerts
  • [job] [logs] FTR Configs #4 / Alerting APIs Alerting rules should pass updated rule params to executor
  • [job] [logs] FTR Configs #9 / Alerting APIs Alerting rules should pass updated rule params to executor
  • [job] [logs] FTR Configs #11 / Alerting APIs Alerting rules should pass updated rule params to executor
  • [job] [logs] FTR Configs #9 / Alerting APIs Alerting rules should pass updated rule params to executor
  • [job] [logs] FTR Configs #4 / Alerting APIs Alerting rules should pass updated rule params to executor
  • [job] [logs] FTR Configs #11 / Alerting APIs Alerting rules should pass updated rule params to executor
  • [job] [logs] FTR Configs #15 / Alerting create legacy should handle create alert request appropriately
  • [job] [logs] FTR Configs #15 / Alerting create legacy should handle create alert request appropriately
  • [job] [logs] Security Solution Cypress Tests #2 / Bulk editing index patterns of rules with a data view only Add index patterns to custom rules with configured data view when data view checkbox is checked: rules are updated Add index patterns to custom rules with configured data view when data view checkbox is checked: rules are updated
  • [job] [logs] Security Solution Cypress Tests #2 / Bulk editing index patterns of rules with a data view only Add index patterns to custom rules with configured data view: all rules are skipped Add index patterns to custom rules with configured data view: all rules are skipped
  • [job] [logs] Security Solution Cypress Tests #2 / Bulk editing index patterns of rules with a data view only Delete index patterns in custom rules with configured data view: rules are skipped Delete index patterns in custom rules with configured data view: rules are skipped
  • [job] [logs] Security Solution Cypress Tests #2 / Bulk editing index patterns of rules with a data view only Overwrite index patterns in custom rules with configured data view when overwrite data view checkbox is checked: rules are updated Overwrite index patterns in custom rules with configured data view when overwrite data view checkbox is checked: rules are updated
  • [job] [logs] Security Solution Cypress Tests #2 / Bulk editing index patterns of rules with a data view only Overwrite index patterns in custom rules with configured data view when overwrite data view checkbox is NOT checked:: rules are skipped Overwrite index patterns in custom rules with configured data view when overwrite data view checkbox is NOT checked:: rules are skipped
  • [job] [logs] Security Solution Cypress Tests #2 / Bulk editing index patterns of rules with index patterns and rules with a data view Add index patterns to custom rules when overwrite data view checkbox is checked: all rules are updated Add index patterns to custom rules when overwrite data view checkbox is checked: all rules are updated
  • [job] [logs] Security Solution Cypress Tests #2 / Bulk editing index patterns of rules with index patterns and rules with a data view Add index patterns to custom rules: one rule is updated, one rule is skipped Add index patterns to custom rules: one rule is updated, one rule is skipped
  • [job] [logs] FTR Configs #77 / detection engine api security and spaces enabled - Group 1 add_actions adding actions should be able to create a new webhook action and attach it to a rule
  • [job] [logs] FTR Configs #77 / detection engine api security and spaces enabled - Group 1 add_actions adding actions should be able to create a new webhook action and attach it to a rule
  • [job] [logs] FTR Configs #36 / detection engine api security and spaces enabled - Group 10 import_rules importing rules with an index should migrate legacy actions in existing rule if overwrite is set to true
  • [job] [logs] FTR Configs #36 / detection engine api security and spaces enabled - Group 10 import_rules importing rules with an index should migrate legacy actions in existing rule if overwrite is set to true
  • [job] [logs] FTR Configs #49 / detection engine api security and spaces enabled - Group 4 Detection rule type telemetry Detection rule telemetry "kql" rule type should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active"
  • [job] [logs] FTR Configs #49 / detection engine api security and spaces enabled - Group 4 Detection rule type telemetry Detection rule telemetry "kql" rule type should show "notifications_disabled" to be "1" for rule that has at least "1" action(s) and the alert is "disabled"/"in-active"
  • [job] [logs] FTR Configs #40 / detection engine api security and spaces enabled - rule execution logic Query type rules with suppression enabled with a suppression time window should update an alert using real rule executions
  • [job] [logs] FTR Configs #40 / detection engine api security and spaces enabled - rule execution logic Query type rules with suppression enabled with a suppression time window should update an alert using real rule executions
  • [job] [logs] x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/exceptions/operators_data_types/date_numeric_types/configs/serverless.config.ts / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type date "is" operator should filter 1 single date if it is set as an exception
  • [job] [logs] FTR Configs #8 / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type date "is" operator should filter 1 single date if it is set as an exception
  • [job] [logs] x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/exceptions/operators_data_types/date_numeric_types/configs/serverless.config.ts / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type date "is" operator should filter 1 single date if it is set as an exception
  • [job] [logs] FTR Configs #8 / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type date "is" operator should filter 1 single date if it is set as an exception
  • [job] [logs] x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/exceptions/operators_data_types/keyword_text_long/configs/serverless.config.ts / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type keyword "is" operator should filter 1 single keyword if it is set as an exception
  • [job] [logs] FTR Configs #20 / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type keyword "is" operator should filter 1 single keyword if it is set as an exception
  • [job] [logs] x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/exceptions/operators_data_types/keyword_text_long/configs/serverless.config.ts / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type keyword "is" operator should filter 1 single keyword if it is set as an exception
  • [job] [logs] FTR Configs #20 / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type keyword "is" operator should filter 1 single keyword if it is set as an exception
  • [job] [logs] FTR Configs #34 / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type text "is" operator should filter 1 single text if it is set as an exception
  • [job] [logs] FTR Configs #55 / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type text "is" operator should filter 1 single text if it is set as an exception
  • [job] [logs] FTR Configs #34 / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type text "is" operator should filter 1 single text if it is set as an exception
  • [job] [logs] FTR Configs #55 / Detection exceptions data types and operators @serverless @ess Rule exception operators for data type text "is" operator should filter 1 single text if it is set as an exception
  • [job] [logs] Serverless Security Cypress Tests #3 / Detection rules, bulk edit of rule actions All actions privileges "before each" hook for "Add a rule action to rules (existing connector)" "before each" hook for "Add a rule action to rules (existing connector)"
  • [job] [logs] Security Solution Cypress Tests #1 / Detection rules, bulk edit of rule actions All actions privileges "before each" hook for "Add a rule action to rules (existing connector)" "before each" hook for "Add a rule action to rules (existing connector)"
  • [job] [logs] Security Solution Cypress Tests #1 / Detection rules, bulk edit of rule actions All actions privileges "before each" hook for "Add a rule action to rules (existing connector)" "before each" hook for "Add a rule action to rules (existing connector)"
  • [job] [logs] Serverless Security Cypress Tests #3 / Detection rules, bulk edit of rule actions All actions privileges "before each" hook for "Add a rule action to rules (existing connector)" "before each" hook for "Add a rule action to rules (existing connector)"
  • [job] [logs] Security Solution Cypress Tests #1 / Detection rules, bulk edit of rule actions Restricted action privileges User with no privileges can't add rule actions User with no privileges can't add rule actions
  • [job] [logs] Security Solution Cypress Tests #1 / Detection rules, bulk edit of rule actions Restricted action privileges User with no privileges can't add rule actions User with no privileges can't add rule actions
  • [job] [logs] FTR Configs #10 / Exceptions API @serverless @ess role_based_rule_exceptions_workflows creating rules with exceptions tests with auditbeat data should be able to execute against an exception list that does include valid entries and get back 0 alerts
  • [job] [logs] FTR Configs #57 / Exceptions API @serverless @ess role_based_rule_exceptions_workflows creating rules with exceptions tests with auditbeat data should be able to execute against an exception list that does include valid entries and get back 0 alerts
  • [job] [logs] FTR Configs #57 / Exceptions API @serverless @ess role_based_rule_exceptions_workflows creating rules with exceptions tests with auditbeat data should be able to execute against an exception list that does include valid entries and get back 0 alerts
  • [job] [logs] FTR Configs #10 / Exceptions API @serverless @ess role_based_rule_exceptions_workflows creating rules with exceptions tests with auditbeat data should be able to execute against an exception list that does include valid entries and get back 0 alerts
  • [job] [logs] Security Solution Cypress Tests #8 / Exceptions match_any Creates exception item Creates exception item
  • [job] [logs] Security Solution Cypress Tests #8 / Exceptions match_any Creates exception item Creates exception item
  • [job] [logs] FTR Configs #22 / Ingest pipelines app Ingest Pipelines Displays the test pipeline in the list of pipelines
  • [job] [logs] FTR Configs #22 / Ingest pipelines app Ingest Pipelines Displays the test pipeline in the list of pipelines
  • [job] [logs] FTR Configs #17 / Monitoring app Cluster listing Alerts should show a toast when alerts are created successfully
  • [job] [logs] FTR Configs #17 / Monitoring app Cluster listing Alerts should show a toast when alerts are created successfully
  • [job] [logs] FTR Configs #63 / Observability Rules Synthetics SyntheticsRules creates rule when settings are configured
  • [job] [logs] FTR Configs #63 / Observability Rules Synthetics SyntheticsRules creates rule when settings are configured
  • [job] [logs] Security Solution Cypress Tests #3 / Rule actions during detection rule creation Indexes a new document after the index action is triggered Indexes a new document after the index action is triggered
  • [job] [logs] Security Solution Cypress Tests #3 / Rule actions during detection rule creation Indexes a new document after the index action is triggered Indexes a new document after the index action is triggered
  • [job] [logs] FTR Configs #27 / Rule creation API @serverless @ess create_rules @brokenInServerless per-action frequencies actions without frequencies it sets each action's frequency attribute to default value when 'throttle' is undefined
  • [job] [logs] FTR Configs #27 / Rule creation API @serverless @ess create_rules @brokenInServerless per-action frequencies actions without frequencies it sets each action's frequency attribute to default value when 'throttle' is undefined
  • [job] [logs] Security Solution Cypress Tests #6 / rule snoozing Rule editing page / actions tab adds an action to a snoozed rule adds an action to a snoozed rule
  • [job] [logs] Security Solution Cypress Tests #6 / rule snoozing Rule editing page / actions tab adds an action to a snoozed rule adds an action to a snoozed rule
  • [job] [logs] Security Solution Cypress Tests #6 / rule snoozing Rules management table snoozes a rule with actions for 2 days snoozes a rule with actions for 2 days
  • [job] [logs] Security Solution Cypress Tests #6 / rule snoozing Rules management table snoozes a rule with actions for 2 days snoozes a rule with actions for 2 days
  • [job] [logs] FTR Configs #33 / Serverless observability API fleet rejects request to create a new fleet server hosts
  • [job] [logs] Jest Tests #2 / update() calls the authentication API key function if the user is authenticated using an api key
  • [job] [logs] Jest Tests #2 / update() calls the createApiKey function
  • [job] [logs] Jest Tests #2 / update() doesn't call the createAPIKey function when alert is disabled
  • [job] [logs] Jest Tests #2 / update() should call useSavedObjectReferences.extractReferences and useSavedObjectReferences.injectReferences if defined for rule type
  • [job] [logs] Jest Tests #2 / update() should update a rule even if action is missing secret when allowMissingConnectorSecrets is true
  • [job] [logs] Jest Tests #2 / update() should update a rule with some preconfigured actions
  • [job] [logs] Jest Tests #2 / update() should update a rule with some system actions
  • [job] [logs] Jest Tests #2 / update() updates an action with uuid and adds uuid to an action without it
  • [job] [logs] Jest Tests #2 / update() updates given parameters

Metrics [docs]

‼️ ERROR: no builds found for mergeBase sha [645e45c]

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@guskovaue guskovaue marked this pull request as ready for review October 27, 2023 19:57
@guskovaue guskovaue requested a review from a team as a code owner October 27, 2023 19:57
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@guskovaue guskovaue merged commit a271f50 into elastic:system_actions_mvp Oct 27, 2023
21 of 60 checks passed
@guskovaue guskovaue changed the title [Alerting] Enable updating system actions through the Bulk Edit Rule API [Alerting] Enable system actions through the Bulk Edit Rule API Oct 30, 2023
@guskovaue guskovaue self-assigned this Oct 30, 2023
@guskovaue guskovaue changed the title [Alerting] Enable system actions through the Bulk Edit Rule API [Alerting] Enable updating system actions through the Bulk Edit Rule API Oct 30, 2023
@guskovaue guskovaue removed their assignment Oct 30, 2023
@cnasikas cnasikas mentioned this pull request Nov 8, 2023
Closed
15 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@guskovaue guskovaue guskovaue approved these changes

Assignees
No one assigned
Labels
Feature:Alerting/RulesFramework Issues related to the Alerting Rules Framework release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)
Projects
No open projects
AppEx: ResponseOps - Rules & Alerts Management
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@cnasikas @guskovaue @kibanamachine @kibana-ci @elasticmachine