Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DataViews] Use client-side authc.getCurrentUser from core.security #186856

Merged
merged 4 commits into from
Jun 27, 2024
Merged

[DataViews] Use client-side authc.getCurrentUser from core.security #186856

merged 4 commits into from
Jun 27, 2024

Conversation

tsullivan
Copy link
Member

@tsullivan tsullivan commented Jun 24, 2024
edited
Loading

Summary

Part of #186574

Background: This PR serves as an example of a plugin migrating away from depending on the Security plugin, which is a high priority effort for the last release before 9.0. The Data Views plugin uses the authc.getCurrentUser method as a means to use the user's profile_uid for creating a user-hash which is sent as a field in the headers of a particular request.

What makes this example interesting: Data Views was not able to have a direct dependency on the Security plugin due to issues with a circular dependency. As a workaround, it used the coreSetup.plugins.onStart Promise to use Security services in a non-contractual way. The change in this PR does away with the workaround and allows Data Views to consume the Security service in a more typical way.

Checklist

Delete any items that are not applicable to this PR.

@tsullivan tsullivan added Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc Team:DataDiscovery Discover, search (e.g. data plugin and KQL), data views, saved searches. For ES|QL, use Team:ES|QL. release_note:skip Skip the PR/issue when compiling release notes labels Jun 24, 2024
@tsullivan tsullivan force-pushed the security-in-core/data-views-plugin-public branch 2 times, most recently from 26db7aa to 548fcbe Compare June 24, 2024 22:21
@tsullivan tsullivan changed the title [DataViews] remove reference to security.contract.authc [DataViews] Use client-side authc.getCurrentUser from core.security Jun 24, 2024
@tsullivan tsullivan mentioned this pull request Jun 24, 2024
Closed
10 tasks
@tsullivan tsullivan marked this pull request as ready for review June 25, 2024 00:27
@tsullivan tsullivan requested a review from a team as a code owner June 25, 2024 00:28
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-core (Team:Core)

@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-data-discovery (Team:DataDiscovery)

lukasolson
lukasolson reviewed Jun 25, 2024
View reviewed changes
Copy link
Member

@lukasolson lukasolson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a small PR that simplifies things a tad more here: tsullivan#12

@tsullivan tsullivan force-pushed the security-in-core/data-views-plugin-public branch from 9297aa1 to c7346e6 Compare June 26, 2024 20:24
@tsullivan tsullivan force-pushed the security-in-core/data-views-plugin-public branch from c7346e6 to c73e220 Compare June 27, 2024 00:44
@tsullivan
Copy link
Member Author

/ci

@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
dataViews 402 401 -1

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
dataViews 61.6KB 61.3KB -259.0B
Unknown metric groups

API count

id before after diff
dataViews 1159 1158 -1

References to deprecated APIs

id before after diff
dataViews 37 36 -1

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@tsullivan tsullivan merged commit 1224a05 into elastic:main Jun 27, 2024
25 checks passed
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Jun 27, 2024
@tsullivan tsullivan deleted the security-in-core/data-views-plugin-public branch June 27, 2024 21:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pgayvallet pgayvallet pgayvallet approved these changes

@lukasolson lukasolson lukasolson approved these changes

Assignees
No one assigned
Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc Team:DataDiscovery Discover, search (e.g. data plugin and KQL), data views, saved searches. For ES|QL, use Team:ES|QL. v8.15.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@tsullivan @elasticmachine @kibana-ci @lukasolson @pgayvallet @TinaHeiligers @kibanamachine