[Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression #70759
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
madirey
changed the title
madirey
added
Feature:Endpoint
|
Pinging @elastic/endpoint-app-team (Feature:Endpoint) |
|
Pinging @elastic/endpoint-response (Team:Endpoint Response) |
madirey
added
the
release_note:skip
alexk307
reviewed
Jul 6, 2020
| this.logger.debug('wrappedManifest was null, aborting dispatch'); | ||
| return null; | ||
| } | ||
| public async syncArtifacts(snapshot: ManifestSnapshot, diffType?: 'add' | 'delete') { |
There was a problem hiding this comment.
nit: would maybe make diffType a type and have add and delete as their own types as well.
alexk307
previously approved these changes
Jul 6, 2020
…ana into user-allowlist-artifacts-pt3
…ana into user-allowlist-artifacts-pt3
XavierM
reviewed
Jul 8, 2020
| return diffs; | ||
| }, []); | ||
|
|
||
| const adds = filteredDiffs.filter((diff) => { |
There was a problem hiding this comment.
nit -> to be more readable it will be nice have branch logic to show that you are only doing add || delete on this function.
XavierM
reviewed
Jul 8, 2020
| // TODO: confirm creation of package config | ||
| // then commit. | ||
| await manifestManager.commit(wrappedManifest); | ||
| if (snapshot.diffs.length > 0) { |
There was a problem hiding this comment.
nit -> I think it will be nice to have try/catch here to avoid bubble up error and have a better way to handle it
XavierM
reviewed
Jul 8, 2020
| @@ -57,9 +70,18 @@ export const getPackageConfigCreateCallback = ( | |||
| try { | |||
| return updatedPackageConfig; | |||
| } finally { | |||
There was a problem hiding this comment.
nit -> We might think about sending a promise instead of counting on finally. I think that will be more readable too
XavierM
approved these changes
Jul 8, 2020
alexk307
approved these changes
Jul 8, 2020
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Jul 9, 2020
* master: (39 commits) [APM] Add warning to notify user about legacy ML jobs (elastic#71030) updates consumer to siem (elastic#71117) Index pattern creation flow - fix spelling (elastic#71192) [Security Solution][Endpoint] User Manifest Cleanup + Artifact Compression (elastic#70759) [SECURITY] Rearrange rule name's column in Alert Table (elastic#71020) [SECURITY] Alerts back to Detections (elastic#71142) [Security Solution][Exceptions Builder] - Fixes operator selection bug (elastic#71178) [SIEM][Detection Engine] Speeds up value list imports by enabling streaming of files. [APM] Update ML job ID in data telemetry tasks (elastic#71044) [Resolver] Remove `currentPanelView` selector (elastic#71154) add meta.managed to index templates (elastic#71135) Clarify trial subscription levels (elastic#70900) [Security Solution] fix panel links (elastic#71148) skip flaky suite (elastic#69632) skip suite failing ES Promotion (elastic#71018) [ML] DF Analytics: add results field to wizard and show regression stats (elastic#70893) [SIEM] update wordings (elastic#71119) [SECURITY SOLUTION] Rename to hosts and administration (elastic#70913) [ML] Improvements for urlState hook. (elastic#70576) Removing uptime guide (elastic#71124) ...
madirey
added a commit
that referenced
this pull request
Jul 9, 2020
…ssion (#70759) (#71246) * Stateless exception list translation with improved runtime checks * use flatMap and reduce to simplify logic * Update to new manifest format * Fix test fixture SO data type * Fix another test fixture data type * Fix sha256 reference in artifact_client * Refactor to remove usages of 'then' and tidy up a bit * Zlib compression * prefer byteLength to length * Make ingestManager optional for security-solution startup * Fix download functionality * Use eql for deep equality check * Fix base64 download bug * Add test for artifact download * Add more tests to ensure cached versions of artifacts are correct * Convert to new format * Deflate * missed some refs * partial fix to wrapper format * update fixtures and integration test * Fixing unit tests * small bug fixes * artifact and manifest versioning changes * Remove access tag from download endpoint * Adding decompression to integration test * Removing tag from route * add try/catch in ingest callback handler * Fixing * Removing last expect from unit test for tag * type fixes * Add compression type to manifest * Reverting ingestManager back to being required for now Co-authored-by: Alex Kahan <alexander.kahan@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Alex Kahan <alexander.kahan@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
rylnd
reviewed
Jul 9, 2020
| ml?: MlSetup; | ||
| lists?: ListPluginSetup; | ||
| } | ||
|
|
||
| export interface StartPlugins { | ||
| ingestManager: IngestManagerStartContract; | ||
| taskManager: TaskManagerStartContract; | ||
| ingestManager?: IngestManagerStartContract; |
There was a problem hiding this comment.
Since both ingestManager and taskManager are required plugins, these shouldn't be typed as optional here and the downstream null checks are unnecessary. Is this a temporary situation, or can we clean this up?
💚 Build SucceededBuild metrics
History
To update your PR or re-run it, just comment with: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Addresses feedback and TODOs from [SIEM][Security Solution][Endpoint] Endpoint Artifact Manifest Management + Artifact Download and Distribution #67707 and [Security Solution][Endpoint] Update to new manifest format (without compression) #70752
Adds compression of artifacts (in progress).
To do in this PR:
async/awaittothenTo address in a follow-up PR:
datasource updatepackage config race prevention (UNBLOCKED by: [Ingest Manager] Implement concurrency control for package configs #70680)@ts-ignoretype errorsif(someType.is(...))toas)exactmap... some of these should just be for loopsChecklist
Delete any items that are not applicable to this PR.
For maintainers