From 241a5e917a5d7cd6fa31654e5c1c103328335658 Mon Sep 17 00:00:00 2001
From: Julia Bardi <julia.bardi@elastic.co>
Date: Wed, 23 Nov 2022 09:08:56 +0100
Subject: [PATCH] whitelist fleet server config to only server limits, timeouts
 and runtime

---
 .../collectors/fleet_server_collector.ts      | 34 +++++++++++++++----
 .../fleet_usage_telemetry.test.ts             |  2 ++
 2 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/x-pack/plugins/fleet/server/collectors/fleet_server_collector.ts b/x-pack/plugins/fleet/server/collectors/fleet_server_collector.ts
index f48e166209edf..4d587e78563f6 100644
--- a/x-pack/plugins/fleet/server/collectors/fleet_server_collector.ts
+++ b/x-pack/plugins/fleet/server/collectors/fleet_server_collector.ts
@@ -94,13 +94,35 @@ export const getFleetServerConfig = async (soClient: SavedObjectsClient): Promis
     kuery: `${PACKAGE_POLICY_SAVED_OBJECT_TYPE}.package.name:fleet_server`,
   });
   const getInputConfig = (item: any) => {
-    let config = (item.inputs[0] ?? {}).compiled_input;
-    if (config.server) {
-      config = { ...config, server: { ...config.server } };
-      delete config.server.host;
-      delete config.server.port;
+    const config = (item.inputs[0] ?? {}).compiled_input;
+    if (config?.server) {
+      // whitelist only server limits, timeouts and runtime, sometimes fields are coming in "server.limits" format instead of nested object
+      const newConfig = Object.keys(config)
+        .filter((key) => key.startsWith('server'))
+        .reduce((acc: any, curr: string) => {
+          if (curr === 'server') {
+            acc.server = {};
+            Object.keys(config.server)
+              .filter(
+                (key) =>
+                  key.startsWith('limits') ||
+                  key.startsWith('timeouts') ||
+                  key.startsWith('runtime')
+              )
+              .forEach((serverKey: string) => {
+                acc.server[serverKey] = config.server[serverKey];
+                return acc;
+              });
+          } else {
+            acc[curr] = config[curr];
+          }
+          return acc;
+        }, {});
+
+      return newConfig;
+    } else {
+      return {};
     }
-    return config;
   };
   const policies = res.items.map((item) => ({
     input_config: getInputConfig(item),
diff --git a/x-pack/plugins/fleet/server/integration_tests/fleet_usage_telemetry.test.ts b/x-pack/plugins/fleet/server/integration_tests/fleet_usage_telemetry.test.ts
index f05725c45bee0..5197b34fc89fe 100644
--- a/x-pack/plugins/fleet/server/integration_tests/fleet_usage_telemetry.test.ts
+++ b/x-pack/plugins/fleet/server/integration_tests/fleet_usage_telemetry.test.ts
@@ -192,8 +192,10 @@ describe('fleet usage telemetry', () => {
               port: 8220,
               host: '0.0.0.0',
               'limits.max_agents': 3000,
+              other: 'other',
             },
             'server.runtime': 'gc_percent:20',
+            ssl: 'ssl',
           },
         },
       ],