[7.x] Add telemetry for Elastic Cloud (#102390)

NOTICE.txt

@@ -235,6 +235,10 @@ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+---
+Portions of this code are licensed under the following license:
+For license information please see https://edge.fullstory.com/s/fs.js.LICENSE.txt
+
 ---
 This product bundles bootstrap@3.3.6 which is available under a
 "MIT" license.

package.json

@@ -125,6 +125,7 @@
     "@kbn/analytics": "link:bazel-bin/packages/kbn-analytics",
     "@kbn/apm-config-loader": "link:bazel-bin/packages/kbn-apm-config-loader",
     "@kbn/apm-utils": "link:bazel-bin/packages/kbn-apm-utils",
+    "@kbn/common-utils": "link:bazel-bin/packages/kbn-common-utils",
     "@kbn/config": "link:bazel-bin/packages/kbn-config",
     "@kbn/config-schema": "link:bazel-bin/packages/kbn-config-schema",
     "@kbn/crypto": "link:bazel-bin/packages/kbn-crypto",
@@ -155,7 +156,6 @@
     "@kbn/ui-framework": "link:bazel-bin/packages/kbn-ui-framework",
     "@kbn/ui-shared-deps": "link:bazel-bin/packages/kbn-ui-shared-deps",
     "@kbn/utility-types": "link:bazel-bin/packages/kbn-utility-types",
-    "@kbn/common-utils": "link:bazel-bin/packages/kbn-common-utils",
     "@kbn/utils": "link:bazel-bin/packages/kbn-utils",
     "@loaders.gl/core": "^2.3.1",
     "@loaders.gl/json": "^2.3.1",
@@ -270,6 +270,7 @@
     "jquery": "^3.5.0",
     "js-levenshtein": "^1.1.6",
     "js-search": "^1.4.3",
+    "js-sha256": "^0.9.0",
     "js-yaml": "^3.14.0",
     "json-stable-stringify": "^1.0.1",
     "json-stringify-pretty-compact": "1.2.0",

x-pack/plugins/cloud/public/fullstory.ts

@@ -0,0 +1,100 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { sha256 } from 'js-sha256';
+import type { IBasePath, PackageInfo } from '../../../../src/core/public';
+
+export interface FullStoryDeps {
+  basePath: IBasePath;
+  orgId: string;
+  packageInfo: PackageInfo;
+  userIdPromise: Promise<string | undefined>;
+}
+
+interface FullStoryApi {
+  identify(userId: string, userVars?: Record<string, any>): void;
+  event(eventName: string, eventProperties: Record<string, any>): void;
+}
+
+export const initializeFullStory = async ({
+  basePath,
+  orgId,
+  packageInfo,
+  userIdPromise,
+}: FullStoryDeps) => {
+  // @ts-expect-error
+  window._fs_debug = false;
+  // @ts-expect-error
+  window._fs_host = 'fullstory.com';
+  // @ts-expect-error
+  window._fs_script = basePath.prepend(`/internal/cloud/${packageInfo.buildNum}/fullstory.js`);
+  // @ts-expect-error
+  window._fs_org = orgId;
+  // @ts-expect-error
+  window._fs_namespace = 'FSKibana';
+
+  /* eslint-disable */
+  (function(m,n,e,t,l,o,g,y){
+      if (e in m) {if(m.console && m.console.log) { m.console.log('FullStory namespace conflict. Please set window["_fs_namespace"].');} return;}
+      // @ts-expect-error
+      g=m[e]=function(a,b,s){g.q?g.q.push([a,b,s]):g._api(a,b,s);};g.q=[];
+      // @ts-expect-error
+      o=n.createElement(t);o.async=1;o.crossOrigin='anonymous';o.src=_fs_script;
+      // @ts-expect-error
+      y=n.getElementsByTagName(t)[0];y.parentNode.insertBefore(o,y);
+      // @ts-expect-error
+      g.identify=function(i,v,s){g(l,{uid:i},s);if(v)g(l,v,s)};g.setUserVars=function(v,s){g(l,v,s)};g.event=function(i,v,s){g('event',{n:i,p:v},s)};
+      // @ts-expect-error
+      g.anonymize=function(){g.identify(!!0)};
+      // @ts-expect-error
+      g.shutdown=function(){g("rec",!1)};g.restart=function(){g("rec",!0)};
+      // @ts-expect-error
+      g.log = function(a,b){g("log",[a,b])};
+      // @ts-expect-error
+      g.consent=function(a){g("consent",!arguments.length||a)};
+      // @ts-expect-error
+      g.identifyAccount=function(i,v){o='account';v=v||{};v.acctId=i;g(o,v)};
+      // @ts-expect-error
+      g.clearUserCookie=function(){};
+      // @ts-expect-error
+      g.setVars=function(n, p){g('setVars',[n,p]);};
+      // @ts-expect-error
+      g._w={};y='XMLHttpRequest';g._w[y]=m[y];y='fetch';g._w[y]=m[y];
+      // @ts-expect-error
+      if(m[y])m[y]=function(){return g._w[y].apply(this,arguments)};
+      // @ts-expect-error
+      g._v="1.3.0";
+      // @ts-expect-error
+  })(window,document,window['_fs_namespace'],'script','user');
+  /* eslint-enable */
+
+  // @ts-expect-error
+  const fullstory: FullStoryApi = window.FSKibana;
+
+  // Record an event that Kibana was opened so we can easily search for sessions that use Kibana
+  // @ts-expect-error
+  window.FSKibana.event('Loaded Kibana', {
+    kibana_version_str: packageInfo.version,
+  });
+
+  // Use a promise here so we don't have to wait to retrieve the user to start recording the session
+  userIdPromise
+    .then((userId) => {
+      if (!userId) return;
+      // Do the hashing here to keep it at clear as possible in our source code that we do not send literal user IDs
+      const hashedId = sha256(userId.toString());
+      // @ts-expect-error
+      window.FSKibana.identify(hashedId);
+    })
+    .catch((e) => {
+      // eslint-disable-next-line no-console
+      console.error(
+        `[cloud.full_story] Could not call FS.identify due to error: ${e.toString()}`,
+        e
+      );
+    });
+};

x-pack/plugins/cloud/public/plugin.test.mocks.ts

@@ -0,0 +1,13 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { FullStoryDeps } from './fullstory';
+
+export const initializeFullStoryMock = jest.fn<void, [FullStoryDeps]>();
+jest.doMock('./fullstory', () => {
+  return { initializeFullStory: initializeFullStoryMock };
+});

x-pack/plugins/cloud/public/plugin.test.ts

@@ -9,18 +9,108 @@ import { nextTick } from '@kbn/test/jest';
 import { coreMock } from 'src/core/public/mocks';
 import { homePluginMock } from 'src/plugins/home/public/mocks';
 import { securityMock } from '../../security/public/mocks';
-import { CloudPlugin } from './plugin';
+import { initializeFullStoryMock } from './plugin.test.mocks';
+import { CloudPlugin, CloudConfigType, loadFullStoryUserId } from './plugin';
 
 describe('Cloud Plugin', () => {
+  describe('#setup', () => {
+    describe('setupFullstory', () => {
+      beforeEach(() => {
+        initializeFullStoryMock.mockReset();
+      });
+
+      const setupPlugin = async ({
+        config = {},
+        securityEnabled = true,
+        currentUserProps = {},
+      }: {
+        config?: Partial<CloudConfigType>;
+        securityEnabled?: boolean;
+        currentUserProps?: Record<string, any>;
+      }) => {
+        const initContext = coreMock.createPluginInitializerContext({
+          id: 'cloudId',
+          base_url: 'https://cloud.elastic.co',
+          deployment_url: '/abc123',
+          profile_url: '/profile/alice',
+          organization_url: '/org/myOrg',
+          full_story: {
+            enabled: false,
+          },
+          ...config,
+        });
+        const plugin = new CloudPlugin(initContext);
+
+        const coreSetup = coreMock.createSetup();
+        const securitySetup = securityMock.createSetup();
+        securitySetup.authc.getCurrentUser.mockResolvedValue(
+          securityMock.createMockAuthenticatedUser(currentUserProps)
+        );
+
+        const setup = plugin.setup(coreSetup, securityEnabled ? { security: securitySetup } : {});
+        // Wait for fullstory dynamic import to resolve
+        await new Promise((r) => setImmediate(r));
+
+        return { initContext, plugin, setup };
+      };
+
+      it('calls initializeFullStory with correct args when enabled and org_id are set', async () => {
+        const { initContext } = await setupPlugin({
+          config: { full_story: { enabled: true, org_id: 'foo' } },
+          currentUserProps: {
+            username: '1234',
+          },
+        });
+
+        expect(initializeFullStoryMock).toHaveBeenCalled();
+        const {
+          basePath,
+          orgId,
+          packageInfo,
+          userIdPromise,
+        } = initializeFullStoryMock.mock.calls[0][0];
+        expect(basePath.prepend).toBeDefined();
+        expect(orgId).toEqual('foo');
+        expect(packageInfo).toEqual(initContext.env.packageInfo);
+        expect(await userIdPromise).toEqual('1234');
+      });
+
+      it('passes undefined user ID when security is not available', async () => {
+        await setupPlugin({
+          config: { full_story: { enabled: true, org_id: 'foo' } },
+          securityEnabled: false,
+        });
+
+        expect(initializeFullStoryMock).toHaveBeenCalled();
+        const { orgId, userIdPromise } = initializeFullStoryMock.mock.calls[0][0];
+        expect(orgId).toEqual('foo');
+        expect(await userIdPromise).toEqual(undefined);
+      });
+
+      it('does not call initializeFullStory when enabled=false', async () => {
+        await setupPlugin({ config: { full_story: { enabled: false, org_id: 'foo' } } });
+        expect(initializeFullStoryMock).not.toHaveBeenCalled();
+      });
+
+      it('does not call initializeFullStory when org_id is undefined', async () => {
+        await setupPlugin({ config: { full_story: { enabled: true } } });
+        expect(initializeFullStoryMock).not.toHaveBeenCalled();
+      });
+    });
+  });
+
   describe('#start', () => {
-    function setupPlugin() {
+    const startPlugin = () => {
       const plugin = new CloudPlugin(
         coreMock.createPluginInitializerContext({
           id: 'cloudId',
           base_url: 'https://cloud.elastic.co',
           deployment_url: '/abc123',
           profile_url: '/profile/alice',
           organization_url: '/org/myOrg',
+          full_story: {
+            enabled: false,
+          },
         })
       );
       const coreSetup = coreMock.createSetup();
@@ -29,10 +119,10 @@ describe('Cloud Plugin', () => {
       plugin.setup(coreSetup, { home: homeSetup });
 
       return { coreSetup, plugin };
-    }
+    };
 
     it('registers help support URL', async () => {
-      const { plugin } = setupPlugin();
+      const { plugin } = startPlugin();
 
       const coreStart = coreMock.createStart();
       const securityStart = securityMock.createStart();
@@ -47,7 +137,7 @@ describe('Cloud Plugin', () => {
     });
 
     it('does not register custom nav links on anonymous pages', async () => {
-      const { plugin } = setupPlugin();
+      const { plugin } = startPlugin();
 
       const coreStart = coreMock.createStart();
       coreStart.http.anonymousPaths.isAnonymous.mockReturnValue(true);
@@ -68,7 +158,7 @@ describe('Cloud Plugin', () => {
     });
 
     it('registers a custom nav link for superusers', async () => {
-      const { plugin } = setupPlugin();
+      const { plugin } = startPlugin();
 
       const coreStart = coreMock.createStart();
       const securityStart = securityMock.createStart();
@@ -94,7 +184,7 @@ describe('Cloud Plugin', () => {
     });
 
     it('registers a custom nav link when there is an error retrieving the current user', async () => {
-      const { plugin } = setupPlugin();
+      const { plugin } = startPlugin();
 
       const coreStart = coreMock.createStart();
       const securityStart = securityMock.createStart();
@@ -116,7 +206,7 @@ describe('Cloud Plugin', () => {
     });
 
     it('does not register a custom nav link for non-superusers', async () => {
-      const { plugin } = setupPlugin();
+      const { plugin } = startPlugin();
 
       const coreStart = coreMock.createStart();
       const securityStart = securityMock.createStart();
@@ -133,7 +223,7 @@ describe('Cloud Plugin', () => {
     });
 
     it('registers user profile links for superusers', async () => {
-      const { plugin } = setupPlugin();
+      const { plugin } = startPlugin();
 
       const coreStart = coreMock.createStart();
       const securityStart = securityMock.createStart();
@@ -169,7 +259,7 @@ describe('Cloud Plugin', () => {
     });
 
     it('registers profile links when there is an error retrieving the current user', async () => {
-      const { plugin } = setupPlugin();
+      const { plugin } = startPlugin();
 
       const coreStart = coreMock.createStart();
       const securityStart = securityMock.createStart();
@@ -201,7 +291,7 @@ describe('Cloud Plugin', () => {
     });
 
     it('does not register profile links for non-superusers', async () => {
-      const { plugin } = setupPlugin();
+      const { plugin } = startPlugin();
 
       const coreStart = coreMock.createStart();
       const securityStart = securityMock.createStart();
@@ -217,4 +307,56 @@ describe('Cloud Plugin', () => {
       expect(securityStart.navControlService.addUserMenuLinks).not.toHaveBeenCalled();
     });
   });
+
+  describe('loadFullStoryUserId', () => {
+    let consoleMock: jest.SpyInstance<void, [message?: any, ...optionalParams: any[]]>;
+
+    beforeEach(() => {
+      consoleMock = jest.spyOn(console, 'debug').mockImplementation(() => {});
+    });
+    afterEach(() => {
+      consoleMock.mockRestore();
+    });
+
+    it('returns principal ID when username specified', async () => {
+      expect(
+        await loadFullStoryUserId({
+          getCurrentUser: jest.fn().mockResolvedValue({
+            username: '1234',
+          }),
+        })
+      ).toEqual('1234');
+      expect(consoleMock).not.toHaveBeenCalled();
+    });
+
+    it('returns undefined if getCurrentUser throws', async () => {
+      expect(
+        await loadFullStoryUserId({
+          getCurrentUser: jest.fn().mockRejectedValue(new Error(`Oh no!`)),
+        })
+      ).toBeUndefined();
+    });
+
+    it('returns undefined if getCurrentUser returns undefined', async () => {
+      expect(
+        await loadFullStoryUserId({
+          getCurrentUser: jest.fn().mockResolvedValue(undefined),
+        })
+      ).toBeUndefined();
+    });
+
+    it('returns undefined and logs if username undefined', async () => {
+      expect(
+        await loadFullStoryUserId({
+          getCurrentUser: jest.fn().mockResolvedValue({
+            username: undefined,
+            metadata: { foo: 'bar' },
+          }),
+        })
+      ).toBeUndefined();
+      expect(consoleMock).toHaveBeenLastCalledWith(
+        `[cloud.full_story] username not specified. User metadata: {"foo":"bar"}`
+      );
+    });
+  });
 });