[Security Solution] bubble up policy response errors

[joeypoon]

Summary

• Add new error callouts for endpoint policy response. For each failure, there will be a nested callout in the accordion as well as a top-level bubbled up callout for easy viewing when the accordion is collapsed.
• Refactor policy_response_friendly_names.ts so that new error descriptions and links can easily be added.
• Add full_disk_access as failure action
• Does not include restyling to match new designs for improved agent debugging

Testing notes:

• Link button only shows if failed action is mapped in linkTexts and linkUrls.
• Callout description only shows if failed action is mapped in descriptions.

Checklist

Delete any items that are not applicable to this PR.

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Unit or functional tests were updated or added to match the most common scenarios
• Any UI touched in this PR is usable by keyboard only (learn more about keyboard accessibility)
• Any UI touched in this PR does not create any new axe failures (run axe in browser: FF, Chrome)
• This renders correctly on smaller devices using a responsive layout. (You can test this in your browser)
• This was checked for cross-browser compatibility

For maintainers

• This was checked for breaking API changes and was labeled appropriately

[joeypoon]

@kevinlog thoughts on wording for full_disk_access link button?

[kevinlog]

@joeypoon

how about: Full disk access needs to be enabled on this host to enable all Endpoint capabilities. See the documentation[link] for more information.

cc @caitlinbetz

[joeypoon]

I do agree that using the link within the description is more elegant. though, I also feel like since the design had a CTA button it felt a bit more consistent if all links were just on the button. either way works for me though.

[joeypoon]

@kevinlog should we also show callout on unsupported or warning?

[kevinlog]

we should show a callout for warning, but no need for unsupported at this time.

[elasticmachine]

Pinging @elastic/security-onboarding-and-lifecycle-mgt (Team:Onboarding and Lifecycle Mgt)

[kibana-ci]

💚 Build Succeeded

• Buildkite Build
• Commit: 138f19b
• Storybooks Preview
• Cloud Deployment
• Webpack Bundle Analyzer

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id	before	after	diff
securitySolution	3011	3012	+1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
securitySolution	5.1MB	5.1MB	+5.4KB

History

• 💔 Build #48764 failed d680bb93d7c2f516c0373f256cfb3e7dea441e3a

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

[ashokaditya]

Tested it out and it works as expected. Since this is to make the error handling UX better, it got me thinking, that currently, you can see where the error is with the notification bubble, but still have to click a couple of times to get to it depending on which level it is in.

It might be even more helpful if the bubbled-up callout title was clickable to expand the policy where the error is. What do you think?

[ashokaditya]

nice

[ashokaditya]

You should pull this from the euiTheme, there must be a token like euiMarginBottom or something.

[joeypoon]

Tested it out and it works as expected. Since this is to make the error handling UX better, it got me thinking, that currently, you can see where the error is with the notification bubble, but still have to click a couple of times to get to it depending on which level it is in.

It might be even more helpful if the bubbled-up callout title was clickable to expand the policy where the error is. What do you think?

I think this is a good idea. Though, I think the implementation might be a bit too involved with manual accordion state tracking. I feel like in a normal scenario, a user wouldn't need to drill down the accordion and the top level callout should be sufficient at providing enough actionable information.

[joeypoon]

Closing this PR for now as there's a decent amount of overlap with this PR: #133405. Will reopen after it is merged and reimplement the necessary changes.