Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution][Serverless] Left navigation #156600

Merged
merged 16 commits into from
May 7, 2023
Merged

[Security Solution][Serverless] Left navigation #156600

merged 16 commits into from
May 7, 2023

Conversation

semd
Copy link
Contributor

@semd semd commented May 3, 2023
edited
Loading

Summary

closes: #156414

Adds the basic navigation to the Security Solution project.

  • Renders the current navigation hierarchy as in the classic Security.
  • Uses the basic styles defined by Core (dark sideNav has been dropped).
  • Reuses the Security SideNav package.
  • Adds the setSideNavComponent API to the Serverless plugin.

screenshot

Run project

yarn serverless-security

Next steps

  • Add the new features needed in the navigation package to align with the new Security IA design.
  • Update the configuration of the links to display the hierarchy defined by the new Security IA.
  • Add Serverless specific styles to the sideNav in the ServerlesSecurity plugin.

@semd semd added release_note:skip Skip the PR/issue when compiling release notes backport:skip This commit does not require backporting Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Project:Serverless Work as part of the Serverless project for its initial release v8.9.0 labels May 3, 2023
@semd semd self-assigned this May 3, 2023
@YulNaumenko YulNaumenko marked this pull request as ready for review May 4, 2023 03:13
@YulNaumenko YulNaumenko requested a review from a team as a code owner May 4, 2023 03:13
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

YulNaumenko
YulNaumenko reviewed May 4, 2023
View reviewed changes
.github/CODEOWNERS
@@ -579,7 +579,7 @@ x-pack/plugins/serverless @elastic/appex-sharedux
x-pack/plugins/serverless_observability @elastic/appex-sharedux
packages/serverless/project_switcher @elastic/appex-sharedux
x-pack/plugins/serverless_search @elastic/appex-sharedux
x-pack/plugins/serverless_security @elastic/appex-sharedux
x-pack/plugins/serverless_security @elastic/security-solution
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is OK for now, but later we will need to split code ownership by the components, subfolders etc. to reduce PR noise across Security Solution teams.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup, It makes sense, let's define what team owns what sub-directories, and then I'll update it

@semd semd requested a review from a team as a code owner May 4, 2023 15:25
Dosant
Dosant approved these changes May 5, 2023
View reviewed changes
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #48 / expressions explorer emits an action and navigates

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
serverlessSecurity 4 60 +56

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
serverless 6 8 +2

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
serverlessSecurity 0.0B 7.7KB +7.7KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
securitySolution 61.6KB 61.6KB +7.0B
serverless 5.0KB 5.0KB +62.0B
serverlessSecurity 1.5KB 26.2KB +24.7KB
total +24.8KB
Unknown metric groups

API count

id before after diff
serverless 7 9 +2

async chunk count

id before after diff
serverlessSecurity 0 1 +1

ESLint disabled line counts

id before after diff
enterpriseSearch 19 21 +2
securitySolution 398 401 +3
serverless 4 3 -1
total +4

miscellaneous assets size

id before after diff
serverlessSecurity 0.0B 68.4KB +68.4KB

Total ESLint disabled count

id before after diff
enterpriseSearch 20 22 +2
securitySolution 478 481 +3
serverless 4 3 -1
total +4

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @semd

@semd semd enabled auto-merge (squash) May 5, 2023 12:05
@Dosant Dosant mentioned this pull request May 5, 2023
Merged
5 tasks
@tsullivan tsullivan mentioned this pull request May 6, 2023
Closed
YulNaumenko
YulNaumenko approved these changes May 7, 2023
View reviewed changes
Copy link
Contributor

@YulNaumenko YulNaumenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@semd semd merged commit c4d233d into elastic:main May 7, 2023
@sorenlouv sorenlouv mentioned this pull request May 8, 2023
Closed
@tsullivan tsullivan mentioned this pull request May 10, 2023
Merged
1 task
tsullivan added a commit that referenced this pull request May 16, 2023
@tsullivan @clintandrewhall
Make the Chrome project API "protected" for the Serverless plugin (#1…
4805421 
…57307)

## Summary

Addresses
#156600 (comment)

> Let's think if there is a way to throw an error when core chrome api
are called from invalid plugins (in this cases only the serverless
plugin would be allowed.

This PR can be a starting point for discussion on the behavior we really
want. This PR has a simple goal to ensure that non-serverless plugins do
not call the `chrome.projects` API. However, it's not complete security,
as the compile-time error would be easy to override.

cc @sebelga @Dosant @clintandrewhall 

---
---


### Checklist

Delete any items that are not applicable to this PR.

- [x] Documentation was added for features that require explanation or
tutorials
Internal documentation:
https://docs.google.com/document/d/1ew8KYl6ROs_V7jeIXgeP_C9YgkYK2IPtuceo6KVF_jE/edit#

---------

Co-authored-by: Clint Andrew Hall <clint@clintandrewhall.com>
jasonrhodes pushed a commit that referenced this pull request May 17, 2023
@tsullivan @clintandrewhall @jasonrhodes
Make the Chrome project API "protected" for the Serverless plugin (#1…
809f8a1 
…57307)

## Summary

Addresses
#156600 (comment)

> Let's think if there is a way to throw an error when core chrome api
are called from invalid plugins (in this cases only the serverless
plugin would be allowed.

This PR can be a starting point for discussion on the behavior we really
want. This PR has a simple goal to ensure that non-serverless plugins do
not call the `chrome.projects` API. However, it's not complete security,
as the compile-time error would be easy to override.

cc @sebelga @Dosant @clintandrewhall 

---
---


### Checklist

Delete any items that are not applicable to this PR.

- [x] Documentation was added for features that require explanation or
tutorials
Internal documentation:
https://docs.google.com/document/d/1ew8KYl6ROs_V7jeIXgeP_C9YgkYK2IPtuceo6KVF_jE/edit#

---------

Co-authored-by: Clint Andrew Hall <clint@clintandrewhall.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@clintandrewhall clintandrewhall clintandrewhall left review comments

@tsullivan tsullivan tsullivan left review comments

@sebelga sebelga sebelga left review comments

@Dosant Dosant Dosant approved these changes

@YulNaumenko YulNaumenko YulNaumenko approved these changes

Assignees

@semd semd

Labels
backport:skip This commit does not require backporting Project:Serverless Work as part of the Serverless project for its initial release release_note:skip Skip the PR/issue when compiling release notes Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.9.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Security Solution] [Serverless] Add navigation to Security in Projects
9 participants
@semd @elasticmachine @kibana-ci @clintandrewhall @tsullivan @sebelga @Dosant @YulNaumenko @kibanamachine