Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Actions] Pass the Kibana requests to the executor of system actions #173763

Merged
merged 1 commit into from
Dec 20, 2023
Merged

[Actions] Pass the Kibana requests to the executor of system actions #173763

merged 1 commit into from
Dec 20, 2023

Conversation

cnasikas
Copy link
Member

Summary

System actions, like the case action, may need access to the Kibana request to initiate clients (cases client for example) or services. This PR passes the Kibana request to the executor of system actions. It does not pass the request to nonsystem action types.

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@cnasikas cnasikas added release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Actions/Framework Issues related to the Actions Framework v8.13.0 labels Dec 20, 2023
@cnasikas cnasikas requested a review from a team as a code owner December 20, 2023 16:10
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@cnasikas cnasikas self-assigned this Dec 20, 2023
@cnasikas cnasikas mentioned this pull request Dec 20, 2023
Merged
3 tasks
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
actions 263 264 +1
Unknown metric groups

API count

id before after diff
actions 269 270 +1

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @cnasikas

doakalexi
doakalexi approved these changes Dec 20, 2023
View reviewed changes
Copy link
Contributor

@doakalexi doakalexi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@cnasikas cnasikas merged commit 4c2ea7d into elastic:main Dec 20, 2023
@cnasikas cnasikas deleted the sa_req_execute branch December 20, 2023 18:31
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Dec 20, 2023
cnasikas added a commit that referenced this pull request Apr 12, 2024
@cnasikas @kibanamachine
@adcoelho @js-jankisalvi
[Cases] Case action (#168369)
b735d8c 
## Summary

Depends on: #166267,
#170326,
#169484,
#173740,
#173763,
#178068,
#178307,
#178600,
#180437

PRs:
- #168370
- #169229
- #171754
- #172709
- #173012
- #175107
- #175452
- #175505
- #177033
- #178277
- #177139
- #179796

Fixes: #153837

## Testing

Run Kibana with `--run-examples` if you want to use the "Always firing"
rule.

Create a rule with a case action in observability and the stack. The
security solution is not supported. You should not be able to assign a
case action in a security solution rule.

1. Test the "Reopen closed cases" configuration.
2. Test the "Grouping by" configuration. Only one field is allowed. Not
all fields are persisted in alerts. If you select a field not part of
the alert the case action will create a case where the grouping value is
set to `unknow`.
3. Test the "Time window" feature. You can comment out the validation to
test for shorter times.
4. Verify that the case action is experimental.
5. Verify that based on the rule type the case is created in the correct
solution.
6. Verify that you cannot create a rule with the case action on the
basic license.
7. Verify that the execution of the case action fails if you do not have
permission for cases. Pending work on the system actions framework level
to not allow users to create rules with system actions where they do not
have permission.
8. Stress test the case action by creating multiple rules.

### Checklist

Delete any items that are not applicable to this PR.

- [x]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

### For maintainers

- [x] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

## Release notes

Automatically create cases when an alert is triggered.

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: adcoelho <antonio.coelho@elastic.co>
Co-authored-by: Janki Salvi <117571355+js-jankisalvi@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@doakalexi doakalexi doakalexi approved these changes

Assignees

@cnasikas cnasikas

Labels
backport:skip This commit does not require backporting Feature:Actions/Framework Issues related to the Actions Framework release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) v8.13.0
Projects
No open projects
AppEx: ResponseOps - Execution & Connectors
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@cnasikas @elasticmachine @kibana-ci @doakalexi @kibanamachine