Skip to content

Commit

Permalink
Change getApmIndices to use kibana internal user
Browse files Browse the repository at this point in the history
  • Loading branch information
@crespocarlos
crespocarlos committed Nov 13, 2024
1 parent 1253966 commit 739a20c
Show file tree
Hide file tree
Showing 16 changed files with 30 additions and 124 deletions.
5 changes: 1 addition & 4 deletions x-pack/plugins/observability_solution/apm/server/assistant_functions/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,10 +72,7 @@ export function registerAssistantFunctions({
ruleDataClient,
plugins,
getApmIndices: async () => {
const coreContext = await resources.context.core;
const apmIndices = await plugins.apmDataAccess.setup.getApmIndices(
coreContext.savedObjects.client
);
const apmIndices = await plugins.apmDataAccess.setup.getApmIndices();
return apmIndices;
},
};
Expand Down
11 changes: 2 additions & 9 deletions x-pack/plugins/observability_solution/apm/server/plugin.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ import {
} from './routes/alerts/register_apm_rule_types';
import { registerFleetPolicyCallbacks } from './routes/fleet/register_fleet_policy_callbacks';
import { createApmTelemetry } from './lib/apm_telemetry';
import { getInternalSavedObjectsClient } from './lib/helpers/get_internal_saved_objects_client';
import { createApmAgentConfigurationIndex } from './routes/settings/agent_configuration/create_agent_config_index';
import { createApmCustomLinkIndex } from './routes/settings/custom_link/create_custom_link_index';
import {
Expand Down Expand Up @@ -114,21 +113,15 @@ export class APMPlugin
};
}) as APMRouteHandlerResources['plugins'];

const apmIndicesPromise = (async () => {
const coreStart = await getCoreStart();
const soClient = await getInternalSavedObjectsClient(coreStart);
const { getApmIndices } = plugins.apmDataAccess;
return getApmIndices(soClient);
})();

// This if else block will go away in favour of removing Home Tutorial Integration
// Ideally we will directly register a custom integration and pass the configs
// for cloud, onPrem and Serverless so that the actual component can take
// care of rendering
if (currentConfig.serverlessOnboarding && plugins.customIntegrations) {
plugins.customIntegrations?.registerCustomIntegration(apmTutorialCustomIntegration);
} else {
apmIndicesPromise
plugins.apmDataAccess
.getApmIndices()
.then((apmIndices) => {
plugins.home?.tutorials.registerTutorial(
tutorialProvider({
Expand Down
5 changes: 1 addition & 4 deletions ...plugins/observability_solution/apm/server/routes/apm_routes/register_apm_server_routes.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,10 +109,7 @@ export function registerRoutes({
);

const getApmIndices = async () => {
const coreContext = await context.core;
const apmIndices = await plugins.apmDataAccess.setup.getApmIndices(
coreContext.savedObjects.client
);
const apmIndices = await plugins.apmDataAccess.setup.getApmIndices();
return apmIndices;
};

Expand Down
3 changes: 1 addition & 2 deletions ...on/apm/server/routes/assistant_functions/get_observability_alert_details_context/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,7 @@ export const getAlertDetailsContextHandler = (
return async (requestContext, query) => {
const resources = {
getApmIndices: async () => {
const coreContext = await requestContext.core;
return resourcePlugins.apmDataAccess.setup.getApmIndices(coreContext.savedObjects.client);
return resourcePlugins.apmDataAccess.setup.getApmIndices();
},
request: requestContext.request,
params: { query: { _inspect: false } },
Expand Down
8 changes: 3 additions & 5 deletions ...plugins/observability_solution/apm/server/routes/fleet/register_fleet_policy_callbacks.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
* 2.0.
*/

import { Logger, CoreStart, SavedObjectsClientContract } from '@kbn/core/server';
import { Logger, CoreStart } from '@kbn/core/server';
import {
FleetStartContract,
PostPackagePolicyCreateCallback,
Expand All @@ -22,7 +22,6 @@ import {
SOURCE_MAP_API_KEY_PATH,
} from './get_package_policy_decorators';
import { createInternalESClient } from '../../lib/helpers/create_es_client/create_internal_es_client';
import { getInternalSavedObjectsClient } from '../../lib/helpers/get_internal_saved_objects_client';
import { APMRouteHandlerResources } from '../apm_routes/register_apm_server_routes';

export async function registerFleetPolicyCallbacks({
Expand Down Expand Up @@ -149,7 +148,7 @@ function onPackagePolicyCreateOrUpdate({
coreStart,
}: {
fleetPluginStart: FleetStartContract;
getApmIndices: (soClient: SavedObjectsClientContract) => Promise<APMIndices>;
getApmIndices: () => Promise<APMIndices>;
coreStart: CoreStart;
}): PutPackagePolicyUpdateCallback & PostPackagePolicyCreateCallback {
return async (packagePolicy) => {
Expand All @@ -158,8 +157,7 @@ function onPackagePolicyCreateOrUpdate({
}

const { asInternalUser } = coreStart.elasticsearch.client;
const savedObjectsClient = await getInternalSavedObjectsClient(coreStart);
const apmIndices = await getApmIndices(savedObjectsClient);
const apmIndices = await getApmIndices();

const internalESClient = await createInternalESClient({
debug: false,
Expand Down
4 changes: 1 addition & 3 deletions x-pack/plugins/observability_solution/apm_data_access/kibana.jsonc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,7 @@
"requiredPlugins": [
"data"
],
"optionalPlugins": [
"security"
],
"optionalPlugins": [],
"requiredBundles": []
}
}
43 changes: 0 additions & 43 deletions x-pack/plugins/observability_solution/apm_data_access/server/lib/check_privileges.ts
View file

This file was deleted.

26 changes: 9 additions & 17 deletions x-pack/plugins/observability_solution/apm_data_access/server/plugin.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ import {
getApmIndicesSavedObject,
} from './saved_objects/apm_indices';
import { getServices } from './services/get_services';
import { ApmDataAccessPrivilegesCheck, checkPrivileges } from './lib/check_privileges';

export class ApmDataAccessPlugin
implements Plugin<ApmDataAccessPluginSetup, ApmDataAccessPluginStart>
Expand All @@ -48,10 +47,17 @@ export class ApmDataAccessPlugin
// register saved object
core.savedObjects.registerType(apmIndicesSavedObjectDefinition);

const getApmIndicesWithInternalUserFn = async () => {
const soClient = await core
.getStartServices()
.then(([coreStart]) => coreStart.savedObjects.createInternalRepository());
return this.getApmIndices(soClient);
};

// expose
return {
apmIndicesFromConfigFile: this.config.indices,
getApmIndices: this.getApmIndices,
getApmIndices: getApmIndicesWithInternalUserFn,
getServices,
};
}
Expand All @@ -63,21 +69,7 @@ export class ApmDataAccessPlugin
this.logger.error(e);
});

const getApmIndicesWithInternalUserFn = async () => {
const soClient = core.savedObjects.createInternalRepository();
return this.getApmIndices(soClient);
};

const startServices = {
hasPrivileges: ({ request }: Pick<ApmDataAccessPrivilegesCheck, 'request'>) =>
checkPrivileges({
request,
getApmIndices: getApmIndicesWithInternalUserFn,
security: plugins.security,
}),
};

return { ...startServices };
return {};
}

public stop() {}
Expand Down
10 changes: 3 additions & 7 deletions x-pack/plugins/observability_solution/apm_data_access/server/types.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,25 +5,22 @@
* 2.0.
*/

import { SavedObjectsClientContract } from '@kbn/core-saved-objects-api-server';
import type { SecurityPluginStart } from '@kbn/security-plugin-types-server';
import type { APMIndices } from '.';
import { getServices } from './services/get_services';
import type { ApmDataAccessPrivilegesCheck } from './lib/check_privileges';

export interface ApmDataAccessPluginSetup {
apmIndicesFromConfigFile: APMIndices;
getApmIndices: (soClient: SavedObjectsClientContract) => Promise<APMIndices>;
getApmIndices: () => Promise<APMIndices>;
getServices: typeof getServices;
}

export interface ApmDataAccessServerDependencies {
security?: SecurityPluginStart;
}

export interface ApmDataAccessPluginStart {
hasPrivileges: (params: Pick<ApmDataAccessPrivilegesCheck, 'request'>) => Promise<boolean>;
}
// eslint-disable-next-line @typescript-eslint/no-empty-interface
export interface ApmDataAccessPluginStart {}
export interface ApmDataAccessServerDependencies {
security?: SecurityPluginStart;
}
Expand All @@ -38,4 +35,3 @@ export type {
APMEventESSearchRequest,
APMLogEventESSearchRequest,
} from './lib/helpers';
export type { ApmDataAccessPrivilegesCheck };
1 change: 0 additions & 1 deletion x-pack/plugins/observability_solution/apm_data_access/tsconfig.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@
"@kbn/core-http-server-mocks",
"@kbn/apm-utils",
"@kbn/core-http-server",
"@kbn/security-plugin-types-server",
"@kbn/observability-utils",
"@kbn/utility-types",
"@kbn/elastic-agent-utils"
Expand Down
12 changes: 3 additions & 9 deletions x-pack/plugins/observability_solution/infra/server/lib/helpers/get_apm_data_access_client.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,23 +27,17 @@ export const getApmDataAccessClient = ({
context: InfraPluginRequestHandlerContext;
request: KibanaRequest;
}) => {
const hasPrivileges = async () => {
const apmDataAccessStart = await libs.plugins.apmDataAccess.start();
return apmDataAccessStart.hasPrivileges({ request });
};

const getServices = async () => {
const apmDataAccess = libs.plugins.apmDataAccess.setup;

const coreContext = await context.core;

const { savedObjects, uiSettings, elasticsearch } = coreContext;
const savedObjectsClient = savedObjects.client;
const { uiSettings, elasticsearch } = coreContext;
const esClient = elasticsearch.client.asCurrentUser;
const uiSettingsClient = uiSettings.client;

const [apmIndices, includeFrozen] = await Promise.all([
apmDataAccess.getApmIndices(savedObjectsClient),
apmDataAccess.getApmIndices(),
uiSettingsClient.get<boolean>(UI_SETTINGS.SEARCH_INCLUDE_FROZEN),
]);

Expand Down Expand Up @@ -86,5 +80,5 @@ export const getApmDataAccessClient = ({
};
};

return { hasPrivileges, getServices };
return { getServices };
};
6 changes: 2 additions & 4 deletions x-pack/plugins/observability_solution/infra/server/routes/infra/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,12 +41,11 @@ export const initInfraAssetRoutes = (libs: InfraBackendLibs) => {

try {
const apmDataAccessClient = getApmDataAccessClient({ request, libs, context });
const hasApmPrivileges = await apmDataAccessClient.hasPrivileges();

const [infraMetricsClient, alertsClient, apmDataAccessServices] = await Promise.all([
getInfraMetricsClient({ request, libs, context }),
getInfraAlertsClient({ libs, request }),
hasApmPrivileges ? apmDataAccessClient.getServices() : undefined,
apmDataAccessClient.getServices(),
]);

const hosts = await getHosts({
Expand Down Expand Up @@ -97,11 +96,10 @@ export const initInfraAssetRoutes = (libs: InfraBackendLibs) => {

try {
const apmDataAccessClient = getApmDataAccessClient({ request, libs, context });
const hasApmPrivileges = await apmDataAccessClient.hasPrivileges();

const [infraMetricsClient, apmDataAccessServices] = await Promise.all([
getInfraMetricsClient({ request, libs, context }),
hasApmPrivileges ? apmDataAccessClient.getServices() : undefined,
apmDataAccessClient.getServices(),
]);

const count = await getHostsCount({
Expand Down
7 changes: 2 additions & 5 deletions x-pack/plugins/observability_solution/infra/server/routes/infra/lib/host/get_all_hosts.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,11 +54,8 @@ export const getAllHosts = async ({
track_total_hits: false,
query: {
bool: {
filter: [
...termsQuery(HOST_NAME_FIELD, ...hostNames),
...rangeQuery(from, to),
...documentsFilter,
],
filter: [...termsQuery(HOST_NAME_FIELD, ...hostNames), ...rangeQuery(from, to)],
should: [...documentsFilter],
},
},
aggs: {
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/observability_solution/infra/server/routes/infra/lib/host/get_hosts.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ export const getHosts = async ({
const [hostMetricsResponse, alertsCountResponse] = await Promise.all([
getAllHosts({
infraMetricsClient,
apmDataAccessServices,
apmDocumentSources,
from,
to,
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugins/observability_solution/infra/server/routes/infra/lib/types.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,5 @@ import { InfraMetricsClient } from '../../../lib/helpers/get_infra_metrics_clien
export interface GetHostParameters extends GetInfraMetricsRequestBodyPayload {
infraMetricsClient: InfraMetricsClient;
alertsClient: InfraAlertsClient;
apmDataAccessServices?: ApmDataAccessServicesWrapper;
apmDataAccessServices: ApmDataAccessServicesWrapper;
}
10 changes: 0 additions & 10 deletions x-pack/plugins/observability_solution/infra/server/routes/services/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,16 +36,6 @@ export const initServicesRoute = (libs: InfraBackendLibs) => {
const { from, to, size = 10, validatedFilters } = request.query;

const apmDataAccessClient = getApmDataAccessClient({ request, libs, context });
const hasApmPrivileges = await apmDataAccessClient.hasPrivileges();

if (!hasApmPrivileges) {
return response.customError({
statusCode: 403,
body: {
message: 'APM data access service is not available',
},
});
}

const apmDataAccessServices = await apmDataAccessClient.getServices();

Expand Down

0 comments on commit 739a20c

Please sign in to comment.