ti_google_threat_intelligence: Set destination pipeline name automatically in transforms

[kcreddy]

Proposed commit message

ti_google_threat_intelligence: Set destination pipeline name automatically in transforms

Due to an earlier limitation of elastic-package to unable to extract
integration version into the transform, the destination pipeline 
needed to be set/updated manually.

Currently the integration requires users to manually add destination 
pipelines into the transform during the package installation and 
upgrade. This presents significant inconvenience to users and is 
often error-prone.

elastic-package#2973 [1] removes the dest pipeline limitation 
which now allows the pipeline names to be templated. This PR
updates the transform definition to set the pipeline names using 
a template which renders integration version.
Change involves updating all transforms with:
dest:
  pipeline: '{{ ingestPipelineName "<pipeline-name>"}}'

Also:
- With this the transform's does not require any manual 
intervention, hence they are now auto-enabled.
- README is updated accordingly.

[1] https://github.com/elastic/elastic-package/pull/2973

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.
• I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

• Integration successfully installed.
• System tests pass.
• Transforms definition in Kibana show the correct destination pipeline (see screenshots).

System tests (sample data stream)

--- Test results for package: ti_google_threat_intelligence - START ---
╭───────────────────────────────┬─────────────┬───────────┬───────────┬────────┬──────────────╮
│ PACKAGE                       │ DATA STREAM │ TEST TYPE │ TEST NAME │ RESULT │ TIME ELAPSED │
├───────────────────────────────┼─────────────┼───────────┼───────────┼────────┼──────────────┤
│ ti_google_threat_intelligence │ cryptominer │ system    │ default   │ PASS   │  45.2311125s │
╰───────────────────────────────┴─────────────┴───────────┴───────────┴────────┴──────────────╯
--- Test results for package: ti_google_threat_intelligence - END   ---
Done

Related issues

• Closes [Google Threat Intelligence]: Mapping conflicts with latest Transform indices #15168

Screenshots

Before

After

[elasticmachine]

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

[elastic-vault-github-plugin-prod]

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: add1db4

cc @kcreddy

[efd6]

Would this templating show up in policy tests? If so, I think it would be helpful to include those.

[kcreddy]

Would this templating show up in policy tests? If so, I think it would be helpful to include those.

@efd6, this is not possible because transforms are not part of the agent policy which the policy tests target.

[elastic-vault-github-plugin-prod]

Package ti_google_threat_intelligence - 0.7.0 containing this change is available at https://epr.elastic.co/package/ti_google_threat_intelligence/0.7.0/