Skip to content

Commit ea9747c

Browse files
paul-tavarespaul-tavares
committed
Fix agentPolicyUpdateEventHandler() to use app context soClient for creation of actions
1 parent 54fa55d commit ea9747c

1 file changed

Lines changed: 24 additions & 3 deletions

File tree

x-pack/plugins/ingest_manager/server/services/agent_policy_update.ts

Lines changed: 24 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,11 +4,27 @@
44
* you may not use this file except in compliance with the Elastic License.
55
*/
66

7-
import { SavedObjectsClientContract } from 'src/core/server';
7+
import { KibanaRequest, SavedObjectsClientContract } from 'src/core/server';
88
import { generateEnrollmentAPIKey, deleteEnrollmentApiKeyForAgentPolicyId } from './api_keys';
99
import { unenrollForAgentPolicyId } from './agents';
1010
import { outputService } from './output';
1111
import { agentPolicyService } from './agent_policy';
12+
import { appContextService } from './app_context';
13+
14+
const fakeRequest = ({
15+
headers: {},
16+
getBasePath: () => '',
17+
path: '/',
18+
route: { settings: {} },
19+
url: {
20+
href: '/',
21+
},
22+
raw: {
23+
req: {
24+
url: '/',
25+
},
26+
},
27+
} as unknown) as KibanaRequest;
1228

1329
export async function agentPolicyUpdateEventHandler(
1430
soClient: SavedObjectsClientContract,
@@ -17,20 +33,25 @@ export async function agentPolicyUpdateEventHandler(
1733
) {
1834
const adminUser = await outputService.getAdminUser(soClient);
1935
const outputId = await outputService.getDefaultOutputId(soClient);
36+
2037
// If no admin user and no default output fleet is not enabled just skip this hook
2138
if (!adminUser || !outputId) {
2239
return;
2340
}
2441

42+
// `soClient` from ingest `appContextService` is used to create policy change actions
43+
// to ensure encrypted SOs are handled correctly
44+
const internalSoClient = appContextService.getInternalUserSOClient(fakeRequest);
45+
2546
if (action === 'created') {
2647
await generateEnrollmentAPIKey(soClient, {
2748
agentPolicyId,
2849
});
29-
await agentPolicyService.createFleetPolicyChangeAction(soClient, agentPolicyId);
50+
await agentPolicyService.createFleetPolicyChangeAction(internalSoClient, agentPolicyId);
3051
}
3152

3253
if (action === 'updated') {
33-
await agentPolicyService.createFleetPolicyChangeAction(soClient, agentPolicyId);
54+
await agentPolicyService.createFleetPolicyChangeAction(internalSoClient, agentPolicyId);
3455
}
3556

3657
if (action === 'deleted') {

0 commit comments

Comments
 (0)