Skip to content

Retain APIKey when disabling/enabling a rule#131581

Merged
ersin-erdal merged 24 commits intoelastic:mainfrom
ersin-erdal:131234-retain-api-key
May 18, 2022
Merged

Retain APIKey when disabling/enabling a rule#131581
ersin-erdal merged 24 commits intoelastic:mainfrom
ersin-erdal:131234-retain-api-key

Conversation

@ersin-erdal
Copy link
Copy Markdown
Contributor

@ersin-erdal ersin-erdal commented May 4, 2022
edited
Loading

fixes: #131234

Currently we invalidate the API key when a rule is disabled and generate a new one when it is enabled again.
With this PR, we retain the API key when a rule is disabled and generate a new one just in case of the rule somehow doesn't have an API key (disabled before this feature, imported etc.)

This PR also adds an Update API Key button to rules list and rule details page to allow users to generate anew API key manually.

User interaction flow is:

Screenshot 2022-05-06 at 18 08 56

Screenshot 2022-05-06 at 18 09 04

Screenshot 2022-05-06 at 18 09 27

Screenshot 2022-05-06 at 18 10 44

@ersin-erdal ersin-erdal added release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Platform ResponseOps team (formerly the Cases and Alerting teams) t// Feature:Alerting/RulesFramework Issues related to the Alerting Rules Framework v8.3.0 labels May 4, 2022
ersin-erdal and others added 5 commits May 5, 2022 00:22
@ersin-erdal
Merge branch 'main' of https://github.com/elastic/kibana into 131234-…
9b9717d 
…retain-api-key

� Conflicts:
�	x-pack/plugins/triggers_actions_ui/public/application/sections/rules_list/components/rules_list.test.tsx
�	x-pack/plugins/triggers_actions_ui/public/application/sections/rules_list/components/rules_list.tsx
@ersin-erdal
Merge branch 'main' into 131234-retain-api-key
4c4b6c8
@ersin-erdal
fix failing test
76b3afe
@ersin-erdal
Merge remote-tracking branch 'origin/131234-retain-api-key' into 1312…
ceb4e26 
…34-retain-api-key
@ersin-erdal
Fix failing test
ad84a32
@mdefazio
Copy link
Copy Markdown
Contributor

mdefazio commented May 6, 2022

Ran through the PR together and had the following updates:

  • Move 'Update API' row action link to be between Disable and Delete --> we want to keep Delete as the last option in that overflow menu
  • Confirmation modal should use primary button styling
  • Will need to get some writers to help with the copy
  • Add option to Update APIKey on detail page
    • Make 'Edit' a base style button (not empty)
    • Keep View in app exposed as empty button
    • Add medium icon button (base style with background, horizontalBoxes icon) to the right of Edit button
    • Add popover menu to icon button with Disable, Update APIKey, and Delete

Here's a quick mockup of the page header buttons on the detail page. I kept refresh exposed alongside View in app. We are updating the page to place the disable button within the page more clearly, but whatever the result of that, I think we'll want to duplicate that action here.

Showing a user with the option to update the api key and one without.

image

@ersin-erdal ersin-erdal marked this pull request as ready for review May 10, 2022 12:48
@ersin-erdal ersin-erdal requested review from a team as code owners May 10, 2022 12:48
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented May 10, 2022

Pinging @elastic/response-ops (Team:ResponseOps)

@pmuellr
Copy link
Copy Markdown
Contributor

pmuellr commented May 10, 2022

Just starting a review - thinking we should probably have some functional tests, but not quite clear to me what they should do! I don't believe we expose the API key in any HTTP outputs, do we? On purpose. Or via public types. Only immediate thought is to get the rule SO directly in the function test, unencrypted, and see if there is a key set.

pmuellr
pmuellr reviewed May 10, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@pmuellr pmuellr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I review the server side code - surprised it's so small! Wondering what we're missing :-)

I'll review the UX code next, but thought I'd send along the current comments, which are mostly questions.

@mikecote mikecote self-requested a review May 10, 2022 19:02
mikecote
mikecote reviewed May 10, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@mikecote mikecote left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good! Did a pass of the code. I think it would be good to get a 👍 from R&AM team as well (cc @XavierM). Left some feedback and will approve after my questions are answered.

thinking we should probably have some functional tests, but not quite clear to me what they should do!

I do think we should add some functional tests. Something to ensure an API key isn't overwritten on enable when it exists. Ensure disable then enable preserves the API key, maybe?

mdefazio
mdefazio requested changes May 11, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@mdefazio mdefazio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tiny nit to lowercase API key.

mikecote
mikecote approved these changes May 11, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@mikecote mikecote left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested locally and LGTM!

@gmmorris
Copy link
Copy Markdown
Contributor

gmmorris commented May 16, 2022

We should update the user facing docs as they are no longer correct after this PR is merged.

https://www.elastic.co/guide/en/kibana/master/alerting-setup.html#alerting-authorization

@ersin-erdal
Merge branch 'main' of https://github.com/elastic/kibana into 131234-…
72598c3 
…retain-api-key

� Conflicts:
�	x-pack/plugins/alerting/server/rules_client/rules_client.ts
�	x-pack/plugins/alerting/server/rules_client/tests/disable.test.ts
�	x-pack/plugins/alerting/server/rules_client/tests/enable.test.ts
mdefazio
mdefazio approved these changes May 16, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@mdefazio mdefazio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for making those changes!

mdefazio
mdefazio reviewed May 16, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@mdefazio mdefazio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doh, hit approve then saw that it looks like we're still targeting the button instead of a classname (comment)

@ersin-erdal ersin-erdal requested a review from a team as a code owner May 17, 2022 07:47
pmuellr
pmuellr requested changes May 17, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@pmuellr pmuellr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left a question and request for some small changes

@kibana-ci
Copy link
Copy Markdown

kibana-ci commented May 17, 2022

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #42 / machine learning - data frame analytics results view content and total feature importance multi class classification job should display the total feature importance in the results view

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
triggersActionsUi 380 388 +8

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
triggersActionsUi 745.7KB 750.5KB +4.9KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
triggersActionsUi 101.1KB 101.3KB +137.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

pmuellr
pmuellr approved these changes May 17, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@pmuellr pmuellr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@szabosteve szabosteve mentioned this pull request May 18, 2022
Merged
1 task
@ersin-erdal ersin-erdal merged commit de29010 into elastic:main May 18, 2022
@kibanamachine kibanamachine added the backport:skip This PR does not require backporting label May 18, 2022
@ersin-erdal ersin-erdal deleted the 131234-retain-api-key branch May 18, 2022 13:13
@banderror banderror mentioned this pull request Oct 24, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mdefazio mdefazio mdefazio approved these changes

@pmuellr pmuellr pmuellr approved these changes

@mikecote mikecote mikecote approved these changes

+1 more reviewer

@cchaos cchaos cchaos left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

backport:skip This PR does not require backporting Feature:Alerting/RulesFramework Issues related to the Alerting Rules Framework release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Platform ResponseOps team (formerly the Cases and Alerting teams) t// v8.3.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Retain API key when disabling then enabling an alerting rule

9 participants

@ersin-erdal @mdefazio @elasticmachine @pmuellr @gmmorris @kibana-ci @cchaos @mikecote @kibanamachine