From dbaa6b1fb7db431af8e01ce7998e49da4c31ee5f Mon Sep 17 00:00:00 2001 From: Tiago Costa Date: Wed, 12 Feb 2020 18:36:29 +0000 Subject: [PATCH 1/3] chore(NA): use the same polyfill between the dev environment and the jest env (#57467) --- packages/kbn-babel-preset/node_preset.js | 7 ++++++- packages/kbn-babel-preset/webpack_preset.js | 4 +++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/packages/kbn-babel-preset/node_preset.js b/packages/kbn-babel-preset/node_preset.js index c7809f28fec7bd..ee06e2588b0222 100644 --- a/packages/kbn-babel-preset/node_preset.js +++ b/packages/kbn-babel-preset/node_preset.js @@ -54,7 +54,12 @@ module.exports = (_, options = {}) => { // on their own useBuiltIns: 'entry', modules: 'cjs', - corejs: 3, + // right now when using `corejs: 3` babel does not use the latest available + // core-js version due to a bug: https://github.com/babel/babel/issues/10816 + // Because of that we should use for that value the same version we install + // in the package.json in order to have the same polyfills between the environment + // and the tests + corejs: '3.2.1', ...(options['@babel/preset-env'] || {}), }, diff --git a/packages/kbn-babel-preset/webpack_preset.js b/packages/kbn-babel-preset/webpack_preset.js index e6a8bd81b602ea..d76a3e9714838d 100644 --- a/packages/kbn-babel-preset/webpack_preset.js +++ b/packages/kbn-babel-preset/webpack_preset.js @@ -25,7 +25,9 @@ module.exports = () => { { useBuiltIns: 'entry', modules: false, - corejs: 3, + // Please read the explanation for this + // in node_preset.js + corejs: '3.2.1', }, ], require('./common_preset'), From 3da8a76fc2fb2fa7c131aa9c37f940d4747f4e98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mike=20C=C3=B4t=C3=A9?= Date: Wed, 12 Feb 2020 13:49:16 -0500 Subject: [PATCH 2/3] Disable action plugin functionality when ESO plugin is using an ephemeral encryption key (#56906) * Disable actions client when ESO using generated key * Add test for getActionsClientWithRequest * Add other part to plugin.test.ts * Cleanup tests a bit * Cleanup tests * plugin.test.ts cleanup * Add warning logs on setup Co-authored-by: Elastic Machine --- .../plugins/alerting/server/plugin.test.ts | 28 ++++ .../legacy/plugins/alerting/server/plugin.ts | 6 + .../server/action_type_registry.test.ts | 4 +- .../actions/server/actions_client.test.ts | 8 +- .../server/builtin_action_types/index.test.ts | 4 +- .../server/create_execute_function.test.ts | 23 +++ .../actions/server/create_execute_function.ts | 8 + x-pack/plugins/actions/server/index.ts | 4 +- .../server/lib/action_executor.test.ts | 30 +++- .../actions/server/lib/action_executor.ts | 11 ++ .../server/lib/task_runner_factory.test.ts | 8 +- x-pack/plugins/actions/server/plugin.test.ts | 145 ++++++++++++++++++ x-pack/plugins/actions/server/plugin.ts | 30 +++- 13 files changed, 294 insertions(+), 15 deletions(-) create mode 100644 x-pack/plugins/actions/server/plugin.test.ts diff --git a/x-pack/legacy/plugins/alerting/server/plugin.test.ts b/x-pack/legacy/plugins/alerting/server/plugin.test.ts index 50142434a86ddf..872de720243b26 100644 --- a/x-pack/legacy/plugins/alerting/server/plugin.test.ts +++ b/x-pack/legacy/plugins/alerting/server/plugin.test.ts @@ -10,6 +10,34 @@ import { licensingMock } from '../../../../plugins/licensing/server/mocks'; import { encryptedSavedObjectsMock } from '../../../../plugins/encrypted_saved_objects/server/mocks'; describe('Alerting Plugin', () => { + describe('setup()', () => { + it('should log warning when Encrypted Saved Objects plugin is using an ephemeral encryption key', async () => { + const context = coreMock.createPluginInitializerContext(); + const plugin = new Plugin(context); + + const coreSetup = coreMock.createSetup(); + const encryptedSavedObjectsSetup = encryptedSavedObjectsMock.createSetup(); + await plugin.setup( + { + ...coreSetup, + http: { + ...coreSetup.http, + route: jest.fn(), + }, + } as any, + { + licensing: licensingMock.createSetup(), + encryptedSavedObjects: encryptedSavedObjectsSetup, + } as any + ); + + expect(encryptedSavedObjectsSetup.usingEphemeralEncryptionKey).toEqual(true); + expect(context.logger.get().warn).toHaveBeenCalledWith( + 'APIs are disabled due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml.' + ); + }); + }); + describe('start()', () => { /** * HACK: This test has put together to ensuire the function "getAlertsClientWithRequest" diff --git a/x-pack/legacy/plugins/alerting/server/plugin.ts b/x-pack/legacy/plugins/alerting/server/plugin.ts index e3f7656002d182..2567e470d2e798 100644 --- a/x-pack/legacy/plugins/alerting/server/plugin.ts +++ b/x-pack/legacy/plugins/alerting/server/plugin.ts @@ -69,6 +69,12 @@ export class Plugin { this.isESOUsingEphemeralEncryptionKey = plugins.encryptedSavedObjects.usingEphemeralEncryptionKey; + if (this.isESOUsingEphemeralEncryptionKey) { + this.logger.warn( + 'APIs are disabled due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml.' + ); + } + // Encrypted attributes plugins.encryptedSavedObjects.registerType({ type: 'alert', diff --git a/x-pack/plugins/actions/server/action_type_registry.test.ts b/x-pack/plugins/actions/server/action_type_registry.test.ts index 79c9a449010797..bced8841138f24 100644 --- a/x-pack/plugins/actions/server/action_type_registry.test.ts +++ b/x-pack/plugins/actions/server/action_type_registry.test.ts @@ -13,7 +13,9 @@ import { configUtilsMock } from './actions_config.mock'; const mockTaskManager = taskManagerMock.setup(); const actionTypeRegistryParams = { taskManager: mockTaskManager, - taskRunnerFactory: new TaskRunnerFactory(new ActionExecutor()), + taskRunnerFactory: new TaskRunnerFactory( + new ActionExecutor({ isESOUsingEphemeralEncryptionKey: false }) + ), actionsConfigUtils: configUtilsMock, }; diff --git a/x-pack/plugins/actions/server/actions_client.test.ts b/x-pack/plugins/actions/server/actions_client.test.ts index feca08fad922c0..cafad6313d2e40 100644 --- a/x-pack/plugins/actions/server/actions_client.test.ts +++ b/x-pack/plugins/actions/server/actions_client.test.ts @@ -27,7 +27,9 @@ const mockTaskManager = taskManagerMock.setup(); const actionTypeRegistryParams = { taskManager: mockTaskManager, - taskRunnerFactory: new TaskRunnerFactory(new ActionExecutor()), + taskRunnerFactory: new TaskRunnerFactory( + new ActionExecutor({ isESOUsingEphemeralEncryptionKey: false }) + ), actionsConfigUtils: configUtilsMock, }; @@ -204,7 +206,9 @@ describe('create()', () => { const localActionTypeRegistryParams = { taskManager: mockTaskManager, - taskRunnerFactory: new TaskRunnerFactory(new ActionExecutor()), + taskRunnerFactory: new TaskRunnerFactory( + new ActionExecutor({ isESOUsingEphemeralEncryptionKey: false }) + ), actionsConfigUtils: localConfigUtils, }; diff --git a/x-pack/plugins/actions/server/builtin_action_types/index.test.ts b/x-pack/plugins/actions/server/builtin_action_types/index.test.ts index ff732f58d6c94c..db6375fe181936 100644 --- a/x-pack/plugins/actions/server/builtin_action_types/index.test.ts +++ b/x-pack/plugins/actions/server/builtin_action_types/index.test.ts @@ -21,7 +21,9 @@ export function createActionTypeRegistry(): { const logger = loggingServiceMock.create().get() as jest.Mocked; const actionTypeRegistry = new ActionTypeRegistry({ taskManager: taskManagerMock.setup(), - taskRunnerFactory: new TaskRunnerFactory(new ActionExecutor()), + taskRunnerFactory: new TaskRunnerFactory( + new ActionExecutor({ isESOUsingEphemeralEncryptionKey: false }) + ), actionsConfigUtils: configUtilsMock, }); registerBuiltInActionTypes({ diff --git a/x-pack/plugins/actions/server/create_execute_function.test.ts b/x-pack/plugins/actions/server/create_execute_function.test.ts index 258efb1500ab25..6d2a2346395320 100644 --- a/x-pack/plugins/actions/server/create_execute_function.test.ts +++ b/x-pack/plugins/actions/server/create_execute_function.test.ts @@ -20,6 +20,7 @@ describe('execute()', () => { getBasePath, taskManager: mockTaskManager, getScopedSavedObjectsClient: jest.fn().mockReturnValueOnce(savedObjectsClient), + isESOUsingEphemeralEncryptionKey: false, }); savedObjectsClient.get.mockResolvedValueOnce({ id: '123', @@ -71,6 +72,7 @@ describe('execute()', () => { getBasePath, taskManager: mockTaskManager, getScopedSavedObjectsClient, + isESOUsingEphemeralEncryptionKey: false, }); savedObjectsClient.get.mockResolvedValueOnce({ id: '123', @@ -118,6 +120,7 @@ describe('execute()', () => { getBasePath, taskManager: mockTaskManager, getScopedSavedObjectsClient, + isESOUsingEphemeralEncryptionKey: false, }); savedObjectsClient.get.mockResolvedValueOnce({ id: '123', @@ -155,4 +158,24 @@ describe('execute()', () => { }, }); }); + + test('throws when passing isESOUsingEphemeralEncryptionKey with true as a value', async () => { + const getScopedSavedObjectsClient = jest.fn().mockReturnValueOnce(savedObjectsClient); + const executeFn = createExecuteFunction({ + getBasePath, + taskManager: mockTaskManager, + getScopedSavedObjectsClient, + isESOUsingEphemeralEncryptionKey: true, + }); + await expect( + executeFn({ + id: '123', + params: { baz: false }, + spaceId: 'default', + apiKey: null, + }) + ).rejects.toThrowErrorMatchingInlineSnapshot( + `"Unable to execute action due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml"` + ); + }); }); diff --git a/x-pack/plugins/actions/server/create_execute_function.ts b/x-pack/plugins/actions/server/create_execute_function.ts index 42db37bbe89f45..c2e8795b5f133d 100644 --- a/x-pack/plugins/actions/server/create_execute_function.ts +++ b/x-pack/plugins/actions/server/create_execute_function.ts @@ -12,6 +12,7 @@ interface CreateExecuteFunctionOptions { taskManager: TaskManagerStartContract; getScopedSavedObjectsClient: (request: any) => SavedObjectsClientContract; getBasePath: GetBasePathFunction; + isESOUsingEphemeralEncryptionKey: boolean; } export interface ExecuteOptions { @@ -25,8 +26,15 @@ export function createExecuteFunction({ getBasePath, taskManager, getScopedSavedObjectsClient, + isESOUsingEphemeralEncryptionKey, }: CreateExecuteFunctionOptions) { return async function execute({ id, params, spaceId, apiKey }: ExecuteOptions) { + if (isESOUsingEphemeralEncryptionKey === true) { + throw new Error( + `Unable to execute action due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml` + ); + } + const requestHeaders: Record = {}; if (apiKey) { diff --git a/x-pack/plugins/actions/server/index.ts b/x-pack/plugins/actions/server/index.ts index 27098bc5417906..eee2ae352fe3d0 100644 --- a/x-pack/plugins/actions/server/index.ts +++ b/x-pack/plugins/actions/server/index.ts @@ -7,9 +7,11 @@ import { PluginInitializerContext } from '../../../../src/core/server'; import { ActionsPlugin } from './plugin'; import { configSchema } from './config'; +import { ActionsClient as ActionsClientClass } from './actions_client'; + +export type ActionsClient = PublicMethodsOf; export { ActionsPlugin, ActionResult, ActionTypeExecutorOptions, ActionType } from './types'; -export { ActionsClient } from './actions_client'; export { PluginSetupContract, PluginStartContract } from './plugin'; export const plugin = (initContext: PluginInitializerContext) => new ActionsPlugin(initContext); diff --git a/x-pack/plugins/actions/server/lib/action_executor.test.ts b/x-pack/plugins/actions/server/lib/action_executor.test.ts index 8301a13c82469f..6ab5b812161c33 100644 --- a/x-pack/plugins/actions/server/lib/action_executor.test.ts +++ b/x-pack/plugins/actions/server/lib/action_executor.test.ts @@ -11,8 +11,9 @@ import { actionTypeRegistryMock } from '../action_type_registry.mock'; import { encryptedSavedObjectsMock } from '../../../encrypted_saved_objects/server/mocks'; import { savedObjectsClientMock, loggingServiceMock } from '../../../../../src/core/server/mocks'; import { eventLoggerMock } from '../../../event_log/server/mocks'; +import { spacesServiceMock } from '../../../spaces/server/spaces_service/spaces_service.mock'; -const actionExecutor = new ActionExecutor(); +const actionExecutor = new ActionExecutor({ isESOUsingEphemeralEncryptionKey: false }); const savedObjectsClient = savedObjectsClientMock.create(); function getServices() { @@ -33,18 +34,20 @@ const executeParams = { request: {} as KibanaRequest, }; +const spacesMock = spacesServiceMock.createSetupContract(); actionExecutor.initialize({ logger: loggingServiceMock.create().get(), - spaces: { - getSpaceId: () => 'some-namespace', - } as any, + spaces: spacesMock, getServices, actionTypeRegistry, encryptedSavedObjectsPlugin, eventLogger: eventLoggerMock.create(), }); -beforeEach(() => jest.resetAllMocks()); +beforeEach(() => { + jest.resetAllMocks(); + spacesMock.getSpaceId.mockReturnValue('some-namespace'); +}); test('successfully executes', async () => { const actionType = { @@ -219,3 +222,20 @@ test('returns an error if actionType is not enabled', async () => { } `); }); + +test('throws an error when passing isESOUsingEphemeralEncryptionKey with value of true', async () => { + const customActionExecutor = new ActionExecutor({ isESOUsingEphemeralEncryptionKey: true }); + customActionExecutor.initialize({ + logger: loggingServiceMock.create().get(), + spaces: spacesMock, + getServices, + actionTypeRegistry, + encryptedSavedObjectsPlugin, + eventLogger: eventLoggerMock.create(), + }); + await expect( + customActionExecutor.execute(executeParams) + ).rejects.toThrowErrorMatchingInlineSnapshot( + `"Unable to execute action due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml"` + ); +}); diff --git a/x-pack/plugins/actions/server/lib/action_executor.ts b/x-pack/plugins/actions/server/lib/action_executor.ts index 03a892a42792e2..e42a69812b7da3 100644 --- a/x-pack/plugins/actions/server/lib/action_executor.ts +++ b/x-pack/plugins/actions/server/lib/action_executor.ts @@ -37,6 +37,11 @@ export type ActionExecutorContract = PublicMethodsOf; export class ActionExecutor { private isInitialized = false; private actionExecutorContext?: ActionExecutorContext; + private readonly isESOUsingEphemeralEncryptionKey: boolean; + + constructor({ isESOUsingEphemeralEncryptionKey }: { isESOUsingEphemeralEncryptionKey: boolean }) { + this.isESOUsingEphemeralEncryptionKey = isESOUsingEphemeralEncryptionKey; + } public initialize(actionExecutorContext: ActionExecutorContext) { if (this.isInitialized) { @@ -55,6 +60,12 @@ export class ActionExecutor { throw new Error('ActionExecutor not initialized'); } + if (this.isESOUsingEphemeralEncryptionKey === true) { + throw new Error( + `Unable to execute action due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml` + ); + } + const { spaces, getServices, diff --git a/x-pack/plugins/actions/server/lib/task_runner_factory.test.ts b/x-pack/plugins/actions/server/lib/task_runner_factory.test.ts index fda1e2f5d2456f..6be5e1f79ee829 100644 --- a/x-pack/plugins/actions/server/lib/task_runner_factory.test.ts +++ b/x-pack/plugins/actions/server/lib/task_runner_factory.test.ts @@ -78,14 +78,18 @@ beforeEach(() => { }); test(`throws an error if factory isn't initialized`, () => { - const factory = new TaskRunnerFactory(new ActionExecutor()); + const factory = new TaskRunnerFactory( + new ActionExecutor({ isESOUsingEphemeralEncryptionKey: false }) + ); expect(() => factory.create({ taskInstance: mockedTaskInstance }) ).toThrowErrorMatchingInlineSnapshot(`"TaskRunnerFactory not initialized"`); }); test(`throws an error if factory is already initialized`, () => { - const factory = new TaskRunnerFactory(new ActionExecutor()); + const factory = new TaskRunnerFactory( + new ActionExecutor({ isESOUsingEphemeralEncryptionKey: false }) + ); factory.initialize(taskRunnerFactoryInitializerParams); expect(() => factory.initialize(taskRunnerFactoryInitializerParams) diff --git a/x-pack/plugins/actions/server/plugin.test.ts b/x-pack/plugins/actions/server/plugin.test.ts new file mode 100644 index 00000000000000..ba6fbcd32daee3 --- /dev/null +++ b/x-pack/plugins/actions/server/plugin.test.ts @@ -0,0 +1,145 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License; + * you may not use this file except in compliance with the Elastic License. + */ + +import { ActionsPlugin, ActionsPluginsSetup, ActionsPluginsStart } from './plugin'; +import { PluginInitializerContext } from '../../../../src/core/server'; +import { coreMock, httpServerMock } from '../../../../src/core/server/mocks'; +import { licensingMock } from '../../licensing/server/mocks'; +import { encryptedSavedObjectsMock } from '../../encrypted_saved_objects/server/mocks'; +import { taskManagerMock } from '../../task_manager/server/mocks'; +import { eventLogMock } from '../../event_log/server/mocks'; + +describe('Actions Plugin', () => { + describe('setup()', () => { + let context: PluginInitializerContext; + let plugin: ActionsPlugin; + let coreSetup: ReturnType; + let pluginsSetup: jest.Mocked; + + beforeEach(() => { + context = coreMock.createPluginInitializerContext(); + plugin = new ActionsPlugin(context); + coreSetup = coreMock.createSetup(); + pluginsSetup = { + taskManager: taskManagerMock.createSetup(), + encryptedSavedObjects: encryptedSavedObjectsMock.createSetup(), + licensing: licensingMock.createSetup(), + event_log: eventLogMock.createSetup(), + }; + }); + + it('should log warning when Encrypted Saved Objects plugin is using an ephemeral encryption key', async () => { + await plugin.setup(coreSetup, pluginsSetup); + expect(pluginsSetup.encryptedSavedObjects.usingEphemeralEncryptionKey).toEqual(true); + expect(context.logger.get().warn).toHaveBeenCalledWith( + 'APIs are disabled due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml.' + ); + }); + + describe('routeHandlerContext.getActionsClient()', () => { + it('should not throw error when ESO plugin not using a generated key', async () => { + await plugin.setup(coreSetup, { + ...pluginsSetup, + encryptedSavedObjects: { + ...pluginsSetup.encryptedSavedObjects, + usingEphemeralEncryptionKey: false, + }, + }); + + expect(coreSetup.http.registerRouteHandlerContext).toHaveBeenCalledTimes(1); + const handler = coreSetup.http.registerRouteHandlerContext.mock.calls[0]; + expect(handler[0]).toEqual('actions'); + + const actionsContextHandler = (await handler[1]( + { + core: { + savedObjects: { + client: {}, + }, + }, + } as any, + httpServerMock.createKibanaRequest(), + httpServerMock.createResponseFactory() + )) as any; + actionsContextHandler.getActionsClient(); + }); + + it('should throw error when ESO plugin using a generated key', async () => { + await plugin.setup(coreSetup, pluginsSetup); + + expect(coreSetup.http.registerRouteHandlerContext).toHaveBeenCalledTimes(1); + const handler = coreSetup.http.registerRouteHandlerContext.mock.calls[0]; + expect(handler[0]).toEqual('actions'); + + const actionsContextHandler = (await handler[1]( + { + core: { + savedObjects: { + client: {}, + }, + }, + } as any, + httpServerMock.createKibanaRequest(), + httpServerMock.createResponseFactory() + )) as any; + expect(() => actionsContextHandler.getActionsClient()).toThrowErrorMatchingInlineSnapshot( + `"Unable to create actions client due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml"` + ); + }); + }); + }); + describe('start()', () => { + let plugin: ActionsPlugin; + let coreSetup: ReturnType; + let coreStart: ReturnType; + let pluginsSetup: jest.Mocked; + let pluginsStart: jest.Mocked; + + beforeEach(() => { + const context = coreMock.createPluginInitializerContext(); + plugin = new ActionsPlugin(context); + coreSetup = coreMock.createSetup(); + coreStart = coreMock.createStart(); + pluginsSetup = { + taskManager: taskManagerMock.createSetup(), + encryptedSavedObjects: encryptedSavedObjectsMock.createSetup(), + licensing: licensingMock.createSetup(), + event_log: eventLogMock.createSetup(), + }; + pluginsStart = { + taskManager: taskManagerMock.createStart(), + encryptedSavedObjects: encryptedSavedObjectsMock.createStart(), + }; + }); + + describe('getActionsClientWithRequest()', () => { + it('should not throw error when ESO plugin not using a generated key', async () => { + await plugin.setup(coreSetup, { + ...pluginsSetup, + encryptedSavedObjects: { + ...pluginsSetup.encryptedSavedObjects, + usingEphemeralEncryptionKey: false, + }, + }); + const pluginStart = plugin.start(coreStart, pluginsStart); + + await pluginStart.getActionsClientWithRequest(httpServerMock.createKibanaRequest()); + }); + + it('should throw error when ESO plugin using generated key', async () => { + await plugin.setup(coreSetup, pluginsSetup); + const pluginStart = plugin.start(coreStart, pluginsStart); + + expect(pluginsSetup.encryptedSavedObjects.usingEphemeralEncryptionKey).toEqual(true); + await expect( + pluginStart.getActionsClientWithRequest(httpServerMock.createKibanaRequest()) + ).rejects.toThrowErrorMatchingInlineSnapshot( + `"Unable to create actions client due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml"` + ); + }); + }); + }); +}); diff --git a/x-pack/plugins/actions/server/plugin.ts b/x-pack/plugins/actions/server/plugin.ts index dab09fc455ecf6..1714666882b053 100644 --- a/x-pack/plugins/actions/server/plugin.ts +++ b/x-pack/plugins/actions/server/plugin.ts @@ -62,7 +62,7 @@ export interface PluginSetupContract { export interface PluginStartContract { execute(options: ExecuteOptions): Promise; - getActionsClientWithRequest(request: KibanaRequest): Promise; + getActionsClientWithRequest(request: KibanaRequest): Promise>; } export interface ActionsPluginsSetup { @@ -90,6 +90,7 @@ export class ActionsPlugin implements Plugin, Plugi private licenseState: LicenseState | null = null; private spaces?: SpacesServiceSetup; private eventLogger?: IEventLogger; + private isESOUsingEphemeralEncryptionKey?: boolean; constructor(initContext: PluginInitializerContext) { this.config = initContext.config @@ -108,6 +109,15 @@ export class ActionsPlugin implements Plugin, Plugi } public async setup(core: CoreSetup, plugins: ActionsPluginsSetup): Promise { + this.isESOUsingEphemeralEncryptionKey = + plugins.encryptedSavedObjects.usingEphemeralEncryptionKey; + + if (this.isESOUsingEphemeralEncryptionKey) { + this.logger.warn( + 'APIs are disabled due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml.' + ); + } + // Encrypted attributes // - `secrets` properties will be encrypted // - `config` will be included in AAD @@ -127,7 +137,9 @@ export class ActionsPlugin implements Plugin, Plugi event: { provider: EVENT_LOG_PROVIDER }, }); - const actionExecutor = new ActionExecutor(); + const actionExecutor = new ActionExecutor({ + isESOUsingEphemeralEncryptionKey: this.isESOUsingEphemeralEncryptionKey, + }); const taskRunnerFactory = new TaskRunnerFactory(actionExecutor); const actionsConfigUtils = getActionsConfigurationUtilities( (await this.config) as ActionsConfig @@ -179,6 +191,7 @@ export class ActionsPlugin implements Plugin, Plugi taskRunnerFactory, kibanaIndex, adminClient, + isESOUsingEphemeralEncryptionKey, } = this; actionExecutor!.initialize({ @@ -203,9 +216,15 @@ export class ActionsPlugin implements Plugin, Plugi taskManager: plugins.taskManager, getScopedSavedObjectsClient: core.savedObjects.getScopedClient, getBasePath: this.getBasePath, + isESOUsingEphemeralEncryptionKey: isESOUsingEphemeralEncryptionKey!, }), // Ability to get an actions client from legacy code async getActionsClientWithRequest(request: KibanaRequest) { + if (isESOUsingEphemeralEncryptionKey === true) { + throw new Error( + `Unable to create actions client due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml` + ); + } return new ActionsClient({ savedObjectsClient: core.savedObjects.getScopedClient(request), actionTypeRegistry: actionTypeRegistry!, @@ -229,10 +248,15 @@ export class ActionsPlugin implements Plugin, Plugi private createRouteHandlerContext = ( defaultKibanaIndex: string ): IContextProvider, 'actions'> => { - const { actionTypeRegistry, adminClient } = this; + const { actionTypeRegistry, adminClient, isESOUsingEphemeralEncryptionKey } = this; return async function actionsRouteHandlerContext(context, request) { return { getActionsClient: () => { + if (isESOUsingEphemeralEncryptionKey === true) { + throw new Error( + `Unable to create actions client due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml` + ); + } return new ActionsClient({ savedObjectsClient: context.core!.savedObjects.client, actionTypeRegistry: actionTypeRegistry!, From 3d338c109f6e40a5afb3cab9a17479a2bba365c9 Mon Sep 17 00:00:00 2001 From: AndyHunt66 Date: Wed, 12 Feb 2020 20:08:00 +0000 Subject: [PATCH 3/3] Add "coerce" to dev tools autocomplete (#56862) --- .../console/server/lib/spec_definitions/es_6_0/mappings.js | 1 + 1 file changed, 1 insertion(+) diff --git a/src/plugins/console/server/lib/spec_definitions/es_6_0/mappings.js b/src/plugins/console/server/lib/spec_definitions/es_6_0/mappings.js index 46f32fe58089b4..8c31e5bc6fbb25 100644 --- a/src/plugins/console/server/lib/spec_definitions/es_6_0/mappings.js +++ b/src/plugins/console/server/lib/spec_definitions/es_6_0/mappings.js @@ -96,6 +96,7 @@ export default function(api) { doc_values: BOOLEAN, eager_global_ordinals: BOOLEAN, norms: BOOLEAN, + coerce: BOOLEAN, // Not actually available in V6 of ES. Add when updating the autocompletion system. // index_phrases: BOOLEAN,