[RAC][Rule Registry] Put index upgrade logic under a feature flag #110594
Assignees
Labels
bug
Fixes for quality problems that affect the customer experience
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Theme: rac
label obsolete
v7.15.0
Comments
41 tasks
banderror
changed the title
banderror
added
bug
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
This was referenced Aug 31, 2021
banderror
added a commit
that referenced
this issue
Aug 31, 2021
…10592) **Ticket:** #110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Aug 31, 2021
…astic#110592) **Ticket:** elastic#110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Aug 31, 2021
…astic#110592) **Ticket:** elastic#110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
kibanamachine
added a commit
that referenced
this issue
Aug 31, 2021
…10592) (#110658) **Ticket:** #110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
kibanamachine
added a commit
that referenced
this issue
Aug 31, 2021
…10592) (#110657) **Ticket:** #110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
This was
linked to
pull requests
Aug 31, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Parent ticket: #101016
Summary
Add a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. Suggest that all devs enable this feature flag for development work so that their AAD indices will pull in any new changes to the schema intra-release.
Background
The background for this is our discussions with @kobelb (see #109276 (comment) and above comments) on the "compatibility" of the current index upgrade logic with the ideas for backwards compatibility (#109293). TLDR: the upgrade logic has some issues and should be improved. In the meantime, we can disable it by default in 7.15.0. We will have to re-enable it when:
RuleDataPluginService.initializeIndex()The text was updated successfully, but these errors were encountered: