Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Fleet] Migrate Fleet's saved objects from namespaceType: agnostic to namespaceType: single #181860

Closed
3 tasks
kpollich opened this issue Apr 26, 2024 · 5 comments · Fixed by #181436
Closed
3 tasks
Assignees
Labels
Team:Fleet Team label for Observability Data Collection Fleet team

Comments

@kpollich
Copy link
Member

kpollich commented Apr 26, 2024

Ref #180708

Today, Fleet's saved objects are defined with namespaceType: "agnostic", meaning each object is considered "global" and has no affinity for Kibana spaces. This is problematic for users who rely on Kibana spaces for access control, and makes Fleet difficult to use in managed service provider use cases.

[AGENT_POLICY_SAVED_OBJECT_TYPE]: {
name: AGENT_POLICY_SAVED_OBJECT_TYPE,
indexPattern: INGEST_SAVED_OBJECT_INDEX,
hidden: false,
namespaceType: 'agnostic',
management: {
importableAndExportable: false,
},
mappings: {
properties: {

As part of the large effort to move Fleet and Integrations towards full support for Kibana spaces, we need to migrate all of Fleet's saved object definitions to a new space aware namespaceType designation. See these Kibana docs for more context on how different namespaceType settings behave.

To simplify this migration, Fleet's saved objects should be changed from their current agnostic definition to single. We won't be supporting any use cases where Fleet objects can exist in multiple spaces, and moving to single for existing objects saved us a lot of work in Kibana's core APIs to support the migration.

Implementation checklist

  • Create a feature flag to gate space awareness as a whole
  • Update Fleet's saved object definitions to set namespaceType to single if the feature flag is enabled
  • Fleet's various "settings" types should remain global, e.g. fleet server hosts, proxies, outputs, and agent binary download sources
@kpollich kpollich added the Team:Fleet Team label for Observability Data Collection Fleet team label Apr 26, 2024
@kpollich kpollich self-assigned this Apr 26, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/fleet (Team:Fleet)

@nchaulet
Copy link
Member

The exact naming/versioning scheme for these new SO types is TBD

It could be a good opportunity to get ride of the ingest prefix and rename these SO fleet-*

@kpollich kpollich changed the title [Fleet] Migrate Fleet's saved objects from namespaceType: agnostic to namespaceType: multiple-isolated [Fleet] Migrate Fleet's saved objects from namespaceType: agnostic to namespaceType: single May 6, 2024
@kpollich
Copy link
Member Author

kpollich commented May 6, 2024

I've updated this issue to capture the new designation of single instead of multiple-isolated.

@cmacknz
Copy link
Member

cmacknz commented May 6, 2024

Update Fleet's saved object definitions to set namespaceType to single if the feature flag is enabled

If the feature flag is enabled and then disabled, is this process reversed? Or is this a one shot conversion with no way back?

@kpollich
Copy link
Member Author

kpollich commented May 6, 2024

If the feature flag is enabled and then disabled, is this process reversed? Or is this a one shot conversion with no way back?

I just tested toggling the feature flag back and forth and Kibana allows toggling between global objects + single-space objects back and forth. Objects before/after the toggle behave as expected.

kpollich added a commit that referenced this issue May 7, 2024
…#181436)

Ref #180708
Closes #181860

Allows Fleet's saved object definitions to be switched to
`namespaceType: single` based on the presence of a feature flag.

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Team:Fleet Team label for Observability Data Collection Fleet team
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants