New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Alerting] Corrects validation and errors handling in PagerDuty action #63954
[Alerting] Corrects validation and errors handling in PagerDuty action #63954
Conversation
Pinging @elastic/kibana-alerting-services (Team:Alerting Services) |
…ibana into actions/pagerduty-date-format * 'actions/pagerduty-date-format' of github.com:gmmorris/kibana: adds i18m to timestamp parsing errors
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, but don't think we need the use of random()
in one of the tests.
x-pack/plugins/actions/server/builtin_action_types/pagerduty.test.ts
Outdated
Show resolved
Hide resolved
@@ -74,6 +76,21 @@ export function getActionType(): ActionTypeModel { | |||
) | |||
); | |||
} | |||
if (actionParams.timestamp && !hasMustacheTokens(actionParams.timestamp)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems like it's parsing the action params to see if the date field doesn't have a mustache template, and then parsing it to see if it's a valid date. That makes sense, but I wonder how often people will be setting literal dates in their action parameters like this. Is it worth it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well, we've already had a bug reported for not doing it so I get the feeling our UX isn't really good enough here.
If a specific format is required for this field, we should be able to validate that only content of that format is defined for it. The fact that we also want to support Mustache shouldn't mean the user can input bad data here... arguably we shouldn't allow any free values here at all, but rather we should only offer valid sources of Datetime strings, but when I looked into that I realised that was a huge change that didn't feel right as a patch bug fix. 🤷
onChange={(e: React.ChangeEvent<HTMLInputElement>) => { | ||
editAction('timestamp', e.target.value, index); | ||
}} | ||
onBlur={() => { | ||
if (!timestamp) { | ||
if (timestamp?.trim()) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was wondering about doing the trim() in the action params validation rather than in the UI here. Guessing here fixes it 99% of the time, but are there cases where it could be missed here, and still have leading/trailing whitespace when the validation occurs? Guessing possible, but very unlikely. In any case, the validation now prints the date value it's validating with dq's, so ... think this will be user-diagnose-able now where it wasn't before ...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah I originally wanted to do it in the action, but that forces us to do trim in multiple places as the validation is separate from where its used and it ends up forcing the null || string?.trim())
logic to repeat in multiple places unless a more major refactoring was done.
It would also mean it's very easy for us to think there's a timestamp value (as the SO wouldn't be null or even an empty string) but in practice we'd be treating it like we don't have one. Seems error prone.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
* master: (30 commits) Migrate vis_type_table to kibana/new platform (elastic#63105) Enable include/exclude in Terms agg for numeric fields (elastic#59425) follow conventions for saved object definitions (elastic#63571) [Docs]Adds saved object key setting to load balancing kib instances (elastic#63935) kbn/config-schema: Consider maybe properties as optional keys in ObjectType (elastic#63838) Fix page layouts, clean up unused code (elastic#63992) [SIEM] Adds recursive exact key checks for validation and formatter [Maps] Migrate remaining maps client files to NP (except routi… (elastic#63859) [Maps] Do not fetch geo_shape from docvalues (elastic#63997) Vega doc changes (elastic#63889) [Metrics UI] Reorganize file layout for Metrics UI (elastic#60049) Add sub-menus to Resolver node (for 75% zoom) (elastic#63476) [FTR] Add test suite metrics tracking/output (elastic#62515) [ML] Fixing single metric viewer page padding (elastic#63839) [Discover] Allow user to generate a report after saving a modified saved search (elastic#63623) [Reporting] Config flag to escape formula CSV values (elastic#63645) [Metrics UI] Remove remaining field filtering (elastic#63398) [Maps] fix date labels (elastic#63909) [TSVB] Use default Kibana palette for split series (elastic#62241) Ingest overview page (elastic#63214) ...
This will be backported to 7.7.1 as well |
…elastic#63954) Improves the messaging when the Pager Duty action has trouble parsing the timestamp field and adds trimming on the timestamp's field to make us more flexible in handling the parsing and hence more likely to be forgiving of the input by the user. As the timestamp relies on context variables provided via mustcahe templates, we can't reliably validate this field at alert creation time. We address by: 1. Trimming the edges, which is required when parsing a date, should help prevent accidental spaces from breaking the parsing. 2. Checking for a mustache template on the client side and if there are none - we validate for a valid timestamp when the action is created.
…#63954) (#64060) Improves the messaging when the Pager Duty action has trouble parsing the timestamp field and adds trimming on the timestamp's field to make us more flexible in handling the parsing and hence more likely to be forgiving of the input by the user. As the timestamp relies on context variables provided via mustcahe templates, we can't reliably validate this field at alert creation time. We address by: 1. Trimming the edges, which is required when parsing a date, should help prevent accidental spaces from breaking the parsing. 2. Checking for a mustache template on the client side and if there are none - we validate for a valid timestamp when the action is created. Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
…elastic#63954) Improves the messaging when the Pager Duty action has trouble parsing the timestamp field and adds trimming on the timestamp's field to make us more flexible in handling the parsing and hence more likely to be forgiving of the input by the user. As the timestamp relies on context variables provided via mustcahe templates, we can't reliably validate this field at alert creation time. We address by: 1. Trimming the edges, which is required when parsing a date, should help prevent accidental spaces from breaking the parsing. 2. Checking for a mustache template on the client side and if there are none - we validate for a valid timestamp when the action is created.
…#63954) (#66571) Improves the messaging when the Pager Duty action has trouble parsing the timestamp field and adds trimming on the timestamp's field to make us more flexible in handling the parsing and hence more likely to be forgiving of the input by the user. As the timestamp relies on context variables provided via mustcahe templates, we can't reliably validate this field at alert creation time. We address by: 1. Trimming the edges, which is required when parsing a date, should help prevent accidental spaces from breaking the parsing. 2. Checking for a mustache template on the client side and if there are none - we validate for a valid timestamp when the action is created.
Summary
Improves the messaging when the Pager Duty action has trouble parsing the timestamp field and adds trimming on the timestamp's field to make us more flexible in handling the parsing and hence more likely to be forgiving of the input by the user.
As the timestamp relies on context variables provided via mustcahe templates, we can't reliably validate this field at alert creation time.
We address by:
closes #63758
closes https://github.com/elastic/siem-team/issues/607
Checklist
Delete any items that are not applicable to this PR.
Documentation was added for features that require explanation or tutorialsThis was checked for keyboard-only and screenreader accessibilityThis renders correctly on smaller devices using a responsive layout. (You can test this in your browserFor maintainers