[Security Solution][Endpoint][Admin] Task/endpoint list actions (#76555) (#77636)

Endpoint list actions to security solution endpoint admin
Co-authored-by: Paul Tavares <paul.tavares@elastic.co>

Author: parkiino

x-pack/plugins/ingest_manager/public/index.ts

@@ -20,3 +20,5 @@ export {
 
 export { NewPackagePolicy } from './applications/ingest_manager/types';
 export * from './applications/ingest_manager/types/intra_app_route_state';
+
+export { pagePathGetters } from './applications/ingest_manager/constants';

x-pack/plugins/ingest_manager/scripts/dev_agent/script.ts

@@ -14,7 +14,11 @@ import {
   PostAgentEnrollRequest,
   PostAgentEnrollResponse,
 } from '../../common/types';
+import * as kibanaPackage from '../../package.json';
 
+// @ts-ignore
+// Using the ts-ignore because we are importing directly from a json to a script file
+const version = kibanaPackage.version;
 const CHECKIN_INTERVAL = 3000; // 3 seconds
 
 type Agent = Pick<_Agent, 'id' | 'access_api_key'>;
@@ -104,6 +108,7 @@ async function enroll(kibanaURL: string, apiKey: string, log: ToolingLog): Promi
         ip: '127.0.0.1',
         system: `${os.type()} ${os.release()}`,
         memory: os.totalmem(),
+        elastic: { agent: { version } },
       },
       user_provided: {
         dev_agent_version: '0.0.1',

x-pack/plugins/security_solution/public/common/hooks/endpoint/use_navigate_to_app_event_handler.ts

@@ -12,7 +12,7 @@ type NavigateToAppHandlerOptions<S = unknown> = NavigateToAppOptions & {
   state?: S;
   onClick?: EventHandlerCallback;
 };
-type EventHandlerCallback = MouseEventHandler<HTMLButtonElement | HTMLAnchorElement>;
+type EventHandlerCallback = MouseEventHandler<HTMLButtonElement | HTMLAnchorElement | Element>;
 
 /**
  * Provides an event handlers that can be used with (for example) `onClick` to prevent the

x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/action.ts

@@ -82,6 +82,11 @@ interface ServerReturnedEndpointNonExistingPolicies {
   payload: EndpointState['nonExistingPolicies'];
 }
 
+interface ServerReturnedEndpointAgentPolicies {
+  type: 'serverReturnedEndpointAgentPolicies';
+  payload: EndpointState['agentPolicies'];
+}
+
 interface ServerReturnedEndpointExistValue {
   type: 'serverReturnedEndpointExistValue';
   payload: boolean;
@@ -126,4 +131,5 @@ export type EndpointAction =
   | ServerFailedToReturnMetadataPatterns
   | AppRequestedEndpointList
   | ServerReturnedEndpointNonExistingPolicies
+  | ServerReturnedEndpointAgentPolicies
   | UserUpdatedEndpointListRefreshOptions;

x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/index.test.ts

@@ -52,6 +52,7 @@ describe('EndpointList store concerns', () => {
         policyItemsLoading: false,
         endpointPackageInfo: undefined,
         nonExistingPolicies: {},
+        agentPolicies: {},
         endpointsExist: true,
         patterns: [],
         patternsError: undefined,

x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/middleware.ts

@@ -18,7 +18,7 @@ import {
   patterns,
   searchBarQuery,
 } from './selectors';
-import { EndpointState } from '../types';
+import { EndpointState, PolicyIds } from '../types';
 import {
   sendGetEndpointSpecificPackagePolicies,
   sendGetEndpointSecurityPackage,
@@ -105,15 +105,21 @@ export const endpointMiddlewareFactory: ImmutableMiddlewareFactory<EndpointState
         });
 
         try {
-          const missingPolicies = await getNonExistingPoliciesForEndpointsList(
+          const ingestPolicies = await getAgentAndPoliciesForEndpointsList(
             coreStart.http,
             endpointResponse.hosts,
             nonExistingPolicies(getState())
           );
-          if (missingPolicies !== undefined) {
+          if (ingestPolicies?.packagePolicy !== undefined) {
             dispatch({
               type: 'serverReturnedEndpointNonExistingPolicies',
-              payload: missingPolicies,
+              payload: ingestPolicies.packagePolicy,
+            });
+          }
+          if (ingestPolicies?.agentPolicy !== undefined) {
+            dispatch({
+              type: 'serverReturnedEndpointAgentPolicies',
+              payload: ingestPolicies.agentPolicy,
             });
           }
         } catch (error) {
@@ -202,15 +208,21 @@ export const endpointMiddlewareFactory: ImmutableMiddlewareFactory<EndpointState
           });
 
           try {
-            const missingPolicies = await getNonExistingPoliciesForEndpointsList(
+            const ingestPolicies = await getAgentAndPoliciesForEndpointsList(
               coreStart.http,
               response.hosts,
               nonExistingPolicies(getState())
             );
-            if (missingPolicies !== undefined) {
+            if (ingestPolicies?.packagePolicy !== undefined) {
               dispatch({
                 type: 'serverReturnedEndpointNonExistingPolicies',
-                payload: missingPolicies,
+                payload: ingestPolicies.packagePolicy,
+              });
+            }
+            if (ingestPolicies?.agentPolicy !== undefined) {
+              dispatch({
+                type: 'serverReturnedEndpointAgentPolicies',
+                payload: ingestPolicies.agentPolicy,
               });
             }
           } catch (error) {
@@ -242,15 +254,21 @@ export const endpointMiddlewareFactory: ImmutableMiddlewareFactory<EndpointState
         });
 
         try {
-          const missingPolicies = await getNonExistingPoliciesForEndpointsList(
+          const ingestPolicies = await getAgentAndPoliciesForEndpointsList(
             coreStart.http,
             [response],
             nonExistingPolicies(getState())
           );
-          if (missingPolicies !== undefined) {
+          if (ingestPolicies !== undefined) {
             dispatch({
               type: 'serverReturnedEndpointNonExistingPolicies',
-              payload: missingPolicies,
+              payload: ingestPolicies.packagePolicy,
+            });
+          }
+          if (ingestPolicies?.agentPolicy !== undefined) {
+            dispatch({
+              type: 'serverReturnedEndpointAgentPolicies',
+              payload: ingestPolicies.agentPolicy,
             });
           }
         } catch (error) {
@@ -284,11 +302,11 @@ export const endpointMiddlewareFactory: ImmutableMiddlewareFactory<EndpointState
   };
 };
 
-const getNonExistingPoliciesForEndpointsList = async (
+const getAgentAndPoliciesForEndpointsList = async (
   http: HttpStart,
   hosts: HostResultList['hosts'],
   currentNonExistingPolicies: EndpointState['nonExistingPolicies']
-): Promise<EndpointState['nonExistingPolicies'] | undefined> => {
+): Promise<PolicyIds | undefined> => {
   if (hosts.length === 0) {
     return;
   }
@@ -318,29 +336,38 @@ const getNonExistingPoliciesForEndpointsList = async (
         )})`,
       },
     })
-  ).items.reduce<EndpointState['nonExistingPolicies']>((list, agentPolicy) => {
-    (agentPolicy.package_policies as string[]).forEach((packagePolicy) => {
-      list[packagePolicy as string] = true;
-    });
-    return list;
-  }, {});
+  ).items.reduce<PolicyIds>(
+    (list, agentPolicy) => {
+      (agentPolicy.package_policies as string[]).forEach((packagePolicy) => {
+        list.packagePolicy[packagePolicy as string] = true;
+        list.agentPolicy[packagePolicy as string] = agentPolicy.id;
+      });
+      return list;
+    },
+    { packagePolicy: {}, agentPolicy: {} }
+  );
 
-  const nonExisting = policyIdsToCheck.reduce<EndpointState['nonExistingPolicies']>(
-    (list, policyId) => {
-      if (policiesFound[policyId]) {
+  // packagePolicy contains non-existing packagePolicy ids whereas agentPolicy contains existing agentPolicy ids
+  const nonExistingPackagePoliciesAndExistingAgentPolicies = policyIdsToCheck.reduce<PolicyIds>(
+    (list, policyId: string) => {
+      if (policiesFound.packagePolicy[policyId as string]) {
+        list.agentPolicy[policyId as string] = policiesFound.agentPolicy[policyId];
         return list;
       }
-      list[policyId] = true;
+      list.packagePolicy[policyId as string] = true;
       return list;
     },
-    {}
+    { packagePolicy: {}, agentPolicy: {} }
   );
 
-  if (Object.keys(nonExisting).length === 0) {
+  if (
+    Object.keys(nonExistingPackagePoliciesAndExistingAgentPolicies.packagePolicy).length === 0 &&
+    Object.keys(nonExistingPackagePoliciesAndExistingAgentPolicies.agentPolicy).length === 0
+  ) {
     return;
   }
 
-  return nonExisting;
+  return nonExistingPackagePoliciesAndExistingAgentPolicies;
 };
 
 const doEndpointsExist = async (http: HttpStart): Promise<boolean> => {

x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/mock_endpoint_result_list.ts

@@ -20,6 +20,7 @@ import {
 } from '../../policy/store/policy_list/services/ingest';
 import {
   GetAgentPoliciesResponse,
+  GetAgentPoliciesResponseItem,
   GetPackagesResponse,
 } from '../../../../../../ingest_manager/common/types/rest_spec';
 import { GetPolicyListResponse } from '../../policy/types';
@@ -43,7 +44,7 @@ export const mockEndpointResultList: (options?: {
   // total - numberToSkip is the count of non-skipped ones, but return no more than a pageSize, and no less than 0
   const actualCountToReturn = Math.max(Math.min(total - numberToSkip, requestPageSize), 0);
 
-  const hosts = [];
+  const hosts: HostInfo[] = [];
   for (let index = 0; index < actualCountToReturn; index++) {
     hosts.push({
       metadata: generator.generateHostMetadata(),
@@ -78,12 +79,14 @@ const endpointListApiPathHandlerMocks = ({
   epmPackages = [generator.generateEpmPackage()],
   endpointPackagePolicies = [],
   policyResponse = generator.generatePolicyResponse(),
+  agentPolicy = generator.generateAgentPolicy(),
 }: {
   /** route handlers will be setup for each individual host in this array */
   endpointsResults?: HostResultList['hosts'];
   epmPackages?: GetPackagesResponse['response'];
   endpointPackagePolicies?: GetPolicyListResponse['items'];
   policyResponse?: HostPolicyResponse;
+  agentPolicy?: GetAgentPoliciesResponseItem;
 } = {}) => {
   const apiHandlers = {
     // endpoint package info
@@ -106,7 +109,6 @@ const endpointListApiPathHandlerMocks = ({
     // Do policies referenced in endpoint list exist
     // just returns 1 single agent policy that includes all of the packagePolicy IDs provided
     [INGEST_API_AGENT_POLICIES]: (): GetAgentPoliciesResponse => {
-      const agentPolicy = generator.generateAgentPolicy();
       (agentPolicy.package_policies as string[]).push(
         ...endpointPackagePolicies.map((packagePolicy) => packagePolicy.id)
       );

x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/reducer.ts

@@ -30,6 +30,7 @@ export const initialEndpointListState: Immutable<EndpointState> = {
   policyItemsLoading: false,
   endpointPackageInfo: undefined,
   nonExistingPolicies: {},
+  agentPolicies: {},
   endpointsExist: true,
   patterns: [],
   patternsError: undefined,
@@ -72,6 +73,14 @@ export const endpointListReducer: ImmutableReducer<EndpointState, AppAction> = (
         ...action.payload,
       },
     };
+  } else if (action.type === 'serverReturnedEndpointAgentPolicies') {
+    return {
+      ...state,
+      agentPolicies: {
+        ...state.agentPolicies,
+        ...action.payload,
+      },
+    };
   } else if (action.type === 'serverReturnedMetadataPatterns') {
     // handle error case
     return {

x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/store/selectors.ts

@@ -217,6 +217,13 @@ export const nonExistingPolicies: (
   state: Immutable<EndpointState>
 ) => Immutable<EndpointState['nonExistingPolicies']> = (state) => state.nonExistingPolicies;
 
+/**
+ * returns the list of known existing agent policies
+ */
+export const agentPolicies: (
+  state: Immutable<EndpointState>
+) => Immutable<EndpointState['agentPolicies']> = (state) => state.agentPolicies;
+
 /**
  * Return boolean that indicates whether endpoints exist
  * @param state

x-pack/plugins/security_solution/public/management/pages/endpoint_hosts/types.ts

@@ -51,8 +51,10 @@ export interface EndpointState {
   selectedPolicyId?: string;
   /** Endpoint package info */
   endpointPackageInfo?: GetPackagesResponse['response'][0];
-  /** tracks the list of policies IDs used in Host metadata that may no longer exist */
-  nonExistingPolicies: Record<string, boolean>;
+  /** Tracks the list of policies IDs used in Host metadata that may no longer exist */
+  nonExistingPolicies: PolicyIds['packagePolicy'];
+  /** List of Package Policy Ids mapped to an associated Fleet Parent Agent Policy Id*/
+  agentPolicies: PolicyIds['agentPolicy'];
   /** Tracks whether hosts exist and helps control if onboarding should be visible */
   endpointsExist: boolean;
   /** index patterns for query bar */
@@ -65,6 +67,15 @@ export interface EndpointState {
   autoRefreshInterval: number;
 }
 
+/**
+ * packagePolicy contains a list of Package Policy IDs (received via Endpoint metadata policy response) mapped to a boolean whether they exist or not.
+ * agentPolicy contains a list of existing Package Policy Ids mapped to an associated Fleet parent Agent Config.
+ */
+export interface PolicyIds {
+  packagePolicy: Record<string, boolean>;
+  agentPolicy: Record<string, string>;
+}
+
 /**
  * Query params on the host page parsed from the URL
  */