Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Interactive setup should validate configuration entries using original schema objects #111340

Open
azasypkin opened this issue Sep 7, 2021 · 1 comment
Open

Interactive setup should validate configuration entries using original schema objects #111340

azasypkin opened this issue Sep 7, 2021 · 1 comment
Labels
backport:skip This commit does not require backporting Feature:Security/Interactive Setup Platform Security - Interactive setup mode release_note:skip Skip the PR/issue when compiling release notes Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.0.0

Comments

@azasypkin
Copy link
Member

Summary

Currently interactive setup can write the following configuration entries directly to the disk:

  • elasticsearch.hosts
  • elasticsearch.serviceAccountToken
  • elasticsearch.password
  • elasticsearch.username
  • elasticsearch.ssl.certificateAuthorities

We do our best to make sure we write valid values, but there is no guarantee our validation logic will function as expected in case original configuration schema changes. Ideally we should validate all config entries we write to the disk using original schema objects that Kibana uses to validate those entries itself. This way our validation logic will always be up-to-date.

Currently we deal only with the config owned by the Core, but there is a chance we'll also need to support plugin-specific config (e.g. encryption keys, authentication providers etc.). The solution should account for that as well.
@azasypkin azasypkin added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.0.0 release_note:skip Skip the PR/issue when compiling release notes backport:skip This commit does not require backporting Feature:Security/Interactive Setup Platform Security - Interactive setup mode labels Sep 7, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@azasypkin azasypkin mentioned this issue Sep 7, 2021
Closed
15 tasks
@exalate-issue-sync exalate-issue-sync bot added impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. loe:small Small Level of Effort labels Sep 10, 2021
@azasypkin azasypkin mentioned this issue Sep 27, 2021
Open
@legrego legrego removed loe:small Small Level of Effort impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. labels Aug 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backport:skip This commit does not require backporting Feature:Security/Interactive Setup Platform Security - Interactive setup mode release_note:skip Skip the PR/issue when compiling release notes Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.0.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@azasypkin @legrego @elasticmachine