[Fleet] Add support_agentless property in agent policy schema and preconfiguration #182709
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
criamico
added
the
Team:Fleet
🤖 GitHub commentsExpand to view the GitHub comments
Just comment with:
|
|
/ci |
criamico
added
the
release_note:skip
|
/ci |
… src/core/server/integration_tests/ci_checks'
|
@elasticmachine merge upstream |
|
/ci |
|
Pinging @elastic/fleet (Team:Fleet) |
|
PR needed in preparation for #180375. I originally thought to group the changes in a single PR but the changeset would become too big. |
kilfoyle
reviewed
May 7, 2024
kilfoyle
reviewed
May 7, 2024
kilfoyle
reviewed
May 7, 2024
x-pack/plugins/fleet/common/openapi/components/schemas/agent_policy.yaml
Outdated
Show resolved
Hide resolved
kilfoyle
approved these changes
May 7, 2024
kpollich
approved these changes
May 7, 2024
|
@elasticmachine merge upstream |
💚 Build Succeeded
Metrics [docs]Public APIs missing comments
History
To update your PR or re-run it, just comment with: cc @criamico |
3 tasks
3 tasks
criamico
added a commit
that referenced
this pull request
May 24, 2024
Closes #180375 ## Summary Expand support for Agentless in Fleet UI. Implemented on this PR: - Agent policies created with `supports_agentless` (added in #182709) are now marked as `is_managed` - Added support for `deployment_modes.agentless.enabled` and `hide_in_deployment_modes` introduced with elastic/package-spec#684: - `hide_in_deployment_modes` shows/hides variables in agentless/default UI - `deployment_modes.agentless.enabled: true` determines an integration as enabled for agentless ## Notes - In this PR, an integration enabled for serverless is still added to the default `agentless` policy. - Integrations enabled for agentless don't display any specific "agentless" form yet. That part is TBD ### Testing - Run local env for [agentless](https://docs.elastic.dev/security-solution/cloud-security/agentless) ### Verify that new settings are honoured in integration policy - Use the compiled package with new properties defined in elastic/package-spec#738 `agentless_test_package-1.0.1-rc1.zip` (Packages in this [comment](#183045 (comment))) - Upload it to Kibana: ```sh curl -k -XPOST -H 'content-type: application/zip' -H 'kbn-xsrf: true' https://localhost:5601/api/fleet/epm/packages -u elastic_serverless:changeme --data-binary @agentless_test_package-0.0.1.zip ``` - Check that the variable marked with `hide_in_deployment_modes: "agentless"` are not visible - Check that the agent policies selector is not visible  ### Verify that agent policies with `supports_agentless` are marked as managed - Create a new policy with `supports_agentless` ``` POST kbn:/api/fleet/agent_policies { "name": "Test - Agentless policy", "namespace": "default", "supports_agentless": true } ``` - Check that the created policy has `is_managed = true` - Try to change the value to false - an error is thrown ``` PUT kbn:/api/fleet/agent_policies/<policy_id> { "name": "Test - Agentless policy", "namespace": "default", "supports_agentless": false } ``` ### Checklist - [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #180377
Summary
Add a new
support_agentlessproperty in agent policy and in preconfiguration; this property is only allowed when the environment has bothisServerlessset totrueandagentlessfeature flag enabled, otherwise policy creation/update will throw errorsupports_agentless is only allowed in serverless environments that support agentless feature.No UI change is required for now as this property will be needed as part of a wider support to agentless policies.
Testing
Serverless
agentlessfeature flag enabledsupport_agentlessproperty:GET kbn:/api/fleet/agent_policies:agentlessfeature flag is disabled, any of the above will throw an error.Stateful
Spin up a stateful env and verify that all of the previous commands fail with
400and above error message.Checklist