Skip to content

Commit

Permalink
[Security Solution][Siem migrations] Swap experimental flag for ESS (e…
Browse files Browse the repository at this point in the history
…lastic#208541)

## Summary

This PR enables the SIEM migrations experimental flag by default in
ESS/on-prem.
We keep the experimental flag disabled in serverless (using
`config/serverless.security.yml`) since we don't want to release it yet.

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
  • Loading branch information
semd and elasticmachine authored Jan 29, 2025
1 parent 449ac98 commit 93f6746
Show file tree
Hide file tree
Showing 13 changed files with 29 additions and 22 deletions.
6 changes: 4 additions & 2 deletions config/serverless.security.yml
Original file line number Diff line number Diff line change
Expand Up @@ -167,5 +167,7 @@ xpack.index_management.enableProjectLevelRetentionChecks: true

# Experimental Security Solution features

# This feature is disabled in Serverless until fully performance tested within a Serverless environment
xpack.securitySolution.enableExperimental: ['entityStoreDisabled']
# These features are disabled in Serverless until fully tested
xpack.securitySolution.enableExperimental:
- entityStoreDisabled
- siemMigrationsDisabled
Original file line number Diff line number Diff line change
Expand Up @@ -242,9 +242,9 @@ export const allowedExperimentalValues = Object.freeze({
serviceEntityStoreEnabled: true,

/**
* Enables the siem migrations feature
* Disables the siem migrations feature
*/
siemMigrationsEnabled: false,
siemMigrationsDisabled: false,

/**
* Enables the Defend Insights feature
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,12 @@ const useFilteredConfig = (): OnboardingConfig => {
if (item.experimentalFlagRequired && !experimentalFeatures[item.experimentalFlagRequired]) {
return false;
}
if (
item.disabledExperimentalFlagRequired &&
experimentalFeatures[item.disabledExperimentalFlagRequired]
) {
return false;
}
if (item.licenseTypeRequired && !license.isAtLeast(item.licenseTypeRequired)) {
return false;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,6 @@ export const onboardingConfig: TopicConfig[] = [
}),
body: siemMigrationsBodyConfig,
licenseTypeRequired: 'enterprise',
experimentalFlagRequired: 'siemMigrationsEnabled',
disabledExperimentalFlagRequired: 'siemMigrationsDisabled',
},
];
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,10 @@ export interface OnboardingConfigAvailabilityProps {
* The experimental features required to enable the item.
*/
experimentalFlagRequired?: keyof ExperimentalFeatures;
/**
* The disabled experimental features required to enable the item.
*/
disabledExperimentalFlagRequired?: keyof ExperimentalFeatures;
}

export interface OnboardingCardConfig<TMetadata extends {} = {}>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -343,7 +343,7 @@ export class Plugin implements IPlugin<PluginSetup, PluginStart, SetupPlugins, S
investigations: subPlugins.investigations.start(),
machineLearning: subPlugins.machineLearning.start(),
siemMigrations: subPlugins.siemMigrations.start(
this.experimentalFeatures.siemMigrationsEnabled
!this.experimentalFeatures.siemMigrationsDisabled
),
};
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,6 @@ export const siemMigrationsLinks: LinkItem = {
defaultMessage: 'SIEM Rule Migrations',
}),
],
experimentalKey: 'siemMigrationsEnabled',
hideWhenExperimentalKey: 'siemMigrationsDisabled',
isBeta: true,
};
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,9 @@ export class SiemRulesMigrationsService {
}

public isAvailable() {
return ExperimentalFeaturesService.get().siemMigrationsEnabled && licenseService.isEnterprise();
return (
!ExperimentalFeaturesService.get().siemMigrationsDisabled && licenseService.isEnterprise()
);
}

public startPolling() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ export const registerSiemMigrationsRoutes = (
config: ConfigType,
logger: Logger
) => {
if (config.experimentalFeatures.siemMigrationsEnabled) {
if (!config.experimentalFeatures.siemMigrationsDisabled) {
registerSiemRuleMigrationsRoutes(router, logger);
}
};
Original file line number Diff line number Diff line change
Expand Up @@ -42,10 +42,10 @@ describe('SiemMigrationsService', () => {
jest.clearAllMocks();
});

describe('with siemMigrationsEnabled flag', () => {
describe('with experimental flag enabled', () => {
beforeEach(() => {
siemMigrationsService = new SiemMigrationsService(
{ experimentalFeatures: { siemMigrationsEnabled: true } } as ConfigType,
{ experimentalFeatures: { siemMigrationsDisabled: false } } as ConfigType,
logger,
kibanaVersion
);
Expand Down Expand Up @@ -90,10 +90,10 @@ describe('SiemMigrationsService', () => {
});
});

describe('without siemMigrationsEnabled flag', () => {
describe('without experimental flag disabled', () => {
beforeEach(() => {
siemMigrationsService = new SiemMigrationsService(
{ experimentalFeatures: { siemMigrationsEnabled: false } } as ConfigType,
{ experimentalFeatures: { siemMigrationsDisabled: true } } as ConfigType,
logger,
kibanaVersion
);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ export class SiemMigrationsService {
}

setup(params: SiemMigrationsSetupParams) {
if (this.config.experimentalFeatures.siemMigrationsEnabled) {
if (!this.config.experimentalFeatures.siemMigrationsDisabled) {
this.rules.setup({ ...params, pluginStop$: this.pluginStop$ });
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {

return {
...functionalConfig.getAll(),
kbnTestServer: {
...functionalConfig.get('kbnTestServer'),
serverArgs: [
...functionalConfig.get('kbnTestServer.serverArgs'),
`--xpack.securitySolution.enableExperimental=${JSON.stringify(['siemMigrationsEnabled'])}`,
],
},
testFiles: [require.resolve('..')],
junit: {
reportName: 'SIEM Migrations Integration Tests - ESS Env - Trial License',
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { createTestConfig } from '../../../../../config/serverless/config.base';

export default createTestConfig({
kbnTestServerArgs: [
`--xpack.securitySolution.enableExperimental=${JSON.stringify(['siemMigrationsEnabled'])}`,
`--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, // override to empty array so the flag is not disabled
`--xpack.securitySolutionServerless.productTypes=${JSON.stringify([
{ product_line: 'security', product_tier: 'complete' },
{ product_line: 'endpoint', product_tier: 'complete' },
Expand Down

0 comments on commit 93f6746

Please sign in to comment.