Disable Advanced Settings for serverless #159590
Comments
alisonelizabeth
added
the
Team:Kibana Management
|
Pinging @elastic/platform-deployment-management (Team:Deployment Management) |
|
Just to summarise what we discussed about this in the Deployment management team meeting: We decided to disable the Advanced settings plugin and this will only disable the UI/the app in Stack Management. The routes to change/get the settings will still be available because they are registered in the core UI setting. Therefore, we will make these routes internal with the new config option added with #152404. |
|
Just saw #159819 so I figured I would ask my question in this issue instead: I feel like fully disabling the plugin and making the associated core routes internal may be slightly brutal? Disabling user access to some settings on serverless definitely makes sense to me, but I'm not sure about all of them? Just to make sure, did we check with teams and solutions that they were fine with this and weren't expecting to let users edit at least some of their uiSettings in our managed environment? |
|
Hi @pgayvallet! I'll share some background on this via Slack. |
|
Summary: The current decision is to disable the existing Advanced Settings page, with the understanding that we plan to bring advanced settings back in some form for serverless. However, we will essentially start with a clean slate, i.e., there may be some settings we bring back or new settings specific for serverless. The requirements for what settings we do want to expose on the new page is still TBD. |
Partially addresses #159590 ## Summary This PR disables the Advanced settings plugin for all projects in serverless. **How to test:** 1. Start Elasticsearch with `yarn es snapshot` and Kibana with `yarn serverless-{mode}` where {mode} can be `es`, `security`, or `oblt`. 2. Verify that the Advanced settings app is not accessible and its endpoint (`app/management/kibana/settings`) leads to the Stack Management landing page. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
…in self-managed only (#160499) Partially addresses #159590 ## Summary This PR adds an an internal uiSettings API that is a duplicate of the public API and is intended for use by the browser-side uiSettings client. The PR also adds a config settings that is configured in serverless context only and exposes the public uiSettings routes based on the value of this setting (it defaults to false since we don't want to expose the public routes in serverless). **How to test:** I. Verify that in serverless the internal routes are exposed but the public ones aren't: 1. Start Es with `yarn es snapshot` and Kibana with `yarn serverless-{mode}` where `{mode}` can be `es`, `oblt`, or `security` (the public routes should be disabled for all projects). 2. Verify that the public endpoints are not accessible. For example, `curl --user elastic:changeme 'http://localhost:5601/zhb/api/kibana/settings' -X 'GET'` should return `{"statusCode":404,"error":"Not Found","message":"Not Found"}`. 3. Verify that the internal endpoints are accessible. For example, `curl --user elastic:changeme 'http://localhost:5601/zhb/internal/kibana/settings' -X 'GET'` should return `{"settings":{"buildNum":{"userValue":9007199254740991},"isDefaultIndexMigrated":{"userValue":true},"defaultRoute":{"isOverridden":true,"userValue":"/app/elasticsearch"}}}` II. Verify that the both public and internal routes are exposed in self-managed: 1. Start Es with `yarn es snapshot` and Kibana with `yarn start` 2. Verify that the public endpoints are accessible. For example, `curl --user elastic:changeme 'http://localhost:5601/zhb/api/kibana/settings' -X 'GET'` should return `{"settings":{"buildNum":{"userValue":9007199254740991},"isDefaultIndexMigrated":{"userValue":true}}}` 3. Verify that the internal endpoints are accessible. For example, `curl --user elastic:changeme 'http://localhost:5601/zhb/internal/kibana/settings' -X 'GET'` should return `{"settings":{"buildNum":{"userValue":9007199254740991},"isDefaultIndexMigrated":{"userValue":true}}}` III. Verify that the plugins/services that consume the internal uiSettings endpoints work as expected in both self-managed and serverless environment. ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Follow up to #157756.
We need to disable Advanced Settings for all project types in serverless.
The text was updated successfully, but these errors were encountered: