-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disable action plugin functionality when ESO plugin is using an ephemeral encryption key #56906
Disable action plugin functionality when ESO plugin is using an ephemeral encryption key #56906
Conversation
Pinging @elastic/kibana-alerting-services (Team:Alerting Services) |
@elasticmachine merge upstream |
@elasticmachine merge upstream |
…ble-actions-plugin-ESO-tmp-key
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, but think we should add an error log message per comment, if we aren't already.
@@ -108,6 +109,9 @@ export class ActionsPlugin implements Plugin<Promise<PluginSetupContract>, Plugi | |||
} | |||
|
|||
public async setup(core: CoreSetup, plugins: ActionsPluginsSetup): Promise<PluginSetupContract> { | |||
this.isESOUsingEphemeralEncryptionKey = | |||
plugins.encryptedSavedObjects.usingEphemeralEncryptionKey; | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems like we should log an error message here, when isESOUsingEphemeralEncryptionKey
is true. Will help folks looking at error logs caused by the exceptions we're now throwing. Something like the following, stolen from one of the other messages in this PR:
Unable to initialize the alerting plugin due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point, I went ahead with the message below. The changes are within this commit 1cf1cac and I went ahead and made the same for the alerting plugin 👍
APIs are disabled due to the Encrypted Saved Objects plugin using an ephemeral encryption key. Please set xpack.encryptedSavedObjects.encryptionKey in kibana.yml.
…ble-actions-plugin-ESO-tmp-key
@elasticmachine merge upstream |
@elasticmachine merge upstream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
…eral encryption key (elastic#56906) * Disable actions client when ESO using generated key * Add test for getActionsClientWithRequest * Add other part to plugin.test.ts * Cleanup tests a bit * Cleanup tests * plugin.test.ts cleanup * Add warning logs on setup Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
…eral encryption key (#56906) (#57486) * Disable actions client when ESO using generated key * Add test for getActionsClientWithRequest * Add other part to plugin.test.ts * Cleanup tests a bit * Cleanup tests * plugin.test.ts cleanup * Add warning logs on setup Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Resolves the actions portion of #56420.
In this PR, the actions client will throw an error whenever trying to create an instance of the client (via
getActionsClientWithRequest
orrouteHandlerContext
in route handler context) and the encrypted saved objects plugin is using an ephemeral encryption key. Errors will also be thrown when calling the execute API or the execute function exposed by the plugin.Sample error message: