[Uptime] Refactor cert alerts from batched to individual (#102138)

* refactor cert alerts from batched to individual * remove old translations * create new certificate alert rule type and transition old cert rule type to legacy * update translations * maintain legacy tls rule UI to support legacy rule editing * update translations * update TLS alert content, rule type id, and alert instance id schema * remove extraneous logic and format date content Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
elastic · Jun 23, 2021 · 450abab · 450abab
1 parent e582549
commit 450abab
Show file tree

Hide file tree

Showing 13 changed files with 495 additions and 129 deletions.
diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json
@@ -23486,7 +23486,6 @@
     "xpack.uptime.alerts.tls.criteriaExpression.ariaLabel": "このアラートで監視されるモニターの条件を示す式",
     "xpack.uptime.alerts.tls.criteriaExpression.description": "タイミング",
     "xpack.uptime.alerts.tls.criteriaExpression.value": "任意のモニター",
-    "xpack.uptime.alerts.tls.defaultActionMessage": "期限切れになるか古くなりすぎた{count} TLS個のTLS証明書証明書を検知しました。\n\n{expiringConditionalOpen}\n期限切れになる証明書数：{expiringCount}\n期限切れになる証明書：{expiringCommonNameAndDate}\n{expiringConditionalClose}\n\n{agingConditionalOpen}\n古い証明書数：{agingCount}\n古い証明書：{agingCommonNameAndDate}\n{agingConditionalClose}\n",
     "xpack.uptime.alerts.tls.description": "アップタイム監視の TLS 証明書の有効期限が近いときにアラートを発行します。",
     "xpack.uptime.alerts.tls.expirationExpression.ariaLabel": "証明書有効期限の TLS アラートをトリガーするしきい値を示す式",
     "xpack.uptime.alerts.tls.expirationExpression.description": "証明書が",
@@ -24337,4 +24336,4 @@
     "xpack.watcher.watchEdit.thresholdWatchExpression.aggType.fieldIsRequiredValidationMessage": "フィールドを選択してください。",
     "xpack.watcher.watcherDescription": "アラートの作成、管理、監視によりデータへの変更を検知します。"
   }
-}
+}
diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json
@@ -23852,7 +23852,6 @@
     "xpack.uptime.alerts.tls.criteriaExpression.ariaLabel": "显示此告警监视的监测条件的表达式",
     "xpack.uptime.alerts.tls.criteriaExpression.description": "当",
     "xpack.uptime.alerts.tls.criteriaExpression.value": "任意监测",
-    "xpack.uptime.alerts.tls.defaultActionMessage": "已检测到 {count} 个即将过期或即将过时的 TLS 证书。\n\n{expiringConditionalOpen}\n即将过期的证书计数：{expiringCount}\n即将过期的证书：{expiringCommonNameAndDate}\n{expiringConditionalClose}\n\n{agingConditionalOpen}\n过时的证书计数：{agingCount}\n过时的证书：{agingCommonNameAndDate}\n{agingConditionalClose}\n",
     "xpack.uptime.alerts.tls.description": "运行时间监测的 TLS 证书即将过期时告警。",
     "xpack.uptime.alerts.tls.expirationExpression.ariaLabel": "显示将触发证书过期 TLS 告警的阈值的表达式",
     "xpack.uptime.alerts.tls.expirationExpression.description": "具有将在",
@@ -24713,4 +24712,4 @@
     "xpack.watcher.watchEdit.thresholdWatchExpression.aggType.fieldIsRequiredValidationMessage": "此字段必填。",
     "xpack.watcher.watcherDescription": "通过创建、管理和监测警报来检测数据中的更改。"
   }
-}
+}
diff --git a/x-pack/plugins/uptime/common/constants/alerts.ts b/x-pack/plugins/uptime/common/constants/alerts.ts
@@ -8,16 +8,22 @@
 import { ActionGroup } from '../../../alerting/common';
 
 export type MonitorStatusActionGroup = ActionGroup<'xpack.uptime.alerts.actionGroups.monitorStatus'>;
-export type TLSActionGroup = ActionGroup<'xpack.uptime.alerts.actionGroups.tls'>;
+export type TLSLegacyActionGroup = ActionGroup<'xpack.uptime.alerts.actionGroups.tls'>;
+export type TLSActionGroup = ActionGroup<'xpack.uptime.alerts.actionGroups.tlsCertificate'>;
 export type DurationAnomalyActionGroup = ActionGroup<'xpack.uptime.alerts.actionGroups.durationAnomaly'>;
 
 export const MONITOR_STATUS: MonitorStatusActionGroup = {
   id: 'xpack.uptime.alerts.actionGroups.monitorStatus',
   name: 'Uptime Down Monitor',
 };
 
-export const TLS: TLSActionGroup = {
+export const TLS_LEGACY: TLSLegacyActionGroup = {
   id: 'xpack.uptime.alerts.actionGroups.tls',
+  name: 'Uptime TLS Alert (Legacy)',
+};
+
+export const TLS: TLSActionGroup = {
+  id: 'xpack.uptime.alerts.actionGroups.tlsCertificate',
   name: 'Uptime TLS Alert',
 };
 
@@ -28,16 +34,19 @@ export const DURATION_ANOMALY: DurationAnomalyActionGroup = {
 
 export const ACTION_GROUP_DEFINITIONS: {
   MONITOR_STATUS: MonitorStatusActionGroup;
+  TLS_LEGACY: TLSLegacyActionGroup;
   TLS: TLSActionGroup;
   DURATION_ANOMALY: DurationAnomalyActionGroup;
 } = {
   MONITOR_STATUS,
+  TLS_LEGACY,
   TLS,
   DURATION_ANOMALY,
 };
 
 export const CLIENT_ALERT_TYPES = {
   MONITOR_STATUS: 'xpack.uptime.alerts.monitorStatus',
-  TLS: 'xpack.uptime.alerts.tls',
+  TLS_LEGACY: 'xpack.uptime.alerts.tls',
+  TLS: 'xpack.uptime.alerts.tlsCertificate',
   DURATION_ANOMALY: 'xpack.uptime.alerts.durationAnomaly',
 };
diff --git a/x-pack/plugins/uptime/public/lib/alert_types/index.ts b/x-pack/plugins/uptime/public/lib/alert_types/index.ts
@@ -9,6 +9,7 @@ import { CoreStart } from 'kibana/public';
 import { AlertTypeModel } from '../../../../triggers_actions_ui/public';
 import { initMonitorStatusAlertType } from './monitor_status';
 import { initTlsAlertType } from './tls';
+import { initTlsLegacyAlertType } from './tls_legacy';
 import { ClientPluginsStart } from '../../apps/plugin';
 import { initDurationAnomalyAlertType } from './duration_anomaly';
 
@@ -20,5 +21,6 @@ export type AlertTypeInitializer = (dependenies: {
 export const alertTypeInitializers: AlertTypeInitializer[] = [
   initMonitorStatusAlertType,
   initTlsAlertType,
+  initTlsLegacyAlertType,
   initDurationAnomalyAlertType,
 ];
diff --git a/x-pack/plugins/uptime/public/lib/alert_types/tls_legacy.tsx b/x-pack/plugins/uptime/public/lib/alert_types/tls_legacy.tsx
@@ -0,0 +1,32 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React from 'react';
+import { AlertTypeModel } from '../../../../triggers_actions_ui/public';
+import { CLIENT_ALERT_TYPES } from '../../../common/constants/alerts';
+import { TlsTranslationsLegacy } from './translations';
+import { AlertTypeInitializer } from '.';
+
+const { defaultActionMessage, description } = TlsTranslationsLegacy;
+const TLSAlert = React.lazy(() => import('./lazy_wrapper/tls_alert'));
+export const initTlsLegacyAlertType: AlertTypeInitializer = ({
+  core,
+  plugins,
+}): AlertTypeModel => ({
+  id: CLIENT_ALERT_TYPES.TLS_LEGACY,
+  iconClass: 'uptimeApp',
+  documentationUrl(docLinks) {
+    return `${docLinks.ELASTIC_WEBSITE_URL}guide/en/uptime/${docLinks.DOC_LINK_VERSION}/uptime-alerting.html#_tls_alerts`;
+  },
+  alertParamsExpression: (params: any) => (
+    <TLSAlert core={core} plugins={plugins} params={params} />
+  ),
+  description,
+  validate: () => ({ errors: {} }),
+  defaultActionMessage,
+  requiresAppContext: false,
+});
diff --git a/x-pack/plugins/uptime/public/lib/alert_types/translations.ts b/x-pack/plugins/uptime/public/lib/alert_types/translations.ts
@@ -8,14 +8,32 @@
 import { i18n } from '@kbn/i18n';
 
 export const TlsTranslations = {
+  defaultActionMessage: i18n.translate('xpack.uptime.alerts.tls.legacy.defaultActionMessage', {
+    defaultMessage: `Detected TLS certificate {commonName} from issuer {issuer} is {status}. Certificate {summary}
+`,
+    values: {
+      commonName: '{{state.commonName}}',
+      issuer: '{{state.issuer}}',
+      summary: '{{state.summary}}',
+      status: '{{state.status}}',
+    },
+  }),
+  name: i18n.translate('xpack.uptime.alerts.tls.legacy.clientName', {
+    defaultMessage: 'Uptime TLS (Legacy)',
+  }),
+  description: i18n.translate('xpack.uptime.alerts.tls.legacy.description', {
+    defaultMessage:
+      'Alert when the TLS certificate of an Uptime monitor is about to expire. This alert will be deprecated in a future version.',
+  }),
+};
+
+export const TlsTranslationsLegacy = {
   defaultActionMessage: i18n.translate('xpack.uptime.alerts.tls.defaultActionMessage', {
     defaultMessage: `Detected {count} TLS certificates expiring or becoming too old.
-
 {expiringConditionalOpen}
 Expiring cert count: {expiringCount}
 Expiring Certificates: {expiringCommonNameAndDate}
 {expiringConditionalClose}
-
 {agingConditionalOpen}
 Aging cert count: {agingCount}
 Aging Certificates: {agingCommonNameAndDate}

diff --git a/x-pack/plugins/uptime/server/lib/alerts/index.ts b/x-pack/plugins/uptime/server/lib/alerts/index.ts
@@ -8,6 +8,7 @@
 import { UptimeAlertTypeFactory } from './types';
 import { statusCheckAlertFactory, ActionGroupIds as statusCheckActionGroup } from './status_check';
 import { tlsAlertFactory, ActionGroupIds as tlsActionGroup } from './tls';
+import { tlsLegacyAlertFactory, ActionGroupIds as tlsLegacyActionGroup } from './tls_legacy';
 import {
   durationAnomalyAlertFactory,
   ActionGroupIds as durationAnomalyActionGroup,
@@ -16,5 +17,6 @@ import {
 export const uptimeAlertTypeFactories: [
   UptimeAlertTypeFactory<statusCheckActionGroup>,
   UptimeAlertTypeFactory<tlsActionGroup>,
+  UptimeAlertTypeFactory<tlsLegacyActionGroup>,
   UptimeAlertTypeFactory<durationAnomalyActionGroup>
-] = [statusCheckAlertFactory, tlsAlertFactory, durationAnomalyAlertFactory];
+] = [statusCheckAlertFactory, tlsAlertFactory, tlsLegacyAlertFactory, durationAnomalyAlertFactory];
diff --git a/x-pack/plugins/uptime/server/lib/alerts/tls.test.ts b/x-pack/plugins/uptime/server/lib/alerts/tls.test.ts
@@ -23,27 +23,31 @@ describe('tls alert', () => {
           common_name: 'Common-One',
           monitors: [{ name: 'monitor-one', id: 'monitor1' }],
           sha256: 'abc',
+          issuer: 'Cloudflare Inc ECC CA-3',
         },
         {
           not_after: '2020-07-18T03:15:39.000Z',
           not_before: '2019-07-20T03:15:39.000Z',
           common_name: 'Common-Two',
           monitors: [{ name: 'monitor-two', id: 'monitor2' }],
           sha256: 'bcd',
+          issuer: 'Cloudflare Inc ECC CA-3',
         },
         {
           not_after: '2020-07-19T03:15:39.000Z',
           not_before: '2019-07-22T03:15:39.000Z',
           common_name: 'Common-Three',
           monitors: [{ name: 'monitor-three', id: 'monitor3' }],
           sha256: 'cde',
+          issuer: 'Cloudflare Inc ECC CA-3',
         },
         {
           not_after: '2020-07-25T03:15:39.000Z',
           not_before: '2019-07-25T03:15:39.000Z',
           common_name: 'Common-Four',
           monitors: [{ name: 'monitor-four', id: 'monitor4' }],
           sha256: 'def',
+          issuer: 'Cloudflare Inc ECC CA-3',
         },
       ];
     });
@@ -52,88 +56,66 @@ describe('tls alert', () => {
       jest.clearAllMocks();
     });
 
-    it('sorts expiring certs appropriately when creating summary', () => {
-      diffSpy.mockReturnValueOnce(900).mockReturnValueOnce(901).mockReturnValueOnce(902);
+    it('handles positive diffs for expired certs appropriately', () => {
+      diffSpy.mockReturnValueOnce(900);
       const result = getCertSummary(
-        mockCerts,
+        mockCerts[0],
         new Date('2020-07-20T05:00:00.000Z').valueOf(),
         new Date('2019-03-01T00:00:00.000Z').valueOf()
       );
-      expect(result).toMatchInlineSnapshot(`
-        Object {
-          "agingCommonNameAndDate": "",
-          "agingCount": 0,
-          "count": 4,
-          "expiringCommonNameAndDate": "Common-One, expired on 2020-07-16T03:15:39.000Z 900 days ago.; Common-Two, expired on 2020-07-18T03:15:39.000Z 901 days ago.; Common-Three, expired on 2020-07-19T03:15:39.000Z 902 days ago.",
-          "expiringCount": 3,
-          "hasAging": null,
-          "hasExpired": true,
-        }
-      `);
+      expect(result).toEqual({
+        commonName: mockCerts[0].common_name,
+        issuer: mockCerts[0].issuer,
+        summary: 'expired on Jul 15, 2020 EDT, 900 days ago.',
+        status: 'expired',
+      });
     });
 
-    it('sorts aging certs appropriate when creating summary', () => {
-      diffSpy.mockReturnValueOnce(702).mockReturnValueOnce(701).mockReturnValueOnce(700);
+    it('handles positive diffs for agining certs appropriately', () => {
+      diffSpy.mockReturnValueOnce(702);
       const result = getCertSummary(
-        mockCerts,
+        mockCerts[0],
         new Date('2020-07-01T12:00:00.000Z').valueOf(),
         new Date('2019-09-01T03:00:00.000Z').valueOf()
       );
-      expect(result).toMatchInlineSnapshot(`
-        Object {
-          "agingCommonNameAndDate": "Common-Two, valid since 2019-07-20T03:15:39.000Z, 702 days ago.; Common-Three, valid since 2019-07-22T03:15:39.000Z, 701 days ago.; Common-One, valid since 2019-07-24T03:15:39.000Z, 700 days ago.",
-          "agingCount": 4,
-          "count": 4,
-          "expiringCommonNameAndDate": "",
-          "expiringCount": 0,
-          "hasAging": true,
-          "hasExpired": null,
-        }
-      `);
+      expect(result).toEqual({
+        commonName: mockCerts[0].common_name,
+        issuer: mockCerts[0].issuer,
+        summary: 'valid since Jul 23, 2019 EDT, 702 days ago.',
+        status: 'becoming too old',
+      });
     });
 
     it('handles negative diff values appropriately for aging certs', () => {
-      diffSpy.mockReturnValueOnce(700).mockReturnValueOnce(-90).mockReturnValueOnce(-80);
+      diffSpy.mockReturnValueOnce(-90);
       const result = getCertSummary(
-        mockCerts,
+        mockCerts[0],
         new Date('2020-07-01T12:00:00.000Z').valueOf(),
         new Date('2019-09-01T03:00:00.000Z').valueOf()
       );
-      expect(result).toMatchInlineSnapshot(`
-        Object {
-          "agingCommonNameAndDate": "Common-Two, valid since 2019-07-20T03:15:39.000Z, 700 days ago.; Common-Three, invalid until 2019-07-22T03:15:39.000Z, 90 days from now.; Common-One, invalid until 2019-07-24T03:15:39.000Z, 80 days from now.",
-          "agingCount": 4,
-          "count": 4,
-          "expiringCommonNameAndDate": "",
-          "expiringCount": 0,
-          "hasAging": true,
-          "hasExpired": null,
-        }
-      `);
+      expect(result).toEqual({
+        commonName: mockCerts[0].common_name,
+        issuer: mockCerts[0].issuer,
+        summary: 'invalid until Jul 23, 2019 EDT, 90 days from now.',
+        status: 'invalid',
+      });
     });
 
     it('handles negative diff values appropriately for expiring certs', () => {
       diffSpy
         // negative days are in the future, positive days are in the past
-        .mockReturnValueOnce(-96)
-        .mockReturnValueOnce(-94)
-        .mockReturnValueOnce(2);
+        .mockReturnValueOnce(-96);
       const result = getCertSummary(
-        mockCerts,
+        mockCerts[0],
         new Date('2020-07-20T05:00:00.000Z').valueOf(),
         new Date('2019-03-01T00:00:00.000Z').valueOf()
       );
-      expect(result).toMatchInlineSnapshot(`
-        Object {
-          "agingCommonNameAndDate": "",
-          "agingCount": 0,
-          "count": 4,
-          "expiringCommonNameAndDate": "Common-One, expires on 2020-07-16T03:15:39.000Z in 96 days.; Common-Two, expires on 2020-07-18T03:15:39.000Z in 94 days.; Common-Three, expired on 2020-07-19T03:15:39.000Z 2 days ago.",
-          "expiringCount": 3,
-          "hasAging": null,
-          "hasExpired": true,
-        }
-      `);
+      expect(result).toEqual({
+        commonName: mockCerts[0].common_name,
+        issuer: mockCerts[0].issuer,
+        summary: 'expires on Jul 15, 2020 EDT in 96 days.',
+        status: 'expiring',
+      });
     });
   });
 });