Merge branch 'master' of github.com:elastic/kibana into security-rule…

…-type-flatten
elastic · Aug 4, 2021 · c7946b9 · c7946b9
2 parents 5cccc73 + a89f6a1
commit c7946b9
Show file tree

Hide file tree

Showing 107 changed files with 7,107 additions and 1,529 deletions.
diff --git a/docs/CHANGELOG.asciidoc b/docs/CHANGELOG.asciidoc
@@ -72,10 +72,10 @@ You must migrate your time_based index patterns to a wildcard pattern. For examp
 [%collapsible]
 ====
 *Details* +
-For the `.tar.gz` and `.zip` archives, `platform` has been removed from the `root` folder name. For more information, refer to {kibana-pull}93835[#93835]
+After you extract an archive, the output directory no longer includes the target platform. For example, `kibana-8.0.0-linux-aarch64.tar.gz` produces a `kibana-8.0.0` folder. For more information, refer to {kibana-pull}93835[#93835].
 
 *Impact* +
-The `root` folder name now appears as `kibana-8.0.0-SNAPSHOT-linux-aarch64.tar.gz -> kibana-8.0.0-SNAPSHOT`.
+To use the new folder, update the configuration management tools and automation.
 ====
 
 [discrete]
@@ -84,10 +84,10 @@ The `root` folder name now appears as `kibana-8.0.0-SNAPSHOT-linux-aarch64.tar.g
 [%collapsible]
 ====
 *Details* +
-The default support for TLS v1.0 and v1.1 has been removed. For more information, refer to {kibana-pull}90511[#90511]
+The default support for TLS v1.0 and v1.1 has been removed. For more information, refer to {kibana-pull}90511[#90511].
 
 *Impact* +
-To enable support, set the environment variable to `NODE_OPTIONS=--tls-min-1.0`.
+To enable support, set `--tls-min-1.0` in the `node.options` configuration file. To locate the configuration file, go to the kibana/config folder or any other configuration with the `KBN_PATH_CONF` environment variable. For example, if you are using a Debian-based system, the configuration file is located in /etc/kibana.
 ====
 
 [discrete]
@@ -96,10 +96,10 @@ To enable support, set the environment variable to `NODE_OPTIONS=--tls-min-1.0`.
 [%collapsible]
 ====
 *Details* +
-Systems that don't have `service` aliased to use kibana.service are unable to use `service start kibana`. For more information, refer to {kibana-pull}74424[#74424]
+All supported operating systems use systemd service files. Any system that doesn’t have `service` aliased to use kibana.service should use `systemctl start kibana.service` instead of `service start kibana`. For more information, refer to {kibana-pull}74424[#74424].
 
 *Impact* +
-If your system doesn't have `service` aliased to use kibana.service, use `systemctl start kibana.service`.
+If your installation uses .deb or .rpm packages with SysV, migrate to systemd.
 ====
 
 [discrete]
@@ -108,10 +108,30 @@ If your system doesn't have `service` aliased to use kibana.service, use `system
 [%collapsible]
 ====
 *Details* +
-By default, responses are not logged. Previously, responses were logged if `logging.json` was set to `true`, `logging.dest` was specified, or a TTY was detected. For more information, refer to {kibana-pull}42353[#42353]
+In previous versions, all events are logged in `json` when `logging.json:true`. With the new logging configuration, you can choose the `json` and pattern output formats with layouts. For more information, refer to {kibana-pull}42353[#42353].
 
 *Impact* +
-To log responses, set `logging.events.response=*` in kibana.yml.
+To restore the previous behavior, configure the logging format for each custom appender with the `appender.layout property` in kibana.yml. There is no default for custom appenders, and each appender must be configured expilictly.
+
+[source,yaml]
+-------------------
+logging:
+  appenders:
+    custom_console:
+      type: console
+      layout:
+        type: pattern
+    custom_json:
+      type: console
+      layout:
+        type: json
+  loggers:
+    - name: plugins.myPlugin
+      appenders: [custom_console]
+  root:
+    appenders: [default, custom_json]
+    level: warn
+-------------------
 ====
 
 [float]
@@ -120,7 +140,7 @@ To log responses, set `logging.events.response=*` in kibana.yml.
 
 [discrete]
 [[breaking-52539]]
-.Removed legacy Reporting job params compatibility shim
+.Legacy job parameters are no longer supported
 [%collapsible]
 ====
 *Details* +
@@ -152,10 +172,10 @@ Use the `/api/security/saml/callback` route, or wait to upgrade to 8.0.0-alpha2
 [%collapsible]
 ====
 *Details* +
-To provide the maximum level of protection for most installations, the csp.strict config is now enabled by default. Legacy browsers not supported by Kibana, such as IE11, are unable to access {kib} unless explicitly enabled. All browsers officially supported by Kibana do not have this issue. For more information, refer to {kibana-pull}41700[#41700]
+To provide the maximum level of protection for most installations, the csp.strict config is now enabled by default. Legacy browsers not supported by Kibana, such as Internet Explorer 11, are unable to access {kib} unless explicitly enabled. All browsers officially supported by Kibana do not have this issue. For more information, refer to {kibana-pull}41700[#41700]
 
 *Impact* +
-To enable support for legacy browsers, set `csp.strict: false` in kibana.yml.
+To enable support for legacy browsers, set `csp.strict: false` in kibana.yml. To effectively enforce the security protocol, we strongly discourage disabling `csp.strict` unless it is critical that you support Internet Explorer 11.
 ====
 
 [float]
@@ -191,14 +211,14 @@ You are now unable to use `0` as the `server.host`.
 
 [discrete]
 [[breaking-38657]]
-.Removed `xpack.security.authProviders` and `xpack.security.public`
+.Removed `xpack.security.public` and `xpack.security.authProviders`
 [%collapsible]
 ====
 *Details* +
 The `xpack.security.public` and `xpack.security.authProviders` settings have been removed. For more information, refer to {kibana-pull}38657[#38657]
 
 *Impact* +
-Use the `xpack.security.authc.saml.realm` setting.
+Use the `xpack.security.authc.saml.realm` and `xpack.security.authc.providers` settings.
 ====
 
 [discrete]

diff --git a/docs/index.asciidoc b/docs/index.asciidoc
@@ -4,8 +4,6 @@
 :include-xpack:  true
 :lang:           en
 :kib-repo-dir:   {kibana-root}/docs
-:blog-ref:       https://www.elastic.co/blog/
-:wikipedia:      https://en.wikipedia.org/wiki
 
 include::{docs-root}/shared/versions/stack/{source_branch}.asciidoc[]
 

diff --git a/docs/settings/alert-action-settings.asciidoc b/docs/settings/alert-action-settings.asciidoc
@@ -41,14 +41,15 @@ You can configure the following settings in the `kibana.yml` file.
 [cols="2*<"]
 |===
 | `xpack.actions.enabled`
-  | Feature toggle that enables Actions in {kib}. Default: `true`.
+  | Feature toggle that enables Actions in {kib}.
+  If `false`, all features dependent on Actions are disabled, including the *Observability* and *Security* apps.  Default: `true`.
 
 | `xpack.actions.allowedHosts` {ess-icon}
   | A list of hostnames that {kib} is allowed to connect to when built-in actions are triggered. It defaults to `[*]`, allowing any host, but keep in mind the potential for SSRF attacks when hosts are not explicitly added to the allowed hosts. An empty list `[]` can be used to block built-in actions from making any external connections. +
   +
   Note that hosts associated with built-in actions, such as Slack and PagerDuty, are not automatically added to allowed hosts. If you are not using the default `[*]` setting, you must ensure that the corresponding endpoints are added to the allowed hosts as well.
- 
-| `xpack.actions.customHostSettings` {ess-icon} 
+
+| `xpack.actions.customHostSettings` {ess-icon}
   | A list of custom host settings to override existing global settings.
   Default: an empty list. +
   +
@@ -69,7 +70,7 @@ You can configure the following settings in the `kibana.yml` file.
 --
 xpack.actions.customHostSettings:
   - url: smtp://mail.example.com:465
-    ssl: 
+    ssl:
       verificationMode: 'full'
       certificateAuthoritiesFiles: [ 'one.crt' ]
       certificateAuthoritiesData: |
@@ -79,7 +80,7 @@ xpack.actions.customHostSettings:
     smtp:
       requireTLS: true
   - url: https://webhook.example.com
-    ssl: 
+    ssl:
       // legacy
       rejectUnauthorized: false
       verificationMode: 'none'
@@ -124,7 +125,7 @@ xpack.actions.customHostSettings:
 
 |[[action-config-custom-host-verification-mode]] `xpack.actions.customHostSettings[n]`
 `.ssl.verificationMode` {ess-icon}
-  | Controls the verification of the server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection to the host server. Valid values are `full`, `certificate`, and `none`. 
+  | Controls the verification of the server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection to the host server. Valid values are `full`, `certificate`, and `none`.
  Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. Default: `full`. <<elasticsearch-ssl-verificationMode,Equivalent {kib} setting>>. Overrides the general `xpack.actions.ssl.verificationMode` configuration
   for requests made for this hostname/port.
 
@@ -137,7 +138,7 @@ xpack.actions.customHostSettings:
 `.ssl.certificateAuthoritiesData` {ess-icon}
   | The contents of a PEM-encoded certificate file, or multiple files appended
   into a single string.  This configuration can be used for environments where
-  the files cannot be made available.  
+  the files cannot be made available.
 
 | `xpack.actions.enabledActionTypes` {ess-icon}
   | A list of action types that are enabled. It defaults to `[*]`, enabling all types. The names for built-in {kib} action types are prefixed with a `.` and include: `.server-log`, `.slack`, `.email`, `.index`, `.pagerduty`, and `.webhook`. An empty list `[]` will disable all action types. +
@@ -170,7 +171,7 @@ a|`xpack.actions.`
 |[[action-config-proxy-verification-mode]]
 `xpack.actions[n]`
 `.ssl.proxyVerificationMode` {ess-icon}
-| Controls the verification for the proxy server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection to the proxy server. Valid values are `full`, `certificate`, and `none`. 
+| Controls the verification for the proxy server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection to the proxy server. Valid values are `full`, `certificate`, and `none`.
 Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. Default: `full`. <<elasticsearch-ssl-verificationMode,Equivalent {kib} setting>>.
 
 | `xpack.actions.rejectUnauthorized` {ess-icon}
@@ -182,7 +183,7 @@ Use `full` to perform hostname verification, `certificate` to skip hostname veri
 |[[action-config-verification-mode]]
 `xpack.actions[n]`
 `.ssl.verificationMode` {ess-icon}
-| Controls the verification for the server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection for actions. Valid values are `full`, `certificate`, and `none`. 
+| Controls the verification for the server certificate that {hosted-ems} receives when making an outbound SSL/TLS connection for actions. Valid values are `full`, `certificate`, and `none`.
   Use `full` to perform hostname verification, `certificate` to skip hostname verification, and `none` to skip verification. Default: `full`. <<elasticsearch-ssl-verificationMode,Equivalent {kib} setting>>. +
   +
   As an alternative to setting `xpack.actions.ssl.verificationMode`, you can use the setting
@@ -213,4 +214,4 @@ Use `full` to perform hostname verification, `certificate` to skip hostname veri
 | `xpack.alerting.maxEphemeralActionsPerAlert`
   | Sets the number of actions that will be executed ephemerally. To use this, enable ephemeral tasks in task manager first with <<task-manager-settings,`xpack.task_manager.ephemeral_tasks.enabled`>>
 
-|===
+|===
diff --git a/x-pack/plugins/cases/common/api/cases/case.ts b/x-pack/plugins/cases/common/api/cases/case.ts
@@ -11,7 +11,7 @@ import { NumberFromString } from '../saved_object';
 import { UserRT } from '../user';
 import { CommentResponseRt } from './comment';
 import { CasesStatusResponseRt, CaseStatusRt } from './status';
-import { CaseConnectorRt, ESCaseConnector } from '../connectors';
+import { CaseConnectorRt } from '../connectors';
 import { SubCaseResponseRt } from './sub_case';
 
 const BucketsAggs = rt.array(
@@ -87,24 +87,17 @@ const CaseBasicRt = rt.type({
   owner: rt.string,
 });
 
-const CaseExternalServiceBasicRt = rt.type({
-  connector_id: rt.string,
+export const CaseExternalServiceBasicRt = rt.type({
+  connector_id: rt.union([rt.string, rt.null]),
   connector_name: rt.string,
   external_id: rt.string,
   external_title: rt.string,
   external_url: rt.string,
+  pushed_at: rt.string,
+  pushed_by: UserRT,
 });
 
-const CaseFullExternalServiceRt = rt.union([
-  rt.intersection([
-    CaseExternalServiceBasicRt,
-    rt.type({
-      pushed_at: rt.string,
-      pushed_by: UserRT,
-    }),
-  ]),
-  rt.null,
-]);
+const CaseFullExternalServiceRt = rt.union([CaseExternalServiceBasicRt, rt.null]);
 
 export const CaseAttributesRt = rt.intersection([
   CaseBasicRt,
@@ -326,11 +319,6 @@ export type CaseFullExternalService = rt.TypeOf<typeof CaseFullExternalServiceRt
 export type CaseSettings = rt.TypeOf<typeof SettingsRt>;
 export type ExternalServiceResponse = rt.TypeOf<typeof ExternalServiceResponseRt>;
 
-export type ESCaseAttributes = Omit<CaseAttributes, 'connector'> & { connector: ESCaseConnector };
-export type ESCasePatchRequest = Omit<CasePatchRequest, 'connector'> & {
-  connector?: ESCaseConnector;
-};
-
 export type AllTagsFindRequest = rt.TypeOf<typeof AllTagsFindRequestRt>;
 export type AllReportersFindRequest = AllTagsFindRequest;
 

diff --git a/x-pack/plugins/cases/common/api/cases/configure.ts b/x-pack/plugins/cases/common/api/cases/configure.ts
@@ -8,7 +8,7 @@
 import * as rt from 'io-ts';
 
 import { UserRT } from '../user';
-import { CaseConnectorRt, ConnectorMappingsRt, ESCaseConnector } from '../connectors';
+import { CaseConnectorRt, ConnectorMappingsRt } from '../connectors';
 
 // TODO: we will need to add this type rt.literal('close-by-third-party')
 const ClosureTypeRT = rt.union([rt.literal('close-by-user'), rt.literal('close-by-pushing')]);
@@ -83,8 +83,4 @@ export type CasesConfigureAttributes = rt.TypeOf<typeof CaseConfigureAttributesR
 export type CasesConfigureResponse = rt.TypeOf<typeof CaseConfigureResponseRt>;
 export type CasesConfigurationsResponse = rt.TypeOf<typeof CaseConfigurationsResponseRt>;
 
-export type ESCasesConfigureAttributes = Omit<CasesConfigureAttributes, 'connector'> & {
-  connector: ESCaseConnector;
-};
-
 export type GetConfigureFindRequest = rt.TypeOf<typeof GetConfigureFindRequestRt>;
diff --git a/x-pack/plugins/cases/common/api/connectors/index.ts b/x-pack/plugins/cases/common/api/connectors/index.ts
@@ -73,6 +73,8 @@ const ConnectorNoneTypeFieldsRt = rt.type({
   fields: rt.null,
 });
 
+export const noneConnectorId: string = 'none';
+
 export const ConnectorTypeFieldsRt = rt.union([
   ConnectorJiraTypeFieldsRt,
   ConnectorNoneTypeFieldsRt,
@@ -102,16 +104,3 @@ export type ConnectorServiceNowSIRTypeFields = rt.TypeOf<typeof ConnectorService
 
 // we need to change these types back and forth for storing in ES (arrays overwrite, objects merge)
 export type ConnectorFields = rt.TypeOf<typeof ConnectorFieldsRt>;
-
-export type ESConnectorFields = Array<{
-  key: string;
-  value: unknown;
-}>;
-
-export type ESCaseConnectorTypes = ConnectorTypes;
-export interface ESCaseConnector {
-  id: string;
-  name: string;
-  type: ESCaseConnectorTypes;
-  fields: ESConnectorFields | null;
-}
diff --git a/x-pack/plugins/cases/kibana.json b/x-pack/plugins/cases/kibana.json
@@ -1,7 +1,7 @@
 {
   "configPath":[
-     "cases",
-     "xpack"
+     "xpack",
+     "cases"
   ],
   "description":"The Case management system in Kibana",
   "extraPublicDirs":[

diff --git a/x-pack/plugins/cases/public/components/all_cases/all_cases_generic.test.tsx b/x-pack/plugins/cases/public/components/all_cases/all_cases_generic.test.tsx
@@ -7,20 +7,27 @@
 
 import React from 'react';
 import { mount } from 'enzyme';
-import { AllCasesGeneric } from './all_cases_generic';
+import { act } from 'react-dom/test-utils';
 
+import { AllCasesGeneric } from './all_cases_generic';
 import { TestProviders } from '../../common/mock';
 import { useGetTags } from '../../containers/use_get_tags';
 import { useGetReporters } from '../../containers/use_get_reporters';
 import { useGetActionLicense } from '../../containers/use_get_action_license';
+import { useConnectors } from '../../containers/configure/use_connectors';
+import { useKibana } from '../../common/lib/kibana';
 import { StatusAll } from '../../containers/types';
 import { CaseStatuses, SECURITY_SOLUTION_OWNER } from '../../../common';
-import { act } from 'react-dom/test-utils';
+import { connectorsMock } from '../../containers/mock';
+import { actionTypeRegistryMock } from '../../../../triggers_actions_ui/public/application/action_type_registry.mock';
+import { triggersActionsUiMock } from '../../../../triggers_actions_ui/public/mocks';
 
 jest.mock('../../containers/use_get_reporters');
 jest.mock('../../containers/use_get_tags');
 jest.mock('../../containers/use_get_action_license');
+jest.mock('../../containers/configure/use_connectors');
 jest.mock('../../containers/api');
+jest.mock('../../common/lib/kibana');
 
 const createCaseNavigation = { href: '', onClick: jest.fn() };
 
@@ -34,26 +41,34 @@ const alertDataMock = {
   alertId: 'alert-id',
   owner: SECURITY_SOLUTION_OWNER,
 };
+
+const useKibanaMock = useKibana as jest.Mocked<typeof useKibana>;
+const useConnectorsMock = useConnectors as jest.Mock;
+const mockTriggersActionsUiService = triggersActionsUiMock.createStart();
+
 jest.mock('../../common/lib/kibana', () => {
   const originalModule = jest.requireActual('../../common/lib/kibana');
   return {
     ...originalModule,
     useKibana: () => ({
       services: {
-        triggersActionsUi: {
-          actionTypeRegistry: {
-            get: jest.fn().mockReturnValue({
-              actionTypeTitle: '.jira',
-              iconClass: 'logoSecurity',
-            }),
-          },
-        },
+        triggersActionsUi: mockTriggersActionsUiService,
       },
     }),
   };
 });
 
 describe('AllCasesGeneric ', () => {
+  const { createMockActionTypeModel } = actionTypeRegistryMock;
+
+  beforeAll(() => {
+    connectorsMock.forEach((connector) =>
+      useKibanaMock().services.triggersActionsUi.actionTypeRegistry.register(
+        createMockActionTypeModel({ id: connector.actionTypeId, iconClass: 'logoSecurity' })
+      )
+    );
+  });
+
   beforeEach(() => {
     jest.resetAllMocks();
     (useGetTags as jest.Mock).mockReturnValue({ tags: ['coke', 'pepsi'], fetchTags: jest.fn() });
@@ -68,6 +83,7 @@ describe('AllCasesGeneric ', () => {
       actionLicense: null,
       isLoading: false,
     });
+    useConnectorsMock.mockImplementation(() => ({ connectors: connectorsMock, loading: false }));
   });
 
   it('renders the first available status when hiddenStatus is given', () =>