-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Split legacy plugin discovery, expose SavedObjects scopedClient, wrappers, repository #48882
Conversation
Pinging @elastic/kibana-platform (Team:Platform) |
💔 Build Failed
|
5026bce
to
df75b17
Compare
💚 Build Succeeded |
💚 Build Succeeded |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This internalClient
does not expose a way to use "fake credentials" to get a scoped client. I know we need this for a few background workers that do work on behalf of a user, using cached credentials (eg. Reporting, Upgrade Assistant). Are you planning on doing this as a separate change?
💚 Build Succeeded |
After speaking to security, uptime and APM it seems like the existing usage in legacy was incorrect and really should be using scoped saved objects clients. So it doesn't appear like there's any valid dependencies on a |
Is this still ready for review? It seems it still exposes the |
💔 Build Failed |
💚 Build Succeeded |
💔 Build Failed |
export interface PluginsServiceStartDeps {} // eslint-disable-line @typescript-eslint/no-empty-interface | ||
export type PluginsServiceStartDeps = InternalCoreStart; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not totally convinced we want exact type equivalence here ?
In https://github.com/elastic/kibana/pull/51438/files#diff-725c498a267472754f01cff2baa3901b I explicitly defined the properties
- export interface PluginsServiceStartDeps {} // eslint-disable-line @typescript-eslint/no-empty-interface
+ export interface PluginsServiceStartDeps {
+ capabilities: InternalCoreStart['capabilities'];
+ }
But I'm not sure which one is preferable? I'm guessing we may not necessarily want alls internal core in the service deps? wdyt?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think it needs to be exactly equivalent, but I don't see the advantage to a more minimal typing, especially since the plugin service will probably require almost every API except the legacy ones which we'll remove later. The more strictly we type it, the more boilerplate it takes to introduce a new API. Although it makes dependencies explicit, I don't think having several layers of slightly different types makes the code more readable, gives us better guarantees or reduced bugs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reduced boilerplate is a very valid argument
* When plugins access the Saved Objects client, a new client is created using | ||
* the factory provided to `setClientFactory` and wrapped by all wrappers | ||
* registered through `addClientWrapper`. To create a factory or wrapper, | ||
* plugins will have to construct a Saved Objects client. First create a | ||
* repository by calling `scopedRepository` or `internalRepository` and then | ||
* use this repository as the argument to the {@link SavedObjectsClient} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Honest question, is the setClientFactory
isolated per-plugin, or is this the responsibility or a single plugin to define it for everyone? What is the actual expected usage of this setter?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These extension points to Saved Objects are there to support the x-pack security plugins: security, encrypted saved objects and spaces and they apply globally, to all plugins that use the saved objects client. This makes the documentation hard to write, cause it's there to solve a very specific problem.
There's broad consensus that this factory and the client wrappers aren't the most elegant architecture, but the way it worked in legacy did the job so we won't try to improve this until after 8.0.0. The security team might have some upcoming requirements that require something more like middleware than just composing clients over each other, but there's no concrete plans yet.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure if we're there yet, but if we are sure that this pattern will be replaced, we should mark the setClientFactory
and addClientWrapper
methods @deprecated
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A public API that allows only to be called once sure seems like fragile :) But this will do the job until proper revision.
💚 Build Succeeded |
* When plugins access the Saved Objects client, a new client is created using | ||
* the factory provided to `setClientFactory` and wrapped by all wrappers | ||
* registered through `addClientWrapper`. To create a factory or wrapper, | ||
* plugins will have to construct a Saved Objects client. First create a | ||
* repository by calling `scopedRepository` or `internalRepository` and then | ||
* use this repository as the argument to the {@link SavedObjectsClient} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure if we're there yet, but if we are sure that this pattern will be replaced, we should mark the setClientFactory
and addClientWrapper
methods @deprecated
.
💚 Build Succeeded |
…ra/kibana into IS-46410_remove-@kbn/ui-framework * 'IS-46410_remove-@kbn/ui-framework' of github.com:mbondyra/kibana: (49 commits) [ML] Re-activate after method in transform test (elastic#51815) [SIEM] [Detection Engine] Add edit on rule creation (elastic#51670) De-angularize visLegend (elastic#50613) [SIEM][Detection Engine] Change security model to use SIEM permissions [Monitoring] Sass cleanup (elastic#51100) Move errors and validate index pattern ⇒ NP (elastic#51805) fixes pagination tests (elastic#51822) Split legacy plugin discovery, expose SavedObjects scopedClient, wrappers, repository (elastic#48882) [SIEM][Detection Engine] Adds ecs threat properties to rules (elastic#51782) [Lens] Remove client-side reference to server source code (elastic#51763) Fix infinite redirect loop when multiple cookies are sent (elastic#50452) fixes drag and drop in tests (elastic#51806) [Console] Proxy fallback (elastic#50185) Query String(Bar) Input - cleanup (elastic#51598) shim visualizations plugin (elastic#50624) Expressions service fixes: better error and loading states handling (elastic#51183) fixes url state tests (elastic#51746) fixes browser field tests (elastic#51738) [ML] Fix anomaly detection test suite (elastic#51712) [SIEM] Fix Timeline drag and drop behavior (elastic#51558) ...
…license-management * 'master' of github.com:elastic/kibana: (48 commits) Enable alerting and actions plugin by default (elastic#51254) Fix error returned when creating an alert with ES security disabled (elastic#51639) [Discover] Improve Percy functional tests (elastic#51699) fixes timeline data providers tests (elastic#51862) [Dependencies]: upgrade react to latest v16.12.0 (elastic#51145) Allow routes to define some payload config values (elastic#50783) Move saved queries service + language switcher ⇒ NP (elastic#51812) [ML] Re-activate after method in transform test (elastic#51815) [SIEM] [Detection Engine] Add edit on rule creation (elastic#51670) De-angularize visLegend (elastic#50613) [SIEM][Detection Engine] Change security model to use SIEM permissions [Monitoring] Sass cleanup (elastic#51100) Move errors and validate index pattern ⇒ NP (elastic#51805) fixes pagination tests (elastic#51822) Split legacy plugin discovery, expose SavedObjects scopedClient, wrappers, repository (elastic#48882) [SIEM][Detection Engine] Adds ecs threat properties to rules (elastic#51782) [Lens] Remove client-side reference to server source code (elastic#51763) Fix infinite redirect loop when multiple cookies are sent (elastic#50452) fixes drag and drop in tests (elastic#51806) [Console] Proxy fallback (elastic#50185) ...
…pers, repository (elastic#48882) * Split legacy plugin discovery, expose internal SavedObjectsClient * Expose internal SavedObjectsClient to plugins * Add more documentation * Expose client wrappers, repository, scoped client from SavedObjects * Remove unused onBeforeWrite * Refactor Service / Repository for testability * Bind exposed clientProvider methods * Fix eArchiver's KibanaMigrator * Cleanup * Use APICaller type * Expose SavedObjectsServiceStart to plugins * API documentation * Rename API methods to be verbs
…pers, repository (#48882) (#51978) * Split legacy plugin discovery, expose internal SavedObjectsClient * Expose internal SavedObjectsClient to plugins * Add more documentation * Expose client wrappers, repository, scoped client from SavedObjects * Remove unused onBeforeWrite * Refactor Service / Repository for testability * Bind exposed clientProvider methods * Fix eArchiver's KibanaMigrator * Cleanup * Use APICaller type * Expose SavedObjectsServiceStart to plugins * API documentation * Rename API methods to be verbs
Summary
Checklist
Use
strikethroughsto remove checklist items you don't feel are applicable to this PR.For maintainers