Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Fleet] Create a fleet_enroll user and role during fleet setup #60562

Merged
merged 2 commits into from
Mar 20, 2020
Merged

[Fleet] Create a fleet_enroll user and role during fleet setup #60562

merged 2 commits into from
Mar 20, 2020

Conversation

nchaulet
Copy link
Member

Summary

Resolves #56339

Change fleet setup to create a user and a role in the background instead of asking the user to provide a user.

Done in this pr

  • update the UI to match latest design
  • update the UI to stop asking for username and password
  • update the API to stop requiring username and password
  • add test

API change

Remove body parameters admin_username and admin_password

POST /api/ingest_manager/fleet/setup
// Request
{}
// Response
{ "isInitialized": true }

! Now the API is also doing the setup of ingest manager (default config, ...) if it's not already done.

UI Change

Screen Shot 2020-03-18 at 3 33 14 PM

@nchaulet nchaulet added Feature:EPM Fleet team's Elastic Package Manager (aka Integrations) project Feature:Fleet Fleet team's agent central management project labels Mar 18, 2020
@nchaulet nchaulet requested a review from a team March 18, 2020 20:19
@nchaulet nchaulet self-assigned this Mar 18, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/ingest-management (Feature:EPM)

@nchaulet nchaulet added release_note:skip Skip the PR/issue when compiling release notes v7.7.0 labels Mar 18, 2020
ruflin
ruflin reviewed Mar 20, 2020
View reviewed changes
x-pack/plugins/ingest_manager/server/services/setup.ts
method: 'PUT',
path: `/_security/role/${FLEET_ADMIN_ROLE}`,
body: {
cluster: ['monitor', 'manage_api_key'],
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ph We should validate these permissions.

ruflin
ruflin approved these changes Mar 20, 2020
View reviewed changes
Copy link
Member

@ruflin ruflin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested it locally and works as expected. Left a few comments but this can happen in a follow up PR.

x-pack/plugins/ingest_manager/server/services/setup.ts Outdated

// save fleet admin user
await outputService.updateOutput(soClient, await outputService.getDefaultOutputId(soClient), {
admin_username: FLEET_ADMIN_USERNAME,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
admin_username: FLEET_ADMIN_USERNAME,
fleet_enroll_username: FLEET_ENROLL_USERNAME,

x-pack/plugins/ingest_manager/server/services/setup.ts Outdated
// save fleet admin user
await outputService.updateOutput(soClient, await outputService.getDefaultOutputId(soClient), {
admin_username: FLEET_ADMIN_USERNAME,
admin_password: password,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
admin_password: password,
fleet_enroll_password: password,

I think it is important to also change the naming in the code to not have confusion.

x-pack/plugins/ingest_manager/server/services/setup.ts Outdated
path: `/_security/user/${FLEET_ADMIN_USERNAME}`,
body: {
password,
roles: [FLEET_ADMIN_ROLE],
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See naming comment below.

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

  • 💚 Build #34328 succeeded a43ffcc87558e58a73dea279ba253e41c38efd3a

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@nchaulet nchaulet merged commit 558aaaa into elastic:master Mar 20, 2020
@nchaulet nchaulet deleted the feature-ingest-fleet-setup branch March 20, 2020 17:32
nchaulet added a commit to nchaulet/kibana that referenced this pull request Mar 20, 2020
@nchaulet
[Fleet] Create a fleet_enroll user and role during fleet setup (elast…
8495531 
…ic#60562)
@nchaulet nchaulet mentioned this pull request Mar 20, 2020
Merged
This was referenced Mar 20, 2020
Closed
Closed
@kibanamachine kibanamachine added the backport missing Added to PRs automatically when the are determined to be missing a backport. label Mar 21, 2020
@kibanamachine
Copy link
Contributor

Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync.

nchaulet added a commit that referenced this pull request Mar 21, 2020
@nchaulet
[Fleet] Create a fleet_enroll user and role during fleet setup (#60562)…
83ebc1e 
… (#60785)
@kibanamachine kibanamachine removed the backport missing Added to PRs automatically when the are determined to be missing a backport. label Mar 21, 2020
@jen-huang jen-huang added the Team:Fleet Team label for Observability Data Collection Fleet team label Mar 26, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ruflin ruflin ruflin approved these changes

Assignees

@nchaulet nchaulet

Labels
Feature:EPM Fleet team's Elastic Package Manager (aka Integrations) project Feature:Fleet Fleet team's agent central management project release_note:skip Skip the PR/issue when compiling release notes Team:Fleet Team label for Observability Data Collection Fleet team v7.7.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Fleet] UI and API change fleet_user setup
5 participants
@nchaulet @elasticmachine @kibanamachine @ruflin @jen-huang