[Integrations UI] Don't show integrations that only support agentless deployment when agentless is not supported #192486
Assignees
Labels
Team:Fleet
Team label for Observability Data Collection Fleet team
Comments
kpollich
added
the
Team:Fleet
|
Pinging @elastic/fleet (Team:Fleet) |
1 task
|
I opened elastic/package-registry#1238. It needs to be completed for the UI PR (#194885) to work. Currently EPR does not return deployment_modes property which is necessary for Fleet to know which packages are agentless. |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Oct 16, 2024
…nabled (elastic#194885) ## Summary Resolves elastic#192486. This PR makes it so that on deployments without agentless enabled: 1. Agentless-only integrations are hidden from the browse integration UI 2. Agentless-only integrations cannot be installed via API (unless force flag is used)⚠️ elastic/package-registry#1238 needs to be completed for the below testing steps to work. Currently EPR does not return `deployment_modes` property which is necessary for Fleet to know which packages are agentless. ## How to test 1. Simulate agentless being available by adding the following to kibana.yml: ``` xpack.fleet.agentless.enabled: true # Simulate cloud xpack.cloud.id: "foo" xpack.cloud.base_url: "https://cloud.elastic.co" xpack.cloud.organization_url: "/account/" xpack.cloud.billing_url: "/billing/" xpack.cloud.profile_url: "/user/settings/" ``` 2. Go to `Integrations > Browse` and enable showing Beta integrations, search for `connector` and you should see the agentless integrations: Elastic Connectors, GitHub & GitHub Enterprise Server Connector, Google Drive Connector 3. Install any one of them (they all come from the same package), it should be successful 4. Uninstall them 5. Remove config changes to go back to a non-agentless deployment 6. Refresh Integrations list, the three integrations should no longer appear 7. Try installing via API, an error should appear ``` POST kbn:/api/fleet/epm/packages/elastic_connectors/0.0.2 ``` 8. Try installing via API again with force flag, it should be successful: ``` POST kbn:/api/fleet/epm/packages/elastic_connectors/0.0.2 { "force": true } ``` ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 8cadf88)
kibanamachine
added a commit
that referenced
this issue
Oct 16, 2024
…less enabled (#194885) (#196459) # Backport This will backport the following commits from `main` to `8.x`: - [[UII] Restrict agentless integrations to deployments with agentless enabled (#194885)](#194885) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Jen Huang","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-15T23:57:32Z","message":"[UII] Restrict agentless integrations to deployments with agentless enabled (#194885)\n\n## Summary\r\n\r\nResolves #192486. This PR makes it so that on deployments without\r\nagentless enabled:\r\n1. Agentless-only integrations are hidden from the browse integration UI\r\n2. Agentless-only integrations cannot be installed via API (unless force\r\nflag is used)\r\n\r\n⚠️ elastic/package-registry#1238 needs to be\r\ncompleted for the below testing steps to work. Currently EPR does not\r\nreturn `deployment_modes` property which is necessary for Fleet to know\r\nwhich packages are agentless.\r\n\r\n## How to test\r\n\r\n1. Simulate agentless being available by adding the following to\r\nkibana.yml:\r\n```\r\nxpack.fleet.agentless.enabled: true\r\n\r\n# Simulate cloud\r\nxpack.cloud.id: \"foo\"\r\nxpack.cloud.base_url: \"https://cloud.elastic.co\"\r\nxpack.cloud.organization_url: \"/account/\"\r\nxpack.cloud.billing_url: \"/billing/\"\r\nxpack.cloud.profile_url: \"/user/settings/\"\r\n```\r\n2. Go to `Integrations > Browse` and enable showing Beta integrations,\r\nsearch for `connector` and you should see the agentless integrations:\r\nElastic Connectors, GitHub & GitHub Enterprise Server Connector, Google\r\nDrive Connector\r\n3. Install any one of them (they all come from the same package), it\r\nshould be successful\r\n4. Uninstall them\r\n5. Remove config changes to go back to a non-agentless deployment\r\n6. Refresh Integrations list, the three integrations should no longer\r\nappear\r\n7. Try installing via API, an error should appear\r\n```\r\nPOST kbn:/api/fleet/epm/packages/elastic_connectors/0.0.2\r\n```\r\n8. Try installing via API again with force flag, it should be\r\nsuccessful:\r\n```\r\nPOST kbn:/api/fleet/epm/packages/elastic_connectors/0.0.2\r\n{\r\n \"force\": true\r\n}\r\n```\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"8cadf88c66a257c073279fa11572b089c32eb643","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","backport:prev-minor"],"title":"[UII] Restrict agentless integrations to deployments with agentless enabled","number":194885,"url":"https://github.com/elastic/kibana/pull/194885","mergeCommit":{"message":"[UII] Restrict agentless integrations to deployments with agentless enabled (#194885)\n\n## Summary\r\n\r\nResolves #192486. This PR makes it so that on deployments without\r\nagentless enabled:\r\n1. Agentless-only integrations are hidden from the browse integration UI\r\n2. Agentless-only integrations cannot be installed via API (unless force\r\nflag is used)\r\n\r\n⚠️ elastic/package-registry#1238 needs to be\r\ncompleted for the below testing steps to work. Currently EPR does not\r\nreturn `deployment_modes` property which is necessary for Fleet to know\r\nwhich packages are agentless.\r\n\r\n## How to test\r\n\r\n1. Simulate agentless being available by adding the following to\r\nkibana.yml:\r\n```\r\nxpack.fleet.agentless.enabled: true\r\n\r\n# Simulate cloud\r\nxpack.cloud.id: \"foo\"\r\nxpack.cloud.base_url: \"https://cloud.elastic.co\"\r\nxpack.cloud.organization_url: \"/account/\"\r\nxpack.cloud.billing_url: \"/billing/\"\r\nxpack.cloud.profile_url: \"/user/settings/\"\r\n```\r\n2. Go to `Integrations > Browse` and enable showing Beta integrations,\r\nsearch for `connector` and you should see the agentless integrations:\r\nElastic Connectors, GitHub & GitHub Enterprise Server Connector, Google\r\nDrive Connector\r\n3. Install any one of them (they all come from the same package), it\r\nshould be successful\r\n4. Uninstall them\r\n5. Remove config changes to go back to a non-agentless deployment\r\n6. Refresh Integrations list, the three integrations should no longer\r\nappear\r\n7. Try installing via API, an error should appear\r\n```\r\nPOST kbn:/api/fleet/epm/packages/elastic_connectors/0.0.2\r\n```\r\n8. Try installing via API again with force flag, it should be\r\nsuccessful:\r\n```\r\nPOST kbn:/api/fleet/epm/packages/elastic_connectors/0.0.2\r\n{\r\n \"force\": true\r\n}\r\n```\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"8cadf88c66a257c073279fa11572b089c32eb643"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/194885","number":194885,"mergeCommit":{"message":"[UII] Restrict agentless integrations to deployments with agentless enabled (#194885)\n\n## Summary\r\n\r\nResolves #192486. This PR makes it so that on deployments without\r\nagentless enabled:\r\n1. Agentless-only integrations are hidden from the browse integration UI\r\n2. Agentless-only integrations cannot be installed via API (unless force\r\nflag is used)\r\n\r\n⚠️ elastic/package-registry#1238 needs to be\r\ncompleted for the below testing steps to work. Currently EPR does not\r\nreturn `deployment_modes` property which is necessary for Fleet to know\r\nwhich packages are agentless.\r\n\r\n## How to test\r\n\r\n1. Simulate agentless being available by adding the following to\r\nkibana.yml:\r\n```\r\nxpack.fleet.agentless.enabled: true\r\n\r\n# Simulate cloud\r\nxpack.cloud.id: \"foo\"\r\nxpack.cloud.base_url: \"https://cloud.elastic.co\"\r\nxpack.cloud.organization_url: \"/account/\"\r\nxpack.cloud.billing_url: \"/billing/\"\r\nxpack.cloud.profile_url: \"/user/settings/\"\r\n```\r\n2. Go to `Integrations > Browse` and enable showing Beta integrations,\r\nsearch for `connector` and you should see the agentless integrations:\r\nElastic Connectors, GitHub & GitHub Enterprise Server Connector, Google\r\nDrive Connector\r\n3. Install any one of them (they all come from the same package), it\r\nshould be successful\r\n4. Uninstall them\r\n5. Remove config changes to go back to a non-agentless deployment\r\n6. Refresh Integrations list, the three integrations should no longer\r\nappear\r\n7. Try installing via API, an error should appear\r\n```\r\nPOST kbn:/api/fleet/epm/packages/elastic_connectors/0.0.2\r\n```\r\n8. Try installing via API again with force flag, it should be\r\nsuccessful:\r\n```\r\nPOST kbn:/api/fleet/epm/packages/elastic_connectors/0.0.2\r\n{\r\n \"force\": true\r\n}\r\n```\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"8cadf88c66a257c073279fa11572b089c32eb643"}}]}] BACKPORT--> Co-authored-by: Jen Huang <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Today, an integration/policy template that includes a
deployment_modesvalue in itsmanifest.ymlas follows will appear in the integrations UI even if agentless is not supported:elastic_connectors is an example of one such integration.
This integration can't actually run in an environment that doesn't support agentless, so when agentless isn't supported/available this integration should be hidden from the UI at a minimum, and ideally installation should be prevented at the API level as well via a validation check in the
POST /api/fleet/epm/packagesAPI.The text was updated successfully, but these errors were encountered: