Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Fleet] Missing policy filter in Fleet Server check to enable secrets #187935

Merged

Conversation

juliaElastic
Copy link
Contributor

@juliaElastic juliaElastic commented Jul 10, 2024

Summary

Closes #187933
Closes #186845

Fixed missing policy filter when checking if Fleet Servers met minimum version to enable secrets storage.
The integration tests cover now a case where there are no fleet servers but there are agents with minimum version, to verify that the query filters them out.

Manual verification is hard because you can't enroll an agent without enrolling FS with at least the same version.
It could be done by manually creating docs in .fleet-agents.

Checklist

@juliaElastic juliaElastic added release_note:fix backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) labels Jul 10, 2024
@juliaElastic juliaElastic self-assigned this Jul 10, 2024
@juliaElastic juliaElastic requested a review from a team as a code owner July 10, 2024 07:37
@botelastic botelastic bot added the Team:Fleet Team label for Observability Data Collection Fleet team label Jul 10, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/fleet (Team:Fleet)

@obltmachine
Copy link

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

  • /oblt-deploy : Deploy a Kibana instance using the Observability test environments.
  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

@kpollich
Copy link
Member

@juliaElastic - I think this also fixes #186845?

@juliaElastic
Copy link
Contributor Author

I think this also fixes #186845?

Yeah it looks the same root cause. We should verify the scenarios Luca detailed there as well.

Copy link
Contributor

@criamico criamico left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code LGTM

@elasticmachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

cc @juliaElastic

@juliaElastic juliaElastic merged commit 5761a38 into elastic:main Jul 11, 2024
21 checks passed
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Jul 11, 2024
…elastic#187935)

## Summary

Closes elastic#187933
Closes elastic#186845

Fixed missing policy filter when checking if Fleet Servers met minimum
version to enable secrets storage.
The integration tests cover now a case where there are no fleet servers
but there are agents with minimum version, to verify that the query
filters them out.

Manual verification is hard because you can't enroll an agent without
enrolling FS with at least the same version.
It could be done by manually creating docs in `.fleet-agents`.

### Checklist

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

(cherry picked from commit 5761a38)
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.15

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

kibanamachine added a commit that referenced this pull request Jul 11, 2024
…secrets (#187935) (#188089)

# Backport

This will backport the following commits from `main` to `8.15`:
- [[Fleet] Missing policy filter in Fleet Server check to enable secrets
(#187935)](#187935)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Julia
Bardi","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-07-11T10:57:01Z","message":"[Fleet]
Missing policy filter in Fleet Server check to enable secrets
(#187935)\n\n## Summary\r\n\r\nCloses
https://github.com/elastic/kibana/issues/187933\r\nCloses
https://github.com/elastic/kibana/issues/186845\r\n\r\nFixed missing
policy filter when checking if Fleet Servers met minimum\r\nversion to
enable secrets storage.\r\nThe integration tests cover now a case where
there are no fleet servers\r\nbut there are agents with minimum version,
to verify that the query\r\nfilters them out.\r\n\r\nManual verification
is hard because you can't enroll an agent without\r\nenrolling FS with
at least the same version.\r\nIt could be done by manually creating docs
in `.fleet-agents`.\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"5761a382e144799b09e45fe5cd59e0c1a012c81e","branchLabelMapping":{"^v8.16.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","backport:prev-minor","v8.16.0"],"title":"[Fleet]
Missing policy filter in Fleet Server check to enable
secrets","number":187935,"url":"https://github.com/elastic/kibana/pull/187935","mergeCommit":{"message":"[Fleet]
Missing policy filter in Fleet Server check to enable secrets
(#187935)\n\n## Summary\r\n\r\nCloses
https://github.com/elastic/kibana/issues/187933\r\nCloses
https://github.com/elastic/kibana/issues/186845\r\n\r\nFixed missing
policy filter when checking if Fleet Servers met minimum\r\nversion to
enable secrets storage.\r\nThe integration tests cover now a case where
there are no fleet servers\r\nbut there are agents with minimum version,
to verify that the query\r\nfilters them out.\r\n\r\nManual verification
is hard because you can't enroll an agent without\r\nenrolling FS with
at least the same version.\r\nIt could be done by manually creating docs
in `.fleet-agents`.\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"5761a382e144799b09e45fe5cd59e0c1a012c81e"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/187935","number":187935,"mergeCommit":{"message":"[Fleet]
Missing policy filter in Fleet Server check to enable secrets
(#187935)\n\n## Summary\r\n\r\nCloses
https://github.com/elastic/kibana/issues/187933\r\nCloses
https://github.com/elastic/kibana/issues/186845\r\n\r\nFixed missing
policy filter when checking if Fleet Servers met minimum\r\nversion to
enable secrets storage.\r\nThe integration tests cover now a case where
there are no fleet servers\r\nbut there are agents with minimum version,
to verify that the query\r\nfilters them out.\r\n\r\nManual verification
is hard because you can't enroll an agent without\r\nenrolling FS with
at least the same version.\r\nIt could be done by manually creating docs
in `.fleet-agents`.\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"5761a382e144799b09e45fe5cd59e0c1a012c81e"}}]}]
BACKPORT-->

Co-authored-by: Julia Bardi <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) release_note:fix Team:Fleet Team label for Observability Data Collection Fleet team v8.15.0 v8.16.0
Projects
None yet
6 participants