Merge branch 'master' into timeline-error-marker-avoid-negative-offset

.gitignore

@@ -60,3 +60,6 @@ apm.tsconfig.json
 # release notes script output
 report.csv
 report.asciidoc
+
+# TS incremental build cache
+*.tsbuildinfo

docs/developer/contributing/development-accessibility-tests.asciidoc

@@ -1,23 +1,104 @@
 [[development-accessibility-tests]]
 == Automated Accessibility Testing
 
+
+To write an accessibility test, use the provided accessibility service `getService('a11y')`. Accessibility tests are fairly straightforward to write as https://github.com/dequelabs/axe-core[axe] does most of the heavy lifting. Navigate to the UI that you need to test, then call `testAppSnapshot();` from the service imported earlier to make sure axe finds no failures. Navigate through every portion of the UI for the best coverage.
+
+An example test might look like this:
+[source,js]
+----
+export default function ({ getService, getPageObjects }) {
+  const { common, home } = getPageObjects(['common', 'home']);
+  const a11y = getService('a11y'); /* this is the wrapping service around axe */
+
+  describe('Kibana Home', () => {
+    before(async () => {
+      await common.navigateToApp('home'); /* navigates to the page we want to test */
+    });
+
+    it('Kibana Home view', async () => {
+      await retry.waitFor(
+        'home page visible',
+        async () => await testSubjects.exists('homeApp')
+      ); /* confirm you're on the correct page and that it's loaded */
+      await a11y.testAppSnapshot(); /* this expects that there are no failures found by axe */
+    });
+
+    /**
+     * If these tests were added by our QA team, tests that fail that require significant app code
+     * changes to be fixed will be skipped with a corresponding issue label with more info
+     */
+    // Skipped due to https://github.com/elastic/kibana/issues/99999
+    it.skip('all plugins view page meets a11y requirements', async () => {
+      await home.clickAllKibanaPlugins();
+      await a11y.testAppSnapshot();
+    });
+
+    /**
+     * Testing all the versions and different views of of a page is important to get good
+     * coverage. Things like empty states, different license levels, different permissions, and
+     * loaded data can all significantly change the UI which necessitates their own test.
+     */
+    it('Add Kibana sample data page', async () => {
+      await common.navigateToUrl('home', '/tutorial_directory/sampleData', {
+        useActualUrl: true,
+      });
+      await a11y.testAppSnapshot();
+    });
+  });
+}
+----
+
+=== Running tests
 To run the tests locally:
 
 [arabic]
-. In one terminal window run
-`node scripts/functional_tests_server --config test/accessibility/config.ts`
-. In another terminal window run
-`node scripts/functional_test_runner.js --config test/accessibility/config.ts`
+. In one terminal window run:
++
+[source,shell]
+-----------
+node scripts/functional_tests_server --config test/accessibility/config.ts
+-----------
+
+. When the server prints that it is ready, in another terminal window run:
++
+[source,shell]
+-----------
+node scripts/functional_test_runner.js --config test/accessibility/config.ts
+-----------
 
 To run the x-pack tests, swap the config file out for
 `x-pack/test/accessibility/config.ts`.
 
-After the server is up, you can go to this instance of {kib} at
-`localhost:5620`.
-
 The testing is done using https://github.com/dequelabs/axe-core[axe].
-The same thing that runs in CI, can be run locally using their browser
-plugins:
+You can run the same thing that runs CI using browser plugins:
 
 * https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US[Chrome]
-* https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/[Firefox]
+* https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/[Firefox]
+
+=== Anatomy of a failure
+
+Failures can seem confusing if you've never seen one before. Here is a breakdown of what a failure coming from CI might look like:
+[source,bash]
+----
+1)    Dashboard
+       create dashboard button:
+
+      Error: a11y report:
+
+ VIOLATION
+   [aria-hidden-focus]: Ensures aria-hidden elements do not contain focusable elements
+     Help: https://dequeuniversity.com/rules/axe/3.5/aria-hidden-focus?application=axeAPI
+     Elements:
+       - #example
+       at Accessibility.testAxeReport (test/accessibility/services/a11y/a11y.ts:90:15)
+       at Accessibility.testAppSnapshot (test/accessibility/services/a11y/a11y.ts:58:18)
+       at process._tickCallback (internal/process/next_tick.js:68:7)
+----
+
+
+* "Dashboard" and "create dashboard button" are the names of the test suite and specific test that failed.
+* Always in brackets, "[aria-hidden-focus]" is the name of the axe rule that failed, followed by a short description.
+* "Help: <url>" links to the axe documentation for that rule, including severity, remediation tips, and good and bad code examples.
+* "Elements:"  points to where in the DOM the failure originated (using CSS selector syntax). In this example, the problem came from an element with the ID `example`. If the selector is too complicated to find the source of the problem, use the browser plugins mentioned earlier to locate it. If you have a general idea where the issue is coming from, you can also try adding unique IDs to the page to narrow down the location.
+* The stack trace points to the internals of axe. The stack trace is there in case the test failure is a bug in axe and not in your code, although this is unlikely.

docs/settings/dev-settings.asciidoc

@@ -14,7 +14,7 @@ They are enabled by default.
 
 [cols="2*<"]
 |===
-| `xpack.grokdebugger.enabled`
+| `xpack.grokdebugger.enabled` {ess-icon}
   | Set to `true` to enable the <<xpack-grokdebugger,Grok Debugger>>. Defaults to `true`.
 
 |===

docs/settings/graph-settings.asciidoc

@@ -13,7 +13,7 @@ You do not need to configure any settings to use the {graph-features}.
 
 [cols="2*<"]
 |===
-| `xpack.graph.enabled`
+| `xpack.graph.enabled` {ess-icon}
   | Set to `false` to disable the {graph-features}.
 
 |===

docs/settings/monitoring-settings.asciidoc

@@ -37,6 +37,11 @@ For more information, see
   monitoring back-end does not run and {kib} stats are not sent to the monitoring
   cluster.
 
+a|`monitoring.cluster_alerts.`
+`email_notifications.email_address` {ess-icon}
+    | Specifies the email address where you want to receive cluster alerts.
+    See <<cluster-alert-email-notifications, email notifications>> for details.
+
 | `monitoring.ui.elasticsearch.hosts`
   | Specifies the location of the {es} cluster where your monitoring data is stored.
   By default, this is the same as `elasticsearch.hosts`. This setting enables
@@ -85,7 +90,7 @@ These settings control how data is collected from {kib}.
   | Set to `true` (default) to enable data collection from the {kib} NodeJS server
   for {kib} dashboards to be featured in *{stack-monitor-app}*.
 
-| `monitoring.kibana.collection.interval`
+| `monitoring.kibana.collection.interval` {ess-icon}
   | Specifies the number of milliseconds to wait in between data sampling on the
   {kib} NodeJS server for the metrics that are displayed in the {kib} dashboards.
   Defaults to `10000` (10 seconds).
@@ -111,7 +116,7 @@ about configuring {kib}, see
   | Set to `false` to hide *{stack-monitor-app}*. The monitoring back-end
     continues to run as an agent for sending {kib} stats to the monitoring
     cluster. Defaults to `true`.
-  
+
 | `monitoring.ui.logs.index`
   | Specifies the name of the indices that are shown on the
   <<logs-monitor-page,*Logs*>> page in *{stack-monitor-app}*. The default value
@@ -124,7 +129,7 @@ about configuring {kib}, see
   {ref}/search-aggregations-bucket-terms-aggregation.html#search-aggregations-bucket-terms-aggregation-size[Terms Aggregation].
   Defaults to `10000`.
 
-| `monitoring.ui.min_interval_seconds`
+| `monitoring.ui.min_interval_seconds` {ess-icon}
   | Specifies the minimum number of seconds that a time bucket in a chart can
   represent. Defaults to 10. If you modify the
   `monitoring.ui.collection.interval` in `elasticsearch.yml`, use the same
@@ -143,7 +148,7 @@ container, then Cgroup statistics are not useful.
 
 [cols="2*<"]
 |===
-| `monitoring.ui.container.elasticsearch.enabled`
+| `monitoring.ui.container.elasticsearch.enabled` {ess-icon}
   | For {es} clusters that are running in containers, this setting changes the
   *Node Listing* to display the CPU utilization based on the reported Cgroup
   statistics. It also adds the calculated Cgroup CPU utilization to the

docs/settings/reporting-settings.asciidoc

@@ -17,10 +17,10 @@ You can configure `xpack.reporting` settings in your `kibana.yml` to:
 
 [cols="2*<"]
 |===
-| [[xpack-enable-reporting]]`xpack.reporting.enabled`
+| [[xpack-enable-reporting]]`xpack.reporting.enabled` {ess-icon}
   | Set to `false` to disable the {report-features}.
 
-| `xpack.reporting.encryptionKey`
+| `xpack.reporting.encryptionKey` {ess-icon}
   | Set to an alphanumeric, at least 32 characters long text string. By default, {kib} will generate a random key when it
   starts, which will cause pending reports to fail after restart. Configure this
   setting to preserve the same key across multiple restarts and multiple instances of {kib}.
@@ -86,7 +86,7 @@ reports, you might need to change the following settings.
   | How often the index that stores reporting jobs rolls over to a new index.
   Valid values are `year`, `month`, `week`, `day`, and `hour`. Defaults to `week`.
 
-| `xpack.reporting.queue.pollEnabled`
+| `xpack.reporting.queue.pollEnabled` {ess-icon}
   | Set to `true` (default) to enable the {kib} instance to to poll the index for
   pending jobs and claim them for execution. Setting this to `false` allows the
   {kib} instance to only add new jobs to the reporting queue, list jobs, and
@@ -107,7 +107,7 @@ security is enabled, `xpack.security.encryptionKey`.
   | Specifies the number of milliseconds that the reporting poller waits between polling the
   index for any pending Reporting jobs. Defaults to `3000` (3 seconds).
 
-| [[xpack-reporting-q-timeout]] `xpack.reporting.queue.timeout`
+| [[xpack-reporting-q-timeout]] `xpack.reporting.queue.timeout` {ess-icon}
   | How long each worker has to produce a report. If your machine is slow or under
   heavy load, you might need to increase this timeout. Specified in milliseconds.
   If a Reporting job execution time goes over this time limit, the job will be
@@ -125,19 +125,22 @@ control the capturing process.
 
 [cols="2*<"]
 |===
-| `xpack.reporting.capture.timeouts.openUrl`
+a| `xpack.reporting.capture.timeouts`
+`.openUrl` {ess-icon}
   | Specify how long to allow the Reporting browser to wait for the "Loading..." screen
   to dismiss and find the initial data for the Kibana page.  If the time is
   exceeded, a page screenshot is captured showing the current state, and the download link shows a warning message.
   Defaults to `60000` (1 minute).
 
-| `xpack.reporting.capture.timeouts.waitForElements`
+a| `xpack.reporting.capture.timeouts`
+`.waitForElements` {ess-icon}
   | Specify how long to allow the Reporting browser to wait for all visualization
   panels to load on the Kibana page. If the time is exceeded, a page screenshot
   is captured showing the current state, and the download link shows a warning message. Defaults to `30000` (30
   seconds).
 
-| `xpack.reporting.capture.timeouts.renderComplete`
+a| `xpack.reporting.capture.timeouts`
+`.renderComplete` {ess-icon}
   | Specify how long to allow the Reporting browser to wait for all visualizations to
   fetch and render the data. If the time is exceeded, a
   page screenshot is captured showing the current state, and the download link shows a warning message. Defaults to
@@ -155,7 +158,7 @@ available, but there will likely be errors in the visualizations in the report.
 
 [cols="2*<"]
 |===
-| `xpack.reporting.capture.maxAttempts`
+| `xpack.reporting.capture.maxAttempts` {ess-icon}
   | If capturing a report fails for any reason, {kib} will re-attempt other reporting
   job, as many times as this setting. Defaults to `3`.
 
@@ -166,7 +169,7 @@ available, but there will likely be errors in the visualizations in the report.
   visualizations, try increasing this value.
   Defaults to `3000` (3 seconds).
 
-| [[xpack-reporting-browser]] `xpack.reporting.capture.browser.type`
+| [[xpack-reporting-browser]] `xpack.reporting.capture.browser.type` {ess-icon}
   | Specifies the browser to use to capture screenshots. This setting exists for
   backward compatibility. The only valid option is `chromium`.
 
@@ -180,20 +183,24 @@ When `xpack.reporting.capture.browser.type` is set to `chromium` (default) you c
 
 [cols="2*<"]
 |===
-| `xpack.reporting.capture.browser.chromium.disableSandbox`
+a| `xpack.reporting.capture.browser`
+`.chromium.disableSandbox`
   | It is recommended that you research the feasibility of enabling unprivileged user namespaces.
   See Chromium Sandbox for additional information. Defaults to false for all operating systems except Debian,
   Red Hat Linux, and CentOS which use true.
 
-| `xpack.reporting.capture.browser.chromium.proxy.enabled`
+a| `xpack.reporting.capture.browser`
+`.chromium.proxy.enabled`
   | Enables the proxy for Chromium to use. When set to `true`, you must also specify the
   `xpack.reporting.capture.browser.chromium.proxy.server` setting.
   Defaults to `false`.
 
-| `xpack.reporting.capture.browser.chromium.proxy.server`
+a| `xpack.reporting.capture.browser`
+.chromium.proxy.server`
   | The uri for the proxy server. Providing the username and password for the proxy server via the uri is not supported.
 
-| `xpack.reporting.capture.browser.chromium.proxy.bypass`
+a| `xpack.reporting.capture.browser`
+.chromium.proxy.bypass`
   | An array of hosts that should not go through the proxy server and should use a direct connection instead.
   Examples of valid entries are "elastic.co", "*.elastic.co", ".elastic.co", ".elastic.co:5601".
 
@@ -205,27 +212,27 @@ When `xpack.reporting.capture.browser.type` is set to `chromium` (default) you c
 
 [cols="2*<"]
 |===
-| [[xpack-reporting-csv]] `xpack.reporting.csv.maxSizeBytes`
+| [[xpack-reporting-csv]] `xpack.reporting.csv.maxSizeBytes` {ess-icon}
   | The maximum size of a CSV file before being truncated. This setting exists to prevent
   large exports from causing performance and storage issues.
   Defaults to `10485760` (10mB).
 
 | `xpack.reporting.csv.scroll.size`
-  | Number of documents retrieved from {es} for each scroll iteration during a CSV 
+  | Number of documents retrieved from {es} for each scroll iteration during a CSV
   export.
   Defaults to `500`.
 
 | `xpack.reporting.csv.scroll.duration`
   | Amount of time allowed before {kib} cleans the scroll context during a CSV export.
   Defaults to `30s`.
-  
+
 | `xpack.reporting.csv.checkForFormulas`
   | Enables a check that warns you when there's a potential formula involved in the output (=, -, +, and @ chars).
   See OWASP: https://www.owasp.org/index.php/CSV_Injection
   Defaults to `true`.
-  
+
 | `xpack.reporting.csv.enablePanelActionDownload`
-  | Enables CSV export from a saved search on a dashboard. This action is available in the dashboard 
+  | Enables CSV export from a saved search on a dashboard. This action is available in the dashboard
   panel menu for the saved search.
   Defaults to `true`.