-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[RAC][Rule Registry] Put index upgrade logic under a feature flag #110594
Labels
bug
Fixes for quality problems that affect the customer experience
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Theme: rac
label obsolete
v7.15.0
Comments
41 tasks
banderror
changed the title
(Now) Add a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. Suggest that all devs enable this feature flag for development work so that their AAD indices will pull in any new changes to the schema intra-release.
[RAC][Rule Registry] Put index upgrade logic under a feature flag
Aug 31, 2021
banderror
added
bug
Fixes for quality problems that affect the customer experience
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:Detections and Resp
Security Detection Response Team
Theme: rac
label obsolete
v7.15.0
labels
Aug 31, 2021
Pinging @elastic/security-solution (Team: SecuritySolution) |
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
This was referenced Aug 31, 2021
banderror
added a commit
that referenced
this issue
Aug 31, 2021
…10592) **Ticket:** #110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Aug 31, 2021
…astic#110592) **Ticket:** elastic#110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Aug 31, 2021
…astic#110592) **Ticket:** elastic#110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
kibanamachine
added a commit
that referenced
this issue
Aug 31, 2021
…10592) (#110658) **Ticket:** #110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
kibanamachine
added a commit
that referenced
this issue
Aug 31, 2021
…10592) (#110657) **Ticket:** #110594 ## Summary This PR adds a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. **IMPORTANT:** - **The feature flag is switched off by default**. This is intentional, because we need to **disable the upgrade logic in 7.15.0**. - **This is a temporary measure**. We're going to work on fixing the index upgrade logic asap and ship it before the next release that makes any mapping changes, possibly as soon as 7.15.1. - Developers will need to enable it in their local kibana configs this way: ```yaml xpack.ruleRegistry.unsafe.indexUpgrade.enabled: true ``` Please check the ticket for the background of this fix. ### Checklist Delete any items that are not applicable to this PR. - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the [docker list](https://github.com/elastic/kibana/blob/master/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker) Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
This was
linked to
pull requests
Aug 31, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
bug
Fixes for quality problems that affect the customer experience
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Theme: rac
label obsolete
v7.15.0
Parent ticket: #101016
Summary
Add a feature flag around the logic that finds existing Alerts as Data indices and upgrades the mappings or rolls the index if the mappings can't be upgraded in place. Suggest that all devs enable this feature flag for development work so that their AAD indices will pull in any new changes to the schema intra-release.
Background
The background for this is our discussions with @kobelb (see #109276 (comment) and above comments) on the "compatibility" of the current index upgrade logic with the ideas for backwards compatibility (#109293). TLDR: the upgrade logic has some issues and should be improved. In the meantime, we can disable it by default in 7.15.0. We will have to re-enable it when:
RuleDataPluginService.initializeIndex()
The text was updated successfully, but these errors were encountered: