Make xpack.actions.rejectUnauthorized setting work
#88690
Conversation
mikecote
added
v8.0.0
release_note:skip
|
Pinging @elastic/kibana-alerting-services (Team:Alerting Services) |
There was a problem hiding this comment.
LGTM
Seems like we could build a function test for this - create a new https server with a newly created self-signed cert (with a loooong lifetime), that just has one endpoint that we can test with webhook. Then execute the webhook, with and without the rejectUnauthorized setting - should get one to work and the other to fail. Obviously set it up to use the proxy we're testing with, in security_and_spaces . :-)
|
@pmuellr I went ahead and added a functional test in this commit (af638a3). I made it re-use the dev certs so it's one less thing to expire 🙂 I added it to the |
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
mikecote
added
release_note:fix
and removed
release_note:skip
…ana into actions/reject-unauthorized
💚 Build SucceededMetrics [docs]
History
To update your PR or re-run it, just comment with: |
* Remove ActionsConfigType due to being a duplicate * Fix rejectUnauthorized not being configured * Move proxySettings to configurationUtilities * Fix isAxiosError check to code * Add functional test * Remove comment * Close webhook server Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Remove ActionsConfigType due to being a duplicate * Fix rejectUnauthorized not being configured * Move proxySettings to configurationUtilities * Fix isAxiosError check to code * Add functional test * Remove comment * Close webhook server Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Remove ActionsConfigType due to being a duplicate * Fix rejectUnauthorized not being configured * Move proxySettings to configurationUtilities * Fix isAxiosError check to code * Add functional test * Remove comment * Close webhook server Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Remove ActionsConfigType due to being a duplicate * Fix rejectUnauthorized not being configured * Move proxySettings to configurationUtilities * Fix isAxiosError check to code * Add functional test * Remove comment * Close webhook server Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Resolves #87047
In this PR, I'm doing a few changes to fix the problem. The general purpose of each commit is as follows:
ActionsConfigTypebecause it is a duplicate / subset ofActionsConfigthat wasn't needed. This allowed me to add more functionality to theconfigurationUtilitiesin following commits.configurationUtilitiesdown to thegetProxyAgentsfunction from every possible path. TheconfigurationUtilitieshas a new functionisRejectUnauthorizedCertificatesEnabled.proxySettingswas happening at the same places thatconfigurationUtilitieswas, I moved the access toproxySettingstoconfigurationUtilities.error.isAxiosErrordidn't always work (ex: when it mentions missing kbn-xsrf header) so I changed it toerror.code.