[8.x] [Defend Workflows] Endpoint advanced options migration vs policy re-deployment issue mitigation (#196708) #196843
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…eployment issue mitigation (elastic#196708) ## Summary closes elastic/security-team#10851 > [!note] >⚠️ needs to be included in v8.16 >⚠️ needs to be merged this week to avoid releasing elastic#195797 on Serverless As backfilled package policies are not automatically redeployed (see elastic#193352), this PR's goal is to provide quick mitigation in the following matters: - update default values in the descriptions of advanced options added in elastic#195797, to harmonize with latest Endpoint changes (elastic/endpoint-dev#15109) - remove backfill/migration of those default values: - we should be _able_ to safely remove the backfills, as they have not yet been released to serverless. and, - we _should_ remove them to make sure that when we update the defaults in the future and apply the backfill, there will be a data change that could trigger policy re-deployment, in case data change is what the trigger will be in elastic#193352. - example scenario of what could go wrong: - if we'd apply backfill now, the package won't be redeployed. - if the user does not touch it until the next release - no redeploy. - if elastic#193352 is implemented and uses data comparison when running migrations - again, no redeploy because we already backfilled the data months before. - cc @ferullo @nfritts - hide banner describing event volume reduction (added in elastic#195177, already released to serverless, but it is what it is) ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 1429979)
1 task
botelastic
bot
added
the
Team:Fleet
|
Pinging @elastic/fleet (Team:Fleet) |
gergoabraham
requested review from
kibanamachine,
a team,
joeypoon,
parkiino and
ashokaditya
and removed request for
a team,
kibanamachine and
parkiino
joeypoon
approved these changes
Oct 18, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport
This will backport the following commits from
mainto8.x:Questions ?
Please refer to the Backport tool documentation