Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[8.9] [Security Solution] Set immutable param to true when updating p…
…rebuilt rules (#161331) (#161455) # Backport This will backport the following commits from `main` to `8.9`: - [[Security Solution] Set immutable param to true when updating prebuilt rules (#161331)](#161331) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Juan Pablo Djeredjian","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-07-07T12:06:28Z","message":"[Security Solution] Set immutable param to true when updating prebuilt rules (#161331)\n\nFixes: https://github.com/elastic/kibana/issues/161305\r\n\r\n## Summary\r\n\r\n- Passes a new `immutable` params to the `upgradeRule` method that is\r\nused when upgrading rules.\r\n- Looks like we had a longstanding bug here in which rule updates of\r\nrule types that changed the type of the rule were overwriting the\r\n`immutable` prop to `false`. (Actually, those rules were deleted and\r\nrecreated with `immutable: false`)\r\n- This was causing the `fetchAllInstalledRules` method of our\r\n`ruleObjectsClient` NOT to retrieve these rules when they were already\r\ninstalled.\r\n- Since our installation `_review` and `_perform` endpoint depends on\r\nthis client, these rules that had had their types updated were being\r\nincorrectly listed as available for installation.\r\n\r\n## Testing\r\n\r\nRepeat testing steps laid out in:\r\nhttps://github.com//issues/161305\r\n\r\nRules shouldn't be duplicated.\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"61fa0f543e84c8e89b0351a82652123d0895a818","branchLabelMapping":{"^v8.10.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","blocker","release_note:skip","impact:critical","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","v8.9.0","v8.10.0"],"number":161331,"url":"https://github.com/elastic/kibana/pull/161331","mergeCommit":{"message":"[Security Solution] Set immutable param to true when updating prebuilt rules (#161331)\n\nFixes: https://github.com/elastic/kibana/issues/161305\r\n\r\n## Summary\r\n\r\n- Passes a new `immutable` params to the `upgradeRule` method that is\r\nused when upgrading rules.\r\n- Looks like we had a longstanding bug here in which rule updates of\r\nrule types that changed the type of the rule were overwriting the\r\n`immutable` prop to `false`. (Actually, those rules were deleted and\r\nrecreated with `immutable: false`)\r\n- This was causing the `fetchAllInstalledRules` method of our\r\n`ruleObjectsClient` NOT to retrieve these rules when they were already\r\ninstalled.\r\n- Since our installation `_review` and `_perform` endpoint depends on\r\nthis client, these rules that had had their types updated were being\r\nincorrectly listed as available for installation.\r\n\r\n## Testing\r\n\r\nRepeat testing steps laid out in:\r\nhttps://github.com//issues/161305\r\n\r\nRules shouldn't be duplicated.\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"61fa0f543e84c8e89b0351a82652123d0895a818"}},"sourceBranch":"main","suggestedTargetBranches":["8.9"],"targetPullRequestStates":[{"branch":"8.9","label":"v8.9.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.10.0","labelRegex":"^v8.10.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/161331","number":161331,"mergeCommit":{"message":"[Security Solution] Set immutable param to true when updating prebuilt rules (#161331)\n\nFixes: https://github.com/elastic/kibana/issues/161305\r\n\r\n## Summary\r\n\r\n- Passes a new `immutable` params to the `upgradeRule` method that is\r\nused when upgrading rules.\r\n- Looks like we had a longstanding bug here in which rule updates of\r\nrule types that changed the type of the rule were overwriting the\r\n`immutable` prop to `false`. (Actually, those rules were deleted and\r\nrecreated with `immutable: false`)\r\n- This was causing the `fetchAllInstalledRules` method of our\r\n`ruleObjectsClient` NOT to retrieve these rules when they were already\r\ninstalled.\r\n- Since our installation `_review` and `_perform` endpoint depends on\r\nthis client, these rules that had had their types updated were being\r\nincorrectly listed as available for installation.\r\n\r\n## Testing\r\n\r\nRepeat testing steps laid out in:\r\nhttps://github.com//issues/161305\r\n\r\nRules shouldn't be duplicated.\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"61fa0f543e84c8e89b0351a82652123d0895a818"}}]}] BACKPORT--> Co-authored-by: Juan Pablo Djeredjian <[email protected]>
- Loading branch information