-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] DetectionRulesClient
refactoring. Part 2
#184364
Comments
Pinging @elastic/security-solution (Team: SecuritySolution) |
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
@nikitaindik I also noticed that we don't provide correct APM spans inside our client. We need to wrap every client method in Lines 127 to 128 in 71ea578
|
Opened a PR that renames |
…Client` (#184598) **Partially addresses: #184364 ## Summary As a first step in refactoring our newly added `rulesManagementClient`, we are renaming it from `rulesManagementClient` to `detectionRulesClient`. `rulesManagementClient` looks and sounds too similar to a long existing `rulesClient`, so it can be confusing to new devs or anyone quickly digging through the code. This PR just updates the name. Other refactorings will be arriving in the upcoming PRs.
DetectionRulesClient
refactoring. Part 2
…nd add APM spans (#184820) **Partially addresses: #184364 ## Summary This PR is second step in refactoring our newly added `detectionRulesClient`. Changes in this PR: - every public method was extracted into its own file for readability - `_createRule`, `_updateRule`, `_patchRule` and `_upgradePrebuiltRuleWithTypeChange` private methods were removed, their code inlined into the public methods - `toggleRuleEnabledOnUpdate`, `validateMlAuth` and `ClientError` were moved to `utils.ts` - methods are now wrapped in `withSecuritySpan` to report perf stats to APM - renamed `*.rules_management_client.test.ts` -> `*.detection_rules_client.test.ts` - now using the whole `detectionRulesClient` in tests, not just separate methods - simplified parameters of `createDetectionRulesClient`. Now 2 parameters are needed instead of 5, **DetectionRulesClient method showing up in APM** <img width="918" alt="Schermafbeelding 2024-06-05 om 14 00 36" src="https://github.com/elastic/kibana/assets/15949146/c8b469f7-9d0b-4534-a1c9-f35327ec2c4c"> **Extracted methods** Upon reviewing the private methods in `detection_rules_client.ts`, it became apparent that extracting these methods into separate files may not be the most effective approach to improve readability. The primary reason is that these private methods do not provide clear abstractions, making them difficult to name appropriately. Take `_updateRule` as an example. This method combines an existing rule with a rule update to create an InternalRuleUpdate object, which is then passed to `rulesClient.update`. If we were to extract this into a separate file, we would need to import it for use in the public `updateRule` method. This would result in an `updateRule` method that calls `_updateRule`, creating confusion about what the inner `_updateRule` does. Also, extracting only private methods does not significantly improve readability, as these methods do not contain a large amount of code. So I ended up inlining the code from most of these private methods directly into the public methods.
…4954) **Partially addresses: #184364 ## Summary This PR contains various smaller-scale refactorings for the recently added `DetectionsRuleClient`. **Changes**: - Renamed `DetectionRulesClient` containing directory from `rule_management` to `detection_rules_client` - Moved `DetectionRulesClient` methods into the `detection_rules_client/methods` dir - Moved the TS interface of `DetectionRulesClient` into a separate file `detection_rules_client_interface.ts` - Simplified `importRule` method parameters - Added memoization to `getDetectionRulesClient` --------- Co-authored-by: Georgii Gorbachev <[email protected]>
…stic#184954) **Partially addresses: elastic#184364 ## Summary This PR contains various smaller-scale refactorings for the recently added `DetectionsRuleClient`. **Changes**: - Renamed `DetectionRulesClient` containing directory from `rule_management` to `detection_rules_client` - Moved `DetectionRulesClient` methods into the `detection_rules_client/methods` dir - Moved the TS interface of `DetectionRulesClient` into a separate file `detection_rules_client_interface.ts` - Simplified `importRule` method parameters - Added memoization to `getDetectionRulesClient` --------- Co-authored-by: Georgii Gorbachev <[email protected]>
…m `createCustomRule` and `createPrebuiltRule` (#185748) **Partially addresses: #184364 ## Summary This PR changes `createCustomRule` and `createPrebuiltRule` methods to return `RuleResponse` instead of `RuleAlertType`. This is a continuation of the effort to improve `DetectionRulesClient`. As a part of it we want to make the client return `RuleResponse` from all its public methods. This is good because it lets us hide rule's internal structure and centralise conversions in one place – in the client. So in this and upcoming PRs we are going to convert `RuleAlertType` to `RuleResponse` within the client's methods and return the `RuleResponse` object.
…m `createCustomRule` and `createPrebuiltRule` (elastic#185748) **Partially addresses: elastic#184364 ## Summary This PR changes `createCustomRule` and `createPrebuiltRule` methods to return `RuleResponse` instead of `RuleAlertType`. This is a continuation of the effort to improve `DetectionRulesClient`. As a part of it we want to make the client return `RuleResponse` from all its public methods. This is good because it lets us hide rule's internal structure and centralise conversions in one place – in the client. So in this and upcoming PRs we are going to convert `RuleAlertType` to `RuleResponse` within the client's methods and return the `RuleResponse` object.
…m all methods (#186179) **Partially addresses: #184364 ## Summary This PR is a follow-up to [PR #185748](#185748) and it converts the remaining `DetectionRulesClient` methods to return `RuleResponse`. Changes in this PR: - These methods now return `RuleResponse` instead of internal `RuleAlertType` type: - `updateRule` - `patchRule` - `upgradePrebuiltRule` - `importRule`
…m all methods (elastic#186179) **Partially addresses: elastic#184364 ## Summary This PR is a follow-up to [PR elastic#185748](elastic#185748) and it converts the remaining `DetectionRulesClient` methods to return `RuleResponse`. Changes in this PR: - These methods now return `RuleResponse` instead of internal `RuleAlertType` type: - `updateRule` - `patchRule` - `upgradePrebuiltRule` - `importRule`
Hey @xcrzx! I've just changed the assignee to you since you are taking over the leftover work. |
Epics: https://github.com/elastic/security-team/issues/1974 (internal), #174168
Follow-up to: #180128
Summary
We need to finalize the
DetectionRulesClient
(formerly known asRulesManagementClient
) refactoring and address the remaining comments left after the initial PR: #182802.PRs
PR 1 (merged)
DetectionRulesClient
PR 2 (merged)
withSecuritySpan
(comment)_
) outside of the main client implementation for better code readability.PR 3 (merged)
DetectionRulesClient
containing directory fromrule_management
todetection_rules_client
DetectionRulesClient
methods into thedetection_rules_client/methods
dirDetectionRulesClient
into a separate filedetection_rules_client_interface.ts
importRule
method parametersgetDetectionRulesClient
PR 4 (merged)
PrebuiltRuleAsset
type withRuleCreateProps
andRulePatchProps
inupgradePrebuiltRule
andcreatePrebuiltRule
RuleAlertType
fromRulesManagementClient
(see this comment). Transition to returningRuleResponse
for these methods:createCustomRule
andcreatePrebuiltRule
PR 5 (merged)
RuleAlertType
fromRulesManagementClient
(see this comment). Transition to returningRuleResponse
for the remaining methods:updateRule
,patchRule
,deleteRule
,upgradePrebuiltRule
andimportRule
.toggleRuleEnabledOnUpdate
returnenabled
and then use it in return valueupgradePrebuiltRule
enable behaviour - there might be a bug (place in code). Check if we need to explicitly toggle "enabled" on upgrade.PR 6 (in review)
rule_management/normalization/rule_converters
) inside the new rules management client. Check how the converters are used outside the client to see if we can encapsulate them inside the client.RuleResponse
and throws an error into a function (comment)Left to do
Leftovers moved to #187656.
The text was updated successfully, but these errors were encountered: