Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set Certificate Authority in Serverless FTR base config based on MKI #165914

Merged
merged 2 commits into from
Sep 7, 2023
Merged

Set Certificate Authority in Serverless FTR base config based on MKI #165914

merged 2 commits into from
Sep 7, 2023

Conversation

jeramysoucy
Copy link
Contributor

@jeramysoucy jeramysoucy commented Sep 6, 2023
edited
Loading

Summary

Follow-up to #165846

Moves the check for cloud/MKI to the base serverless FTR config. We found three use cases where the Kibana server configuration was providing a CA override:

  1. In the serverless supertest
  2. In the APM API supertest
  3. In the FTR KIbana server's Kibana client instantiation

Locally, CA certs should be overridden to our self-singed certs, while on MKI we should default to the Mozilla well-known CAs. Moving the check to the test config (if it proves successful) handles all three cases without the need for adding environment variable checks in multiple places.

cc @kc13greiner

@jeramysoucy jeramysoucy added release_note:skip Skip the PR/issue when compiling release notes backport:skip This commit does not require backporting Project:Serverless Work as part of the Serverless project for its initial release v8.11.0 Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! test labels Sep 6, 2023
@kibana-ci
Copy link
Collaborator

kibana-ci commented Sep 6, 2023
edited
Loading

💔 Build Failed

Failed CI Steps

Test Failures

  • [job] [logs] Serverless Security Cypress Tests #2 / Prebuilt rules Alerts rules, prebuilt rules Rule monitoring table "before each" hook for "Allows to enable/disable all rules at once" "before each" hook for "Allows to enable/disable all rules at once"

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

dmlemeshko
dmlemeshko approved these changes Sep 7, 2023
View reviewed changes
Copy link
Member

@dmlemeshko dmlemeshko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested locally for both functional & api integration tests against MKI. Thank you for the fixes!

@dmlemeshko dmlemeshko marked this pull request as ready for review September 7, 2023 08:52
@dmlemeshko dmlemeshko requested a review from a team as a code owner September 7, 2023 08:52
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@dmlemeshko dmlemeshko merged commit a4a8107 into elastic:main Sep 7, 2023
26 of 31 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmlemeshko dmlemeshko dmlemeshko approved these changes

Assignees

@jeramysoucy jeramysoucy

Labels
backport:skip This commit does not require backporting Project:Serverless Work as part of the Serverless project for its initial release release_note:skip Skip the PR/issue when compiling release notes Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! test v8.11.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jeramysoucy @kibana-ci @elasticmachine @dmlemeshko @kibanamachine