Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow the repository to search across all namespaces #82863

Merged
merged 2 commits into from
Nov 9, 2020

Conversation

legrego
Copy link
Member

@legrego legrego commented Nov 6, 2020

Summary

When we first added the ability to find saved objects across spaces, we made the decision to treat the wildcard (*) namespace as the default namespace from the repository's perspective. In other words, if a * ever made its way to the repository, we would treat this the same as the default namespace.

For the default distribution, this wouldn't ever happen organically. For the OSS distribution, this would happen for API consumers who explicitly specified the namespaces=* query parameter.

See #67644 (comment) for context around this decision.


This PR changes the behavior of the wildcard, and instead treats this as a true "search across all namespaces". We're making this change in order to support space-aware Machine Learning jobs (#82639). ML has two use cases for this functionality:

Initialization

When Kibana starts up, it needs to know if any ML job saved objects exist. If not, ML performs an initialization process whereby it creates a saved object for each job that exists in ES.

The initially proposed approach relied on querying the kibana index directly, which is undesirable.

With these changes, ML can instead use an instance of the Saved Objects Repository to search for objects across all spaces:

await savedObjectsRepository.find({
  type: 'ml-job',
  namespaces: ['*']
});

Repair

The ml-job saved objects are merely proxies to the actual job stored in ES. Given this "linked" nature, it's possible for Kibana's representation of available jobs to differ from the actual set of available jobs. The ML Management screen will provide a way to repair this in order to keep the two in sync.

In order to effectively repair Kibana's representation of ML Jobs, we need to be able to search across all spaces in order to see if a specific ML job exists within Kibana anywhere.

cc @jgowdyelastic

@legrego legrego added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! Feature:Saved Objects v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.11.0 labels Nov 6, 2020
@legrego legrego marked this pull request as ready for review November 6, 2020 18:53
@legrego legrego requested a review from a team as a code owner November 6, 2020 18:53
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

Copy link
Contributor

@pgayvallet pgayvallet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (sorry for the conflicts 😅 )

@legrego legrego self-assigned this Nov 9, 2020
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@legrego legrego merged commit bc9dd3a into elastic:master Nov 9, 2020
@legrego legrego deleted the savedObjects/search-all-spaces branch November 9, 2020 16:29
gmmorris added a commit to gmmorris/kibana that referenced this pull request Nov 10, 2020
* master: (39 commits)
  Fix ilm navigation (elastic#81664)
  [Lens] Distinct icons for XY and pie chart value labels toolbar (elastic#82927)
  [data.search.aggs] Throw an error when trying to create an agg type that doesn't exist. (elastic#81509)
  Index patterns api - load field list on server (elastic#82629)
  New events resolver (elastic#82170)
  [App Search] Misc naming tech debt (elastic#82770)
  load empty_kibana in test to have clean starting point (elastic#82772)
  Remove data <--> expressions circular dependencies. (elastic#82685)
  Update 8.0 breaking change template to gather information on how to programmatically detect it. (elastic#82905)
  Add alerting as codeowners to related documentation folder (elastic#82777)
  Add captions to user and space grid pages (elastic#82713)
  add alternate path for x-pack/Cloud test for Lens (elastic#82634)
  Uses asCurrentUser in getClusterUuid (elastic#82908)
  [Alerting][Connectors] Add new executor subaction to get 3rd party case fields (elastic#82519)
  Fix test import objects (elastic#82767)
  [ML] Add option for anomaly charts for metric detector should plot min, mean or max as appropriate (elastic#81662)
  Update alert type selection layout to rows instead of grid (elastic#73665)
  Prevent Kerberos and PKI providers from initiating a new session for unauthenticated XHR/API requests. (elastic#82817)
  Update grunt and related packages (elastic#79327)
  Allow the repository to search across all namespaces (elastic#82863)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature:Saved Objects release_note:skip Skip the PR/issue when compiling release notes Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v7.11.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants