-
Notifications
You must be signed in to change notification settings - Fork 24.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GET _aliases doesn't respect x-elastic-product-origin header #82064
Comments
Pinging @elastic/es-core-infra (Team:Core/Infra) |
No I think they are different. This issue is that ES does not honor the The other one is that the system indices should not be considered as "accessed" at all because they do not match the requested index pattern. Both should not generate deprecation warnings but for different reasons. I hope this makes sense. |
Okay, having had some time to dig into this, I think there's some expectations that aren't aligned here. The behavior here is intentional: When Kibana makes this request, it runs into #81345, where accessing Now, my understanding was that we were going to rely on #81381 in order to not show users deprecation logs that aren't relevant to them, rather than disabling emitting deprecation logs entirely for valid product-origin headers. Does that make sense @cjcenizal / @sabarasaba? I'm fine changing Elasticsearch's behavior if I've missed something, but per my understanding there's not a bug here. |
@gwbrown Thanks for explaining. I think you're right that there was just a misunderstanding about intention and desired behavior. To try to clarify things, the end goal is to keep Upgrade Assistant free of any logs that have been triggered by requests that are beyond the user's control. We want to use the Kibana product origin to signal to Elasticsearch that the request is "beyond the user's control" and therefore all logs that are subsequently emitted as a result of the request need to be marked so they can be hidden from the user. Does this make sense? I think we're on the same page regarding #81381. We implemented elastic/kibana#121389 and elastic/kibana#121174 to filter out any logs that originated from an Elastic product. I have a question regarding the situation you're describing:
Is an |
In my tests we aren't propagating the product origin to the deprecation log:
Similarly some other deprecated API calls also don't propagate it:
|
@rudolf This turned out not to be what I expected! There appears to be a bug in 7.17 (only, not in |
This should be fixed as #83115 was merged a while ago. Please reopen the issue if we see this again. |
Elasticsearch version 8.1
Kibana version: 8.1
While working on elastic/kibana#121857 we found out that querying
GET _aliases
doesn't respect thex-elastic-product-origin=kibana
and generates deprecation logs about accessing the .security, .security-7 and .tasks system indices.JSON response without header
JSON response with header
The text was updated successfully, but these errors were encountered: