Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adapt definitions of nested subfields to current Fleet implementation #11016

Merged
merged 2 commits into from
Sep 6, 2024
Merged

Adapt definitions of nested subfields to current Fleet implementation #11016

merged 2 commits into from
Sep 6, 2024

Conversation

jsoriano
Copy link
Member

@jsoriano jsoriano commented Sep 5, 2024
edited
Loading

Proposed commit message

Adapt definitions of subfields of nested objects so they are actually installed by Fleet. New mappings are otherwise equivalent.

These mappings were correctly defined as expected by the spec, but Fleet was only installing empty nested objects. To workaround that, subfields can be moved to have their own definitions.

Issue in Fleet is fixed in elastic/kibana#191730, but we can apply this workaround for older versions of the stack.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

Install one of these packages, and check that the index templates include the mappings for the fields of the nested objects.

Related issues

@jsoriano jsoriano self-assigned this Sep 5, 2024
@jsoriano jsoriano requested review from a team as code owners September 5, 2024 11:41
@jsoriano jsoriano added Integration:gcp Google Cloud Platform Integration:google_workspace Google Workspace Integration:github GitHub Integration:akamai Akamai Team:Obs-InfraObs Label for the Observability Infrastructure Monitoring team [elastic/obs-infraobs-integrations] Integration:tanium Tanium Team:Security-Service Integrations Security Service Integrations Team [elastic/security-service-integrations] Integration:jamf_protect Jamf Protect Integration:trellix_edr_cloud Trellix EDR Cloud Team:obs-ds-hosted-services Label for the Observability Hosted Services team [elastic/obs-ds-hosted-services] Integration:falco Falco labels Sep 5, 2024
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@jsoriano jsoriano mentioned this pull request Sep 5, 2024
Closed
23 tasks
@elasticmachine
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

💚 Build Succeeded

cc @jsoriano

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
96.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

efd6
efd6 approved these changes Sep 5, 2024
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checked akamai. Looks good.

@jlind23
Copy link
Contributor

jlind23 commented Sep 6, 2024

@lalit-satapathy @axw could we please get someone from your team reviewing this?

ishleenk17
ishleenk17 approved these changes Sep 6, 2024
View reviewed changes
Copy link
Contributor

@ishleenk17 ishleenk17 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed gcp package from infraobs team. Looks good!

@axw
Copy link
Member

axw commented Sep 6, 2024

I only looked at gcp, and mostly rubberstamping because @ishleenk17 already looked. (Logic looks sound though.)

@jsoriano jsoriano merged commit 0751dc1 into elastic:main Sep 6, 2024
5 checks passed
@jsoriano jsoriano deleted the nested-subfields branch September 6, 2024 10:02
@elasticmachine
Copy link

Package akamai - 2.25.1 containing this change is available at https://epr.elastic.co/search?package=akamai

@elasticmachine
Copy link

Package falco - 0.1.1 containing this change is available at https://epr.elastic.co/search?package=falco

@elasticmachine
Copy link

Package gcp - 2.37.2 containing this change is available at https://epr.elastic.co/search?package=gcp

@elasticmachine
Copy link

Package github - 1.29.1 containing this change is available at https://epr.elastic.co/search?package=github

@elasticmachine
Copy link

Package google_workspace - 2.25.1 containing this change is available at https://epr.elastic.co/search?package=google_workspace

@elasticmachine
Copy link

Package jamf_protect - 2.6.1 containing this change is available at https://epr.elastic.co/search?package=jamf_protect

@elasticmachine
Copy link

Package tanium - 1.10.1 containing this change is available at https://epr.elastic.co/search?package=tanium

@elasticmachine
Copy link

Package trellix_edr_cloud - 1.2.1 containing this change is available at https://epr.elastic.co/search?package=trellix_edr_cloud

@jsoriano jsoriano mentioned this pull request Sep 6, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@axw axw axw approved these changes

@efd6 efd6 efd6 approved these changes

@ishleenk17 ishleenk17 ishleenk17 approved these changes

Assignees

@jsoriano jsoriano

Labels
Integration:akamai Akamai Integration:falco Falco Integration:gcp Google Cloud Platform Integration:github GitHub Integration:google_workspace Google Workspace Integration:jamf_protect Jamf Protect Integration:tanium Tanium Integration:trellix_edr_cloud Trellix EDR Cloud Team:obs-ds-hosted-services Label for the Observability Hosted Services team [elastic/obs-ds-hosted-services] Team:Obs-InfraObs Label for the Observability Infrastructure Monitoring team [elastic/obs-infraobs-integrations] Team:Security-Service Integrations Security Service Integrations Team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Misleading implementation of mappings of nested object subfields
6 participants
@jsoriano @elasticmachine @jlind23 @axw @efd6 @ishleenk17