-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Overwriting a saved object clears the originId
field
#135346
Comments
Pinging @elastic/kibana-security (Team:Security) |
Pinging @elastic/kibana-core (Team:Core) |
@TinaHeiligers I get access denied 😢 |
I deleted the comment with the link. I think there's a dev doc somewhere about this or an RFC. I'll try to find some public reference that summarizes the issue. |
@elastic/kibana-security It would be very useful if we had public documentation around shared saved objects to reference if and when problems arise. Unfortunately, ATM, our knowledge articles are for internal use only and we can't share those. Is it possible to create summaries of these and add them to the docs, considering the recent team changes? I'm thinking along the lines of something similar to how Core documents known issues with saved objects migrations. |
@TinaHeiligers I'm on the fence here to be honest, I'm not sure if we should separately document one-time bugs (i.e. after specific patch-version upgrade this issue should no longer be relevant) like that in our main docs. For these we usually create knowledge-sharing articles to help our support team (we have one for this particular issue too) and document issue (and potentially workaround) in the PR/issue that users can get to via the link in our release notes. But having "known issues" docs for the recurring issues related to the shareable SO is a great idea, we certainly should have it! |
To be clear, the 👍 is for documenting recurring issues related to the shareable SO. |
Stale issue. Closing |
Kibana version: 8.0.0 - 8.3.0 (current)
Update: the bug that accidentally clears the
originId
field has been fixed in 8.3.1 via #135358However, we still need a solution to repair objects that have already been affected.
Describe the bug:
In the 8.0 release, we converted many object types to be "share-capable" (#100489).
When we introduced "share-capable" and "shareable" object types, these have globally unique IDs, and we added an explicit "origin" that is set (1) when an object is upgraded and its ID is regenerated, and (2) when an object is copied or imported to a different space.
The
originId
field allows import/copy behavior to remain the same with the "Check for existing objects" option, e.g., you can import at most one copy of an object to a given space. If you do it multiple times, you will be prompted to overwrite the previous copy of the object.Now for the bug: if you re-create an object using the
overwrite: true
option, you'll lose theoriginId
field that existed on the old version of the object. If that happens, future import/copy attempts using the "Check for existing objects" option can break in two different ways:Unfortunately, when you edit a dashboard, a lens visualization, or a legacy visualization, under the hood Kibana re-creates the object, unintentionally stripping the
originId
field. I haven't exhaustively tested all share-capable/shareable object types, but I imagine others are affected as well.Steps to reproduce:
originId
(the second copy), and one that does not (the first copy)Expected behavior:
The root-level
originId
field is considered to be Kibana-owned metadata, and it should be preserved even when the object is overwritten (similar to thenamespaces
field).Any additional context:
Unfortunately, after an object has had its origin stripped in this manner, we may not have enough information to automatically repair it:
originId
. We could add a "post-start" migration to repair affected objects in this manner. However, a regular SO migration wouldn't work, because each SO migration is applied to an object in isolation and does not allow for querying during the migration.originId
but does not have a legacy URL alias. In that case, after its origin is stripped, there's no way to figure out what its origin used to be 😞The text was updated successfully, but these errors were encountered: