error creating an alert with security off

[pmuellr]

running from Kibana master:

config/kibana.dev.yml contents:

xpack.actions.enabled: true
xpack.alerting.enabled: true

run the following to start es and kibana, hopefully in security off mode:

yarn es snapshot -E xpack.security.enabled=false
yarn start

create an action and then an alert (with kbn-action):

export ACTION_ID=`kbn-action create .server-log 'server-log' '{}' '{}' | jq -r '.id'`
kbn-alert create example.always-firing "always firing" 5s '{}' "[{group:default id:'$ACTION_ID' params:{level: info, message: 'from alert 5s'}}]"

At that point, Kibana's output will report an error thrown:

Debug: internal, implementation, error
    TypeError: Cannot read property 'id' of null
    at AlertsClient.id [as create] (~/kibana/x-pack/legacy/plugins/alerting/server/alerts_client.ts:127:40)
    at process._tickCallback (internal/process/next_tick.js:68:7)
server   error  [15:23:19.747]  TypeError: Cannot read property 'id' of null
    at AlertsClient.id [as create] (~/kibana/x-pack/legacy/plugins/alerting/server/alerts_client.ts:127:40)
    at process._tickCallback (internal/process/next_tick.js:68:7)

on the client side, a 500 is returned from the http request:

kbn-alert.js: status code 500
body: {
    "statusCode": 500,
    "error": "Internal Server Error",
    "message": "An internal server error occurred"
}

The error occurs in this block of code:

kibana/x-pack/legacy/plugins/alerting/server/alerts_client.ts

Lines 115 to 131 in a853609

	const apiKey = await this.createAPIKey();
	const username = await this.getUserName();
	this.validateActions(alertType, data.actions);
	const { alert: rawAlert, references } = this.getRawAlert({
	...data,
	createdBy: username,
	updatedBy: username,
	apiKeyOwner: apiKey.created && username ? username : undefined,
	apiKey: apiKey.created
	? Buffer.from(`${apiKey.result.id}:${apiKey.result.api_key}`).toString('base64')
	: undefined,
	alertTypeParams: validatedAlertTypeParams,
	muteAll: false,
	mutedInstanceIds: [],
	});

The variable apiKey has the value: { created: true, result: null }. That seems to be unexpected, as later apiKey.result.id (and other props) are referenced without first checking if apiKey.result is null or not. I guess it's assumed that if created was true, result must not be null.

[elasticmachine]

Pinging @elastic/kibana-stack-services (Team:Stack Services)

[pmuellr]

Here's a change that allows the alert to be created, and the alert seems to run fine:

change the following code:

kibana/x-pack/legacy/plugins/alerting/server/lib/alerts_client_factory.ts

Lines 56 to 62 in 85568b9

	return {
	created: true,
	result: (await securityPluginSetup.authc.createAPIKey(request, {
	name: `source: alerting, generated uuid: "${uuid.v4()}"`,
	role_descriptors: {},
	}))!,
	};

to

        const result = await securityPluginSetup.authc.createAPIKey(request, {
          name: `source: alerting, generated uuid: "${uuid.v4()}"`,
          role_descriptors: {},
        })
        if (result == null) return { created: false };
        return { created: true, result };

Basically, if it would have previously returned {created: true; result: null}, have it return {created: false} instead.

That ! on the result assignment kinda bit us :-).

[pmuellr]

In a discussion with Mike, it seems like this is another config-related scenario that we will want to have a separate test scenario for. The current "security off" scenario (at least the spaces_only test, actually disables security plugin. The scenario I ran into above has security plugin enabled, but doesn't set enough config to actually have it "on", so it's similar to - but different than - disabling the security plugin explicitly.

Will likely create a separate issue to create a new test scenario, since I'm thinking we may end up having more scenarios to test once alerting/actions become enabled by default.