[Response Ops] Add xpack.actions.email.recipient_allowlist config#220058
[Response Ops] Add xpack.actions.email.recipient_allowlist config#220058jcger merged 31 commits intoelastic:mainfrom
xpack.actions.email.recipient_allowlist config#220058Conversation
jcger
force-pushed
the
issue-210355-email-recipients-allow-list
branch
from
115c28e to
cc5de1c
Compare
|
|
||
| import { createTestConfig } from '../../../../../../common/config'; | ||
|
|
||
| export const recipientAllowList = ['*.bar@example.org', '*@test.com']; |
There was a problem hiding this comment.
I had to create a new config to be able to set the recipientAllowList
jcger
force-pushed
the
issue-210355-email-recipients-allow-list
branch
from
cc5de1c to
5950ac6
Compare
x-pack/platform/plugins/shared/actions/common/validate_email_addresses.ts
Show resolved
Hide resolved
jcger
added
backport:skip
|
Pinging @elastic/response-ops (Team:ResponseOps) |
| schema.object( | ||
| { | ||
| domain_allowlist: schema.maybe(schema.arrayOf(schema.string())), | ||
| recipient_allowlist: schema.maybe(schema.arrayOf(schema.string())), |
There was a problem hiding this comment.
Can we add this to src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker too?
There was a problem hiding this comment.
thanks, done in 539585c. I just realised that file is auto generated. Checking...
There was a problem hiding this comment.
Actually, that file is NOT auto-generated. See: https://ela.st/docker-file-not-autogenerated - I keep forgetting to delete that line when I get in that file :-). Feel free to delete it yourself!
BTW, we will also want to add this to the cloud allow-list of config keys. We can point you to some example PRs where we've done this - it's fairly simple, but will be another PR since it's a different repo.
There was a problem hiding this comment.
I removed the "auto-generated" comment in 9d8c11f
Feel free to share those PRs here or via slack with me whenever you have time :)
There was a problem hiding this comment.
example PR where we add the cloud allow-list entrie: https://github.com/elastic/cloud/pull/131284
x-pack/platform/plugins/shared/actions/common/validate_email_addresses.ts
Outdated
Show resolved
Hide resolved
florent-leborgne
left a comment
florent-leborgne
left a comment
There was a problem hiding this comment.
Hi, I'm not super familiar yet with this file.
In the new docs (since 9.0), we do not publish a new version of each page for each minor, and instead annotate the same page over time. That means that we need to ensure that anything added at a specific point in time is flagged as such. In this case, if I understand correctly, the setting will be added with 9.2.
I am just not super sure of how this file is processed exactly yet.
If this setting was already available in 9.0 and 9.1 and was just missing, you can ignore my comment.
cnasikas
left a comment
cnasikas
left a comment
There was a problem hiding this comment.
LGTM! I tested and is working as expected.
x-pack/platform/plugins/shared/actions/server/actions_config.test.ts
Outdated
Show resolved
Hide resolved
| /** treat any address which contains a mustache template as valid */ | ||
| treatMustacheTemplatesAsValid?: boolean; | ||
| // addresses with this option won't be validated against the allowed recipient list | ||
| isSender?: boolean; |
There was a problem hiding this comment.
| isSender?: boolean; | |
| ignoreReceipentAllowlistValidation?: boolean; |
I think it is more explicit about the purpose of the option. The isSender does not convey what the function will do. Wdyt?
There was a problem hiding this comment.
I did it this way because next time we need to update the sender field behavior, we won't have to fear missing one of the existing "from" fields. But I don't care, if you feel strong about it, just let me know
There was a problem hiding this comment.
I think it is better if you see the function as a standalone one but not a strong opinion either.
x-pack/platform/plugins/shared/actions/common/validate_email_addresses.ts
Outdated
Show resolved
Hide resolved
jcger
force-pushed
the
issue-210355-email-recipients-allow-list
branch
from
54a50bc to
2bc2f46
Compare
Flaky Test Runner Stats🎉 All tests passed! - kibana-flaky-test-suite-runner#8554[✅] x-pack/platform/test/alerting_api_integration/spaces_only/tests/actions/connector_types/stack/email_recipient_allowlist/config.ts: 200/200 tests passed. |
Co-authored-by: florent-leborgne <florent.leborgne@elastic.co>
…l-recipients-allow-list
jcger
force-pushed
the
issue-210355-email-recipients-allow-list
branch
from
3e3ae97 to
a72150f
Compare
💚 Build Succeeded
Metrics [docs]Module Count
Public APIs missing comments
Async chunks
Page load bundle
Unknown metric groupsAPI count
History
|
…lastic#228230) Parent issue elastic#210355 Merged in elastic#220058 --------- Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> Co-authored-by: florent-leborgne <florent.leborgne@elastic.co>
…lastic#220058) ## Summary Closes elastic#210355 As this Kibana config contains sensitive data, we moved the validation to the server side only ## Release note Adds `xpack.actions.email.recipient_allowlist` kibana config. --------- Co-authored-by: lcawl <lcawley@elastic.co> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: florent-leborgne <florent.leborgne@elastic.co>
…lastic#228230) Parent issue elastic#210355 Merged in elastic#220058 --------- Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> Co-authored-by: florent-leborgne <florent.leborgne@elastic.co>
…lastic#228230) Parent issue elastic#210355 Merged in elastic#220058 --------- Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> Co-authored-by: florent-leborgne <florent.leborgne@elastic.co>
13 participants
Summary
Closes #210355
As this Kibana config contains sensitive data, we moved the validation to the server side only
Release note
Adds
xpack.actions.email.recipient_allowlistkibana config.