Merge remote-tracking branch 'upstream/main' into slo-non-compressed

oas_docs/output/kibana.serverless.staging.yaml

@@ -14921,6 +14921,10 @@ paths:
           name: documentIds
           schema:
             $ref: '#/components/schemas/Security_Timeline_API_DocumentIds'
+        - in: query
+          name: savedObjectIds
+          schema:
+            $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds'
         - in: query
           name: page
           schema:
@@ -31674,6 +31678,12 @@ components:
         - threat_match
         - zeek
       type: string
+    Security_Timeline_API_SavedObjectIds:
+      oneOf:
+        - items:
+            type: string
+          type: array
+        - type: string
     Security_Timeline_API_SavedObjectResolveAliasPurpose:
       enum:
         - savedObjectConversion

oas_docs/output/kibana.staging.yaml

@@ -18351,6 +18351,10 @@ paths:
           name: documentIds
           schema:
             $ref: '#/components/schemas/Security_Timeline_API_DocumentIds'
+        - in: query
+          name: savedObjectIds
+          schema:
+            $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds'
         - in: query
           name: page
           schema:
@@ -39683,6 +39687,12 @@ components:
         - threat_match
         - zeek
       type: string
+    Security_Timeline_API_SavedObjectIds:
+      oneOf:
+        - items:
+            type: string
+          type: array
+        - type: string
     Security_Timeline_API_SavedObjectResolveAliasPurpose:
       enum:
         - savedObjectConversion

package.json

@@ -1672,7 +1672,7 @@
     "buildkite-test-collector": "^1.7.0",
     "callsites": "^3.1.0",
     "chance": "1.0.18",
-    "chromedriver": "^128.0.3",
+    "chromedriver": "^129.0.0",
     "clean-webpack-plugin": "^3.0.0",
     "cli-progress": "^3.12.0",
     "cli-table3": "^0.6.1",
@@ -1797,7 +1797,7 @@
     "rxjs-marbles": "^7.0.1",
     "sass-embedded": "^1.78.0",
     "sass-loader": "^10.5.1",
-    "selenium-webdriver": "^4.24.1",
+    "selenium-webdriver": "^4.25.0",
     "sharp": "0.32.6",
     "simple-git": "^3.16.0",
     "sinon": "^7.4.2",

packages/deeplinks/security/deep_links.ts

@@ -87,5 +87,5 @@ export enum SecurityPageName {
   entityAnalyticsManagement = 'entity_analytics-management',
   entityAnalyticsAssetClassification = 'entity_analytics-asset-classification',
   coverageOverview = 'coverage-overview',
-  notesManagement = 'notes-management',
+  notes = 'notes',
 }

packages/kbn-management/settings/setting_ids/index.ts

@@ -187,6 +187,8 @@ export const SECURITY_SOLUTION_EXCLUDE_COLD_AND_FROZEN_TIERS_IN_ANALYZER =
 /** This Kibana Advanced Setting allows users to enable/disable the Asset Criticality feature */
 export const SECURITY_SOLUTION_ENABLE_ASSET_CRITICALITY_SETTING =
   'securitySolution:enableAssetCriticality' as const;
+export const SECURITY_SOLUTION_ENABLE_VISUALIZATIONS_IN_FLYOUT_SETTING =
+  'securitySolution:enableVisualizationsInFlyout' as const;
 
 // Timelion settings
 export const TIMELION_ES_DEFAULT_INDEX_ID = 'timelion:es.default_index';

src/plugins/kibana_usage_collection/server/collectors/management/schema.ts

@@ -130,6 +130,10 @@ export const stackManagementSchema: MakeSchemaFrom<UsageStats> = {
     type: 'boolean',
     _meta: { description: 'Non-default value of setting.' },
   },
+  'securitySolution:enableVisualizationsInFlyout': {
+    type: 'boolean',
+    _meta: { description: 'Non-default value of setting.' },
+  },
   'search:includeFrozen': {
     type: 'boolean',
     _meta: { description: 'Non-default value of setting.' },

src/plugins/kibana_usage_collection/server/collectors/management/types.ts

@@ -76,6 +76,7 @@ export interface UsageStats {
   'securitySolution:enableAssetCriticality': boolean;
   'securitySolution:excludeColdAndFrozenTiersInAnalyzer': boolean;
   'securitySolution:enableCcsWarning': boolean;
+  'securitySolution:enableVisualizationsInFlyout': boolean;
   'search:includeFrozen': boolean;
   'courier:maxConcurrentShardRequests': number;
   'courier:setRequestPreference': string;

src/plugins/telemetry/schema/oss_plugins.json

@@ -9919,6 +9919,12 @@
             "description": "Non-default value of setting."
           }
         },
+        "securitySolution:enableVisualizationsInFlyout":{
+          "type": "boolean",
+          "_meta": {
+            "description": "Non-default value of setting."
+          }
+        },
         "search:includeFrozen": {
           "type": "boolean",
           "_meta": {

test/functional/apps/discover/context_awareness/extensions/_get_row_indicator_provider.ts

@@ -24,6 +24,7 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) {
   const browser = getService('browser');
   const dataViews = getService('dataViews');
 
+  // Failing: See https://github.com/elastic/kibana/issues/194043
   // Failing: See https://github.com/elastic/kibana/issues/194043
   describe.skip('extension getRowIndicatorProvider', () => {
     before(async () => {

x-pack/packages/security/ui_components/src/kibana_privilege_table/feature_table.tsx

@@ -160,9 +160,7 @@ export class FeatureTable extends Component<Props, State> {
             <EuiSpacer size="s" />
             {helpText && (
               <>
-                <EuiCallOut iconType="iInCircle" size="s">
-                  {helpText}
-                </EuiCallOut>
+                <EuiCallOut size="s" title={helpText} />
                 <EuiSpacer size="s" />
               </>
             )}
@@ -404,7 +402,7 @@ export class FeatureTable extends Component<Props, State> {
         'xpack.security.management.editRole.featureTable.managementCategoryHelpText',
         {
           defaultMessage:
-            'Access to Stack Management is determined by both Elasticsearch and Kibana privileges, and cannot be explicitly disabled.',
+            'Additional Stack Management permissions can be found outside of this menu, in index and cluster privileges.',
         }
       );
     }

x-pack/plugins/actions/common/routes/connector/apis/delete/index.ts

@@ -0,0 +1,12 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export { deleteConnectorRequestParamsSchema } from './schemas/latest';
+export type { DeleteConnectorRequestParams } from './types/latest';
+
+export { deleteConnectorRequestParamsSchema as deleteConnectorRequestParamsSchemaV1 } from './schemas/v1';
+export type { DeleteConnectorRequestParams as DeleteConnectorRequestParamsV1 } from './types/v1';

x-pack/plugins/actions/common/routes/connector/apis/delete/schemas/latest.ts

@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export * from './v1';

x-pack/plugins/actions/common/routes/connector/apis/delete/schemas/v1.ts

@@ -0,0 +1,16 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { schema } from '@kbn/config-schema';
+
+export const deleteConnectorRequestParamsSchema = schema.object({
+  id: schema.string({
+    meta: {
+      description: 'An identifier for the connector.',
+    },
+  }),
+});

x-pack/plugins/actions/common/routes/connector/apis/delete/types/latest.ts

@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export * from './v1';

x-pack/plugins/actions/common/routes/connector/apis/delete/types/v1.ts

@@ -0,0 +1,11 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { TypeOf } from '@kbn/config-schema';
+import { deleteConnectorRequestParamsSchemaV1 } from '..';
+
+export type DeleteConnectorRequestParams = TypeOf<typeof deleteConnectorRequestParamsSchemaV1>;

x-pack/plugins/actions/server/routes/delete.test.ts → x-pack/plugins/actions/server/routes/connector/delete/delete.test.ts

@@ -5,14 +5,14 @@
  * 2.0.
  */
 
-import { deleteActionRoute } from './delete';
+import { deleteConnectorRoute } from './delete';
 import { httpServiceMock } from '@kbn/core/server/mocks';
-import { licenseStateMock } from '../lib/license_state.mock';
-import { mockHandlerArguments } from './legacy/_mock_handler_arguments';
-import { actionsClientMock } from '../mocks';
-import { verifyAccessAndContext } from './verify_access_and_context';
+import { licenseStateMock } from '../../../lib/license_state.mock';
+import { mockHandlerArguments } from '../../legacy/_mock_handler_arguments';
+import { actionsClientMock } from '../../../mocks';
+import { verifyAccessAndContext } from '../../verify_access_and_context';
 
-jest.mock('./verify_access_and_context', () => ({
+jest.mock('../../verify_access_and_context', () => ({
   verifyAccessAndContext: jest.fn(),
 }));
 
@@ -21,12 +21,12 @@ beforeEach(() => {
   (verifyAccessAndContext as jest.Mock).mockImplementation((license, handler) => handler);
 });
 
-describe('deleteActionRoute', () => {
+describe('deleteConnectorRoute', () => {
   it('deletes an action with proper parameters', async () => {
     const licenseState = licenseStateMock.create();
     const router = httpServiceMock.createRouter();
 
-    deleteActionRoute(router, licenseState);
+    deleteConnectorRoute(router, licenseState);
 
     const [config, handler] = router.delete.mock.calls[0];
 
@@ -63,7 +63,7 @@ describe('deleteActionRoute', () => {
     const licenseState = licenseStateMock.create();
     const router = httpServiceMock.createRouter();
 
-    deleteActionRoute(router, licenseState);
+    deleteConnectorRoute(router, licenseState);
 
     const [, handler] = router.delete.mock.calls[0];
 
@@ -90,7 +90,7 @@ describe('deleteActionRoute', () => {
       throw new Error('OMG');
     });
 
-    deleteActionRoute(router, licenseState);
+    deleteConnectorRoute(router, licenseState);
 
     const [, handler] = router.delete.mock.calls[0];
 

x-pack/plugins/actions/server/routes/delete.ts → x-pack/plugins/actions/server/routes/connector/delete/delete.ts

@@ -5,20 +5,17 @@
  * 2.0.
  */
 
-import { schema } from '@kbn/config-schema';
 import { IRouter } from '@kbn/core/server';
-import { ILicenseState } from '../lib';
-import { BASE_ACTION_API_PATH } from '../../common';
-import { ActionsRequestHandlerContext } from '../types';
-import { verifyAccessAndContext } from './verify_access_and_context';
+import { ILicenseState } from '../../../lib';
+import { BASE_ACTION_API_PATH } from '../../../../common';
+import { ActionsRequestHandlerContext } from '../../../types';
+import { verifyAccessAndContext } from '../../verify_access_and_context';
+import {
+  deleteConnectorRequestParamsSchemaV1,
+  DeleteConnectorRequestParamsV1,
+} from '../../../../common/routes/connector/apis/delete';
 
-const paramSchema = schema.object({
-  id: schema.string({
-    meta: { description: 'An identifier for the connector.' },
-  }),
-});
-
-export const deleteActionRoute = (
+export const deleteConnectorRoute = (
   router: IRouter<ActionsRequestHandlerContext>,
   licenseState: ILicenseState
 ) => {
@@ -33,7 +30,7 @@ export const deleteActionRoute = (
       },
       validate: {
         request: {
-          params: paramSchema,
+          params: deleteConnectorRequestParamsSchemaV1,
         },
         response: {
           204: {
@@ -45,7 +42,7 @@ export const deleteActionRoute = (
     router.handleLegacyErrors(
       verifyAccessAndContext(licenseState, async function (context, req, res) {
         const actionsClient = (await context.actions).getActionsClient();
-        const { id } = req.params;
+        const { id }: DeleteConnectorRequestParamsV1 = req.params;
         await actionsClient.delete({ id });
         return res.noContent();
       })

x-pack/plugins/actions/server/routes/connector/delete/index.ts

@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export { deleteConnectorRoute } from './delete';

x-pack/plugins/actions/server/routes/index.ts

@@ -14,7 +14,7 @@ import { listTypesWithSystemRoute } from './connector/list_types_system';
 import { ILicenseState } from '../lib';
 import { ActionsRequestHandlerContext } from '../types';
 import { createActionRoute } from './create';
-import { deleteActionRoute } from './delete';
+import { deleteConnectorRoute } from './connector/delete';
 import { executeActionRoute } from './execute';
 import { getConnectorRoute } from './connector/get';
 import { updateActionRoute } from './update';
@@ -37,7 +37,7 @@ export function defineRoutes(opts: RouteOptions) {
   defineLegacyRoutes(router, licenseState, usageCounter);
 
   createActionRoute(router, licenseState);
-  deleteActionRoute(router, licenseState);
+  deleteConnectorRoute(router, licenseState);
   getConnectorRoute(router, licenseState);
   getAllConnectorsRoute(router, licenseState);
   updateActionRoute(router, licenseState);

x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_grouped_findings.tsx

@@ -70,6 +70,7 @@ export interface FindingsGroupingAggregation {
 export const getGroupedFindingsQuery = (query: GroupingQuery) => ({
   ...query,
   index: CDR_MISCONFIGURATIONS_INDEX_PATTERN,
+  ignore_unavailable: true,
   size: 0,
 });
 

x-pack/plugins/cloud_security_posture/public/pages/configurations/latest_findings/use_latest_findings.ts

@@ -51,7 +51,7 @@ export const getFindingsQuery = (
     sort: getMultiFieldsSort(sort),
     size: MAX_FINDINGS_TO_LOAD,
     aggs: getFindingsCountAggQuery(),
-    ignore_unavailable: false,
+    ignore_unavailable: true,
     query: {
       ...query,
       bool: {

x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_grouped_vulnerabilities.tsx

@@ -57,6 +57,7 @@ export type VulnerabilitiesRootGroupingAggregation =
 export const getGroupedVulnerabilitiesQuery = (query: GroupingQuery) => ({
   ...query,
   index: CDR_VULNERABILITIES_INDEX_PATTERN,
+  ignore_unavailable: true,
   size: 0,
 });
 

x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/hooks/use_latest_vulnerabilities.tsx

@@ -57,6 +57,7 @@ export const getVulnerabilitiesQuery = (
   pageParam: number
 ) => ({
   index: CDR_VULNERABILITIES_INDEX_PATTERN,
+  ignore_unavailable: true,
   sort: getMultiFieldsSort(sort),
   size: MAX_FINDINGS_TO_LOAD,
   query: {

x-pack/plugins/fleet/common/openapi/components/schemas/fleet_settings_enrollment_response.yaml

@@ -23,6 +23,12 @@ properties:
               type: string
             download_source_id:
               type: string
+            space_ids:
+              type: array
+              items:
+                type: string
+            data_output_id:
+              type: string
           required:
             - id
             - name
@@ -33,10 +39,16 @@ properties:
         $ref: ./fleet_server_host.yaml
       host_proxy:
         $ref: ./proxies.yaml
+      es_output:
+        $ref: ./output_create_request_elasticsearch.yaml
+      es_output_proxy:
+        $ref: ./proxies.yaml
     required:
       - agent_policies
       - has_active
   download_source:
     $ref: ./download_sources.yaml
+  download_source_proxy:
+    $ref: ./proxies.yaml
 required:
   - fleet_server