[Security solution][Endpoint] Removes zip compression when creating artifacts #101379
Conversation
…unit tests and removes old code
dasansol92
added
auto-backport
|
Pinging @elastic/security-onboarding-and-lifecycle-mgt (Team:Onboarding and Lifecycle Mgt) |
|
@elasticmachine merge upstream |
...ns/security_solution/server/endpoint/services/artifacts/manifest_manager/manifest_manager.ts
Show resolved
Hide resolved
| InternalArtifactCompleteSchema, | ||
| } from './saved_objects'; | ||
|
|
||
| const compressArtifact = async (artifact: InternalArtifactCompleteSchema) => { |
| const createdArtifact = await this.fleetArtifacts.createArtifact({ | ||
| content: artifactContent.toString(), | ||
| content: Buffer.from(artifact.body, 'base64').toString(), |
There was a problem hiding this comment.
This is the part I was questioning in my mind as to how we would handle it. I think the returned records from fleetArtifacts.createArtifact() needs to be "merged" in with the interal record manifest manager keeps, so that the copreesed data is added in. maybe? not? :)
There was a problem hiding this comment.
Not sure about it, I just removed the zip compression step, so not needed to uncompress the content here, just decode from base64
There was a problem hiding this comment.
Looks good.
(FYI: Now I'm also thinking in the future, we might want to remove this redundant base64 encoding 🤔 )
There was a problem hiding this comment.
Did a local test (without Endpoint) and looks like we're populating the Policy manifest with information about artifacts that does not include the compression info. (which still happens, but is done by the Fleet artifct exposed client).
You can see this by looking at the Policy record (endpoint integration policy) and noticed that the compression_algorithm' is set to none` and that body decoded and encoded data is the same
I think the challange here will be to figure out how we can get the data returned by from fleet artifact client when the artifact is created back into the internal manifest entry that Manifest Manager keeps. I belive the internal record is written/saved before the artifact is actuallly created, so we might have to chagne the flow there.
…th zlip compression
…965' of github.com:dasansol92/kibana into feature/olm-no_compress_artifacts_during_it_processing-965
|
@elasticmachine merge upstream |
…est. Also fixes unit tests
There was a problem hiding this comment.
I did not check out the code locally this time, but changes looks good. Maybe just add a screen capture to the Description of the PR that shows the Policy manifest entries (json), so that we can see that zlib is still being set for compression and that the size/hashes are also set accordingly.
Other than that - 🚢
Thanks for taking this on
|
@elasticmachine merge upstream |
💚 Build SucceededMetrics [docs]
History
To update your PR or re-run it, just comment with: |
…rtifacts (elastic#101379) * Removes zlib compression when creating artifacts. Also fixes related unit tests and removes old code * Replaces artifact in new manifest using the ones from fleet client with zlip compression * Fixes create_policy_artifact_manifest pushArtifacts missing new manifest. Also fixes unit tests Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
💚 Backport successful
This backport PR will be merged automatically after passing CI. |
* master: [Security solution][Endpoint] Removes zip compression when creating artifacts (elastic#101379) [Dashboard]: Fixes disabled viz filter is applied (elastic#101859) [Discover] Deangularization of search embeddable (elastic#100552)
…rtifacts (#101379) (#102033) * Removes zlib compression when creating artifacts. Also fixes related unit tests and removes old code * Replaces artifact in new manifest using the ones from fleet client with zlip compression * Fixes create_policy_artifact_manifest pushArtifacts missing new manifest. Also fixes unit tests Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: David Sánchez <davidsansol92@gmail.com>
…rtifacts (elastic#101379) * Removes zlib compression when creating artifacts. Also fixes related unit tests and removes old code * Replaces artifact in new manifest using the ones from fleet client with zlip compression * Fixes create_policy_artifact_manifest pushArtifacts missing new manifest. Also fixes unit tests Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Summary
Description:
As a result of moving Artifact storage to fleet (v7.13) the endpoint ManifestManager process should be refactored to no longer compress (zip) the artifacts content
Also:
For maintainers