[Cloud Security] changed findings group by name to group by id #206379
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alexreal1314
added
bug
|
Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security) |
alexreal1314
added
release_note:skip
alexreal1314
force-pushed
the
9782-use-resource-id-group-by
branch
2 times, most recently
from
6205502 to
b0e4fab
Compare
opauloh
reviewed
Jan 15, 2025
albertoblaz
reviewed
Jan 15, 2025
x-pack/test/cloud_security_posture_functional/pages/findings_grouping.ts
Show resolved
Hide resolved
Comment on lines
+34
to
+37
| selectedGroup: string, | ||
| bucket: RawBucket<FindingsGroupingAggregation>, | ||
| nullGroupMessage: string | undefined, | ||
| isLoading: boolean | undefined |
albertoblaz
approved these changes
Jan 15, 2025
There was a problem hiding this comment.
Would be great to implement @opauloh's suggestion but I'll approve the PR now
alexreal1314
force-pushed
the
9782-use-resource-id-group-by
branch
from
d6dfbf2 to
88ee317
Compare
|
@albertoblaz fixed @opauloh comment. |
JordanSh
reviewed
Jan 15, 2025
Comment on lines
48
to
60
| const getGroupPanelTitle = () => { | ||
| if (bucket.resourceName?.buckets) { | ||
| return ( | ||
| <> | ||
| <strong>{bucket.resourceName.buckets[0]?.key}</strong> - {bucket.key_as_string} | ||
| </> | ||
| ); | ||
| } | ||
|
|
||
| return <strong>{bucket.key_as_string}</strong>; | ||
| }; |
There was a problem hiding this comment.
note that an empty array in bucket.resourceName?.buckets can count as true, which will lead into undefined bucket.resourceName.buckets[0]?.key that will be presented in bold.
instead, i suggest to directly check that we have a bucket.resourceName.buckets[0]?.key to decide if we want to render it or just bucket.key_as_string.
i also suggest to add named constants for those values so it will be easier to understand what exactly are we rendering.
Suggested change
| const getGroupPanelTitle = () => { | |
| if (bucket.resourceName?.buckets) { | |
| return ( | |
| <> | |
| <strong>{bucket.resourceName.buckets[0]?.key}</strong> - {bucket.key_as_string} | |
| </> | |
| ); | |
| } | |
| return <strong>{bucket.key_as_string}</strong>; | |
| }; | |
| const getGroupPanelTitle = () => { | |
| const resourceName = bucket.resourceName?.buckets[0]?.key; | |
| const resourceId = bucket.key_as_string || 'Some default value like "Missing ID"'; | |
| return resourceName ? ( | |
| <> | |
| <strong>{resourceName}</strong> - {resourceId} | |
| </> | |
| ) : ( | |
| <strong>{resourceId}</strong> | |
| ); | |
| }; |
There was a problem hiding this comment.
@JordanSh fixed, although i didnt use resourceName variable as it is not always resourceId.
There was a problem hiding this comment.
can you elaborate? what else can it be?
There was a problem hiding this comment.
@JordanSh account id for example. any category from the group by menu.
Comment on lines
+89
to
+92
| case FINDINGS_GROUPING_OPTIONS.RESOURCE_ID: | ||
| return [ | ||
| ...aggMetrics, | ||
| getTermAggregation('resourceName', 'resource.id'), | ||
| getTermAggregation('resourceName', 'resource.name'), |
There was a problem hiding this comment.
can you provide some context around this change? wouldn't resource.id should be used in FINDINGS_GROUPING_OPTIONS.RESOURCE_ID?
just an observation as im not too familiar with this code
There was a problem hiding this comment.
I believe this is required to get more data for the group, as we use resource.name in the group title, we need to aggregate by it
There was a problem hiding this comment.
yes to what @maxcold said, this aggregation retrieves additional data used on this grouping visualization (.ie resources view will retrieve resources name so it can display the resource name under the resource id, cloud account view will retrieve the cloud provider and so on)
maxcold
reviewed
Jan 15, 2025
x-pack/platform/plugins/private/translations/translations/zh-CN.json
Outdated
Show resolved
Hide resolved
Comment on lines
+89
to
+92
| case FINDINGS_GROUPING_OPTIONS.RESOURCE_ID: | ||
| return [ | ||
| ...aggMetrics, | ||
| getTermAggregation('resourceName', 'resource.id'), | ||
| getTermAggregation('resourceName', 'resource.name'), |
There was a problem hiding this comment.
I believe this is required to get more data for the group, as we use resource.name in the group title, we need to aggregate by it
alexreal1314
force-pushed
the
9782-use-resource-id-group-by
branch
from
41dd882 to
7b31986
Compare
JordanSh
approved these changes
Jan 15, 2025
alexreal1314
force-pushed
the
9782-use-resource-id-group-by
branch
from
1800e39 to
cd4c937
Compare
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Async chunks
History
|
alexreal1314
force-pushed
the
9782-use-resource-id-group-by
branch
2 times, most recently
from
00d1ab3 to
1fbe394
Compare
maxcold
approved these changes
Jan 16, 2025
updated groupPanelRenderer component
alexreal1314
force-pushed
the
9782-use-resource-id-group-by
branch
from
1fbe394 to
f96e01e
Compare
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
alexreal1314
added a commit
that referenced
this pull request
Jan 20, 2025
…206379) (#207170) # Backport This will backport the following commits from `main` to `8.x`: - [[Cloud Security] changed findings group by name to group by id (#206379)](#206379) <!--- Backport version: 9.6.4 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Alex Prozorov","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-01-16T16:24:10Z","message":"[Cloud Security] changed findings group by name to group by id (#206379)\n\n## Summary\r\nThis PR fixes group by logic in the findings table to be based on\r\nresource.id instead of resource.name.\r\n\r\n### Screenshots\r\n\r\n\r\n\r\n\r\n\r\n### Closes\r\n- https://github.com/elastic/security-team/issues/9782\r\n\r\n### Definition of done\r\n- [x] When grouping findings by Resource, the findings are grouped by\r\nresource.id\r\n- [x] The group title should still contain resource.name for better UX\r\nin combination with the id\r\n- [x] The label in the grouping properties should be Resource ID, not\r\njust Resource\r\n\r\n### Checklist\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [x] The PR description includes the appropriate Release Notes section,\r\nand the correct release_note:* label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"22e047a1f62331cbf80b886b7a4275b1143b3446","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","good first issue","release_note:skip","backport:skip","v9.0.0","Team:Cloud Security"],"title":"[Cloud Security] changed findings group by name to group by id","number":206379,"url":"https://github.com/elastic/kibana/pull/206379","mergeCommit":{"message":"[Cloud Security] changed findings group by name to group by id (#206379)\n\n## Summary\r\nThis PR fixes group by logic in the findings table to be based on\r\nresource.id instead of resource.name.\r\n\r\n### Screenshots\r\n\r\n\r\n\r\n\r\n\r\n### Closes\r\n- https://github.com/elastic/security-team/issues/9782\r\n\r\n### Definition of done\r\n- [x] When grouping findings by Resource, the findings are grouped by\r\nresource.id\r\n- [x] The group title should still contain resource.name for better UX\r\nin combination with the id\r\n- [x] The label in the grouping properties should be Resource ID, not\r\njust Resource\r\n\r\n### Checklist\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [x] The PR description includes the appropriate Release Notes section,\r\nand the correct release_note:* label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"22e047a1f62331cbf80b886b7a4275b1143b3446"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/206379","number":206379,"mergeCommit":{"message":"[Cloud Security] changed findings group by name to group by id (#206379)\n\n## Summary\r\nThis PR fixes group by logic in the findings table to be based on\r\nresource.id instead of resource.name.\r\n\r\n### Screenshots\r\n\r\n\r\n\r\n\r\n\r\n### Closes\r\n- https://github.com/elastic/security-team/issues/9782\r\n\r\n### Definition of done\r\n- [x] When grouping findings by Resource, the findings are grouped by\r\nresource.id\r\n- [x] The group title should still contain resource.name for better UX\r\nin combination with the id\r\n- [x] The label in the grouping properties should be Resource ID, not\r\njust Resource\r\n\r\n### Checklist\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [x] The PR description includes the appropriate Release Notes section,\r\nand the correct release_note:* label is applied per the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"22e047a1f62331cbf80b886b7a4275b1143b3446"}}]}] BACKPORT-->
viduni94
pushed a commit
to viduni94/kibana
that referenced
this pull request
Jan 23, 2025
…ic#206379) ## Summary This PR fixes group by logic in the findings table to be based on resource.id instead of resource.name. ### Screenshots  ### Closes - elastic/security-team#9782 ### Definition of done - [x] When grouping findings by Resource, the findings are grouped by resource.id - [x] The group title should still contain resource.name for better UX in combination with the id - [x] The label in the grouping properties should be Resource ID, not just Resource ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] The PR description includes the appropriate Release Notes section, and the correct release_note:* label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR fixes group by logic in the findings table to be based on resource.id instead of resource.name.
Screenshots
Closes
Definition of done
Checklist