…iate release (elastic#203184)

## Summary

This PR contains just the schema changes required to support backfill
actions. This is meant for an intermediate release and then the full PR:
elastic#200784 will follow after that.

---------

Co-authored-by: Elastic Machine <[email protected]>

…ule runs (elastic#200784)

Resolves elastic/response-ops-team#251

## Note

This PR includes some saved object schema changes that I will pull out
into their own separate PR in order to perform an intermediate release.
I wanted to make sure all the schema changes made sense in the overall
context of the PR before opening those separate PRs.

Update: PR for intermediate release here:
elastic#203184 (Merged)

## Summary

Adds ability to run actions for backfill rule runs.

- Updates schedule backfill API to accept `run_actions` parameter to
specify whether to run actions for backfill.
- Schedule API accepts any action where `frequency.notifyWhen ===
'onActiveAlert'`. If a rule has multiple actions where some are
`onActiveAlert` and some are `onThrottleInterval`, the invalid actions
will be stripped and a warning returned in the schedule response but
valid actions will be scheduled.
- Connector IDs are extracted and stored as references in the ad hoc run
params saved object
- Any actions that result from a backfill task run are scheduled as low
priority tasks

## To Verify

1. Create a detection rule. Make sure you have some past data that the
rule can run over in order to generate actions. Make sure you add
actions to the rule. For testing, I added some conditional actions so I
could see actions running only on backfill runs using
`kibana.alert.rule.execution.type: "manual"`. Create actions with and
without summaries.
2. Schedule a backfill either directly via the API or using the
detection UI. Verify that actions are run for the backfill runs that
generate alerts.

---------

Co-authored-by: Elastic Machine <[email protected]>
(cherry picked from commit 075806b)

# Conflicts:
#	x-pack/platform/plugins/shared/actions/server/create_execute_function.ts

…fill rule runs (#200784) (#207273)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Response Ops][Alerting] Adding ability to run actions for backfill
rule runs (#200784)](#200784)

<!--- Backport version: 9.6.4 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sorenlouv/backport)

<!--BACKPORT [{"author":{"name":"Ying
Mao","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-01-20T15:03:33Z","message":"[Response
Ops][Alerting] Adding ability to run actions for backfill rule runs
(#200784)\n\nResolves
https://github.com/elastic/response-ops-team/issues/251\r\n\r\n\r\n##
Note\r\n\r\nThis PR includes some saved object schema changes that I
will pull out\r\ninto their own separate PR in order to perform an
intermediate release.\r\nI wanted to make sure all the schema changes
made sense in the overall\r\ncontext of the PR before opening those
separate PRs.\r\n\r\nUpdate: PR for intermediate release
here:\r\nhttps://github.com//pull/203184
(Merged)\r\n\r\n## Summary\r\n\r\nAdds ability to run actions for
backfill rule runs.\r\n\r\n- Updates schedule backfill API to accept
`run_actions` parameter to\r\nspecify whether to run actions for
backfill.\r\n- Schedule API accepts any action where
`frequency.notifyWhen ===\r\n'onActiveAlert'`. If a rule has multiple
actions where some are\r\n`onActiveAlert` and some are
`onThrottleInterval`, the invalid actions\r\nwill be stripped and a
warning returned in the schedule response but\r\nvalid actions will be
scheduled.\r\n- Connector IDs are extracted and stored as references in
the ad hoc run\r\nparams saved object\r\n- Any actions that result from
a backfill task run are scheduled as low\r\npriority tasks\r\n\r\n## To
Verify\r\n\r\n1. Create a detection rule. Make sure you have some past
data that the\r\nrule can run over in order to generate actions. Make
sure you add\r\nactions to the rule. For testing, I added some
conditional actions so I\r\ncould see actions running only on backfill
runs using\r\n`kibana.alert.rule.execution.type: \"manual\"`. Create
actions with and\r\nwithout summaries.\r\n2. Schedule a backfill either
directly via the API or using the\r\ndetection UI. Verify that actions
are run for the backfill runs that\r\ngenerate
alerts.\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine
<[email protected]>","sha":"075806bffa78cc4f42e61483dcbd24de3c87d3c8","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Alerting","release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","ci:project-deploy-security","v8.18.0"],"title":"[Response
Ops][Alerting] Adding ability to run actions for backfill rule
runs","number":200784,"url":"https://github.com/elastic/kibana/pull/200784","mergeCommit":{"message":"[Response
Ops][Alerting] Adding ability to run actions for backfill rule runs
(#200784)\n\nResolves
https://github.com/elastic/response-ops-team/issues/251\r\n\r\n\r\n##
Note\r\n\r\nThis PR includes some saved object schema changes that I
will pull out\r\ninto their own separate PR in order to perform an
intermediate release.\r\nI wanted to make sure all the schema changes
made sense in the overall\r\ncontext of the PR before opening those
separate PRs.\r\n\r\nUpdate: PR for intermediate release
here:\r\nhttps://github.com//pull/203184
(Merged)\r\n\r\n## Summary\r\n\r\nAdds ability to run actions for
backfill rule runs.\r\n\r\n- Updates schedule backfill API to accept
`run_actions` parameter to\r\nspecify whether to run actions for
backfill.\r\n- Schedule API accepts any action where
`frequency.notifyWhen ===\r\n'onActiveAlert'`. If a rule has multiple
actions where some are\r\n`onActiveAlert` and some are
`onThrottleInterval`, the invalid actions\r\nwill be stripped and a
warning returned in the schedule response but\r\nvalid actions will be
scheduled.\r\n- Connector IDs are extracted and stored as references in
the ad hoc run\r\nparams saved object\r\n- Any actions that result from
a backfill task run are scheduled as low\r\npriority tasks\r\n\r\n## To
Verify\r\n\r\n1. Create a detection rule. Make sure you have some past
data that the\r\nrule can run over in order to generate actions. Make
sure you add\r\nactions to the rule. For testing, I added some
conditional actions so I\r\ncould see actions running only on backfill
runs using\r\n`kibana.alert.rule.execution.type: \"manual\"`. Create
actions with and\r\nwithout summaries.\r\n2. Schedule a backfill either
directly via the API or using the\r\ndetection UI. Verify that actions
are run for the backfill runs that\r\ngenerate
alerts.\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine
<[email protected]>","sha":"075806bffa78cc4f42e61483dcbd24de3c87d3c8"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/200784","number":200784,"mergeCommit":{"message":"[Response
Ops][Alerting] Adding ability to run actions for backfill rule runs
(#200784)\n\nResolves
https://github.com/elastic/response-ops-team/issues/251\r\n\r\n\r\n##
Note\r\n\r\nThis PR includes some saved object schema changes that I
will pull out\r\ninto their own separate PR in order to perform an
intermediate release.\r\nI wanted to make sure all the schema changes
made sense in the overall\r\ncontext of the PR before opening those
separate PRs.\r\n\r\nUpdate: PR for intermediate release
here:\r\nhttps://github.com//pull/203184
(Merged)\r\n\r\n## Summary\r\n\r\nAdds ability to run actions for
backfill rule runs.\r\n\r\n- Updates schedule backfill API to accept
`run_actions` parameter to\r\nspecify whether to run actions for
backfill.\r\n- Schedule API accepts any action where
`frequency.notifyWhen ===\r\n'onActiveAlert'`. If a rule has multiple
actions where some are\r\n`onActiveAlert` and some are
`onThrottleInterval`, the invalid actions\r\nwill be stripped and a
warning returned in the schedule response but\r\nvalid actions will be
scheduled.\r\n- Connector IDs are extracted and stored as references in
the ad hoc run\r\nparams saved object\r\n- Any actions that result from
a backfill task run are scheduled as low\r\npriority tasks\r\n\r\n## To
Verify\r\n\r\n1. Create a detection rule. Make sure you have some past
data that the\r\nrule can run over in order to generate actions. Make
sure you add\r\nactions to the rule. For testing, I added some
conditional actions so I\r\ncould see actions running only on backfill
runs using\r\n`kibana.alert.rule.execution.type: \"manual\"`. Create
actions with and\r\nwithout summaries.\r\n2. Schedule a backfill either
directly via the API or using the\r\ndetection UI. Verify that actions
are run for the backfill runs that\r\ngenerate
alerts.\r\n\r\n---------\r\n\r\nCo-authored-by: Elastic Machine
<[email protected]>","sha":"075806bffa78cc4f42e61483dcbd24de3c87d3c8"}},{"branch":"8.x","label":"v8.18.0","branchLabelMappingKey":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

---------

Co-authored-by: kibanamachine <[email protected]>

…ule runs (elastic#200784)

Resolves elastic/response-ops-team#251


## Note

This PR includes some saved object schema changes that I will pull out
into their own separate PR in order to perform an intermediate release.
I wanted to make sure all the schema changes made sense in the overall
context of the PR before opening those separate PRs.

Update: PR for intermediate release here:
elastic#203184 (Merged)

## Summary

Adds ability to run actions for backfill rule runs.

- Updates schedule backfill API to accept `run_actions` parameter to
specify whether to run actions for backfill.
- Schedule API accepts any action where `frequency.notifyWhen ===
'onActiveAlert'`. If a rule has multiple actions where some are
`onActiveAlert` and some are `onThrottleInterval`, the invalid actions
will be stripped and a warning returned in the schedule response but
valid actions will be scheduled.
- Connector IDs are extracted and stored as references in the ad hoc run
params saved object
- Any actions that result from a backfill task run are scheduled as low
priority tasks

## To Verify

1. Create a detection rule. Make sure you have some past data that the
rule can run over in order to generate actions. Make sure you add
actions to the rule. For testing, I added some conditional actions so I
could see actions running only on backfill runs using
`kibana.alert.rule.execution.type: "manual"`. Create actions with and
without summaries.
2. Schedule a backfill either directly via the API or using the
detection UI. Verify that actions are run for the backfill runs that
generate alerts.

---------

Co-authored-by: Elastic Machine <[email protected]>

…ule runs (elastic#200784)

Resolves elastic/response-ops-team#251


## Note

This PR includes some saved object schema changes that I will pull out
into their own separate PR in order to perform an intermediate release.
I wanted to make sure all the schema changes made sense in the overall
context of the PR before opening those separate PRs.

Update: PR for intermediate release here:
elastic#203184 (Merged)

## Summary

Adds ability to run actions for backfill rule runs.

- Updates schedule backfill API to accept `run_actions` parameter to
specify whether to run actions for backfill.
- Schedule API accepts any action where `frequency.notifyWhen ===
'onActiveAlert'`. If a rule has multiple actions where some are
`onActiveAlert` and some are `onThrottleInterval`, the invalid actions
will be stripped and a warning returned in the schedule response but
valid actions will be scheduled.
- Connector IDs are extracted and stored as references in the ad hoc run
params saved object
- Any actions that result from a backfill task run are scheduled as low
priority tasks

## To Verify

1. Create a detection rule. Make sure you have some past data that the
rule can run over in order to generate actions. Make sure you add
actions to the rule. For testing, I added some conditional actions so I
could see actions running only on backfill runs using
`kibana.alert.rule.execution.type: "manual"`. Create actions with and
without summaries.
2. Schedule a backfill either directly via the API or using the
detection UI. Verify that actions are run for the backfill runs that
generate alerts.

---------

Co-authored-by: Elastic Machine <[email protected]>