[ML] Add ML saved objects to Kibana saved objects management page #205177
Conversation
qn895
added
v9.0.0
release_note:feature
|
/ci |
1 similar comment
|
/ci |
qn895
force-pushed
the
ml-kbn-saved-objs-in-management
branch
from
2543291 to
31c5c56
Compare
|
/ci |
x-pack/platform/plugins/shared/ml/server/saved_objects/saved_objects.ts
Outdated
Show resolved
Hide resolved
| if (obj.id.startsWith(AD_PREFIX)) { | ||
| const jobId = obj.id.slice(AD_PREFIX.length); | ||
| return { | ||
| path: `/app/management/insightsAndAlerting/jobsListLink/${jobId}`, |
There was a problem hiding this comment.
Passing the jobId in the link is wasted currently as we don't use that in the ML management page to restore a filter to the query bar. But I guess it makes more sense to wait till the new management page is ready and then edit this link to provide a filtered link to that page?
There was a problem hiding this comment.
As discussed, I'm removing the links for all ML objects for now until we have the PR for management page ready
| return ( | ||
| <FormattedMessage | ||
| id="savedObjectsManagement.objectsTable.table.hasMlObjects.deleteDisabledTooltip" | ||
| defaultMessage="Machine learning objects can’t be deleted." |
There was a problem hiding this comment.
Suggest editing this to say something like Machine learning objects can only be deleted in the Machine Learning management page (last part of that message needs some work!).
There was a problem hiding this comment.
Updated 1450c34 (#205177)
@szabosteve Follow-up on my slack message, would love to get some feedback for this one liner.
There was a problem hiding this comment.
@qn895 @peteharverson This tooltip message works fine. We could maybe phrase it a bit more action-oriented, something along the lines of:
Navigate to the Machine Learning management page to delete machine learning objects.
There was a problem hiding this comment.
That text sounds good to me. Thanks @szabosteve
There was a problem hiding this comment.
As discussed, until the new management pages are in, let's change this to say Navigate to the Machine Learning pages to delete machine learning objects.
x-pack/platform/plugins/shared/ml/server/saved_objects/saved_objects.ts
Outdated
Show resolved
Hide resolved
| const jobId = obj.id.slice(AD_PREFIX.length); | ||
| return { | ||
| path: `/app/management/insightsAndAlerting/jobsListLink/${jobId}`, | ||
| uiCapabilitiesPath: 'ml.canGetJobs', |
There was a problem hiding this comment.
Is it possible to add additional capabilities checks to control what actions a user can perform and whether or not the saved objects are listed?
I think should not list the SOs if the user does not have the minimum read permissions and should only be able to edit them if they have write permissions, e.g. for AD SOs:
canGetJobs AD job saved objects are listed but are read only.
canGetJobs && canCreateJobs AD job saved objects are listed and can be edited
|
/ci |
| capabilityPath: 'ml.*', | ||
| }); | ||
| const canSeeMLJobs = | ||
| mlCapabilities.ml.canGetJobs && mlCapabilities.ml.canGetDataFrameAnalytics; |
There was a problem hiding this comment.
We can't group the two ML job types together, AD and DFA need to be separate.
In a serverless environment where the DFA feature is disabled, canGetDataFrameAnalytics will always be false. Same for AD feature.
Looking at what is contained inside mlJobType below, I'm not sure if this will be possible to filter these different job types server side.
A possible solution would be to change this check to an || and add some additional filtering on the client side when displaying table. The client side will also have the capabilities available.
|
Is it possible to hide this callout with a link to the "copy to spaces" flyout? 
|
x-pack/platform/plugins/shared/ml/server/saved_objects/saved_objects.ts
Outdated
Show resolved
Hide resolved
|
/ci |
|
/ci |
|
/ci |
...shared/saved_objects_management/public/management_section/objects_table/components/table.tsx
Show resolved
Hide resolved
...shared/saved_objects_management/public/management_section/objects_table/components/table.tsx
Outdated
Show resolved
Hide resolved
|
/ci |
|
/ci |
|
Pinging @elastic/ml-ui (:ml) |
...shared/saved_objects_management/public/management_section/objects_table/components/table.tsx
Outdated
Show resolved
Hide resolved
...shared/saved_objects_management/public/management_section/objects_table/components/table.tsx
Outdated
Show resolved
Hide resolved
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Module Count
Async chunks
Page load bundle
History
cc @qn895 |
There was a problem hiding this comment.
As a general comment, I'm not a big fan of leaking ML-specific requirements into the SOM code-base.
I wonder if there are any options (onExport/onImport hooks, read-only flag, getInAppUrl) that we can leverage to register all these via the API and inside the ML plugin instead.
Also, please, remove the async from the SOM plugin's lifecycle methods 🙏
|
|
||
| constructor(private readonly context: PluginInitializerContext) { | ||
| this.logger = this.context.logger.get(); | ||
| } | ||
|
|
||
| public setup({ http, capabilities }: CoreSetup) { | ||
| public async setup({ http, capabilities, getStartServices }: CoreSetup) { |
There was a problem hiding this comment.
The use of async lifecycle methods in plugins is deprecated and highly discouraged. It looks like it's not necessary anyway.
| 'savedObjectsManagement.objectsTable.table.deleteMLJobsAndModelsDisabledTooltip', | ||
| { | ||
| defaultMessage: | ||
| 'Navigate to the Machine Learning management pages to delete machine learning jobs and trained models.', |
There was a problem hiding this comment.
Can we use management.getInAppUrl in the SO definition to take the users to the ML management pages instead?
There was a problem hiding this comment.
Yes that's the plan. This is dependent on another PR that we will have merge soon. I'll add a todo to make notes.
| let filteredSavedObjects = resp.saved_objects; | ||
| const mlCapabilities = this.props.applications.capabilities.ml as Record<string, boolean>; | ||
|
|
||
| const mlFilters: Record<string, boolean> = { |
There was a problem hiding this comment.
In the original management page, if only the nlp feature is disabled, we do not list pytorch models, but we do list models from dfa jobs.
With this PR, we are still listing pytorch models.
The filtering code is here:
It would be good to replicate this behaviour as I don't think elser should be listed if nlp is disabled.
However, it will not be easy as we don't have access to the underlying trained models and I'm not sure we should be loading them here.
We also do not currently have a serverless offering where nlp is disabled. So this is low risk.
| * License v3.0 only", or the "Server Side Public License, v 1". | ||
| */ | ||
|
|
||
| export const ML_SAVED_OBJECT_TYPES = new Set(['ml-job', 'ml-trained-model']); |
There was a problem hiding this comment.
I wonder if we should move the constants declared here to a package and also include this Set.
In this PR ml-job and ml-trained-model are used a few times and it would be safer if they all came from the same place.
| @@ -43,6 +43,15 @@ export class ShareToSpaceSavedObjectsManagementAction extends SavedObjectsManage | |||
| !this.actionContext || | |||
| !!this.actionContext.capabilities.savedObjectsManagement.shareIntoSpace; | |||
| const { namespaceType, hiddenType } = object.meta; | |||
|
|
|||
| if (object?.type && object.type.startsWith('ml-')) { | |||
| const hasMlShareCapabilities = | |||
There was a problem hiding this comment.
this check is only looking at AD capabilities. If I disable AD in my yml file with xpack.ml.ad.enabled: false I can no longer share trained models or DFA jobs.
| const anySelected = selectedSavedObjects.length > 0; | ||
| const allHidden = | ||
| anySelected && selectedSavedObjects.every(({ meta: { hiddenType } }) => hiddenType); | ||
|
|
||
| const deleteTooltip = () => { |
There was a problem hiding this comment.
There's a sneaky delete button at the top of the inspect saved object flyout.
| @@ -378,7 +378,8 @@ export const ShareToSpaceFlyoutInternal = (props: ShareToSpaceFlyoutProps) => { | |||
| enableCreateCopyCallout && | |||
| spaces.length > 1 && | |||
| savedObjectTarget.namespaces.length === 1 && | |||
| !arraysAreEqual(savedObjectTarget.namespaces, [ALL_SPACES_ID]); | |||
| !arraysAreEqual(savedObjectTarget.namespaces, [ALL_SPACES_ID]) && | |||
| !savedObjectTarget.type.startsWith('ml'); | |||
There was a problem hiding this comment.
Nit: The only concern I have here is that we're string matching to catch all ML SO types. This appears to work, but I am unfamiliar with all ML SO types. Could we make this more explicit, something like an "isMLType" utility function that we can ensure covers only, but all of, the ML SO types explicitly?
Summary
This PR adds the display of saved objects for anomaly detection jobs, data frame analytics jobs and trained models to the Kibana saved objects management page. Changes include:
ml-jobsaved object type into the allowed types. The allowed_type will excludeml-jobandml-trained-modelobjects if missing mlcanGetJobscapabilities. They are not hyper linked until new navigation routing is implemented.Spaces without ML permission will not show ML saved objects
Screen.Recording.2025-01-02.at.15.48.27.mov
The
Export {count} objectsreflects only exportable saved objects.User that
canGetJobsbut notcanCreateJobcan only inspect, and will not be able to share object to spacesml-jobsaved objects are not deletable. The Delete button will be disabled if any ML saved objects is selected, and a hint tooltip message will be shown.ml-jobsaved objects are not exportable. The Export button will be disabled if any ML saved objects is selected, and a hint tooltip message will be shown.Checklist
Check the PR satisfies following conditions.
Reviewers should verify this PR satisfies this list as well.
release_note:breakinglabel should be applied in these situations.release_note:*label is applied per the guidelinesIdentify risks
Does this PR introduce any risks? For example, consider risks like hard to test bugs, performance regression, potential of data loss.
Describe the risk, its severity, and mitigation for each identified risk. Invite stakeholders and evaluate how to proceed before merging.