[8.x] [UII] Support is_default on integration deployment modes (#20…

…8284) (#208599)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[UII] Support `is_default` on integration deployment modes
(#208284)](#208284)

<!--- Backport version: 9.6.4 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sorenlouv/backport)

<!--BACKPORT [{"author":{"name":"Jen
Huang","email":"its.jenetic@gmail.com"},"sourceCommit":{"committedDate":"2025-01-28T08:26:03Z","message":"[UII]
Support `is_default` on integration deployment modes (#208284)\n\n##
Summary\n\nResolves #205761\nResolves
https://github.com/elastic/security-team/issues/10712\n\nThis PR adds
support for `is_default` property for integration\ndeployment modes, so
that if an integration declares agentless to be the\ndefault deployment
mode, the policy editor will select `Agentless` by\ndefault when adding
it:\n\n<img width=\"1422\"
alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/74c7c8fa-2df9-4e03-bb2b-aa192927aa6d\"\n/>\n\n##
Testing\n\n1. Check out `integrations` repo\n2.
Apply\n[cspm-patch.diff](https://gist.github.com/jen-huang/8574262ea2e5fb8b1c3a134d2b4263d5)\n3.
In `packages/cloud_security_posture/`, run `elastic-package build`\n(or
ask Jen for the built .zip if you have trouble 😉)\n4. Upload the built
package in Kibana at\n`/app/integrations/create/upload`\n5. Go to
Integrations > search for CSPM > Add integration\n6. Observe that
Advanced options > Setup technology dropdown defaults to\nAgentless and
agent policy selection is not offered\n7. Go back to Integrations >
search for Security Posture Management\n(parent of CSPM) > Add
integration\n8. Observe that CSPM is selected by default with Agentless
mode selected\nby default as well\n\n### Checklist\n\nCheck the PR
satisfies following conditions. \n\nReviewers should verify this PR
satisfies this list as well.\n\n- [x] [Unit or
functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere
updated or added to match the most common scenarios\n- [x] The PR
description includes the appropriate Release Notes section,\nand the
correct `release_note:*` label is applied per
the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"2d3fc93e74880728a86063884ab6949353b08dca","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","v9.0.0","backport:prev-minor"],"title":"[UII]
Support `is_default` on integration deployment
modes","number":208284,"url":"https://github.com/elastic/kibana/pull/208284","mergeCommit":{"message":"[UII]
Support `is_default` on integration deployment modes (#208284)\n\n##
Summary\n\nResolves #205761\nResolves
https://github.com/elastic/security-team/issues/10712\n\nThis PR adds
support for `is_default` property for integration\ndeployment modes, so
that if an integration declares agentless to be the\ndefault deployment
mode, the policy editor will select `Agentless` by\ndefault when adding
it:\n\n<img width=\"1422\"
alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/74c7c8fa-2df9-4e03-bb2b-aa192927aa6d\"\n/>\n\n##
Testing\n\n1. Check out `integrations` repo\n2.
Apply\n[cspm-patch.diff](https://gist.github.com/jen-huang/8574262ea2e5fb8b1c3a134d2b4263d5)\n3.
In `packages/cloud_security_posture/`, run `elastic-package build`\n(or
ask Jen for the built .zip if you have trouble 😉)\n4. Upload the built
package in Kibana at\n`/app/integrations/create/upload`\n5. Go to
Integrations > search for CSPM > Add integration\n6. Observe that
Advanced options > Setup technology dropdown defaults to\nAgentless and
agent policy selection is not offered\n7. Go back to Integrations >
search for Security Posture Management\n(parent of CSPM) > Add
integration\n8. Observe that CSPM is selected by default with Agentless
mode selected\nby default as well\n\n### Checklist\n\nCheck the PR
satisfies following conditions. \n\nReviewers should verify this PR
satisfies this list as well.\n\n- [x] [Unit or
functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere
updated or added to match the most common scenarios\n- [x] The PR
description includes the appropriate Release Notes section,\nand the
correct `release_note:*` label is applied per
the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"2d3fc93e74880728a86063884ab6949353b08dca"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/208284","number":208284,"mergeCommit":{"message":"[UII]
Support `is_default` on integration deployment modes (#208284)\n\n##
Summary\n\nResolves #205761\nResolves
https://github.com/elastic/security-team/issues/10712\n\nThis PR adds
support for `is_default` property for integration\ndeployment modes, so
that if an integration declares agentless to be the\ndefault deployment
mode, the policy editor will select `Agentless` by\ndefault when adding
it:\n\n<img width=\"1422\"
alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/74c7c8fa-2df9-4e03-bb2b-aa192927aa6d\"\n/>\n\n##
Testing\n\n1. Check out `integrations` repo\n2.
Apply\n[cspm-patch.diff](https://gist.github.com/jen-huang/8574262ea2e5fb8b1c3a134d2b4263d5)\n3.
In `packages/cloud_security_posture/`, run `elastic-package build`\n(or
ask Jen for the built .zip if you have trouble 😉)\n4. Upload the built
package in Kibana at\n`/app/integrations/create/upload`\n5. Go to
Integrations > search for CSPM > Add integration\n6. Observe that
Advanced options > Setup technology dropdown defaults to\nAgentless and
agent policy selection is not offered\n7. Go back to Integrations >
search for Security Posture Management\n(parent of CSPM) > Add
integration\n8. Observe that CSPM is selected by default with Agentless
mode selected\nby default as well\n\n### Checklist\n\nCheck the PR
satisfies following conditions. \n\nReviewers should verify this PR
satisfies this list as well.\n\n- [x] [Unit or
functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere
updated or added to match the most common scenarios\n- [x] The PR
description includes the appropriate Release Notes section,\nand the
correct `release_note:*` label is applied per
the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"2d3fc93e74880728a86063884ab6949353b08dca"}}]}]
BACKPORT-->

x-pack/platform/plugins/shared/fleet/common/services/agentless_policy_helper.test.ts

@@ -151,6 +151,40 @@ describe('agentless_policy_helper', () => {
       expect(result).toBe(true);
     });
 
+    it('should return true if packageInfo is defined and selected integration only has agentless', () => {
+      const packageInfo = {
+        policy_templates: [
+          {
+            name: 'template1',
+            title: 'Template 1',
+            description: '',
+            deployment_modes: {
+              default: {
+                enabled: true,
+              },
+              agentless: {
+                enabled: true,
+              },
+            },
+          },
+          {
+            name: 'template2',
+            title: 'Template 2',
+            description: '',
+            deployment_modes: {
+              agentless: {
+                enabled: true,
+              },
+            },
+          },
+        ] as RegistryPolicyTemplate[],
+      };
+
+      const result = isOnlyAgentlessIntegration(packageInfo, 'template2');
+
+      expect(result).toBe(true);
+    });
+
     it('should return false if packageInfo is defined but has other deployment types', () => {
       const packageInfo = {
         policy_templates: [

x-pack/platform/plugins/shared/fleet/common/services/agentless_policy_helper.ts

@@ -31,14 +31,18 @@ export const getAgentlessAgentPolicyNameFromPackagePolicyName = (packagePolicyNa
 };
 
 export const isOnlyAgentlessIntegration = (
-  packageInfo: Pick<PackageInfo, 'policy_templates'> | undefined
+  packageInfo?: Pick<PackageInfo, 'policy_templates'>,
+  integrationToEnable?: string
 ) => {
   if (
-    packageInfo?.policy_templates &&
-    packageInfo?.policy_templates.length > 0 &&
-    packageInfo?.policy_templates.every((policyTemplate) =>
-      isOnlyAgentlessPolicyTemplate(policyTemplate)
-    )
+    packageInfo &&
+    packageInfo.policy_templates &&
+    packageInfo.policy_templates?.length > 0 &&
+    ((integrationToEnable &&
+      packageInfo.policy_templates?.find(
+        (p) => p.name === integrationToEnable && isOnlyAgentlessPolicyTemplate(p)
+      )) ||
+      packageInfo.policy_templates?.every((p) => isOnlyAgentlessPolicyTemplate(p)))
   ) {
     return true;
   }

x-pack/platform/plugins/shared/fleet/common/types/models/epm.ts

@@ -197,6 +197,7 @@ export interface RegistryImage extends PackageSpecIcon {
 
 export interface DeploymentsModesDefault {
   enabled: boolean;
+  is_default?: boolean;
 }
 
 export interface DeploymentsModesAgentless extends DeploymentsModesDefault {

x-pack/platform/plugins/shared/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/form.tsx

@@ -312,6 +312,7 @@ export function useOnSubmit({
       setSelectedPolicyTab,
       packageInfo,
       packagePolicy,
+      integrationToEnable,
     });
   const setupTechnologyRef = useRef<SetupTechnology | undefined>(selectedSetupTechnology);
   // sync the inputs with the agentless selector change