Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Allow bulk upgrade rules with solvable conflicts #213285

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

[Security Solution] Allow bulk upgrade rules with solvable conflicts #213285

wants to merge 3 commits into from

Conversation

maximpn
Copy link
Contributor

@maximpn maximpn commented Mar 5, 2025

Partially addresses: #210358

Summary

This PR implements functionality allowing users to bulk upgrade rules with solvable conflicts.

Details

This PR updates the upgrade/_perform endpoint logic to match the updated cases for our missing base version tickets. Changes include:

  • Upgrading individual rules one by one
    • Change the "Update rule" button to a "Review rule" button for rules that require review before upgrading
  • Upgrading multiple rules in bulk
    • Allow users to bulk upgrade prebuilt rules with solvable conflicts
    • Add new confirmation modal that allows users to choose whether they want to upgrade rules with solvable conflicts and no conflicts or just rules with no conflicts
  • The rule update table itself will also have another column for:
    • Rules with no conflicts (empty)
    • Rules with solvable conflicts
    • Rules with non-solvable conflicts

@maximpn maximpn added release_note:skip Skip the PR/issue when compiling release notes impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. v9.0.0 Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area backport:version Backport to applied version labels v8.18.0 v9.1.0 v8.19.0 labels Mar 5, 2025
@maximpn maximpn self-assigned this Mar 5, 2025
@elasticmachine
Copy link
Contributor

🤖 Jobs for this PR can be triggered through checkboxes. 🚧

ℹ️ To trigger the CI, please tick the checkbox below 👇

  • Click to trigger kibana-pull-request for this PR!
  • Click to trigger kibana-deploy-project-from-pr for this PR!
  • Click to trigger kibana-deploy-cloud-from-pr for this PR!

@maximpn
Copy link
Contributor Author

maximpn commented Mar 5, 2025

/ci

@elasticmachine
Copy link
Contributor

💔 Build Failed

Failed CI Steps

cc @maximpn

dplumlee
dplumlee reviewed Mar 5, 2025
View reviewed changes
...curity_solution/public/detection_engine/rule_management/hooks/use_prebuilt_rules_upgrade.tsx
@@ -111,6 +141,9 @@ export function usePrebuiltRulesUpgrade({
)
);

const { noConflictRuleIds, solvableConflictRuleIds, nonSolvableConflictRuleIds } =
getConflictRuleIds(ruleIds);

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can probably be combined with the logic in conflictRuleIdsSet but this allows us to easily use the same logic in the ALL_RULES function for the confirmation modal

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dplumlee dplumlee dplumlee left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@maximpn maximpn

Labels
backport:version Backport to applied version labels Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. release_note:skip Skip the PR/issue when compiling release notes Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.18.0 v8.19.0 v9.0.0 v9.1.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@maximpn @elasticmachine @dplumlee