fix chained findings monitor logic in update detector flow #1019
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Surya Sashank Nistala <[email protected]>
eirsep
requested review from
amsiglan,
AWSHurneyt,
getsaurabh02,
lezzago,
praveensameneni,
sbcd90,
jowg-amazon,
engechas,
goyamegh and
riysaxen-amzn
as code owners
engechas
previously approved these changes
May 8, 2024
| @@ -465,6 +465,18 @@ public void onResponse(Map<String, Map<String, String>> ruleFieldMappings) { | |||
| new ActionListener<>() { | |||
| @Override | |||
| public void onResponse(Collection<IndexMonitorRequest> indexMonitorRequests) { | |||
| if (detector.getRuleIdMonitorIdMap().containsKey("chained_findings_monitor")) { | |||
There was a problem hiding this comment.
chained_findings_monitor should be a constant
| @@ -465,6 +465,18 @@ public void onResponse(Map<String, Map<String, String>> ruleFieldMappings) { | |||
| new ActionListener<>() { | |||
| @Override | |||
| public void onResponse(Collection<IndexMonitorRequest> indexMonitorRequests) { | |||
| if (detector.getRuleIdMonitorIdMap().containsKey("chained_findings_monitor")) { | |||
| String cmfId = detector.getRuleIdMonitorIdMap().get("chained_findings_monitor"); | |||
| if (enabledWorkflowUsage && !indexMonitorRequests.isEmpty() && rulesById.stream().anyMatch(it -> it.getRight().isAggregationRule())) { | |||
There was a problem hiding this comment.
Triplicate condition + same logic on line 475. Should be refactored to a private method, something like workflowContainsAggregationRule()
| if (detector.getRuleIdMonitorIdMap().containsKey("chained_findings_monitor")) { | ||
| String cmfId = detector.getRuleIdMonitorIdMap().get("chained_findings_monitor"); | ||
| if (enabledWorkflowUsage && !indexMonitorRequests.isEmpty() && rulesById.stream().anyMatch(it -> it.getRight().isAggregationRule())) { | ||
| //todo update not create chained findings monitor |
There was a problem hiding this comment.
Should create and link an issue for this. Or at least elaborate on why this todo exists
There was a problem hiding this comment.
Do we know why the chained monitor gets deleted in the first place?
There was a problem hiding this comment.
removing TODO. its resolved
jowg-amazon
previously approved these changes
May 8, 2024
praveensameneni
previously approved these changes
May 9, 2024
…reate constant for chained findings monitor string literal Signed-off-by: Surya Sashank Nistala <[email protected]>
eirsep
dismissed stale reviews from praveensameneni, jowg-amazon, and engechas
via
f9e276a
praveensameneni
approved these changes
May 9, 2024
jowg-amazon
approved these changes
May 9, 2024
engechas
approved these changes
May 9, 2024
|
The backport to To backport manually, run these commands in your terminal: # Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/security-analytics/backport-2.11 2.11
# Navigate to the new working tree
pushd ../.worktrees/security-analytics/backport-2.11
# Create a new branch
git switch --create backport-1019-to-2.11
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 df5f7466c3388050654af4199d6437a4a2dc2b08
# Push it to GitHub
git push --set-upstream origin backport-1019-to-2.11
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/security-analytics/backport-2.11Then, create a pull request where the |
|
The backport to To backport manually, run these commands in your terminal: # Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/security-analytics/backport-2.13 2.13
# Navigate to the new working tree
pushd ../.worktrees/security-analytics/backport-2.13
# Create a new branch
git switch --create backport-1019-to-2.13
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 df5f7466c3388050654af4199d6437a4a2dc2b08
# Push it to GitHub
git push --set-upstream origin backport-1019-to-2.13
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/security-analytics/backport-2.13Then, create a pull request where the |
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
May 9, 2024
* fix chained findings monitor logic in update detector flow Signed-off-by: Surya Sashank Nistala <[email protected]> * extract check for chained findings monitor into a re-usable method. create constant for chained findings monitor string literal Signed-off-by: Surya Sashank Nistala <[email protected]> --------- Signed-off-by: Surya Sashank Nistala <[email protected]> (cherry picked from commit df5f746) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
eirsep
pushed a commit
that referenced
this pull request
May 9, 2024
…1020) * fix chained findings monitor logic in update detector flow * extract check for chained findings monitor into a re-usable method. create constant for chained findings monitor string literal --------- (cherry picked from commit df5f746) Signed-off-by: Surya Sashank Nistala <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
opensearch-trigger-bot bot
added a commit
that referenced
this pull request
May 9, 2024
…1020) * fix chained findings monitor logic in update detector flow * extract check for chained findings monitor into a re-usable method. create constant for chained findings monitor string literal --------- (cherry picked from commit df5f746) Signed-off-by: Surya Sashank Nistala <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> (cherry picked from commit c162a6f)
opensearch-trigger-bot bot
added a commit
that referenced
this pull request
May 9, 2024
…1020) * fix chained findings monitor logic in update detector flow * extract check for chained findings monitor into a re-usable method. create constant for chained findings monitor string literal --------- (cherry picked from commit df5f746) Signed-off-by: Surya Sashank Nistala <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> (cherry picked from commit c162a6f)
eirsep
pushed a commit
that referenced
this pull request
May 9, 2024
…1020) (#1023) * fix chained findings monitor logic in update detector flow * extract check for chained findings monitor into a re-usable method. create constant for chained findings monitor string literal --------- (cherry picked from commit df5f746) Signed-off-by: Surya Sashank Nistala <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> (cherry picked from commit c162a6f) Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Currently when updating a detector with aggegation rules, the chained finding doc levelmonitor is getting deleted
This PR fixes the logic to update/retain the chained finding doc level monitor
Added to integ test to verify detector behaviour after updating detector.