Hide Graph from UI when license/product tier not met

[albertoblaz]

Summary

Closes:

• https://github.com/elastic/security-team/issues/14574

Should be merged after:

• [Contextual Security] add support for new actor and target ECS schema fields #242376
• [Contextual Security] align graph visualization with ECS entity namespace fields for actor and target identification #243711

Add license tier (ESS/Self-Managed) and product tier (Serverless) checks to useGraphPreview to leverage the hasGraphRepresentation value that is used in multiple places to conditionally render the Graph in flyout and expandable flyout.

Also leveraged hasGraphRepresentation to check if feature is enabled via UI settings and simplified code.

Screenshots

Graph visible	Graph NOT visible

How to test

Self-Managed

1. Run ES: yarn es snapshot --license basic
2. Run Kibana: yarn start --no-base-path
3. Load fixtures:
   • node scripts/es_archiver load x-pack/solutions/security/test/cloud_security_posture_functional/es_archives/logs_gcp_audit --es-url http://elastic:changeme@localhost:9200 --kibana-url http://elastic:changeme@localhost:5601
   • node scripts/es_archiver load x-pack/solutions/security/test/cloud_security_posture_functional/es_archives/security_alerts_modified_mappings --es-url http://elastic:changeme@localhost:9200 --kibana-url http://elastic:changeme@localhost:5601
4. Go to Alerts page, set timerange from 3 years ago until now
5. Check Graph Visualization is NOT visible in flyout
6. Stop ES and run again with: yarn es snapshot --license trial
7. Check Graph Visualization is visible in flyout

Serverless

1. Authenticate in docker: docker login -u <username> -p <password> docker.elastic.co and run Docker app. If it prompts for signing-in, use SSO
2. Run ES: yarn es serverless --projectType security --kill
3. Add these lines into kibana.dev.yml:

server.basePath: "/kbn"

xpack.securitySolutionServerless.productTypes:
  [
    { product_line: "security", product_tier: "essentials" },
    { product_line: "endpoint", product_tier: "essentials" },
    { product_line: "cloud", product_tier: "essentials" },
  ]

4. Run Kibana: yarn serverless-security
5. Load fixtures running this script: load_serverless_fixtures.sh (Do chmod +x ./load_serverless_fixtures.sh first ofc)
6. Login with username elastic_serverless and password changeme
7. Go to Alerts page, set timerange from 3 years ago until now
8. Check Graph Visualization is NOT visible in flyout
9. In kibana.dev.yml, comment out all lines under xpack.securitySolutionServerless.productTypes
10. Check Graph Visualization is visible in flyout

Checklist

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Documentation was added for features that require explanation or tutorials
• Unit or functional tests were updated or added to match the most common scenarios
• If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the docker list
• This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The release_note:breaking label should be applied in these situations.
• Flaky Test Runner was used on any tests changed
• The PR description includes the appropriate Release Notes section, and the correct release_note:* label is applied per the guidelines
• Review the backport guidelines and apply applicable backport:* labels.

Identify risks

No risks. Feature is not public yet.

[kibanamachine]

PR Cloud deployment started at: https://buildkite.com/elastic/kibana-deploy-cloud-from-pr/builds/585

[kibanamachine]

Project deployed, see credentials at: https://buildkite.com/elastic/kibana-deploy-project-from-pr/builds/774

[elasticmachine]

Pinging @elastic/contextual-security-apps (Team:Cloud Security)

[elasticmachine]

💔 Build Failed

• Buildkite Build
• Commit: 8d5a8ab
• Cloud Deployment

Failed CI Steps

• FTR Configs #144
• FTR Configs #144
• Build Project Image
• Build Project Image
• Build Project Image

Test Failures

• [job] [logs] FTR Configs #144 / Alerting bulkDisable should bulk disable and untrack
• [job] [logs] FTR Configs #144 / Alerting bulkDisable should bulk disable and untrack

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id	before	after	diff
securitySolution	8452	8453	+1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
securitySolution	11.1MB	11.1MB	+175.0B

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id	before	after	diff
securitySolution	166.8KB	166.9KB	+88.0B
securitySolutionEss	34.4KB	34.5KB	+43.0B
securitySolutionServerless	46.3KB	46.4KB	+67.0B
total			+198.0B

History

• 💚 Build #364162 succeeded b38e1c8
• 💔 Build #363666 failed 540d4d1
• 💔 Build #363061 failed 9e18b9c
• 💔 Build #362839 failed 11850f1

cc @albertoblaz

[PhilippeOberti]

The code related to the flyout folder LGTM! I'm a bit unsure about the code related to the product feature stuff. The implementation looks a bit odd to me, but I'm unfamiliar with how it's supposed to be done.
I'm reaching out to a couple of people offline and will get back to this asap

[albertoblaz]

The code related to the flyout folder LGTM! I'm a bit unsure about the code related to the product feature stuff. The implementation looks a bit odd to me, but I'm unfamiliar with how it's supposed to be done. I'm reaching out to a couple of people offline and will get back to this asap

Thanks @PhilippeOberti! I was also a bit skeptical of the approach taken but I'm unfamiliar with gating features in Serverless. I noticed there's a pricing engine that is used in other places, but I sticked to the established pattern within Security Solution, according to these docs:

• Serverless Features

Appreciated if you ping the right people to have a look at it :)