Improved PolicyManager error reporting #121824
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This lets us produce error messages that guide the user to add the right entitlement to the right plugin/server/etc.
prdoyle
added
>non-issue
:Core/Infra/Core
|
Pinging @elastic/es-core-infra (Team:Core/Infra) |
rjernst
approved these changes
Feb 5, 2025
| public static final ModuleEntitlements NONE = new ModuleEntitlements(Map.of(), FileAccessTree.EMPTY); | ||
| public static final String UNKNOWN_COMPONENT_NAME = "(unknown)"; | ||
| public static final String SERVER_COMPONENT_NAME = "(server)"; | ||
| public static final String AGENT_COMPONENT_NAME = "(agent)"; |
There was a problem hiding this comment.
This is actually apm agent. Just "agent" may be confused with the entitlement agent.
|
|
||
| record ModuleEntitlements(Map<Class<? extends Entitlement>, List<Entitlement>> entitlementsByType, FileAccessTree fileAccess) { | ||
| public static final ModuleEntitlements NONE = new ModuleEntitlements(Map.of(), FileAccessTree.EMPTY); | ||
| public static final String UNKNOWN_COMPONENT_NAME = "(unknown)"; |
There was a problem hiding this comment.
These can all be at most package private?
There was a problem hiding this comment.
Oh true. I think they're public from a prior revision of this code.
Avoids confusion with the entitlements agent.
prdoyle
added a commit
to prdoyle/elasticsearch
that referenced
this pull request
Feb 6, 2025
* Report componentName in ModuleEntitlements. This lets us produce error messages that guide the user to add the right entitlement to the right plugin/server/etc. * Include component names in errors and logs * Name APM agent specifically. Avoids confusion with the entitlements agent. * Entitlement component names package private * [CI] Auto commit changes from spotless --------- Co-authored-by: elasticsearchmachine <[email protected]>
prdoyle
added a commit
to prdoyle/elasticsearch
that referenced
this pull request
Feb 6, 2025
* Report componentName in ModuleEntitlements. This lets us produce error messages that guide the user to add the right entitlement to the right plugin/server/etc. * Include component names in errors and logs * Name APM agent specifically. Avoids confusion with the entitlements agent. * Entitlement component names package private * [CI] Auto commit changes from spotless --------- Co-authored-by: elasticsearchmachine <[email protected]>
elasticsearchmachine
pushed a commit
that referenced
this pull request
Feb 6, 2025
* Report componentName in ModuleEntitlements. This lets us produce error messages that guide the user to add the right entitlement to the right plugin/server/etc. * Include component names in errors and logs * Name APM agent specifically. Avoids confusion with the entitlements agent. * Entitlement component names package private * [CI] Auto commit changes from spotless --------- Co-authored-by: elasticsearchmachine <[email protected]>
elasticsearchmachine
pushed a commit
that referenced
this pull request
Feb 6, 2025
* Report componentName in ModuleEntitlements. This lets us produce error messages that guide the user to add the right entitlement to the right plugin/server/etc. * Include component names in errors and logs * Name APM agent specifically. Avoids confusion with the entitlements agent. * Entitlement component names package private * [CI] Auto commit changes from spotless --------- Co-authored-by: elasticsearchmachine <[email protected]>
elasticsearchmachine
pushed a commit
that referenced
this pull request
Feb 6, 2025
* Report componentName in ModuleEntitlements. This lets us produce error messages that guide the user to add the right entitlement to the right plugin/server/etc. * Include component names in errors and logs * Name APM agent specifically. Avoids confusion with the entitlements agent. * Entitlement component names package private * [CI] Auto commit changes from spotless --------- Co-authored-by: elasticsearchmachine <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
The current errors and logs don't give an indication of which plugin (or server or agent) is requesting the entitlement, and so it's hard to know what needs fixing.
Also, instead of the
requestingClass, we sometimes report thecallerClass, which is not useful or relevant.Fix
In the memoized
ModuleEntitlementsrecord, include the name of the "component". This is either the plugin name, or else a special string like(server)or(agent).Clean up the exceptions and logging to report the component, module, and class information in a consistent order and format.