[Actions] set max limit on size of emails sent (#239572)

resolves #235127

## Summary

## ToDo

- [ ] issue to update cloud for new config setting
- [ ] issue to lower default value based on existing usage
- [ ] issue to surface error in rule execution UX

### Checklist

Check the PR satisfies following conditions. 

Reviewers should verify this PR satisfies this list as well.

- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
- [ ] Review the [backport
guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)
and apply applicable `backport:*` labels.

---------

Co-authored-by: kibanamachine <[email protected]>
Co-authored-by: Elastic Machine <[email protected]>

Author: 3 people

docs/reference/cloud/elastic-cloud-kibana-settings.md

@@ -74,6 +74,14 @@ If you want to allow anonymous authentication in Kibana, these settings are supp
 
 You can configure the following X-Pack settings from the Kibana **User Settings** editor.
 
+### Version 9.3+ [ec_version_9_3]
+```{applies_to}
+stack: ga 9.3
+```
+
+`xpack.actions.email.maximum_body_length`
+:    The maximum length of an email body in bytes.  Values longer than this length will be truncated.  The default is 25MB, the maximum is 25MB.
+
 ### Version 9.2+ [ec_version_9_2]
 ```{applies_to}
 stack: ga 9.2

docs/reference/configuration-reference/alerting-settings.md

@@ -151,6 +151,9 @@ $$$action-config-email-domain-allowlist$$$
 
     Only "to", "cc", or "bcc" email addresses that match the listed patterns will be accepted. For example, "[email protected]" or "[email protected]".
 
+`xpack.actions.email.maximum_body_length` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ech}}") {applies_to}`stack: ga 9.3`
+:    The maximum length of an email body in bytes.  Values longer than this length will be truncated.  The default is 25MB, the maximum is 25MB.
+
 `xpack.actions.email.services.ses.host` ![logo cloud](https://doc-icons.s3.us-east-2.amazonaws.com/logo_cloud.svg "Supported on {{ech}}") {applies_to}`stack: ga 9.1`
 :    The SMTP endpoint for an Amazon Simple Email Service (SES) service provider that can be used by email connectors.
 

src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker

@@ -219,6 +219,7 @@ kibana_vars=(
     xpack.actions.customHostSettings
     xpack.actions.email.domain_allowlist
     xpack.actions.email.recipient_allowlist
+    xpack.actions.email.maximum_body_length
     xpack.actions.email.services.ses.host
     xpack.actions.email.services.ses.port
     xpack.actions.email.services.enabled

x-pack/platform/plugins/shared/actions/common/index.ts

@@ -78,3 +78,9 @@ export const ACTIONS_FEATURE_ID = 'actions';
 export const DEFAULT_MICROSOFT_EXCHANGE_URL = 'https://login.microsoftonline.com';
 export const DEFAULT_MICROSOFT_GRAPH_API_URL = 'https://graph.microsoft.com/v1.0';
 export const DEFAULT_MICROSOFT_GRAPH_API_SCOPE = 'https://graph.microsoft.com/.default';
+
+// Default == max, which we will change later when we have more
+// information on email sizes.  Greater than 25MB does seem to cause
+// OOMs, so that seems like a safe limit for now.
+export const MAX_EMAIL_BODY_LENGTH = 25 * 1000 * 1000; // 25MB
+export const DEFAULT_EMAIL_BODY_LENGTH = MAX_EMAIL_BODY_LENGTH;

x-pack/platform/plugins/shared/actions/server/actions_config.mock.ts

@@ -9,6 +9,7 @@ import {
   DEFAULT_MICROSOFT_EXCHANGE_URL,
   DEFAULT_MICROSOFT_GRAPH_API_SCOPE,
   DEFAULT_MICROSOFT_GRAPH_API_URL,
+  DEFAULT_EMAIL_BODY_LENGTH,
 } from '../common';
 import type { ActionsConfigurationUtilities } from './actions_config';
 
@@ -45,6 +46,7 @@ const createActionsConfigMock = () => {
     }),
     getAwsSesConfig: jest.fn().mockReturnValue(null),
     getEnabledEmailServices: jest.fn().mockReturnValue(['*']),
+    getMaxEmailBodyLength: jest.fn().mockReturnValue(DEFAULT_EMAIL_BODY_LENGTH),
   };
   return mocked;
 };

x-pack/platform/plugins/shared/actions/server/actions_config.test.ts

@@ -11,6 +11,8 @@ import {
   DEFAULT_MICROSOFT_EXCHANGE_URL,
   DEFAULT_MICROSOFT_GRAPH_API_SCOPE,
   DEFAULT_MICROSOFT_GRAPH_API_URL,
+  MAX_EMAIL_BODY_LENGTH,
+  DEFAULT_EMAIL_BODY_LENGTH,
 } from '../common';
 import {
   getActionsConfigurationUtilities,
@@ -573,6 +575,52 @@ describe('validateEmailAddresses()', () => {
   });
 });
 
+describe('getMaxEmailBodyLength() ', () => {
+  function getAcu(maxEmailBodyLength?: number) {
+    const actionsConfig =
+      maxEmailBodyLength == null
+        ? defaultActionsConfig
+        : {
+            ...defaultActionsConfig,
+            email: {
+              maximum_body_length: maxEmailBodyLength,
+            },
+          };
+
+    return getActionsConfigurationUtilities(actionsConfig);
+  }
+
+  test('default value is as expected', async () => {
+    const acu = getAcu();
+    const actual = acu.getMaxEmailBodyLength();
+    expect(actual).toBe(DEFAULT_EMAIL_BODY_LENGTH);
+  });
+
+  test('value coerced to minimum of range if below', async () => {
+    const acu = getAcu(-100);
+    const actual = acu.getMaxEmailBodyLength();
+    expect(actual).toBe(0);
+  });
+
+  test('value of 0 accepted', async () => {
+    const acu = getAcu(0);
+    const actual = acu.getMaxEmailBodyLength();
+    expect(actual).toBe(0);
+  });
+
+  test('value within range is passed through', async () => {
+    const acu = getAcu(100);
+    const actual = acu.getMaxEmailBodyLength();
+    expect(actual).toBe(100);
+  });
+
+  test('value coerced to maximum of range if above', async () => {
+    const acu = getAcu(MAX_EMAIL_BODY_LENGTH + 100);
+    const actual = acu.getMaxEmailBodyLength();
+    expect(actual).toBe(MAX_EMAIL_BODY_LENGTH);
+  });
+});
+
 describe('getMaxAttempts()', () => {
   test('returns the maxAttempts defined in config', () => {
     const acu = getActionsConfigurationUtilities({

x-pack/platform/plugins/shared/actions/server/actions_config.ts

@@ -18,7 +18,12 @@ import { ActionTypeDisabledError } from './lib';
 import type { AwsSesConfig, ProxySettings, ResponseSettings, SSLSettings } from './types';
 import { getSSLSettingsFromConfig } from './lib/get_node_ssl_options';
 import type { ValidateEmailAddressesOptions } from '../common';
-import { validateEmailAddresses, invalidEmailsAsMessage } from '../common';
+import {
+  validateEmailAddresses,
+  invalidEmailsAsMessage,
+  DEFAULT_EMAIL_BODY_LENGTH,
+  MAX_EMAIL_BODY_LENGTH,
+} from '../common';
 export { AllowedHosts, EnabledActionTypes } from './config';
 
 enum AllowListingField {
@@ -64,6 +69,7 @@ export interface ActionsConfigurationUtilities {
   };
   getAwsSesConfig: () => AwsSesConfig;
   getEnabledEmailServices: () => string[];
+  getMaxEmailBodyLength: () => number;
 }
 
 function allowListErrorMessage(field: AllowListingField, value: string) {
@@ -267,5 +273,10 @@ export function getActionsConfigurationUtilities(
 
       return ['*'];
     },
+    getMaxEmailBodyLength() {
+      const configuredLength = config.email?.maximum_body_length ?? DEFAULT_EMAIL_BODY_LENGTH;
+      const nonNegativeLength = Math.max(0, configuredLength);
+      return Math.min(nonNegativeLength, MAX_EMAIL_BODY_LENGTH);
+    },
   };
 }

x-pack/platform/plugins/shared/actions/server/config.test.ts

@@ -5,6 +5,7 @@
  * 2.0.
  */
 
+import { MAX_EMAIL_BODY_LENGTH } from '../common';
 import type { ActionsConfig } from './config';
 import { configSchema, getValidatedConfig } from './config';
 import type { Logger } from '@kbn/core/server';
@@ -227,11 +228,6 @@ describe('config validation', () => {
     let result = configSchema.validate(config);
     expect(result.email === undefined);
 
-    config.email = {};
-    expect(() => configSchema.validate(config)).toThrowErrorMatchingInlineSnapshot(
-      `"[email]: email.domain_allowlist, email.recipient_allowlist, or email.services must be defined"`
-    );
-
     config.email = { domain_allowlist: [] };
     result = configSchema.validate(config);
     expect(result.email?.domain_allowlist).toEqual([]);
@@ -248,13 +244,6 @@ describe('config validation', () => {
       expect(result.email === undefined);
     });
 
-    test('validates empty email config', () => {
-      config.email = {};
-      expect(() => configSchema.validate(config)).toThrowErrorMatchingInlineSnapshot(
-        `"[email]: email.domain_allowlist, email.recipient_allowlist, or email.services must be defined"`
-      );
-    });
-
     test('validates email config with recipient_allowlist = null', () => {
       config.email = { recipient_allowlist: null };
       expect(() => configSchema.validate(config)).toThrowErrorMatchingInlineSnapshot(
@@ -283,6 +272,74 @@ describe('config validation', () => {
     });
   });
 
+  describe('email.maximum_body_length', () => {
+    // note, this just tests the current behavior, but if we change so the
+    // default was ALWAYS the defined default, it's fine to change it.
+    test('validates that the value is undefined with no email parent', () => {
+      const validatedConfig = configSchema.validate({});
+      expect(validatedConfig.email?.maximum_body_length).toBe(undefined);
+    });
+
+    test('validates with value 0', () => {
+      const validatedConfig = configSchema.validate({
+        email: {
+          maximum_body_length: 0,
+        },
+      });
+      expect(validatedConfig.email?.maximum_body_length).toBe(0);
+    });
+
+    test('validates valid value set', () => {
+      const validatedConfig = configSchema.validate({
+        email: {
+          maximum_body_length: 42,
+        },
+      });
+      expect(validatedConfig.email?.maximum_body_length).toBe(42);
+    });
+
+    test('throws error on negative value', () => {
+      const config = {
+        email: {
+          maximum_body_length: -42,
+        },
+      };
+
+      expect(() => configSchema.validate(config)).toThrowErrorMatchingInlineSnapshot(
+        `"[email.maximum_body_length]: Value must be equal to or greater than [0]."`
+      );
+    });
+
+    test('logs warning when value is greater than max', () => {
+      const config = {
+        email: {
+          maximum_body_length: MAX_EMAIL_BODY_LENGTH + 1,
+        },
+      };
+      const validatedConfig = getValidatedConfig(mockLogger, configSchema.validate(config));
+
+      // value is still > max here, fixed in actionConfigUtils getMaxEmailBodyLength()
+      expect(validatedConfig.email?.maximum_body_length).toBe(MAX_EMAIL_BODY_LENGTH + 1);
+      expect(mockLogger.warn.mock.calls[0][0]).toBe(
+        'The configuration xpack.actions.email.maximum_body_length value 25000001 is larger than the maximum setting of 25000000 and the maximum value will be used instead'
+      );
+    });
+
+    test('logs warning on zero value', () => {
+      const config = {
+        email: {
+          maximum_body_length: 0,
+        },
+      };
+      const validatedConfig = getValidatedConfig(mockLogger, configSchema.validate(config));
+
+      expect(validatedConfig.email?.maximum_body_length).toBe(0);
+      expect(mockLogger.warn.mock.calls[0][0]).toBe(
+        'The configuration xpack.actions.email.maximum_body_length is set to 0 and will result in sending empty emails'
+      );
+    });
+  });
+
   test('throws when domain_allowlist and recipient_allowlist are used at the same time', () => {
     const config: Record<string, unknown> = {};
     const result = configSchema.validate(config);
@@ -370,13 +427,6 @@ describe('config validation', () => {
       expect(configSchema.validate(config).email).toBe(undefined);
     });
 
-    test('validates empty email config', () => {
-      config.email = {};
-      expect(() => configSchema.validate(config)).toThrowErrorMatchingInlineSnapshot(
-        `"[email]: email.domain_allowlist, email.recipient_allowlist, or email.services must be defined"`
-      );
-    });
-
     test('validates email config with empty services', () => {
       config.email = { services: {} };
       expect(() => configSchema.validate(config)).toThrowErrorMatchingInlineSnapshot(

x-pack/platform/plugins/shared/actions/server/config.ts

@@ -12,7 +12,10 @@ import {
   DEFAULT_MICROSOFT_EXCHANGE_URL,
   DEFAULT_MICROSOFT_GRAPH_API_SCOPE,
   DEFAULT_MICROSOFT_GRAPH_API_URL,
+  DEFAULT_EMAIL_BODY_LENGTH,
+  MAX_EMAIL_BODY_LENGTH,
 } from '../common';
+
 import { validateDuration } from './lib/parse_date';
 
 export enum AllowedHosts {
@@ -142,6 +145,9 @@ export const configSchema = schema.object({
       {
         domain_allowlist: schema.maybe(schema.arrayOf(schema.string())),
         recipient_allowlist: schema.maybe(schema.arrayOf(schema.string(), { minSize: 1 })),
+        maximum_body_length: schema.maybe(
+          schema.number({ min: 0, defaultValue: DEFAULT_EMAIL_BODY_LENGTH })
+        ),
         services: schema.maybe(
           schema.object(
             {
@@ -253,6 +259,21 @@ export function getValidatedConfig(logger: Logger, originalConfig: ActionsConfig
     return tmp as ActionsConfig;
   }
 
+  if (originalConfig.email && originalConfig.email.maximum_body_length != null) {
+    const emailMaximumBodyLength = originalConfig.email.maximum_body_length;
+    if (emailMaximumBodyLength === 0) {
+      logger.warn(
+        `The configuration xpack.actions.email.maximum_body_length is set to 0 and will result in sending empty emails`
+      );
+    }
+
+    if (emailMaximumBodyLength > MAX_EMAIL_BODY_LENGTH) {
+      logger.warn(
+        `The configuration xpack.actions.email.maximum_body_length value ${emailMaximumBodyLength} is larger than the maximum setting of ${MAX_EMAIL_BODY_LENGTH} and the maximum value will be used instead`
+      );
+    }
+  }
+
   return originalConfig;
 }