Add alert rule management (#292)

* Generate Kibana Alerting API client

* Add kibana encryption key to support alerts

* Add Alerting client to the ApiClient

* Add alerting rule resource

* Add docs template

* Update docs

* Fix acceptance tests

* Apply suggestions from code review

Co-authored-by: Dmitry Onishchenko <[email protected]>

* PR feedback

* CHANGELOG.md

* Fix acceptance tests

---------

Co-authored-by: Dmitry Onishchenko <[email protected]>

Author: tobio

.github/workflows/test.yml

@@ -62,6 +62,7 @@ jobs:
           discovery.type: single-node
           xpack.license.self_generated.type: trial
           xpack.security.enabled: true
+          xpack.security.authc.api_key.enabled: true
           xpack.watcher.enabled: true
           repositories.url.allowed_urls: https://example.com/*
           path.repo: /tmp
@@ -76,6 +77,7 @@ jobs:
           ELASTICSEARCH_HOSTS: http://elasticsearch:9200
           ELASTICSEARCH_USERNAME: ${{ env.KIBANA_SYSTEM_USERNAME }}
           ELASTICSEARCH_PASSWORD: ${{ env.KIBANA_SYSTEM_PASSWORD }}
+          XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY: a7a6311933d3503b89bc2dbc36572c33a6c10925682e591bffcab6911c06786d
         ports:
           - 5601:5601
 

CHANGELOG.md

@@ -21,6 +21,7 @@
 - Add `elasticstack_kibana_space` for managing Kibana spaces ([#272](https://github.com./elastic/terraform-provider-elasticstack/pull/272))
 - Add `elasticstack_elasticsearch_transform` for managing Elasticsearch transforms ([#284](https://github.com./elastic/terraform-provider-elasticstack/pull/284))
 - Add `elasticstack_elasticsearch_watch` for managing Elasticsearch Watches ([#155](https://github.com./elastic/terraform-provider-elasticstack/pull/155))
+- Add `elasticstack_kibana_alerting_rule` for managing Kibana alerting rules ([#292](https://github.com./elastic/terraform-provider-elasticstack/pull/292))
 
 ### Fixed
 - Respect `ignore_unavailable` and `include_global_state` values when configuring SLM policies ([#224](https://github.com./elastic/terraform-provider-elasticstack/pull/224))

Makefile

@@ -11,6 +11,7 @@ ACCTEST_PARALLELISM ?= 10
 ACCTEST_TIMEOUT = 120m
 ACCTEST_COUNT = 1
 TEST ?= ./...
+SWAGGER_VERSION ?= 8.7
 
 GOVERSION ?= 1.19
 
@@ -86,6 +87,7 @@ docker-elasticsearch: docker-network ## Start Elasticsearch single node cluster
 		-p 9200:9200 -p 9300:9300 \
 		-e "discovery.type=single-node" \
 		-e "xpack.security.enabled=true" \
+		-e "xpack.security.authc.api_key.enabled=true" \
 		-e "xpack.watcher.enabled=true" \
 		-e "xpack.license.self_generated.type=trial" \
 		-e "repositories.url.allowed_urls=https://example.com/*" \
@@ -105,6 +107,7 @@ docker-kibana: docker-network docker-elasticsearch set-kibana-password ## Start
 		-e ELASTICSEARCH_HOSTS=$(ELASTICSEARCH_ENDPOINTS) \
 		-e ELASTICSEARCH_USERNAME=$(KIBANA_SYSTEM_USERNAME) \
 		-e ELASTICSEARCH_PASSWORD=$(KIBANA_SYSTEM_PASSWORD) \
+		-e XPACK_ENCRYPTEDSAVEDOBJECTS_ENCRYPTIONKEY=a7a6311933d3503b89bc2dbc36572c33a6c10925682e591bffcab6911c06786d \
 		-e "logging.root.level=debug" \
 		--name $(KIBANA_NAME) \
 		--network $(ELASTICSEARCH_NETWORK) \
@@ -229,3 +232,18 @@ release-notes: ## greps UNRELEASED notes from the CHANGELOG
 .PHONY: help
 help: ## this help
 	@ awk 'BEGIN {FS = ":.*##"; printf "Usage: make \033[36m<target>\033[0m\n\nTargets:\n"} /^[a-zA-Z_-]+:.*?##/ { printf "  \033[36m%-10s\033[0m\t%s\n", $$1, $$2 }' $(MAKEFILE_LIST) | column -s$$'\t' -t
+
+.PHONY: generate-alerting-client
+generate-alerting-client: ## generate Kibana alerting client
+	@ docker run --rm -v "${PWD}:/local" openapitools/openapi-generator-cli generate \
+		-i https://raw.githubusercontent.com/elastic/kibana/$(SWAGGER_VERSION)/x-pack/plugins/alerting/docs/openapi/bundled.json \
+		--skip-validate-spec \
+		--git-repo-id terraform-provider-elasticstack \
+		--git-user-id elastic \
+		-p isGoSubmodule=true \
+		-p packageName=alerting \
+		-p generateInterfaces=true \
+		-g go \
+		-o /local/generated/alerting
+	@ rm -rf generated/alerting/go.mod generated/alerting/go.sum generated/alerting/test
+	@ go fmt ./generated/...

docs/resources/kibana_alerting_rule.md

@@ -0,0 +1,89 @@
+---
+subcategory: "Kibana"
+layout: ""
+page_title: "Elasticstack: elasticstack_kibana_alerting_rule Resource"
+description: |-
+  Creates or updates a Kibana alerting rule.
+---
+
+# Resource: elasticstack_kibana_alerting_rule
+
+Creates or updates a Kibana alerting rule. See https://www.elastic.co/guide/en/kibana/8.6/create-and-manage-rules.html
+
+## Example Usage
+
+```terraform
+provider "elasticstack" {
+  elasticsearch {}
+}
+
+resource "elasticstack_kibana_alerting_rule" "example" {
+  name        = "%s"
+  consumer    = "alerts"
+  notify_when = "onActiveAlert"
+  params = jsonencode({
+    aggType             = "avg"
+    groupBy             = "top"
+    termSize            = 10
+    timeWindowSize      = 10
+    timeWindowUnit      = "s"
+    threshold           = [10]
+    thresholdComparator = ">"
+    index               = ["test-index"]
+    timeField           = "@timestamp"
+    aggField            = "version"
+    termField           = "name"
+  })
+  rule_type_id = ".index-threshold"
+  interval     = "1m"
+  enabled      = true
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `consumer` (String) The name of the application or feature that owns the rule.
+- `interval` (String) The check interval, which specifies how frequently the rule conditions are checked. The interval must be specified in seconds, minutes, hours or days.
+- `name` (String) The name of the rule. While this name does not have to be unique, a distinctive name can help you identify a rule.
+- `notify_when` (String) Defines how often alerts generate actions. One of `onActionGroupChange`, `onActiveAlert`, or `onThrottleInterval`
+- `params` (String) The parameters to pass to the rule type executor params value. This will also validate against the rule type params validator, if defined.
+- `rule_type_id` (String) The ID of the rule type that you want to call when the rule is scheduled to run. For more information, refer to Rule types documentation (https://www.elastic.co/guide/en/kibana/master/rule-types.html).
+
+### Optional
+
+- `actions` (Block List) An array of action objects (see [below for nested schema](#nestedblock--actions))
+- `enabled` (Boolean) Indicates if you want to run the rule on an interval basis
+- `rule_id` (String) A UUID v1 or v4 to use instead of a randomly generated ID.
+- `space_id` (String) An identifier for the space. If space_id is not provided, the default space is used.
+- `tags` (List of String) A list of tag names that are applied to the rule
+- `throttle` (String) Defines how often an alert generates repeated actions. This custom action interval must be specified in seconds, minutes, hours, or days. For example, 10m or 1h. This property is used only if notify_when is onThrottleInterval.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `last_execution_date` (String) Date of the last execution of this rule.
+- `last_execution_status` (String) Status of the last execution of this rule.
+- `scheduled_task_id` (String) ID of the scheduled task that will execute the alert.
+
+<a id="nestedblock--actions"></a>
+### Nested Schema for `actions`
+
+Required:
+
+- `id` (String) The ID of the connector saved object.
+- `params` (String) The map to the `params` that the connector type will receive.
+
+Optional:
+
+- `group` (String) Grouping actions is recommended for escalations for different types of alerts.
+
+## Import
+
+Import is supported using the following syntax:
+
+```shell
+terraform import elasticstack_kibana_alerting_rule.my_rule <space id>/<rule id>
+```

examples/resources/elasticstack_kibana_alerting_rule/import.sh

@@ -0,0 +1 @@
+terraform import elasticstack_kibana_alerting_rule.my_rule <space id>/<rule id>

examples/resources/elasticstack_kibana_alerting_rule/resource.tf

@@ -0,0 +1,25 @@
+provider "elasticstack" {
+  elasticsearch {}
+}
+
+resource "elasticstack_kibana_alerting_rule" "example" {
+  name        = "%s"
+  consumer    = "alerts"
+  notify_when = "onActiveAlert"
+  params = jsonencode({
+    aggType             = "avg"
+    groupBy             = "top"
+    termSize            = 10
+    timeWindowSize      = 10
+    timeWindowUnit      = "s"
+    threshold           = [10]
+    thresholdComparator = ">"
+    index               = ["test-index"]
+    timeField           = "@timestamp"
+    aggField            = "version"
+    termField           = "name"
+  })
+  rule_type_id = ".index-threshold"
+  interval     = "1m"
+  enabled      = true
+}

generated/alerting/.gitignore

@@ -0,0 +1,24 @@
+# Compiled Object files, Static and Dynamic libs (Shared Objects)
+*.o
+*.a
+*.so
+
+# Folders
+_obj
+_test
+
+# Architecture specific extensions/prefixes
+*.[568vq]
+[568vq].out
+
+*.cgo1.go
+*.cgo2.c
+_cgo_defun.c
+_cgo_gotypes.go
+_cgo_export.*
+
+_testmain.go
+
+*.exe
+*.test
+*.prof

generated/alerting/.openapi-generator-ignore

@@ -0,0 +1,23 @@
+# OpenAPI Generator Ignore
+# Generated by openapi-generator https://github.com./openapitools/openapi-generator
+
+# Use this file to prevent files from being overwritten by the generator.
+# The patterns follow closely to .gitignore or .dockerignore.
+
+# As an example, the C# client generator defines ApiClient.cs.
+# You can make changes and tell OpenAPI Generator to ignore just this file by uncommenting the following line:
+#ApiClient.cs
+
+# You can match any string of characters against a directory, file or extension with a single asterisk (*):
+#foo/*/qux
+# The above matches foo/bar/qux and foo/baz/qux, but not foo/bar/baz/qux
+
+# You can recursively match patterns against a directory, file or extension with a double asterisk (**):
+#foo/**/qux
+# This matches foo/bar/qux, foo/baz/qux, and foo/bar/baz/qux
+
+# You can also negate patterns with an exclamation (!).
+# For example, you can ignore all files in a docs folder with the file extension .md:
+#docs/*.md
+# Then explicitly reverse the ignore rule for a single file:
+#!docs/README.md

generated/alerting/.openapi-generator/FILES

@@ -0,0 +1,110 @@
+.gitignore
+.travis.yml
+README.md
+api/openapi.yaml
+api_alerting.go
+client.go
+configuration.go
+docs/ActionsInner.md
+docs/ActionsInnerFrequency.md
+docs/AlertResponseProperties.md
+docs/AlertResponsePropertiesExecutionStatus.md
+docs/AlertResponsePropertiesSchedule.md
+docs/AlertingApi.md
+docs/CreateRuleRequest.md
+docs/FindRules200Response.md
+docs/FindRulesHasReferenceParameter.md
+docs/FindRulesSearchFieldsParameter.md
+docs/GetAlertingHealth200Response.md
+docs/GetAlertingHealth200ResponseAlertingFrameworkHealth.md
+docs/GetAlertingHealth200ResponseAlertingFrameworkHealthDecryptionHealth.md
+docs/GetAlertingHealth200ResponseAlertingFrameworkHealthExecutionHealth.md
+docs/GetAlertingHealth200ResponseAlertingFrameworkHealthReadHealth.md
+docs/GetAlertingHealth200ResponseAlertingFrameworkHeath.md
+docs/GetAlertingHealth200ResponseAlertingFrameworkHeathDecryptionHealth.md
+docs/GetRuleTypes200ResponseInner.md
+docs/GetRuleTypes200ResponseInnerActionGroupsInner.md
+docs/GetRuleTypes200ResponseInnerActionVariables.md
+docs/GetRuleTypes200ResponseInnerActionVariablesContextInner.md
+docs/GetRuleTypes200ResponseInnerActionVariablesParamsInner.md
+docs/GetRuleTypes200ResponseInnerAuthorizedConsumers.md
+docs/GetRuleTypes200ResponseInnerAuthorizedConsumersAlerts.md
+docs/GetRuleTypes200ResponseInnerRecoveryActionGroup.md
+docs/LegacyCreateAlertRequestProperties.md
+docs/LegacyCreateAlertRequestPropertiesSchedule.md
+docs/LegacyFindAlerts200Response.md
+docs/LegacyGetAlertTypes200ResponseInner.md
+docs/LegacyGetAlertTypes200ResponseInnerActionVariables.md
+docs/LegacyGetAlertTypes200ResponseInnerActionVariablesContextInner.md
+docs/LegacyGetAlertTypes200ResponseInnerRecoveryActionGroup.md
+docs/LegacyGetAlertingHealth200Response.md
+docs/LegacyGetAlertingHealth200ResponseAlertingFrameworkHealth.md
+docs/LegacyGetAlertingHealth200ResponseAlertingFrameworkHealthDecryptionHealth.md
+docs/LegacyGetAlertingHealth200ResponseAlertingFrameworkHealthExecutionHealth.md
+docs/LegacyGetAlertingHealth200ResponseAlertingFrameworkHealthReadHealth.md
+docs/LegacyUpdateAlertRequestProperties.md
+docs/LegacyUpdateAlertRequestPropertiesActionsInner.md
+docs/LegacyUpdateAlertRequestPropertiesSchedule.md
+docs/Model401Response.md
+docs/Model404Response.md
+docs/NotifyWhen.md
+docs/RuleResponseProperties.md
+docs/RuleResponsePropertiesExecutionStatus.md
+docs/RuleResponsePropertiesLastRun.md
+docs/RuleResponsePropertiesLastRunAlertsCount.md
+docs/Schedule.md
+docs/UpdateRuleRequest.md
+git_push.sh
+go.mod
+go.sum
+model_401_response.go
+model_404_response.go
+model_actions_inner.go
+model_actions_inner_frequency.go
+model_alert_response_properties.go
+model_alert_response_properties_execution_status.go
+model_alert_response_properties_schedule.go
+model_create_rule_request.go
+model_find_rules_200_response.go
+model_find_rules_has_reference_parameter.go
+model_find_rules_search_fields_parameter.go
+model_get_alerting_health_200_response.go
+model_get_alerting_health_200_response_alerting_framework_health.go
+model_get_alerting_health_200_response_alerting_framework_health_decryption_health.go
+model_get_alerting_health_200_response_alerting_framework_health_execution_health.go
+model_get_alerting_health_200_response_alerting_framework_health_read_health.go
+model_get_alerting_health_200_response_alerting_framework_heath.go
+model_get_alerting_health_200_response_alerting_framework_heath_decryption_health.go
+model_get_rule_types_200_response_inner.go
+model_get_rule_types_200_response_inner_action_groups_inner.go
+model_get_rule_types_200_response_inner_action_variables.go
+model_get_rule_types_200_response_inner_action_variables_context_inner.go
+model_get_rule_types_200_response_inner_action_variables_params_inner.go
+model_get_rule_types_200_response_inner_authorized_consumers.go
+model_get_rule_types_200_response_inner_authorized_consumers_alerts.go
+model_get_rule_types_200_response_inner_recovery_action_group.go
+model_legacy_create_alert_request_properties.go
+model_legacy_create_alert_request_properties_schedule.go
+model_legacy_find_alerts_200_response.go
+model_legacy_get_alert_types_200_response_inner.go
+model_legacy_get_alert_types_200_response_inner_action_variables.go
+model_legacy_get_alert_types_200_response_inner_action_variables_context_inner.go
+model_legacy_get_alert_types_200_response_inner_recovery_action_group.go
+model_legacy_get_alerting_health_200_response.go
+model_legacy_get_alerting_health_200_response_alerting_framework_health.go
+model_legacy_get_alerting_health_200_response_alerting_framework_health_decryption_health.go
+model_legacy_get_alerting_health_200_response_alerting_framework_health_execution_health.go
+model_legacy_get_alerting_health_200_response_alerting_framework_health_read_health.go
+model_legacy_update_alert_request_properties.go
+model_legacy_update_alert_request_properties_actions_inner.go
+model_legacy_update_alert_request_properties_schedule.go
+model_notify_when.go
+model_rule_response_properties.go
+model_rule_response_properties_execution_status.go
+model_rule_response_properties_last_run.go
+model_rule_response_properties_last_run_alerts_count.go
+model_schedule.go
+model_update_rule_request.go
+response.go
+test/api_alerting_test.go
+utils.go

generated/alerting/.openapi-generator/VERSION

@@ -0,0 +1 @@
+6.5.0-SNAPSHOT

generated/alerting/.travis.yml

@@ -0,0 +1,8 @@
+language: go
+
+install:
+  - go get -d -v .
+
+script:
+  - go build -v ./
+