[Fleet] RBAC - Make agents write APIs space aware - 4/4

[jillguyonnet]

Summary

Closes #185040

Followup to:
#188507
#189519
#190069

This PR contains the last required changed for making Fleet agents write APIs space aware:

• Implement space awareness in the following endpoints:
  • POST /agents/{agentId}/unenroll
  • POST /agents/{agentId}/request_diagnostics
  • POST /agents/bulk_unenroll
  • POST /agents/bulk_request_diagnostics
• Fix a bug in POST /agents/bulk_update_agent_tags where the space id was not passed.
• Simply the setting of the namespaces property when creating agent actions when the space id is known.
• Rename currentNamespace to currentSpaceId where appropriate (see comment below).
• Add API integration tests and consolidate existing ones. ⚠️ At the time of writing, I would like there to be more tests covering bulk query processing in batches, which are currently lacking. I have experienced difficulties getting those tests to pass consistently. Filed followup issue for those.

A note on terminology

As pointed out in #191083 (comment), it seems that the terms "namespace" and "space id" are occasionally used interchangeably in some parts of the codebase to refer to a Kibana space. For instance, documents in Fleet indices (agents, agent policies, agent actions...) possess a namespaces property to track the spaces they belong to. The current space id is also returned using the Saved Object client's getCurrentNamespace function.

However, "namespace" is also a datastream property. In the Agent policy settings UI, the "Spaces" property (which will be linked to the saved object's namespaces property) is above the "Default namespace" property, which relates to the integration's data streams:

This should not be a source of major issues, but is best clarified for future reference. In this PR, I've replaced some occurrences of namespace with spaceId where appropriate to try to maximise the use of the latter.

Testing

• This PR should be put through the Flaky Test Runner prior to merging (I will kick the job).
• Manual testing should also be performed for the new endpoints mentioned above.

Checklist

• Unit or functional tests were updated or added to match the most common scenarios
• Flaky Test Runner was used on any tests changed

[jillguyonnet]

/ci

[obltmachine]

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

• /oblt-deploy : Deploy a Kibana instance using the Observability test environments.
• run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

[jillguyonnet]

Hey @nchaulet - this PR should be ready for first review - I've detailed the changes in the description to help with the review. I'm still looking if I can figure out tests for queries in batches as these have proven unstable, otherwise I think this is everything.

[jillguyonnet]

/ci

[kibanamachine]

Flaky Test Runner Stats

🎉 All tests passed! - kibana-flaky-test-suite-runner#6810

[✅] x-pack/test/fleet_api_integration/config.space_awareness.ts: 200/200 tests passed.

see run history

[elasticmachine]

Pinging @elastic/fleet (Team:Fleet)

[juliaElastic]

LGTM

[jillguyonnet]

@elasticmachine merge upstream

[jillguyonnet]

@elasticmachine merge upstream

[kibana-ci]

💚 Build Succeeded

• Buildkite Build
• Commit: 9e2aa6a

Metrics [docs]

✅ unchanged

History

• 💔 Build #230443 failed 1e47d61
• 💛 Build #230108 was flaky 7b89542
• 💛 Build #229799 was flaky 772e415
• 💔 Build #229773 failed 3d48b91

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @jillguyonnet

[nchaulet]

Code LGTM 🚀 renaming namespace => spaceId remove a lot of confusion that's great