merge stuff

docs/development/core/server/kibana-plugin-server.coresetup.getstartservices.md

@@ -1,17 +1,17 @@
-<!-- Do not edit this file. It is automatically generated by API Documenter. -->
-
-[Home](./index.md) &gt; [kibana-plugin-server](./kibana-plugin-server.md) &gt; [CoreSetup](./kibana-plugin-server.coresetup.md) &gt; [getStartServices](./kibana-plugin-server.coresetup.getstartservices.md)
-
-## CoreSetup.getStartServices() method
-
-Allows plugins to get access to APIs available in start inside async handlers. Promise will not resolve until Core and plugin dependencies have completed `start`<!-- -->. This should only be used inside handlers registered during `setup` that will only be executed after `start` lifecycle.
-
-<b>Signature:</b>
-
-```typescript
-getStartServices(): Promise<[CoreStart, TPluginsStart]>;
-```
-<b>Returns:</b>
-
-`Promise<[CoreStart, TPluginsStart]>`
-
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [kibana-plugin-server](./kibana-plugin-server.md) &gt; [CoreSetup](./kibana-plugin-server.coresetup.md) &gt; [getStartServices](./kibana-plugin-server.coresetup.getstartservices.md)
+
+## CoreSetup.getStartServices() method
+
+Allows plugins to get access to APIs available in start inside async handlers. Promise will not resolve until Core and plugin dependencies have completed `start`<!-- -->. This should only be used inside handlers registered during `setup` that will only be executed after `start` lifecycle.
+
+<b>Signature:</b>
+
+```typescript
+getStartServices(): Promise<[CoreStart, TPluginsStart]>;
+```
+<b>Returns:</b>
+
+`Promise<[CoreStart, TPluginsStart]>`
+

docs/development/core/server/kibana-plugin-server.coresetup.md

@@ -1,32 +1,32 @@
-<!-- Do not edit this file. It is automatically generated by API Documenter. -->
-
-[Home](./index.md) &gt; [kibana-plugin-server](./kibana-plugin-server.md) &gt; [CoreSetup](./kibana-plugin-server.coresetup.md)
-
-## CoreSetup interface
-
-Context passed to the plugins `setup` method.
-
-<b>Signature:</b>
-
-```typescript
-export interface CoreSetup<TPluginsStart extends object = object> 
-```
-
-## Properties
-
-|  Property | Type | Description |
-|  --- | --- | --- |
-|  [capabilities](./kibana-plugin-server.coresetup.capabilities.md) | <code>CapabilitiesSetup</code> | [CapabilitiesSetup](./kibana-plugin-server.capabilitiessetup.md) |
-|  [context](./kibana-plugin-server.coresetup.context.md) | <code>ContextSetup</code> | [ContextSetup](./kibana-plugin-server.contextsetup.md) |
-|  [elasticsearch](./kibana-plugin-server.coresetup.elasticsearch.md) | <code>ElasticsearchServiceSetup</code> | [ElasticsearchServiceSetup](./kibana-plugin-server.elasticsearchservicesetup.md) |
-|  [http](./kibana-plugin-server.coresetup.http.md) | <code>HttpServiceSetup</code> | [HttpServiceSetup](./kibana-plugin-server.httpservicesetup.md) |
-|  [savedObjects](./kibana-plugin-server.coresetup.savedobjects.md) | <code>SavedObjectsServiceSetup</code> | [SavedObjectsServiceSetup](./kibana-plugin-server.savedobjectsservicesetup.md) |
-|  [uiSettings](./kibana-plugin-server.coresetup.uisettings.md) | <code>UiSettingsServiceSetup</code> | [UiSettingsServiceSetup](./kibana-plugin-server.uisettingsservicesetup.md) |
-|  [uuid](./kibana-plugin-server.coresetup.uuid.md) | <code>UuidServiceSetup</code> | [UuidServiceSetup](./kibana-plugin-server.uuidservicesetup.md) |
-
-## Methods
-
-|  Method | Description |
-|  --- | --- |
-|  [getStartServices()](./kibana-plugin-server.coresetup.getstartservices.md) | Allows plugins to get access to APIs available in start inside async handlers. Promise will not resolve until Core and plugin dependencies have completed <code>start</code>. This should only be used inside handlers registered during <code>setup</code> that will only be executed after <code>start</code> lifecycle. |
-
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [kibana-plugin-server](./kibana-plugin-server.md) &gt; [CoreSetup](./kibana-plugin-server.coresetup.md)
+
+## CoreSetup interface
+
+Context passed to the plugins `setup` method.
+
+<b>Signature:</b>
+
+```typescript
+export interface CoreSetup<TPluginsStart extends object = object> 
+```
+
+## Properties
+
+|  Property | Type | Description |
+|  --- | --- | --- |
+|  [capabilities](./kibana-plugin-server.coresetup.capabilities.md) | <code>CapabilitiesSetup</code> | [CapabilitiesSetup](./kibana-plugin-server.capabilitiessetup.md) |
+|  [context](./kibana-plugin-server.coresetup.context.md) | <code>ContextSetup</code> | [ContextSetup](./kibana-plugin-server.contextsetup.md) |
+|  [elasticsearch](./kibana-plugin-server.coresetup.elasticsearch.md) | <code>ElasticsearchServiceSetup</code> | [ElasticsearchServiceSetup](./kibana-plugin-server.elasticsearchservicesetup.md) |
+|  [http](./kibana-plugin-server.coresetup.http.md) | <code>HttpServiceSetup</code> | [HttpServiceSetup](./kibana-plugin-server.httpservicesetup.md) |
+|  [savedObjects](./kibana-plugin-server.coresetup.savedobjects.md) | <code>SavedObjectsServiceSetup</code> | [SavedObjectsServiceSetup](./kibana-plugin-server.savedobjectsservicesetup.md) |
+|  [uiSettings](./kibana-plugin-server.coresetup.uisettings.md) | <code>UiSettingsServiceSetup</code> | [UiSettingsServiceSetup](./kibana-plugin-server.uisettingsservicesetup.md) |
+|  [uuid](./kibana-plugin-server.coresetup.uuid.md) | <code>UuidServiceSetup</code> | [UuidServiceSetup](./kibana-plugin-server.uuidservicesetup.md) |
+
+## Methods
+
+|  Method | Description |
+|  --- | --- |
+|  [getStartServices()](./kibana-plugin-server.coresetup.getstartservices.md) | Allows plugins to get access to APIs available in start inside async handlers. Promise will not resolve until Core and plugin dependencies have completed <code>start</code>. This should only be used inside handlers registered during <code>setup</code> that will only be executed after <code>start</code> lifecycle. |
+

docs/development/core/server/kibana-plugin-server.cspconfig.ruleschangedfromdefault.md → docs/development/core/server/kibana-plugin-server.cspconfig.default.md

@@ -1,11 +1,11 @@
 <!-- Do not edit this file. It is automatically generated by API Documenter. -->
 
-[Home](./index.md) &gt; [kibana-plugin-server](./kibana-plugin-server.md) &gt; [CspConfig](./kibana-plugin-server.cspconfig.md) &gt; [rulesChangedFromDefault](./kibana-plugin-server.cspconfig.ruleschangedfromdefault.md)
+[Home](./index.md) &gt; [kibana-plugin-server](./kibana-plugin-server.md) &gt; [CspConfig](./kibana-plugin-server.cspconfig.md) &gt; [DEFAULT](./kibana-plugin-server.cspconfig.default.md)
 
-## CspConfig.rulesChangedFromDefault property
+## CspConfig.DEFAULT property
 
 <b>Signature:</b>
 
 ```typescript
-readonly rulesChangedFromDefault: boolean;
+static readonly DEFAULT: CspConfig;
 ```

docs/development/core/server/kibana-plugin-server.cspconfig.md

@@ -20,9 +20,9 @@ The constructor for this class is marked as internal. Third-party code should no
 
 |  Property | Modifiers | Type | Description |
 |  --- | --- | --- | --- |
+|  [DEFAULT](./kibana-plugin-server.cspconfig.default.md) | <code>static</code> | <code>CspConfig</code> |  |
 |  [header](./kibana-plugin-server.cspconfig.header.md) |  | <code>string</code> |  |
 |  [rules](./kibana-plugin-server.cspconfig.rules.md) |  | <code>string[]</code> |  |
-|  [rulesChangedFromDefault](./kibana-plugin-server.cspconfig.ruleschangedfromdefault.md) |  | <code>boolean</code> |  |
 |  [strict](./kibana-plugin-server.cspconfig.strict.md) |  | <code>boolean</code> |  |
 |  [warnLegacyBrowsers](./kibana-plugin-server.cspconfig.warnlegacybrowsers.md) |  | <code>boolean</code> |  |
 

docs/development/core/server/kibana-plugin-server.icspconfig.md

@@ -18,7 +18,6 @@ export interface ICspConfig
 |  --- | --- | --- |
 |  [header](./kibana-plugin-server.icspconfig.header.md) | <code>string</code> | The CSP rules in a formatted directives string for use in a <code>Content-Security-Policy</code> header. |
 |  [rules](./kibana-plugin-server.icspconfig.rules.md) | <code>string[]</code> | The CSP rules used for Kibana. |
-|  [rulesChangedFromDefault](./kibana-plugin-server.icspconfig.ruleschangedfromdefault.md) | <code>boolean</code> | Flag indicating that the configuraion changes the csp rules from the defaults |
 |  [strict](./kibana-plugin-server.icspconfig.strict.md) | <code>boolean</code> | Specify whether browsers that do not support CSP should be able to use Kibana. Use <code>true</code> to block and <code>false</code> to allow. |
 |  [warnLegacyBrowsers](./kibana-plugin-server.icspconfig.warnlegacybrowsers.md) | <code>boolean</code> | Specify whether users with legacy browsers should be warned about their lack of Kibana security compliance. |
 

packages/kbn-dev-utils/src/kbn_client/kbn_client_status.ts

@@ -32,7 +32,6 @@ interface Status {
 interface ApiResponseStatus {
   name: string;
   uuid: string;
-  running_from_source?: true;
   version: {
     number: string;
     build_hash: string;
@@ -59,11 +58,6 @@ export class KbnClientStatus {
     });
   }
 
-  public async isDistributable() {
-    const status = await this.get();
-    return !status.running_from_source;
-  }
-
   /**
    * Get the overall/merged state
    */

packages/kbn-pm/dist/index.js

@@ -43639,10 +43639,6 @@ class KbnClientStatus {
             path: 'api/status',
         });
     }
-    async isDistributable() {
-        const status = await this.get();
-        return !status.running_from_source;
-    }
     /**
      * Get the overall/merged state
      */

src/core/PRINCIPLES.md

@@ -0,0 +1,47 @@
+## Common dictionary
+Plugin - a piece of software expressing specific subject of the business unit within the code.
+
+Platform - functionality required to run all the Kibana plugins.
+
+## New platform principles
+### Explicit business domains separation
+The plugins code should be structured on the top level to reflect business units.
+```js
+// GOOD
+src/plugins
+ - apm
+  - server
+  - public
+ - search
+ ..
+// BAD
+src/plugins
+ - server
+  - apm
+  - search
+```
+### Explicit dependencies
+Each plugin should declare dependencies on the other plugins explicitly. Plugins cannot have circular dependencies. Plugins shouldn't access runtime objects, HTTP endpoints, DOM nodes, etc. created by a third party plugin without declaring a dependency on this plugin.
+```json
+"requiredPlugins": ["search"],
+"optionalPlugins": ["apm"],
+```
+### Explicit API declaration
+Each plugin has to define an explicit API. Any other API's that has not been declared explicitly as public should be considered private. HTTP endpoints belonging to other plugins are considered private. Plugins should expose a JavaScript client on top of these HTTP endpoints for other plugins to consume.
+```js
+// GOOD
+deps.plugin.getData();
+// BAD.
+`GET /api/plugin/data`
+```
+### Encapsulated state
+Each plugin encapsulates its internal state. It doesn't rely on any kind of global state. Plugins provide an internal state via explicit API, reflecting the dynamic nature of the state (an event bus, observables, getter/setter functions). A plugin can change other plugin state by calling its public API method.
+```js
+// GOOD
+deps.plugin.getData();
+deps.plugin.data$.subscribe();
+deps.plugin.setAddress('...');
+// BAD.
+deps.plugin._data;
+deps.plugin.data = '...';
+```

src/core/TESTING.md

@@ -247,8 +247,3 @@ _How to test against specific plugin APIs (eg. data plugin)_
 ## Plugin Contracts
 
 _How to test your plugin's exposed API_
-
-Guidelines:
-- Plugins should never interact with other plugins' REST API directly
-- Plugins should interact with other plugins via JavaScript contracts
-- Exposed contracts need to be well tested to ensure breaking changes are detected easily

src/core/server/csp/csp_config.test.ts

@@ -18,7 +18,6 @@
  */
 
 import { CspConfig } from '.';
-import { createMockEnv } from '../config/env.mock';
 
 // CSP rules aren't strictly additive, so any change can potentially expand or
 // restrict the policy in a way we consider a breaking change. For that reason,
@@ -34,44 +33,53 @@ import { createMockEnv } from '../config/env.mock';
 // the nature of a change in defaults during a PR review.
 
 describe('CspConfig', () => {
-  test('defaults from config', () => {
-    const cspConfig = new CspConfig(createMockEnv());
+  test('DEFAULT', () => {
+    expect(CspConfig.DEFAULT).toMatchInlineSnapshot(`
+      CspConfig {
+        "header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
+        "rules": Array [
+          "script-src 'unsafe-eval' 'self'",
+          "worker-src blob: 'self'",
+          "style-src 'unsafe-inline' 'self'",
+        ],
+        "strict": true,
+        "warnLegacyBrowsers": true,
+      }
+    `);
+  });
 
-    expect(cspConfig).toMatchInlineSnapshot(`
+  test('defaults from config', () => {
+    expect(new CspConfig()).toMatchInlineSnapshot(`
       CspConfig {
         "header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
         "rules": Array [
           "script-src 'unsafe-eval' 'self'",
           "worker-src blob: 'self'",
           "style-src 'unsafe-inline' 'self'",
         ],
-        "rulesChangedFromDefault": false,
         "strict": true,
         "warnLegacyBrowsers": true,
       }
     `);
   });
 
   test('creates from partial config', () => {
-    const cspConfig = new CspConfig(createMockEnv(), { strict: false, warnLegacyBrowsers: false });
-
-    expect(cspConfig).toMatchInlineSnapshot(`
+    expect(new CspConfig({ strict: false, warnLegacyBrowsers: false })).toMatchInlineSnapshot(`
       CspConfig {
         "header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'",
         "rules": Array [
           "script-src 'unsafe-eval' 'self'",
           "worker-src blob: 'self'",
           "style-src 'unsafe-inline' 'self'",
         ],
-        "rulesChangedFromDefault": false,
         "strict": false,
         "warnLegacyBrowsers": false,
       }
     `);
   });
 
   test('computes header from rules', () => {
-    const cspConfig = new CspConfig(createMockEnv(), { rules: ['alpha', 'beta', 'gamma'] });
+    const cspConfig = new CspConfig({ rules: ['alpha', 'beta', 'gamma'] });
 
     expect(cspConfig).toMatchInlineSnapshot(`
       CspConfig {
@@ -81,25 +89,6 @@ describe('CspConfig', () => {
           "beta",
           "gamma",
         ],
-        "rulesChangedFromDefault": true,
-        "strict": true,
-        "warnLegacyBrowsers": true,
-      }
-    `);
-  });
-
-  test(`includes blob: style-src if env indicates we're running from source`, () => {
-    const cspConfig = new CspConfig(createMockEnv({ dist: false }));
-
-    expect(cspConfig).toMatchInlineSnapshot(`
-      CspConfig {
-        "header": "script-src 'unsafe-eval' 'self'; worker-src blob: 'self'; style-src blob: 'unsafe-inline' 'self'",
-        "rules": Array [
-          "script-src 'unsafe-eval' 'self'",
-          "worker-src blob: 'self'",
-          "style-src blob: 'unsafe-inline' 'self'",
-        ],
-        "rulesChangedFromDefault": false,
         "strict": true,
         "warnLegacyBrowsers": true,
       }

src/core/server/csp/csp_config.ts

@@ -18,7 +18,6 @@
  */
 
 import { config } from './config';
-import { Env } from '../config';
 
 const DEFAULT_CONFIG = Object.freeze(config.schema.validate({}));
 
@@ -49,50 +48,30 @@ export interface ICspConfig {
    * in a `Content-Security-Policy` header.
    */
   readonly header: string;
-
-  /**
-   * Flag indicating that the configuraion changes the csp
-   * rules from the defaults
-   */
-  readonly rulesChangedFromDefault: boolean;
 }
 
 /**
  * CSP configuration for use in Kibana.
  * @public
  */
 export class CspConfig implements ICspConfig {
+  static readonly DEFAULT = new CspConfig();
+
   public readonly rules: string[];
   public readonly strict: boolean;
   public readonly warnLegacyBrowsers: boolean;
   public readonly header: string;
-  public readonly rulesChangedFromDefault: boolean;
 
   /**
    * Returns the default CSP configuration when passed with no config
    * @internal
    */
-  constructor(env: Env, rawCspConfig?: Partial<Omit<ICspConfig, 'header'>>) {
+  constructor(rawCspConfig: Partial<Omit<ICspConfig, 'header'>> = {}) {
     const source = { ...DEFAULT_CONFIG, ...rawCspConfig };
 
-    this.rules = source.rules.map(rule => {
-      // if we receive an env, and it indicates that this isn't a distributable, add `blob:` to the style csp rules
-      if (env && !env.packageInfo.dist && rule.startsWith('style-src ')) {
-        return rule.replace(/^style-src /, 'style-src blob: ');
-      }
-
-      return rule;
-    });
+    this.rules = source.rules;
     this.strict = source.strict;
     this.warnLegacyBrowsers = source.warnLegacyBrowsers;
-    this.header = this.rules.join('; ');
-
-    // only check to see if the csp values are customized when `rawCspConfig` was received.
-    if (!rawCspConfig) {
-      this.rulesChangedFromDefault = false;
-    } else {
-      const defaultCsp = new CspConfig(env);
-      this.rulesChangedFromDefault = defaultCsp.header !== this.header;
-    }
+    this.header = source.rules.join('; ');
   }
 }