Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security isolation support: Plugin js bundle builder #16303

Closed
nyurik opened this issue Jan 25, 2018 · 1 comment
Closed

Security isolation support: Plugin js bundle builder #16303

nyurik opened this issue Jan 25, 2018 · 1 comment
Labels
enhancement New value added to drive a business result Feature:Plugins Feature:Vega Vega visualizations stale Used to mark issues that were closed for being stale Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@nyurik
Copy link
Contributor

nyurik commented Jan 25, 2018
edited
Loading

To support plugin isolation in an iframe, plugins need a way to get a js code bundle that's independent of the main Kibana js bundle. For example, to support #2873, Vega vis would need a separate bundle that includes just the vega library (see prototype #15014 (comment)). To make this more generic, we could establish this pattern:

/plugin
  /vega
    /public         - all the regular plugin code (not sandboxed)
    /vega-sandbox   - any dir that ends in "-sandbox" gets a separate js bundle
      package.json
      index.html
      index.js

The plugin would create an <iframe sandbox src=index.html>, and the index.js would be the starting point for the bundle building.

Ideally, packag.json should be separate from the the main one, and have its own set of dependencies, but this might not be feasible with the current yarn implementation, forcing all deps to be listed in the main package.json.
@nyurik nyurik added the Feature:Vega Vega visualizations label Feb 2, 2018
@timroes timroes added the Feature:Visualizations Generic visualization features (in case no more specific feature label is available) label Aug 8, 2018
@timroes timroes added Team:Visualizations Visualization editors, elastic-charts and infrastructure and removed Team:Visualizations Visualization editors, elastic-charts and infrastructure Feature:Visualizations Generic visualization features (in case no more specific feature label is available) labels Sep 16, 2018
@stacey-gammon
Copy link
Contributor

Reassigning to to @elastic/kibana-platform since they cover the plugin infrastructure. Maybe even @elastic/kibana-security ...

@stacey-gammon stacey-gammon added Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! and removed Team:Visualizations Visualization editors, elastic-charts and infrastructure labels Oct 2, 2018
@marius-dr marius-dr added the enhancement New value added to drive a business result label Oct 10, 2018
@joshdover joshdover added the stale Used to mark issues that were closed for being stale label Jan 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New value added to drive a business result Feature:Plugins Feature:Vega Vega visualizations stale Used to mark issues that were closed for being stale Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@timroes @nyurik @joshdover @marius-dr @stacey-gammon