[Fleet] Do not provide instruction to setup an http Fleet server

[nchaulet]

Summary

Resolve #122625

Change the fleet server on prem instruction to not provide instructions to setup an http fleet server and do not allow to add an http fleet server url in these instructions (it's still possible to do it via the settings tab or via the kibana preconfigure output)

Details:

• change the validation to not allow http fleet server url (only in the instructions)
• remove the --fleet-server-insecure-http flag

[elasticmachine]

Pinging @elastic/fleet (Team:Fleet)

[joshdover]

Can we change the UI to not require the user to enter the protocol at all? Instead I think we should have https:// be added to the "Fleet Server host" prepend prop or completely replace it.

We should also verify what the behavior is of showing the --insecure option on the regular Elastic Agent enrollment command given to the user. Do we need to display it somehow when a Fleet Server https host is configured, but it was known to be configured with Quick Start?

I'd also like @jen-huang to 👍 this before moving forward.

[nchaulet]

Can we change the UI to not require the user to enter the protocol at all? Instead I think we should have https:// be added to the "Fleet Server host" prepend prop or completely replace it.

Actually we already use the prepend prop here for the input label, we could probably use it for the protocol but it will be a little more design change

Do we need to display it somehow when a Fleet Server https host is configured, but it was known to be configured with Quick Start?

We already display it in the Fleet server instruction (giving the user the flag insecure-http was probably a bug) we do not save that I do not think we will be able to show that in the add agent flyout

[nchaulet]

Just tested and using --insecure against self generated fleet server ssl certificate works well

[juliaElastic]

We should revert this flag from docs as well: elastic/observability-docs#1441

[nchaulet]

@elasticmachine merge upstream

[nchaulet]

@elasticmachine merge upstream

[nchaulet]

Looks like Cypress tests are failing because some of the packages removed here elastic/package-storage#3992 are returning random 404 from the snapshot registry

[jen-huang]

Small copy nit, otherwise LGTM

[joshdover]

LGTM. I think it would make sense to open an enhancement issue to allow us to track whether or not the Fleet Server is using a self-signed certificate so we could automatically tell the user to use the --insecure flag on Agent enrollment when necessary, along with some warnings in the UI about this not being a production-ready configuration.

[nchaulet]

@elasticmachine merge upstream

[kibana-ci]

💛 Build succeeded, but was flaky

• Buildkite Build
• Commit: d56ffc6
• Storybooks Preview
• Webpack Bundle Analyzer

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
fleet	684.6KB	684.5KB	-25.0B

History

• 💔 Build #36627 failed 748814b
• 💔 Build #36523 failed 1f019ae
• 💔 Build #36496 failed 6c4b89f
• 💚 Build #35951 succeeded 76fb635
• 💔 Build #35924 failed 3a78ba1

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @nchaulet

[kibanamachine]

💚 All backports created successfully

Status	Branch	Result
✅	8.2

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

[amolnater-qasource]

Hi @nchaulet
We have revalidated this PR in lieu of reported issue at #122625
We have revalidated this on 8.2 Snapshot self-managed environment and found it fixed now.

• User is not able to add fleet server host with http from Add Agent flyout.
• However as expected, user is able to edit from settings tab and able to update the host url to http.

Build details:
BUILD: 51835
COMMIT: 6fcd2d0

Screenshot:

Thanks