From 6daad11dc867ec7b08af56d19cd700bc2ed3562c Mon Sep 17 00:00:00 2001 From: Wafaa Nasr Date: Wed, 1 Nov 2023 20:15:53 +0100 Subject: [PATCH] [Security Solution][API testing] Move and restructures rule preview test and actions legacy utils (#170147) ## Summary - Following the initial work in this https://github.com/elastic/kibana/pull/166755 - Addresses part of https://github.com/elastic/kibana/issues/151902 for rule preview https://docs.google.com/document/d/1CRFfDWMzw3ob03euWIvT4-IoiLXjoiPWI8mTBqP4Zks/edit - Remove the `skipInQA` tag from `Migrations` actions test since it runs only in ESS env. ### Moved files from `detection_engine_api_integrations` to `security_solution_api_integration` - utils (Moved and references are updated): - './get_legacy_action_notifications_so_by_id'; - './get_legacy_actions_so_by_id'; - './get_simple_preview_rule'; - './get_simple_rule_output_with_web_hook_action'; - './get_simple_rule_preview_output'; - Group1: - `preview_rules` moved under the `rule_creation` folder --- .../security_and_spaces/group1/index.ts | 1 - ...simple_rule_output_with_web_hook_action.ts | 29 ------------------- .../utils/index.ts | 7 +---- .../default_license/actions/migrations.ts | 4 +-- .../default_license/rule_creation/index.ts | 1 + .../rule_creation}/preview_rules.ts | 26 ++++++++++++----- .../utils/actions/index.ts | 1 + ...et_legacy_action_notifications_so_by_id.ts | 0 .../legacy_actions/get_legacy_action_so.ts | 25 ++++++++++++++++ .../get_legacy_actions_so_by_id.ts | 0 .../utils/actions/legacy_actions/index.ts | 9 ++++++ .../utils/rules}/get_simple_preview_rule.ts | 0 .../rules}/get_simple_rule_preview_output.ts | 0 .../detections_response/utils/rules/index.ts | 2 ++ 14 files changed, 59 insertions(+), 46 deletions(-) delete mode 100644 x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output_with_web_hook_action.ts rename x-pack/test/{detection_engine_api_integration/security_and_spaces/group1 => security_solution_api_integration/test_suites/detections_response/default_license/rule_creation}/preview_rules.ts (85%) rename x-pack/test/{detection_engine_api_integration/utils => security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions}/get_legacy_action_notifications_so_by_id.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_so.ts rename x-pack/test/{detection_engine_api_integration/utils => security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions}/get_legacy_actions_so_by_id.ts (100%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/index.ts rename x-pack/test/{detection_engine_api_integration/utils => security_solution_api_integration/test_suites/detections_response/utils/rules}/get_simple_preview_rule.ts (100%) rename x-pack/test/{detection_engine_api_integration/utils => security_solution_api_integration/test_suites/detections_response/utils/rules}/get_simple_rule_preview_output.ts (100%) diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts b/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts index 1c9c874127660..94ba07b31bddf 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts +++ b/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/index.ts @@ -17,7 +17,6 @@ export default ({ loadTestFile }: FtrProviderContext): void => { loadTestFile(require.resolve('./aliases')); loadTestFile(require.resolve('./check_privileges')); loadTestFile(require.resolve('./create_index')); - loadTestFile(require.resolve('./preview_rules')); loadTestFile(require.resolve('./create_rules_bulk')); loadTestFile(require.resolve('./delete_rules')); loadTestFile(require.resolve('./delete_rules_bulk')); diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output_with_web_hook_action.ts b/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output_with_web_hook_action.ts deleted file mode 100644 index 7ecee679e50b3..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output_with_web_hook_action.ts +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { NOTIFICATION_DEFAULT_FREQUENCY } from '@kbn/security-solution-plugin/common/constants'; -import { getSimpleRuleOutput } from './get_simple_rule_output'; -import { RuleWithoutServerGeneratedProperties } from './remove_server_generated_properties'; - -export const getSimpleRuleOutputWithWebHookAction = ( - actionId: string, - uuid: string -): RuleWithoutServerGeneratedProperties => ({ - ...getSimpleRuleOutput(), - actions: [ - { - action_type_id: '.webhook', - group: 'default', - id: actionId, - params: { - body: '{}', - }, - uuid, - frequency: NOTIFICATION_DEFAULT_FREQUENCY, - }, - ], -}); diff --git a/x-pack/test/detection_engine_api_integration/utils/index.ts b/x-pack/test/detection_engine_api_integration/utils/index.ts index 0e75e72a2d0ed..5aca507b7134f 100644 --- a/x-pack/test/detection_engine_api_integration/utils/index.ts +++ b/x-pack/test/detection_engine_api_integration/utils/index.ts @@ -37,9 +37,6 @@ export * from './get_eql_rule_for_signal_testing'; export * from './get_event_log_execute_complete_by_id'; export * from './get_index_name_from_load'; export * from './get_legacy_action_notification_so'; -export * from './get_legacy_action_notifications_so_by_id'; -export * from './get_legacy_action_so'; -export * from './get_legacy_actions_so_by_id'; export * from './get_open_signals'; export * from './get_preview_alerts'; export * from './get_query_all_signals'; @@ -63,13 +60,10 @@ export * from './get_signals_by_rule_ids'; export * from './get_simple_ml_rule'; export * from './get_simple_ml_rule_output'; export * from './get_simple_ml_rule_update'; -export * from './get_simple_preview_rule'; export * from './get_simple_rule'; export * from './get_simple_rule_as_ndjson'; export * from './get_simple_rule_output'; -export * from './get_simple_rule_output_with_web_hook_action'; export * from './get_simple_rule_output_without_rule_id'; -export * from './get_simple_rule_preview_output'; export * from './get_simple_rule_update'; export * from './get_simple_rule_without_rule_id'; export * from './get_simple_saved_query_rule'; @@ -112,3 +106,4 @@ export * from './prebuilt_rules/install_prebuilt_rules'; export * from './prebuilt_rules/upgrade_prebuilt_rules'; export * from './prebuilt_rules/install_mock_prebuilt_rules'; export * from './prebuilt_rules/install_prebuilt_rules_and_timelines'; +export * from './get_legacy_action_so'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/migrations.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/migrations.ts index ce5c87d2c3fb4..be5503a1cef23 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/migrations.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions/migrations.ts @@ -13,7 +13,7 @@ import { getLegacyActionSOById, getLegacyActionNotificationSOById, getRuleSOById, -} from '../../../../../detection_engine_api_integration/utils'; +} from '../../utils'; import { FtrProviderContext } from '../../../../ftr_provider_context'; /** @@ -24,7 +24,7 @@ export default ({ getService }: FtrProviderContext) => { const es = getService('es'); const esArchiver = getService('esArchiver'); - describe('@ess @skipInQA actions migrations', () => { + describe('@ess actions migrations', () => { // This test suite is not meant to test a specific route, but to test the legacy action migration // code that lives in multiple routes. This code is also tested in each of the routes it lives in // but not in as much detail and relying on mocks. This test loads an es_archive containing rules diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation/index.ts index a3e706c580e5c..1d22c7ef57cda 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation/index.ts @@ -10,5 +10,6 @@ export default function ({ loadTestFile }: FtrProviderContext) { describe('Rule creation API', function () { loadTestFile(require.resolve('./create_rules')); loadTestFile(require.resolve('./create_new_terms')); + loadTestFile(require.resolve('./preview_rules')); }); } diff --git a/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/preview_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation/preview_rules.ts similarity index 85% rename from x-pack/test/detection_engine_api_integration/security_and_spaces/group1/preview_rules.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation/preview_rules.ts index b930f43dc9809..bcfbf77ef23e1 100644 --- a/x-pack/test/detection_engine_api_integration/security_and_spaces/group1/preview_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation/preview_rules.ts @@ -9,25 +9,35 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_PREVIEW } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; import { deleteAllRules, getSimplePreviewRule, getSimpleRulePreviewOutput } from '../../utils'; -import { createUserAndRole, deleteUserAndRole } from '../../../common/services/security_solution'; -// eslint-disable-next-line import/no-default-export +import { + createUserAndRole, + deleteUserAndRole, +} from '../../../../../common/services/security_solution'; + +import { FtrProviderContext } from '../../../../ftr_provider_context'; +import { EsArchivePathBuilder } from '../../../../es_archive_path_builder'; + export default ({ getService }: FtrProviderContext) => { const esArchiver = getService('esArchiver'); const supertest = getService('supertest'); const supertestWithoutAuth = getService('supertestWithoutAuth'); const log = getService('log'); + // TODO: add a new service + const config = getService('config'); + const isServerless = config.get('serverless'); + const dataPathBuilder = new EsArchivePathBuilder(isServerless); + const path = dataPathBuilder.getPath('auditbeat/hosts'); - describe('preview_rules', () => { + describe('@serverless @ess preview_rules', () => { describe('previewing rules', () => { before(async () => { - await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'); + await esArchiver.load(path); }); after(async () => { - await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts'); + await esArchiver.unload(path); }); afterEach(async () => { @@ -84,7 +94,7 @@ export default ({ getService }: FtrProviderContext) => { }); }); - describe('t1_analyst', () => { + describe('@brokenInServerless t1_analyst', () => { const role = ROLES.t1_analyst; beforeEach(async () => { @@ -105,7 +115,7 @@ export default ({ getService }: FtrProviderContext) => { }); }); - describe('hunter', () => { + describe('@brokenInServerless hunter', () => { const role = ROLES.hunter; beforeEach(async () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/index.ts index d9b65ba596dd6..af7e564d1c663 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/index.ts @@ -8,3 +8,4 @@ export * from './get_slack_action'; export * from './get_web_hook_action'; export * from './remove_uuid_from_actions'; export * from './create_new_action'; +export * from './legacy_actions'; diff --git a/x-pack/test/detection_engine_api_integration/utils/get_legacy_action_notifications_so_by_id.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_notifications_so_by_id.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/get_legacy_action_notifications_so_by_id.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_notifications_so_by_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_so.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_so.ts new file mode 100644 index 0000000000000..e714dfcec28cc --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_action_so.ts @@ -0,0 +1,25 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import type { Client } from '@elastic/elasticsearch'; +import type { SearchResponse } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; +import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; +import type { SavedObjectReference } from '@kbn/core/server'; +import type { LegacyRuleActions } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_actions_legacy'; + +interface LegacyActionSO extends LegacyRuleActions { + references: SavedObjectReference[]; +} + +/** + * Fetch all legacy action sidecar SOs from the security solution savedObjects index + * @param es The ElasticSearch service + */ +export const getLegacyActionSO = async (es: Client): Promise> => + es.search({ + index: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, + q: 'type:siem-detection-engine-rule-actions', + }); diff --git a/x-pack/test/detection_engine_api_integration/utils/get_legacy_actions_so_by_id.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_actions_so_by_id.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/get_legacy_actions_so_by_id.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/get_legacy_actions_so_by_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/index.ts new file mode 100644 index 0000000000000..9b88b1f73d11e --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/actions/legacy_actions/index.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +export * from './get_legacy_action_so'; +export * from './get_legacy_actions_so_by_id'; +export * from './get_legacy_action_notifications_so_by_id'; diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_preview_rule.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_preview_rule.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/get_simple_preview_rule.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_preview_rule.ts diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_preview_output.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_preview_output.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/get_simple_rule_preview_output.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_simple_rule_preview_output.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts index 0170faa8ceeda..26862dc62d038 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts @@ -26,6 +26,8 @@ export * from './find_immutable_rule_by_id'; export * from './create_rule_with_exception_entries'; export * from './downgrade_immutable_rule'; export * from './get_eql_rule_for_alert_testing'; +export * from './get_simple_preview_rule'; +export * from './get_simple_rule_preview_output'; export * from './get_rule_with_web_hook_action'; export * from './get_simple_rule_output_with_web_hook_action'; export * from './rule_to_update_schema';