Skip to content

Commit

Permalink
Update more integration tests to account for our optional _source
Browse files Browse the repository at this point in the history 
Changes here fall into one of two categories:

* If the test was making an assertion on a value from _source, we simply
null chain and continue to assert on a possibly undefined value.

* If the test logic depends on _source being present, we first assert that
presence, and exit the test early if absent.
  • Loading branch information
@rylnd
rylnd committed Aug 2, 2021
1 parent 6c9bc3e commit 93aa2db
Show file tree
Hide file tree
Showing 22 changed files with 431 additions and 393 deletions.
4 changes: 2 additions & 2 deletions x-pack/test/detection_engine_api_integration/security_and_spaces/tests/aliases.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForSignalsToBePresent(supertest, 4, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map(
(signal) => (signal._source.host_alias as HostAlias).name
(signal) => (signal._source?.host_alias as HostAlias).name
);
expect(hits).to.eql(['host name 1', 'host name 2', 'host name 3', 'host name 4']);
});
Expand All @@ -57,7 +57,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 4, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((signal) => (signal._source.host as HostAlias).name);
const hits = signalsOpen.hits.hits.map((signal) => (signal._source?.host as HostAlias).name);
expect(hits).to.eql(['host name 1', 'host name 2', 'host name 3', 'host name 4']);
});
});
Expand Down
40 changes: 20 additions & 20 deletions .../detection_engine_api_integration/security_and_spaces/tests/create_endpoint_exceptions.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 4, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host).sort();
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host).sort();
expect(hits).to.eql([
{
os: { type: 'linux' },
Expand All @@ -82,7 +82,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 4, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host).sort();
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host).sort();
expect(hits).to.eql([
{
os: { name: 'Linux' },
Expand Down Expand Up @@ -125,7 +125,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 3, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { name: 'Windows' },
Expand Down Expand Up @@ -162,7 +162,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 3, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { name: 'Windows' },
Expand Down Expand Up @@ -210,7 +210,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 2, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { name: 'Macos' },
Expand Down Expand Up @@ -255,7 +255,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 2, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { name: 'Macos' },
Expand Down Expand Up @@ -291,7 +291,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 3, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'windows' },
Expand Down Expand Up @@ -328,7 +328,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 3, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'windows' },
Expand Down Expand Up @@ -376,7 +376,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 2, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'macos' },
Expand Down Expand Up @@ -421,7 +421,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 2, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'macos' },
Expand Down Expand Up @@ -457,7 +457,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 6, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'windows' },
Expand Down Expand Up @@ -503,7 +503,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 6, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'windows' },
Expand Down Expand Up @@ -560,7 +560,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 4, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'macos' },
Expand Down Expand Up @@ -611,7 +611,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 4, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'macos' },
Expand Down Expand Up @@ -663,7 +663,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 1, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'macos' },
Expand Down Expand Up @@ -703,7 +703,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 1, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'macos' },
Expand Down Expand Up @@ -736,7 +736,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 3, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'linux' },
Expand Down Expand Up @@ -773,7 +773,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 2, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'macos' },
Expand Down Expand Up @@ -807,7 +807,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 2, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'macos' },
Expand Down Expand Up @@ -841,7 +841,7 @@ export default ({ getService }: FtrProviderContext) => {
await waitForRuleSuccessOrStatus(supertest, id);
await waitForSignalsToBePresent(supertest, 4, [id]);
const signalsOpen = await getSignalsById(supertest, id);
const hits = signalsOpen.hits.hits.map((hit) => hit._source.host);
const hits = signalsOpen.hits.hits.map((hit) => hit._source?.host);
expect(hits).to.eql([
{
os: { type: 'linux' },
Expand Down
2 changes: 1 addition & 1 deletion x-pack/test/detection_engine_api_integration/security_and_spaces/tests/create_ml.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,7 @@ export default ({ getService }: FtrProviderContext) => {
id: createdRule.id,
rule_id: createdRule.rule_id,
created_at: createdRule.created_at,
updated_at: signal._source.signal.rule.updated_at,
updated_at: signal._source?.signal.rule.updated_at,
actions: [],
interval: '5m',
name: 'Test ML rule',
Expand Down
8 changes: 4 additions & 4 deletions ...t/detection_engine_api_integration/security_and_spaces/tests/create_signals_migrations.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import {
} from '../../../../plugins/security_solution/common/constants';
import { ROLES } from '../../../../plugins/security_solution/common/test';
import { SIGNALS_TEMPLATE_VERSION } from '../../../../plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template';
import { Signal } from '../../../../plugins/security_solution/server/lib/detection_engine/signals/types';
import { FtrProviderContext } from '../../common/ftr_provider_context';
import {
createSignalsIndex,
Expand Down Expand Up @@ -96,12 +97,11 @@ export default ({ getService }: FtrProviderContext): void => {

const [{ migration_index: newIndex }] = createResponses;
await waitForIndexToPopulate(es, newIndex);
const { body: migrationResults } = await es.search({ index: newIndex });
const { body: migrationResults } = await es.search<{ signal: Signal }>({ index: newIndex });

expect(migrationResults.hits.hits).length(1);
// @ts-expect-error _source has unknown type
const migratedSignal = migrationResults.hits.hits[0]._source.signal;
expect(migratedSignal._meta.version).to.equal(SIGNALS_TEMPLATE_VERSION);
const migratedSignal = migrationResults.hits.hits[0]._source?.signal;
expect(migratedSignal?._meta?.version).to.equal(SIGNALS_TEMPLATE_VERSION);
});

it('specifying the signals alias itself is a bad request', async () => {
Expand Down
19 changes: 13 additions & 6 deletions ...test/detection_engine_api_integration/security_and_spaces/tests/create_threat_matching.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,9 +153,12 @@ export default ({ getService }: FtrProviderContext) => {
const signalsOpen = await getSignalsByIds(supertest, [id]);
expect(signalsOpen.hits.hits.length).equal(10);
const fullSource = signalsOpen.hits.hits.find(
(signal) => signal._source.signal.parents[0].id === '7yJ-B2kBR346wHgnhlMn'
(signal) => signal._source?.signal.parents[0].id === '7yJ-B2kBR346wHgnhlMn'
);
const fullSignal = fullSource!._source; // If this doesn't exist the test is going to fail anyway so using a bang operator here to get rid of ts error
const fullSignal = fullSource?._source;
if (!fullSignal) {
return expect(fullSignal).to.be.ok();
}
expect(fullSignal).eql({
'@timestamp': fullSignal['@timestamp'],
agent: {
Expand Down Expand Up @@ -439,7 +442,7 @@ export default ({ getService }: FtrProviderContext) => {
expect(signalsOpen.hits.hits.length).equal(2);

const { hits } = signalsOpen.hits;
const threats = hits.map((hit) => hit._source.threat);
const threats = hits.map((hit) => hit._source?.threat);
expect(threats).to.eql([
{
indicator: [
Expand Down Expand Up @@ -544,7 +547,9 @@ export default ({ getService }: FtrProviderContext) => {
expect(signalsOpen.hits.hits.length).equal(1);

const { hits } = signalsOpen.hits;
const [threat] = hits.map((hit) => hit._source.threat) as Array<{ indicator: unknown[] }>;
const [threat] = hits.map((hit) => hit._source?.threat) as Array<{
indicator: unknown[];
}>;

assertContains(threat.indicator, [
{
Expand Down Expand Up @@ -644,7 +649,9 @@ export default ({ getService }: FtrProviderContext) => {
expect(signalsOpen.hits.hits.length).equal(1);

const { hits } = signalsOpen.hits;
const [threat] = hits.map((hit) => hit._source.threat) as Array<{ indicator: unknown[] }>;
const [threat] = hits.map((hit) => hit._source?.threat) as Array<{
indicator: unknown[];
}>;

assertContains(threat.indicator, [
{
Expand Down Expand Up @@ -779,7 +786,7 @@ export default ({ getService }: FtrProviderContext) => {
expect(signalsOpen.hits.hits.length).equal(2);

const { hits } = signalsOpen.hits;
const threats = hits.map((hit) => hit._source.threat) as Array<{ indicator: unknown[] }>;
const threats = hits.map((hit) => hit._source?.threat) as Array<{ indicator: unknown[] }>;

assertContains(threats[0].indicator, [
{
Expand Down
Loading

0 comments on commit 93aa2db

Please sign in to comment.