From a636dcb11efeecc2021ae47dfbd5c92ce62d787a Mon Sep 17 00:00:00 2001 From: Gloria Hornero Date: Fri, 22 Dec 2023 09:34:56 +0100 Subject: [PATCH] [Security Solution] Adding conditional execution on ci for Security Solution cypress tests (#173815) ## Summary With the aim of preventing our tests from blocking PRs on teams introducing changes not related with our basecode and saving buildkite time execution, PRs the security solution Cypress tests are going to be executed just when a change is introduced on the listed dependencies in `.buildkite/scripts/pipelines/pull_request/pipeline.ts`. The execution of our tests on every change in the `on-merge` pipeline is going to be maintained, in that way, we are going to be aware of any possible issue we may miss and our flaky tests are going to continue being tracked in github --------- Co-authored-by: Steph Milovic --- .buildkite/pipelines/pull_request/base.yml | 192 ------------------ .../security_solution/ai_assistant.yml | 24 +++ .../{ => security_solution}/cypress_burn.yml | 0 .../defend_workflows.yml | 0 .../security_solution/detection_engine.yml | 48 +++++ .../security_solution/entity_analytics.yml | 24 +++ .../security_solution/explore.yml | 24 +++ .../security_solution/investigations.yml | 24 +++ .../security_solution/rule_management.yml | 48 +++++ .../pipelines/pull_request/pipeline.ts | 52 ++++- 10 files changed, 242 insertions(+), 194 deletions(-) create mode 100644 .buildkite/pipelines/pull_request/security_solution/ai_assistant.yml rename .buildkite/pipelines/pull_request/{ => security_solution}/cypress_burn.yml (100%) rename .buildkite/pipelines/pull_request/{ => security_solution}/defend_workflows.yml (100%) create mode 100644 .buildkite/pipelines/pull_request/security_solution/detection_engine.yml create mode 100644 .buildkite/pipelines/pull_request/security_solution/entity_analytics.yml create mode 100644 .buildkite/pipelines/pull_request/security_solution/explore.yml create mode 100644 .buildkite/pipelines/pull_request/security_solution/investigations.yml create mode 100644 .buildkite/pipelines/pull_request/security_solution/rule_management.yml diff --git a/.buildkite/pipelines/pull_request/base.yml b/.buildkite/pipelines/pull_request/base.yml index 6011d1d78a696..03019a107df9e 100644 --- a/.buildkite/pipelines/pull_request/base.yml +++ b/.buildkite/pipelines/pull_request/base.yml @@ -57,198 +57,6 @@ steps: - exit_status: '*' limit: 1 - - command: .buildkite/scripts/steps/functional/security_serverless_entity_analytics.sh - label: 'Serverless Entity Analytics - Security Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 2 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_serverless_explore.sh - label: 'Serverless Explore - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 4 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_serverless_investigations.sh - label: 'Serverless Investigations - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 8 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_serverless_rule_management.sh - label: 'Serverless Rule Management - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 8 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_serverless_rule_management_prebuilt_rules.sh - label: 'Serverless Rule Management - Prebuilt Rules - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 4 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine.sh - label: 'Serverless Detection Engine - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 6 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine_exceptions.sh - label: 'Serverless Detection Engine - Exceptions - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 6 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_serverless_ai_assistant.sh - label: 'Serverless AI Assistant - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 1 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_solution_entity_analytics.sh - label: 'Entity Analytics - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 2 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_solution_explore.sh - label: 'Explore - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 4 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_solution_rule_management.sh - label: 'Rule Management - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 8 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_solution_rule_management_prebuilt_rules.sh - label: 'Rule Management - Prebuilt Rules - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 6 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_solution_detection_engine.sh - label: 'Detection Engine - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 8 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_solution_detection_engine_exceptions.sh - label: 'Detection Engine - Exceptions - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 6 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_solution_ai_assistant.sh - label: 'AI Assistant - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 1 - retry: - automatic: - - exit_status: '*' - limit: 1 - - - command: .buildkite/scripts/steps/functional/security_solution_investigations.sh - label: 'Investigations - Security Solution Cypress Tests' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 60 - parallelism: 8 - retry: - automatic: - - exit_status: '*' - limit: 1 - - command: .buildkite/scripts/steps/functional/threat_intelligence.sh label: 'Threat Intelligence Cypress Tests' agents: diff --git a/.buildkite/pipelines/pull_request/security_solution/ai_assistant.yml b/.buildkite/pipelines/pull_request/security_solution/ai_assistant.yml new file mode 100644 index 0000000000000..3de3ece499a6e --- /dev/null +++ b/.buildkite/pipelines/pull_request/security_solution/ai_assistant.yml @@ -0,0 +1,24 @@ +steps: + - command: .buildkite/scripts/steps/functional/security_serverless_ai_assistant.sh + label: 'Serverless AI Assistant - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 1 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_ai_assistant.sh + label: 'AI Assistant - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 1 + retry: + automatic: + - exit_status: '*' + limit: 1 diff --git a/.buildkite/pipelines/pull_request/cypress_burn.yml b/.buildkite/pipelines/pull_request/security_solution/cypress_burn.yml similarity index 100% rename from .buildkite/pipelines/pull_request/cypress_burn.yml rename to .buildkite/pipelines/pull_request/security_solution/cypress_burn.yml diff --git a/.buildkite/pipelines/pull_request/defend_workflows.yml b/.buildkite/pipelines/pull_request/security_solution/defend_workflows.yml similarity index 100% rename from .buildkite/pipelines/pull_request/defend_workflows.yml rename to .buildkite/pipelines/pull_request/security_solution/defend_workflows.yml diff --git a/.buildkite/pipelines/pull_request/security_solution/detection_engine.yml b/.buildkite/pipelines/pull_request/security_solution/detection_engine.yml new file mode 100644 index 0000000000000..6196e2e251522 --- /dev/null +++ b/.buildkite/pipelines/pull_request/security_solution/detection_engine.yml @@ -0,0 +1,48 @@ +steps: + - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine.sh + label: 'Serverless Detection Engine - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine_exceptions.sh + label: 'Serverless Detection Engine - Exceptions - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_detection_engine.sh + label: 'Detection Engine - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 8 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_detection_engine_exceptions.sh + label: 'Detection Engine - Exceptions - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 diff --git a/.buildkite/pipelines/pull_request/security_solution/entity_analytics.yml b/.buildkite/pipelines/pull_request/security_solution/entity_analytics.yml new file mode 100644 index 0000000000000..482107467884c --- /dev/null +++ b/.buildkite/pipelines/pull_request/security_solution/entity_analytics.yml @@ -0,0 +1,24 @@ +steps: + - command: .buildkite/scripts/steps/functional/security_serverless_entity_analytics.sh + label: 'Serverless Entity Analytics - Security Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 2 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_entity_analytics.sh + label: 'Entity Analytics - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 2 + retry: + automatic: + - exit_status: '*' + limit: 1 diff --git a/.buildkite/pipelines/pull_request/security_solution/explore.yml b/.buildkite/pipelines/pull_request/security_solution/explore.yml new file mode 100644 index 0000000000000..5acd56ebe7f06 --- /dev/null +++ b/.buildkite/pipelines/pull_request/security_solution/explore.yml @@ -0,0 +1,24 @@ +steps: + - command: .buildkite/scripts/steps/functional/security_solution_explore.sh + label: 'Explore - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 4 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_serverless_explore.sh + label: 'Serverless Explore - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 4 + retry: + automatic: + - exit_status: '*' + limit: 1 \ No newline at end of file diff --git a/.buildkite/pipelines/pull_request/security_solution/investigations.yml b/.buildkite/pipelines/pull_request/security_solution/investigations.yml new file mode 100644 index 0000000000000..0390f5dfec8e7 --- /dev/null +++ b/.buildkite/pipelines/pull_request/security_solution/investigations.yml @@ -0,0 +1,24 @@ +steps: + - command: .buildkite/scripts/steps/functional/security_solution_investigations.sh + label: 'Investigations - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 8 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_serverless_investigations.sh + label: 'Serverless Investigations - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 8 + retry: + automatic: + - exit_status: '*' + limit: 1 \ No newline at end of file diff --git a/.buildkite/pipelines/pull_request/security_solution/rule_management.yml b/.buildkite/pipelines/pull_request/security_solution/rule_management.yml new file mode 100644 index 0000000000000..e36f77ec60988 --- /dev/null +++ b/.buildkite/pipelines/pull_request/security_solution/rule_management.yml @@ -0,0 +1,48 @@ +steps: + - command: .buildkite/scripts/steps/functional/security_serverless_rule_management.sh + label: 'Serverless Rule Management - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 8 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_serverless_rule_management_prebuilt_rules.sh + label: 'Serverless Rule Management - Prebuilt Rules - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 4 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_rule_management.sh + label: 'Rule Management - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 8 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_rule_management_prebuilt_rules.sh + label: 'Rule Management - Prebuilt Rules - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 \ No newline at end of file diff --git a/.buildkite/scripts/pipelines/pull_request/pipeline.ts b/.buildkite/scripts/pipelines/pull_request/pipeline.ts index 0a305f49a811f..f9eab6138834c 100644 --- a/.buildkite/scripts/pipelines/pull_request/pipeline.ts +++ b/.buildkite/scripts/pipelines/pull_request/pipeline.ts @@ -176,7 +176,9 @@ const uploadPipeline = (pipelineContent: string | object) => { GITHUB_PR_LABELS.includes('ci:cypress-burn') || GITHUB_PR_LABELS.includes('ci:all-cypress-suites') ) { - pipeline.push(getPipeline('.buildkite/pipelines/pull_request/cypress_burn.yml')); + pipeline.push( + getPipeline('.buildkite/pipelines/pull_request/security_solution/cypress_burn.yml') + ); } if ( @@ -189,7 +191,53 @@ const uploadPipeline = (pipelineContent: string | object) => { ])) || GITHUB_PR_LABELS.includes('ci:all-cypress-suites') ) { - pipeline.push(getPipeline('.buildkite/pipelines/pull_request/defend_workflows.yml')); + pipeline.push( + getPipeline('.buildkite/pipelines/pull_request/security_solution/defend_workflows.yml') + ); + } + + if ( + (await doAnyChangesMatch([ + /^package.json/, + /^packages\/kbn-securitysolution-.*/, + /^x-pack\/plugins\/alerting/, + /^x-pack\/plugins\/data_views\/common/, + /^x-pack\/plugins\/lists/, + /^x-pack\/plugins\/rule_registry\/common/, + /^x-pack\/plugins\/security_solution/, + /^x-pack\/plugins\/security_solution_ess/, + /^x-pack\/plugins\/security_solution_serverless/, + /^x-pack\/plugins\/task_manager/, + /^x-pack\/plugins\/timelines/, + /^x-pack\/plugins\/triggers_actions_ui\/public\/application\/sections\/action_connector_form/, + /^x-pack\/plugins\/triggers_actions_ui\/public\/application\/context\/actions_connectors_context\.tsx/, + /^x-pack\/plugins\/triggers_actions_ui\/server\/connector_types\/openai/, + /^x-pack\/plugins\/triggers_actions_ui\/server\/connector_types\/bedrock/, + /^x-pack\/plugins\/usage_collection\/public/, + /^x-pack\/plugins\/elastic_assistant/, + /^x-pack\/packages\/security-solution/, + /^x-pack\/packages\/kbn-elastic-assistant/, + /^x-pack\/packages\/kbn-elastic-assistant-common/, + /^x-pack\/test\/security_solution_cypress/, + ])) || + GITHUB_PR_LABELS.includes('ci:all-cypress-suites') + ) { + pipeline.push( + getPipeline('.buildkite/pipelines/pull_request/security_solution/ai_assistant.yml') + ); + pipeline.push( + getPipeline('.buildkite/pipelines/pull_request/security_solution/detection_engine.yml') + ); + pipeline.push( + getPipeline('.buildkite/pipelines/pull_request/security_solution/entity_analytics.yml') + ); + pipeline.push(getPipeline('.buildkite/pipelines/pull_request/security_solution/explore.yml')); + pipeline.push( + getPipeline('.buildkite/pipelines/pull_request/security_solution/investigations.yml') + ); + pipeline.push( + getPipeline('.buildkite/pipelines/pull_request/security_solution/rule_management.yml') + ); } pipeline.push(getPipeline('.buildkite/pipelines/pull_request/post_build.yml'));