Skip to content

Commit

Permalink
[Security Solutions][Detection Engine] Fixes pre-packaged rules which…
Browse files Browse the repository at this point in the history
… contain exception lists to not overwrite user defined lists (#80592)

## Summary

Fixes a bug where when you update your pre-packaged rules you could end up removing any existing exception lists the user might have already added. See: #80417

* Fixes the merge logic so that any exception lists from pre-packaged rules will be additive if they do not already exist on the rule. User based exception lists will not be lost.
* Added new backend integration tests for exception lists that did not exist before including ones that test the functionality of exception lists
* Refactored some of the code in the `get_rules_to_update.ts`
* Refactored some of the integration tests to use helper utils of `countDownES`, and `countDownTest` which simplify the retry logic within the integration tests
* Added unit tests to exercise the bug and then the fix.
* Added integration tests that fail this logic and then fixed the logic

### Checklist

Delete any items that are not applicable to this PR.

- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
  • Loading branch information
FrankHassanabad committed Oct 15, 2020
1 parent 58f152a commit d18854d
Show file tree
Hide file tree
Showing 7 changed files with 1,377 additions and 216 deletions.
Loading

0 comments on commit d18854d

Please sign in to comment.