Merge branch 'main' into geo_containment_form_refactor

elastic · Sep 5, 2023 · ecf4225 · ecf4225
2 parents 06ad4c4 + 756599f
commit ecf4225
Show file tree

Hide file tree

Showing 1,421 changed files with 28,749 additions and 13,957 deletions.
diff --git a/.buildkite/hooks/post-command b/.buildkite/hooks/post-command
@@ -1,3 +1,7 @@
 #!/usr/bin/env bash
 
-.buildkite/scripts/lifecycle/post_command.sh
+if [[ "$BUILDKITE_AGENT_NAME" =~ ^bk-agent ]]; then
+  echo "Pipeline file triggered from outside the kibana executors, skipping post_command"
+else
+  .buildkite/scripts/lifecycle/post_command.sh
+fi
diff --git a/.buildkite/hooks/pre-command b/.buildkite/hooks/pre-command
@@ -1,3 +1,7 @@
 #!/usr/bin/env bash
 
-source .buildkite/scripts/lifecycle/pre_command.sh
+if [[ "$BUILDKITE_AGENT_NAME" =~ ^bk-agent ]]; then
+  echo "Pipeline file triggered from outside the kibana executors, skipping pre_command"
+else
+  source .buildkite/scripts/lifecycle/pre_command.sh
+fi
diff --git a/.buildkite/pipelines/on_merge_unsupported_ftrs.yml b/.buildkite/pipelines/on_merge_unsupported_ftrs.yml
@@ -96,8 +96,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-solution/**/*"
 
   - command: .buildkite/scripts/steps/functional/osquery_cypress.sh
     label: 'Osquery Cypress Tests'
@@ -110,8 +108,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-osquery/**/*"
 
   - command: .buildkite/scripts/steps/functional/synthetics_plugin.sh
     label: 'Synthetics @elastic/synthetics Tests'

diff --git a/.buildkite/pipelines/pipeline.kibana-serverless-release.yaml b/.buildkite/pipelines/pipeline.kibana-serverless-release.yaml
@@ -6,4 +6,4 @@ steps:
     build:
       env:
         SERVICE_COMMIT_HASH: "${BUILDKITE_COMMIT:0:12}"
-        REMOTE_SERVICE_CONFIG: https://raw.githubusercontent.com/elastic/serverless-gitops/main/gen/gpctl/kibana/tagged-release.yaml
+        REMOTE_SERVICE_CONFIG: https://raw.githubusercontent.com/elastic/serverless-gitops/main/gen/gpctl/kibana/config.yaml
diff --git a/.buildkite/pipelines/pull_request/base.yml b/.buildkite/pipelines/pull_request/base.yml
@@ -146,8 +146,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-solution/**/*"
 
   # status_exception: Native role management is not enabled in this Elasticsearch instance
   # - command: .buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh
@@ -161,8 +159,6 @@ steps:
   #     automatic:
   #       - exit_status: '*'
   #         limit: 1
-  #   artifact_paths:
-  #     - "target/kibana-security-solution/**/*"
 
   - command: .buildkite/scripts/steps/functional/security_serverless_investigations.sh
     label: 'Serverless Security Investigations Cypress Tests'
@@ -176,8 +172,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-solution/**/*"
 
   - command: .buildkite/scripts/steps/functional/security_serverless_explore.sh
     label: 'Serverless Security Explore Cypress Tests'
@@ -191,8 +185,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-solution/**/*"
 
   - command: .buildkite/scripts/steps/lint.sh
     label: 'Linting'

diff --git a/.buildkite/pipelines/pull_request/defend_workflows.yml b/.buildkite/pipelines/pull_request/defend_workflows.yml
@@ -10,8 +10,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-solution/**/*"
 
   - command: .buildkite/scripts/steps/functional/defend_workflows_vagrant.sh
     label: 'Defend Workflows Endpoint Cypress Tests'
@@ -24,5 +22,3 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-solution/**/*"
diff --git a/.buildkite/pipelines/pull_request/osquery_cypress.yml b/.buildkite/pipelines/pull_request/osquery_cypress.yml
@@ -10,8 +10,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-osquery/**/*"
 
   - command: .buildkite/scripts/steps/functional/osquery_cypress_burn.sh
     label: 'Osquery Cypress Tests, burning changed specs'
@@ -22,8 +20,6 @@ steps:
     soft_fail: true
     retry:
       automatic: false
-    artifact_paths:
-      - "target/kibana-osquery/**/*"
 
   # Error: self-signed certificate in certificate chain
   # - command: .buildkite/scripts/steps/functional/security_serverless_osquery.sh
@@ -37,5 +33,3 @@ steps:
   #     automatic:
   #       - exit_status: '*'
   #         limit: 1
-  #   artifact_paths:
-  #     - "target/kibana-osquery/**/*"
diff --git a/.buildkite/pipelines/pull_request/response_ops.yml b/.buildkite/pipelines/pull_request/response_ops.yml
@@ -10,5 +10,3 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-solution/**/*"
diff --git a/.buildkite/pipelines/pull_request/response_ops_cases.yml b/.buildkite/pipelines/pull_request/response_ops_cases.yml
@@ -9,5 +9,3 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-solution/**/*"
diff --git a/.buildkite/pipelines/pull_request/security_solution.yml b/.buildkite/pipelines/pull_request/security_solution.yml
@@ -10,8 +10,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - 'target/kibana-security-solution/**/*'
 
   - command: .buildkite/scripts/steps/functional/security_solution_explore.sh
     label: 'Explore - Security Solution Cypress Tests'
@@ -24,8 +22,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - 'target/kibana-security-solution/**/*'
 
   - command: .buildkite/scripts/steps/functional/security_solution_investigations.sh
     label: 'Investigations - Security Solution Cypress Tests'
@@ -38,8 +34,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - 'target/kibana-security-solution/**/*'
 
   - command: .buildkite/scripts/steps/functional/security_solution_burn.sh
     label: 'Security Solution Cypress tests, burning changed specs'
@@ -51,8 +45,6 @@ steps:
     retry:
       automatic: false
     soft_fail: true
-    artifact_paths:
-      - 'target/kibana-security-solution/**/*'
 
   - command: .buildkite/scripts/steps/code_generation/security_solution_codegen.sh
     label: 'Security Solution OpenAPI codegen'

diff --git a/.buildkite/pipelines/pull_request/threat_intelligence.yml b/.buildkite/pipelines/pull_request/threat_intelligence.yml
@@ -10,5 +10,3 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-threat-intelligence/**/*"
diff --git a/.buildkite/pipelines/quality-gates/pipeline.kibana-tests.yaml b/.buildkite/pipelines/quality-gates/pipeline.kibana-tests.yaml
@@ -1,4 +1,17 @@
+# This pipeline serves as the entry point for your service's quality gates definitions. When
+# properly configured, it will be invoked automatically as part of the automated
+# promotion process once a new version was rolled out in one of the various cloud stages.
+#
+# The updated environment is provided via ENVIRONMENT variable. The seedling
+# step will branch and execute pipeline snippets at the following location:
+# pipeline.tests-qa.yaml
+# pipeline.tests-staging.yaml
+# pipeline.tests-production.yaml
+#
+# Docs: https://docs.elastic.dev/serverless/qualitygates
+
 env:
+  TEAM_CHANNEL: "#kibana-mission-control"
   ENVIRONMENT: ${ENVIRONMENT?}
 
 steps:
@@ -8,3 +21,7 @@ steps:
     command: "make -C /agent run-environment-tests"
     agents:
       image: "docker.elastic.co/ci-agent-images/quality-gate-seedling:0.0.2"
+
+notify:
+  - slack: "${TEAM_CHANNEL?}"
+    if: build.branch == "main" && build.state == "failed"
diff --git a/.buildkite/pipelines/quality-gates/pipeline.tests-production.yaml b/.buildkite/pipelines/quality-gates/pipeline.tests-production.yaml
@@ -1,10 +1,29 @@
+# These pipeline steps constitute the quality gate for your service within the production
+# environment. Incorporate any necessary additional logic to validate the service's integrity.
+# A failure in this pipeline build will prevent further progression to the subsequent stage.
+
 steps:
   - label: ":pipeline::fleet::seedling: Trigger Observability Kibana Tests for ${ENVIRONMENT}"
     command: echo "replace me with Observability specific Kibana tests"
-    agent:
+    agents:
       image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
 
   - label: ":pipeline::lock::seedling: Trigger Security Kibana Tests for ${ENVIRONMENT}"
     command: echo "replace me with Security specific Kibana tests"
-    agent:
+    agents:
       image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
+
+  - label: ":rocket: Run cp e2e tests"
+    trigger: "ess-k8s-production-e2e-tests"
+    build:
+      message: "${BUILDKITE_MESSAGE}"
+      env:
+        REGION_ID: aws-us-east-1
+        NAME_PREFIX: ci_test_${SERVICE}-promotion_
+
+  - wait: ~
+
+  - label: ":judge::seedling: Trigger Manual Tests Phase"
+    command: "make -C /agent trigger-manual-verification-phase"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/manual-verification-agent:0.0.2"
diff --git a/.buildkite/pipelines/quality-gates/pipeline.tests-qa.yaml b/.buildkite/pipelines/quality-gates/pipeline.tests-qa.yaml
@@ -1,20 +1,39 @@
+# These pipeline steps constitute the quality gate for your service within the QA environment.
+# Incorporate any necessary additional logic to validate the service's integrity. A failure in
+# this pipeline build will prevent further progression to the subsequent stage.
+
 steps:
   - label: ":pipeline::kibana::seedling: Trigger Kibana Tests for ${ENVIRONMENT}"
     command: echo "replace me with Kibana specific tests"
-    agent:
+    agents:
       image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
 
   - label: ":pipeline::fleet::seedling: Trigger Fleet Kibana Tests for ${ENVIRONMENT}"
     command: echo "replace me with Fleet specific Kibana tests"
-    agent:
+    agents:
       image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
 
   - label: ":pipeline::lock::seedling: Trigger Security Kibana Tests for ${ENVIRONMENT}"
     command: echo "replace me with Security specific Kibana tests"
-    agent:
+    agents:
       image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
 
   - label: ":pipeline::lock::seedling: Trigger Control Plane Kibana Tests for ${ENVIRONMENT}"
     command: echo "replace me with Control Plane specific Kibana tests"
-    agent:
+    agents:
       image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
+
+  - label: ":rocket: Run cp e2e tests"
+    trigger: "ess-k8s-qa-e2e-tests-daily"
+    build:
+      message: "${BUILDKITE_MESSAGE}"
+      env:
+        REGION_ID: aws-eu-west-1
+        NAME_PREFIX: ci_test_kibana-promotion_
+
+  - wait: ~
+
+  - label: ":judge::seedling: Trigger Manual Tests Phase"
+    command: "make -C /agent trigger-manual-verification-phase"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/manual-verification-agent:0.0.2"
diff --git a/.buildkite/pipelines/quality-gates/pipeline.tests-staging.yaml b/.buildkite/pipelines/quality-gates/pipeline.tests-staging.yaml
@@ -1,10 +1,29 @@
+# These pipeline steps constitute the quality gate for your service within the staging environment.
+# Incorporate any necessary additional logic to validate the service's integrity. A failure in
+# this pipeline build will prevent further progression to the subsequent stage.
+
 steps:
   - label: ":pipeline::fleet::seedling: Trigger Observability Kibana Tests for ${ENVIRONMENT}"
     command: echo "replace me with Observability specific Kibana tests"
-    agent:
+    agents:
       image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
 
   - label: ":pipeline::lock::seedling: Trigger Security Kibana Tests for ${ENVIRONMENT}"
     command: echo "replace me with Security specific Kibana tests"
-    agent:
+    agents:
       image: "docker.elastic.co/ci-agent-images/basic-buildkite-agent:1688566364"
+
+  - label: ":rocket: Run cp e2e tests"
+    trigger: "ess-k8s-staging-e2e-tests"
+    build:
+      message: "${BUILDKITE_MESSAGE}"
+      env:
+        REGION_ID: aws-us-east-1
+        NAME_PREFIX: ci_test_kibana-promotion_
+
+  - wait: ~
+
+  - label: ":judge::seedling: Trigger Manual Tests Phase"
+    command: "make -C /agent trigger-manual-verification-phase"
+    agents:
+      image: "docker.elastic.co/ci-agent-images/manual-verification-agent:0.0.2"
diff --git a/.buildkite/pipelines/serverless.yml b/.buildkite/pipelines/serverless.yml
@@ -110,8 +110,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-serverless/**/*"
 
   - command: .buildkite/scripts/steps/functional/security_serverless_explore.sh
     label: 'Serverless Explore - Security Solution Cypress Tests'
@@ -124,8 +122,6 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-serverless/**/*"
 
   - command: .buildkite/scripts/steps/functional/security_serverless_investigations.sh
     label: 'Serverless Investigations - Security Solution Cypress Tests'
@@ -138,5 +134,3 @@ steps:
       automatic:
         - exit_status: '*'
           limit: 1
-    artifact_paths:
-      - "target/kibana-security-serverless/**/*"
diff --git a/.buildkite/scripts/pipelines/pull_request/pipeline.ts b/.buildkite/scripts/pipelines/pull_request/pipeline.ts
@@ -119,6 +119,15 @@ const uploadPipeline = (pipelineContent: string | object) => {
       pipeline.push(getPipeline('.buildkite/pipelines/pull_request/apm_cypress.yml'));
     }
 
+    if (
+      (await doAnyChangesMatch([/^x-pack\/plugins\/observability_onboarding/])) ||
+      GITHUB_PR_LABELS.includes('ci:all-cypress-suites')
+    ) {
+      pipeline.push(
+        getPipeline('.buildkite/pipelines/pull_request/observability_onboarding_cypress.yml')
+      );
+    }
+
     if (
       (await doAnyChangesMatch([/^x-pack\/plugins\/profiling/])) ||
       GITHUB_PR_LABELS.includes('ci:all-cypress-suites')

diff --git a/.buildkite/scripts/steps/artifacts/docker_image.sh b/.buildkite/scripts/steps/artifacts/docker_image.sh
@@ -98,12 +98,14 @@ steps:
   - label: ":argo: Update kibana image tag for kibana-controller using gpctl"
     async: true
     branches: main
-    trigger: gpctl-promote
+    trigger: gpctl-promote-with-e2e-tests
     build:
       env:
         SERVICE_COMMIT_HASH: "$GIT_ABBREV_COMMIT"
-        REMOTE_SERVICE_CONFIG: https://raw.githubusercontent.com/elastic/serverless-gitops/main/gen/gpctl/kibana/config.yaml
-
+        SERVICE: kibana-controller
+        NAMESPACE: kibana-ci
+        IMAGE_NAME: kibana-serverless
+        REMOTE_SERVICE_CONFIG: https://raw.githubusercontent.com/elastic/serverless-gitops/main/gen/gpctl/kibana/dev.yaml
 EOF
 
 else

diff --git a/.buildkite/scripts/steps/functional/defend_workflows.sh b/.buildkite/scripts/steps/functional/defend_workflows.sh
@@ -12,4 +12,5 @@ echo "--- Defend Workflows Cypress tests"
 
 cd x-pack/plugins/security_solution
 
+set +e
 yarn cypress:dw:run; status=$?; yarn junit:merge && exit $status
diff --git a/.buildkite/scripts/steps/functional/defend_workflows_vagrant.sh b/.buildkite/scripts/steps/functional/defend_workflows_vagrant.sh
@@ -12,4 +12,5 @@ echo "--- Defend Workflows Endpoint Cypress tests"
 
 cd x-pack/plugins/security_solution
 
+set +e
 yarn cypress:dw:endpoint:run; status=$?; yarn junit:merge && exit $status
diff --git a/.buildkite/scripts/steps/functional/osquery_cypress.sh b/.buildkite/scripts/steps/functional/osquery_cypress.sh
@@ -12,4 +12,7 @@ export JOB=kibana-osquery-cypress
 
 echo "--- Osquery Cypress tests"
 
-yarn --cwd x-pack/plugins/osquery cypress:run
+cd x-pack/plugins/osquery
+
+set +e
+yarn cypress:run; status=$?; yarn junit:merge && exit $status
diff --git a/.buildkite/scripts/steps/functional/osquery_cypress_burn.sh b/.buildkite/scripts/steps/functional/osquery_cypress_burn.sh
@@ -14,4 +14,5 @@ buildkite-agent meta-data set "${BUILDKITE_JOB_ID}_is_test_execution_step" 'fals
 
 echo "--- Osquery Cypress tests, burning changed specs (Chrome)"
 
-yarn --cwd x-pack/plugins/osquery cypress:changed-specs-only
+set +e
+yarn cypress:changed-specs-only; status=$?; yarn junit:merge && exit $status
diff --git a/.buildkite/scripts/steps/functional/response_ops.sh b/.buildkite/scripts/steps/functional/response_ops.sh
@@ -12,4 +12,5 @@ echo "--- Response Ops Cypress Tests on Security Solution"
 
 cd x-pack/test/security_solution_cypress
 
+set +e
 yarn cypress:run:respops:ess; status=$?; yarn junit:merge && exit $status
Original file line number	Diff line number	Diff line change
Expand Up		@@ -12,4 +12,5 @@ echo "--- Defend Workflows Cypress tests"

		cd x-pack/plugins/security_solution

		set +e
		yarn cypress:dw:run; status=$?; yarn junit:merge && exit $status
Original file line number	Diff line number	Diff line change
Expand Up		@@ -12,4 +12,5 @@ echo "--- Response Ops Cypress Tests on Security Solution"

		cd x-pack/test/security_solution_cypress

		set +e
		yarn cypress:run:respops:ess; status=$?; yarn junit:merge && exit $status