diff --git a/.buildkite/ftr_configs.yml b/.buildkite/ftr_configs.yml index 9404a7aab18c0..e909a09509804 100644 --- a/.buildkite/ftr_configs.yml +++ b/.buildkite/ftr_configs.yml @@ -6,7 +6,6 @@ disabled: - test/functional/config.base.js - test/functional/firefox/config.base.ts - x-pack/test/functional/config.base.js - - x-pack/test/detection_engine_api_integration/security_and_spaces/config.base.ts - x-pack/test/functional_enterprise_search/base_config.ts - x-pack/test/localization/config.base.ts - test/server_integration/config.base.js @@ -232,7 +231,6 @@ enabled: - x-pack/test/cloud_security_posture_functional/config.ts - x-pack/test/cloud_security_posture_api/config.ts - x-pack/test/dataset_quality_api_integration/basic/config.ts - - x-pack/test/detection_engine_api_integration/basic/config.ts - x-pack/test/disable_ems/config.ts - x-pack/test/encrypted_saved_objects_api_integration/config.ts - x-pack/test/examples/config.ts @@ -493,8 +491,12 @@ enabled: - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/large_prebuilt_rules_package/trial_license_complete_tier/configs/ess.config.ts @@ -507,14 +509,20 @@ enabled: - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/detections_response/user_roles/trial_license_complete_tier/configs/ess.config.ts diff --git a/.buildkite/pipelines/security_solution/api_integration.yml b/.buildkite/pipelines/security_solution/api_integration.yml index b0c7832b967d5..fd5ec303a7c66 100644 --- a/.buildkite/pipelines/security_solution/api_integration.yml +++ b/.buildkite/pipelines/security_solution/api_integration.yml @@ -7,11 +7,11 @@ steps: timeout_in_minutes: 60 retry: automatic: - - exit_status: "-1" + - exit_status: '-1' limit: 3 - command: .buildkite/scripts/pipelines/security_solution_quality_gate/upload_image_metadata.sh - label: "Upload runtime info" + label: 'Upload runtime info' key: upload_runtime_info depends_on: build_image agents: @@ -19,10 +19,10 @@ steps: timeout_in_minutes: 300 retry: automatic: - - exit_status: "-1" + - exit_status: '-1' limit: 2 - - group: "Execute Tests" + - group: 'Execute Tests' depends_on: build_image steps: - label: Running exception_workflows:qa:serverless @@ -33,7 +33,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "*" + - exit_status: '*' limit: 2 - label: Running exception_operators_date_numeric_types:qa:serverless @@ -44,7 +44,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "*" + - exit_status: '*' limit: 2 - label: Running exception_operators_keyword:qa:serverless @@ -55,7 +55,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "*" + - exit_status: '*' limit: 2 - label: Running exception_operators_ips:qa:serverless @@ -66,7 +66,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "*" + - exit_status: '*' limit: 2 - label: Running exception_operators_long:qa:serverless @@ -77,7 +77,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running exception_operators_text:qa:serverless @@ -86,17 +86,6 @@ steps: agents: queue: n2-4-spot timeout_in_minutes: 120 - retry: - automatic: - - exit_status: "1" - limit: 2 - - - label: Running rule_creation:essentials:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_creation:essentials:qa:serverless - key: rule_creation:essentials:qa:serverless - agents: - queue: n2-4-spot - timeout_in_minutes: 120 retry: automatic: - exit_status: '1' @@ -135,9 +124,9 @@ steps: - exit_status: '1' limit: 2 - - label: Running entity_analytics:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh entity_analytics:qa:serverless - key: entity_analytics:qa:serverless + - label: Running genai:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh genai:qa:serverless + key: genai:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 @@ -146,125 +135,169 @@ steps: - exit_status: "1" limit: 2 - - label: Running genai:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh genai:qa:serverless - key: genai:qa:serverless + - label: Running rule_execution_logic:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:qa:serverless + key: rule_execution_logic:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running prebuilt_rules_management:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh prebuilt_rules_management:qa:serverless - key: prebuilt_rules_management:qa:serverless + - label: Running rule_patch:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_patch:qa:serverless + key: rule_patch:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running prebuilt_rules_bundled_prebuilt_rules_package:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh prebuilt_rules_bundled_prebuilt_rules_package:qa:serverless - key: prebuilt_rules_bundled_prebuilt_rules_package:qa:serverless + - label: Running rule_patch:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh rule_patch:essentials:qa:serverless + key: rule_patch:essentials:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running prebuilt_rules_large_prebuilt_rules_package:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh prebuilt_rules_large_prebuilt_rules_package:qa:serverless - key: prebuilt_rules_large_prebuilt_rules_package:qa:serverless + - label: Running rule_update:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_update:qa:serverless + key: rule_update:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running prebuilt_rules_update_prebuilt_rules_package:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh prebuilt_rules_update_prebuilt_rules_package:qa:serverless - key: prebuilt_rules_update_prebuilt_rules_package:qa:serverless + - label: Running rule_update:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh rule_update:essentials:qa:serverless + key: rule_update:essentials:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running rule_execution_logic:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_execution_logic:qa:serverless - key: rule_execution_logic:qa:serverless + - label: Running rules_management:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh rules_management:essentials:qa:serverless + key: rules_management:essentials:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running user_roles:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh user_roles:qa:serverless - key: user_roles:qa:serverless + - label: Running rule_management:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_management:qa:serverless + key: rule_management:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running telemetry:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh telemetry:qa:serverless - key: telemetry:qa:serverless + - label: Running prebuilt_rules_management:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh prebuilt_rules_management:qa:serverless + key: prebuilt_rules_management:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running rule_delete:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_delete:qa:serverless - key: rule_delete:qa:serverless + - label: Running prebuilt_rules_bundled_prebuilt_rules_package:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh prebuilt_rules_bundled_prebuilt_rules_package:qa:serverless + key: prebuilt_rules_bundled_prebuilt_rules_package:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running rule_update:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_update:qa:serverless - key: rule_update:qa:serverless + - label: Running prebuilt_rules_large_prebuilt_rules_package:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh prebuilt_rules_large_prebuilt_rules_package:qa:serverless + key: prebuilt_rules_large_prebuilt_rules_package:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - - label: Running rule_patch:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_patch:qa:serverless - key: rule_patch:qa:serverless + - label: Running prebuilt_rules_update_prebuilt_rules_package:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh prebuilt_rules_update_prebuilt_rules_package:qa:serverless + key: prebuilt_rules_update_prebuilt_rules_package:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' + limit: 2 + + - label: Running rule_bulk_actions:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh rule_bulk_actions:qa:serverless + key: rule_bulk_actions:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_read:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh rule_read:qa:serverless + key: rule_read:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_read:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh rule_read:essentials:qa:serverless + key: rule_read:essentials:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_import_export:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh rule_import_export:essentials:qa:serverless + key: rule_import_export:essentials:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' limit: 2 - label: Running rule_import_export:qa:serverless @@ -275,9 +308,10 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 + - label: Running rule_management:qa:serverless command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_management:qa:serverless key: rule_management:qa:serverless @@ -286,7 +320,7 @@ steps: timeout_in_minutes: 120 retry: automatic: - - exit_status: "1" + - exit_status: '1' limit: 2 - label: Running rule_read:qa:serverless @@ -300,9 +334,53 @@ steps: - exit_status: '1' limit: 2 - - label: Running rules_management:essentials:qa:serverless - command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rules_management:essentials:qa:serverless - key: rules_management:essentials:qa:serverless + - label: Running rule_read:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh rule_read:essentials:qa:serverless + key: rule_read:essentials:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_creation:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_creation:qa:serverless + key: rule_creation:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_creation:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_creation:essentials:qa:serverless + key: rule_creation:essentials:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_delete:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh rule_delete:qa:serverless + key: rule_delete:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running rule_delete:essentials:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api-integration-tests.sh rule_delete:essentials:qa:serverless + key: rule_delete:essentials:qa:serverless agents: queue: n2-4-spot timeout_in_minutes: 120 @@ -332,3 +410,35 @@ steps: automatic: - exit_status: '1' limit: 2 + + - label: Running user_roles:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh user_roles:qa:serverless + key: user_roles:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + + - label: Running telemetry:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh telemetry:qa:serverless + key: telemetry:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 + - label: Running entity_analytics:qa:serverless + command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh entity_analytics:qa:serverless + key: entity_analytics:qa:serverless + agents: + queue: n2-4-spot + timeout_in_minutes: 120 + retry: + automatic: + - exit_status: '1' + limit: 2 diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 8f40c55a2bea3..3566a855a765f 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1257,7 +1257,7 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib # Security Solution /x-pack/test/functional/es_archives/endpoint/ @elastic/security-solution /x-pack/test/plugin_functional/test_suites/resolver/ @elastic/security-solution -/x-pack/test/detection_engine_api_integration @elastic/security-solution +/x-pack/test/security_solution_api_integration @elastic/security-solution /x-pack/test/api_integration/apis/security_solution @elastic/security-solution #CC# /x-pack/plugins/security_solution/ @elastic/security-solution diff --git a/x-pack/plugins/security_solution/common/experimental_features.ts b/x-pack/plugins/security_solution/common/experimental_features.ts index 7ded25a070227..19af0a010342c 100644 --- a/x-pack/plugins/security_solution/common/experimental_features.ts +++ b/x-pack/plugins/security_solution/common/experimental_features.ts @@ -27,7 +27,7 @@ export const allowedExperimentalValues = Object.freeze({ * we don't want people to be able to violate security by getting access to whole documents * around telemetry they should not. * @see telemetry_detection_rules_preview_route.ts - * @see test/detection_engine_api_integration/security_and_spaces/tests/telemetry/README.md + * @see test/security_solution_api_integration/test_suites/telemetry/README.md */ previewTelemetryUrlEnabled: false, diff --git a/x-pack/test/cases_api_integration/common/lib/alerts.ts b/x-pack/test/cases_api_integration/common/lib/alerts.ts index e0d4b1537190b..a74524c448493 100644 --- a/x-pack/test/cases_api_integration/common/lib/alerts.ts +++ b/x-pack/test/cases_api_integration/common/lib/alerts.ts @@ -15,13 +15,13 @@ import { RiskEnrichmentFields } from '@kbn/security-solution-plugin/server/lib/d import { AttachmentType, Case } from '@kbn/cases-plugin/common'; import { ALERT_CASE_IDS } from '@kbn/rule-data-utils'; import { - getRuleForSignalTesting, + getRuleForAlertTesting, createRule, waitForRuleSuccess, - waitForSignalsToBePresent, - getSignalsByIds, - getQuerySignalIds, -} from '../../../detection_engine_api_integration/utils'; + waitForAlertsToBePresent, + getAlertsByIds, + getQueryAlertIds, +} from '../../../common/utils/security_solution'; import { superUser } from './authentication/users'; import { User } from './authentication/types'; import { getSpaceUrlPrefix } from './api/helpers'; @@ -35,13 +35,13 @@ export const createSecuritySolutionAlerts = async ( numberOfSignals: number = 1 ): Promise> => { const rule = { - ...getRuleForSignalTesting(['auditbeat-*']), + ...getRuleForAlertTesting(['auditbeat-*']), query: 'process.executable: "/usr/bin/sudo"', }; const { id } = await createRule(supertest, log, rule); await waitForRuleSuccess({ supertest, log, id }); - await waitForSignalsToBePresent(supertest, log, numberOfSignals, [id]); - const signals = await getSignalsByIds(supertest, log, [id]); + await waitForAlertsToBePresent(supertest, log, numberOfSignals, [id]); + const signals = await getAlertsByIds(supertest, log, [id]); return signals; }; @@ -53,7 +53,7 @@ export const getSecuritySolutionAlerts = async ( const { body: updatedAlert } = await supertest .post(DETECTION_ENGINE_QUERY_SIGNALS_URL) .set('kbn-xsrf', 'true') - .send(getQuerySignalIds(alertIds)) + .send(getQueryAlertIds(alertIds)) .expect(200); return updatedAlert; diff --git a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/delete_cases.ts b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/delete_cases.ts index 5166f7b135380..4c3239fe0d126 100644 --- a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/delete_cases.ts +++ b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/delete_cases.ts @@ -64,10 +64,10 @@ import { } from '../../../../common/lib/constants'; import { User } from '../../../../common/lib/authentication/types'; import { - createSignalsIndex, + createAlertsIndex, deleteAllRules, deleteAllAlerts, -} from '../../../../../detection_engine_api_integration/utils'; +} from '../../../../../common/utils/security_solution'; // eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext): void => { @@ -260,7 +260,7 @@ export default ({ getService }: FtrProviderContext): void => { beforeEach(async () => { await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'); - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); const signals = await createSecuritySolutionAlerts(supertest, log, 2); alerts = [signals.hits.hits[0], signals.hits.hits[1]]; }); diff --git a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/patch_cases.ts b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/patch_cases.ts index 3a965b73004ef..07349749f0a2a 100644 --- a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/patch_cases.ts +++ b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/cases/patch_cases.ts @@ -44,16 +44,16 @@ import { getConfigurationRequest, } from '../../../../common/lib/api'; import { - createSignalsIndex, + createAlertsIndex, deleteAllAlerts, deleteAllRules, - getRuleForSignalTesting, + getRuleForAlertTesting, waitForRuleSuccess, - waitForSignalsToBePresent, - getSignalsByIds, + waitForAlertsToBePresent, + getAlertsByIds, createRule, - getQuerySignalIds, -} from '../../../../../detection_engine_api_integration/utils'; + getQueryAlertIds, +} from '../../../../../common/utils/security_solution'; import { globalRead, noKibanaPrivileges, @@ -1714,7 +1714,7 @@ export default ({ getService }: FtrProviderContext): void => { describe('detections rule', () => { beforeEach(async () => { await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'); - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -1725,15 +1725,15 @@ export default ({ getService }: FtrProviderContext): void => { it('updates alert status when the status is updated and syncAlerts=true', async () => { const rule = { - ...getRuleForSignalTesting(['auditbeat-*']), + ...getRuleForAlertTesting(['auditbeat-*']), query: 'process.executable: "/usr/bin/sudo"', }; const postedCase = await createCase(supertest, postCaseReq); const { id } = await createRule(supertest, log, rule); await waitForRuleSuccess({ supertest, log, id }); - await waitForSignalsToBePresent(supertest, log, 1, [id]); - const signals = await getSignalsByIds(supertest, log, [id]); + await waitForAlertsToBePresent(supertest, log, 1, [id]); + const signals = await getAlertsByIds(supertest, log, [id]); const alert = signals.hits.hits[0]; expect(alert._source?.[ALERT_WORKFLOW_STATUS]).eql('open'); @@ -1774,7 +1774,7 @@ export default ({ getService }: FtrProviderContext): void => { const { body: updatedAlert } = await supertest .post(DETECTION_ENGINE_QUERY_SIGNALS_URL) .set('kbn-xsrf', 'true') - .send(getQuerySignalIds([alert._id])) + .send(getQueryAlertIds([alert._id])) .expect(200); expect(updatedAlert.hits.hits[0]._source?.['kibana.alert.workflow_status']).eql( @@ -1784,7 +1784,7 @@ export default ({ getService }: FtrProviderContext): void => { it('does NOT updates alert status when the status is updated and syncAlerts=false', async () => { const rule = { - ...getRuleForSignalTesting(['auditbeat-*']), + ...getRuleForAlertTesting(['auditbeat-*']), query: 'process.executable: "/usr/bin/sudo"', }; @@ -1795,8 +1795,8 @@ export default ({ getService }: FtrProviderContext): void => { const { id } = await createRule(supertest, log, rule); await waitForRuleSuccess({ supertest, log, id }); - await waitForSignalsToBePresent(supertest, log, 1, [id]); - const signals = await getSignalsByIds(supertest, log, [id]); + await waitForAlertsToBePresent(supertest, log, 1, [id]); + const signals = await getAlertsByIds(supertest, log, [id]); const alert = signals.hits.hits[0]; expect(alert._source?.[ALERT_WORKFLOW_STATUS]).eql('open'); @@ -1832,7 +1832,7 @@ export default ({ getService }: FtrProviderContext): void => { const { body: updatedAlert } = await supertest .post(DETECTION_ENGINE_QUERY_SIGNALS_URL) .set('kbn-xsrf', 'true') - .send(getQuerySignalIds([alert._id])) + .send(getQueryAlertIds([alert._id])) .expect(200); expect(updatedAlert.hits.hits[0]._source?.['kibana.alert.workflow_status']).eql('open'); @@ -1840,7 +1840,7 @@ export default ({ getService }: FtrProviderContext): void => { it('it updates alert status when syncAlerts is turned on', async () => { const rule = { - ...getRuleForSignalTesting(['auditbeat-*']), + ...getRuleForAlertTesting(['auditbeat-*']), query: 'process.executable: "/usr/bin/sudo"', }; @@ -1851,8 +1851,8 @@ export default ({ getService }: FtrProviderContext): void => { const { id } = await createRule(supertest, log, rule); await waitForRuleSuccess({ supertest, log, id }); - await waitForSignalsToBePresent(supertest, log, 1, [id]); - const signals = await getSignalsByIds(supertest, log, [id]); + await waitForAlertsToBePresent(supertest, log, 1, [id]); + const signals = await getAlertsByIds(supertest, log, [id]); const alert = signals.hits.hits[0]; expect(alert._source?.[ALERT_WORKFLOW_STATUS]).eql('open'); @@ -1906,7 +1906,7 @@ export default ({ getService }: FtrProviderContext): void => { const { body: updatedAlert } = await supertest .post(DETECTION_ENGINE_QUERY_SIGNALS_URL) .set('kbn-xsrf', 'true') - .send(getQuerySignalIds([alert._id])) + .send(getQueryAlertIds([alert._id])) .expect(200); expect(updatedAlert.hits.hits[0]._source?.['kibana.alert.workflow_status']).eql( @@ -1916,15 +1916,15 @@ export default ({ getService }: FtrProviderContext): void => { it('it does NOT updates alert status when syncAlerts is turned off', async () => { const rule = { - ...getRuleForSignalTesting(['auditbeat-*']), + ...getRuleForAlertTesting(['auditbeat-*']), query: 'process.executable: "/usr/bin/sudo"', }; const postedCase = await createCase(supertest, postCaseReq); const { id } = await createRule(supertest, log, rule); await waitForRuleSuccess({ supertest, log, id }); - await waitForSignalsToBePresent(supertest, log, 1, [id]); - const signals = await getSignalsByIds(supertest, log, [id]); + await waitForAlertsToBePresent(supertest, log, 1, [id]); + const signals = await getAlertsByIds(supertest, log, [id]); const alert = signals.hits.hits[0]; expect(alert._source?.[ALERT_WORKFLOW_STATUS]).eql('open'); @@ -1975,7 +1975,7 @@ export default ({ getService }: FtrProviderContext): void => { const { body: updatedAlert } = await supertest .post(DETECTION_ENGINE_QUERY_SIGNALS_URL) .set('kbn-xsrf', 'true') - .send(getQuerySignalIds([alert._id])) + .send(getQueryAlertIds([alert._id])) .expect(200); expect(updatedAlert.hits.hits[0]._source['kibana.alert.workflow_status']).eql('open'); diff --git a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comment.ts b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comment.ts index 2cc6d249ef130..6a7426dd95104 100644 --- a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comment.ts +++ b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comment.ts @@ -14,10 +14,10 @@ import { getSecuritySolutionAlerts, } from '../../../../common/lib/alerts'; import { - createSignalsIndex, + createAlertsIndex, deleteAllAlerts, deleteAllRules, -} from '../../../../../detection_engine_api_integration/utils'; +} from '../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../common/ftr_provider_context'; import { getPostCaseRequest, postCaseReq, postCommentUserReq } from '../../../../common/lib/mock'; @@ -125,7 +125,7 @@ export default ({ getService }: FtrProviderContext): void => { beforeEach(async () => { await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'); - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); const signals = await createSecuritySolutionAlerts(supertest, log, 2); alerts = [signals.hits.hits[0], signals.hits.hits[1]]; }); diff --git a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comments.ts b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comments.ts index 64c84f552d507..3a73f14aca9b0 100644 --- a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comments.ts +++ b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/delete_comments.ts @@ -14,10 +14,10 @@ import { getSecuritySolutionAlerts, } from '../../../../common/lib/alerts'; import { - createSignalsIndex, + createAlertsIndex, deleteAllAlerts, deleteAllRules, -} from '../../../../../detection_engine_api_integration/utils'; +} from '../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../common/ftr_provider_context'; import { @@ -127,7 +127,7 @@ export default ({ getService }: FtrProviderContext): void => { beforeEach(async () => { await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'); - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); const signals = await createSecuritySolutionAlerts(supertest, log, 2); alerts = [signals.hits.hits[0], signals.hits.hits[1]]; }); diff --git a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/post_comment.ts b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/post_comment.ts index fcb376e4df522..1d2f58fed13f3 100644 --- a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/post_comment.ts +++ b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/comments/post_comment.ts @@ -46,10 +46,10 @@ import { bulkCreateAttachments, } from '../../../../common/lib/api'; import { - createSignalsIndex, + createAlertsIndex, deleteAllAlerts, deleteAllRules, -} from '../../../../../detection_engine_api_integration/utils'; +} from '../../../../../common/utils/security_solution'; import { globalRead, noKibanaPrivileges, @@ -546,7 +546,7 @@ export default ({ getService }: FtrProviderContext): void => { describe('security_solution', () => { beforeEach(async () => { await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'); - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { diff --git a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/internal/bulk_create_attachments.ts b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/internal/bulk_create_attachments.ts index 6c929f67b8c90..1e460515e9f84 100644 --- a/x-pack/test/cases_api_integration/security_and_spaces/tests/common/internal/bulk_create_attachments.ts +++ b/x-pack/test/cases_api_integration/security_and_spaces/tests/common/internal/bulk_create_attachments.ts @@ -45,10 +45,10 @@ import { createComment, } from '../../../../common/lib/api'; import { - createSignalsIndex, + createAlertsIndex, deleteAllAlerts, deleteAllRules, -} from '../../../../../detection_engine_api_integration/utils'; +} from '../../../../../common/utils/security_solution'; import { globalRead, noKibanaPrivileges, @@ -796,7 +796,7 @@ export default ({ getService }: FtrProviderContext): void => { describe('security_solution', () => { beforeEach(async () => { await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'); - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/create_alerts_index.ts b/x-pack/test/common/utils/security_solution/detections_response/alerts/create_alerts_index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/create_alerts_index.ts rename to x-pack/test/common/utils/security_solution/detections_response/alerts/create_alerts_index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/delete_all_alerts.ts b/x-pack/test/common/utils/security_solution/detections_response/alerts/delete_all_alerts.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/delete_all_alerts.ts rename to x-pack/test/common/utils/security_solution/detections_response/alerts/delete_all_alerts.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alerts_by_id.ts b/x-pack/test/common/utils/security_solution/detections_response/alerts/get_alerts_by_id.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alerts_by_id.ts rename to x-pack/test/common/utils/security_solution/detections_response/alerts/get_alerts_by_id.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alerts_by_ids.ts b/x-pack/test/common/utils/security_solution/detections_response/alerts/get_alerts_by_ids.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_alerts_by_ids.ts rename to x-pack/test/common/utils/security_solution/detections_response/alerts/get_alerts_by_ids.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_query_alert_ids.ts b/x-pack/test/common/utils/security_solution/detections_response/alerts/get_query_alert_ids.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_query_alert_ids.ts rename to x-pack/test/common/utils/security_solution/detections_response/alerts/get_query_alert_ids.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_query_alerts_ids.ts b/x-pack/test/common/utils/security_solution/detections_response/alerts/get_query_alerts_ids.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_query_alerts_ids.ts rename to x-pack/test/common/utils/security_solution/detections_response/alerts/get_query_alerts_ids.ts diff --git a/x-pack/test/common/utils/security_solution/detections_response/alerts/index.ts b/x-pack/test/common/utils/security_solution/detections_response/alerts/index.ts new file mode 100644 index 0000000000000..160f2cc322675 --- /dev/null +++ b/x-pack/test/common/utils/security_solution/detections_response/alerts/index.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export * from './create_alerts_index'; +export * from './delete_all_alerts'; +export * from './get_query_alert_ids'; +export * from './get_query_alerts_ids'; +export * from './get_alerts_by_ids'; +export * from './get_alerts_by_id'; +export * from './wait_for_alerts_to_be_present'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alerts_to_be_present.ts b/x-pack/test/common/utils/security_solution/detections_response/alerts/wait_for_alerts_to_be_present.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alerts_to_be_present.ts rename to x-pack/test/common/utils/security_solution/detections_response/alerts/wait_for_alerts_to_be_present.ts diff --git a/x-pack/test/detection_engine_api_integration/utils/count_down_test.ts b/x-pack/test/common/utils/security_solution/detections_response/count_down_test.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/count_down_test.ts rename to x-pack/test/common/utils/security_solution/detections_response/count_down_test.ts diff --git a/x-pack/test/detection_engine_api_integration/common/ftr_provider_context.d.ts b/x-pack/test/common/utils/security_solution/detections_response/index.ts similarity index 58% rename from x-pack/test/detection_engine_api_integration/common/ftr_provider_context.d.ts rename to x-pack/test/common/utils/security_solution/detections_response/index.ts index aa56557c09df8..d6a06f8e57797 100644 --- a/x-pack/test/detection_engine_api_integration/common/ftr_provider_context.d.ts +++ b/x-pack/test/common/utils/security_solution/detections_response/index.ts @@ -5,8 +5,8 @@ * 2.0. */ -import { GenericFtrProviderContext } from '@kbn/test'; - -import { services } from './services'; - -export type FtrProviderContext = GenericFtrProviderContext; +export * from './rules'; +export * from './alerts'; +export * from './count_down_test'; +export * from './route_with_namespace'; +export * from './wait_for'; diff --git a/x-pack/test/detection_engine_api_integration/utils/route_with_namespace.ts b/x-pack/test/common/utils/security_solution/detections_response/route_with_namespace.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/route_with_namespace.ts rename to x-pack/test/common/utils/security_solution/detections_response/route_with_namespace.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule.ts b/x-pack/test/common/utils/security_solution/detections_response/rules/create_rule.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule.ts rename to x-pack/test/common/utils/security_solution/detections_response/rules/create_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/delete_all_rules.ts b/x-pack/test/common/utils/security_solution/detections_response/rules/delete_all_rules.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/delete_all_rules.ts rename to x-pack/test/common/utils/security_solution/detections_response/rules/delete_all_rules.ts diff --git a/x-pack/test/detection_engine_api_integration/utils/delete_rule.ts b/x-pack/test/common/utils/security_solution/detections_response/rules/delete_rule.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/delete_rule.ts rename to x-pack/test/common/utils/security_solution/detections_response/rules/delete_rule.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_for_alert_testing.ts b/x-pack/test/common/utils/security_solution/detections_response/rules/get_rule_for_alert_testing.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_rule_for_alert_testing.ts rename to x-pack/test/common/utils/security_solution/detections_response/rules/get_rule_for_alert_testing.ts diff --git a/x-pack/test/detection_engine_api_integration/utils/get_query_signal_ids.ts b/x-pack/test/common/utils/security_solution/detections_response/rules/index.ts similarity index 53% rename from x-pack/test/detection_engine_api_integration/utils/get_query_signal_ids.ts rename to x-pack/test/common/utils/security_solution/detections_response/rules/index.ts index 28e59ff7a07f6..41559d7c01c05 100644 --- a/x-pack/test/detection_engine_api_integration/utils/get_query_signal_ids.ts +++ b/x-pack/test/common/utils/security_solution/detections_response/rules/index.ts @@ -5,12 +5,8 @@ * 2.0. */ -import type { SignalIds } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -export const getQuerySignalIds = (signalIds: SignalIds) => ({ - query: { - terms: { - _id: signalIds, - }, - }, -}); +export * from './create_rule'; +export * from './delete_all_rules'; +export * from './delete_rule'; +export * from './get_rule_for_alert_testing'; +export * from './wait_for_rule_status'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/wait_for_rule_status.ts b/x-pack/test/common/utils/security_solution/detections_response/rules/wait_for_rule_status.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/wait_for_rule_status.ts rename to x-pack/test/common/utils/security_solution/detections_response/rules/wait_for_rule_status.ts diff --git a/x-pack/test/detection_engine_api_integration/utils/wait_for.ts b/x-pack/test/common/utils/security_solution/detections_response/wait_for.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/wait_for.ts rename to x-pack/test/common/utils/security_solution/detections_response/wait_for.ts diff --git a/x-pack/test/detection_engine_api_integration/common/services.ts b/x-pack/test/common/utils/security_solution/index.ts similarity index 81% rename from x-pack/test/detection_engine_api_integration/common/services.ts rename to x-pack/test/common/utils/security_solution/index.ts index 7e415338c405f..2c70d14a79098 100644 --- a/x-pack/test/detection_engine_api_integration/common/services.ts +++ b/x-pack/test/common/utils/security_solution/index.ts @@ -5,4 +5,4 @@ * 2.0. */ -export { services } from '../../api_integration/services'; +export * from './detections_response'; diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/index.ts b/x-pack/test/detection_engine_api_integration/basic/tests/index.ts deleted file mode 100644 index 3ef462f7add2a..0000000000000 --- a/x-pack/test/detection_engine_api_integration/basic/tests/index.ts +++ /dev/null @@ -1,26 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../common/ftr_provider_context'; - -// eslint-disable-next-line import/no-default-export -export default ({ loadTestFile }: FtrProviderContext): void => { - describe('detection engine api basic license', function () { - loadTestFile(require.resolve('./create_rules_bulk')); - loadTestFile(require.resolve('./delete_rules')); - loadTestFile(require.resolve('./delete_rules_bulk')); - loadTestFile(require.resolve('./export_rules')); - loadTestFile(require.resolve('./find_rules')); - loadTestFile(require.resolve('./import_rules')); - loadTestFile(require.resolve('./read_rules')); - loadTestFile(require.resolve('./update_rules')); - loadTestFile(require.resolve('./update_rules_bulk')); - loadTestFile(require.resolve('./patch_rules_bulk')); - loadTestFile(require.resolve('./patch_rules')); - loadTestFile(require.resolve('./import_timelines')); - }); -}; diff --git a/x-pack/test/detection_engine_api_integration/common/config.ts b/x-pack/test/detection_engine_api_integration/common/config.ts deleted file mode 100644 index a1a71bf907b86..0000000000000 --- a/x-pack/test/detection_engine_api_integration/common/config.ts +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { CA_CERT_PATH } from '@kbn/dev-utils'; -import { FtrConfigProviderContext } from '@kbn/test'; -import { services } from './services'; - -interface CreateTestConfigOptions { - license: string; - ssl?: boolean; -} - -// test.not-enabled is specifically not enabled -const enabledActionTypes = [ - '.email', - '.index', - '.pagerduty', - '.swimlane', - '.server-log', - '.servicenow', - '.slack', - '.webhook', - 'test.authorization', - 'test.failing', - 'test.index-record', - 'test.noop', - 'test.rate-limit', -]; - -export function createTestConfig(options: CreateTestConfigOptions, testFiles?: string[]) { - const { license = 'trial', ssl = false } = options; - - return async ({ readConfigFile }: FtrConfigProviderContext) => { - const xPackApiIntegrationTestsConfig = await readConfigFile( - require.resolve('../../api_integration/config.ts') - ); - const servers = { - ...xPackApiIntegrationTestsConfig.get('servers'), - elasticsearch: { - ...xPackApiIntegrationTestsConfig.get('servers.elasticsearch'), - protocol: ssl ? 'https' : 'http', - }, - }; - - return { - testFiles, - servers, - services, - junit: { - reportName: 'X-Pack Detection Engine API Integration Tests', - }, - esTestCluster: { - ...xPackApiIntegrationTestsConfig.get('esTestCluster'), - license, - ssl, - serverArgs: [`xpack.license.self_generated.type=${license}`], - }, - kbnTestServer: { - ...xPackApiIntegrationTestsConfig.get('kbnTestServer'), - serverArgs: [ - ...xPackApiIntegrationTestsConfig.get('kbnTestServer.serverArgs'), - `--xpack.actions.allowedHosts=${JSON.stringify(['localhost', 'some.non.existent.com'])}`, - `--xpack.actions.enabledActionTypes=${JSON.stringify(enabledActionTypes)}`, - '--xpack.eventLog.logEntries=true', - `--xpack.securitySolution.alertIgnoreFields=${JSON.stringify([ - 'testing_ignored.constant', - '/testing_regex*/', - ])}`, // See tests within the file "ignore_fields.ts" which use these values in "alertIgnoreFields" - '--xpack.ruleRegistry.write.enabled=true', - '--xpack.ruleRegistry.write.cache.enabled=false', - '--xpack.ruleRegistry.unsafe.indexUpgrade.enabled=true', - '--xpack.ruleRegistry.unsafe.legacyMultiTenancy.enabled=true', - `--xpack.securitySolution.enableExperimental=${JSON.stringify([ - 'previewTelemetryUrlEnabled', - ])}`, - '--xpack.task_manager.poll_interval=1000', - `--xpack.actions.preconfigured=${JSON.stringify({ - 'my-test-email': { - actionTypeId: '.email', - name: 'TestEmail#xyz', - config: { - from: 'me@test.com', - service: '__json', - }, - secrets: { - user: 'user', - password: 'password', - }, - }, - })}`, - ...(ssl - ? [ - `--elasticsearch.hosts=${servers.elasticsearch.protocol}://${servers.elasticsearch.hostname}:${servers.elasticsearch.port}`, - `--elasticsearch.ssl.certificateAuthorities=${CA_CERT_PATH}`, - ] - : []), - ], - }, - }; - }; -} diff --git a/x-pack/test/detection_engine_api_integration/utils/binary_to_string.ts b/x-pack/test/detection_engine_api_integration/utils/binary_to_string.ts deleted file mode 100644 index 47202a385de56..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/binary_to_string.ts +++ /dev/null @@ -1,22 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * Useful for export_api testing to convert from a multi-part binary back to a string - * @param res Response - * @param callback Callback - */ -export const binaryToString = (res: any, callback: any): void => { - res.setEncoding('binary'); - res.data = ''; - res.on('data', (chunk: any) => { - res.data += chunk; - }); - res.on('end', () => { - callback(null, Buffer.from(res.data)); - }); -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/count_down_es.ts b/x-pack/test/detection_engine_api_integration/utils/count_down_es.ts deleted file mode 100644 index cfbcafbc06cb6..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/count_down_es.ts +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { TransportResult } from '@elastic/elasticsearch'; -import type { ToolingLog } from '@kbn/tooling-log'; -import { countDownTest } from './count_down_test'; - -/** - * Does a plain countdown and checks against es queries for either conflicts in the error - * or for any over the wire issues such as timeouts or temp 404's to make the tests more - * reliant. - * @param esFunction The function to test against - * @param esFunctionName The name of the function to print if we encounter errors - * @param log The tooling logger - * @param retryCount The number of times to retry before giving up (has default) - * @param timeoutWait Time to wait before trying again (has default) - */ -export const countDownES = async ( - esFunction: () => Promise, unknown>>, - esFunctionName: string, - log: ToolingLog, - retryCount: number = 50, - timeoutWait = 250 -): Promise => { - await countDownTest( - async () => { - const result = await esFunction(); - if (result.body.version_conflicts !== 0) { - return { - passed: false, - errorMessage: 'Version conflicts for ${result.body.version_conflicts}', - }; - } else { - return { passed: true }; - } - }, - esFunctionName, - log, - retryCount, - timeoutWait - ); -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/create_rule.ts b/x-pack/test/detection_engine_api_integration/utils/create_rule.ts deleted file mode 100644 index d831aba44948f..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/create_rule.ts +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { ToolingLog } from '@kbn/tooling-log'; -import type SuperTest from 'supertest'; -import type { - RuleCreateProps, - RuleResponse, -} from '@kbn/security-solution-plugin/common/api/detection_engine'; - -import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { deleteRule } from './delete_rule'; -import { routeWithNamespace } from './route_with_namespace'; - -/** - * Helper to cut down on the noise in some of the tests. If this detects - * a conflict it will try to manually remove the rule before re-adding the rule one time and log - * and error about the race condition. - * rule a second attempt. It only re-tries adding the rule if it encounters a conflict once. - * @param supertest The supertest deps - * @param log The tooling logger - * @param rule The rule to create - */ -export const createRule = async ( - supertest: SuperTest.SuperTest, - log: ToolingLog, - rule: RuleCreateProps, - namespace?: string -): Promise => { - const route = routeWithNamespace(DETECTION_ENGINE_RULES_URL, namespace); - const response = await supertest - .post(route) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send(rule); - if (response.status === 409) { - if (rule.rule_id != null) { - log.debug( - `Did not get an expected 200 "ok" when creating a rule (createRule). CI issues could happen. Suspect this line if you are seeing CI issues. body: ${JSON.stringify( - response.body - )}, status: ${JSON.stringify(response.status)}` - ); - await deleteRule(supertest, rule.rule_id); - const secondResponseTry = await supertest - .post(DETECTION_ENGINE_RULES_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send(rule); - if (secondResponseTry.status !== 200) { - throw new Error( - `Unexpected non 200 ok when attempting to create a rule (second try): ${JSON.stringify( - response.body - )}` - ); - } else { - return secondResponseTry.body; - } - } else { - throw new Error('When creating a rule found an unexpected conflict (404)'); - } - } else if (response.status !== 200) { - throw new Error( - `Unexpected non 200 ok when attempting to create a rule: ${JSON.stringify( - response.status - )},${JSON.stringify(response, null, 4)}` - ); - } else { - return response.body; - } -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/create_rule_saved_object.ts b/x-pack/test/detection_engine_api_integration/utils/create_rule_saved_object.ts deleted file mode 100644 index 93a6322011623..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/create_rule_saved_object.ts +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type SuperTest from 'supertest'; - -import { Rule } from '@kbn/alerting-plugin/common'; -import { - BaseRuleParams, - InternalRuleCreate, -} from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_schema'; - -/** - * Creates a rule using the alerting APIs directly. - * This allows us to test some legacy types that are not exposed - * on our APIs - * - * @param supertest - */ -export const createRuleThroughAlertingEndpoint = async ( - supertest: SuperTest.SuperTest, - rule: InternalRuleCreate -): Promise> => { - const { body } = await supertest - .post('/api/alerting/rule') - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send(rule) - .expect(200); - - return body; -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/create_signals_index.ts b/x-pack/test/detection_engine_api_integration/utils/create_signals_index.ts deleted file mode 100644 index 59fd8828e667f..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/create_signals_index.ts +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type SuperTest from 'supertest'; -import { ToolingLog } from '@kbn/tooling-log'; - -import { DETECTION_ENGINE_INDEX_URL } from '@kbn/security-solution-plugin/common/constants'; -import { countDownTest } from './count_down_test'; - -/** - * Creates the signals index for use inside of beforeEach blocks of tests - * This will retry 50 times before giving up and hopefully still not interfere with other tests - * @param supertest The supertest client library - */ -export const createSignalsIndex = async ( - supertest: SuperTest.SuperTest, - log: ToolingLog -): Promise => { - await countDownTest( - async () => { - await supertest - .post(DETECTION_ENGINE_INDEX_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send(); - return { - passed: true, - }; - }, - 'createSignalsIndex', - log - ); -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/delete_all_alerts.ts b/x-pack/test/detection_engine_api_integration/utils/delete_all_alerts.ts deleted file mode 100644 index 8a4447e931120..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/delete_all_alerts.ts +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type SuperTest from 'supertest'; -import type { ToolingLog } from '@kbn/tooling-log'; -import type { Client } from '@elastic/elasticsearch'; -import { DETECTION_ENGINE_INDEX_URL } from '@kbn/security-solution-plugin/common/constants'; -import { countDownTest } from './count_down_test'; - -/** - * Deletes all alerts from a given index or indices, defaults to `.alerts-security.alerts-*` - * For use inside of afterEach blocks of tests - */ -export const deleteAllAlerts = async ( - supertest: SuperTest.SuperTest, - log: ToolingLog, - es: Client, - index: Array<'.alerts-security.alerts-*' | '.preview.alerts-security.alerts-*'> = [ - '.alerts-security.alerts-*', - ] -): Promise => { - await countDownTest( - async () => { - await supertest - .delete(DETECTION_ENGINE_INDEX_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send(); - await es.deleteByQuery({ - index, - body: { - query: { - match_all: {}, - }, - }, - refresh: true, - }); - return { - passed: true, - }; - }, - 'deleteAllAlerts', - log - ); -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/delete_all_rules.ts b/x-pack/test/detection_engine_api_integration/utils/delete_all_rules.ts deleted file mode 100644 index e0903a8df6f13..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/delete_all_rules.ts +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { ToolingLog } from '@kbn/tooling-log'; -import type SuperTest from 'supertest'; - -import { - DETECTION_ENGINE_RULES_BULK_ACTION, - DETECTION_ENGINE_RULES_URL, -} from '@kbn/security-solution-plugin/common/constants'; -import { countDownTest } from './count_down_test'; - -/** - * Removes all rules by looping over any found and removing them from REST. - * @param supertest The supertest agent. - */ -export const deleteAllRules = async ( - supertest: SuperTest.SuperTest, - log: ToolingLog -): Promise => { - await countDownTest( - async () => { - await supertest - .post(DETECTION_ENGINE_RULES_BULK_ACTION) - .send({ action: 'delete', query: '' }) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31'); - - const { body: finalCheck } = await supertest - .get(`${DETECTION_ENGINE_RULES_URL}/_find`) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send(); - return { - passed: finalCheck.data.length === 0, - }; - }, - 'deleteAllRules', - log, - 50, - 1000 - ); -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/get_complex_rule.ts b/x-pack/test/detection_engine_api_integration/utils/get_complex_rule.ts deleted file mode 100644 index 3e507259ce685..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_complex_rule.ts +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { RuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -/** - * This will return a complex rule with all the outputs possible - * @param ruleId The ruleId to set which is optional and defaults to rule-1 - */ -export const getComplexRule = (ruleId = 'rule-1'): RuleCreateProps => ({ - actions: [], - author: [], - name: 'Complex Rule Query', - description: 'Complex Rule Query', - false_positives: [ - 'https://www.example.com/some-article-about-a-false-positive', - 'some text string about why another condition could be a false positive', - ], - risk_score: 1, - risk_score_mapping: [], - rule_id: ruleId, - filters: [ - { - query: { - match_phrase: { - 'host.name': 'siem-windows', - }, - }, - }, - ], - enabled: false, - index: ['auditbeat-*', 'filebeat-*'], - interval: '5m', - output_index: '', - meta: { - anything_you_want_ui_related_or_otherwise: { - as_deep_structured_as_you_need: { - any_data_type: {}, - }, - }, - }, - max_signals: 10, - tags: ['tag 1', 'tag 2', 'any tag you want'], - to: 'now', - from: 'now-6m', - severity: 'high', - severity_mapping: [], - language: 'kuery', - type: 'query', - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: 'TA0040', - name: 'impact', - reference: 'https://attack.mitre.org/tactics/TA0040/', - }, - technique: [ - { - id: 'T1499', - name: 'endpoint denial of service', - reference: 'https://attack.mitre.org/techniques/T1499/', - }, - ], - }, - { - framework: 'Some other Framework you want', - tactic: { - id: 'some-other-id', - name: 'Some other name', - reference: 'https://example.com', - }, - technique: [ - { - id: 'some-other-id', - name: 'some other technique name', - reference: 'https://example.com', - }, - ], - }, - ], - references: [ - 'http://www.example.com/some-article-about-attack', - 'Some plain text string here explaining why this is a valid thing to look out for', - ], - timeline_id: 'timeline_id', - timeline_title: 'timeline_title', - note: '# some investigation documentation', - version: 1, - query: 'user.name: root or user.name: admin', - throttle: 'no_actions', - exceptions_list: [], -}); diff --git a/x-pack/test/detection_engine_api_integration/utils/get_complex_rule_output.ts b/x-pack/test/detection_engine_api_integration/utils/get_complex_rule_output.ts deleted file mode 100644 index 0115b00c4b46b..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_complex_rule_output.ts +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { RuleResponse } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -// TODO: Follow up https://github.com/elastic/kibana/pull/137628 and add an explicit type to this object -// without using Partial -/** - * This will return a complex rule with all the outputs possible - * @param ruleId The ruleId to set which is optional and defaults to rule-1 - */ -export const getComplexRuleOutput = (ruleId = 'rule-1'): Partial => ({ - actions: [], - author: [], - created_by: 'elastic', - name: 'Complex Rule Query', - description: 'Complex Rule Query', - false_positives: [ - 'https://www.example.com/some-article-about-a-false-positive', - 'some text string about why another condition could be a false positive', - ], - risk_score: 1, - risk_score_mapping: [], - rule_id: ruleId, - filters: [ - { - query: { - match_phrase: { - 'host.name': 'siem-windows', - }, - }, - }, - ], - enabled: false, - index: ['auditbeat-*', 'filebeat-*'], - immutable: false, - interval: '5m', - output_index: '', - meta: { - anything_you_want_ui_related_or_otherwise: { - as_deep_structured_as_you_need: { - any_data_type: {}, - }, - }, - }, - max_signals: 10, - tags: ['tag 1', 'tag 2', 'any tag you want'], - to: 'now', - from: 'now-6m', - revision: 0, - severity: 'high', - severity_mapping: [], - language: 'kuery', - type: 'query', - threat: [ - { - framework: 'MITRE ATT&CK', - tactic: { - id: 'TA0040', - name: 'impact', - reference: 'https://attack.mitre.org/tactics/TA0040/', - }, - technique: [ - { - id: 'T1499', - name: 'endpoint denial of service', - reference: 'https://attack.mitre.org/techniques/T1499/', - }, - ], - }, - { - framework: 'Some other Framework you want', - tactic: { - id: 'some-other-id', - name: 'Some other name', - reference: 'https://example.com', - }, - technique: [ - { - id: 'some-other-id', - name: 'some other technique name', - reference: 'https://example.com', - }, - ], - }, - ], - references: [ - 'http://www.example.com/some-article-about-attack', - 'Some plain text string here explaining why this is a valid thing to look out for', - ], - timeline_id: 'timeline_id', - timeline_title: 'timeline_title', - updated_by: 'elastic', - note: '# some investigation documentation', - version: 1, - query: 'user.name: root or user.name: admin', - exceptions_list: [], - related_integrations: [], - required_fields: [], - setup: '', -}); diff --git a/x-pack/test/detection_engine_api_integration/utils/get_query_signals_ids.ts b/x-pack/test/detection_engine_api_integration/utils/get_query_signals_ids.ts deleted file mode 100644 index 75b8696625301..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_query_signals_ids.ts +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ALERT_RULE_UUID } from '@kbn/rule-data-utils'; - -/** - * Given an array of ids for a test this will get the signals - * created from that rule's regular id. - * @param ids The rule_id to search for signals - */ -export const getQuerySignalsId = (ids: string[], size = 10) => ({ - size, - sort: ['@timestamp'], - query: { - terms: { - [ALERT_RULE_UUID]: ids, - }, - }, -}); diff --git a/x-pack/test/detection_engine_api_integration/utils/get_rule_for_signal_testing.ts b/x-pack/test/detection_engine_api_integration/utils/get_rule_for_signal_testing.ts deleted file mode 100644 index 931a7d2c1aeeb..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_rule_for_signal_testing.ts +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { QueryRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -/** - * This is a typical signal testing rule that is easy for most basic testing of output of signals. - * It starts out in an enabled true state. The 'from' is set very far back to test the basics of signal - * creation and testing by getting all the signals at once. - * @param ruleId The optional ruleId which is rule-1 by default. - * @param enabled Enables the rule on creation or not. Defaulted to true. - */ -export const getRuleForSignalTesting = ( - index: string[], - ruleId = 'rule-1', - enabled = true -): QueryRuleCreateProps => ({ - name: 'Signal Testing Query', - description: 'Tests a simple query', - enabled, - risk_score: 1, - rule_id: ruleId, - severity: 'high', - index, - type: 'query', - query: '*:*', - from: '1900-01-01T00:00:00.000Z', -}); diff --git a/x-pack/test/detection_engine_api_integration/utils/get_signals_by_ids.ts b/x-pack/test/detection_engine_api_integration/utils/get_signals_by_ids.ts deleted file mode 100644 index ae76f12e05930..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_signals_by_ids.ts +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { SearchResponse } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; -import type { ToolingLog } from '@kbn/tooling-log'; -import type SuperTest from 'supertest'; -import type { DetectionAlert } from '@kbn/security-solution-plugin/common/api/detection_engine'; -import type { RiskEnrichmentFields } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/enrichments/types'; - -import { DETECTION_ENGINE_QUERY_SIGNALS_URL } from '@kbn/security-solution-plugin/common/constants'; -import { countDownTest } from './count_down_test'; -import { getQuerySignalsId } from './get_query_signals_ids'; -import { routeWithNamespace } from './route_with_namespace'; - -/** - * Given an array of rule ids this will return only signals based on that rule id both - * open and closed - * @param supertest agent - * @param ids Array of the rule ids - */ -export const getSignalsByIds = async ( - supertest: SuperTest.SuperTest, - log: ToolingLog, - ids: string[], - size?: number, - namespace?: string -): Promise> => { - const signalsOpen = await countDownTest>( - async () => { - const route = routeWithNamespace(DETECTION_ENGINE_QUERY_SIGNALS_URL, namespace); - const response = await supertest - .post(route) - .set('kbn-xsrf', 'true') - .send(getQuerySignalsId(ids, size)); - if (response.status !== 200) { - return { - passed: false, - errorMessage: `Status is not 200 as expected, it is: ${response.status}`, - }; - } else { - return { - passed: true, - returnValue: response.body, - }; - } - }, - 'getSignalsByIds', - log - ); - if (signalsOpen == null) { - throw new Error('Signals not defined after countdown, cannot continue'); - } else { - return signalsOpen; - } -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_ml_rule_update.ts b/x-pack/test/detection_engine_api_integration/utils/get_simple_ml_rule_update.ts deleted file mode 100644 index 3098ede4f9712..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_simple_ml_rule_update.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { RuleUpdateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -/** - * This is a representative ML rule payload as expected by the server for an update - * @param ruleId The rule id - * @param enabled Set to tru to enable it, by default it is off - */ -export const getSimpleMlRuleUpdate = (ruleId = 'rule-1', enabled = false): RuleUpdateProps => ({ - name: 'Simple ML Rule', - description: 'Simple Machine Learning Rule', - enabled, - anomaly_threshold: 44, - risk_score: 1, - rule_id: ruleId, - severity: 'high', - machine_learning_job_id: ['some_job_id'], - type: 'machine_learning', -}); diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule.ts b/x-pack/test/detection_engine_api_integration/utils/get_simple_rule.ts deleted file mode 100644 index f5e88e34bd62c..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { QueryRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -/** - * This is a typical simple rule for testing that is easy for most basic testing - * @param ruleId - * @param enabled Enables the rule on creation or not. Defaulted to true. - */ -export const getSimpleRule = (ruleId = 'rule-1', enabled = false): QueryRuleCreateProps => ({ - name: 'Simple Rule Query', - description: 'Simple Rule Query', - enabled, - risk_score: 1, - rule_id: ruleId, - severity: 'high', - index: ['auditbeat-*'], - type: 'query', - query: 'user.name: root or user.name: admin', -}); diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_as_ndjson.ts b/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_as_ndjson.ts deleted file mode 100644 index fd416b1682b3d..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_as_ndjson.ts +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { getSimpleRule } from './get_simple_rule'; - -/** - * Given an array of rule_id strings this will return a ndjson buffer which is useful - * for testing uploads. - * @param ruleIds Array of strings of rule_ids - */ -export const getSimpleRuleAsNdjson = (ruleIds: string[], enabled = false): Buffer => { - const stringOfRules = ruleIds.map((ruleId) => { - const simpleRule = getSimpleRule(ruleId, enabled); - return JSON.stringify(simpleRule); - }); - return Buffer.from(stringOfRules.join('\n')); -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output.ts b/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output.ts deleted file mode 100644 index 0a9eec4906a14..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output.ts +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { - RuleResponse, - SharedResponseProps, -} from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { removeServerGeneratedProperties } from './remove_server_generated_properties'; - -export const getMockSharedResponseSchema = ( - ruleId = 'rule-1', - enabled = false -): SharedResponseProps => ({ - actions: [], - author: [], - created_by: 'elastic', - description: 'Simple Rule Query', - enabled, - false_positives: [], - from: 'now-6m', - immutable: false, - interval: '5m', - rule_id: ruleId, - output_index: '', - max_signals: 100, - related_integrations: [], - required_fields: [], - risk_score: 1, - risk_score_mapping: [], - name: 'Simple Rule Query', - references: [], - setup: '', - severity: 'high' as const, - severity_mapping: [], - updated_by: 'elastic', - tags: [], - to: 'now', - threat: [], - throttle: undefined, - exceptions_list: [], - version: 1, - revision: 0, - id: 'id', - updated_at: '2020-07-08T16:36:32.377Z', - created_at: '2020-07-08T16:36:32.377Z', - building_block_type: undefined, - note: undefined, - license: undefined, - outcome: undefined, - alias_target_id: undefined, - alias_purpose: undefined, - timeline_id: undefined, - timeline_title: undefined, - meta: undefined, - rule_name_override: undefined, - timestamp_override: undefined, - timestamp_override_fallback_disabled: undefined, - namespace: undefined, - investigation_fields: undefined, -}); - -const getQueryRuleOutput = (ruleId = 'rule-1', enabled = false): RuleResponse => ({ - ...getMockSharedResponseSchema(ruleId, enabled), - index: ['auditbeat-*'], - language: 'kuery', - query: 'user.name: root or user.name: admin', - type: 'query', - data_view_id: undefined, - filters: undefined, - saved_id: undefined, - response_actions: undefined, - alert_suppression: undefined, -}); - -/** - * This is the typical output of a simple rule that Kibana will output with all the defaults - * except for the server generated properties. Useful for testing end to end tests. - */ -export const getSimpleRuleOutput = (ruleId = 'rule-1', enabled = false) => { - return removeServerGeneratedProperties(getQueryRuleOutput(ruleId, enabled)); -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output_without_rule_id.ts b/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output_without_rule_id.ts deleted file mode 100644 index 56b5ab66773bb..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_output_without_rule_id.ts +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { getSimpleRuleOutput } from './get_simple_rule_output'; -import { RuleWithoutServerGeneratedProperties } from './remove_server_generated_properties'; - -/** - * This is the typical output of a simple rule that Kibana will output with all the defaults except - * for all the server generated properties such as created_by. Useful for testing end to end tests. - */ -export const getSimpleRuleOutputWithoutRuleId = ( - ruleId = 'rule-1' -): Omit => { - const rule = getSimpleRuleOutput(ruleId); - const { rule_id: rId, ...ruleWithoutRuleId } = rule; - return ruleWithoutRuleId; -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_update.ts b/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_update.ts deleted file mode 100644 index 6764a1d801dd5..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_update.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { RuleUpdateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -/** - * This is a typical simple rule for testing that is easy for most basic testing - * @param ruleId The rule id - * @param enabled Set to true to enable it, by default it is off - */ -export const getSimpleRuleUpdate = (ruleId = 'rule-1', enabled = false): RuleUpdateProps => ({ - name: 'Simple Rule Query', - description: 'Simple Rule Query', - enabled, - risk_score: 1, - rule_id: ruleId, - severity: 'high', - index: ['auditbeat-*'], - type: 'query', - query: 'user.name: root or user.name: admin', -}); diff --git a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_without_rule_id.ts b/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_without_rule_id.ts deleted file mode 100644 index ad6ab7803ec21..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/get_simple_rule_without_rule_id.ts +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { RuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { getSimpleRule } from './get_simple_rule'; - -/** - * This is a typical simple rule for testing that is easy for most basic testing - */ -export const getSimpleRuleWithoutRuleId = (): RuleCreateProps => { - const simpleRule = getSimpleRule(); - // eslint-disable-next-line @typescript-eslint/naming-convention - const { rule_id, ...ruleWithoutId } = simpleRule; - return ruleWithoutId; -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/index.ts b/x-pack/test/detection_engine_api_integration/utils/index.ts deleted file mode 100644 index baa4be0491625..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/index.ts +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -export * from './binary_to_string'; -export * from './count_down_es'; -export * from './count_down_test'; -export * from './create_rule'; -export * from './create_rule_saved_object'; -export * from './create_signals_index'; -export * from './delete_all_rules'; -export * from './delete_all_alerts'; -export * from './delete_all_timelines'; -export * from './get_complex_rule'; -export * from './get_complex_rule_output'; -export * from './get_simple_rule'; -export * from './get_simple_rule_output'; -export * from './get_simple_rule_output_without_rule_id'; -export * from './get_simple_rule_without_rule_id'; -export * from './route_with_namespace'; -export * from './remove_server_generated_properties'; -export * from './remove_server_generated_properties_including_rule_id'; -export * from './rule_to_update_schema'; -export * from './update_rule'; -export * from './wait_for'; -export * from './wait_for_rule_status'; -export * from './prebuilt_rules/create_prebuilt_rule_saved_objects'; -export * from './prebuilt_rules/install_prebuilt_rules_and_timelines'; -export * from './get_simple_rule_update'; -export * from './get_simple_ml_rule_update'; -export * from './get_simple_rule_as_ndjson'; -export * from './rule_to_ndjson'; -export * from './delete_rule'; -export * from './get_query_signal_ids'; -export * from './get_query_signals_ids'; -export * from './get_signals_by_ids'; -export * from './wait_for_signals_to_be_present'; -export * from './get_rule_for_signal_testing'; diff --git a/x-pack/test/detection_engine_api_integration/utils/prebuilt_rules/create_prebuilt_rule_saved_objects.ts b/x-pack/test/detection_engine_api_integration/utils/prebuilt_rules/create_prebuilt_rule_saved_objects.ts deleted file mode 100644 index 0b4bfd9254b15..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/prebuilt_rules/create_prebuilt_rule_saved_objects.ts +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { Client } from '@elastic/elasticsearch'; -import { PrebuiltRuleAsset } from '@kbn/security-solution-plugin/server/lib/detection_engine/prebuilt_rules'; -import { - getPrebuiltRuleMock, - getPrebuiltRuleWithExceptionsMock, -} from '@kbn/security-solution-plugin/server/lib/detection_engine/prebuilt_rules/mocks'; -import { ELASTIC_SECURITY_RULE_ID } from '@kbn/security-solution-plugin/common'; -import { SECURITY_SOLUTION_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; - -/** - * A helper function to create a rule asset saved object - * - * @param overrideParams Params to override the default mock - * @returns Created rule asset saved object - */ -export const createRuleAssetSavedObject = (overrideParams: Partial) => ({ - 'security-rule': { - ...getPrebuiltRuleMock(), - ...overrideParams, - }, - type: 'security-rule', - references: [], - coreMigrationVersion: '8.6.0', - updated_at: '2022-11-01T12:56:39.717Z', - created_at: '2022-11-01T12:56:39.717Z', -}); - -export const SAMPLE_PREBUILT_RULES = [ - createRuleAssetSavedObject({ - ...getPrebuiltRuleWithExceptionsMock(), - rule_id: ELASTIC_SECURITY_RULE_ID, - tags: ['test-tag-1'], - enabled: true, - }), - createRuleAssetSavedObject({ - rule_id: '000047bb-b27a-47ec-8b62-ef1a5d2c9e19', - tags: ['test-tag-2'], - }), - createRuleAssetSavedObject({ - rule_id: '00140285-b827-4aee-aa09-8113f58a08f3', - tags: ['test-tag-3'], - }), -]; - -export const SAMPLE_PREBUILT_RULES_WITH_HISTORICAL_VERSIONS = [ - createRuleAssetSavedObject({ rule_id: 'rule-1', version: 1 }), - createRuleAssetSavedObject({ rule_id: 'rule-1', version: 2 }), - createRuleAssetSavedObject({ rule_id: 'rule-2', version: 1 }), - createRuleAssetSavedObject({ rule_id: 'rule-2', version: 2 }), - createRuleAssetSavedObject({ rule_id: 'rule-2', version: 3 }), -]; - -/** - * Creates saved objects with prebuilt rule assets which can be used for - * installing actual prebuilt rules after that. It creates saved objects with - * only latest versions of the rules. Tha matches the behavior of a rules - * package without historical versions. - * - * NOTE: Version is not added to the rule asset saved object id. - * - * @param es Elasticsearch client - */ -export const createPrebuiltRuleAssetSavedObjects = async ( - es: Client, - rules = SAMPLE_PREBUILT_RULES -): Promise => { - await es.bulk({ - refresh: true, - body: rules.flatMap((doc) => [ - { - index: { - _index: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, - _id: `security-rule:${doc['security-rule'].rule_id}`, - }, - }, - doc, - ]), - }); -}; - -/** - * Creates saved objects with prebuilt rule assets which can be used for - * installing actual prebuilt rules after that. It creates saved objects with - * historical versions of the rules. - * - * NOTE: Version is added to the rule asset saved object id. - * - * @param es Elasticsearch client - */ -export const createHistoricalPrebuiltRuleAssetSavedObjects = async ( - es: Client, - rules = SAMPLE_PREBUILT_RULES_WITH_HISTORICAL_VERSIONS -): Promise => { - await es.bulk({ - refresh: true, - body: rules.flatMap((doc) => [ - { - index: { - _index: SECURITY_SOLUTION_SAVED_OBJECT_INDEX, - _id: `security-rule:${doc['security-rule'].rule_id}_${doc['security-rule'].version}`, - }, - }, - doc, - ]), - }); -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/prebuilt_rules/install_prebuilt_rules_and_timelines.ts b/x-pack/test/detection_engine_api_integration/utils/prebuilt_rules/install_prebuilt_rules_and_timelines.ts deleted file mode 100644 index 776af6074e07e..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/prebuilt_rules/install_prebuilt_rules_and_timelines.ts +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { - InstallPrebuiltRulesAndTimelinesResponse, - PREBUILT_RULES_URL, -} from '@kbn/security-solution-plugin/common/api/detection_engine/prebuilt_rules'; -import type { Client } from '@elastic/elasticsearch'; -import type SuperTest from 'supertest'; -import { ALL_SAVED_OBJECT_INDICES } from '@kbn/core-saved-objects-server'; - -/** - * (LEGACY) - * Installs all prebuilt rules and timelines available in Kibana. Rules are - * installed from the security-rule saved objects. - * This is a legacy endpoint and has been replaced by: - * POST /internal/detection_engine/prebuilt_rules/installation/_perform - * - * - No rules will be installed if there are no security-rule assets (e.g., the - * package is not installed or mocks are not created). - * - * - If some prebuilt rules are already installed, they will be upgraded in case - * there are newer versions of them in security-rule assets. - * - * @param supertest SuperTest instance - * @returns Install prebuilt rules response - */ -export const installPrebuiltRulesAndTimelines = async ( - es: Client, - supertest: SuperTest.SuperTest -): Promise => { - const response = await supertest - .put(PREBUILT_RULES_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send() - .expect(200); - - // Before we proceed, we need to refresh saved object indices. - // At the previous step we installed the prebuilt detection rules SO of type 'security-rule'. - // The savedObjectsClient does this with a call with explicit `refresh: false`. - // So, despite of the fact that the endpoint waits until the prebuilt rule will be - // successfully indexed, it doesn't wait until they become "visible" for subsequent read - // operations. - // And this is usually what we do next in integration tests: we read these SOs with utility - // function such as getPrebuiltRulesAndTimelinesStatus(). - // This can cause race condition between a write and subsequent read operation, and to - // fix it deterministically we have to refresh saved object indices and wait until it's done. - await es.indices.refresh({ index: ALL_SAVED_OBJECT_INDICES }); - - return response.body; -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/remove_server_generated_properties.ts b/x-pack/test/detection_engine_api_integration/utils/remove_server_generated_properties.ts deleted file mode 100644 index d36f43ef179a5..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/remove_server_generated_properties.ts +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { RuleResponse } from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { omit, pickBy } from 'lodash'; - -const serverGeneratedProperties = ['id', 'created_at', 'updated_at', 'execution_summary'] as const; - -type ServerGeneratedProperties = typeof serverGeneratedProperties[number]; -export type RuleWithoutServerGeneratedProperties = Omit; - -/** - * This will remove server generated properties such as date times, etc... - * @param rule Rule to pass in to remove typical server generated properties - */ -export const removeServerGeneratedProperties = ( - rule: RuleResponse -): RuleWithoutServerGeneratedProperties => { - const removedProperties = omit(rule, serverGeneratedProperties); - - // We're only removing undefined values, so this cast correctly narrows the type - return pickBy( - removedProperties, - (value) => value !== undefined - ) as RuleWithoutServerGeneratedProperties; -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/remove_server_generated_properties_including_rule_id.ts b/x-pack/test/detection_engine_api_integration/utils/remove_server_generated_properties_including_rule_id.ts deleted file mode 100644 index 1b57b5663ec23..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/remove_server_generated_properties_including_rule_id.ts +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { RuleResponse } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -import { removeServerGeneratedProperties } from './remove_server_generated_properties'; - -/** - * This will remove server generated properties such as date times, etc... including the rule_id - * @param rule Rule to pass in to remove typical server generated properties - */ -export const removeServerGeneratedPropertiesIncludingRuleId = ( - rule: RuleResponse -): Partial => { - const ruleWithRemovedProperties = removeServerGeneratedProperties(rule); - // eslint-disable-next-line @typescript-eslint/naming-convention - const { rule_id, ...additionalRuledIdRemoved } = ruleWithRemovedProperties; - return additionalRuledIdRemoved; -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/rule_to_ndjson.ts b/x-pack/test/detection_engine_api_integration/utils/rule_to_ndjson.ts deleted file mode 100644 index 404f3c1baa962..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/rule_to_ndjson.ts +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { RuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -/** - * Given a rule this will convert it to an ndjson buffer which is useful for - * testing upload features. - * @param rule The rule to convert to ndjson - */ -export const ruleToNdjson = (rule: RuleCreateProps): Buffer => { - const stringified = JSON.stringify(rule); - return Buffer.from(`${stringified}\n`); -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/rule_to_update_schema.ts b/x-pack/test/detection_engine_api_integration/utils/rule_to_update_schema.ts deleted file mode 100644 index f6669a1325eb1..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/rule_to_update_schema.ts +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { - RuleResponse, - RuleUpdateProps, -} from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { omit, pickBy } from 'lodash'; - -const propertiesToRemove = [ - 'id', - 'immutable', - 'updated_at', - 'updated_by', - 'created_at', - 'created_by', - 'related_integrations', - 'required_fields', - 'revision', - 'setup', - 'execution_summary', -]; - -/** - * transforms RuleResponse rule to RuleUpdateProps - * returned result can be used in rule update API calls - */ -export const ruleToUpdateSchema = (rule: RuleResponse): RuleUpdateProps => { - const removedProperties = omit(rule, propertiesToRemove); - - // We're only removing undefined values, so this cast correctly narrows the type - return pickBy(removedProperties, (value) => value !== undefined) as RuleUpdateProps; -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/update_rule.ts b/x-pack/test/detection_engine_api_integration/utils/update_rule.ts deleted file mode 100644 index 53c1beb272764..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/update_rule.ts +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { ToolingLog } from '@kbn/tooling-log'; -import type SuperTest from 'supertest'; - -import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { - RuleUpdateProps, - RuleResponse, -} from '@kbn/security-solution-plugin/common/api/detection_engine'; - -/** - * Helper to cut down on the noise in some of the tests. This checks for - * an expected 200 still and does not do any retries. - * @param supertest The supertest deps - * @param rule The rule to create - */ -export const updateRule = async ( - supertest: SuperTest.SuperTest, - log: ToolingLog, - updatedRule: RuleUpdateProps -): Promise => { - const response = await supertest - .put(DETECTION_ENGINE_RULES_URL) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .send(updatedRule); - if (response.status !== 200) { - log.error( - `Did not get an expected 200 "ok" when updating a rule (updateRule). CI issues could happen. Suspect this line if you are seeing CI issues. body: ${JSON.stringify( - response.body - )}, status: ${JSON.stringify(response.status)}` - ); - } - return response.body; -}; diff --git a/x-pack/test/detection_engine_api_integration/utils/wait_for_rule_status.ts b/x-pack/test/detection_engine_api_integration/utils/wait_for_rule_status.ts deleted file mode 100644 index 59607eeb47d45..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/wait_for_rule_status.ts +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { ToolingLog } from '@kbn/tooling-log'; -import type SuperTest from 'supertest'; -import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { - RuleExecutionStatus, - RuleExecutionStatusEnum, -} from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring'; -import { waitFor } from './wait_for'; -import { routeWithNamespace } from './route_with_namespace'; - -interface WaitForRuleStatusBaseParams { - supertest: SuperTest.SuperTest; - log: ToolingLog; - afterDate?: Date; - namespace?: string; -} - -interface WaitForRuleStatusWithId extends WaitForRuleStatusBaseParams { - id: string; - ruleId?: never; -} - -interface WaitForRuleStatusWithRuleId extends WaitForRuleStatusBaseParams { - ruleId: string; - id?: never; -} - -export type WaitForRuleStatusParams = WaitForRuleStatusWithId | WaitForRuleStatusWithRuleId; - -/** - * Waits for rule to settle in a provided status. - * Depending on wether `id` or `ruleId` provided it may impact the behavior. - * - `id` leads to fetching a rule via ES Get API (rulesClient.resolve -> SOClient.resolve -> ES Get API) - * - `ruleId` leads to fetching a rule via ES Search API (rulesClient.find -> SOClient.find -> ES Search API) - * ES Search API may return outdated data while ES Get API always returns fresh data - */ -export const waitForRuleStatus = async ( - expectedStatus: RuleExecutionStatus, - { supertest, log, afterDate, namespace, ...idOrRuleId }: WaitForRuleStatusParams -): Promise => { - await waitFor( - async () => { - const query = 'id' in idOrRuleId ? { id: idOrRuleId.id } : { rule_id: idOrRuleId.ruleId }; - const route = routeWithNamespace(DETECTION_ENGINE_RULES_URL, namespace); - const response = await supertest - .get(route) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .query(query) - .expect(200); - - // TODO: https://github.com/elastic/kibana/pull/121644 clean up, make type-safe - const rule = response.body; - const ruleStatus = rule?.execution_summary?.last_execution.status; - const ruleStatusDate = rule?.execution_summary?.last_execution.date; - - return ( - rule != null && - ruleStatus === expectedStatus && - (afterDate ? new Date(ruleStatusDate) > afterDate : true) - ); - }, - 'waitForRuleStatus', - log - ); -}; - -export const waitForRuleSuccess = (params: WaitForRuleStatusParams): Promise => - waitForRuleStatus(RuleExecutionStatusEnum.succeeded, params); - -export const waitForRulePartialFailure = (params: WaitForRuleStatusParams): Promise => - waitForRuleStatus(RuleExecutionStatusEnum['partial failure'], params); - -export const waitForRuleFailure = (params: WaitForRuleStatusParams): Promise => - waitForRuleStatus(RuleExecutionStatusEnum.failed, params); diff --git a/x-pack/test/detection_engine_api_integration/utils/wait_for_signals_to_be_present.ts b/x-pack/test/detection_engine_api_integration/utils/wait_for_signals_to_be_present.ts deleted file mode 100644 index b98ef40671981..0000000000000 --- a/x-pack/test/detection_engine_api_integration/utils/wait_for_signals_to_be_present.ts +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { ToolingLog } from '@kbn/tooling-log'; -import type SuperTest from 'supertest'; - -import { getSignalsByIds } from './get_signals_by_ids'; -import { waitFor } from './wait_for'; - -/** - * Waits for the signal hits to be greater than the supplied number - * before continuing with a default of at least one signal - * @param supertest Deps - * @param numberOfSignals The number of signals to wait for, default is 1 - */ -export const waitForSignalsToBePresent = async ( - supertest: SuperTest.SuperTest, - log: ToolingLog, - numberOfSignals = 1, - signalIds: string[], - namespace?: string -): Promise => { - await waitFor( - async () => { - const signalsOpen = await getSignalsByIds( - supertest, - log, - signalIds, - numberOfSignals, - namespace - ); - return signalsOpen.hits.hits.length >= numberOfSignals; - }, - 'waitForSignalsToBePresent', - log - ); -}; diff --git a/x-pack/test/functional/es_archives/rule_keyword_family/README.md b/x-pack/test/functional/es_archives/rule_keyword_family/README.md index b6849e7ea5915..945620015d6e1 100644 --- a/x-pack/test/functional/es_archives/rule_keyword_family/README.md +++ b/x-pack/test/functional/es_archives/rule_keyword_family/README.md @@ -1,7 +1,7 @@ Within this folder is input test data for tests within the folder: ```ts -x-pack/test/detection_engine_api_integration/security_and_spaces/tests/keyword_family +x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family ``` where these are small ECS compliant input indexes that try to express tests that exercise different parts of diff --git a/x-pack/test/functional/es_archives/security_solution/README.md b/x-pack/test/functional/es_archives/security_solution/README.md index 897da48316155..5b1cbcbbcf8e7 100644 --- a/x-pack/test/functional/es_archives/security_solution/README.md +++ b/x-pack/test/functional/es_archives/security_solution/README.md @@ -1,7 +1,7 @@ Collection of data sets for use within various tests. Most of the tests to these live in either: ``` -x-pack/test/detection_engine_api_integrations/security_and_spaces/tests +x-pack/test/security_solution_api_integration/test_suites/ ``` or @@ -10,4 +10,4 @@ or x-pack/test/api_integration/apis/security_solution ``` -* Folder `telemetry` is for the tests underneath `detection_engine_api_integration/security_and_spaces/tests/telemetry`. +- Folder `telemetry` is for the tests underneath `x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry`. diff --git a/x-pack/test/security_solution_api_integration/package.json b/x-pack/test/security_solution_api_integration/package.json index fd8751b8c1820..10e1346c678f3 100644 --- a/x-pack/test/security_solution_api_integration/package.json +++ b/x-pack/test/security_solution_api_integration/package.json @@ -143,12 +143,24 @@ "rule_update:server:ess": "npm run initialize-server:rm rule_update ess", "rule_update:runner:ess": "npm run run-tests:rm rule_update ess essEnv", + "rule_update:essentials:server:serverless": "npm run initialize-server:rm:basic_essentials rule_update serverless", + "rule_update:essentials:runner:serverless": "npm run run-tests:rm:basic_essentials rule_update serverless serverlessEnv", + "rule_update:essentials:qa:serverless": "npm run run-tests:rm:basic_essentials rule_update serverless qaEnv", + "rule_update:basic:server:ess": "npm run initialize-server:rm:basic_essentials rule_update ess", + "rule_update:basic:runner:ess": "npm run run-tests:rm:basic_essentials rule_update ess essEnv", + "rule_patch:server:serverless": "npm run initialize-server:rm rule_patch serverless", "rule_patch:runner:serverless": "npm run run-tests:rm rule_patch serverless serverlessEnv", "rule_patch:qa:serverless": "npm run run-tests:rm rule_patch serverless qaEnv", "rule_patch:server:ess": "npm run initialize-server:rm rule_patch ess", "rule_patch:runner:ess": "npm run run-tests:rm rule_patch ess essEnv", + "rule_patch:essentials:server:serverless": "npm run initialize-server:rm:basic_essentials rule_patch serverless", + "rule_patch:essentials:runner:serverless": "npm run run-tests:rm:basic_essentials rule_patch serverless serverlessEnv", + "rule_patch:essentials:qa:serverless": "npm run run-tests:rm:basic_essentials rule_patch serverless qaEnv", + "rule_patch:basic:server:ess": "npm run initialize-server:rm:basic_essentials rule_patch ess", + "rule_patch:basic:runner:ess": "npm run run-tests:rm:basic_essentials rule_patch ess essEnv", + "prebuilt_rules_management:server:serverless": "npm run initialize-server:rm prebuilt_rules/management serverless", "prebuilt_rules_management:runner:serverless": "npm run run-tests:rm prebuilt_rules/management serverless serverlessEnv", "prebuilt_rules_management:qa:serverless": "npm run run-tests:rm prebuilt_rules/management serverless qaEnv", @@ -179,12 +191,24 @@ "rule_delete:server:ess": "npm run initialize-server:rm rule_delete ess", "rule_delete:runner:ess": "npm run run-tests:rm rule_delete ess essEnv", + "rule_delete:essentials:server:serverless": "npm run initialize-server:rm:basic_essentials rule_delete serverless", + "rule_delete:essentials:runner:serverless": "npm run run-tests:rm:basic_essentials rule_delete serverless serverlessEnv", + "rule_delete:essentials:qa:serverless": "npm run run-tests:rm:basic_essentials rule_delete serverless qaEnv", + "rule_delete:basic:server:ess": "npm run initialize-server:rm:basic_essentials rule_delete ess", + "rule_delete:basic:runner:ess": "npm run run-tests:rm:basic_essentials rule_delete ess essEnv", + "rule_import_export:server:serverless": "npm run initialize-server:rm rule_import_export serverless", "rule_import_export:runner:serverless": "npm run run-tests:rm rule_import_export serverless serverlessEnv", "rule_import_export:qa:serverless": "npm run run-tests:rm rule_import_export serverless qaEnv", "rule_import_export:server:ess": "npm run initialize-server:rm rule_import_export ess", "rule_import_export:runner:ess": "npm run run-tests:rm rule_import_export ess essEnv", + "rule_import_export:essentials:server:serverless": "npm run initialize-server:rm:basic_essentials rule_import_export serverless", + "rule_import_export:essentials:runner:serverless": "npm run run-tests:rm:basic_essentials rule_import_export serverless serverlessEnv", + "rule_import_export:essentials:qa:serverless": "npm run run-tests:rm:basic_essentials rule_import_export serverless qaEnv", + "rule_import_export:basic:server:ess": "npm run initialize-server:rm:basic_essentials rule_import_export ess", + "rule_import_export:basic:runner:ess": "npm run run-tests:rm:basic_essentials rule_import_export ess essEnv", + "rule_management:server:serverless": "npm run initialize-server:rm rule_management serverless", "rule_management:runner:serverless": "npm run run-tests:rm rule_management serverless serverlessEnv", "rule_management:qa:serverless": "npm run run-tests:rm rule_management serverless qaEnv", @@ -203,6 +227,12 @@ "rule_read:server:ess": "npm run initialize-server:rm rule_read ess", "rule_read:runner:ess": "npm run run-tests:rm rule_read ess essEnv", + "rule_read:essentials:server:serverless": "npm run initialize-server:rm:basic_essentials rule_read serverless", + "rule_read:essentials:runner:serverless": "npm run run-tests:rm:basic_essentials rule_read serverless serverlessEnv", + "rule_read:essentials:qa:serverless": "npm run run-tests:rm:basic_essentials rule_read serverless qaEnv", + "rule_read:basic:server:ess": "npm run initialize-server:rm:basic_essentials rule_read ess", + "rule_read:basic:runner:ess": "npm run run-tests:rm:basic_essentials rule_read ess essEnv", + "rules_management:essentials:server:serverless": "npm run initialize-server:rm:basic_essentials rule_management serverless", "rules_management:essentials:runner:serverless": "npm run run-tests:rm:basic_essentials rule_management serverless serverlessEnv", "rules_management:essentials:qa:serverless": "npm run run-tests:rm:basic_essentials rule_management serverless qaEnv", diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/add_actions.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/add_actions.ts index 17a2b4af95cd7..442385ed5e2f7 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/add_actions.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/add_actions.ts @@ -12,11 +12,9 @@ import { deleteAllRules, waitForRuleSuccess, deleteAllAlerts, - getCustomQueryRuleParams, - createWebHookRuleAction, - fetchRule, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; +import { createWebHookRuleAction, fetchRule, getCustomQueryRuleParams } from '../../../utils'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/check_privileges.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/check_privileges.ts index b171542f28766..fb120059f44be 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/check_privileges.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/check_privileges.ts @@ -10,15 +10,14 @@ import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common import { ROLES } from '@kbn/security-solution-plugin/common/test'; import { ThresholdRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; +import { createRuleWithAuth, getThresholdRuleForAlertTesting } from '../../../utils'; import { - createAlertsIndex, deleteAllRules, + deleteAllAlerts, + createAlertsIndex, waitForRulePartialFailure, getRuleForAlertTesting, - createRuleWithAuth, - getThresholdRuleForAlertTesting, - deleteAllAlerts, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { createUserAndRole, deleteUserAndRole, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/throttle.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/throttle.ts index 37b5b534b258c..029ef428394e2 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/throttle.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/throttle.ts @@ -18,16 +18,18 @@ import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST, } from '@kbn/core-http-common'; import { - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getWebHookAction, getRuleWithWebHookAction, - createRule, getSimpleRule, fetchRule, updateRule, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/update_actions.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/update_actions.ts index 156107fffe49a..abbb039793bf3 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/update_actions.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/actions/trial_license_complete_tier/update_actions.ts @@ -10,10 +10,7 @@ import expect from 'expect'; import { ELASTIC_SECURITY_RULE_ID } from '@kbn/security-solution-plugin/common'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { - deleteAllRules, - deleteAllAlerts, getRuleWithWebHookAction, - waitForRuleSuccess, updateRule, installMockPrebuiltRules, fetchRule, @@ -23,6 +20,11 @@ import { getCustomQueryRuleParams, getPrebuiltRulesAndTimelinesStatus, } from '../../../utils'; +import { + deleteAllRules, + deleteAllAlerts, + waitForRuleSuccess, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/open_close_alerts.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/open_close_alerts.ts index ae9533d8d3ce2..120155ac26eee 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/open_close_alerts.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/open_close_alerts.ts @@ -14,18 +14,18 @@ import { DETECTION_ENGINE_QUERY_SIGNALS_URL, } from '@kbn/security-solution-plugin/common/constants'; import { DetectionAlert } from '@kbn/security-solution-plugin/common/api/detection_engine'; +import { setAlertStatus } from '../../../utils'; import { - createAlertsIndex, - setAlertStatus, getQueryAlertIds, - deleteAllRules, createRule, waitForAlertsToBePresent, getAlertsByIds, waitForRuleSuccess, getRuleForAlertTesting, + deleteAllRules, deleteAllAlerts, -} from '../../../utils'; + createAlertsIndex, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts.ts index 3b372597cffd3..22f77825e36b7 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts.ts @@ -12,7 +12,11 @@ import { ALERTS_AS_DATA_FIND_URL, } from '@kbn/security-solution-plugin/common/constants'; import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; -import { getAlertStatus, createAlertsIndex, deleteAllAlerts } from '../../../utils'; +import { getAlertStatus } from '../../../utils'; +import { + createAlertsIndex, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts_backword_compatibility.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts_backword_compatibility.ts index 76f85dd323976..d040d902e6b05 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts_backword_compatibility.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/basic_license_essentials_tier/query_alerts_backword_compatibility.ts @@ -8,7 +8,10 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_QUERY_SIGNALS_URL } from '@kbn/security-solution-plugin/common/constants'; -import { createAlertsIndex, deleteAllAlerts } from '../../../utils'; +import { + createAlertsIndex, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/alerts_compatibility.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/alerts_compatibility.ts index 25ef93cafaac0..ace23491ba2f7 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/alerts_compatibility.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/alerts_compatibility.ts @@ -21,23 +21,25 @@ import { ThresholdRuleCreateProps, } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, finalizeAlertsMigration, getEqlRuleForAlertTesting, - getRuleForAlertTesting, getSavedQueryRuleForAlertTesting, - getAlertsByIds, getThreatMatchRuleForAlertTesting, getThresholdRuleForAlertTesting, startAlertsMigration, + removeRandomValuedPropertiesFromAlert, +} from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + getAlertsByIds, waitFor, waitForRuleSuccess, waitForAlertsToBePresent, - removeRandomValuedPropertiesFromAlert, -} from '../../../utils'; + getRuleForAlertTesting, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/aliases.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/aliases.ts index fc99b2a7bc301..faef3e8b272dc 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/aliases.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/aliases.ts @@ -16,7 +16,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments.ts index 1832dffcc4fad..4e4ecb21ca157 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments.ts @@ -14,6 +14,7 @@ import { } from '@kbn/security-solution-plugin/common/constants'; import { DetectionAlert } from '@kbn/security-solution-plugin/common/api/detection_engine'; +import { setAlertAssignees } from '../../../../utils'; import { createAlertsIndex, createRule, @@ -22,10 +23,9 @@ import { getAlertsByIds, getQueryAlertIds, getRuleForAlertTesting, - setAlertAssignees, waitForAlertsToBePresent, waitForRuleSuccess, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_ess.ts index a55e27f707df5..3ec8bbf7bdbfc 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_ess.ts @@ -12,6 +12,7 @@ import { createUserAndRole, deleteUserAndRole, } from '../../../../../../../common/services/security_solution'; +import { setAlertAssignees } from '../../../../utils'; import { createAlertsIndex, createRule, @@ -19,10 +20,9 @@ import { deleteAllRules, getAlertsByIds, getRuleForAlertTesting, - setAlertAssignees, waitForAlertsToBePresent, waitForRuleSuccess, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_serverless.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_serverless.ts index 732399fe0bc7b..7064f27cfd3bd 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_serverless.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/assignments/assignments_serverless.ts @@ -8,6 +8,7 @@ import { DETECTION_ENGINE_ALERT_ASSIGNEES_URL } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { setAlertAssignees } from '../../../../utils'; import { createAlertsIndex, createRule, @@ -15,10 +16,9 @@ import { deleteAllRules, getAlertsByIds, getRuleForAlertTesting, - setAlertAssignees, waitForAlertsToBePresent, waitForRuleSuccess, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/create_index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/create_index.ts index d86d547c8e949..0538c0ea6e390 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/create_index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/create_index.ts @@ -13,7 +13,7 @@ import { import { SIGNALS_FIELD_ALIASES_VERSION } from '@kbn/security-solution-plugin/server/lib/detection_engine/routes/index/get_signals_template'; -import { deleteAllAlerts } from '../../../utils'; +import { deleteAllAlerts } from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/create_alerts_migrations.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/create_alerts_migrations.ts index b7cd04488fb52..d1c8107bf2881 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/create_alerts_migrations.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/create_alerts_migrations.ts @@ -16,13 +16,11 @@ import { ROLES } from '@kbn/security-solution-plugin/common/test'; import { SIGNALS_TEMPLATE_VERSION } from '@kbn/security-solution-plugin/server/lib/detection_engine/routes/index/get_signals_template'; import { Signal } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/types'; +import { deleteMigrations, getIndexNameFromLoad, waitForIndexToPopulate } from '../../../../utils'; import { createAlertsIndex, - deleteMigrations, deleteAllAlerts, - getIndexNameFromLoad, - waitForIndexToPopulate, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { createUserAndRole, deleteUserAndRole, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/delete_alerts_migrations.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/delete_alerts_migrations.ts index a3c133992259f..01f2ec0062f13 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/delete_alerts_migrations.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/delete_alerts_migrations.ts @@ -13,12 +13,12 @@ import { DETECTION_ENGINE_SIGNALS_MIGRATION_URL, } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { getIndexNameFromLoad } from '../../../../utils'; import { createAlertsIndex, deleteAllAlerts, - getIndexNameFromLoad, waitFor, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { createUserAndRole } from '../../../../../../../common/services/security_solution'; interface CreateResponse { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/finalize_alerts_migrations.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/finalize_alerts_migrations.ts index 74fbb7099fbd9..e63993369bad2 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/finalize_alerts_migrations.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/finalize_alerts_migrations.ts @@ -13,13 +13,12 @@ import { DETECTION_ENGINE_SIGNALS_MIGRATION_URL, } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { deleteMigrations, getIndexNameFromLoad } from '../../../../utils'; import { createAlertsIndex, - deleteMigrations, deleteAllAlerts, - getIndexNameFromLoad, waitFor, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { createUserAndRole, deleteUserAndRole, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/get_alerts_migration_status.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/get_alerts_migration_status.ts index 2c4576caba4fc..1ed26a7bb5423 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/get_alerts_migration_status.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/migrations/get_alerts_migration_status.ts @@ -9,7 +9,11 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_SIGNALS_MIGRATION_STATUS_URL } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { createAlertsIndex, deleteAllAlerts, getIndexNameFromLoad } from '../../../../utils'; +import { getIndexNameFromLoad } from '../../../../utils'; +import { + createAlertsIndex, + deleteAllAlerts, +} from '../../../../../../../common/utils/security_solution'; import { createUserAndRole, deleteUserAndRole, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/open_close_alerts.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/open_close_alerts.ts index 2746a40f57dc5..7a1ea17d1530a 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/open_close_alerts.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/open_close_alerts.ts @@ -17,11 +17,10 @@ import { } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; import { DetectionAlert } from '@kbn/security-solution-plugin/common/api/detection_engine'; +import { setAlertStatus, getAlertUpdateByQueryEmptyResponse, refreshIndex } from '../../../utils'; import { createAlertsIndex, deleteAllAlerts, - setAlertStatus, - getAlertUpdateByQueryEmptyResponse, getQueryAlertIds, deleteAllRules, createRule, @@ -29,8 +28,7 @@ import { getAlertsByIds, waitForRuleSuccess, getRuleForAlertTesting, - refreshIndex, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { createUserAndRole, deleteUserAndRole, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/set_alert_tags.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/set_alert_tags.ts index e1492b2f4b63d..25ed0c62d0d58 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/set_alert_tags.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/alerts/trial_license_complete_tier/set_alert_tags.ts @@ -14,6 +14,7 @@ import { } from '@kbn/security-solution-plugin/common/constants'; import { DetectionAlert } from '@kbn/security-solution-plugin/common/api/detection_engine'; +import { setAlertTags } from '../../../utils'; import { createAlertsIndex, deleteAllAlerts, @@ -24,8 +25,7 @@ import { getAlertsByIds, waitForRuleSuccess, getRuleForAlertTesting, - setAlertTags, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/date.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/date.ts index d060785e600c0..9c3a3afa52d68 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/date.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/date.ts @@ -13,9 +13,9 @@ import { deleteListsIndex, importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -23,7 +23,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/double.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/double.ts index a0a278ccc775e..6b4ecfab9024e 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/double.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/double.ts @@ -13,9 +13,9 @@ import { deleteListsIndex, importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -23,7 +23,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/float.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/float.ts index b25f13c027820..16408aba28834 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/float.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/float.ts @@ -13,9 +13,9 @@ import { deleteListsIndex, importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -23,7 +23,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/integer.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/integer.ts index 6b2803892ddc8..fd5b2e6fd9bcb 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/integer.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/date_numeric_types/trial_license_complete_tier/integer.ts @@ -13,9 +13,9 @@ import { deleteListsIndex, importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -23,7 +23,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/trial_license_complete_tier/ip.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/trial_license_complete_tier/ip.ts index 7fcb5b09103fe..cdffe6d65aa23 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/trial_license_complete_tier/ip.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/trial_license_complete_tier/ip.ts @@ -13,9 +13,9 @@ import { deleteListsIndex, importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -23,7 +23,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/trial_license_complete_tier/ip_array.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/trial_license_complete_tier/ip_array.ts index d65679ed93216..398e5d5f13573 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/trial_license_complete_tier/ip_array.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/ips/trial_license_complete_tier/ip_array.ts @@ -13,9 +13,9 @@ import { deleteListsIndex, importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -23,7 +23,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/trial_license_complete_tier/keyword.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/trial_license_complete_tier/keyword.ts index f8896bf7a43e8..f8272e6bf4b0b 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/trial_license_complete_tier/keyword.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/trial_license_complete_tier/keyword.ts @@ -13,9 +13,9 @@ import { deleteListsIndex, importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -23,7 +23,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/trial_license_complete_tier/keyword_array.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/trial_license_complete_tier/keyword_array.ts index 54cbe4285c240..6d8da5cd51159 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/trial_license_complete_tier/keyword_array.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/keyword/trial_license_complete_tier/keyword_array.ts @@ -14,9 +14,9 @@ import { importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -24,7 +24,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/trial_license_complete_tier/long.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/trial_license_complete_tier/long.ts index c604789f802ad..4acbd385bde43 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/trial_license_complete_tier/long.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/long/trial_license_complete_tier/long.ts @@ -13,9 +13,9 @@ import { deleteListsIndex, importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -23,7 +23,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/trial_license_complete_tier/text.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/trial_license_complete_tier/text.ts index 537cfaf6ae991..d8c44b3fc5e91 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/trial_license_complete_tier/text.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/trial_license_complete_tier/text.ts @@ -14,9 +14,9 @@ import { importFile, importTextFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -24,7 +24,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/trial_license_complete_tier/text_array.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/trial_license_complete_tier/text_array.ts index 34835f27bdcc4..674d24e6231f1 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/trial_license_complete_tier/text_array.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/operators_data_types/text/trial_license_complete_tier/text_array.ts @@ -13,9 +13,9 @@ import { deleteListsIndex, importFile, } from '../../../../../../lists_and_exception_lists/utils'; +import { createRuleWithExceptionEntries } from '../../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -23,7 +23,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../../utils'; +} from '../../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/create_endpoint_exceptions.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/create_endpoint_exceptions.ts index e686675d808e2..8850976d1cf53 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/create_endpoint_exceptions.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/create_endpoint_exceptions.ts @@ -9,9 +9,9 @@ import { ToolingLog } from '@kbn/tooling-log'; import expect from 'expect'; import type SuperTest from 'supertest'; +import { createRuleWithExceptionEntries } from '../../../../utils'; import { createRule, - createRuleWithExceptionEntries, createAlertsIndex, deleteAllRules, deleteAllAlerts, @@ -19,7 +19,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { createListsIndex, deleteAllExceptions, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/create_rule_exceptions.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/create_rule_exceptions.ts index bebe8b5a64c1b..9a51cd8a1e130 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/create_rule_exceptions.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/create_rule_exceptions.ts @@ -18,17 +18,19 @@ import { import { getCreateExceptionListMinimalSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; import { fetchRule, - createRule, getSimpleRule, - createAlertsIndex, - deleteAllRules, createExceptionList, - deleteAllAlerts, getRuleSOById, createRuleThroughAlertingEndpoint, getRuleSavedObjectWithLegacyInvestigationFields, checkInvestigationFieldSoValue, } from '../../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../../common/utils/security_solution'; import { deleteAllExceptions, removeExceptionListItemServerGeneratedProperties, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/find_rule_exception_references.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/find_rule_exception_references.ts index c6c25cd0d8a7c..de24472e94989 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/find_rule_exception_references.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/find_rule_exception_references.ts @@ -22,14 +22,13 @@ import { import { FtrProviderContext } from '../../../../../../ftr_provider_context'; +import { getSimpleRule, createExceptionList } from '../../../../utils'; import { createRule, - getSimpleRule, deleteAllRules, - createExceptionList, deleteAllAlerts, createAlertsIndex, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { deleteAllExceptions } from '../../../../../lists_and_exception_lists/utils'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/role_based_rule_exceptions_workflows.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/role_based_rule_exceptions_workflows.ts index e308732db3821..1472637d3b5f5 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/role_based_rule_exceptions_workflows.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/role_based_rule_exceptions_workflows.ts @@ -30,31 +30,32 @@ import { ELASTIC_SECURITY_RULE_ID } from '@kbn/security-solution-plugin/common'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; import { - createAlertsIndex, fetchRule, - createRule, getSimpleRule, - deleteAllRules, createExceptionList, createExceptionListItem, getThresholdRuleForAlertTesting, getSimpleRuleOutput, removeServerGeneratedProperties, downgradeImmutableRule, - waitForRuleSuccess, installMockPrebuiltRules, - waitForAlertsToBePresent, - getAlertsByIds, findImmutableRuleById, getPrebuiltRulesAndTimelinesStatus, getOpenAlerts, createRuleWithExceptionEntries, getEqlRuleForAlertTesting, SAMPLE_PREBUILT_RULES, - deleteAllAlerts, updateUsername, } from '../../../../utils'; - +import { + createAlertsIndex, + createRule, + deleteAllRules, + waitForRuleSuccess, + waitForAlertsToBePresent, + getAlertsByIds, + deleteAllAlerts, +} from '../../../../../../../common/utils/security_solution'; import { createListsIndex, deleteAllExceptions, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/rule_exception_synchronizations.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/rule_exception_synchronizations.ts index 5a68270e1220a..f966098d4fa58 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/rule_exception_synchronizations.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/exceptions/workflows/trial_license_complete_tier/rule_exception_synchronizations.ts @@ -18,13 +18,12 @@ import type { RuleCreateProps, } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { getCreateExceptionListDetectionSchemaMock } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; +import { createRuleWithExceptionEntries, getSimpleRule } from '../../../../utils'; import { deleteAllAlerts, - getSimpleRule, - createRuleWithExceptionEntries, deleteAllRules, createRule, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { createListsIndex, deleteAllExceptions, @@ -45,8 +44,8 @@ export default ({ getService }: FtrProviderContext) => { await deleteAllExceptions(supertest, log); }); /* - This test to mimic if we have two browser tabs, and the user tried to - edit an exception in a tab after deleting it in another + This test to mimic if we have two browser tabs, and the user tried to + edit an exception in a tab after deleting it in another */ it('should Not edit an exception after being deleted', async () => { const { list_id: skippedListId, ...newExceptionItem } = @@ -101,7 +100,7 @@ export default ({ getService }: FtrProviderContext) => { }); }); /* - This test to mimic if we have two browser tabs, and the user tried to + This test to mimic if we have two browser tabs, and the user tried to edit an exception with value-list was deleted in another tab */ it('should Not allow editing an Exception with deleted ValueList', async () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql.ts index 77d8b5ffb373d..801efa011cfd2 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/eql.ts @@ -30,14 +30,16 @@ import { } from '@kbn/security-solution-plugin/common/field_maps/field_names'; import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils'; import { - createRule, - deleteAllRules, - deleteAllAlerts, getEqlRuleForAlertTesting, getOpenAlerts, getPreviewAlerts, previewRule, } from '../../../../utils'; +import { + createRule, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql.ts index c582b9d94f3ce..8f95d0c1c3770 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/esql.ts @@ -15,17 +15,19 @@ import { RuleExecutionStatusEnum } from '@kbn/security-solution-plugin/common/ap import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils'; import { - deleteAllRules, - deleteAllAlerts, getPreviewAlerts, previewRule, - createRule, getOpenAlerts, dataGeneratorFactory, previewRuleWithExceptionEntries, removeRandomValuedPropertiesFromAlert, patchRule, } from '../../../../utils'; +import { + deleteAllRules, + deleteAllAlerts, + createRule, +} from '../../../../../../../common/utils/security_solution'; import { deleteAllExceptions } from '../../../../../lists_and_exception_lists/utils'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning.ts index 60ad53f94937f..cceea36fc7329 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/machine_learning.ts @@ -34,9 +34,6 @@ import { importFile, } from '../../../../../lists_and_exception_lists/utils'; import { - createRule, - deleteAllRules, - deleteAllAlerts, executeSetupModuleRequest, forceStartDatafeeds, getOpenAlerts, @@ -44,6 +41,11 @@ import { previewRule, previewRuleWithExceptionEntries, } from '../../../../utils'; +import { + createRule, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms.ts index 7cacab1066da4..d82e9a2b932ca 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/new_terms.ts @@ -14,9 +14,6 @@ import { getCreateNewTermsRulesSchemaMock } from '@kbn/security-solution-plugin/ import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils'; import { - createRule, - deleteAllRules, - deleteAllAlerts, getOpenAlerts, getPreviewAlerts, previewRule, @@ -24,6 +21,11 @@ import { previewRuleWithExceptionEntries, removeRandomValuedPropertiesFromAlert, } from '../../../../utils'; +import { + createRule, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../../common/utils/security_solution'; import { deleteAllExceptions } from '../../../../../lists_and_exception_lists/utils'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/non_ecs_fields.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/non_ecs_fields.ts index 01eb52dbc4901..bdd3a53914fcf 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/non_ecs_fields.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/non_ecs_fields.ts @@ -7,14 +7,16 @@ import expect from 'expect'; import { - deleteAllRules, - deleteAllAlerts, getPreviewAlerts, - getRuleForAlertTesting, previewRule, dataGeneratorFactory, enhanceDocument, } from '../../../../utils'; +import { + deleteAllRules, + deleteAllAlerts, + getRuleForAlertTesting, +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; const getQueryRule = (docIdToQuery: string) => ({ diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/query.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/query.ts index ac7aa41223c9e..ebdd9a71f5215 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/query.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/query.ts @@ -50,12 +50,8 @@ import { deleteAllExceptions } from '../../../../../lists_and_exception_lists/ut import { createExceptionList, createExceptionListItem, - createRule, - deleteAllRules, - deleteAllAlerts, getOpenAlerts, getPreviewAlerts, - getRuleForAlertTesting, getSimpleRule, previewRule, setAlertStatus, @@ -65,6 +61,12 @@ import { getRuleSavedObjectWithLegacyInvestigationFields, dataGeneratorFactory, } from '../../../../utils'; +import { + createRule, + deleteAllRules, + deleteAllAlerts, + getRuleForAlertTesting, +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/saved_query.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/saved_query.ts index cc170182923f9..c44a5cb5293ae 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/saved_query.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/saved_query.ts @@ -16,13 +16,13 @@ import { ALERT_ORIGINAL_TIME, ALERT_ORIGINAL_EVENT, } from '@kbn/security-solution-plugin/common/field_maps/field_names'; +import { getOpenAlerts } from '../../../../utils'; import { createRule, deleteAllRules, deleteAllAlerts, - getOpenAlerts, getRuleForAlertTesting, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threat_match.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threat_match.ts index e8cbeb2c1b4b3..41cce68818a0b 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threat_match.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threat_match.ts @@ -37,14 +37,12 @@ import { } from '@kbn/security-solution-plugin/common/field_maps/field_names'; import { RuleExecutionStatusEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring'; import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils'; +import { previewRule, getOpenAlerts, getPreviewAlerts } from '../../../../utils'; import { - previewRule, - getOpenAlerts, - getPreviewAlerts, deleteAllAlerts, deleteAllRules, createRule, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threat_match_alert_suppression.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threat_match_alert_suppression.ts index 3f53e6d8a7100..194af2d2ea979 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threat_match_alert_suppression.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threat_match_alert_suppression.ts @@ -25,8 +25,8 @@ import { ThreatMatchRuleCreateProps } from '@kbn/security-solution-plugin/common import { RuleExecutionStatusEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring'; import { ALERT_ORIGINAL_TIME } from '@kbn/security-solution-plugin/common/field_maps/field_names'; +import { createRule } from '../../../../../../../common/utils/security_solution'; import { - createRule, getOpenAlerts, getPreviewAlerts, getThreatMatchRuleForAlertTesting, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold.ts index 9449750b38465..661fc43f74d20 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold.ts @@ -24,8 +24,8 @@ import { ALERT_THRESHOLD_RESULT, } from '@kbn/security-solution-plugin/common/field_maps/field_names'; import { getMaxSignalsWarning as getMaxAlertsWarning } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_types/utils/utils'; +import { createRule } from '../../../../../../../common/utils/security_solution'; import { - createRule, getOpenAlerts, getPreviewAlerts, getThresholdRuleForAlertTesting, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold_alert_suppression.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold_alert_suppression.ts index 436e869937e5e..3afba97724b5c 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold_alert_suppression.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/threshold_alert_suppression.ts @@ -23,8 +23,8 @@ import { ThresholdRuleCreateProps } from '@kbn/security-solution-plugin/common/a import { RuleExecutionStatusEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring'; import { ALERT_ORIGINAL_TIME } from '@kbn/security-solution-plugin/common/field_maps/field_names'; +import { createRule } from '../../../../../../../common/utils/security_solution'; import { - createRule, getOpenAlerts, getPreviewAlerts, getThresholdRuleForAlertTesting, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/ignore_fields.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/ignore_fields.ts index f4c49ba1434b1..3e3cf7eac685f 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/ignore_fields.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/ignore_fields.ts @@ -7,16 +7,16 @@ import expect from '@kbn/expect'; +import { getEqlRuleForAlertTesting } from '../../../utils'; import { createRule, createAlertsIndex, deleteAllRules, deleteAllAlerts, - getEqlRuleForAlertTesting, getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; interface Ignore { normal_constant?: string; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/const_keyword.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/const_keyword.ts index bd19ea428a2d4..fca298744b69c 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/const_keyword.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/const_keyword.ts @@ -12,18 +12,17 @@ import { } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { ALERT_THRESHOLD_RESULT } from '@kbn/security-solution-plugin/common/field_maps/field_names'; +import { getEqlRuleForAlertTesting, getThresholdRuleForAlertTesting } from '../../../../utils'; import { createRule, createAlertsIndex, deleteAllRules, deleteAllAlerts, - getEqlRuleForAlertTesting, getRuleForAlertTesting, getAlertsById, - getThresholdRuleForAlertTesting, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword.ts index 0edfd13a2e264..ddab1e5a1a44b 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword.ts @@ -13,18 +13,17 @@ import { ThresholdRuleCreateProps, } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { ALERT_THRESHOLD_RESULT } from '@kbn/security-solution-plugin/common/field_maps/field_names'; +import { getEqlRuleForAlertTesting, getThresholdRuleForAlertTesting } from '../../../../utils'; import { createRule, createAlertsIndex, deleteAllRules, deleteAllAlerts, - getEqlRuleForAlertTesting, getRuleForAlertTesting, getAlertsById, - getThresholdRuleForAlertTesting, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts index 7f9c55a56c46b..4844aadb76a27 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/keyword_family/keyword_mixed_with_const.ts @@ -12,17 +12,17 @@ import { } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { ALERT_THRESHOLD_RESULT } from '@kbn/security-solution-plugin/common/field_maps/field_names'; +import { getEqlRuleForAlertTesting } from '../../../../utils'; import { createRule, createAlertsIndex, deleteAllRules, deleteAllAlerts, - getEqlRuleForAlertTesting, getRuleForAlertTesting, getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../../utils'; +} from '../../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/runtime.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/runtime.ts index 20f2d08045c34..47e0a0ab3ff9c 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/runtime.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/runtime.ts @@ -17,7 +17,7 @@ import { getAlertsById, waitForRuleSuccess, waitForAlertsToBePresent, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/timestamps.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/timestamps.ts index ba0c206c2f305..6ae4964ece45b 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/timestamps.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/timestamps.ts @@ -14,6 +14,7 @@ import { } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { ALERT_ORIGINAL_TIME } from '@kbn/security-solution-plugin/common/field_maps/field_names'; +import { getOpenAlerts, getEqlRuleForAlertTesting } from '../../../utils'; import { createAlertsIndex, deleteAllRules, @@ -21,12 +22,10 @@ import { createRule, waitForRuleSuccess, waitForAlertsToBePresent, - getOpenAlerts, getRuleForAlertTesting, getAlertsByIds, - getEqlRuleForAlertTesting, waitForRulePartialFailure, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/install_latest_bundled_prebuilt_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/install_latest_bundled_prebuilt_rules.ts index dcb2561b1f3e8..cba12ecf33764 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/install_latest_bundled_prebuilt_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/install_latest_bundled_prebuilt_rules.ts @@ -13,11 +13,11 @@ import { PackageSpecManifest } from '@kbn/fleet-plugin/common'; import { ALL_SAVED_OBJECT_INDICES } from '@kbn/core-saved-objects-server'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { - deleteAllRules, deleteAllPrebuiltRuleAssets, getPrebuiltRulesStatus, installPrebuiltRulesPackageByVersion, } from '../../../../utils'; +import { deleteAllRules } from '../../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/prerelease_packages.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/prerelease_packages.ts index 3ed663f7ecc66..fa3ffe093b5b4 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/prerelease_packages.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/bundled_prebuilt_rules_package/trial_license_complete_tier/prerelease_packages.ts @@ -9,7 +9,6 @@ import expect from 'expect'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { deleteAllPrebuiltRuleAssets, - deleteAllRules, deletePrebuiltRulesFleetPackage, getInstalledRules, getPrebuiltRulesFleetPackage, @@ -17,6 +16,7 @@ import { installPrebuiltRules, installPrebuiltRulesPackageViaFleetAPI, } from '../../../../utils'; +import { deleteAllRules } from '../../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/large_prebuilt_rules_package/trial_license_complete_tier/install_large_prebuilt_rules_package.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/large_prebuilt_rules_package/trial_license_complete_tier/install_large_prebuilt_rules_package.ts index 0b625e7bbb82e..b34aae0b97a56 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/large_prebuilt_rules_package/trial_license_complete_tier/install_large_prebuilt_rules_package.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/large_prebuilt_rules_package/trial_license_complete_tier/install_large_prebuilt_rules_package.ts @@ -8,10 +8,10 @@ import expect from 'expect'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { deleteAllPrebuiltRuleAssets, - deleteAllRules, getPrebuiltRulesAndTimelinesStatus, installPrebuiltRulesAndTimelines, } from '../../../../utils'; +import { deleteAllRules } from '../../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/fleet_integration.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/fleet_integration.ts index 1a8394a3b5144..19dcd4ba1aa37 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/fleet_integration.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/fleet_integration.ts @@ -7,10 +7,10 @@ import expect from 'expect'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { - deleteAllRules, getPrebuiltRulesAndTimelinesStatus, installPrebuiltRulesAndTimelines, } from '../../../../utils'; +import { deleteAllRules } from '../../../../../../../common/utils/security_solution'; import { deleteAllPrebuiltRuleAssets } from '../../../../utils/rules/prebuilt_rules/delete_all_prebuilt_rule_assets'; import { deleteAllTimelines } from '../../../../utils/rules/prebuilt_rules/delete_all_timelines'; import { deletePrebuiltRulesFleetPackage } from '../../../../utils/rules/prebuilt_rules/delete_prebuilt_rules_fleet_package'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/get_prebuilt_rules_status.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/get_prebuilt_rules_status.ts index 5f39065263afb..5ae15cd6fc3a1 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/get_prebuilt_rules_status.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/get_prebuilt_rules_status.ts @@ -9,19 +9,21 @@ import expect from 'expect'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { deleteAllPrebuiltRuleAssets, - deleteAllRules, getPrebuiltRulesStatus, - createRule, getSimpleRule, createRuleAssetSavedObject, createPrebuiltRuleAssetSavedObjects, installPrebuiltRules, - deleteRule, upgradePrebuiltRules, createHistoricalPrebuiltRuleAssetSavedObjects, getPrebuiltRulesAndTimelinesStatus, installPrebuiltRulesAndTimelines, } from '../../../../utils'; +import { + deleteAllRules, + createRule, + deleteRule, +} from '../../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/install_prebuilt_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/install_prebuilt_rules.ts index e9b8bbed84d1e..d9a99d50228d5 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/install_prebuilt_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/install_prebuilt_rules.ts @@ -7,18 +7,17 @@ import expect from 'expect'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { - deleteAllRules, deleteAllTimelines, deleteAllPrebuiltRuleAssets, createRuleAssetSavedObject, createPrebuiltRuleAssetSavedObjects, installPrebuiltRulesAndTimelines, - deleteRule, getPrebuiltRulesAndTimelinesStatus, getPrebuiltRulesStatus, installPrebuiltRules, getInstalledRules, } from '../../../../utils'; +import { deleteAllRules, deleteRule } from '../../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/install_prebuilt_rules_with_historical_versions.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/install_prebuilt_rules_with_historical_versions.ts index 6120caa8eda22..8b8b06f6b1519 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/install_prebuilt_rules_with_historical_versions.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/install_prebuilt_rules_with_historical_versions.ts @@ -7,18 +7,17 @@ import expect from 'expect'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { - deleteAllRules, deleteAllTimelines, deleteAllPrebuiltRuleAssets, createRuleAssetSavedObject, installPrebuiltRulesAndTimelines, - deleteRule, getPrebuiltRulesAndTimelinesStatus, createHistoricalPrebuiltRuleAssetSavedObjects, getPrebuiltRulesStatus, installPrebuiltRules, getInstalledRules, } from '../../../../utils'; +import { deleteAllRules, deleteRule } from '../../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_prebuilt_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_prebuilt_rules.ts index 5d1f9662e118a..73204855bcbf8 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_prebuilt_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_prebuilt_rules.ts @@ -8,7 +8,6 @@ import expect from 'expect'; import { PRECONFIGURED_EMAIL_ACTION_CONNECTOR_ID } from '../../../../../../config/shared'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { - deleteAllRules, deleteAllTimelines, deleteAllPrebuiltRuleAssets, createRuleAssetSavedObject, @@ -21,6 +20,7 @@ import { fetchRule, patchRule, } from '../../../../utils'; +import { deleteAllRules } from '../../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_prebuilt_rules_with_historical_versions.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_prebuilt_rules_with_historical_versions.ts index cd6ff46ecabb1..4137e2a9a194f 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_prebuilt_rules_with_historical_versions.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_prebuilt_rules_with_historical_versions.ts @@ -7,7 +7,6 @@ import expect from 'expect'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { - deleteAllRules, deleteAllTimelines, deleteAllPrebuiltRuleAssets, createRuleAssetSavedObject, @@ -18,6 +17,7 @@ import { installPrebuiltRules, upgradePrebuiltRules, } from '../../../../utils'; +import { deleteAllRules } from '../../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/update_prebuilt_rules_package/trial_license_complete_tier/update_prebuilt_rules_package.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/update_prebuilt_rules_package/trial_license_complete_tier/update_prebuilt_rules_package.ts index ffba2bd01d988..21535741597d6 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/update_prebuilt_rules_package/trial_license_complete_tier/update_prebuilt_rules_package.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/update_prebuilt_rules_package/trial_license_complete_tier/update_prebuilt_rules_package.ts @@ -15,7 +15,6 @@ import { PackageSpecManifest } from '@kbn/fleet-plugin/common'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; import { deleteAllPrebuiltRuleAssets, - deleteAllRules, getInstalledRules, getPrebuiltRulesStatus, installPrebuiltRules, @@ -24,6 +23,7 @@ import { reviewPrebuiltRulesToInstall, reviewPrebuiltRulesToUpgrade, } from '../../../../utils'; +import { deleteAllRules } from '../../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const es = getService('es'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts index 04e895290c555..747426e0c0587 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts @@ -21,10 +21,6 @@ import { getCreateExceptionListItemMinimalSchemaMock } from '@kbn/lists-plugin/c import { WebhookAuthType } from '@kbn/stack-connectors-plugin/common/webhook/constants'; import { binaryToString, - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleMlRule, getSimpleRule, getSimpleRuleOutput, @@ -34,6 +30,12 @@ import { removeServerGeneratedProperties, updateUsername, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { deleteAllExceptions } from '../../../../lists_and_exception_lists/utils'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts index ad88064d1d2fe..5120c5f606c17 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts @@ -14,15 +14,13 @@ import { BulkActionTypeEnum, BulkActionEditTypeEnum, } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management'; +import { getSimpleMlRule, getSimpleRule, installMockPrebuiltRules } from '../../../utils'; import { createRule, createAlertsIndex, deleteAllRules, deleteAllAlerts, - getSimpleMlRule, - getSimpleRule, - installMockPrebuiltRules, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run_ess.ts index c44bc5acd58e5..50cd8cf6afc91 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run_ess.ts @@ -12,7 +12,12 @@ import { BulkActionTypeEnum, BulkActionEditTypeEnum, } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management'; -import { createRule, createAlertsIndex, deleteAllRules, deleteAllAlerts } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_ess.ts index f260d3ed2683a..83a7db27fe3fe 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_ess.ts @@ -21,20 +21,22 @@ import { import { binaryToString, createLegacyRuleAction, - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getLegacyActionSO, getSimpleRule, getWebHookAction, - waitForRuleSuccess, - getRuleSOById, createRuleThroughAlertingEndpoint, getRuleSavedObjectWithLegacyInvestigationFields, getRuleSavedObjectWithLegacyInvestigationFieldsEmptyArray, checkInvestigationFieldSoValue, + getRuleSOById, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + waitForRuleSuccess, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; @@ -801,7 +803,7 @@ export default ({ getService }: FtrProviderContext): void => { /* It's duplicate of a rule with properly formatted "investigation fields". So we just check that "investigation fields" are in intended format. - No migration needs to happen. + No migration needs to happen. */ const isInvestigationFieldForRuleWithIntendedTypeInSo = await checkInvestigationFieldSoValue( @@ -839,7 +841,7 @@ export default ({ getService }: FtrProviderContext): void => { /* Since this rule was created with intended "investigation fields" format, - it shouldn't change - no need to migrate. + it shouldn't change - no need to migrate. */ const isInvestigationFieldForOriginalRuleWithIntendedTypeInSo = await checkInvestigationFieldSoValue( diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts index a9537d0426c01..fe89747eaa375 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts @@ -9,14 +9,12 @@ import expect from 'expect'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; +import { removeServerGeneratedProperties, getSimpleMlRule, updateUsername } from '../../../utils'; import { createAlertsIndex, deleteAllRules, - removeServerGeneratedProperties, - getSimpleMlRule, deleteAllAlerts, - updateUsername, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../es_archive_path_builder'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts index 281fa37bb2d5d..7b9cc9e0f5d20 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts @@ -12,16 +12,19 @@ import { RuleCreateProps } from '@kbn/security-solution-plugin/common/api/detect import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { - createAlertsIndex, - deleteAllRules, getSimpleRule, getSimpleRuleOutputWithoutRuleId, getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, - deleteAllAlerts, updateUsername, + getSimpleRuleOutput, } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { EsArchivePathBuilder } from '../../../../../es_archive_path_builder'; @@ -65,7 +68,7 @@ export default ({ getService }: FtrProviderContext) => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); - const expectedRule = updateUsername(bodyToCompare, ELASTICSEARCH_USERNAME); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); expect(bodyToCompare).to.eql(expectedRule); }); @@ -90,7 +93,42 @@ export default ({ getService }: FtrProviderContext) => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); - const expectedRule = updateUsername(bodyToCompare, ELASTICSEARCH_USERNAME); + const expectedRule = updateUsername( + { + actions: [], + author: [], + created_by: 'elastic', + description: 'Simple Rule Query', + enabled: true, + false_positives: [], + from: 'now-6m', + immutable: false, + interval: '5m', + rule_id: 'rule-1', + language: 'kuery', + output_index: '', + max_signals: 100, + risk_score: 1, + risk_score_mapping: [], + name: 'Simple Rule Query', + query: 'user.name: root or user.name: admin', + references: [], + related_integrations: [], + required_fields: [], + setup: '', + severity: 'high', + severity_mapping: [], + updated_by: 'elastic', + tags: [], + to: 'now', + type: 'query', + threat: [], + exceptions_list: [], + version: 1, + revision: 0, + }, + ELASTICSEARCH_USERNAME + ); expect(bodyToCompare).to.eql(expectedRule); }); diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/create_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules_bulk.ts similarity index 74% rename from x-pack/test/detection_engine_api_integration/basic/tests/create_rules_bulk.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules_bulk.ts index d23d92e2887a2..a36b14bab5667 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/create_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules_bulk.ts @@ -8,38 +8,47 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_BULK_CREATE } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { EsArchivePathBuilder } from '../../../../../es_archive_path_builder'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createSignalsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, getSimpleRuleOutputWithoutRuleId, getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, -} from '../../utils'; + updateUsername, +} from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext): void => { const esArchiver = getService('esArchiver'); const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); - - describe('create_rules_bulk', () => { + // TODO: add a new service for loading archiver files similar to "getService('es')" + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); + const isServerless = config.get('serverless'); + const dataPathBuilder = new EsArchivePathBuilder(isServerless); + const auditbeatPath = dataPathBuilder.getPath('auditbeat/hosts'); + + describe('@ess @serverless create_rules_bulk', () => { describe('creating rules in bulk', () => { before(async () => { - await esArchiver.load('x-pack/test/functional/es_archives/auditbeat/hosts'); + await esArchiver.load(auditbeatPath); }); after(async () => { - await esArchiver.unload('x-pack/test/functional/es_archives/auditbeat/hosts'); + await esArchiver.unload(auditbeatPath); }); beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -56,7 +65,9 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should create a single rule without a rule_id', async () => { @@ -68,7 +79,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return a 200 ok but have a 409 conflict if we attempt to create the same rule_id twice', async () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/index.ts index aa21da6d74cc7..9a2d3b8256c2f 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/basic_license_essentials_tier/index.ts @@ -9,6 +9,7 @@ import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default function ({ loadTestFile }: FtrProviderContext) { describe('Rules Management - Rule Creation APIs', function () { loadTestFile(require.resolve('./create_rules')); + loadTestFile(require.resolve('./create_rules_bulk')); loadTestFile(require.resolve('./create_ml_rules_privileges')); }); } diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts index 78c8467356612..9b8c41c9ef841 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts @@ -10,7 +10,7 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { getCreateNewTermsRulesSchemaMock } from '@kbn/security-solution-plugin/common/api/detection_engine/model/rule_schema/mocks'; -import { deleteAllRules } from '../../../utils'; +import { deleteAllRules } from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts index e1bbdbe26e3dd..91fcf8e4f1a94 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts @@ -19,12 +19,6 @@ import { ROLES } from '@kbn/security-solution-plugin/common/test'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - deleteAllRules, - waitForRuleSuccess, - waitForAlertToComplete, - waitForAlertsToBePresent, - waitForRulePartialFailure, - deleteAllAlerts, getActionsWithFrequencies, getActionsWithoutFrequencies, getSomeActionsWithFrequencies, @@ -34,7 +28,15 @@ import { getThresholdRuleParams, generateEvent, fetchRule, + waitForAlertToComplete, } from '../../../utils'; +import { + deleteAllRules, + waitForRuleSuccess, + waitForAlertsToBePresent, + waitForRulePartialFailure, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { createUserAndRole, deleteUserAndRole, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules_bulk.ts index 2319c3d0ddf82..c762487b8f278 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/create_rules_bulk.ts @@ -18,22 +18,24 @@ import { RuleCreateProps } from '@kbn/security-solution-plugin/common/api/detect import { ExceptionListTypeEnum } from '@kbn/securitysolution-io-ts-list-types'; import { - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, - getRuleForAlertTesting, getSimpleRule, getSimpleRuleOutput, getSimpleRuleOutputWithoutRuleId, getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, - waitForRuleSuccess, getActionsWithFrequencies, getActionsWithoutFrequencies, getSomeActionsWithFrequencies, removeUUIDFromActions, } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + getRuleForAlertTesting, + waitForRuleSuccess, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts index cf723f5cf2779..43a04eef3cb69 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts @@ -9,7 +9,8 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_PREVIEW } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { deleteAllRules, getSimplePreviewRule, getSimpleRulePreviewOutput } from '../../../utils'; +import { getSimplePreviewRule, getSimpleRulePreviewOutput } from '../../../utils'; +import { deleteAllRules } from '../../../../../../common/utils/security_solution'; import { createUserAndRole, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..05eaaabfd740e --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../config/ess/config.base.basic') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: 'Rules Management - Rule Delete Integration Tests - ESS Env - Basic License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..430b838dc76a8 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Rules Management - Rule Delete Integration Tests - Serverless Env - Essentials Tier ', + }, +}); diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/delete_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts similarity index 79% rename from x-pack/test/detection_engine_api_integration/basic/tests/delete_rules.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts index b649b16d7ef02..944a33dc1a75d 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/delete_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts @@ -8,30 +8,34 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createRule, - createSignalsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, getSimpleRuleOutputWithoutRuleId, getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, -} from '../../utils'; + updateUsername, +} from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext): void => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('delete_rules', () => { + describe('@ess @serverless delete_rules', () => { describe('deleting rules', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -50,7 +54,9 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated rule_id', async () => { @@ -64,7 +70,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated id', async () => { @@ -78,7 +89,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return an error if the id does not exist when trying to delete it', async () => { diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/delete_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts similarity index 83% rename from x-pack/test/detection_engine_api_integration/basic/tests/delete_rules_bulk.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts index c2017aead47d8..771573b3e7c70 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/delete_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts @@ -8,30 +8,34 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_BULK_DELETE } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createRule, - createSignalsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, getSimpleRuleOutputWithoutRuleId, getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, -} from '../../utils'; + updateUsername, +} from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext): void => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('delete_rules_bulk', () => { + describe('@ess @serverless delete_rules_bulk', () => { describe('deleting rules bulk using DELETE', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -51,7 +55,9 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated rule_id', async () => { @@ -66,7 +72,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated id', async () => { @@ -81,7 +92,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return an error if the ruled_id does not exist when trying to delete a rule_id', async () => { @@ -133,8 +149,13 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect([bodyToCompare, body[1]]).to.eql([ + const expectedRule = updateUsername( getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect([bodyToCompare, body[1]]).to.eql([ + expectedRule, { id: 'c4e80a0d-e20f-4efc-84c1-08112da5a612', error: { @@ -149,7 +170,7 @@ export default ({ getService }: FtrProviderContext): void => { // This is a repeat of the tests above but just using POST instead of DELETE describe('deleting rules bulk using POST', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -169,7 +190,9 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated rule_id', async () => { @@ -184,7 +207,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should delete a single rule using an auto generated id', async () => { @@ -199,7 +227,12 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return an error if the ruled_id does not exist when trying to delete a rule_id', async () => { @@ -251,8 +284,13 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body[0]); - expect([bodyToCompare, body[1]]).to.eql([ + const expectedRule = updateUsername( getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect([bodyToCompare, body[1]]).to.eql([ + expectedRule, { id: 'c4e80a0d-e20f-4efc-84c1-08112da5a612', error: { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/index.ts new file mode 100644 index 0000000000000..db32a616e20de --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Rules Management - Rule Delete API', function () { + loadTestFile(require.resolve('./delete_rules')); + loadTestFile(require.resolve('./delete_rules_bulk')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts index 09ed13dc483b1..350cb550f6075 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts @@ -8,10 +8,6 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, getSimpleRuleOutputWithoutRuleId, @@ -20,6 +16,12 @@ import { removeServerGeneratedPropertiesIncludingRuleId, updateUsername, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk.ts index 7a4d4e4df9c56..c02a11f6ec5a4 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk.ts @@ -11,10 +11,6 @@ import { BaseRuleParams } from '@kbn/security-solution-plugin/server/lib/detecti import { DETECTION_ENGINE_RULES_BULK_DELETE } from '@kbn/security-solution-plugin/common/constants'; import { RuleResponse } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, updateUsername, @@ -26,6 +22,12 @@ import { getRuleSavedObjectWithLegacyInvestigationFields, getRuleSavedObjectWithLegacyInvestigationFieldsEmptyArray, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk_legacy.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk_legacy.ts index 7af966e8a0dfe..c64eeeb402f61 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk_legacy.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_bulk_legacy.ts @@ -10,15 +10,17 @@ import { BASE_ALERTING_API_PATH } from '@kbn/alerting-plugin/common'; import { DETECTION_ENGINE_RULES_BULK_DELETE } from '@kbn/security-solution-plugin/common/constants'; import { createLegacyRuleAction, - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSlackAction, getWebHookAction, getLegacyActionSO, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_ess.ts index 784f083cbb75b..05a516df7e163 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_ess.ts @@ -10,16 +10,18 @@ import { Rule } from '@kbn/alerting-plugin/common'; import { BaseRuleParams } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_schema'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, removeServerGeneratedProperties, createRuleThroughAlertingEndpoint, getRuleSavedObjectWithLegacyInvestigationFields, getRuleSavedObjectWithLegacyInvestigationFieldsEmptyArray, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_legacy.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_legacy.ts index 42c3d633a003d..ba17cbd1254b6 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_legacy.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules_legacy.ts @@ -10,16 +10,17 @@ import { BASE_ALERTING_API_PATH } from '@kbn/alerting-plugin/common'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { createLegacyRuleAction, - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSlackAction, getWebHookAction, getLegacyActionSO, } from '../../../utils'; - +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..c71cfab3cc9fd --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../config/ess/config.base.basic') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: 'Rules Management - Rule Patch Integration Tests - ESS Env - Basic License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..de3421e190305 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Rules Management - Rule Patch Integration Tests - Serverless Env - Essentials Tier ', + }, +}); diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/export_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts similarity index 82% rename from x-pack/test/detection_engine_api_integration/basic/tests/export_rules.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts index 883c9adcc7ad0..67d48610d4e8f 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/export_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts @@ -8,28 +8,31 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { binaryToString, - createRule, - createSignalsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, removeServerGeneratedProperties, -} from '../../utils'; - -// eslint-disable-next-line import/no-default-export + updateUsername, +} from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; export default ({ getService }: FtrProviderContext): void => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('export_rules', () => { + describe('@ess @serverless export_rules', () => { describe('exporting rules', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -63,8 +66,9 @@ export default ({ getService }: FtrProviderContext): void => { const bodySplitAndParsed = JSON.parse(body.toString().split(/\n/)[0]); const bodyToTest = removeServerGeneratedProperties(bodySplitAndParsed); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); - expect(bodyToTest).to.eql(getSimpleRuleOutput()); + expect(bodyToTest).to.eql(expectedRule); }); it('should export a exported count with a single rule_id', async () => { @@ -115,11 +119,10 @@ export default ({ getService }: FtrProviderContext): void => { const secondRuleParsed = JSON.parse(body.toString().split(/\n/)[1]); const firstRule = removeServerGeneratedProperties(firstRuleParsed); const secondRule = removeServerGeneratedProperties(secondRuleParsed); + const expectedRule = updateUsername(getSimpleRuleOutput('rule-2'), ELASTICSEARCH_USERNAME); + const expectedRule2 = updateUsername(getSimpleRuleOutput('rule-1'), ELASTICSEARCH_USERNAME); - expect([firstRule, secondRule]).to.eql([ - getSimpleRuleOutput('rule-2'), - getSimpleRuleOutput('rule-1'), - ]); + expect([firstRule, secondRule]).to.eql([expectedRule, expectedRule2]); }); }); }); diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/import_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts similarity index 94% rename from x-pack/test/detection_engine_api_integration/basic/tests/import_rules.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts index bf22875e23712..5bb8fd306bd04 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/import_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts @@ -8,28 +8,32 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createSignalsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleAsNdjson, getSimpleRuleOutput, removeServerGeneratedProperties, ruleToNdjson, -} from '../../utils'; + updateUsername, +} from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext): void => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('import_rules', () => { + describe('@ess @serverless import_rules', () => { describe('importing rules with an index', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -99,10 +103,15 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql({ - ...getSimpleRuleOutput('rule-1', false), - output_index: '', - }); + const expectedRule = updateUsername( + { + ...getSimpleRuleOutput('rule-1', false), + output_index: '', + }, + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should fail validation when importing a rule with malformed "from" params on the rules', async () => { @@ -381,7 +390,9 @@ export default ({ getService }: FtrProviderContext): void => { }; ruleOutput.name = 'some other name'; ruleOutput.revision = 0; - expect(bodyToCompare).to.eql(ruleOutput); + const expectedRule = updateUsername(ruleOutput, ELASTICSEARCH_USERNAME); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should report a conflict if there is an attempt to import a rule with a rule_id that already exists, but still have some successes with other rules', async () => { @@ -507,11 +518,14 @@ export default ({ getService }: FtrProviderContext): void => { const bodyToCompareOfRule1 = removeServerGeneratedProperties(bodyOfRule1); const bodyToCompareOfRule2 = removeServerGeneratedProperties(bodyOfRule2); const bodyToCompareOfRule3 = removeServerGeneratedProperties(bodyOfRule3); + const expectedRule = updateUsername(getRuleOutput('rule-1'), ELASTICSEARCH_USERNAME); + const expectedRule2 = updateUsername(getRuleOutput('rule-2'), ELASTICSEARCH_USERNAME); + const expectedRule3 = updateUsername(getRuleOutput('rule-3'), ELASTICSEARCH_USERNAME); expect([bodyToCompareOfRule1, bodyToCompareOfRule2, bodyToCompareOfRule3]).to.eql([ - getRuleOutput('rule-1'), - getRuleOutput('rule-2'), - getRuleOutput('rule-3'), + expectedRule, + expectedRule2, + expectedRule3, ]); }); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/index.ts new file mode 100644 index 0000000000000..7d91e7c455b58 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Rules Management - Rule Import & Export APIs', function () { + loadTestFile(require.resolve('./export_rules')); + loadTestFile(require.resolve('./import_rules')); + }); +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules.ts index 555e845ec7b4f..08ef7c6d7f28a 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules.ts @@ -12,17 +12,19 @@ import { RuleResponse } from '@kbn/security-solution-plugin/common/api/detection import { PRECONFIGURED_EMAIL_ACTION_CONNECTOR_ID } from '../../../../../config/shared'; import { binaryToString, - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, getWebHookAction, removeServerGeneratedProperties, - waitForRulePartialFailure, updateUsername, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + waitForRulePartialFailure, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules_ess.ts index a0c7ab520da3c..fd2d2374c1d56 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/export_rules_ess.ts @@ -16,10 +16,6 @@ import { } from '@kbn/security-solution-plugin/common/constants'; import { binaryToString, - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, getWebHookAction, @@ -30,6 +26,12 @@ import { createRuleThroughAlertingEndpoint, checkInvestigationFieldSoValue, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_export_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_export_rules.ts index 3d4d37205ae7d..3be3740dda80a 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_export_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_export_rules.ts @@ -18,14 +18,13 @@ import { } from '@kbn/lists-plugin/common/schemas/request/create_exception_list_schema.mock'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { binaryToString, getSimpleRule } from '../../../utils'; import { - binaryToString, createRule, createAlertsIndex, deleteAllRules, deleteAllAlerts, - getSimpleRule, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { createUserAndRole, deleteUserAndRole, @@ -57,12 +56,12 @@ export default ({ getService }: FtrProviderContext): void => { }); describe('Endpoint Exception', () => { - /* - Following the release of version 8.7, this test can be considered as an evaluation of exporting + /* + Following the release of version 8.7, this test can be considered as an evaluation of exporting an outdated List Item. A notable distinction lies in the absence of the "expire_time" property within the getCreateExceptionListMinimalSchemaMock, which allows for differentiation between older - and newer versions. The rationale behind this approach is the lack of version tracking for both List and Rule, - thereby enabling simulation of migration scenarios. + and newer versions. The rationale behind this approach is the lack of version tracking for both List and Rule, + thereby enabling simulation of migration scenarios. */ it('should be able to reimport a rule referencing an old version of endpoint exception list with existing comments', async () => { // create an exception list @@ -224,12 +223,12 @@ export default ({ getService }: FtrProviderContext): void => { }); describe('Detection Exception', () => { - /* - Following the release of version 8.7, this test can be considered as an evaluation of exporting + /* + Following the release of version 8.7, this test can be considered as an evaluation of exporting an outdated List Item. A notable distinction lies in the absence of the "expire_time" property within the getCreateExceptionListMinimalSchemaMock, which allows for differentiation between older - and newer versions. The rationale behind this approach is the lack of version tracking for both List and Rule, - thereby enabling simulation of migration scenarios. + and newer versions. The rationale behind this approach is the lack of version tracking for both List and Rule, + thereby enabling simulation of migration scenarios. */ it('should be able to reimport a rule referencing an old version of detection exception list with existing comments', async () => { // create an exception list diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules.ts index f9f5f5ce4388c..58720b601fd37 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules.ts @@ -21,7 +21,6 @@ import { getImportExceptionsListItemNewerVersionSchemaMock, } from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; import { - deleteAllRules, getSimpleRule, getSimpleRuleAsNdjson, getSimpleRuleOutput, @@ -31,6 +30,7 @@ import { removeServerGeneratedProperties, ruleToNdjson, } from '../../../utils'; +import { deleteAllRules } from '../../../../../../common/utils/security_solution'; import { deleteAllExceptions } from '../../../../lists_and_exception_lists/utils'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; @@ -1291,12 +1291,12 @@ export default ({ getService }: FtrProviderContext): void => { await deleteAllExceptions(supertest, log); }); - /* - Following the release of version 8.7, this test can be considered as an evaluation of exporting + /* + Following the release of version 8.7, this test can be considered as an evaluation of exporting an outdated List Item. A notable distinction lies in the absence of the "expire_time" property within the getCreateExceptionListMinimalSchemaMock, which allows for differentiation between older - and newer versions. The rationale behind this approach is the lack of version tracking for both List and Rule, - thereby enabling simulation of migration scenarios. + and newer versions. The rationale behind this approach is the lack of version tracking for both List and Rule, + thereby enabling simulation of migration scenarios. */ it('should be able to import a rule and an old version exception list, then delete it successfully', async () => { const simpleRule = getSimpleRule('rule-1'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_ess.ts index 536aa25300de4..69466edf7a1be 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/import_rules_ess.ts @@ -15,17 +15,16 @@ import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common import { ROLES } from '@kbn/security-solution-plugin/common/test'; import { toNdJsonString } from '@kbn/lists-plugin/common/schemas/request/import_exceptions_schema.mock'; import { - deleteAllRules, getSimpleRule, ruleToNdjson, createLegacyRuleAction, getLegacyActionSO, - createRule, fetchRule, getWebHookAction, getSimpleRuleAsNdjson, checkInvestigationFieldSoValue, } from '../../../utils'; +import { deleteAllRules, createRule } from '../../../../../../common/utils/security_solution'; import { createUserAndRole, deleteUserAndRole, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts index f5185ac31d316..7a6b5716f8ff7 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts @@ -17,13 +17,12 @@ import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { createPrebuiltRuleAssetSavedObjects, createRuleAssetSavedObject, - createRule, - deleteAllRules, installPrebuiltRulesAndTimelines, installPrebuiltRules, getCustomQueryRuleParams, createNonSecurityRule, } from '../../../utils'; +import { createRule, deleteAllRules } from '../../../../../../common/utils/security_solution'; import { getCoverageOverview } from '../../../utils/rules/get_coverage_overview'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_execution_results.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_execution_results.ts index fbd4836b19605..6509b4810903e 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_execution_results.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_execution_results.ts @@ -16,18 +16,20 @@ import { ELASTIC_HTTP_VERSION_HEADER, X_ELASTIC_INTERNAL_ORIGIN_REQUEST, } from '@kbn/core-http-common'; +import { + deleteAllEventLogExecutionEvents, + indexEventLogExecutionEvents, + waitForEventLogExecuteComplete, +} from '../../../utils'; import { createRule, createAlertsIndex, deleteAllRules, - deleteAllEventLogExecutionEvents, deleteAllAlerts, getRuleForAlertTesting, - indexEventLogExecutionEvents, - waitForEventLogExecuteComplete, waitForRulePartialFailure, waitForRuleSuccess, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { failedGapExecution, failedRanAfterDisabled, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts index 834542a0de0e9..e8da4a62593e3 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts @@ -11,11 +11,11 @@ import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common import { RULE_MANAGEMENT_FILTERS_URL } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management'; import { - deleteAllRules, getSimpleRule, installMockPrebuiltRules, deleteAllPrebuiltRuleAssets, } from '../../../utils'; +import { deleteAllRules } from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..c71cfab3cc9fd --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../config/ess/config.base.basic') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: 'Rules Management - Rule Patch Integration Tests - ESS Env - Basic License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..de3421e190305 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Rules Management - Rule Patch Integration Tests - Serverless Env - Essentials Tier ', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/index.ts new file mode 100644 index 0000000000000..ccaa2d297a8de --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Rules Management - Rule Patch APIs', function () { + loadTestFile(require.resolve('./patch_rules_bulk')); + loadTestFile(require.resolve('./patch_rules')); + }); +} diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/patch_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts similarity index 84% rename from x-pack/test/detection_engine_api_integration/basic/tests/patch_rules.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts index 040a504ee282c..7d53883276f9d 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/patch_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts @@ -8,29 +8,33 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createSignalsIndex, - deleteAllRules, getSimpleRule, getSimpleRuleOutput, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, getSimpleRuleOutputWithoutRuleId, + updateUsername, +} from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, createRule, deleteAllAlerts, -} from '../../utils'; +} from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('patch_rules', () => { + describe('@ess @serverless patch_rules', () => { describe('patch rules', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -52,11 +56,13 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); - it('should return a "403 forbidden" using a rule_id of type "machine learning"', async () => { + it('@brokenInServerless should return a "403 forbidden" using a rule_id of type "machine learning"', async () => { await createRule(supertest, log, getSimpleRule('rule-1')); // patch a simple rule's type to machine learning @@ -90,8 +96,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutputWithoutRuleId(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should patch a single rule property of name using the auto-generated id', async () => { @@ -108,8 +116,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should not change the revision of a rule when it patches only enabled', async () => { @@ -125,9 +135,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.enabled = false; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should change the revision of a rule when it patches enabled and another property', async () => { @@ -145,9 +156,10 @@ export default ({ getService }: FtrProviderContext) => { outputRule.enabled = false; outputRule.severity = 'low'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should not change other properties when it does patches', async () => { @@ -174,9 +186,10 @@ export default ({ getService }: FtrProviderContext) => { outputRule.timeline_title = 'some title'; outputRule.timeline_id = 'some id'; outputRule.revision = 2; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should give a 404 if it is given a fake id', async () => { diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/patch_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules_bulk.ts similarity index 85% rename from x-pack/test/detection_engine_api_integration/basic/tests/patch_rules_bulk.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules_bulk.ts index 48407ba7df94b..cee298e8fca4e 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/patch_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules_bulk.ts @@ -8,29 +8,33 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_BULK_UPDATE } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createSignalsIndex, - deleteAllRules, getSimpleRule, getSimpleRuleOutput, removeServerGeneratedProperties, getSimpleRuleOutputWithoutRuleId, removeServerGeneratedPropertiesIncludingRuleId, + updateUsername, +} from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, createRule, deleteAllAlerts, -} from '../../utils'; +} from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('patch_rules_bulk', () => { + describe('@ess @serverless patch_rules_bulk', () => { describe('patch rules bulk', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -53,7 +57,8 @@ export default ({ getService }: FtrProviderContext) => { outputRule.name = 'some other name'; outputRule.revision = 1; const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + expect(bodyToCompare).to.eql(expectedRule); }); it('should patch two rule properties of name using the two rules rule_id', async () => { @@ -74,15 +79,17 @@ export default ({ getService }: FtrProviderContext) => { const outputRule1 = getSimpleRuleOutput(); outputRule1.name = 'some other name'; outputRule1.revision = 1; + const expectedRule1 = updateUsername(outputRule1, ELASTICSEARCH_USERNAME); const outputRule2 = getSimpleRuleOutput('rule-2'); outputRule2.name = 'some other name'; outputRule2.revision = 1; + const expectedRule2 = updateUsername(outputRule2, ELASTICSEARCH_USERNAME); const bodyToCompare1 = removeServerGeneratedProperties(body[0]); const bodyToCompare2 = removeServerGeneratedProperties(body[1]); - expect(bodyToCompare1).to.eql(outputRule1); - expect(bodyToCompare2).to.eql(outputRule2); + expect(bodyToCompare1).to.eql(expectedRule1); + expect(bodyToCompare2).to.eql(expectedRule2); }); it('should patch a single rule property of name using an id', async () => { @@ -99,8 +106,9 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should patch two rule properties of name using the two rules id', async () => { @@ -121,15 +129,17 @@ export default ({ getService }: FtrProviderContext) => { const outputRule1 = getSimpleRuleOutputWithoutRuleId('rule-1'); outputRule1.name = 'some other name'; outputRule1.revision = 1; + const expectedRule = updateUsername(outputRule1, ELASTICSEARCH_USERNAME); const outputRule2 = getSimpleRuleOutputWithoutRuleId('rule-2'); outputRule2.name = 'some other name'; outputRule2.revision = 1; + const expectedRule2 = updateUsername(outputRule2, ELASTICSEARCH_USERNAME); const bodyToCompare1 = removeServerGeneratedPropertiesIncludingRuleId(body[0]); const bodyToCompare2 = removeServerGeneratedPropertiesIncludingRuleId(body[1]); - expect(bodyToCompare1).to.eql(outputRule1); - expect(bodyToCompare2).to.eql(outputRule2); + expect(bodyToCompare1).to.eql(expectedRule); + expect(bodyToCompare2).to.eql(expectedRule2); }); it('should patch a single rule property of name using the auto-generated id', async () => { @@ -146,8 +156,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should not change the revision of a rule when it patches only enabled', async () => { @@ -163,9 +175,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.enabled = false; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should change the revision of a rule when it patches enabled and another property', async () => { @@ -183,9 +196,10 @@ export default ({ getService }: FtrProviderContext) => { outputRule.enabled = false; outputRule.severity = 'low'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should not change other properties when it does patches', async () => { @@ -212,9 +226,10 @@ export default ({ getService }: FtrProviderContext) => { outputRule.timeline_title = 'some title'; outputRule.timeline_id = 'some id'; outputRule.revision = 2; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should return a 200 but give a 404 in the message if it is given a fake id', async () => { @@ -269,10 +284,11 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); expect([bodyToCompare, body[1]]).to.eql([ - outputRule, + expectedRule, { error: { message: 'rule_id: "fake_id" not found', @@ -300,10 +316,11 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); expect([bodyToCompare, body[1]]).to.eql([ - outputRule, + expectedRule, { error: { message: 'id: "5096dec6-b6b9-4d8d-8f93-6c2602079d9d" not found', diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules.ts index 015175209fe23..edd84f6c86650 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules.ts @@ -17,16 +17,12 @@ import { RuleActionArray, RuleActionThrottle } from '@kbn/securitysolution-io-ts import { ExceptionListTypeEnum } from '@kbn/securitysolution-io-ts-list-types'; import { - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, getSimpleRuleOutputWithoutRuleId, getSimpleMlRuleOutput, - createRule, getSimpleMlRule, getSimpleRuleWithoutRuleId, removeUUIDFromActions, @@ -35,6 +31,12 @@ import { getSomeActionsWithFrequencies, updateUsername, } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + createRule, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_bulk.ts index 6b8bc2a7c24bf..e48a59391287c 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_bulk.ts @@ -13,15 +13,11 @@ import { Rule } from '@kbn/alerting-plugin/common'; import { BaseRuleParams } from '@kbn/security-solution-plugin/server/lib/detection_engine/rule_schema'; import { - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, removeServerGeneratedProperties, getSimpleRuleOutputWithoutRuleId, removeServerGeneratedPropertiesIncludingRuleId, - createRule, createLegacyRuleAction, getLegacyActionSO, getRuleSOById, @@ -31,6 +27,12 @@ import { getRuleSavedObjectWithLegacyInvestigationFields, checkInvestigationFieldSoValue, } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + createRule, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_ess.ts index be413c1a5ef9c..5efab4bb9e533 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/trial_license_complete_tier/patch_rules_ess.ts @@ -12,14 +12,10 @@ import { BaseRuleParams } from '@kbn/security-solution-plugin/server/lib/detecti import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, removeServerGeneratedProperties, createRuleThroughAlertingEndpoint, getRuleSavedObjectWithLegacyInvestigationFields, getRuleSavedObjectWithLegacyInvestigationFieldsEmptyArray, - createRule, getLegacyActionSO, getSimpleRuleOutput, updateUsername, @@ -27,6 +23,12 @@ import { getSimpleRule, checkInvestigationFieldSoValue, } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + createRule, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..e7421eb362996 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../config/ess/config.base.basic') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: 'Rules Management - Rule Read Integration Tests - ESS Env - Basic License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..a8827a68facac --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Rules Management - Rule Read Integration Tests - Serverless Env - Essentials Tier ', + }, +}); diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/find_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts similarity index 80% rename from x-pack/test/detection_engine_api_integration/basic/tests/find_rules.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts index 01ee932f60b1b..1810328dca64b 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/find_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts @@ -8,23 +8,24 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createRule, - deleteAllRules, getComplexRule, getComplexRuleOutput, getSimpleRule, getSimpleRuleOutput, removeServerGeneratedProperties, -} from '../../utils'; + updateUsername, +} from '../../../utils'; +import { createRule, deleteAllRules } from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext): void => { const supertest = getService('supertest'); const log = getService('log'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('find_rules', () => { + describe('@ess @serverless find_rules', () => { beforeEach(async () => { await deleteAllRules(supertest, log); }); @@ -57,8 +58,10 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); body.data = [removeServerGeneratedProperties(body.data[0])]; + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + expect(body).to.eql({ - data: [getSimpleRuleOutput()], + data: [expectedRule], page: 1, perPage: 20, total: 1, @@ -83,8 +86,9 @@ export default ({ getService }: FtrProviderContext): void => { .expect(200); body.data = [removeServerGeneratedProperties(body.data[0])]; + const expectedRule = updateUsername(getComplexRuleOutput(), ELASTICSEARCH_USERNAME); expect(body).to.eql({ - data: [getComplexRuleOutput()], + data: [expectedRule], page: 1, perPage: 20, total: 1, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/index.ts new file mode 100644 index 0000000000000..510d07b612492 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Rules Management - Rule Read APIs', function () { + loadTestFile(require.resolve('./read_rules')); + loadTestFile(require.resolve('./find_rules')); + }); +} diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/read_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts similarity index 79% rename from x-pack/test/detection_engine_api_integration/basic/tests/read_rules.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts index 839f5a15fe161..845c1ee4196aa 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/read_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts @@ -8,30 +8,34 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createRule, - createSignalsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, getSimpleRuleOutputWithoutRuleId, getSimpleRuleWithoutRuleId, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, -} from '../../utils'; + updateUsername, +} from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('read_rules', () => { + describe('@ess @serverless read_rules', () => { describe('reading rules', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -50,7 +54,9 @@ export default ({ getService }: FtrProviderContext) => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should be able to read a single rule using id', async () => { @@ -64,7 +70,9 @@ export default ({ getService }: FtrProviderContext) => { .expect(200); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(getSimpleRuleOutput()); + const expectedRule = updateUsername(getSimpleRuleOutput(), ELASTICSEARCH_USERNAME); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should be able to read a single rule with an auto-generated rule_id', async () => { @@ -78,7 +86,12 @@ export default ({ getService }: FtrProviderContext) => { .expect(200); const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); - expect(bodyToCompare).to.eql(getSimpleRuleOutputWithoutRuleId()); + const expectedRule = updateUsername( + getSimpleRuleOutputWithoutRuleId(), + ELASTICSEARCH_USERNAME + ); + + expect(bodyToCompare).to.eql(expectedRule); }); it('should return 404 if given a fake id', async () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts index 96e3b90013112..56b90a088f18a 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts @@ -12,8 +12,6 @@ import { } from '@kbn/core-http-common'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { - createRule, - deleteAllRules, getComplexRule, getComplexRuleOutput, getSimpleRule, @@ -22,6 +20,7 @@ import { updateUsername, removeServerGeneratedProperties, } from '../../../utils'; +import { createRule, deleteAllRules } from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules_ess.ts index 1155c99e9455d..ccebf86486879 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules_ess.ts @@ -15,9 +15,7 @@ import { UPDATE_OR_CREATE_LEGACY_ACTIONS, } from '@kbn/security-solution-plugin/common/constants'; import { - createRule, createRuleThroughAlertingEndpoint, - deleteAllRules, getSimpleRule, getSimpleRuleOutput, getWebHookAction, @@ -27,6 +25,7 @@ import { getRuleSavedObjectWithLegacyInvestigationFieldsEmptyArray, checkInvestigationFieldSoValue, } from '../../../utils'; +import { createRule, deleteAllRules } from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts index 8ac8fcec3744b..c76a4c5ef1dd7 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts @@ -8,10 +8,6 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, getSimpleRuleOutputWithoutRuleId, @@ -21,6 +17,12 @@ import { removeServerGeneratedPropertiesIncludingRuleId, updateUsername, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules_ess.ts index 5c6362d10eb60..78bbcadac71eb 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules_ess.ts @@ -13,10 +13,6 @@ import { UPDATE_OR_CREATE_LEGACY_ACTIONS, } from '@kbn/security-solution-plugin/common/constants'; import { - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRule, getSimpleRuleOutput, getWebHookAction, @@ -27,6 +23,12 @@ import { getRuleSavedObjectWithLegacyInvestigationFieldsEmptyArray, checkInvestigationFieldSoValue, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/resolve_read_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/resolve_read_rules.ts index d5c167b6a9d15..437517c7545a2 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/resolve_read_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/resolve_read_rules.ts @@ -9,7 +9,11 @@ import expect from '@kbn/expect'; import { ALERTING_CASES_SAVED_OBJECT_INDEX } from '@kbn/core-saved-objects-server'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { createAlertsIndex, deleteAllRules, deleteAllAlerts } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; const spaceId = '714-space'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts new file mode 100644 index 0000000000000..917ad5bbf6fa5 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/ess.config.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const functionalConfig = await readConfigFile( + require.resolve('../../../../../../config/ess/config.base.basic') + ); + + return { + ...functionalConfig.getAll(), + testFiles: [require.resolve('..')], + junit: { + reportName: 'Rules Management - Rule Update Integration Tests - ESS Env - Basic License', + }, + }; +} diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..4984e833902ab --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../../config/serverless/config.base.essentials'; + +export default createTestConfig({ + testFiles: [require.resolve('..')], + junit: { + reportName: + 'Rules Management - Rule Update Integration Tests - Serverless Env - Essentials Tier ', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/index.ts new file mode 100644 index 0000000000000..fe58f672777ba --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/index.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Rules Management - Rule Update APIs', function () { + loadTestFile(require.resolve('./update_rules_bulk')); + loadTestFile(require.resolve('./update_rules')); + }); +} diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/update_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts similarity index 86% rename from x-pack/test/detection_engine_api_integration/basic/tests/update_rules.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts index c9332cd41b4fb..38905d5176127 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/update_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts @@ -8,31 +8,35 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createSignalsIndex, - deleteAllRules, getSimpleRuleOutput, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, getSimpleRuleOutputWithoutRuleId, getSimpleRuleUpdate, getSimpleMlRuleUpdate, - createRule, getSimpleRule, + updateUsername, +} from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + createRule, deleteAllAlerts, -} from '../../utils'; +} from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('update_rules', () => { + describe('@ess @serverless update_rules', () => { describe('update rules', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -59,11 +63,13 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); - it('should return a 403 forbidden if it is a machine learning job', async () => { + it('@brokenInServerless should return a 403 forbidden if it is a machine learning job', async () => { await createRule(supertest, log, getSimpleRule('rule-1')); // update a simple rule's type to try to be a machine learning job type @@ -106,8 +112,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutputWithoutRuleId(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedPropertiesIncludingRuleId(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should update a single rule property of name using the auto-generated id', async () => { @@ -129,8 +137,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should change the revision of a rule when it updates enabled and another property', async () => { @@ -152,9 +162,10 @@ export default ({ getService }: FtrProviderContext) => { outputRule.enabled = false; outputRule.severity = 'low'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should change other properties when it does updates and effectively delete them such as timeline_title', async () => { @@ -186,9 +197,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 2; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should give a 404 if it is given a fake id', async () => { diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/update_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules_bulk.ts similarity index 86% rename from x-pack/test/detection_engine_api_integration/basic/tests/update_rules_bulk.ts rename to x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules_bulk.ts index ca4df7a4cd648..b92b62c37d721 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/update_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/basic_license_essentials_tier/update_rules_bulk.ts @@ -11,30 +11,34 @@ import { DETECTION_ENGINE_RULES_BULK_UPDATE, DETECTION_ENGINE_RULES_URL, } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; +import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { - createSignalsIndex, - deleteAllRules, getSimpleRuleOutput, removeServerGeneratedProperties, getSimpleRuleOutputWithoutRuleId, removeServerGeneratedPropertiesIncludingRuleId, getSimpleRuleUpdate, - createRule, getSimpleRule, + updateUsername, +} from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + createRule, deleteAllAlerts, -} from '../../utils'; +} from '../../../../../../common/utils/security_solution'; -// eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); const log = getService('log'); const es = getService('es'); + const config = getService('config'); + const ELASTICSEARCH_USERNAME = config.get('servers.kibana.username'); - describe('update_rules_bulk', () => { + describe('@ess @serverless update_rules_bulk', () => { describe('update rules bulk', () => { beforeEach(async () => { - await createSignalsIndex(supertest, log); + await createAlertsIndex(supertest, log); }); afterEach(async () => { @@ -59,8 +63,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should update two rule properties of name using the two rules rule_id', async () => { @@ -91,15 +97,17 @@ export default ({ getService }: FtrProviderContext) => { const outputRule1 = getSimpleRuleOutput(); outputRule1.name = 'some other name'; outputRule1.revision = 1; + const expectedRule = updateUsername(outputRule1, ELASTICSEARCH_USERNAME); const outputRule2 = getSimpleRuleOutput('rule-2'); outputRule2.name = 'some other name'; outputRule2.revision = 1; + const expectedRule2 = updateUsername(outputRule2, ELASTICSEARCH_USERNAME); const bodyToCompare1 = removeServerGeneratedProperties(body[0]); const bodyToCompare2 = removeServerGeneratedProperties(body[1]); - expect(bodyToCompare1).to.eql(outputRule1); - expect(bodyToCompare2).to.eql(outputRule2); + expect(bodyToCompare1).to.eql(expectedRule); + expect(bodyToCompare2).to.eql(expectedRule2); }); it('should update a single rule property of name using an id', async () => { @@ -121,8 +129,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should update two rule properties of name using the two rules id', async () => { @@ -150,15 +160,17 @@ export default ({ getService }: FtrProviderContext) => { const outputRule1 = getSimpleRuleOutputWithoutRuleId('rule-1'); outputRule1.name = 'some other name'; outputRule1.revision = 1; + const expectedRule = updateUsername(outputRule1, ELASTICSEARCH_USERNAME); const outputRule2 = getSimpleRuleOutputWithoutRuleId('rule-2'); outputRule2.name = 'some other name'; outputRule2.revision = 1; + const expectedRule2 = updateUsername(outputRule2, ELASTICSEARCH_USERNAME); const bodyToCompare1 = removeServerGeneratedPropertiesIncludingRuleId(body[0]); const bodyToCompare2 = removeServerGeneratedPropertiesIncludingRuleId(body[1]); - expect(bodyToCompare1).to.eql(outputRule1); - expect(bodyToCompare2).to.eql(outputRule2); + expect(bodyToCompare1).to.eql(expectedRule); + expect(bodyToCompare2).to.eql(expectedRule2); }); it('should update a single rule property of name using the auto-generated id', async () => { @@ -180,8 +192,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); + const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should change the revision of a rule when it updates enabled and another property', async () => { @@ -203,9 +217,10 @@ export default ({ getService }: FtrProviderContext) => { outputRule.enabled = false; outputRule.severity = 'low'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should change other properties when it does updates and effectively delete them such as timeline_title', async () => { @@ -237,9 +252,10 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 2; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); - expect(bodyToCompare).to.eql(outputRule); + expect(bodyToCompare).to.eql(expectedRule); }); it('should return a 200 but give a 404 in the message if it is given a fake id', async () => { @@ -307,10 +323,11 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); expect([bodyToCompare, body[1]]).to.eql([ - outputRule, + expectedRule, { error: { message: 'rule_id: "fake_id" not found', @@ -345,10 +362,11 @@ export default ({ getService }: FtrProviderContext) => { const outputRule = getSimpleRuleOutput(); outputRule.name = 'some other name'; outputRule.revision = 1; + const expectedRule = updateUsername(outputRule, ELASTICSEARCH_USERNAME); const bodyToCompare = removeServerGeneratedProperties(body[0]); expect([bodyToCompare, body[1]]).to.eql([ - outputRule, + expectedRule, { error: { message: 'id: "b3aa019a-656c-4311-b13b-4d9852e24347" not found', diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts index 4fe157e55efb9..a0e033e1b7a35 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/configs/serverless.config.ts @@ -9,7 +9,6 @@ import { createTestConfig } from '../../../../../../config/serverless/config.bas export default createTestConfig({ testFiles: [require.resolve('..')], junit: { - reportName: - 'Rules Management - Rule Update Integration Tests - Serverless Env - Complete License', + reportName: 'Rules Management - Rule Update Integration Tests - Serverless Env - Complete Tier', }, }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules.ts index 94d2742ba3587..b341be9379914 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules.ts @@ -16,9 +16,6 @@ import { RuleActionArray, RuleActionThrottle } from '@kbn/securitysolution-io-ts import { ExceptionListTypeEnum } from '@kbn/securitysolution-io-ts-list-types'; import { - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRuleOutput, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, @@ -28,7 +25,6 @@ import { getSimpleRuleUpdate, getSimpleMlRuleUpdate, getSimpleSavedQueryRule, - createRule, getSimpleRule, getThresholdRuleForAlertTesting, getSimpleRuleWithoutRuleId, @@ -38,6 +34,12 @@ import { getActionsWithoutFrequencies, getSomeActionsWithFrequencies, } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + createRule, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_bulk.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_bulk.ts index 85a0daabfe861..d0f957149efc2 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_bulk.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_bulk.ts @@ -19,13 +19,9 @@ import { import { ExceptionListTypeEnum } from '@kbn/securitysolution-io-ts-list-types'; import { RuleActionArray, RuleActionThrottle } from '@kbn/securitysolution-io-ts-alerting-types'; import { - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSimpleRuleOutput, removeServerGeneratedProperties, getSimpleRuleUpdate, - createRule, getSimpleRule, createLegacyRuleAction, getLegacyActionSO, @@ -42,6 +38,12 @@ import { getSomeActionsWithFrequencies, updateUsername, } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + createRule, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_ess.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_ess.ts index 8f01ea1d01105..12303e53f8cc2 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_ess.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_update/trial_license_complete_tier/update_rules_ess.ts @@ -11,14 +11,10 @@ import { BaseRuleParams } from '@kbn/security-solution-plugin/server/lib/detecti import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, removeServerGeneratedProperties, removeServerGeneratedPropertiesIncludingRuleId, getSimpleRuleOutputWithoutRuleId, getSimpleRuleUpdate, - createRule, getSimpleRule, createLegacyRuleAction, getLegacyActionSO, @@ -28,6 +24,12 @@ import { getRuleSavedObjectWithLegacyInvestigationFieldsEmptyArray, updateUsername, } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + createRule, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/all_types.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/all_types.ts index 64b4897dbc8a3..adaed08158794 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/all_types.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/all_types.ts @@ -7,13 +7,12 @@ import expect from '@kbn/expect'; +import { getSecurityTelemetryStats, removeTimeFieldsFromTelemetryStats } from '../../../utils'; import { createAlertsIndex, deleteAllRules, deleteAllAlerts, - getSecurityTelemetryStats, - removeTimeFieldsFromTelemetryStats, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { deleteAllExceptions } from '../../../../lists_and_exception_lists/utils'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/detection_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/detection_rules.ts index 069484a338b3b..48f8be9a3d2c5 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/detection_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/detection_rules.ts @@ -11,18 +11,20 @@ import expect from '@kbn/expect'; import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; import { ELASTIC_SECURITY_RULE_ID } from '@kbn/security-solution-plugin/common'; import { - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, fetchRule, - getRuleForAlertTesting, installMockPrebuiltRules, getSecurityTelemetryStats, createExceptionList, createExceptionListItem, removeTimeFieldsFromTelemetryStats, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + getRuleForAlertTesting, +} from '../../../../../../common/utils/security_solution'; import { deleteAllExceptions } from '../../../../lists_and_exception_lists/utils'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/security_lists.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/security_lists.ts index 3a4e8cb4c3ea3..088016d868caa 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/security_lists.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/task_based/security_lists.ts @@ -12,14 +12,16 @@ import { ENDPOINT_TRUSTED_APPS_LIST_ID, } from '@kbn/securitysolution-list-constants'; import { - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getSecurityTelemetryStats, createExceptionListItem, createExceptionList, removeTimeFieldsFromTelemetryStats, } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; import { deleteAllExceptions } from '../../../../lists_and_exception_lists/utils'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/all_types.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/all_types.ts index 93e16cefa19ff..a3f893fff8aa9 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/all_types.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/all_types.ts @@ -8,7 +8,13 @@ import expect from '@kbn/expect'; import { getInitialDetectionMetrics } from '@kbn/security-solution-plugin/server/usage/detections/get_initial_usage'; -import { createAlertsIndex, deleteAllRules, deleteAllAlerts, getStats } from '../../../utils'; +import { getStats } from '../../../utils'; +import { + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, +} from '../../../../../../common/utils/security_solution'; + import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_status.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_status.ts index 6007c3d37c6dc..317956d5b7dcd 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_status.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_status.ts @@ -20,20 +20,22 @@ import { getInitialSingleEventLogUsage, getInitialSingleEventMetric, } from '@kbn/security-solution-plugin/server/usage/detections/rules/get_initial_usage'; +import { + getEqlRuleForAlertTesting, + getSimpleThreatMatch, + getStats, + getThresholdRuleForAlertTesting, + deleteAllEventLogExecutionEvents, +} from '../../../utils'; import { createRule, createAlertsIndex, deleteAllRules, deleteAllAlerts, - getEqlRuleForAlertTesting, getRuleForAlertTesting, - getSimpleThreatMatch, - getStats, - getThresholdRuleForAlertTesting, waitForRuleSuccess, waitForAlertsToBePresent, - deleteAllEventLogExecutionEvents, -} from '../../../utils'; +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules.ts index b81ced41b2511..2772b3ebde34e 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules.ts @@ -17,13 +17,8 @@ import { RulesTypeUsage } from '@kbn/security-solution-plugin/server/usage/detec import { createLegacyRuleAction, createWebHookRuleAction, - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getEqlRuleForAlertTesting, fetchRule, - getRuleForAlertTesting, getRuleWithWebHookAction, getSimpleMlRule, getSimpleRule, @@ -31,14 +26,21 @@ import { getStats, getThresholdRuleForAlertTesting, installMockPrebuiltRules, - waitForRuleSuccess, - waitForAlertsToBePresent, updateRule, deleteAllEventLogExecutionEvents, getRuleSavedObjectWithLegacyInvestigationFields, getRuleSavedObjectWithLegacyInvestigationFieldsEmptyArray, createRuleThroughAlertingEndpoint, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + waitForRuleSuccess, + waitForAlertsToBePresent, + getRuleForAlertTesting, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules_legacy_action.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules_legacy_action.ts index b0e40253bb8c2..e34ee9c2005ef 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules_legacy_action.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rules_legacy_action.ts @@ -17,13 +17,8 @@ import { RulesTypeUsage } from '@kbn/security-solution-plugin/server/usage/detec import { createLegacyRuleAction, createWebHookRuleAction, - createRule, - createAlertsIndex, - deleteAllRules, - deleteAllAlerts, getEqlRuleForAlertTesting, fetchRule, - getRuleForAlertTesting, getRuleWithWebHookAction, getSimpleMlRule, getSimpleRule, @@ -31,11 +26,18 @@ import { getStats, getThresholdRuleForAlertTesting, installMockPrebuiltRules, - waitForRuleSuccess, - waitForAlertsToBePresent, updateRule, deleteAllEventLogExecutionEvents, } from '../../../utils'; +import { + createRule, + createAlertsIndex, + deleteAllRules, + deleteAllAlerts, + getRuleForAlertTesting, + waitForRuleSuccess, + waitForAlertsToBePresent, +} from '../../../../../../common/utils/security_solution'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_open_alerts.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_open_alerts.ts index 26e2459d7e2a3..66370e6236bf9 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_open_alerts.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/get_open_alerts.ts @@ -14,9 +14,8 @@ import { } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_monitoring'; import type { RuleResponse } from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { waitForRuleStatus } from '../rules'; import { refreshIndex } from '..'; -import { getAlertsByIds } from './get_alerts_by_ids'; +import { getAlertsByIds, waitForRuleStatus } from '../../../../../common/utils/security_solution'; export const getOpenAlerts = async ( supertest: SuperTest.SuperTest, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/index.ts index 867f85653ef4f..2dba313d1bbcf 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/index.ts @@ -5,19 +5,12 @@ * 2.0. */ -export * from './create_alerts_index'; -export * from './delete_all_alerts'; export * from './wait_for_alert_to_complete'; -export * from './wait_for_alerts_to_be_present'; export * from './wait_for_alert_to_complete'; export * from './get_open_alerts'; -export * from './get_alerts_by_ids'; -export * from './get_query_alerts_ids'; -export * from './get_alerts_by_id'; export * from './remove_random_valued_properties_from_alert'; export * from './set_alert_status'; export * from './get_alert_status_empty_response'; -export * from './get_query_alert_ids'; export * from './set_alert_tags'; export * from './get_preview_alerts'; export * from './get_alert_status'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alert_to_complete.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alert_to_complete.ts index fc71c7fa50aaf..7d942198bc0d5 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alert_to_complete.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/alerts/wait_for_alert_to_complete.ts @@ -8,7 +8,7 @@ import type { ToolingLog } from '@kbn/tooling-log'; import type SuperTest from 'supertest'; -import { waitFor } from '../wait_for'; +import { waitFor } from '../../../../../common/utils/security_solution'; export const waitForAlertToComplete = async ( supertest: SuperTest.SuperTest, diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_es.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_es.ts index cfbcafbc06cb6..a5dfc937e4c35 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_es.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_es.ts @@ -7,7 +7,7 @@ import type { TransportResult } from '@elastic/elasticsearch'; import type { ToolingLog } from '@kbn/tooling-log'; -import { countDownTest } from './count_down_test'; +import { countDownTest } from '../../../../common/utils/security_solution'; /** * Does a plain countdown and checks against es queries for either conflicts in the error diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_test.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_test.ts deleted file mode 100644 index 39292a9cbbbb7..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/count_down_test.ts +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { ToolingLog } from '@kbn/tooling-log'; - -/** - * Does a plain countdown and checks against a boolean to determine if to wait and try again. - * This is useful for over the wire things that can cause issues such as conflict or timeouts - * for testing resiliency. - * @param functionToTest The function to test against - * @param name The name of the function to print if we encounter errors - * @param log The tooling logger - * @param retryCount The number of times to retry before giving up (has default) - * @param timeoutWait Time to wait before trying again (has default) - */ -export const countDownTest = async ( - functionToTest: () => Promise<{ - passed: boolean; - returnValue?: T | undefined; - errorMessage?: string; - }>, - name: string, - log: ToolingLog, - retryCount: number = 50, - timeoutWait = 250, - ignoreThrow: boolean = false -): Promise => { - if (retryCount > 0) { - try { - const testReturn = await functionToTest(); - if (!testReturn.passed) { - const error = testReturn.errorMessage != null ? ` error: ${testReturn.errorMessage},` : ''; - log.error(`Failure trying to ${name},${error} retries left are: ${retryCount - 1}`); - // retry, counting down, and delay a bit before - await new Promise((resolve) => setTimeout(resolve, timeoutWait)); - const returnValue = await countDownTest( - functionToTest, - name, - log, - retryCount - 1, - timeoutWait, - ignoreThrow - ); - return returnValue; - } else { - return testReturn.returnValue; - } - } catch (err) { - if (ignoreThrow) { - throw err; - } else { - log.error( - `Failure trying to ${name}, with exception message of: ${ - err.message - }, retries left are: ${retryCount - 1}` - ); - // retry, counting down, and delay a bit before - await new Promise((resolve) => setTimeout(resolve, timeoutWait)); - const returnValue = await countDownTest( - functionToTest, - name, - log, - retryCount - 1, - timeoutWait, - ignoreThrow - ); - return returnValue; - } - } - } else { - log.error(`Could not ${name}, no retries are left`); - return undefined; - } -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/wait_for_event_log_execute_complete.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/wait_for_event_log_execute_complete.ts index 58ac05c9ee3df..584fddced9db6 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/wait_for_event_log_execute_complete.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/event_log/wait_for_event_log_execute_complete.ts @@ -8,7 +8,7 @@ import type { ToolingLog } from '@kbn/tooling-log'; import type { Client } from '@elastic/elasticsearch'; -import { waitFor } from '../wait_for'; +import { waitFor } from '../../../../../common/utils/security_solution'; import { getEventLogExecuteCompleteById } from './get_event_log_execute_complete_by_id'; /** diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_endpoint_entries.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_endpoint_entries.ts index 9c48f80019c4e..7541514448b5c 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_endpoint_entries.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_endpoint_entries.ts @@ -16,7 +16,7 @@ import type { import { EXCEPTION_LIST_ITEM_URL } from '@kbn/securitysolution-list-constants'; import { createExceptionListItem } from '../item/create_exception_list_item'; -import { waitFor } from '../../wait_for'; +import { waitFor } from '../../../../../../common/utils/security_solution'; import { createExceptionList } from './create_exception_list'; /** diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_entries.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_entries.ts index dba2a1e1e3276..973e0d1962a75 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_entries.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/exception_list_and_item/list/create_container_with_entries.ts @@ -13,7 +13,7 @@ import type { ListArray, NonEmptyEntriesArray } from '@kbn/securitysolution-io-t import { EXCEPTION_LIST_ITEM_URL } from '@kbn/securitysolution-list-constants'; import { createExceptionList } from './create_exception_list'; import { createExceptionListItem } from '../item/create_exception_list_item'; -import { waitFor } from '../../wait_for'; +import { waitFor } from '../../../../../../common/utils/security_solution'; /** * Convenience testing function where you can pass in just the endpoint entries and you will diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/index.ts index 415569827b85d..d51fce39e3410 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/index.ts @@ -15,12 +15,9 @@ export * from './machine_learning'; export * from './binary_to_string'; export * from './get_index_name_from_load'; -export * from './count_down_test'; export * from './count_down_es'; export * from './update_username'; export * from './refresh_index'; -export * from './wait_for'; -export * from './route_with_namespace'; export * from './wait_for_index_to_populate'; export * from './get_stats'; export * from './get_detection_metrics_from_body'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/route_with_namespace.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/route_with_namespace.ts deleted file mode 100644 index 07e5c4a8049e2..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/route_with_namespace.ts +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/** - * Generates a route string with an optional namespace. - * @param route the route string - * @param namespace [optional] the namespace to account for in the route - */ -export const routeWithNamespace = (route: string, namespace?: string) => - namespace ? `/s/${namespace}${route}` : route; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_exception_entries.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_exception_entries.ts index ea608c48e7b8b..ca2a8129b7713 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_exception_entries.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/create_rule_with_exception_entries.ts @@ -18,7 +18,7 @@ import { createContainerWithEntries, createContainerWithEndpointEntries, } from '../exception_list_and_item'; -import { createRule } from './create_rule'; +import { createRule } from '../../../../../common/utils/security_solution'; /** * Convenience testing function where you can pass in just the entries and you will diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/delete_rule.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/delete_rule.ts deleted file mode 100644 index f4eff397aba0b..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/delete_rule.ts +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type SuperTest from 'supertest'; -import type { RuleResponse } from '@kbn/security-solution-plugin/common/api/detection_engine'; - -import { DETECTION_ENGINE_RULES_URL } from '@kbn/security-solution-plugin/common/constants'; - -/** - * Helper to cut down on the noise in some of the tests. Does a delete of a rule. - * It does not check for a 200 "ok" on this. - * @param supertest The supertest deps - * @param ruleId The rule id to delete - */ -export const deleteRule = async ( - supertest: SuperTest.SuperTest, - ruleId: string -): Promise => { - const response = await supertest - .delete(`${DETECTION_ENGINE_RULES_URL}?rule_id=${ruleId}`) - .set('kbn-xsrf', 'true') - .set('elastic-api-version', '2023-10-31') - .expect(200); - - return response.body; -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_eql_rule_for_alert_testing.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_eql_rule_for_alert_testing.ts index b8253e0f9afec..a371250dfc36b 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_eql_rule_for_alert_testing.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_eql_rule_for_alert_testing.ts @@ -6,7 +6,7 @@ */ import type { EqlRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { getRuleForAlertTesting } from './get_rule_for_alert_testing'; +import { getRuleForAlertTesting } from '../../../../../common/utils/security_solution'; /** * This is a typical alert testing rule that is easy for most basic testing of output of EQL alerts. diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_saved_query_rule_for_alert_testing.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_saved_query_rule_for_alert_testing.ts index 01feea137efb6..b83f728d980e1 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_saved_query_rule_for_alert_testing.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_saved_query_rule_for_alert_testing.ts @@ -6,7 +6,7 @@ */ import type { SavedQueryRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { getRuleForAlertTesting } from './get_rule_for_alert_testing'; +import { getRuleForAlertTesting } from '../../../../../common/utils/security_solution'; /** * This is a typical alert testing rule that is easy for most basic testing of output of Saved Query alerts. diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threat_match_rule_for_alert_testing.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threat_match_rule_for_alert_testing.ts index 5537929033dfd..638b951e539d2 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threat_match_rule_for_alert_testing.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threat_match_rule_for_alert_testing.ts @@ -6,7 +6,7 @@ */ import type { ThreatMatchRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { getRuleForAlertTesting } from './get_rule_for_alert_testing'; +import { getRuleForAlertTesting } from '../../../../../common/utils/security_solution'; /** * This is a typical alert testing rule that is easy for most basic testing of output of Threat Match alerts. diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threshold_rule_for_alert_testing.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threshold_rule_for_alert_testing.ts index a64aa04981c3a..b834f48d8b006 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threshold_rule_for_alert_testing.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/get_threshold_rule_for_alert_testing.ts @@ -6,7 +6,7 @@ */ import type { ThresholdRuleCreateProps } from '@kbn/security-solution-plugin/common/api/detection_engine'; -import { getRuleForAlertTesting } from './get_rule_for_alert_testing'; +import { getRuleForAlertTesting } from '../../../../../common/utils/security_solution'; /** * This is a typical signal testing rule that is easy for most basic testing of output of Threshold alerts. diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts index 501a5579fbfde..7888dd6e9ef33 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/rules/index.ts @@ -5,22 +5,18 @@ * 2.0. */ export * from './create_legacy_rule_action'; -export * from './create_rule'; export * from './create_rule_with_exception_entries'; export * from './create_rule_saved_object'; export * from './create_rule_with_auth'; export * from './create_non_security_rule'; export * from './check_investigation_field_in_so'; export * from './downgrade_immutable_rule'; -export * from './delete_all_rules'; -export * from './delete_rule'; export * from './fetch_rule'; export * from './find_immutable_rule_by_id'; export * from './get_simple_rule'; export * from './get_rule_params'; export * from './get_simple_rule_output'; export * from './get_simple_rule_update'; -export * from './get_rule_for_alert_testing'; export * from './get_threshold_rule_for_alert_testing'; export * from './get_rule_actions'; export * from './get_eql_rule_for_alert_testing'; @@ -52,7 +48,6 @@ export * from './remove_server_generated_properties'; export * from './remove_server_generated_properties_including_rule_id'; export * from './rule_to_update_schema'; export * from './update_rule'; -export * from './wait_for_rule_status'; export * from './get_rules_as_ndjson'; export * from './get_simple_rule_as_ndjson'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for_index_to_populate.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for_index_to_populate.ts index ceba42efd1793..41d78f9986a26 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for_index_to_populate.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for_index_to_populate.ts @@ -7,7 +7,7 @@ import type { ToolingLog } from '@kbn/tooling-log'; import type { Client } from '@elastic/elasticsearch'; -import { waitFor } from './wait_for'; +import { waitFor } from '../../../../common/utils/security_solution'; /** * Waits for the given index to contain documents diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_calculation.ts b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_calculation.ts index fe1c3df4af77c..6bc6230ad3a1f 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_calculation.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_calculation.ts @@ -11,11 +11,8 @@ import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; import { RISK_SCORE_CALCULATION_URL } from '@kbn/security-solution-plugin/common/constants'; import type { RiskScore } from '@kbn/security-solution-plugin/common/entity_analytics/risk_engine'; import { v4 as uuidv4 } from 'uuid'; -import { - deleteAllAlerts, - deleteAllRules, - dataGeneratorFactory, -} from '../../../detections_response/utils'; +import { dataGeneratorFactory } from '../../../detections_response/utils'; +import { deleteAllAlerts, deleteAllRules } from '../../../../../common/utils/security_solution'; import { buildDocument, createAndSyncRuleAndAlertsFactory, diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts index bfb415bac02a8..0577a1ac6d365 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_score_preview.ts @@ -11,12 +11,12 @@ import { RISK_SCORE_PREVIEW_URL } from '@kbn/security-solution-plugin/common/con import type { RiskScore } from '@kbn/security-solution-plugin/common/entity_analytics/risk_engine'; import { v4 as uuidv4 } from 'uuid'; import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common'; +import { dataGeneratorFactory } from '../../../detections_response/utils'; import { createAlertsIndex, deleteAllAlerts, deleteAllRules, - dataGeneratorFactory, -} from '../../../detections_response/utils'; +} from '../../../../../common/utils/security_solution'; import { assetCriticalityRouteHelpersFactory, buildDocument, diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution.ts b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution.ts index b735852886a7d..795cd8fd067dc 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution.ts @@ -7,11 +7,8 @@ import expect from '@kbn/expect'; import { v4 as uuidv4 } from 'uuid'; -import { - deleteAllAlerts, - deleteAllRules, - dataGeneratorFactory, -} from '../../../../detections_response/utils'; +import { dataGeneratorFactory } from '../../../../detections_response/utils'; +import { deleteAllRules, deleteAllAlerts } from '../../../../../../common/utils/security_solution'; import { buildDocument, createAndSyncRuleAndAlertsFactory, diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution_nondefault_spaces.ts b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution_nondefault_spaces.ts index d869fae2f3f95..f61e64ba89bbf 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution_nondefault_spaces.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution_nondefault_spaces.ts @@ -7,11 +7,8 @@ import expect from '@kbn/expect'; import { v4 as uuidv4 } from 'uuid'; -import { - deleteAllAlerts, - deleteAllRules, - dataGeneratorFactory, -} from '../../../../detections_response/utils'; +import { dataGeneratorFactory } from '../../../../detections_response/utils'; +import { deleteAllRules, deleteAllAlerts } from '../../../../../../common/utils/security_solution'; import { buildDocument, createAndSyncRuleAndAlertsFactory, diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/telemetry_usage.ts b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/telemetry_usage.ts index f68a8c1dd3e60..78fabff6d22f1 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/telemetry_usage.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/telemetry_usage.ts @@ -7,11 +7,8 @@ import expect from '@kbn/expect'; import { v4 as uuidv4 } from 'uuid'; -import { - deleteAllRules, - deleteAllAlerts, - dataGeneratorFactory, -} from '../../../detections_response/utils'; +import { dataGeneratorFactory } from '../../../detections_response/utils'; +import { deleteAllRules, deleteAllAlerts } from '../../../../../common/utils/security_solution'; import { buildDocument, createAndSyncRuleAndAlertsFactory, diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts index 6abcb908f6083..acbccafee967f 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/asset_criticality.ts @@ -19,7 +19,7 @@ import type { AssetCriticalityRecord } from '@kbn/security-solution-plugin/commo import type { Client } from '@elastic/elasticsearch'; import type { ToolingLog } from '@kbn/tooling-log'; import querystring from 'querystring'; -import { routeWithNamespace, waitFor } from '../../detections_response/utils'; +import { routeWithNamespace, waitFor } from '../../../../common/utils/security_solution'; export const getAssetCriticalityIndex = (namespace?: string) => `.asset-criticality.asset-criticality-${namespace ?? 'default'}`; diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/risk_engine.ts b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/risk_engine.ts index e8ff2d4e10240..4583d9d6c6772 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/risk_engine.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/utils/risk_engine.ts @@ -35,7 +35,7 @@ import { countDownTest, waitFor, routeWithNamespace, -} from '../../detections_response/utils'; +} from '../../../../common/utils/security_solution'; const sanitizeScore = (score: Partial): Partial => { const { diff --git a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/utils.ts b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/utils.ts index be05bb5a47518..d45a77be0840b 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/utils.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/utils.ts @@ -33,7 +33,7 @@ import { ToolingLog } from '@kbn/tooling-log'; import { getImportListItemAsBuffer } from '@kbn/lists-plugin/common/schemas/request/import_list_item_schema.mock'; import { encodeHitVersion } from '@kbn/securitysolution-es-utils'; -import { countDownTest } from '../detections_response/utils'; +import { countDownTest } from '../../../common/utils/security_solution'; /** * Creates the lists and lists items index for use inside of beforeEach blocks of tests diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/import_timelines.ts b/x-pack/test/timeline/security_and_spaces/tests/basic/import_timelines.ts similarity index 99% rename from x-pack/test/detection_engine_api_integration/basic/tests/import_timelines.ts rename to x-pack/test/timeline/security_and_spaces/tests/basic/import_timelines.ts index a1c34b51e12d5..4c9b82f0825cc 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/import_timelines.ts +++ b/x-pack/test/timeline/security_and_spaces/tests/basic/import_timelines.ts @@ -9,8 +9,8 @@ import expect from '@kbn/expect'; import { TIMELINE_IMPORT_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { deleteAllTimelines } from '../../utils'; +import { FtrProviderContext } from '../../../common/ftr_provider_context'; +import { deleteAllTimelines } from '../../../utils'; // eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext): void => { diff --git a/x-pack/test/detection_engine_api_integration/basic/tests/install_prepackaged_timelines.ts b/x-pack/test/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts similarity index 87% rename from x-pack/test/detection_engine_api_integration/basic/tests/install_prepackaged_timelines.ts rename to x-pack/test/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts index 6047bc21d0c39..fddc9317dcff9 100644 --- a/x-pack/test/detection_engine_api_integration/basic/tests/install_prepackaged_timelines.ts +++ b/x-pack/test/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts @@ -8,14 +8,8 @@ import expect from '@kbn/expect'; import { TIMELINE_PREPACKAGED_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { - createSignalsIndex, - deleteAllRules, - deleteAllTimelines, - deleteAllAlerts, - waitFor, -} from '../../utils'; +import { FtrProviderContext } from '../../../common/ftr_provider_context'; +import { deleteAllTimelines, waitFor } from '../../../utils'; // eslint-disable-next-line import/no-default-export export default ({ getService }: FtrProviderContext): void => { @@ -25,13 +19,7 @@ export default ({ getService }: FtrProviderContext): void => { describe('install_prepackaged_timelines', () => { describe('creating prepackaged rules', () => { - beforeEach(async () => { - await createSignalsIndex(supertest, log); - }); - afterEach(async () => { - await deleteAllAlerts(supertest, log, es); - await deleteAllRules(supertest, log); await deleteAllTimelines(es); }); diff --git a/x-pack/test/detection_engine_api_integration/utils/delete_all_timelines.ts b/x-pack/test/timeline/utils/delete_all_timelines.ts similarity index 100% rename from x-pack/test/detection_engine_api_integration/utils/delete_all_timelines.ts rename to x-pack/test/timeline/utils/delete_all_timelines.ts diff --git a/x-pack/test/detection_engine_api_integration/basic/config.ts b/x-pack/test/timeline/utils/index.ts similarity index 53% rename from x-pack/test/detection_engine_api_integration/basic/config.ts rename to x-pack/test/timeline/utils/index.ts index 26fdc62e0ec52..d43b824d2b428 100644 --- a/x-pack/test/detection_engine_api_integration/basic/config.ts +++ b/x-pack/test/timeline/utils/index.ts @@ -5,13 +5,5 @@ * 2.0. */ -import { createTestConfig } from '../common/config'; - -// eslint-disable-next-line import/no-default-export -export default createTestConfig( - { - license: 'basic', - ssl: true, - }, - [require.resolve('./tests')] -); +export * from './delete_all_timelines'; +export * from './wait_for'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for.ts b/x-pack/test/timeline/utils/wait_for.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/detections_response/utils/wait_for.ts rename to x-pack/test/timeline/utils/wait_for.ts