Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Skip all Detection & Response Cypress tests in Serverless #165966

Merged
merged 4 commits into from
Sep 9, 2023
Merged

[Security Solution] Skip all Detection & Response Cypress tests in Serverless #165966

merged 4 commits into from
Sep 9, 2023

Conversation

banderror
Copy link
Contributor

@banderror banderror commented Sep 7, 2023
edited
Loading

Resolves: #164441

Summary

Skips all Cypress tests owned by @elastic/security-detection-rule-management and @elastic/security-detection-engine teams in Serverless using the new @skipInServerless tag.

  • Adds a new @skipInServerless tag
  • Updates x-pack/test/security_solution_cypress/cypress/README.md to explain when to use what tags
  • Explicitly adds missing tags to all D&R tests
  • Adds // TODO: comments to tests with links to follow-up tickets
  • Fixes the x-pack/plugins/security_solution/scripts/run_cypress/parallel.ts script (see below)

Follow-up work:

Context

Serverless test failures will soon block PR merge

During the development of the serverless test infrastructure, we decided that serverless tests will only soft-fail. That means you see the test failure in your PR but you're still able to merge. We did that mainly in order to not block delivery of stateful features and bug fixes while serverless tests and pipelines were implemented and stabilized.
We now have the major building blocks for the serverless test infrastructure in place and will integrate serverless tests in our regular pipelines. As part of this process, we're skipping failing and flaky serverless tests that came in during the soft-fail phase. Once this is done, a PR with serverless test failures can no longer be merged, similar to how we have it for stateful test failures.

We plan to merge this in the next few days and we'll send out another notification when it's done.

Fixing parallel.ts

There were two problems with the x-pack/plugins/security_solution/scripts/run_cypress/parallel.ts script we use for running Cypress tests:

Both the issues are fixed in this PR.

Code owners are added for this script in the CODEOWNERS file to prevent breaking this script in future PRs.

@banderror banderror added test technical debt Improvement of the software architecture and operational architecture release_note:skip Skip the PR/issue when compiling release notes test-failure-flaky Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Team:Detection Engine Security Solution Detection Engine Area v8.11.0 labels Sep 7, 2023
@banderror banderror self-assigned this Sep 7, 2023
@banderror banderror requested review from a team as code owners September 7, 2023 12:27
@banderror banderror requested a review from xcrzx September 7, 2023 12:27
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@banderror banderror requested review from maximpn, yctercero, WafaaNasr and MadameSheema and removed request for xcrzx September 7, 2023 12:29
@banderror banderror force-pushed the skip-detection-and-response-serverless-cypress-tests branch from b385328 to 0c7d76b Compare September 7, 2023 12:33
@banderror banderror requested a review from a team as a code owner September 7, 2023 13:24
@banderror banderror force-pushed the skip-detection-and-response-serverless-cypress-tests branch 4 times, most recently from 90c3bfc to ef8562a Compare September 8, 2023 11:57
@banderror banderror marked this pull request as draft September 8, 2023 12:02
@banderror banderror force-pushed the skip-detection-and-response-serverless-cypress-tests branch from ef8562a to c181eef Compare September 8, 2023 15:15
@banderror banderror requested a review from oatkiller September 8, 2023 15:26
banderror
banderror commented Sep 8, 2023
View reviewed changes
.github/CODEOWNERS
@@ -1316,6 +1316,7 @@ x-pack/test/security_solution_cypress/config.ts @elastic/security-engineering-pr
x-pack/test/security_solution_cypress/runner.ts @elastic/security-engineering-productivity
x-pack/test/security_solution_cypress/serverless_config.ts @elastic/security-engineering-productivity
x-pack/test/security_solution_cypress/cypress/tags.ts @elastic/security-engineering-productivity
x-pack/plugins/security_solution/scripts/run_cypress @MadameSheema @patrykkopycinski @oatkiller @maximpn @banderror
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FYI @MadameSheema @patrykkopycinski @oatkiller @maximpn

See the PR description for motivation.

banderror
banderror commented Sep 8, 2023
View reviewed changes
x-pack/test/security_solution_cypress/package.json
@@ -19,7 +19,7 @@
"junit:transform": "node ../../plugins/security_solution/scripts/junit_transformer --pathPattern '../../../target/kibana-security-solution/cypress/results/*.xml' --rootDirectory ../../../ --reportName 'Security Solution Cypress' --writeInPlace",
"cypress:serverless": "TZ=UTC node ../../plugins/security_solution/scripts/start_cypress_parallel --config-file ../../test/security_solution_cypress/cypress/cypress_ci_serverless.config.ts --ftr-config-file ../../test/security_solution_cypress/serverless_config",
"cypress:open:serverless": "yarn cypress:serverless open --config-file ../../test/security_solution_cypress/cypress/cypress_serverless.config.ts --spec './cypress/e2e/**/*.cy.ts'",
"cypress:run:serverless": "yarn cypress:serverless --spec '**/cypress/e2e/!(investigations|explore)/**/*.cy.ts'",
"cypress:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/!(investigations|explore)/**/*.cy.ts'",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also changed the pattern because it doesn't seem we need to support any nested subfolder structures which could be supported by **

@banderror banderror marked this pull request as ready for review September 8, 2023 15:40
@maximpn
Copy link
Contributor

maximpn commented Sep 8, 2023

@elasticmachine merge upstream

yctercero
yctercero reviewed Sep 8, 2023
View reviewed changes
x-pack/test/security_solution_cypress/cypress/README.md
- `@serverless` includes a test in the Serverless test suite. You need to explicitly add this tag to any test you want to run against a Serverless environment.
- `@ess` includes a test in the normal, non-Serverless test suite. You need to explicitly add this tag to any test you want to run against a non-Serverless environment.
- `@brokenInServerless` excludes a test from the Serverless test suite (even if it's tagged as `@serverless`). Indicates that a test should run in Serverless, but currently is broken.
- `@skipInServerless` excludes a test from the Serverless test suite (even if it's tagged as `@serverless`). Could indicate many things, e.g. "the test is flaky in Serverless", "the test is Flaky in any type of environemnt", "the test has been temporarily excluded, see the comment above why".
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we add @skipInEss? If we need to skip for ESS right now we have to skip for all right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@yctercero This is a good point. I think we will need this tag eventually. And yes, if we need to skip for ESS right now we have to skip for all.

I'm not sure about adding it now because I think that "now we have to skip for all" is exactly what we should be doing now. Until we basically eliminate flakiness in our tests, we should treat a flaky test in ESS as being in general not yet fixed. Then, when we can say something like "ok, the rule creation Cypress tests have been all fixed and not flaky anymore in ESS and Serverless", then we could start skipping them in either environment if flakiness ever occurs again.

MadameSheema
MadameSheema approved these changes Sep 8, 2023
View reviewed changes
Copy link
Member

@MadameSheema MadameSheema left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-engineering-productivity changes LGTM!!

Lots of thanks for doing this effort 🙏

yctercero
yctercero approved these changes Sep 8, 2023
View reviewed changes
Copy link
Contributor

@yctercero yctercero left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - thanks for the changes! Ready to help with the next step of re-enabling these for DE.

@banderror
Copy link
Contributor Author

banderror commented Sep 8, 2023
edited
Loading

Most of the tests passed in https://buildkite.com/elastic/kibana-pull-request/builds/157714. The failed ones look like flaky tests. Also, the Serverless Security Cypress Tests job didn't run any tests and exited early, which is expected and exactly what we were aiming for when fixing the parallel.ts script.

info Config spec pattern: ./cypress/e2e/**/*.cy.ts
--
  | info Arguments spec pattern: ./cypress/e2e/!(investigations\|explore)/**/*.cy.ts
  | info Resulting spec pattern: ./cypress/e2e/!(investigations\|explore)/**/*.cy.ts
  | @cypress/grep: filtering using tag(s) "@serverless --@brokenInServerless --@skipInServerless"
  | @cypress/grep: will omit filtered tests
  | grep and/or grepTags has eliminated all specs
  | grepTags: @serverless --@brokenInServerless --@skipInServerless
  | Will leave all specs to run to filter at run-time
  | info Resolved spec files or pattern after grep: ./cypress/e2e/!(investigations\|explore)/**/*.cy.ts
  | info No tests found - all tests could have been skipped via Cypress tags
  | Done in 7.91s.

I also tested locally that if I enable at least one test using Cypress tags, the job will run it.

I will remove the "all cypress tests" label and restart the build - hope it takes less time after that.

@banderror banderror force-pushed the skip-detection-and-response-serverless-cypress-tests branch from e1f4fa2 to 22c2ab1 Compare September 8, 2023 17:43
@banderror banderror enabled auto-merge (squash) September 8, 2023 17:55
spong
spong approved these changes Sep 8, 2023
View reviewed changes
Copy link
Member

@spong spong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the detailed description, updated docs, and providing context/next steps -- appreciate it @banderror! LGTM 👍

maximpn
maximpn approved these changes Sep 8, 2023
View reviewed changes
Copy link
Contributor

@maximpn maximpn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cool! This PR also fixes Threat Intelligence Cypress Tests cc @PhilippeOberti

@banderror banderror force-pushed the skip-detection-and-response-serverless-cypress-tests branch from 22c2ab1 to 9be0ae5 Compare September 8, 2023 21:02
@banderror banderror force-pushed the skip-detection-and-response-serverless-cypress-tests branch from 9be0ae5 to 23ed5fc Compare September 8, 2023 23:07
@kibana-ci
Copy link
Collaborator

kibana-ci commented Sep 8, 2023
edited
Loading

💔 Build Failed

Failed CI Steps

Test Failures

  • [job] [logs] Explore - Security Solution Cypress Tests #1 / Cases Creates a new case with timeline and opens the timeline Creates a new case with timeline and opens the timeline

Metrics [docs]

Unknown metric groups

ESLint disabled line counts

id before after diff
securitySolution 452 453 +1

Total ESLint disabled count

id before after diff
securitySolution 519 520 +1

History

  • 💔 Build #157814 failed 9be0ae5cc79d33e47c0f12f448ad43cde8f49b7a
  • 💔 Build #157753 failed 22c2ab13a3dfe0369859b4661e0cdbe3330f9ebc
  • 💔 Build #157714 failed e1f4fa270ea4671ad674dbdf5bd16bf3a7b8c53d
  • 💔 Build #157601 failed ef8562a39afa4bc51709775f82bcdcce424d63c0
  • 💔 Build #157578 failed 90c3bfc26936c9bd69cfcba4510868e69c1fae1b

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @banderror

@banderror banderror merged commit 1d65e78 into elastic:main Sep 9, 2023
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Sep 9, 2023
@banderror banderror deleted the skip-detection-and-response-serverless-cypress-tests branch September 9, 2023 00:28
@tomsonpl
Copy link
Contributor

Hey folks, this PR introduced a SKIP for all tests that do not contain tags yet. Please take a look eg. at this https://buildkite.com/elastic/kibana-pull-request/builds/157814#018a769b-185b-4d22-bb6d-e2bf155745c6

We have some false passes around :P

@tomsonpl tomsonpl mentioned this pull request Sep 11, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MadameSheema MadameSheema MadameSheema approved these changes

@yctercero yctercero yctercero approved these changes

@maximpn maximpn maximpn approved these changes

@spong spong spong approved these changes

@WafaaNasr WafaaNasr Awaiting requested review from WafaaNasr

@oatkiller oatkiller Awaiting requested review from oatkiller

Assignees

@banderror banderror

Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Detection Engine Security Solution Detection Engine Area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. technical debt Improvement of the software architecture and operational architecture test test-failure-flaky v8.11.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Security Solution] Skip all existing Cypress tests in Serverless: Detection & Response area
9 participants
@banderror @elasticmachine @maximpn @kibana-ci @tomsonpl @spong @yctercero @MadameSheema @kibanamachine