Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] Extend the /upgrade/_perform API endpoint's contract #189187

Closed
wants to merge 13 commits into from
Original file line number Diff line number Diff line change
@@ -0,0 +1,388 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Perform Rule Upgrade API endpoint
* version: 2023-10-31
*/

import { z } from 'zod';

import {
RuleSignatureId,
RuleVersion,
RuleName,
RuleTagArray,
RuleDescription,
Severity,
SeverityMapping,
RiskScore,
RiskScoreMapping,
RuleReferenceArray,
RuleFalsePositiveArray,
ThreatArray,
InvestigationGuide,
SetupGuide,
RelatedIntegrationArray,
RequiredFieldArray,
MaxSignals,
BuildingBlockType,
RuleIntervalFrom,
RuleInterval,
RuleExceptionList,
RuleNameOverride,
TimestampOverride,
TimestampOverrideFallbackDisabled,
TimelineTemplateId,
TimelineTemplateTitle,
IndexPatternArray,
DataViewId,
RuleQuery,
QueryLanguage,
RuleFilterArray,
SavedQueryId,
KqlQueryLanguage,
} from '../../model/rule_schema/common_attributes.gen';
import {
MachineLearningJobId,
AnomalyThreshold,
} from '../../model/rule_schema/specific_attributes/ml_attributes.gen';
import {
ThreatQuery,
ThreatMapping,
ThreatIndex,
ThreatFilters,
ThreatIndicatorPath,
} from '../../model/rule_schema/specific_attributes/threat_match_attributes.gen';
import {
NewTermsFields,
HistoryWindowStart,
} from '../../model/rule_schema/specific_attributes/new_terms_attributes.gen';
import { RuleResponse } from '../../model/rule_schema/rule_schemas.gen';
import { ErrorSchema } from '../../model/error_schema.gen';

export type RulePickVersionValues = z.infer<typeof RulePickVersionValues>;
export const RulePickVersionValues = z.enum(['BASE', 'CURRENT', 'TARGET', 'MERGED']);
export type RulePickVersionValuesEnum = typeof RulePickVersionValues.enum;
export const RulePickVersionValuesEnum = RulePickVersionValues.enum;

export type FieldPickVersionValues = z.infer<typeof FieldPickVersionValues>;
export const FieldPickVersionValues = z.enum(['BASE', 'CURRENT', 'TARGET', 'MERGED', 'RESOLVED']);
export type FieldPickVersionValuesEnum = typeof FieldPickVersionValues.enum;
export const FieldPickVersionValuesEnum = FieldPickVersionValues.enum;

export type RuleUpgradeSpecifier = z.infer<typeof RuleUpgradeSpecifier>;
export const RuleUpgradeSpecifier = z.object({
rule_id: RuleSignatureId,
revision: z.number(),
version: RuleVersion,
pick_version: RulePickVersionValues.optional(),
/**
* Fields that can be customized during the upgrade workflow
as decided in: https://github.com/elastic/kibana/issues/186544
Fields listed here, which are not specified in the request body,
will default to a `pick_version` of `MERGED`.

*/
fields: z
.object({
name: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleName.optional(),
})
.optional(),
tags: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleTagArray.optional(),
})
.optional(),
description: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleDescription.optional(),
})
.optional(),
severity: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: Severity.optional(),
})
.optional(),
severity_mapping: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: SeverityMapping.optional(),
})
.optional(),
risk_score: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RiskScore.optional(),
})
.optional(),
risk_score_mapping: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RiskScoreMapping.optional(),
})
.optional(),
references: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleReferenceArray.optional(),
})
.optional(),
false_positives: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleFalsePositiveArray.optional(),
})
.optional(),
threat: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: ThreatArray.optional(),
})
.optional(),
note: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: InvestigationGuide.optional(),
})
.optional(),
setup: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: SetupGuide.optional(),
})
.optional(),
related_integrations: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RelatedIntegrationArray.optional(),
})
.optional(),
required_fields: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RequiredFieldArray.optional(),
})
.optional(),
max_signals: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: MaxSignals.optional(),
})
.optional(),
building_block_type: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: BuildingBlockType.optional(),
})
.optional(),
from: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleIntervalFrom.optional(),
})
.optional(),
interval: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleInterval.optional(),
})
.optional(),
exceptions_list: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleExceptionList.optional(),
})
.optional(),
rule_name_override: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleNameOverride.optional(),
})
.optional(),
timestamp_override: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: TimestampOverride.optional(),
})
.optional(),
timestamp_override_fallback_disabled: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: TimestampOverrideFallbackDisabled.optional(),
})
.optional(),
timeline_id: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: TimelineTemplateId.optional(),
})
.optional(),
timeline_title: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: TimelineTemplateTitle.optional(),
})
.optional(),
index: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: IndexPatternArray.optional(),
})
.optional(),
data_view_id: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: DataViewId.optional(),
})
.optional(),
query: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleQuery.optional(),
})
.optional(),
language: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: QueryLanguage.optional(),
})
.optional(),
filters: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: RuleFilterArray.optional(),
})
.optional(),
saved_id: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: SavedQueryId.optional(),
})
.optional(),
machine_learning_job_id: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: MachineLearningJobId.optional(),
})
.optional(),
anomaly_threshold: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: AnomalyThreshold.optional(),
})
.optional(),
threat_query: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: ThreatQuery.optional(),
})
.optional(),
threat_mapping: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: ThreatMapping.optional(),
})
.optional(),
threat_index: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: ThreatIndex.optional(),
})
.optional(),
threat_filters: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: ThreatFilters.optional(),
})
.optional(),
threat_indicator_path: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: ThreatIndicatorPath.optional(),
})
.optional(),
threat_language: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: KqlQueryLanguage.optional(),
})
.optional(),
new_terms_fields: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: NewTermsFields.optional(),
})
.optional(),
history_window_start: z
.object({
pick_version: FieldPickVersionValues,
resolved_value: HistoryWindowStart.optional(),
})
.optional(),
})
.optional(),
});

export type UpgradeSpecificRulesRequest = z.infer<typeof UpgradeSpecificRulesRequest>;
export const UpgradeSpecificRulesRequest = z.object({
mode: z.literal('SPECIFIC_RULES'),
rules: z.array(RuleUpgradeSpecifier),
pick_version: RulePickVersionValues.optional(),
});

export type UpgradeAllRulesRequest = z.infer<typeof UpgradeAllRulesRequest>;
export const UpgradeAllRulesRequest = z.object({
mode: z.literal('ALL_RULES'),
pick_version: RulePickVersionValues.optional(),
});

export type SkipRuleUpgradeReason = z.infer<typeof SkipRuleUpgradeReason>;
export const SkipRuleUpgradeReason = z.enum(['RULE_UP_TO_DATE', 'RULE_NOT_FOUND']);
export type SkipRuleUpgradeReasonEnum = typeof SkipRuleUpgradeReason.enum;
export const SkipRuleUpgradeReasonEnum = SkipRuleUpgradeReason.enum;

export type SkippedRuleUpgrade = z.infer<typeof SkippedRuleUpgrade>;
export const SkippedRuleUpgrade = z.object({
rule_id: z.string(),
reason: SkipRuleUpgradeReason,
});

export type PerformRuleUpgradeResponseBody = z.infer<typeof PerformRuleUpgradeResponseBody>;
export const PerformRuleUpgradeResponseBody = z.object({
summary: z.object({
total: z.number(),
succeeded: z.number(),
skipped: z.number(),
failed: z.number(),
}),
results: z.object({
updated: z.array(RuleResponse),
skipped: z.array(SkippedRuleUpgrade),
}),
errors: z.array(ErrorSchema),
});

export type PerformRuleUpgradeRequestBody = z.infer<typeof PerformRuleUpgradeRequestBody>;
export const PerformRuleUpgradeRequestBody = z.union([
UpgradeAllRulesRequest,
UpgradeSpecificRulesRequest,
]);
export type PerformRuleUpgradeRequestBodyInput = z.input<typeof PerformRuleUpgradeRequestBody>;

export type PerformRuleUpgradeResponse = z.infer<typeof PerformRuleUpgradeResponse>;
export const PerformRuleUpgradeResponse = PerformRuleUpgradeResponseBody;
Loading