-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EMT-401: add policy data to metadata and fix tests #68582
Changes from 11 commits
5319b2d
889103e
d201ae3
3abdcd4
ddfc3a3
584f3cd
48df79e
dfe0bcc
d5bdfa5
9fa55cd
1642b7f
2d11769
827eefa
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -253,7 +253,11 @@ export type AlertEvent = Immutable<{ | |
}; | ||
endpoint: { | ||
policy: { | ||
id: string; | ||
applied: { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. hmm I don't think alerts will have this structure. The mapping for alerts looks like:
based on here: https://github.com/elastic/endpoint-package/blob/master/custom_subsets/elastic_endpoint/events/malware_event.yaml#L26 Do we need to update the mapping? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yes There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. |
||
id: string; | ||
status: HostPolicyResponseActionStatus; | ||
name: string; | ||
}; | ||
}; | ||
}; | ||
process: { | ||
|
@@ -357,7 +361,11 @@ export type HostMetadata = Immutable<{ | |
}; | ||
endpoint: { | ||
policy: { | ||
id: string; | ||
applied: { | ||
id: string; | ||
status: HostPolicyResponseActionStatus; | ||
name: string; | ||
}; | ||
}; | ||
}; | ||
agent: { | ||
|
@@ -700,6 +708,7 @@ export interface HostPolicyResponse { | |
applied: { | ||
version: string; | ||
id: string; | ||
name: string; | ||
status: HostPolicyResponseActionStatus; | ||
actions: HostPolicyResponseAppliedAction[]; | ||
response: { | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -27,7 +27,6 @@ import { | |
} from '../../../../common/endpoint/types'; | ||
import { SearchResponse } from 'elasticsearch'; | ||
import { registerEndpointRoutes } from './index'; | ||
import * as data from '../../test_data/all_metadata_data.json'; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Nice! 👍 |
||
import { | ||
createMockAgentService, | ||
createMockMetadataIndexPatternRetriever, | ||
|
@@ -37,6 +36,7 @@ import { AgentService } from '../../../../../ingest_manager/server'; | |
import Boom from 'boom'; | ||
import { EndpointAppContextService } from '../../endpoint_app_context_services'; | ||
import { createMockConfig } from '../../../lib/detection_engine/routes/__mocks__'; | ||
import { EndpointDocGenerator } from '../../../../common/endpoint/generate_data'; | ||
|
||
describe('test endpoint route', () => { | ||
let routerMock: jest.Mocked<IRouter>; | ||
|
@@ -78,10 +78,7 @@ describe('test endpoint route', () => { | |
|
||
it('test find the latest of all endpoints', async () => { | ||
const mockRequest = httpServerMock.createKibanaRequest({}); | ||
|
||
const response: SearchResponse<HostMetadata> = (data as unknown) as SearchResponse< | ||
HostMetadata | ||
>; | ||
const response = createSearchResponse(new EndpointDocGenerator().generateHostMetadata()); | ||
mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); | ||
[routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => | ||
path.startsWith('/api/endpoint/metadata') | ||
|
@@ -97,8 +94,8 @@ describe('test endpoint route', () => { | |
expect(routeConfig.options).toEqual({ authRequired: true }); | ||
expect(mockResponse.ok).toBeCalled(); | ||
const endpointResultList = mockResponse.ok.mock.calls[0][0]?.body as HostResultList; | ||
expect(endpointResultList.hosts.length).toEqual(2); | ||
expect(endpointResultList.total).toEqual(2); | ||
expect(endpointResultList.hosts.length).toEqual(1); | ||
expect(endpointResultList.total).toEqual(1); | ||
expect(endpointResultList.request_page_index).toEqual(0); | ||
expect(endpointResultList.request_page_size).toEqual(10); | ||
}); | ||
|
@@ -119,7 +116,7 @@ describe('test endpoint route', () => { | |
|
||
mockAgentService.getAgentStatusById = jest.fn().mockReturnValue('error'); | ||
mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => | ||
Promise.resolve((data as unknown) as SearchResponse<HostMetadata>) | ||
Promise.resolve(createSearchResponse(new EndpointDocGenerator().generateHostMetadata())) | ||
); | ||
[routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => | ||
path.startsWith('/api/endpoint/metadata') | ||
|
@@ -138,8 +135,8 @@ describe('test endpoint route', () => { | |
expect(routeConfig.options).toEqual({ authRequired: true }); | ||
expect(mockResponse.ok).toBeCalled(); | ||
const endpointResultList = mockResponse.ok.mock.calls[0][0]?.body as HostResultList; | ||
expect(endpointResultList.hosts.length).toEqual(2); | ||
expect(endpointResultList.total).toEqual(2); | ||
expect(endpointResultList.hosts.length).toEqual(1); | ||
expect(endpointResultList.total).toEqual(1); | ||
expect(endpointResultList.request_page_index).toEqual(10); | ||
expect(endpointResultList.request_page_size).toEqual(10); | ||
}); | ||
|
@@ -162,7 +159,7 @@ describe('test endpoint route', () => { | |
|
||
mockAgentService.getAgentStatusById = jest.fn().mockReturnValue('error'); | ||
mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => | ||
Promise.resolve((data as unknown) as SearchResponse<HostMetadata>) | ||
Promise.resolve(createSearchResponse(new EndpointDocGenerator().generateHostMetadata())) | ||
); | ||
[routeConfig, routeHandler] = routerMock.post.mock.calls.find(([{ path }]) => | ||
path.startsWith('/api/endpoint/metadata') | ||
|
@@ -194,34 +191,18 @@ describe('test endpoint route', () => { | |
expect(routeConfig.options).toEqual({ authRequired: true }); | ||
expect(mockResponse.ok).toBeCalled(); | ||
const endpointResultList = mockResponse.ok.mock.calls[0][0]?.body as HostResultList; | ||
expect(endpointResultList.hosts.length).toEqual(2); | ||
expect(endpointResultList.total).toEqual(2); | ||
expect(endpointResultList.hosts.length).toEqual(1); | ||
expect(endpointResultList.total).toEqual(1); | ||
expect(endpointResultList.request_page_index).toEqual(10); | ||
expect(endpointResultList.request_page_size).toEqual(10); | ||
}); | ||
|
||
describe('Endpoint Details route', () => { | ||
it('should return 404 on no results', async () => { | ||
const mockRequest = httpServerMock.createKibanaRequest({ params: { id: 'BADID' } }); | ||
|
||
mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => | ||
Promise.resolve({ | ||
took: 3, | ||
timed_out: false, | ||
_shards: { | ||
total: 1, | ||
successful: 1, | ||
skipped: 0, | ||
failed: 0, | ||
}, | ||
hits: { | ||
total: { | ||
value: 9, | ||
relation: 'eq', | ||
}, | ||
max_score: null, | ||
hits: [], | ||
}, | ||
}) | ||
Promise.resolve(createSearchResponse()) | ||
); | ||
mockAgentService.getAgentStatusById = jest.fn().mockReturnValue('error'); | ||
[routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => | ||
|
@@ -241,13 +222,10 @@ describe('test endpoint route', () => { | |
}); | ||
|
||
it('should return a single endpoint with status online', async () => { | ||
const response = createSearchResponse(new EndpointDocGenerator().generateHostMetadata()); | ||
const mockRequest = httpServerMock.createKibanaRequest({ | ||
// eslint-disable-next-line @typescript-eslint/no-explicit-any | ||
params: { id: (data as any).hits.hits[0]._id }, | ||
params: { id: response.hits.hits[0]._id }, | ||
}); | ||
const response: SearchResponse<HostMetadata> = (data as unknown) as SearchResponse< | ||
HostMetadata | ||
>; | ||
mockAgentService.getAgentStatusById = jest.fn().mockReturnValue('online'); | ||
mockScopedClient.callAsCurrentUser.mockImplementationOnce(() => Promise.resolve(response)); | ||
[routeConfig, routeHandler] = routerMock.get.mock.calls.find(([{ path }]) => | ||
|
@@ -269,9 +247,7 @@ describe('test endpoint route', () => { | |
}); | ||
|
||
it('should return a single endpoint with status error when AgentService throw 404', async () => { | ||
const response: SearchResponse<HostMetadata> = (data as unknown) as SearchResponse< | ||
HostMetadata | ||
>; | ||
const response = createSearchResponse(new EndpointDocGenerator().generateHostMetadata()); | ||
|
||
const mockRequest = httpServerMock.createKibanaRequest({ | ||
params: { id: response.hits.hits[0]._id }, | ||
|
@@ -299,9 +275,7 @@ describe('test endpoint route', () => { | |
}); | ||
|
||
it('should return a single endpoint with status error when status is not offline or online', async () => { | ||
const response: SearchResponse<HostMetadata> = (data as unknown) as SearchResponse< | ||
HostMetadata | ||
>; | ||
const response = createSearchResponse(new EndpointDocGenerator().generateHostMetadata()); | ||
|
||
const mockRequest = httpServerMock.createKibanaRequest({ | ||
params: { id: response.hits.hits[0]._id }, | ||
|
@@ -327,3 +301,59 @@ describe('test endpoint route', () => { | |
}); | ||
}); | ||
}); | ||
|
||
function createSearchResponse(hostMetadata?: HostMetadata): SearchResponse<HostMetadata> { | ||
return ({ | ||
took: 15, | ||
timed_out: false, | ||
_shards: { | ||
total: 1, | ||
successful: 1, | ||
skipped: 0, | ||
failed: 0, | ||
}, | ||
hits: { | ||
total: { | ||
value: 5, | ||
relation: 'eq', | ||
}, | ||
max_score: null, | ||
hits: hostMetadata | ||
? [ | ||
{ | ||
_index: 'metrics-endpoint.metadata-default-1', | ||
_id: '8FhM0HEBYyRTvb6lOQnw', | ||
_score: null, | ||
_source: hostMetadata, | ||
sort: [1588337587997], | ||
inner_hits: { | ||
most_recent: { | ||
hits: { | ||
total: { | ||
value: 2, | ||
relation: 'eq', | ||
}, | ||
max_score: null, | ||
hits: [ | ||
{ | ||
_index: 'metrics-endpoint.metadata-default-1', | ||
_id: 'W6Vo1G8BYQH1gtPUgYkC', | ||
_score: null, | ||
_source: hostMetadata, | ||
sort: [1579816615336], | ||
}, | ||
], | ||
}, | ||
}, | ||
}, | ||
}, | ||
] | ||
: [], | ||
}, | ||
aggregations: { | ||
total: { | ||
value: 1, | ||
}, | ||
}, | ||
} as unknown) as SearchResponse<HostMetadata>; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: Maybe change the name of this function since it's updating more than just the policy id right?