Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Endpoint] Fix endpoint tests with data streams #68794

Merged
merged 8 commits into from
Jun 11, 2020
Merged

[Endpoint] Fix endpoint tests with data streams #68794

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
afd44ea
Temporary fix to get tests working again with data streams
jonathan-buttner Jun 10, 2020
6a58ee9
Removing mappings and renabling tests
jonathan-buttner Jun 10, 2020
57aa58a
optionally using create for our tests only has a stop gap
jonathan-buttner Jun 10, 2020
740563f
Merge branch 'master' into es-archiver-ds
elasticmachine Jun 10, 2020
494a8e9
Adding default for internal function
jonathan-buttner Jun 10, 2020
738d995
Merge branch 'es-archiver-ds' of github.com:jonathan-buttner/kibana i…
jonathan-buttner Jun 10, 2020
dbbe256
Removing tests that could fail if backing index changes
jonathan-buttner Jun 11, 2020
290c3c3
Removing unused import
jonathan-buttner Jun 11, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/es_archiver/lib/docs/index_doc_records_stream.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ export function createIndexDocRecordsStream(client: Client, stats: Stats, progre
stats.indexedDoc(doc.index);
body.push(
{
index: {
create: {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Data streams will fail if using index

_index: doc.index,
_id: doc.id,
},
Expand Down
14 changes: 8 additions & 6 deletions x-pack/test/api_integration/apis/endpoint/alerts/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import expect from '@kbn/expect/expect.js';
import { FtrProviderContext } from '../../../ftr_provider_context';
import { AlertData } from '../../../../../plugins/security_solution/common/endpoint_alerts/types';
import { AlertId } from '../../../../../plugins/security_solution/server/endpoint/alerts/handlers/lib/index';
import { deleteEventsStream, deleteMetadataStream } from '../data_stream_helper';

/**
* The number of alert documents in the es archive.
Expand Down Expand Up @@ -66,26 +67,27 @@ export default function ({ getService }: FtrProviderContext) {
const nextPrevPrefixOrder = 'order=desc';
const nextPrevPrefixPageSize = 'page_size=10';
const nextPrevPrefix = `${nextPrevPrefixQuery}&${nextPrevPrefixDateRange}&${nextPrevPrefixSort}&${nextPrevPrefixOrder}&${nextPrevPrefixPageSize}`;
const alertIndex = 'events-endpoint-1';
const alertIndex = '.ds-events-endpoint-1-000001';
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The alert tests need the exact backing index for a couple of the tests. I don't love this, another option would be to just remove those tests I suppose.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I noticed the event is quite different from the other indices, I am guessing this is the best right now?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah it's going to change soon. It depends on the conclusion of this discussion: https://github.com/elastic/endpoint-app-team/issues/102


let nullableEventId = '';

// SKIPPED as it is failing ES PROMOTION: https://github.com/elastic/kibana/issues/68613
describe.skip('Endpoint alert API', () => {
describe('Endpoint alert API', () => {
describe('when data is in elasticsearch', () => {
before(async () => {
await esArchiver.load('endpoint/alerts/api_feature');
await esArchiver.load('endpoint/alerts/host_api_feature');
const res = await es.search({
index: alertIndex,
index: 'events-endpoint-*',
body: ES_QUERY_MISSING,
});
nullableEventId = res.hits.hits[0]._source.event.id;
});

after(async () => {
await esArchiver.unload('endpoint/alerts/api_feature');
await esArchiver.unload('endpoint/alerts/host_api_feature');
// the endpoint uses data streams and es archiver does not support deleting them at the moment so we need
// to do it manually
await deleteEventsStream(getService);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To help it run a bit faster, you can wrap these two calls in a promise.all

await deleteMetadataStream(getService);
});

it('should not support POST requests', async () => {
Expand Down
32 changes: 32 additions & 0 deletions x-pack/test/api_integration/apis/endpoint/data_stream_helper.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

import { Client } from '@elastic/elasticsearch';

export async function deleteDataStream(getService: (serviceName: 'es') => Client, index: string) {
const client = getService('es');
await client.transport.request(
{
method: 'DELETE',
path: `_data_stream/${index}`,
},
{
ignore: [404],
}
);
}

export async function deleteMetadataStream(getService: (serviceName: 'es') => Client) {
await deleteDataStream(getService, 'metrics-endpoint.metadata-*');
}

export async function deleteEventsStream(getService: (serviceName: 'es') => Client) {
await deleteDataStream(getService, 'events-endpoint-*');
}

export async function deletePolicyStream(getService: (serviceName: 'es') => Client) {
await deleteDataStream(getService, 'metrics-endpoint.policy-*');
}
14 changes: 9 additions & 5 deletions x-pack/test/api_integration/apis/endpoint/metadata.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
*/
import expect from '@kbn/expect/expect.js';
import { FtrProviderContext } from '../../ftr_provider_context';
import { deleteMetadataStream } from './data_stream_helper';

/**
* The number of host documents in the es archive.
Expand All @@ -14,11 +15,12 @@ const numberOfHostsInFixture = 3;
export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const supertest = getService('supertest');
// SKIPPED as it is failing on ES PROMOTION: https://github.com/elastic/kibana/issues/68584
describe.skip('test metadata api', () => {
describe('test metadata api', () => {
describe('POST /api/endpoint/metadata when index is empty', () => {
it('metadata api should return empty result when index is empty', async () => {
await esArchiver.unload('endpoint/metadata/api_feature');
// the endpoint uses data streams and es archiver does not support deleting them at the moment so we need
// to do it manually
await deleteMetadataStream(getService);
const { body } = await supertest
.post('/api/endpoint/metadata')
.set('kbn-xsrf', 'xxx')
Expand All @@ -32,8 +34,10 @@ export default function ({ getService }: FtrProviderContext) {
});

describe('POST /api/endpoint/metadata when index is not empty', () => {
before(() => esArchiver.load('endpoint/metadata/api_feature'));
after(() => esArchiver.unload('endpoint/metadata/api_feature'));
before(async () => await esArchiver.load('endpoint/metadata/api_feature'));
// the endpoint uses data streams and es archiver does not support deleting them at the moment so we need
// to do it manually
after(async () => await deleteMetadataStream(getService));
it('metadata api should return one entry for each host with default paging', async () => {
const { body } = await supertest
.post('/api/endpoint/metadata')
Expand Down
8 changes: 5 additions & 3 deletions x-pack/test/api_integration/apis/endpoint/policy.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,18 @@

import expect from '@kbn/expect/expect.js';
import { FtrProviderContext } from '../../ftr_provider_context';
import { deletePolicyStream } from './data_stream_helper';

export default function ({ getService }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const supertest = getService('supertest');
// SKIPPED as it is failing ES PROMOTION: https://github.com/elastic/kibana/issues/68638
describe.skip('Endpoint policy api', () => {
describe('Endpoint policy api', () => {
describe('GET /api/endpoint/policy_response', () => {
before(async () => await esArchiver.load('endpoint/policy'));

after(async () => await esArchiver.unload('endpoint/policy'));
// the endpoint uses data streams and es archiver does not support deleting them at the moment so we need
// to do it manually
after(async () => await deletePolicyStream(getService));

it('should return one policy response for host', async () => {
const expectedHostId = '4f3b9858-a96d-49d8-a326-230d7763d767';
Expand Down
1 change: 1 addition & 0 deletions x-pack/test/api_integration/apis/endpoint/resolver.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -216,6 +216,7 @@ export default function resolverAPIIntegrationTests({ getService }: FtrProviderC
});
after(async () => {
await resolver.deleteTrees(resolverTrees);
// this unload is for an endgame-* index so it does not use data streams
await esArchiver.unload('endpoint/resolver/api_feature');
});

Expand Down
Loading