[Defend Workflows] Enable Artifacts cy tests against serverless (elas…

…tic#170977) ## Summary Enables _Artifact tabs in Policy details_ and _Artifacts_ cypress tests against serverless. Or at least the test cases that has `ALL` privilege (or `NONE` for the _Artifacts_ tests), because there are no such roles in serverless environment that have: - read privilege for policy, but no privilege for artifacts, - read privilege for artifacts Additionally, - `@skipInServerless` tag is added, - the two tests use the usual `indexEndpointHosts()` to have mocked data, - and the old `loadEndpointDataForEventFiltersIfNeeded()` is deleted --------- Co-authored-by: Kibana Machine <[email protected]>
gergoabraham · Nov 10, 2023 · e3f339c · e3f339c
1 parent ce0114b
commit e3f339c
Show file tree

Hide file tree

Showing 5 changed files with 122 additions and 102 deletions.
diff --git a/x-pack/plugins/security_solution/public/management/cypress/README.md b/x-pack/plugins/security_solution/public/management/cypress/README.md
@@ -36,6 +36,7 @@ Similarly to Security Solution cypress tests, we use tags in order to select whi
 - `@serverless` includes a test in the Serverless test suite. You need to explicitly add this tag to any test you want to run against a Serverless environment.
 - `@ess` includes a test in the normal, non-Serverless test suite. You need to explicitly add this tag to any test you want to run against a non-Serverless environment.
 - `@brokenInServerless` excludes a test from the Serverless test suite (even if it's tagged as `@serverless`). Indicates that a test should run in Serverless, but currently is broken.
+- `@skipInServerless` excludes a test from the Serverless test suite (even if it's tagged as `@serverless`). Indicates that we don't want to run the given test in Serverless.
 
 Important: if you don't provide any tag, your test won't be executed.
 

diff --git a/x-pack/plugins/security_solution/public/management/cypress/cypress_serverless.config.ts b/x-pack/plugins/security_solution/public/management/cypress/cypress_serverless.config.ts
@@ -14,7 +14,7 @@ export default defineCypressConfig(
     env: {
       IS_SERVERLESS: true,
 
-      grepTags: '@serverless --@brokenInServerless',
+      grepTags: '@serverless --@brokenInServerless --@skipInServerless',
     },
   })
 );
diff --git a/...ty_solution/public/management/cypress/e2e/artifacts/artifact_tabs_in_policy_details.cy.ts b/...ty_solution/public/management/cypress/e2e/artifacts/artifact_tabs_in_policy_details.cy.ts
@@ -16,9 +16,10 @@ import {
   removeExceptionsList,
   yieldFirstPolicyID,
 } from '../../tasks/artifacts';
-import { loadEndpointDataForEventFiltersIfNeeded } from '../../tasks/load_endpoint_data';
 import { login, ROLE } from '../../tasks/login';
 import { performUserActions } from '../../tasks/perform_user_actions';
+import { indexEndpointHosts } from '../../tasks/index_endpoint_hosts';
+import type { ReturnTypeFromChainable } from '../../types';
 
 const loginWithPrivilegeAll = () => {
   login(ROLE.endpoint_policy_manager);
@@ -58,15 +59,20 @@ const visitArtifactTab = (tabId: string) => {
   cy.get(`#${tabId}`).click();
 };
 
-describe('Artifact tabs in Policy Details page', { tags: ['@ess'] }, () => {
+describe('Artifact tabs in Policy Details page', { tags: ['@ess', '@serverless'] }, () => {
+  let endpointData: ReturnTypeFromChainable<typeof indexEndpointHosts> | undefined;
+
   before(() => {
-    login();
-    loadEndpointDataForEventFiltersIfNeeded();
+    indexEndpointHosts().then((indexEndpoints) => {
+      endpointData = indexEndpoints;
+    });
   });
 
   after(() => {
-    login();
     removeAllArtifacts();
+
+    endpointData?.cleanup();
+    endpointData = undefined;
   });
 
   for (const testData of getArtifactsListTestsData()) {
@@ -76,22 +82,32 @@ describe('Artifact tabs in Policy Details page', { tags: ['@ess'] }, () => {
         removeExceptionsList(testData.createRequestBody.list_id);
       });
 
-      it(`[NONE] User cannot see the tab for ${testData.title}`, () => {
-        loginWithPrivilegeNone(testData.privilegePrefix);
-        visitPolicyDetailsPage();
+      it(
+        `[NONE] User cannot see the tab for ${testData.title}`,
+        // there is no such role in Serverless environment that can read policy but cannot read artifacts
+        { tags: ['@skipInServerless'] },
+        () => {
+          loginWithPrivilegeNone(testData.privilegePrefix);
+          visitPolicyDetailsPage();
 
-        cy.get(`#${testData.tabId}`).should('not.exist');
-      });
+          cy.get(`#${testData.tabId}`).should('not.exist');
+        }
+      );
 
       context(`Given there are no ${testData.title} entries`, () => {
-        it(`[READ] User CANNOT add ${testData.title} artifact`, () => {
-          loginWithPrivilegeRead(testData.privilegePrefix);
-          visitArtifactTab(testData.tabId);
+        it(
+          `[READ] User CANNOT add ${testData.title} artifact`,
+          // there is no such role in Serverless environment that only reads artifacts
+          { tags: ['@skipInServerless'] },
+          () => {
+            loginWithPrivilegeRead(testData.privilegePrefix);
+            visitArtifactTab(testData.tabId);
 
-          cy.getByTestSubj('policy-artifacts-empty-unexisting').should('exist');
+            cy.getByTestSubj('policy-artifacts-empty-unexisting').should('exist');
 
-          cy.getByTestSubj('unexisting-manage-artifacts-button').should('not.exist');
-        });
+            cy.getByTestSubj('unexisting-manage-artifacts-button').should('not.exist');
+          }
+        );
 
         it(`[ALL] User can add ${testData.title} artifact`, () => {
           loginWithPrivilegeAll();
@@ -129,15 +145,20 @@ describe('Artifact tabs in Policy Details page', { tags: ['@ess'] }, () => {
           createPerPolicyArtifact(testData.artifactName, testData.createRequestBody);
         });
 
-        it(`[READ] User CANNOT Manage or Assign ${testData.title} artifacts`, () => {
-          loginWithPrivilegeRead(testData.privilegePrefix);
-          visitArtifactTab(testData.tabId);
+        it(
+          `[READ] User CANNOT Manage or Assign ${testData.title} artifacts`,
+          // there is no such role in Serverless environment that only reads artifacts
+          { tags: ['@skipInServerless'] },
+          () => {
+            loginWithPrivilegeRead(testData.privilegePrefix);
+            visitArtifactTab(testData.tabId);
 
-          cy.getByTestSubj('policy-artifacts-empty-unassigned').should('exist');
+            cy.getByTestSubj('policy-artifacts-empty-unassigned').should('exist');
 
-          cy.getByTestSubj('unassigned-manage-artifacts-button').should('not.exist');
-          cy.getByTestSubj('unassigned-assign-artifacts-button').should('not.exist');
-        });
+            cy.getByTestSubj('unassigned-manage-artifacts-button').should('not.exist');
+            cy.getByTestSubj('unassigned-assign-artifacts-button').should('not.exist');
+          }
+        );
 
         it(`[ALL] User can Manage and Assign ${testData.title} artifacts`, () => {
           loginWithPrivilegeAll();
@@ -173,23 +194,28 @@ describe('Artifact tabs in Policy Details page', { tags: ['@ess'] }, () => {
           });
         });
 
-        it(`[READ] User can see ${testData.title} artifacts but CANNOT assign or remove from policy`, () => {
-          loginWithPrivilegeRead(testData.privilegePrefix);
-          visitArtifactTab(testData.tabId);
-
-          // List of artifacts
-          cy.getByTestSubj('artifacts-collapsed-list-card').should('have.length', 1);
-          cy.getByTestSubj('artifacts-collapsed-list-card-header-titleHolder').contains(
-            testData.artifactName
-          );
-
-          // Cannot assign artifacts
-          cy.getByTestSubj('artifacts-assign-button').should('not.exist');
-
-          // Cannot remove from policy
-          cy.getByTestSubj('artifacts-collapsed-list-card-header-actions-button').click();
-          cy.getByTestSubj('remove-from-policy-action').should('not.exist');
-        });
+        it(
+          `[READ] User can see ${testData.title} artifacts but CANNOT assign or remove from policy`,
+          // there is no such role in Serverless environment that only reads artifacts
+          { tags: ['@skipInServerless'] },
+          () => {
+            loginWithPrivilegeRead(testData.privilegePrefix);
+            visitArtifactTab(testData.tabId);
+
+            // List of artifacts
+            cy.getByTestSubj('artifacts-collapsed-list-card').should('have.length', 1);
+            cy.getByTestSubj('artifacts-collapsed-list-card-header-titleHolder').contains(
+              testData.artifactName
+            );
+
+            // Cannot assign artifacts
+            cy.getByTestSubj('artifacts-assign-button').should('not.exist');
+
+            // Cannot remove from policy
+            cy.getByTestSubj('artifacts-collapsed-list-card-header-actions-button').click();
+            cy.getByTestSubj('remove-from-policy-action').should('not.exist');
+          }
+        );
 
         it(`[ALL] User can see ${testData.title} artifacts and can assign or remove artifacts from policy`, () => {
           loginWithPrivilegeAll();

diff --git a/...ins/security_solution/public/management/cypress/e2e/artifacts/artifacts_mocked_data.cy.ts b/...ins/security_solution/public/management/cypress/e2e/artifacts/artifacts_mocked_data.cy.ts
@@ -12,7 +12,8 @@ import { loadPage } from '../../tasks/common';
 import { getArtifactsListTestsData } from '../../fixtures/artifacts_page';
 import { removeAllArtifacts } from '../../tasks/artifacts';
 import { performUserActions } from '../../tasks/perform_user_actions';
-import { loadEndpointDataForEventFiltersIfNeeded } from '../../tasks/load_endpoint_data';
+import { indexEndpointHosts } from '../../tasks/index_endpoint_hosts';
+import type { ReturnTypeFromChainable } from '../../types';
 
 const loginWithWriteAccess = (url: string) => {
   login(ROLE.endpoint_policy_manager);
@@ -30,17 +31,22 @@ const loginWithoutAccess = (url: string) => {
   loadPage(url);
 };
 
-describe('Artifacts pages', { tags: ['@ess'] }, () => {
+describe('Artifacts pages', { tags: ['@ess', '@serverless'] }, () => {
+  let endpointData: ReturnTypeFromChainable<typeof indexEndpointHosts> | undefined;
+
   before(() => {
-    login();
-    loadEndpointDataForEventFiltersIfNeeded();
-    // Clean artifacts data
+    indexEndpointHosts().then((indexEndpoints) => {
+      endpointData = indexEndpoints;
+    });
+
     removeAllArtifacts();
   });
 
   after(() => {
-    // Clean artifacts data
     removeAllArtifacts();
+
+    endpointData?.cleanup();
+    endpointData = undefined;
   });
 
   for (const testData of getArtifactsListTestsData()) {
@@ -53,14 +59,19 @@ describe('Artifacts pages', { tags: ['@ess'] }, () => {
         cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist');
       });
 
-      it(`read - should show empty state page if there is no ${testData.title} entry and the add button does not exist`, () => {
-        loginWithReadAccess(
-          testData.privilegePrefix,
-          `/app/security/administration/${testData.urlPath}`
-        );
-        cy.getByTestSubj(testData.emptyState).should('exist');
-        cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist');
-      });
+      it(
+        `read - should show empty state page if there is no ${testData.title} entry and the add button does not exist`,
+        // there is no such role in Serverless environment that only reads artifacts
+        { tags: ['@skipInServerless'] },
+        () => {
+          loginWithReadAccess(
+            testData.privilegePrefix,
+            `/app/security/administration/${testData.urlPath}`
+          );
+          cy.getByTestSubj(testData.emptyState).should('exist');
+          cy.getByTestSubj(`${testData.pagePrefix}-emptyState-addButton`).should('not.exist');
+        }
+      );
 
       it(`write - should show empty state page if there is no ${testData.title} entry and the add button exists`, () => {
         loginWithWriteAccess(`/app/security/administration/${testData.urlPath}`);
@@ -87,25 +98,35 @@ describe('Artifacts pages', { tags: ['@ess'] }, () => {
         cy.getByTestSubj('header-page-title').contains(testData.title);
       });
 
-      it(`read - should not be able to update/delete an existing ${testData.title} entry`, () => {
-        loginWithReadAccess(
-          testData.privilegePrefix,
-          `/app/security/administration/${testData.urlPath}`
-        );
-        cy.getByTestSubj('header-page-title').contains(testData.title);
-        cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).should('not.exist');
-        cy.getByTestSubj(`${testData.pagePrefix}-card-cardEditAction`).should('not.exist');
-        cy.getByTestSubj(`${testData.pagePrefix}-card-cardDeleteAction`).should('not.exist');
-      });
-
-      it(`read - should not be able to create a new ${testData.title} entry`, () => {
-        loginWithReadAccess(
-          testData.privilegePrefix,
-          `/app/security/administration/${testData.urlPath}`
-        );
-        cy.getByTestSubj('header-page-title').contains(testData.title);
-        cy.getByTestSubj(`${testData.pagePrefix}-pageAddButton`).should('not.exist');
-      });
+      it(
+        `read - should not be able to update/delete an existing ${testData.title} entry`,
+        // there is no such role in Serverless environment that only reads artifacts
+        { tags: ['@skipInServerless'] },
+        () => {
+          loginWithReadAccess(
+            testData.privilegePrefix,
+            `/app/security/administration/${testData.urlPath}`
+          );
+          cy.getByTestSubj('header-page-title').contains(testData.title);
+          cy.getByTestSubj(`${testData.pagePrefix}-card-header-actions-button`).should('not.exist');
+          cy.getByTestSubj(`${testData.pagePrefix}-card-cardEditAction`).should('not.exist');
+          cy.getByTestSubj(`${testData.pagePrefix}-card-cardDeleteAction`).should('not.exist');
+        }
+      );
+
+      it(
+        `read - should not be able to create a new ${testData.title} entry`,
+        // there is no such role in Serverless environment that only reads artifacts
+        { tags: ['@skipInServerless'] },
+        () => {
+          loginWithReadAccess(
+            testData.privilegePrefix,
+            `/app/security/administration/${testData.urlPath}`
+          );
+          cy.getByTestSubj('header-page-title').contains(testData.title);
+          cy.getByTestSubj(`${testData.pagePrefix}-pageAddButton`).should('not.exist');
+        }
+      );
 
       it(`write - should be able to update an existing ${testData.title} entry`, () => {
         loginWithWriteAccess(`/app/security/administration/${testData.urlPath}`);

diff --git a/x-pack/plugins/security_solution/public/management/cypress/tasks/load_endpoint_data.ts b/x-pack/plugins/security_solution/public/management/cypress/tasks/load_endpoint_data.ts