Skip to content

Commit

Permalink
[8.7] [Security Solution][Alerts] Removes custom cypress schemas in f…
Browse files Browse the repository at this point in the history
…avor of io-ts schemas (elastic#151520) (elastic#152878)

# Backport

This will backport the following commits from `main` to `8.7`:
- [[Security Solution][Alerts] Removes custom cypress schemas in favor
of io-ts schemas
(elastic#151520)](elastic#151520)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Marshall
Main","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-03-08T06:36:20Z","message":"[Security
Solution][Alerts] Removes custom cypress schemas in favor of io-ts
schemas (elastic#151520)\n\n## Summary\r\n\r\nThis PR removes the rule schemas
that are specific to Cypress tests, and\r\nreplaces them with the HTTP
API schemas from the Detection Engine API.\r\nAs a result, the rule
schemas used in Cypress tests will now\r\nautomatically update when we
add new fields to rules. In addition, we\r\ncan try to start removing
some of mock rule data in Cypress tests and\r\nshare mocks across
integration/e2e/unit tests.\r\n\r\nFinally, this PR removes the specific
API call functions like\r\n`createCustomRule` and
`createCustomRuleEnabled` in favor of a generic\r\n`createRule` function
that can create any type of rule, without\r\nrestrictions on which
fields can be specified (e.g.\r\n`createMachineLearningRule` hard coded
`from: 'now-50000h',` in the\r\nfunction
body).\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<[email protected]>","sha":"b20feb24fa264a5bed66ef614936a6abcfbfd5ba","branchLabelMapping":{"^v8.8.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:
SecuritySolution","Team:Detection
Alerts","v8.7.0","v8.8.0"],"number":151520,"url":"https://github.com/elastic/kibana/pull/151520","mergeCommit":{"message":"[Security
Solution][Alerts] Removes custom cypress schemas in favor of io-ts
schemas (elastic#151520)\n\n## Summary\r\n\r\nThis PR removes the rule schemas
that are specific to Cypress tests, and\r\nreplaces them with the HTTP
API schemas from the Detection Engine API.\r\nAs a result, the rule
schemas used in Cypress tests will now\r\nautomatically update when we
add new fields to rules. In addition, we\r\ncan try to start removing
some of mock rule data in Cypress tests and\r\nshare mocks across
integration/e2e/unit tests.\r\n\r\nFinally, this PR removes the specific
API call functions like\r\n`createCustomRule` and
`createCustomRuleEnabled` in favor of a generic\r\n`createRule` function
that can create any type of rule, without\r\nrestrictions on which
fields can be specified (e.g.\r\n`createMachineLearningRule` hard coded
`from: 'now-50000h',` in the\r\nfunction
body).\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<[email protected]>","sha":"b20feb24fa264a5bed66ef614936a6abcfbfd5ba"}},"sourceBranch":"main","suggestedTargetBranches":["8.7"],"targetPullRequestStates":[{"branch":"8.7","label":"v8.7.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.8.0","labelRegex":"^v8.8.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/151520","number":151520,"mergeCommit":{"message":"[Security
Solution][Alerts] Removes custom cypress schemas in favor of io-ts
schemas (elastic#151520)\n\n## Summary\r\n\r\nThis PR removes the rule schemas
that are specific to Cypress tests, and\r\nreplaces them with the HTTP
API schemas from the Detection Engine API.\r\nAs a result, the rule
schemas used in Cypress tests will now\r\nautomatically update when we
add new fields to rules. In addition, we\r\ncan try to start removing
some of mock rule data in Cypress tests and\r\nshare mocks across
integration/e2e/unit tests.\r\n\r\nFinally, this PR removes the specific
API call functions like\r\n`createCustomRule` and
`createCustomRuleEnabled` in favor of a generic\r\n`createRule` function
that can create any type of rule, without\r\nrestrictions on which
fields can be specified (e.g.\r\n`createMachineLearningRule` hard coded
`from: 'now-50000h',` in the\r\nfunction
body).\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<[email protected]>","sha":"b20feb24fa264a5bed66ef614936a6abcfbfd5ba"}}]}]
BACKPORT-->
  • Loading branch information
marshallmain authored Mar 8, 2023
1 parent 58099ea commit a472ed4
Show file tree
Hide file tree
Showing 59 changed files with 1,075 additions and 1,486 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { JSON_TEXT } from '../../screens/alerts_details';

import { expandFirstAlert, waitForAlertsPanelToBeLoaded } from '../../tasks/alerts';
import { openJsonView } from '../../tasks/alerts_details';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana } from '../../tasks/common';
import { esArchiverCCSLoad } from '../../tasks/es_archiver';
import { login, visitWithoutDateRange } from '../../tasks/login';
Expand All @@ -23,7 +23,7 @@ describe('Alert details with unmapped fields', () => {
login();
cleanKibana();
esArchiverCCSLoad('unmapped_fields');
createCustomRuleEnabled(getUnmappedCCSRule());
createRule(getUnmappedCCSRule());
visitWithoutDateRange(ALERTS_URL);
waitForAlertsPanelToBeLoaded();
expandFirstAlert();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ import {
goToRuleDetails,
waitForRulesTableToBeLoaded,
} from '../../tasks/alerts_detection_rules';
import { createEventCorrelationRule } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana } from '../../tasks/common';
import { waitForAlertsToPopulate, waitForTheRuleToBeExecuted } from '../../tasks/create_new_rule';
import { login, visitWithoutDateRange } from '../../tasks/login';
Expand All @@ -31,9 +31,9 @@ describe('Detection rules', function () {

it('EQL rule on remote indices generates alerts', function () {
esArchiverCCSLoad('linux_process');
this.rule = getCCSEqlRule();
const rule = getCCSEqlRule();
login();
createEventCorrelationRule(this.rule);
createRule(rule);
visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL);
waitForRulesTableToBeLoaded();
filterByCustomRules();
Expand All @@ -46,9 +46,9 @@ describe('Detection rules', function () {
.invoke('text')
.then((text) => {
cy.log('ALERT_DATA_GRID', text);
expect(text).contains(this.rule.name);
expect(text).contains(this.rule.severity.toLowerCase());
expect(text).contains(this.rule.riskScore);
expect(text).contains(rule.name);
expect(text).contains(rule.severity);
expect(text).contains(rule.risk_score);
});
});
});
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { getNewRule } from '../../objects/rule';
import { ROLES } from '../../../common/test';

import { expandFirstAlertActions } from '../../tasks/alerts';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana } from '../../tasks/common';
import { waitForAlertsToPopulate } from '../../tasks/create_new_rule';
import { login, visit, waitForPageWithoutDateRange } from '../../tasks/login';
Expand All @@ -28,7 +28,7 @@ describe('Alerts timeline', () => {
// First we login as a privileged user to create alerts.
cleanKibana();
login();
createCustomRuleEnabled(getNewRule());
createRule(getNewRule());
visit(ALERTS_URL);
waitForAlertsToPopulate();
});
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ import {
waitForInstallRiskScoreModule,
} from '../../tasks/api_calls/risk_scores';
import { findSavedObjects } from '../../tasks/api_calls/risk_scores/saved_objects';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana } from '../../tasks/common';
import { login, visit } from '../../tasks/login';
import { clickEnableRiskScore } from '../../tasks/risk_scores';
Expand All @@ -36,7 +36,7 @@ describe('Enable risk scores', () => {
before(() => {
cleanKibana();
login();
createCustomRuleEnabled(getNewRule(), 'rule1');
createRule({ ...getNewRule(), rule_id: 'rule1' });
});

beforeEach(() => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ import {
HOSTS_TABLE_ALERT_CELL,
} from '../../screens/entity_analytics';
import { openRiskTableFilterAndSelectTheLowOption } from '../../tasks/host_risk';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { waitForAlertsToPopulate } from '../../tasks/create_new_rule';
import { getNewRule } from '../../objects/rule';
import { QUERY_TAB_BUTTON } from '../../screens/timeline';
Expand Down Expand Up @@ -143,7 +143,7 @@ describe('Entity Analytics Dashboard', () => {

describe('With alerts data', () => {
before(() => {
createCustomRuleEnabled(getNewRule());
createRule(getNewRule());
});

beforeEach(() => {
Expand Down Expand Up @@ -203,7 +203,7 @@ describe('Entity Analytics Dashboard', () => {

describe('With alerts data', () => {
before(() => {
createCustomRuleEnabled(getNewRule());
createRule(getNewRule());
});

beforeEach(() => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ import {
} from '../../screens/entity_analytics';
import { deleteRiskScore, installLegacyRiskScoreModule } from '../../tasks/api_calls/risk_scores';
import { findSavedObjects } from '../../tasks/api_calls/risk_scores/saved_objects';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana } from '../../tasks/common';
import { login, visit } from '../../tasks/login';
import {
Expand All @@ -39,7 +39,7 @@ describe('Upgrade risk scores', () => {
before(() => {
cleanKibana();
login();
createCustomRuleEnabled(getNewRule(), 'rule1');
createRule({ ...getNewRule(), rule_id: 'rule1' });
});

beforeEach(() => {
Expand Down Expand Up @@ -88,7 +88,7 @@ versions.forEach((version) =>
before(() => {
cleanKibana();
login();
createCustomRuleEnabled(getNewRule(), 'rule1');
createRule({ ...getNewRule(), rule_id: 'rule1' });
});

beforeEach(() => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import { openTimelineFieldsBrowser, populateTimeline } from '../../tasks/timelin

import { HOSTS_URL, ALERTS_URL } from '../../urls/navigation';

import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';

import { getNewRule } from '../../objects/rule';
import { refreshPage } from '../../tasks/security_header';
Expand All @@ -27,7 +27,7 @@ describe('Create DataView runtime field', () => {
it('adds field to alert table', () => {
const fieldName = 'field.name.alert.page';
visit(ALERTS_URL);
createCustomRuleEnabled(getNewRule());
createRule(getNewRule());
refreshPage();
waitForAlertsToPopulate();
openEventsViewerFieldsBrowser();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,11 @@
*/

import { expandFirstAlert, waitForAlertsPanelToBeLoaded } from '../../tasks/alerts';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana } from '../../tasks/common';
import { login, visit } from '../../tasks/login';

import { getNewRule } from '../../objects/rule';
import type { CustomRule } from '../../objects/rule';

import { ALERTS_URL } from '../../urls/navigation';
import {
Expand All @@ -24,12 +23,11 @@ import { OPEN_ALERT_DETAILS_PAGE } from '../../screens/alerts_details';

describe('Alert Details Page Navigation', () => {
describe('navigating to alert details page', () => {
let rule: CustomRule;
const rule = getNewRule();
before(() => {
rule = getNewRule();
cleanKibana();
login();
createCustomRuleEnabled(rule, 'rule1');
createRule({ ...rule, rule_id: 'rule1' });
});

describe('context menu', () => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ import { expandFirstAlert } from '../../tasks/alerts';
import { verifyInsightCount } from '../../tasks/alerts_details';
import { setStartDate } from '../../tasks/date_picker';
import { closeTimeline } from '../../tasks/timeline';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana } from '../../tasks/common';
import { waitForAlertsToPopulate } from '../../tasks/create_new_rule';
import { login, visitWithoutDateRange } from '../../tasks/login';
Expand All @@ -33,7 +33,7 @@ describe('Alert Flyout', () => {
before(() => {
cleanKibana();
login();
createCustomRuleEnabled(getNewRule(), 'rule1');
createRule({ ...getNewRule(), rule_id: 'rule1' });
});

beforeEach(() => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ import {

import { expandFirstAlert } from '../../tasks/alerts';
import { openJsonView, openTable } from '../../tasks/alerts_details';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana } from '../../tasks/common';
import { waitForAlertsToPopulate } from '../../tasks/create_new_rule';
import { esArchiverLoad, esArchiverUnload } from '../../tasks/es_archiver';
Expand All @@ -31,7 +31,7 @@ describe('Alert details with unmapped fields', () => {
cleanKibana();
esArchiverLoad('unmapped_fields');
login();
createCustomRuleEnabled(getUnmappedRule());
createRule(getUnmappedRule());
visitWithoutDateRange(ALERTS_URL);
waitForAlertsToPopulate();
expandFirstAlert();
Expand Down Expand Up @@ -65,7 +65,7 @@ describe('Alert details with unmapped fields', () => {
};

openTable();
cy.get(ALERT_FLYOUT).find(tablePageSelector(4)).click({ force: true });
cy.get(ALERT_FLYOUT).find(tablePageSelector(6)).click({ force: true });
cy.get(ALERT_FLYOUT)
.find(TABLE_ROWS)
.last()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import { PAGE_TITLE } from '../../screens/common/page';

import { login, visitWithoutDateRange, waitForPageWithoutDateRange } from '../../tasks/login';
import { goToRuleDetails } from '../../tasks/alerts_detection_rules';
import { createCustomRule, deleteCustomRule } from '../../tasks/api_calls/rules';
import { createRule, deleteCustomRule } from '../../tasks/api_calls/rules';
import { getCallOut, waitForCallOutToBeShown } from '../../tasks/common/callouts';

const loadPageAsPlatformEngineerUser = (url: string) => {
Expand Down Expand Up @@ -73,7 +73,7 @@ describe('Detections > Need Admin Callouts indicating an admin is needed to migr

context('On Rule Details page', () => {
beforeEach(() => {
createCustomRule(getNewRule());
createRule({ ...getNewRule(), rule_id: 'rule_testing' });
loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL);
waitForPageTitleToBeShown();
goToRuleDetails();
Expand Down Expand Up @@ -123,7 +123,7 @@ describe('Detections > Need Admin Callouts indicating an admin is needed to migr

context('On Rule Details page', () => {
beforeEach(() => {
createCustomRule(getNewRule());
createRule({ ...getNewRule(), rule_id: 'rule_testing' });
loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL);
waitForPageTitleToBeShown();
goToRuleDetails();
Expand Down Expand Up @@ -173,7 +173,7 @@ describe('Detections > Need Admin Callouts indicating an admin is needed to migr

context('On Rule Details page', () => {
beforeEach(() => {
createCustomRule(getNewRule());
createRule({ ...getNewRule(), rule_id: 'rule_testing' });
loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL);
waitForPageTitleToBeShown();
goToRuleDetails();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import { getBuildingBlockRule } from '../../objects/rule';
import { OVERVIEW_ALERTS_HISTOGRAM } from '../../screens/overview';
import { OVERVIEW } from '../../screens/security_header';
import { goToRuleDetails } from '../../tasks/alerts_detection_rules';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana } from '../../tasks/common';
import { waitForAlertsToPopulate, waitForTheRuleToBeExecuted } from '../../tasks/create_new_rule';
import { esArchiverLoad, esArchiverUnload } from '../../tasks/es_archiver';
Expand All @@ -26,7 +26,7 @@ describe('Alerts generated by building block rules', () => {
login();
});
beforeEach(() => {
createCustomRuleEnabled(getBuildingBlockRule());
createRule(getBuildingBlockRule());
});
after(() => {
esArchiverUnload('auditbeat_big');
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ import {
openFirstAlert,
selectCountTable,
} from '../../tasks/alerts';
import { createCustomRuleEnabled } from '../../tasks/api_calls/rules';
import { createRule } from '../../tasks/api_calls/rules';
import { cleanKibana, deleteAlertsAndRules } from '../../tasks/common';
import { waitForAlertsToPopulate } from '../../tasks/create_new_rule';
import { esArchiverLoad, esArchiverUnload } from '../../tasks/es_archiver';
Expand All @@ -48,7 +48,7 @@ describe('Changing alert status', () => {
});
context('Opening alerts', () => {
beforeEach(() => {
createCustomRuleEnabled(getNewRule());
createRule(getNewRule());
visit(ALERTS_URL);
waitForAlertsToPopulate();
selectNumberOfAlerts(3);
Expand Down Expand Up @@ -114,13 +114,13 @@ describe('Changing alert status', () => {
context('Marking alerts as acknowledged', () => {
beforeEach(() => {
deleteAlertsAndRules();
createCustomRuleEnabled(getNewRule());
createRule(getNewRule());
visit(ALERTS_URL);
waitForAlertsToPopulate();
selectCountTable();
clearGroupByTopInput();
});
it('Mark one alert as acknowledged when more than one open alerts are selected', () => {
it.skip('Mark one alert as acknowledged when more than one open alerts are selected', () => {
cy.get(ALERTS_COUNT)
.invoke('text')
.then((alertNumberString) => {
Expand Down Expand Up @@ -154,7 +154,7 @@ describe('Changing alert status', () => {
context('Closing alerts', () => {
beforeEach(() => {
deleteAlertsAndRules();
createCustomRuleEnabled(getNewRule(), '1', 100);
createRule({ ...getNewRule(), rule_id: '1', max_signals: 100 });
visit(ALERTS_URL);
waitForAlertsToPopulate();
selectCountTable();
Expand Down Expand Up @@ -223,7 +223,7 @@ describe('Changing alert status', () => {
});
});

it('Closes one alert when more than one opened alerts are selected', () => {
it.skip('Closes one alert when more than one opened alerts are selected', () => {
cy.get(ALERTS_COUNT)
.invoke('text')
.then((alertNumberString) => {
Expand Down Expand Up @@ -306,13 +306,13 @@ describe('Changing alert status', () => {
});
beforeEach(() => {
deleteAlertsAndRules();
createCustomRuleEnabled(getNewRule());
createRule(getNewRule());
visit(ALERTS_URL);
waitForAlertsToPopulate();
selectCountTable();
clearGroupByTopInput();
});
it('Mark one alert as acknowledged when more than one open alerts are selected', () => {
it.skip('Mark one alert as acknowledged when more than one open alerts are selected', () => {
cy.get(ALERTS_COUNT)
.invoke('text')
.then((alertNumberString) => {
Expand Down
Loading

0 comments on commit a472ed4

Please sign in to comment.