Merge branch 'main' of https://github.com/opensearch-project/security…

…-analytics-dashboards-plugin into feature/findings_details_flyout_styling

.github/workflows/cypress-workflow.yml

@@ -15,8 +15,10 @@ jobs:
     name: Run Cypress E2E tests
     strategy:
       matrix:
-        os: [ubuntu-latest]
+        os: [ubuntu-latest, windows-latest]
         include:
+          - os: windows-latest
+            cypress_cache_folder: ~/AppData/Local/Cypress/Cache
           - os: ubuntu-latest
             cypress_cache_folder: ~/.cache/Cypress
     runs-on: ${{ matrix.os }}
@@ -32,6 +34,10 @@ jobs:
           # TODO: Parse this from security analytics plugin (https://github.com/opensearch-project/security-analytics/issues/170)
           java-version: 11
 
+      - name: Enable longer filenames
+        if: ${{ matrix.os == 'windows-latest' }}
+        run: git config --system core.longpaths true
+
       - name: Checkout security analytics
         uses: actions/checkout@v2
         with:
@@ -87,7 +93,14 @@ jobs:
           yarn start --no-base-path --no-watch &
         shell: bash
 
-      - name: Sleep until OSD server starts
+      # Window is slow so wait longer
+      - name: Sleep until OSD server starts - windows
+        if: ${{ matrix.os == 'windows-latest' }}
+        run: Start-Sleep -s 400
+        shell: powershell
+
+      - name: Sleep until OSD server starts - non-windows
+        if: ${{ matrix.os != 'windows-latest' }}
         run: sleep 300
         shell: bash
 

cypress.json

@@ -2,7 +2,6 @@
   "viewportHeight": 900,
   "viewportWidth": 1440,
   "defaultCommandTimeout": 20000,
-  "retries": 1,
   "env": {
     "opensearch_url": "localhost:9200",
     "opensearch_dashboards": "http://localhost:5601",

cypress/integration/1_detectors.spec.js

@@ -37,7 +37,6 @@ describe('Detectors', () => {
 
   before(() => {
     cy.cleanUpTests();
-
     // Create test index
     cy.createIndex(indexName, sample_index_settings);
 
@@ -56,37 +55,47 @@ describe('Detectors', () => {
 
   it('...can be created', () => {
     // Locate Create detector button click to start
-    cy.contains('Create detector').click({ force: true });
+    cy.get('.euiButton').filter(':contains("Create detector")').click({ force: true });
 
     // Check to ensure process started
     cy.waitForPageLoad('create-detector', {
       contains: 'Define detector',
     });
 
     // Enter a name for the detector in the appropriate input
-    cy.get(`input[placeholder="Enter a name for the detector."]`).type('test detector{enter}');
+    cy.get(`input[placeholder="Enter a name for the detector."]`).focus().realType('test detector');
 
     // Select our pre-seeded data source (check indexName)
-    cy.get(`[data-test-subj="define-detector-select-data-source"]`).type(`${indexName}{enter}`);
+    cy.get(`[data-test-subj="define-detector-select-data-source"]`)
+      .find('input')
+      .focus()
+      .realType(indexName);
+
+    cy.intercept({
+      method: 'POST',
+      pathname: '/_plugins/_security_analytics/rules/_search',
+    }).as('getSigmaRules');
 
     // Select threat detector type (Windows logs)
     cy.get(`input[id="windows"]`).click({ force: true });
 
-    // Open Detection rules accordion
-    cy.get('[data-test-subj="detection-rules-btn"]').click({ timeout: 5000 });
+    cy.wait('@getSigmaRules').then(() => {
+      // Open Detection rules accordion
+      cy.get('[data-test-subj="detection-rules-btn"]').click({ force: true, timeout: 5000 });
 
-    // find search, type USB
-    cy.triggerSearchField('Search...', 'USB Device Plugged');
+      // find search, type USB
+      cy.triggerSearchField('Search...', 'USB Device Plugged');
 
-    // Disable all rules
-    cy.contains('tr', 'USB Device Plugged', { timeout: 60000 });
-    cy.get('th').within(() => {
-      cy.get('button').first().click({ force: true });
-    });
+      // Disable all rules
+      cy.contains('tr', 'USB Device Plugged', { timeout: 1000 });
+      cy.get('table th').within(() => {
+        cy.get('button').first().click({ force: true });
+      });
 
-    // enable single rule
-    cy.contains('tr', 'USB Device Plugged').within(() => {
-      cy.get('button').eq(1).click({ force: true });
+      // Enable single rule
+      cy.contains('table tr', 'USB Device Plugged').within(() => {
+        cy.get('button').eq(1).click({ force: true });
+      });
     });
 
     // Click Next button to continue
@@ -119,10 +128,16 @@ describe('Detectors', () => {
     cy.contains('Set up alerts');
 
     // Type name of new trigger
-    cy.get(`input[placeholder="Enter a name for the alert condition."]`).type('test_trigger');
+    cy.get(`input[placeholder="Enter a name for the alert condition."]`)
+      .focus()
+      .realType('test_trigger');
 
     // Type in (or select) tags for the alert condition
-    cy.get(`[data-test-subj="alert-tags-combo-box"]`).type('attack.defense_evasion{enter}');
+    cy.get(`[data-test-subj="alert-tags-combo-box"]`)
+      .find('input')
+      .focus()
+      .realType('attack.defense_evasion')
+      .realPress('Enter');
 
     // Select applicable severity levels
     cy.get(`[data-test-subj="security-levels-combo-box"]`).click({ force: true });
@@ -191,18 +206,29 @@ describe('Detectors', () => {
     });
 
     // Change detector name
-    cy.get(`[data-test-subj="define-detector-detector-name"]`).type('_edited');
+    cy.get(`input[placeholder="Enter a name for the detector."]`)
+      .clearInput()
+      .focus()
+      .realType('test detector edited');
 
     // Change detector description
-    cy.get(`[data-test-subj="define-detector-detector-description"]`).type('Edited description');
+    cy.get(`[data-test-subj="define-detector-detector-description"]`)
+      .focus()
+      .realType('Edited description');
 
     // Change input source
-    cy.get(`[data-test-subj="define-detector-select-data-source"]`).type(
-      '{backspace}.opensearch-notifications-config{enter}'
-    );
+    cy.get(`[data-test-subj="define-detector-select-data-source"]`)
+      .find('input')
+      .clearInput()
+      .focus()
+      .realType('.opensearch-notifications-config')
+      .realPress('Enter');
 
     // Change detector scheduling
-    cy.get(`[data-test-subj="detector-schedule-number-select"]`).type('{selectall}10');
+    cy.get(`[data-test-subj="detector-schedule-number-select"]`)
+      .clearInput()
+      .focus()
+      .realType('10');
     cy.get(`[data-test-subj="detector-schedule-unit-select"]`).select('Hours');
 
     // Save changes to detector details
@@ -214,7 +240,7 @@ describe('Detectors', () => {
     });
 
     // Verify edits are applied
-    cy.contains('test detector_edited');
+    cy.contains('test detector edited');
     cy.contains('Every 10 hours');
     cy.contains('Edited description');
     cy.contains('.opensearch-notifications-config');
@@ -239,16 +265,15 @@ describe('Detectors', () => {
     cy.get(`[data-test-subj="edit-detector-rules"]`).click({ force: true });
 
     // Confirm arrival on "Edit detector rules" page
-    cy.url().should(
-      'include',
-      'http://localhost:5601/app/opensearch_security_analytics_dashboards#/edit-detector-rules'
-    );
+    cy.waitForPageLoad('edit-detector-rules', {
+      contains: 'Edit detector rules',
+    });
 
     // Search for specific rule
     cy.triggerSearchField('Search...', 'USB Device');
 
     // Toggle single search result to unchecked
-    cy.contains('tr', 'USB Device Plugged').within(() => {
+    cy.contains('table tr', 'USB Device Plugged').within(() => {
       // Of note, timeout can sometimes work instead of wait here, but is very unreliable from case to case.
       cy.wait(1000);
       cy.get('button').eq(1).click();
@@ -272,7 +297,7 @@ describe('Detectors', () => {
     cy.triggerSearchField('Search...', 'USB');
 
     // Toggle single search result to checked
-    cy.contains('tr', 'USB Device Plugged').within(() => {
+    cy.contains('table tr', 'USB Device Plugged').within(() => {
       cy.wait(2000);
       cy.get('button').eq(1).click({ force: true });
     });
@@ -289,16 +314,16 @@ describe('Detectors', () => {
 
   it('...can be deleted', () => {
     // Click on detector to be removed
-    cy.contains('test detector_edited').click({ force: true });
+    cy.contains('test detector edited').click({ force: true });
 
     // Confirm page
     cy.waitForPageLoad('detector-details', {
       contains: 'Detector details',
     });
 
     // Click "Actions" button, the click "Delete"
-    cy.contains('Actions').click({ force: true });
-    cy.contains('Delete').click({ force: true });
+    cy.get('button').contains('Actions').click({ force: true });
+    cy.get('button').contains('Delete').click({ force: true });
 
     // Confirm detector is deleted
     cy.contains('There are no existing detectors');

cypress/support/commands.js

@@ -94,8 +94,27 @@ Cypress.Commands.add('getTableFirstRow', (selector) => {
   return cy.get('tbody > tr:first').find(selector);
 });
 
+Cypress.Commands.add(
+  'clearInput',
+  {
+    prevSubject: true,
+  },
+  (subject) => {
+    return cy
+      .get(subject)
+      .wait(10)
+      .type('{selectall}{enter}')
+      .clear({ force: true })
+      .invoke('val', '');
+  }
+);
+
 Cypress.Commands.add('triggerSearchField', (placeholder, text) => {
-  cy.get(`[placeholder="${placeholder}"]`).type(`{selectall}${text}`).realPress('Enter');
+  cy.get(`input[placeholder="${placeholder}"]`)
+    .clearInput()
+    .focus()
+    .realType(text)
+    .realPress('Enter');
 });
 
 Cypress.Commands.add('waitForPageLoad', (url, { timeout = 10000, contains = null }) => {

cypress/support/index.d.ts

@@ -3,6 +3,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
+// eslint-disable-next-line
 ///<reference types="cypress" />
 
 declare namespace Cypress {
@@ -17,6 +18,14 @@ declare namespace Cypress {
      */
     waitForPageLoad(url: string, timeout?: number): Chainable<any>;
 
+    /**
+     * Clears input text
+     * @example
+     * cy.clearInput()
+     */
+    clearInput(): Chainable<any>;
+
+    /**
     /**
      * Deletes all indices in cluster
      * @example