From 2eff6d1046c94252ac0cc52f78859101383e6f71 Mon Sep 17 00:00:00 2001 From: Jatin Kathuria Date: Wed, 16 Oct 2024 19:56:41 +0200 Subject: [PATCH] [ Security Solution ]Re-organize the Investigations api integration test for MKI (#194707) ## Summary This is Part 1 of the in resolving the issue : https://github.com/elastic/kibana/issues/183645 . This PR re-organizes investigations API tests so that they can be run in Serveless MKI at both `basic/essentials` and `complete` licenses. ## How to test this PR Below are the commands that are affected by this change and you can test the PR by running below commands. Each commands sets up the test environment and give you a command to run tests. Please run those tests to see if everything is okay. An example is shown in below screenshot. grafik |Module|Deployment|License|Command| |--|--|--|--| |Timelines|ESS|basic|`yarn investigations:basic:timeline:server:ess`| |Timelines|ESS|Trial|`yarn investigations:timeline:server:ess`| |Timelines|Serverless|basic|`yarn investigations:basic:timeline:server:serverless`| |Timelines|Serverless|Trial|`yarn investigations:timeline:server:serverless`| |Saved Objects|ESS|basic|`yarn investigations:basic:saved-objects:server:ess`| |Saved Objects|ESS|Trial|`yarn investigations:saved-objects:server:ess`| |Saved Objects|Serverless|basic|`yarn investigations:basic:saved-objects:server:serverless`| |Saved Objects|Serverless|Trial|`yarn investigations:saved-objects:server:serverless`| --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> --- .buildkite/ftr_security_stateful_configs.yml | 8 +- .../package.json | 19 + .../configs/ess.config.ts} | 6 +- .../configs/serverless.config.ts | 23 + .../draft_timeline.ts | 0 .../helpers.ts | 0 .../index.ts | 0 .../notes.ts | 0 .../pinned_events.ts | 0 .../timeline.ts | 0 .../configs/ess.config.ts | 2 +- .../configs/serverless.config.ts | 2 +- .../configs/ess.config.ts} | 2 +- .../configs/serverless.config.ts | 23 + .../mocks/timeline_details.ts | 0 .../security_and_spaces/tests/basic/events.ts | 398 ------------------ .../security_and_spaces/tests/basic/index.ts | 29 -- .../security_and_spaces/tests/trial/events.ts | 279 ------------ .../security_and_spaces/tests/trial/index.ts | 99 ----- .../tests/events.ts | 6 +- .../tests/basic => tests}/import_timelines.ts | 4 +- .../tests/index.ts | 7 +- .../install_prepackaged_timelines.ts | 42 +- .../tests/timeline.ts | 10 +- .../tests/timeline_details.ts | 4 +- .../tests/timeline_migrations.ts | 6 +- .../configs/ess.config.ts | 2 +- .../configs/serverless.config.ts | 2 +- .../tsconfig.json | 1 - 29 files changed, 120 insertions(+), 854 deletions(-) rename x-pack/test/security_solution_api_integration/test_suites/investigation/{timeline/security_and_spaces/configs/ess.trial.config.ts => saved_objects/basic_license_essentials_tier/configs/ess.config.ts} (79%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/draft_timeline.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/helpers.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/index.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/notes.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/pinned_events.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/timeline.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{security_and_spaces/configs/ess.basic.config.ts => basic_license_essentials_tier/configs/ess.config.ts} (94%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/mocks/timeline_details.ts (100%) delete mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/events.ts delete mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/index.ts delete mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/events.ts delete mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/index.ts rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/events.ts (94%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{security_and_spaces/tests/basic => tests}/import_timelines.ts (98%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/index.ts (65%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{security_and_spaces/tests/basic => tests}/install_prepackaged_timelines.ts (63%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/timeline.ts (93%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/timeline_details.ts (94%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/timeline_migrations.ts (97%) diff --git a/.buildkite/ftr_security_stateful_configs.yml b/.buildkite/ftr_security_stateful_configs.yml index a2390fa2bd27f..dbe529596102e 100644 --- a/.buildkite/ftr_security_stateful_configs.yml +++ b/.buildkite/ftr_security_stateful_configs.yml @@ -69,10 +69,14 @@ enabled: - x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.basic.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.trial.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/package.json b/x-pack/test/security_solution_api_integration/package.json index 1649c79f52a7d..18c4eba5fe79f 100644 --- a/x-pack/test/security_solution_api_integration/package.json +++ b/x-pack/test/security_solution_api_integration/package.json @@ -39,6 +39,10 @@ "initialize-server:edr-workflows": "node ./scripts/index.js server edr_workflows trial_license_complete_tier", "run-tests:edr-workflows": "node ./scripts/index.js runner edr_workflows trial_license_complete_tier", + + "initialize-server:investigations:basic_essentials": "node scripts/index.js server investigation basic_license_essentials_tier", + "run-tests:investigations:basic_essentials": "node scripts/index.js runner investigation basic_license_essentials_tier", + "initialize-server:investigations": "node scripts/index.js server investigation trial_license_complete_tier", "run-tests:investigations": "node scripts/index.js runner investigation trial_license_complete_tier", @@ -377,6 +381,14 @@ "investigations:timeline:server:ess": "npm run initialize-server:investigations timeline ess", "investigations:timeline:runner:ess": "npm run run-tests:investigations timeline ess essEnv", + + "investigations:basic:timeline:server:ess": "npm run initialize-server:investigations:basic_essentials timeline ess", + "investigations:basic:timeline:server:serverless": "npm run initialize-server:investigations:basic_essentials timeline serverless", + "investigations:basic:timeline:runner:ess": "npm run run-tests:investigations:basic_essentials timeline ess essEnv", + "investigations:basic:timeline:runner:serverless": "npm run run-tests:investigations:basic_essentials timeline serverless serverlessEnv", + "investigations:basic:timeline:runner:qa:serverless": "npm run run-tests:investigations:basic_essentials timeline serverless qaPeriodicEnv", + "investigations:basic:timeline:runner:qa:serverless:release": "npm run run-tests:investigations:basic_essentials timeline serverless qaEnv", + "investigations:saved-objects:server:serverless": "npm run initialize-server:investigations saved_objects serverless", "investigations:saved-objects:runner:serverless": "npm run run-tests:investigations saved_objects serverless serverlessEnv", "investigations:saved-objects:runner:qa:serverless": "npm run run-tests:investigations saved_objects serverless qaPeriodicEnv", @@ -384,6 +396,13 @@ "investigations:saved-objects:server:ess": "npm run initialize-server:investigations saved_objects ess", "investigations:saved-objects:runner:ess": "npm run run-tests:investigations saved_objects ess essEnv", + "investigations:basic:saved-objects:server:serverless": "npm run initialize-server:investigations:basic_essentials saved_objects serverless", + "investigations:basic:saved-objects:runner:serverless": "npm run run-tests:investigations:basic_essentials saved_objects serverless serverlessEnv", + "investigations:basic:saved-objects:runner:qa:serverless": "npm run run-tests:investigations:basic_essentials saved_objects serverless qaPeriodicEnv", + "investigations:basic:saved-objects:runner:qa:serverless:release": "npm run run-tests:investigations:basic_essentials saved_objects serverless qaEnv", + "investigations:basic:saved-objects:server:ess": "npm run initialize-server:investigations:basic_essentials saved_objects ess", + "investigations:basic:saved-objects:runner:ess": "npm run run-tests:investigations:basic_essentials saved_objects ess essEnv", + "explore:hosts:server:serverless": "npm run intialize-server:explore hosts serverless", "explore:hosts:runner:serverless": "npm run run-tests:explore hosts serverless serverlessEnv", "explore:hosts:runner:qa:serverless": "npm run run-tests:explore hosts serverless qaPeriodicEnv", diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.trial.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts similarity index 79% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.trial.config.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts index ad8b3a9ddcd39..d4a5b5f5a80c8 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.trial.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts @@ -8,7 +8,7 @@ import { FtrConfigProviderContext } from '@kbn/test'; export default async function ({ readConfigFile }: FtrConfigProviderContext) { const functionalConfig = await readConfigFile( - require.resolve('../../../../../config/ess/config.base.trial') + require.resolve('../../../../../config/ess/config.base.basic') ); return { @@ -20,9 +20,9 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, ], }, - testFiles: [require.resolve('../tests/trial')], + testFiles: [require.resolve('../../tests')], junit: { - reportName: 'Timeline Integration Tests - ESS Env - Trial License', + reportName: 'Saved Objects Integration Tests - ESS Env - Basic License', }, }; } diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..5e70e9b7717d5 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../config/serverless/config.base'; + +export default createTestConfig({ + kbnTestServerArgs: [ + `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, + `--xpack.securitySolutionServerless.productTypes=${JSON.stringify([ + { product_line: 'security', product_tier: 'essentials' }, + { product_line: 'endpoint', product_tier: 'essentials' }, + { product_line: 'cloud', product_tier: 'essentials' }, + ])}`, + ], + testFiles: [require.resolve('../../tests')], + junit: { + reportName: 'Saved Objects Integration Tests - Serverless Env - Complete Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/draft_timeline.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/draft_timeline.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/draft_timeline.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/draft_timeline.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/helpers.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/helpers.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/helpers.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/helpers.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/index.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/notes.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/notes.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/notes.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/notes.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/pinned_events.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/pinned_events.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/pinned_events.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/pinned_events.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/timeline.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/timeline.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/timeline.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/timeline.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts index 4c96f07342a58..80f9327a0c19e 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts @@ -20,7 +20,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, ], }, - testFiles: [require.resolve('..')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Saved Objects Integration Tests - ESS Env - Basic License', }, diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts index a5d28b90c8dc9..2bb0168b6e8ad 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts @@ -16,7 +16,7 @@ export default createTestConfig({ { product_line: 'cloud', product_tier: 'complete' }, ])}`, ], - testFiles: [require.resolve('..')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Saved Objects Integration Tests - Serverless Env - Complete Tier', }, diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.basic.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts similarity index 94% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.basic.config.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts index 279b9a1a2ed57..a1bcb8a145ad6 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.basic.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts @@ -20,7 +20,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, ], }, - testFiles: [require.resolve('../tests/basic')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Timeline Integration Tests - ESS Env - Basic License', }, diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..2e5fa848fb16b --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../config/serverless/config.base'; + +export default createTestConfig({ + kbnTestServerArgs: [ + `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, + `--xpack.securitySolutionServerless.productTypes=${JSON.stringify([ + { product_line: 'security', product_tier: 'essentials' }, + { product_line: 'endpoint', product_tier: 'essentials' }, + { product_line: 'cloud', product_tier: 'essentials' }, + ])}`, + ], + testFiles: [require.resolve('../../tests')], + junit: { + reportName: 'Timeline Integration Tests - Serverless Env - Essentials Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/mocks/timeline_details.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/mocks/timeline_details.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/mocks/timeline_details.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/mocks/timeline_details.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/events.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/events.ts deleted file mode 100644 index a694a4cd170da..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/events.ts +++ /dev/null @@ -1,398 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { JsonObject } from '@kbn/utility-types'; -import expect from '@kbn/expect'; -import { ALERT_UUID, ALERT_RULE_CONSUMER } from '@kbn/rule-data-utils'; - -import { TimelineEdges, TimelineNonEcsData } from '@kbn/timelines-plugin/common'; -import { - Direction, - TimelineEventsQueries, -} from '@kbn/security-solution-plugin/common/search_strategy'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; -import { User } from '../../../../../../../rule_registry/common/lib/authentication/types'; -import { getSpaceUrlPrefix } from '../../../../../../../rule_registry/common/lib/authentication/spaces'; - -import { - superUser, - globalRead, - obsOnly, - obsOnlyRead, - obsSec, - obsSecRead, - secOnly, - secOnlyRead, - secOnlySpace2, - secOnlyReadSpace2, - obsSecAllSpace2, - obsSecReadSpace2, - obsOnlySpace2, - obsOnlyReadSpace2, - obsOnlySpacesAll, - obsSecSpacesAll, - secOnlySpacesAll, - noKibanaPrivileges, -} from '../../../../../../../rule_registry/common/lib/authentication/users'; -import type { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; - -interface TestCase { - /** The space where the alert exists */ - space?: string; - /** The ID of the solution for which to get alerts */ - featureIds: string[]; - /** The total alerts expected to be returned */ - expectedNumberAlerts: number; - /** body to be posted */ - body: JsonObject; - /** Authorized users */ - authorizedUsers: User[]; - /** Unauthorized users */ - unauthorizedUsers: User[]; - /** Users who are authorized for one, but not all of the alert solutions being queried */ - usersWithoutAllPrivileges?: User[]; -} - -const TO = '3000-01-01T00:00:00.000Z'; -const FROM = '2000-01-01T00:00:00.000Z'; -const TEST_URL = '/internal/search/timelineSearchStrategy/'; -const SPACE_1 = 'space1'; -const SPACE_2 = 'space2'; - -export default ({ getService }: FtrProviderContextWithSpaces) => { - const esArchiver = getService('esArchiver'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const getPostBody = (): JsonObject => ({ - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - factoryQueryType: TimelineEventsQueries.all, - fieldRequested: ['@timestamp', 'message', ALERT_RULE_CONSUMER, ALERT_UUID, 'event.kind'], - fields: [], - filterQuery: { - bool: { - filter: [ - { - match_all: {}, - }, - ], - }, - }, - pagination: { - activePage: 0, - querySize: 25, - }, - language: 'kuery', - sort: [ - { - field: '@timestamp', - direction: Direction.desc, - type: 'number', - }, - ], - timerange: { - from: FROM, - to: TO, - interval: '12h', - }, - }); - - // TODO: Fix or update the tests - describe.skip('Timeline - Events', () => { - before(async () => { - await esArchiver.load('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - after(async () => { - await esArchiver.unload('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - - function addTests({ - space, - authorizedUsers, - usersWithoutAllPrivileges, - unauthorizedUsers, - body, - featureIds, - expectedNumberAlerts, - }: TestCase) { - authorizedUsers.forEach(({ username, password }) => { - it(`${username} should be able to view alerts from "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - const resp = await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - .expect(200); - - const timeline = resp.body; - - expect( - timeline.edges.every((hit: TimelineEdges) => { - const data: TimelineNonEcsData[] = hit.node.data; - return data.some(({ field, value }) => { - return ( - field === ALERT_RULE_CONSUMER && featureIds.includes((value && value[0]) ?? '') - ); - }); - }) - ).to.equal(true); - expect(timeline.totalCount).to.be(expectedNumberAlerts); - }); - }); - - if (usersWithoutAllPrivileges != null) { - usersWithoutAllPrivileges.forEach(({ username, password }) => { - it(`${username} should NOT be able to view alerts from "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - const resp = await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - .expect(200); - - const timeline = resp.body; - - expect(timeline.totalCount).to.be(0); - }); - }); - } - - unauthorizedUsers.forEach(({ username, password }) => { - it(`${username} should NOT be able to access "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - // TODO - This should be updated to be a 403 once this ticket is resolved - // https://github.com/elastic/kibana/issues/106005 - .expect(500); - }); - }); - } - - describe('alerts authentication', () => { - const authorizedSecSpace1 = [secOnly, secOnlyRead]; - const authorizedObsSpace1 = [obsOnly, obsOnlyRead]; - const authorizedSecObsSpace1 = [obsSec, obsSecRead]; - - const authorizedSecSpace2 = [secOnlySpace2, secOnlyReadSpace2]; - const authorizedObsSpace2 = [obsOnlySpace2, obsOnlyReadSpace2]; - const authorizedSecObsSpace2 = [obsSecAllSpace2, obsSecReadSpace2]; - - const authorizedSecInAllSpaces = [secOnlySpacesAll]; - const authorizedObsInAllSpaces = [obsOnlySpacesAll]; - const authorizedSecObsInAllSpaces = [obsSecSpacesAll]; - - const authorizedInAllSpaces = [superUser, globalRead]; - const unauthorized = [noKibanaPrivileges]; - - describe('Querying for Security Solution alerts only', () => { - addTests({ - space: SPACE_1, - featureIds: ['siem'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem'], - }, - authorizedUsers: [ - ...authorizedSecSpace1, - ...authorizedSecObsSpace1, - ...authorizedSecInAllSpaces, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - usersWithoutAllPrivileges: [...authorizedObsSpace1, ...authorizedObsInAllSpaces], - unauthorizedUsers: [ - ...authorizedSecSpace2, - ...authorizedObsSpace2, - ...authorizedSecObsSpace2, - ...unauthorized, - ], - }); - - addTests({ - space: SPACE_2, - featureIds: ['siem'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - alertConsumers: ['siem'], - }, - authorizedUsers: [ - ...authorizedSecSpace2, - ...authorizedSecObsSpace2, - ...authorizedSecInAllSpaces, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - usersWithoutAllPrivileges: [...authorizedObsSpace2, ...authorizedObsInAllSpaces], - unauthorizedUsers: [ - ...authorizedSecSpace1, - ...authorizedObsSpace1, - ...authorizedSecObsSpace1, - ...unauthorized, - ], - }); - }); - - describe('Querying for APM alerts only', () => { - addTests({ - space: SPACE_1, - featureIds: ['apm'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - alertConsumers: ['apm'], - }, - authorizedUsers: [ - ...authorizedObsSpace1, - ...authorizedSecObsSpace1, - ...authorizedObsInAllSpaces, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - usersWithoutAllPrivileges: [...authorizedSecSpace1, ...authorizedSecInAllSpaces], - unauthorizedUsers: [ - ...authorizedSecSpace2, - ...authorizedObsSpace2, - ...authorizedSecObsSpace2, - ...unauthorized, - ], - }); - addTests({ - space: SPACE_2, - featureIds: ['apm'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - alertConsumers: ['apm'], - }, - authorizedUsers: [ - ...authorizedObsSpace2, - ...authorizedSecObsSpace2, - ...authorizedObsInAllSpaces, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - usersWithoutAllPrivileges: [...authorizedSecSpace2, ...authorizedSecInAllSpaces], - unauthorizedUsers: [ - ...authorizedSecSpace1, - ...authorizedObsSpace1, - ...authorizedSecObsSpace1, - ...unauthorized, - ], - }); - }); - - describe('Querying for multiple solutions', () => { - describe('authorized for both security solution and apm', () => { - addTests({ - space: SPACE_1, - featureIds: ['siem', 'apm'], - expectedNumberAlerts: 4, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [ - ...authorizedSecObsSpace1, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - unauthorizedUsers: [...unauthorized], - }); - addTests({ - space: SPACE_2, - featureIds: ['siem', 'apm'], - expectedNumberAlerts: 4, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [ - ...authorizedSecObsSpace2, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - unauthorizedUsers: [...unauthorized], - }); - }); - describe('security solution privileges only', () => { - addTests({ - space: SPACE_1, - featureIds: ['siem'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [...authorizedSecInAllSpaces], - unauthorizedUsers: [...unauthorized], - }); - }); - - describe('apm privileges only', () => { - addTests({ - space: SPACE_1, - featureIds: ['apm'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [...authorizedObsInAllSpaces], - unauthorizedUsers: [...unauthorized], - }); - }); - - describe('querying from default space when no alerts were created in default space', () => { - addTests({ - featureIds: ['siem'], - expectedNumberAlerts: 0, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [...authorizedSecInAllSpaces], - unauthorizedUsers: [...unauthorized], - }); - }); - }); - }); - }); -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/index.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/index.ts deleted file mode 100644 index 809e6d7cba75b..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/index.ts +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; -import { - createSpacesAndUsers, - deleteSpacesAndUsers, -} from '../../../../../../../rule_registry/common/lib/authentication'; - -export default ({ loadTestFile, getService }: FtrProviderContextWithSpaces): void => { - describe('@ess timeline security and spaces enabled: basic', function () { - before(async () => { - await createSpacesAndUsers(getService); - }); - - after(async () => { - await deleteSpacesAndUsers(getService); - }); - - // Basic - loadTestFile(require.resolve('./events')); - loadTestFile(require.resolve('./import_timelines')); - loadTestFile(require.resolve('./install_prepackaged_timelines')); - }); -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/events.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/events.ts deleted file mode 100644 index 6ff03cc9b2cc2..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/events.ts +++ /dev/null @@ -1,279 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import Path from 'path'; -import Fs from 'fs'; -import { JsonObject } from '@kbn/utility-types'; -import expect from '@kbn/expect'; -import { ALERT_RULE_CONSUMER } from '@kbn/rule-data-utils'; - -import { TimelineEdges, TimelineNonEcsData } from '@kbn/timelines-plugin/common'; -import { - Direction, - TimelineEventsQueries, -} from '@kbn/security-solution-plugin/common/search_strategy'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; -import { User } from '../../../../../../../rule_registry/common/lib/authentication/types'; -import { getSpaceUrlPrefix } from '../../../../../../../rule_registry/common/lib/authentication/spaces'; - -import { - obsMinReadAlertsRead, - obsMinReadAlertsReadSpacesAll, - obsMinRead, - obsMinReadSpacesAll, - superUser, -} from '../../../../../../../rule_registry/common/lib/authentication/users'; -import { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; - -class FileWrapper { - constructor(private readonly path: string) {} - async reset() { - // "touch" each file to ensure it exists and is empty before each test - await Fs.promises.writeFile(this.path, ''); - } - async read() { - const content = await Fs.promises.readFile(this.path, { encoding: 'utf8' }); - return content.trim().split('\n'); - } - async readJSON() { - const content = await this.read(); - return content.map((l) => JSON.parse(l)); - } - // writing in a file is an async operation. we use this method to make sure logs have been written. - async isNotEmpty() { - const content = await this.read(); - const line = content[0]; - return line.length > 0; - } -} - -interface TestCase { - /** The space where the alert exists */ - space?: string; - /** The ID of the solution for which to get alerts */ - featureIds: string[]; - /** The total alerts expected to be returned */ - expectedNumberAlerts: number; - /** body to be posted */ - body: JsonObject; - /** Authorized users */ - authorizedUsers: User[]; - /** Unauthorized users */ - unauthorizedUsers: User[]; -} - -const TO = '3000-01-01T00:00:00.000Z'; -const FROM = '2000-01-01T00:00:00.000Z'; -const TEST_URL = '/internal/search/timelineSearchStrategy/'; -const SPACE_1 = 'space1'; -const SPACE_2 = 'space2'; - -export default ({ getService }: FtrProviderContextWithSpaces) => { - const esArchiver = getService('esArchiver'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const getPostBody = (): JsonObject => ({ - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - factoryQueryType: TimelineEventsQueries.all, - fieldRequested: ['@timestamp'], - fields: [], - filterQuery: { - bool: { - filter: [ - { - match_all: {}, - }, - ], - }, - }, - pagination: { - activePage: 0, - querySize: 25, - }, - language: 'kuery', - sort: [ - { - field: '@timestamp', - direction: Direction.desc, - type: 'number', - }, - ], - timerange: { - from: FROM, - to: TO, - interval: '12h', - }, - }); - - // TODO: Fix or update the tests - describe.skip('Timeline - Events', () => { - const logFilePath = Path.resolve(__dirname, '../../../common/audit.log'); - const logFile = new FileWrapper(logFilePath); - const retry = getService('retry'); - - before(async () => { - await esArchiver.load('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - after(async () => { - await esArchiver.unload('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - - function addTests({ - space, - authorizedUsers, - unauthorizedUsers, - body, - featureIds, - expectedNumberAlerts, - }: TestCase) { - authorizedUsers.forEach(({ username, password }) => { - it(`${username} should be able to view alerts from "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - const resp = await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - .expect(200); - - const timeline = resp.body; - - expect( - timeline.edges.every((hit: TimelineEdges) => { - const data: TimelineNonEcsData[] = hit.node.data; - return data.some(({ field, value }) => { - return ( - field === ALERT_RULE_CONSUMER && featureIds.includes((value && value[0]) ?? '') - ); - }); - }) - ).to.equal(true); - expect(timeline.totalCount).to.be(expectedNumberAlerts); - }); - }); - - unauthorizedUsers.forEach(({ username, password }) => { - it(`${username} should NOT be able to access "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - // TODO - This should be updated to be a 403 once this ticket is resolved - // https://github.com/elastic/kibana/issues/106005 - .expect(500); - }); - }); - } - - // TODO - tests need to be updated with new table logic - describe('alerts authentication', () => { - addTests({ - space: SPACE_1, - featureIds: ['apm'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - defaultIndex: ['.alerts*'], - entityType: 'alerts', - alertConsumers: ['apm'], - }, - authorizedUsers: [obsMinReadAlertsRead, obsMinReadAlertsReadSpacesAll], - unauthorizedUsers: [obsMinRead, obsMinReadSpacesAll], - }); - }); - - // FLAKY: https://github.com/elastic/kibana/issues/117462 - describe('logging', () => { - beforeEach(async () => { - await logFile.reset(); - }); - - afterEach(async () => { - await logFile.reset(); - }); - - it('logs success events when reading alerts', async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(SPACE_1)}${TEST_URL}`) - .auth(superUser.username, superUser.password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['apm'], - }) - .expect(200); - await retry.waitFor('logs event in the dest file', async () => await logFile.isNotEmpty()); - - const content = await logFile.readJSON(); - - const httpEvent = content.find((c) => c.event.action === 'http_request'); - expect(httpEvent).to.be.ok(); - expect(httpEvent.trace.id).to.be.ok(); - expect(httpEvent.user.name).to.be(superUser.username); - expect(httpEvent.kibana.space_id).to.be('space1'); - expect(httpEvent.http.request.method).to.be('post'); - expect(httpEvent.url.path).to.be('/s/space1/internal/search/timelineSearchStrategy/'); - - const findEvents = content.filter((c) => c.event.action === 'alert_find'); - expect(findEvents[0].trace.id).to.be.ok(); - expect(findEvents[0].event.outcome).to.be('success'); - expect(findEvents[0].user.name).to.be(superUser.username); - expect(findEvents[0].kibana.space_id).to.be('space1'); - }); - - it('logs failure events when unauthorized to read alerts', async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(SPACE_2)}${TEST_URL}`) - .auth(obsMinRead.username, obsMinRead.password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['apm'], - }) - .expect(500); - await retry.waitFor('logs event in the dest file', async () => await logFile.isNotEmpty()); - - const content = await logFile.readJSON(); - - const httpEvent = content.find((c) => c.event.action === 'http_request'); - expect(httpEvent).to.be.ok(); - expect(httpEvent.trace.id).to.be.ok(); - expect(httpEvent.user.name).to.be(obsMinRead.username); - expect(httpEvent.kibana.space_id).to.be(SPACE_2); - expect(httpEvent.http.request.method).to.be('post'); - expect(httpEvent.url.path).to.be('/s/space2/internal/search/timelineSearchStrategy/'); - - const findEvents = content.filter((c) => c.event.action === 'alert_find'); - expect(findEvents.length).to.equal(1); - expect(findEvents[0].trace.id).to.be.ok(); - expect(findEvents[0].event.outcome).to.be('failure'); - expect(findEvents[0].user.name).to.be(obsMinRead.username); - expect(findEvents[0].kibana.space_id).to.be(SPACE_2); - }); - }); - }); -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/index.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/index.ts deleted file mode 100644 index 381d3a5b657bb..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/index.ts +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; -import { - createSpaces, - createUsersAndRoles, - deleteSpaces, - deleteUsersAndRoles, -} from '../../../../../../../rule_registry/common/lib/authentication'; - -import { - observabilityMinReadAlertsRead, - observabilityMinReadAlertsReadSpacesAll, - observabilityMinimalRead, - observabilityMinimalReadSpacesAll, - observabilityMinReadAlertsAll, - observabilityMinReadAlertsAllSpacesAll, - observabilityMinimalAll, - observabilityMinimalAllSpacesAll, -} from '../../../../../../../rule_registry/common/lib/authentication/roles'; -import { - obsMinReadAlertsRead, - obsMinReadAlertsReadSpacesAll, - obsMinRead, - obsMinReadSpacesAll, - superUser, - obsMinReadAlertsAll, - obsMinReadAlertsAllSpacesAll, - obsMinAll, - obsMinAllSpacesAll, -} from '../../../../../../../rule_registry/common/lib/authentication/users'; - -export default ({ loadTestFile, getService }: FtrProviderContextWithSpaces): void => { - describe('@ess timeline security and spaces enabled: trial', function () { - before(async () => { - await createSpaces(getService); - await createUsersAndRoles( - getService, - [ - obsMinReadAlertsRead, - obsMinReadAlertsReadSpacesAll, - obsMinRead, - obsMinReadSpacesAll, - superUser, - obsMinReadAlertsAll, - obsMinReadAlertsAllSpacesAll, - obsMinAll, - obsMinAllSpacesAll, - ], - [ - observabilityMinReadAlertsRead, - observabilityMinReadAlertsReadSpacesAll, - observabilityMinimalRead, - observabilityMinimalReadSpacesAll, - observabilityMinReadAlertsAll, - observabilityMinReadAlertsAllSpacesAll, - observabilityMinimalAll, - observabilityMinimalAllSpacesAll, - ] - ); - }); - - after(async () => { - await deleteSpaces(getService); - await deleteUsersAndRoles( - getService, - [ - obsMinReadAlertsRead, - obsMinReadAlertsReadSpacesAll, - obsMinRead, - obsMinReadSpacesAll, - superUser, - obsMinReadAlertsAll, - obsMinReadAlertsAllSpacesAll, - obsMinAll, - obsMinAllSpacesAll, - ], - [ - observabilityMinReadAlertsRead, - observabilityMinReadAlertsReadSpacesAll, - observabilityMinimalRead, - observabilityMinimalReadSpacesAll, - observabilityMinReadAlertsAll, - observabilityMinReadAlertsAllSpacesAll, - observabilityMinimalAll, - observabilityMinimalAllSpacesAll, - ] - ); - }); - - // Trial - loadTestFile(require.resolve('./events')); - }); -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/events.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts similarity index 94% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/events.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts index c42ac64de4a23..9db1a5dfceb22 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/events.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts @@ -15,9 +15,9 @@ import { } from '@kbn/security-solution-plugin/common/search_strategy'; import TestAgent from 'supertest/lib/agent'; import { BsearchService } from '@kbn/ftr-common-functional-services'; -import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; -import { getFieldsToRequest, getFilterValue } from '../../../../utils'; +import { getFieldsToRequest, getFilterValue } from '../../../utils'; const TO = '3000-01-01T00:00:00.000Z'; const FROM = '2000-01-01T00:00:00.000Z'; @@ -60,7 +60,7 @@ export default function ({ getService }: FtrProviderContextWithSpaces) { }, }); - describe('Timeline', () => { + describe('@skipInServerless Timeline', () => { let supertest: TestAgent; let bsearch: BsearchService; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/import_timelines.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts similarity index 98% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/import_timelines.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts index 455780b333c8f..90f56e82a310a 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/import_timelines.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts @@ -9,8 +9,8 @@ import expect from '@kbn/expect'; import { TIMELINE_IMPORT_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; -import { deleteAllTimelines } from '../../../utils'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; +import { deleteAllTimelines } from '../utils'; export default ({ getService }: FtrProviderContextWithSpaces): void => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/index.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts similarity index 65% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/index.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts index ebf592d01282b..0d14c693ea828 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts @@ -5,14 +5,15 @@ * 2.0. */ -import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; export default function ({ loadTestFile }: FtrProviderContextWithSpaces) { - // Failed in serverless: https://github.com/elastic/kibana/issues/183645 - describe('@ess @serverless @skipInServerless SecuritySolution Timeline', () => { + describe('@ess @serverless SecuritySolution Timeline', () => { loadTestFile(require.resolve('./events')); loadTestFile(require.resolve('./timeline_details')); loadTestFile(require.resolve('./timeline')); loadTestFile(require.resolve('./timeline_migrations')); + loadTestFile(require.resolve('./import_timelines')); + loadTestFile(require.resolve('./install_prepackaged_timelines')); }); } diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts similarity index 63% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts index 3e85d2a85c399..58c9442b12159 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts @@ -8,13 +8,12 @@ import expect from '@kbn/expect'; import { TIMELINE_PREPACKAGED_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; -import { deleteAllTimelines, waitFor } from '../../../utils'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; +import { deleteAllTimelines } from '../utils'; export default ({ getService }: FtrProviderContextWithSpaces): void => { const supertest = getService('supertest'); const es = getService('es'); - const log = getService('log'); describe('install_prepackaged_timelines', () => { describe('creating prepackaged rules', () => { @@ -22,15 +21,27 @@ export default ({ getService }: FtrProviderContextWithSpaces): void => { await deleteAllTimelines(es); }); - // TODO: Fix or update the tests - it.skip('should contain timelines_installed, and timelines_updated', async () => { + it('should contain timelines_installed, and timelines_updated', async () => { const { body } = await supertest .post(TIMELINE_PREPACKAGED_URL) .set('kbn-xsrf', 'true') .send() .expect(200); - expect(Object.keys(body)).to.eql(['timelines_installed', 'timelines_updated']); + expect(Object.keys(body)).to.eql([ + 'success', + 'success_count', + 'timelines_installed', + 'timelines_updated', + 'errors', + ]); + expect(body).to.eql({ + success: true, + success_count: 10, + errors: [], + timelines_installed: 10, + timelines_updated: 0, + }); }); it('should create the prepackaged timelines and return a count greater than zero', async () => { @@ -53,29 +64,16 @@ export default ({ getService }: FtrProviderContextWithSpaces): void => { expect(body.timelines_updated).to.eql(0); }); - // TODO: Fix or update the tests - it.skip('should be possible to call the API twice and the second time the number of timelines installed should be zero', async () => { + it('should be possible to call the API twice and the second time the number of timelines installed should be zero', async () => { await supertest.post(TIMELINE_PREPACKAGED_URL).set('kbn-xsrf', 'true').send().expect(200); - await waitFor( - async () => { - const { body } = await supertest - .get(`${TIMELINE_PREPACKAGED_URL}/_status`) - .set('kbn-xsrf', 'true') - .expect(200); - return body.timelines_not_installed === 0; - }, - `${TIMELINE_PREPACKAGED_URL}/_status`, - log - ); - - const { body } = await supertest + const { body: timelinePrepackagedResponseBody } = await supertest .post(TIMELINE_PREPACKAGED_URL) .set('kbn-xsrf', 'true') .send() .expect(200); - expect(body.timelines_installed).to.eql(0); + expect(timelinePrepackagedResponseBody.timelines_installed).to.eql(0); }); }); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts similarity index 93% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts index 8a37ad6e9cac9..db5abd723f6f6 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts @@ -8,11 +8,11 @@ import expect from '@kbn/expect'; import { SavedTimeline, TimelineTypeEnum } from '@kbn/security-solution-plugin/common/api/timeline'; -import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; import { createBasicTimeline, createBasicTimelineTemplate, -} from '../../../saved_objects/trial_license_complete_tier/helpers'; +} from '../../saved_objects/tests/helpers'; export default function ({ getService }: FtrProviderContextWithSpaces) { const supertest = getService('supertest'); @@ -60,7 +60,11 @@ export default function ({ getService }: FtrProviderContextWithSpaces) { ).to.equal(0); }); }); - describe('resolve timeline', () => { + /** + * Migration of saved object not working to current serverless version + * https://github.com/elastic/kibana/issues/196483 + * */ + describe.skip('resolve timeline', () => { before(async () => { await esArchiver.load( 'x-pack/test/functional/es_archives/security_solution/timelines/7.15.0' diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_details.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts similarity index 94% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_details.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts index 12539d43a145f..7d127ab7c0f96 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_details.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts @@ -15,7 +15,7 @@ import { import TestAgent from 'supertest/lib/agent'; import { BsearchService } from '@kbn/ftr-common-functional-services'; -import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; import { timelineDetailsFilebeatExpectedResults as EXPECTED_DATA } from '../mocks/timeline_details'; // typical values that have to change after an update from "scripts/es_archiver" @@ -34,7 +34,7 @@ export default function ({ getService }: FtrProviderContextWithSpaces) { const esArchiver = getService('esArchiver'); const utils = getService('securitySolutionUtils'); - describe('Timeline Details', () => { + describe('@skipInServerless Timeline Details', () => { let supertest: TestAgent; let bsearch: BsearchService; before(async () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_migrations.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts similarity index 97% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_migrations.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts index c91d4ce24ce51..4aafce9938ae1 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_migrations.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts @@ -16,8 +16,8 @@ import { BarePinnedEventWithoutExternalRefs, TimelineWithoutExternalRefs, } from '@kbn/security-solution-plugin/common/api/timeline'; -import type { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; -import { getSavedObjectFromES } from '../../../../utils'; +import type { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; +import { getSavedObjectFromES } from '../../../utils'; interface TimelineWithoutSavedQueryId { [timelineSavedObjectType]: TimelineWithoutExternalRefs; @@ -34,7 +34,7 @@ interface PinnedEventWithoutTimelineId { export default function ({ getService }: FtrProviderContextWithSpaces) { const supertest = getService('supertest'); - describe('Timeline migrations', () => { + describe('@skipInServerless Timeline migrations', () => { const esArchiver = getService('esArchiver'); const es = getService('es'); const kibanaServer = getService('kibanaServer'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts index 8fd44a2a2c5d9..8d9c8ad8a4652 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts @@ -20,7 +20,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, ], }, - testFiles: [require.resolve('../tests')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Timeline Integration Tests - ESS Env - Trial License', }, diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts index 0a2827db15d66..0f8a8a350c3ed 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts @@ -16,7 +16,7 @@ export default createTestConfig({ { product_line: 'cloud', product_tier: 'complete' }, ])}`, ], - testFiles: [require.resolve('../tests')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Timeline Integration Tests - Serverless Env - Complete Tier', }, diff --git a/x-pack/test/security_solution_api_integration/tsconfig.json b/x-pack/test/security_solution_api_integration/tsconfig.json index 82decfa5a6db3..b7a320dd19720 100644 --- a/x-pack/test/security_solution_api_integration/tsconfig.json +++ b/x-pack/test/security_solution_api_integration/tsconfig.json @@ -45,7 +45,6 @@ "@kbn/actions-plugin", "@kbn/task-manager-plugin", "@kbn/utility-types", - "@kbn/timelines-plugin", "@kbn/dev-cli-runner", "@kbn/elastic-assistant-common", "@kbn/search-types",