Skip to content

Commit

Permalink
[ Security Solution ] One discover security context functional tests (e…
Browse files Browse the repository at this point in the history
…lastic#199818)

## Summary

Fixes elastic/security-team#11112

Follow up to 
- elastic#199279

Adds functional test for Security Profiles in One Discover.


### Checklist

Delete any items that are not applicable to this PR.

- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: kibanamachine <[email protected]>
  • Loading branch information
2 people authored and CAWilson94 committed Dec 12, 2024
1 parent c47b066 commit fa3dfb2
Show file tree
Hide file tree
Showing 7 changed files with 172 additions and 11 deletions.
1 change: 1 addition & 0 deletions .buildkite/ftr_security_serverless_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ enabled:
- x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.agentless.ts
- x-pack/test_serverless/functional/test_suites/security/config.saved_objects_management.ts
- x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts
- x-pack/test_serverless/functional/test_suites/security/config.examples.context_awareness.ts
- x-pack/test_serverless/functional/test_suites/security/common_configs/config.group1.ts
- x-pack/test_serverless/functional/test_suites/security/common_configs/config.group2.ts
- x-pack/test_serverless/functional/test_suites/security/common_configs/config.group3.ts
Expand Down
6 changes: 4 additions & 2 deletions .github/CODEOWNERS
Original file line number Diff line number Diff line change
Expand Up @@ -1093,8 +1093,8 @@ x-pack/test_serverless/api_integration/test_suites/common/platform_security @ela
/x-pack/test/api_integration/apis/kibana/kql_telemetry @elastic/kibana-data-discovery @elastic/kibana-visualizations
/x-pack/test_serverless/functional/es_archives/pre_calculated_histogram @elastic/kibana-data-discovery
/x-pack/test_serverless/functional/es_archives/kibana_sample_data_flights_index_pattern @elastic/kibana-data-discovery
/x-pack/test_serverless/functional/test_suites/security/config.examples.ts @elastic/kibana-data-discovery
/x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts @elastic/kibana-data-discovery
/x-pack/test_serverless/functional/test_suites/security/config.examples.ts @elastic/kibana-data-discovery
/x-pack/test_serverless/functional/test_suites/security/config.examples.context_awareness.ts @elastic/kibana-data-discovery
/test/accessibility/apps/discover.ts @elastic/kibana-data-discovery
/test/api_integration/apis/data_views @elastic/kibana-data-discovery
/test/api_integration/apis/data_view_field_editor @elastic/kibana-data-discovery
Expand Down Expand Up @@ -2112,6 +2112,7 @@ x-pack/test/api_integration/apis/management/index_management/inference_endpoints
x-pack/test_serverless/functional/test_suites/security/config.mki_only.ts @elastic/security-solution @elastic/appex-qa
x-pack/test_serverless/functional/test_suites/security/index.mki_only.ts @elastic/security-solution @elastic/appex-qa @elastic/kibana-cloud-security-posture
/x-pack/test_serverless/functional/test_suites/security/config.feature_flags.ts @elastic/security-solution @elastic/kibana-cloud-security-posture
/x-pack/test_serverless/functional/test_suites/security/constants.ts @elastic/security-solution
/x-pack/test_serverless/api_integration/test_suites/observability/config.feature_flags.ts @elastic/security-solution
/x-pack/test_serverless/functional/test_suites/common/spaces/multiple_spaces_enabled.ts @elastic/security-solution
/x-pack/test/functional/es_archives/endpoint/ @elastic/security-solution
Expand Down Expand Up @@ -2245,6 +2246,7 @@ x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout @elastic/
/x-pack/plugins/security_solution/public/app/home/template_wrapper/timeline @elastic/security-threat-hunting-investigations

/x-pack/plugins/security_solution/server/lib/timeline @elastic/security-threat-hunting-investigations
/x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts @elastic/security-threat-hunting-investigations

## Security Solution Threat Hunting areas - Threat Hunting Explore
/x-pack/plugins/security_solution/common/api/tags @elastic/security-threat-hunting-explore
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,19 +9,15 @@ import { createTestConfig } from '../../config.base';

export default createTestConfig({
serverlessProject: 'security',
testFiles: [require.resolve('../common/discover/context_awareness')],
testFiles: [require.resolve('./ftr/discover/context_awareness')],
junit: {
reportName: 'Serverless Security Discover Context Awareness Functional Tests',
reportName:
'Serverless Security Discover Context Awareness Functional Tests - Security Profiles',
},
kbnServerArgs: [
`--discover.experimental.enabledProfiles=${JSON.stringify([
'example-root-profile',
'example-solution-view-root-profile',
'example-data-source-profile',
'example-document-profile',
])}`,
`--discover.experimental.enabledProfiles=${JSON.stringify(['security-root-profile'])}`,
],
// include settings from project controller
// https://github.com/elastic/project-controller/blob/main/internal/project/observability/config/elasticsearch.yml
// https://github.com/elastic/elasticsearch-controller/blob/main/helm/values.yaml
esServerArgs: ['xpack.ml.dfa.enabled=false'],
});
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

import { createTestConfig } from '../../config.base';

export default createTestConfig({
serverlessProject: 'security',
testFiles: [require.resolve('../common/discover/context_awareness')],
junit: {
reportName:
'Serverless Security Discover Context Awareness Functional Tests - Example Profiles',
},
kbnServerArgs: [
`--discover.experimental.enabledProfiles=${JSON.stringify([
'example-root-profile',
'example-solution-view-root-profile',
'example-data-source-profile',
'example-document-profile',
])}`,
],
// include settings from project controller
// https://github.com/elastic/project-controller/blob/main/internal/project/observability/config/elasticsearch.yml
esServerArgs: ['xpack.ml.dfa.enabled=false'],
});
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

export const SECURITY_ES_ARCHIVES_DIR = 'x-pack/test/security_solution_cypress/es_archives';
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

import kbnRison from '@kbn/rison';
import expect from '@kbn/expect';
import path from 'path';
import { FtrProviderContext } from '../../../../../ftr_provider_context';
import { SECURITY_ES_ARCHIVES_DIR } from '../../../constants';

export default function ({ getService, getPageObjects }: FtrProviderContext) {
const PageObjects = getPageObjects(['common', 'timePicker', 'discover', 'svlCommonPage']);
const testSubjects = getService('testSubjects');
const dataViews = getService('dataViews');
const esArchiver = getService('esArchiver');
const queryBar = getService('queryBar');

describe('security root profile', () => {
before(async () => {
await PageObjects.svlCommonPage.loginAsViewer();
await esArchiver.loadIfNeeded(path.join(SECURITY_ES_ARCHIVES_DIR, 'auditbeat_single'));
});

after(async () => {
await esArchiver.unload(path.join(SECURITY_ES_ARCHIVES_DIR, 'auditbeat_single'));
});

describe('cell renderers', () => {
describe('host.name', () => {
describe('DataView mode', () => {
it('should open host.name flyout', async () => {
await PageObjects.common.navigateToActualUrl('discover', undefined, {
ensureCurrentUrl: false,
});
await dataViews.createFromSearchBar({
name: 'auditbeat-2022',
adHoc: true,
hasTimeField: true,
});
await queryBar.setQuery('host.name: "siem-kibana"');
await queryBar.clickQuerySubmitButton();
await PageObjects.discover.waitUntilSearchingHasFinished();
await PageObjects.discover.dragFieldToTable('host.name');
expect((await PageObjects.discover.getColumnHeaders()).join(', ')).to.be(
'@timestamp, host.name'
);
// security host.name button
const hostName = await testSubjects.findAll('host-details-button', 2500);
expect(hostName).to.have.length(1);
await hostName[0].click();
await testSubjects.existOrFail('host-panel-header', { timeout: 2500 });
await testSubjects.existOrFail('asset-criticality-selector', { timeout: 2500 });
await testSubjects.existOrFail('observedEntity-accordion', { timeout: 2500 });
});
});

describe('ES|QL mode', () => {
it('should open host.name flyout', async () => {
const state = kbnRison.encode({
dataSource: { type: 'esql' },

query: { esql: 'from auditbeat-2022 | WHERE host.name == "siem-kibana"' },
});

await PageObjects.common.navigateToActualUrl('discover', `?_a=${state}`, {
ensureCurrentUrl: false,
});
await PageObjects.discover.waitUntilSearchingHasFinished();
await PageObjects.discover.dragFieldToTable('host.name');
expect((await PageObjects.discover.getColumnHeaders()).join(', ')).to.be('host.name');
// security host.name button
const hostName = await testSubjects.findAll('host-details-button', 2500);
expect(hostName).to.have.length(1);
await hostName[0].click();
await testSubjects.existOrFail('host-panel-header', { timeout: 2500 });
await testSubjects.existOrFail('asset-criticality-selector', { timeout: 2500 });
await testSubjects.existOrFail('observedEntity-accordion', { timeout: 2500 });
});
});
});
});
});
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

import { FtrProviderContext } from '../../../../../ftr_provider_context';

export default function ({ getService, getPageObjects, loadTestFile }: FtrProviderContext) {
const esArchiver = getService('esArchiver');
const kibanaServer = getService('kibanaServer');
const PageObjects = getPageObjects(['timePicker', 'svlCommonPage']);
const from = '2017-06-10T14:00:00.000Z';
const to = '2024-06-10T16:30:00.000Z';

describe('discover/security/context_awareness', function () {
this.tags(['esGate']);

before(async () => {
await esArchiver.load('test/functional/fixtures/es_archiver/discover/context_awareness');
await kibanaServer.importExport.load(
'test/functional/fixtures/kbn_archiver/discover/context_awareness'
);
await kibanaServer.uiSettings.update({
'timepicker:timeDefaults': `{ "from": "${from}", "to": "${to}"}`,
});
});

after(async () => {
await esArchiver.unload('test/functional/fixtures/es_archiver/discover/context_awareness');
await kibanaServer.importExport.unload(
'test/functional/fixtures/kbn_archiver/discover/context_awareness'
);
await PageObjects.timePicker.resetDefaultAbsoluteRangeViaUiSettings();
});

loadTestFile(require.resolve('./cell_renderer'));
});
}

0 comments on commit fa3dfb2

Please sign in to comment.