From 6909ffeed89765fe272ac7abb110ea4a7589f087 Mon Sep 17 00:00:00 2001 From: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Date: Thu, 17 Oct 2024 06:46:14 +1100 Subject: [PATCH] [8.x] [ Security Solution ]Re-organize the Investigations api integration test for MKI (#194707) (#196588) # Backport This will backport the following commits from `main` to `8.x`: - [[ Security Solution ]Re-organize the Investigations api integration test for MKI (#194707)](https://github.com/elastic/kibana/pull/194707) ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) Co-authored-by: Jatin Kathuria --- .buildkite/ftr_security_stateful_configs.yml | 8 +- .../package.json | 19 + .../configs/ess.config.ts} | 6 +- .../configs/serverless.config.ts | 23 + .../draft_timeline.ts | 0 .../helpers.ts | 0 .../index.ts | 0 .../notes.ts | 0 .../pinned_events.ts | 0 .../timeline.ts | 0 .../configs/ess.config.ts | 2 +- .../configs/serverless.config.ts | 2 +- .../configs/ess.config.ts} | 2 +- .../configs/serverless.config.ts | 23 + .../mocks/timeline_details.ts | 0 .../security_and_spaces/tests/basic/events.ts | 398 ------------------ .../security_and_spaces/tests/basic/index.ts | 29 -- .../security_and_spaces/tests/trial/events.ts | 279 ------------ .../security_and_spaces/tests/trial/index.ts | 99 ----- .../tests/events.ts | 6 +- .../tests/basic => tests}/import_timelines.ts | 4 +- .../tests/index.ts | 7 +- .../install_prepackaged_timelines.ts | 42 +- .../tests/timeline.ts | 10 +- .../tests/timeline_details.ts | 4 +- .../tests/timeline_migrations.ts | 6 +- .../configs/ess.config.ts | 2 +- .../configs/serverless.config.ts | 2 +- .../tsconfig.json | 1 - 29 files changed, 120 insertions(+), 854 deletions(-) rename x-pack/test/security_solution_api_integration/test_suites/investigation/{timeline/security_and_spaces/configs/ess.trial.config.ts => saved_objects/basic_license_essentials_tier/configs/ess.config.ts} (79%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/draft_timeline.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/helpers.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/index.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/notes.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/pinned_events.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/{trial_license_complete_tier => tests}/timeline.ts (100%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{security_and_spaces/configs/ess.basic.config.ts => basic_license_essentials_tier/configs/ess.config.ts} (94%) create mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/mocks/timeline_details.ts (100%) delete mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/events.ts delete mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/index.ts delete mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/events.ts delete mode 100644 x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/index.ts rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/events.ts (94%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{security_and_spaces/tests/basic => tests}/import_timelines.ts (98%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/index.ts (65%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{security_and_spaces/tests/basic => tests}/install_prepackaged_timelines.ts (63%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/timeline.ts (93%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/timeline_details.ts (94%) rename x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/{trial_license_complete_tier => }/tests/timeline_migrations.ts (97%) diff --git a/.buildkite/ftr_security_stateful_configs.yml b/.buildkite/ftr_security_stateful_configs.yml index a2390fa2bd27f..dbe529596102e 100644 --- a/.buildkite/ftr_security_stateful_configs.yml +++ b/.buildkite/ftr_security_stateful_configs.yml @@ -69,10 +69,14 @@ enabled: - x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/explore/users/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/explore/overview/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.basic.config.ts - - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.trial.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts + - x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts - x-pack/test/security_solution_api_integration/test_suites/sources/indices/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/artifacts/trial_license_complete_tier/configs/ess.config.ts - x-pack/test/security_solution_api_integration/test_suites/edr_workflows/authentication/trial_license_complete_tier/configs/ess.config.ts diff --git a/x-pack/test/security_solution_api_integration/package.json b/x-pack/test/security_solution_api_integration/package.json index 1649c79f52a7d..18c4eba5fe79f 100644 --- a/x-pack/test/security_solution_api_integration/package.json +++ b/x-pack/test/security_solution_api_integration/package.json @@ -39,6 +39,10 @@ "initialize-server:edr-workflows": "node ./scripts/index.js server edr_workflows trial_license_complete_tier", "run-tests:edr-workflows": "node ./scripts/index.js runner edr_workflows trial_license_complete_tier", + + "initialize-server:investigations:basic_essentials": "node scripts/index.js server investigation basic_license_essentials_tier", + "run-tests:investigations:basic_essentials": "node scripts/index.js runner investigation basic_license_essentials_tier", + "initialize-server:investigations": "node scripts/index.js server investigation trial_license_complete_tier", "run-tests:investigations": "node scripts/index.js runner investigation trial_license_complete_tier", @@ -377,6 +381,14 @@ "investigations:timeline:server:ess": "npm run initialize-server:investigations timeline ess", "investigations:timeline:runner:ess": "npm run run-tests:investigations timeline ess essEnv", + + "investigations:basic:timeline:server:ess": "npm run initialize-server:investigations:basic_essentials timeline ess", + "investigations:basic:timeline:server:serverless": "npm run initialize-server:investigations:basic_essentials timeline serverless", + "investigations:basic:timeline:runner:ess": "npm run run-tests:investigations:basic_essentials timeline ess essEnv", + "investigations:basic:timeline:runner:serverless": "npm run run-tests:investigations:basic_essentials timeline serverless serverlessEnv", + "investigations:basic:timeline:runner:qa:serverless": "npm run run-tests:investigations:basic_essentials timeline serverless qaPeriodicEnv", + "investigations:basic:timeline:runner:qa:serverless:release": "npm run run-tests:investigations:basic_essentials timeline serverless qaEnv", + "investigations:saved-objects:server:serverless": "npm run initialize-server:investigations saved_objects serverless", "investigations:saved-objects:runner:serverless": "npm run run-tests:investigations saved_objects serverless serverlessEnv", "investigations:saved-objects:runner:qa:serverless": "npm run run-tests:investigations saved_objects serverless qaPeriodicEnv", @@ -384,6 +396,13 @@ "investigations:saved-objects:server:ess": "npm run initialize-server:investigations saved_objects ess", "investigations:saved-objects:runner:ess": "npm run run-tests:investigations saved_objects ess essEnv", + "investigations:basic:saved-objects:server:serverless": "npm run initialize-server:investigations:basic_essentials saved_objects serverless", + "investigations:basic:saved-objects:runner:serverless": "npm run run-tests:investigations:basic_essentials saved_objects serverless serverlessEnv", + "investigations:basic:saved-objects:runner:qa:serverless": "npm run run-tests:investigations:basic_essentials saved_objects serverless qaPeriodicEnv", + "investigations:basic:saved-objects:runner:qa:serverless:release": "npm run run-tests:investigations:basic_essentials saved_objects serverless qaEnv", + "investigations:basic:saved-objects:server:ess": "npm run initialize-server:investigations:basic_essentials saved_objects ess", + "investigations:basic:saved-objects:runner:ess": "npm run run-tests:investigations:basic_essentials saved_objects ess essEnv", + "explore:hosts:server:serverless": "npm run intialize-server:explore hosts serverless", "explore:hosts:runner:serverless": "npm run run-tests:explore hosts serverless serverlessEnv", "explore:hosts:runner:qa:serverless": "npm run run-tests:explore hosts serverless qaPeriodicEnv", diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.trial.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts similarity index 79% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.trial.config.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts index ad8b3a9ddcd39..d4a5b5f5a80c8 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.trial.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/ess.config.ts @@ -8,7 +8,7 @@ import { FtrConfigProviderContext } from '@kbn/test'; export default async function ({ readConfigFile }: FtrConfigProviderContext) { const functionalConfig = await readConfigFile( - require.resolve('../../../../../config/ess/config.base.trial') + require.resolve('../../../../../config/ess/config.base.basic') ); return { @@ -20,9 +20,9 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, ], }, - testFiles: [require.resolve('../tests/trial')], + testFiles: [require.resolve('../../tests')], junit: { - reportName: 'Timeline Integration Tests - ESS Env - Trial License', + reportName: 'Saved Objects Integration Tests - ESS Env - Basic License', }, }; } diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..5e70e9b7717d5 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../config/serverless/config.base'; + +export default createTestConfig({ + kbnTestServerArgs: [ + `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, + `--xpack.securitySolutionServerless.productTypes=${JSON.stringify([ + { product_line: 'security', product_tier: 'essentials' }, + { product_line: 'endpoint', product_tier: 'essentials' }, + { product_line: 'cloud', product_tier: 'essentials' }, + ])}`, + ], + testFiles: [require.resolve('../../tests')], + junit: { + reportName: 'Saved Objects Integration Tests - Serverless Env - Complete Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/draft_timeline.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/draft_timeline.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/draft_timeline.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/draft_timeline.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/helpers.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/helpers.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/helpers.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/helpers.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/index.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/index.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/index.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/index.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/notes.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/notes.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/notes.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/notes.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/pinned_events.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/pinned_events.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/pinned_events.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/pinned_events.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/timeline.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/timeline.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/timeline.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/tests/timeline.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts index 4c96f07342a58..80f9327a0c19e 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/ess.config.ts @@ -20,7 +20,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, ], }, - testFiles: [require.resolve('..')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Saved Objects Integration Tests - ESS Env - Basic License', }, diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts index a5d28b90c8dc9..2bb0168b6e8ad 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/saved_objects/trial_license_complete_tier/configs/serverless.config.ts @@ -16,7 +16,7 @@ export default createTestConfig({ { product_line: 'cloud', product_tier: 'complete' }, ])}`, ], - testFiles: [require.resolve('..')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Saved Objects Integration Tests - Serverless Env - Complete Tier', }, diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.basic.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts similarity index 94% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.basic.config.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts index 279b9a1a2ed57..a1bcb8a145ad6 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/configs/ess.basic.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/ess.config.ts @@ -20,7 +20,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, ], }, - testFiles: [require.resolve('../tests/basic')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Timeline Integration Tests - ESS Env - Basic License', }, diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts new file mode 100644 index 0000000000000..2e5fa848fb16b --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/basic_license_essentials_tier/configs/serverless.config.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createTestConfig } from '../../../../../config/serverless/config.base'; + +export default createTestConfig({ + kbnTestServerArgs: [ + `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, + `--xpack.securitySolutionServerless.productTypes=${JSON.stringify([ + { product_line: 'security', product_tier: 'essentials' }, + { product_line: 'endpoint', product_tier: 'essentials' }, + { product_line: 'cloud', product_tier: 'essentials' }, + ])}`, + ], + testFiles: [require.resolve('../../tests')], + junit: { + reportName: 'Timeline Integration Tests - Serverless Env - Essentials Tier', + }, +}); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/mocks/timeline_details.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/mocks/timeline_details.ts similarity index 100% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/mocks/timeline_details.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/mocks/timeline_details.ts diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/events.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/events.ts deleted file mode 100644 index a694a4cd170da..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/events.ts +++ /dev/null @@ -1,398 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { JsonObject } from '@kbn/utility-types'; -import expect from '@kbn/expect'; -import { ALERT_UUID, ALERT_RULE_CONSUMER } from '@kbn/rule-data-utils'; - -import { TimelineEdges, TimelineNonEcsData } from '@kbn/timelines-plugin/common'; -import { - Direction, - TimelineEventsQueries, -} from '@kbn/security-solution-plugin/common/search_strategy'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; -import { User } from '../../../../../../../rule_registry/common/lib/authentication/types'; -import { getSpaceUrlPrefix } from '../../../../../../../rule_registry/common/lib/authentication/spaces'; - -import { - superUser, - globalRead, - obsOnly, - obsOnlyRead, - obsSec, - obsSecRead, - secOnly, - secOnlyRead, - secOnlySpace2, - secOnlyReadSpace2, - obsSecAllSpace2, - obsSecReadSpace2, - obsOnlySpace2, - obsOnlyReadSpace2, - obsOnlySpacesAll, - obsSecSpacesAll, - secOnlySpacesAll, - noKibanaPrivileges, -} from '../../../../../../../rule_registry/common/lib/authentication/users'; -import type { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; - -interface TestCase { - /** The space where the alert exists */ - space?: string; - /** The ID of the solution for which to get alerts */ - featureIds: string[]; - /** The total alerts expected to be returned */ - expectedNumberAlerts: number; - /** body to be posted */ - body: JsonObject; - /** Authorized users */ - authorizedUsers: User[]; - /** Unauthorized users */ - unauthorizedUsers: User[]; - /** Users who are authorized for one, but not all of the alert solutions being queried */ - usersWithoutAllPrivileges?: User[]; -} - -const TO = '3000-01-01T00:00:00.000Z'; -const FROM = '2000-01-01T00:00:00.000Z'; -const TEST_URL = '/internal/search/timelineSearchStrategy/'; -const SPACE_1 = 'space1'; -const SPACE_2 = 'space2'; - -export default ({ getService }: FtrProviderContextWithSpaces) => { - const esArchiver = getService('esArchiver'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const getPostBody = (): JsonObject => ({ - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - factoryQueryType: TimelineEventsQueries.all, - fieldRequested: ['@timestamp', 'message', ALERT_RULE_CONSUMER, ALERT_UUID, 'event.kind'], - fields: [], - filterQuery: { - bool: { - filter: [ - { - match_all: {}, - }, - ], - }, - }, - pagination: { - activePage: 0, - querySize: 25, - }, - language: 'kuery', - sort: [ - { - field: '@timestamp', - direction: Direction.desc, - type: 'number', - }, - ], - timerange: { - from: FROM, - to: TO, - interval: '12h', - }, - }); - - // TODO: Fix or update the tests - describe.skip('Timeline - Events', () => { - before(async () => { - await esArchiver.load('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - after(async () => { - await esArchiver.unload('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - - function addTests({ - space, - authorizedUsers, - usersWithoutAllPrivileges, - unauthorizedUsers, - body, - featureIds, - expectedNumberAlerts, - }: TestCase) { - authorizedUsers.forEach(({ username, password }) => { - it(`${username} should be able to view alerts from "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - const resp = await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - .expect(200); - - const timeline = resp.body; - - expect( - timeline.edges.every((hit: TimelineEdges) => { - const data: TimelineNonEcsData[] = hit.node.data; - return data.some(({ field, value }) => { - return ( - field === ALERT_RULE_CONSUMER && featureIds.includes((value && value[0]) ?? '') - ); - }); - }) - ).to.equal(true); - expect(timeline.totalCount).to.be(expectedNumberAlerts); - }); - }); - - if (usersWithoutAllPrivileges != null) { - usersWithoutAllPrivileges.forEach(({ username, password }) => { - it(`${username} should NOT be able to view alerts from "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - const resp = await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - .expect(200); - - const timeline = resp.body; - - expect(timeline.totalCount).to.be(0); - }); - }); - } - - unauthorizedUsers.forEach(({ username, password }) => { - it(`${username} should NOT be able to access "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - // TODO - This should be updated to be a 403 once this ticket is resolved - // https://github.com/elastic/kibana/issues/106005 - .expect(500); - }); - }); - } - - describe('alerts authentication', () => { - const authorizedSecSpace1 = [secOnly, secOnlyRead]; - const authorizedObsSpace1 = [obsOnly, obsOnlyRead]; - const authorizedSecObsSpace1 = [obsSec, obsSecRead]; - - const authorizedSecSpace2 = [secOnlySpace2, secOnlyReadSpace2]; - const authorizedObsSpace2 = [obsOnlySpace2, obsOnlyReadSpace2]; - const authorizedSecObsSpace2 = [obsSecAllSpace2, obsSecReadSpace2]; - - const authorizedSecInAllSpaces = [secOnlySpacesAll]; - const authorizedObsInAllSpaces = [obsOnlySpacesAll]; - const authorizedSecObsInAllSpaces = [obsSecSpacesAll]; - - const authorizedInAllSpaces = [superUser, globalRead]; - const unauthorized = [noKibanaPrivileges]; - - describe('Querying for Security Solution alerts only', () => { - addTests({ - space: SPACE_1, - featureIds: ['siem'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem'], - }, - authorizedUsers: [ - ...authorizedSecSpace1, - ...authorizedSecObsSpace1, - ...authorizedSecInAllSpaces, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - usersWithoutAllPrivileges: [...authorizedObsSpace1, ...authorizedObsInAllSpaces], - unauthorizedUsers: [ - ...authorizedSecSpace2, - ...authorizedObsSpace2, - ...authorizedSecObsSpace2, - ...unauthorized, - ], - }); - - addTests({ - space: SPACE_2, - featureIds: ['siem'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - alertConsumers: ['siem'], - }, - authorizedUsers: [ - ...authorizedSecSpace2, - ...authorizedSecObsSpace2, - ...authorizedSecInAllSpaces, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - usersWithoutAllPrivileges: [...authorizedObsSpace2, ...authorizedObsInAllSpaces], - unauthorizedUsers: [ - ...authorizedSecSpace1, - ...authorizedObsSpace1, - ...authorizedSecObsSpace1, - ...unauthorized, - ], - }); - }); - - describe('Querying for APM alerts only', () => { - addTests({ - space: SPACE_1, - featureIds: ['apm'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - alertConsumers: ['apm'], - }, - authorizedUsers: [ - ...authorizedObsSpace1, - ...authorizedSecObsSpace1, - ...authorizedObsInAllSpaces, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - usersWithoutAllPrivileges: [...authorizedSecSpace1, ...authorizedSecInAllSpaces], - unauthorizedUsers: [ - ...authorizedSecSpace2, - ...authorizedObsSpace2, - ...authorizedSecObsSpace2, - ...unauthorized, - ], - }); - addTests({ - space: SPACE_2, - featureIds: ['apm'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - alertConsumers: ['apm'], - }, - authorizedUsers: [ - ...authorizedObsSpace2, - ...authorizedSecObsSpace2, - ...authorizedObsInAllSpaces, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - usersWithoutAllPrivileges: [...authorizedSecSpace2, ...authorizedSecInAllSpaces], - unauthorizedUsers: [ - ...authorizedSecSpace1, - ...authorizedObsSpace1, - ...authorizedSecObsSpace1, - ...unauthorized, - ], - }); - }); - - describe('Querying for multiple solutions', () => { - describe('authorized for both security solution and apm', () => { - addTests({ - space: SPACE_1, - featureIds: ['siem', 'apm'], - expectedNumberAlerts: 4, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [ - ...authorizedSecObsSpace1, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - unauthorizedUsers: [...unauthorized], - }); - addTests({ - space: SPACE_2, - featureIds: ['siem', 'apm'], - expectedNumberAlerts: 4, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [ - ...authorizedSecObsSpace2, - ...authorizedSecObsInAllSpaces, - ...authorizedInAllSpaces, - ], - unauthorizedUsers: [...unauthorized], - }); - }); - describe('security solution privileges only', () => { - addTests({ - space: SPACE_1, - featureIds: ['siem'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [...authorizedSecInAllSpaces], - unauthorizedUsers: [...unauthorized], - }); - }); - - describe('apm privileges only', () => { - addTests({ - space: SPACE_1, - featureIds: ['apm'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [...authorizedObsInAllSpaces], - unauthorizedUsers: [...unauthorized], - }); - }); - - describe('querying from default space when no alerts were created in default space', () => { - addTests({ - featureIds: ['siem'], - expectedNumberAlerts: 0, - body: { - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['siem', 'apm'], - }, - authorizedUsers: [...authorizedSecInAllSpaces], - unauthorizedUsers: [...unauthorized], - }); - }); - }); - }); - }); -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/index.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/index.ts deleted file mode 100644 index 809e6d7cba75b..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/index.ts +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; -import { - createSpacesAndUsers, - deleteSpacesAndUsers, -} from '../../../../../../../rule_registry/common/lib/authentication'; - -export default ({ loadTestFile, getService }: FtrProviderContextWithSpaces): void => { - describe('@ess timeline security and spaces enabled: basic', function () { - before(async () => { - await createSpacesAndUsers(getService); - }); - - after(async () => { - await deleteSpacesAndUsers(getService); - }); - - // Basic - loadTestFile(require.resolve('./events')); - loadTestFile(require.resolve('./import_timelines')); - loadTestFile(require.resolve('./install_prepackaged_timelines')); - }); -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/events.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/events.ts deleted file mode 100644 index 6ff03cc9b2cc2..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/events.ts +++ /dev/null @@ -1,279 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import Path from 'path'; -import Fs from 'fs'; -import { JsonObject } from '@kbn/utility-types'; -import expect from '@kbn/expect'; -import { ALERT_RULE_CONSUMER } from '@kbn/rule-data-utils'; - -import { TimelineEdges, TimelineNonEcsData } from '@kbn/timelines-plugin/common'; -import { - Direction, - TimelineEventsQueries, -} from '@kbn/security-solution-plugin/common/search_strategy'; -import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; -import { User } from '../../../../../../../rule_registry/common/lib/authentication/types'; -import { getSpaceUrlPrefix } from '../../../../../../../rule_registry/common/lib/authentication/spaces'; - -import { - obsMinReadAlertsRead, - obsMinReadAlertsReadSpacesAll, - obsMinRead, - obsMinReadSpacesAll, - superUser, -} from '../../../../../../../rule_registry/common/lib/authentication/users'; -import { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; - -class FileWrapper { - constructor(private readonly path: string) {} - async reset() { - // "touch" each file to ensure it exists and is empty before each test - await Fs.promises.writeFile(this.path, ''); - } - async read() { - const content = await Fs.promises.readFile(this.path, { encoding: 'utf8' }); - return content.trim().split('\n'); - } - async readJSON() { - const content = await this.read(); - return content.map((l) => JSON.parse(l)); - } - // writing in a file is an async operation. we use this method to make sure logs have been written. - async isNotEmpty() { - const content = await this.read(); - const line = content[0]; - return line.length > 0; - } -} - -interface TestCase { - /** The space where the alert exists */ - space?: string; - /** The ID of the solution for which to get alerts */ - featureIds: string[]; - /** The total alerts expected to be returned */ - expectedNumberAlerts: number; - /** body to be posted */ - body: JsonObject; - /** Authorized users */ - authorizedUsers: User[]; - /** Unauthorized users */ - unauthorizedUsers: User[]; -} - -const TO = '3000-01-01T00:00:00.000Z'; -const FROM = '2000-01-01T00:00:00.000Z'; -const TEST_URL = '/internal/search/timelineSearchStrategy/'; -const SPACE_1 = 'space1'; -const SPACE_2 = 'space2'; - -export default ({ getService }: FtrProviderContextWithSpaces) => { - const esArchiver = getService('esArchiver'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); - const getPostBody = (): JsonObject => ({ - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - factoryQueryType: TimelineEventsQueries.all, - fieldRequested: ['@timestamp'], - fields: [], - filterQuery: { - bool: { - filter: [ - { - match_all: {}, - }, - ], - }, - }, - pagination: { - activePage: 0, - querySize: 25, - }, - language: 'kuery', - sort: [ - { - field: '@timestamp', - direction: Direction.desc, - type: 'number', - }, - ], - timerange: { - from: FROM, - to: TO, - interval: '12h', - }, - }); - - // TODO: Fix or update the tests - describe.skip('Timeline - Events', () => { - const logFilePath = Path.resolve(__dirname, '../../../common/audit.log'); - const logFile = new FileWrapper(logFilePath); - const retry = getService('retry'); - - before(async () => { - await esArchiver.load('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - after(async () => { - await esArchiver.unload('x-pack/test/functional/es_archives/rule_registry/alerts'); - }); - - function addTests({ - space, - authorizedUsers, - unauthorizedUsers, - body, - featureIds, - expectedNumberAlerts, - }: TestCase) { - authorizedUsers.forEach(({ username, password }) => { - it(`${username} should be able to view alerts from "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - const resp = await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - .expect(200); - - const timeline = resp.body; - - expect( - timeline.edges.every((hit: TimelineEdges) => { - const data: TimelineNonEcsData[] = hit.node.data; - return data.some(({ field, value }) => { - return ( - field === ALERT_RULE_CONSUMER && featureIds.includes((value && value[0]) ?? '') - ); - }); - }) - ).to.equal(true); - expect(timeline.totalCount).to.be(expectedNumberAlerts); - }); - }); - - unauthorizedUsers.forEach(({ username, password }) => { - it(`${username} should NOT be able to access "${featureIds.join(',')}" ${ - space != null ? `in space ${space}` : 'when no space specified' - }`, async () => { - // This will be flake until it uses the bsearch service, but these tests aren't operational. Once you do make this operational - // use const bsearch = getService('bsearch'); - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(space)}${TEST_URL}`) - .auth(username, password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ ...body }) - // TODO - This should be updated to be a 403 once this ticket is resolved - // https://github.com/elastic/kibana/issues/106005 - .expect(500); - }); - }); - } - - // TODO - tests need to be updated with new table logic - describe('alerts authentication', () => { - addTests({ - space: SPACE_1, - featureIds: ['apm'], - expectedNumberAlerts: 2, - body: { - ...getPostBody(), - defaultIndex: ['.alerts*'], - entityType: 'alerts', - alertConsumers: ['apm'], - }, - authorizedUsers: [obsMinReadAlertsRead, obsMinReadAlertsReadSpacesAll], - unauthorizedUsers: [obsMinRead, obsMinReadSpacesAll], - }); - }); - - // FLAKY: https://github.com/elastic/kibana/issues/117462 - describe('logging', () => { - beforeEach(async () => { - await logFile.reset(); - }); - - afterEach(async () => { - await logFile.reset(); - }); - - it('logs success events when reading alerts', async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(SPACE_1)}${TEST_URL}`) - .auth(superUser.username, superUser.password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['apm'], - }) - .expect(200); - await retry.waitFor('logs event in the dest file', async () => await logFile.isNotEmpty()); - - const content = await logFile.readJSON(); - - const httpEvent = content.find((c) => c.event.action === 'http_request'); - expect(httpEvent).to.be.ok(); - expect(httpEvent.trace.id).to.be.ok(); - expect(httpEvent.user.name).to.be(superUser.username); - expect(httpEvent.kibana.space_id).to.be('space1'); - expect(httpEvent.http.request.method).to.be('post'); - expect(httpEvent.url.path).to.be('/s/space1/internal/search/timelineSearchStrategy/'); - - const findEvents = content.filter((c) => c.event.action === 'alert_find'); - expect(findEvents[0].trace.id).to.be.ok(); - expect(findEvents[0].event.outcome).to.be('success'); - expect(findEvents[0].user.name).to.be(superUser.username); - expect(findEvents[0].kibana.space_id).to.be('space1'); - }); - - it('logs failure events when unauthorized to read alerts', async () => { - await supertestWithoutAuth - .post(`${getSpaceUrlPrefix(SPACE_2)}${TEST_URL}`) - .auth(obsMinRead.username, obsMinRead.password) - .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .set('kbn-xsrf', 'true') - .set('Content-Type', 'application/json') - .send({ - ...getPostBody(), - defaultIndex: ['.alerts-*'], - entityType: 'alerts', - alertConsumers: ['apm'], - }) - .expect(500); - await retry.waitFor('logs event in the dest file', async () => await logFile.isNotEmpty()); - - const content = await logFile.readJSON(); - - const httpEvent = content.find((c) => c.event.action === 'http_request'); - expect(httpEvent).to.be.ok(); - expect(httpEvent.trace.id).to.be.ok(); - expect(httpEvent.user.name).to.be(obsMinRead.username); - expect(httpEvent.kibana.space_id).to.be(SPACE_2); - expect(httpEvent.http.request.method).to.be('post'); - expect(httpEvent.url.path).to.be('/s/space2/internal/search/timelineSearchStrategy/'); - - const findEvents = content.filter((c) => c.event.action === 'alert_find'); - expect(findEvents.length).to.equal(1); - expect(findEvents[0].trace.id).to.be.ok(); - expect(findEvents[0].event.outcome).to.be('failure'); - expect(findEvents[0].user.name).to.be(obsMinRead.username); - expect(findEvents[0].kibana.space_id).to.be(SPACE_2); - }); - }); - }); -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/index.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/index.ts deleted file mode 100644 index 381d3a5b657bb..0000000000000 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/trial/index.ts +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; -import { - createSpaces, - createUsersAndRoles, - deleteSpaces, - deleteUsersAndRoles, -} from '../../../../../../../rule_registry/common/lib/authentication'; - -import { - observabilityMinReadAlertsRead, - observabilityMinReadAlertsReadSpacesAll, - observabilityMinimalRead, - observabilityMinimalReadSpacesAll, - observabilityMinReadAlertsAll, - observabilityMinReadAlertsAllSpacesAll, - observabilityMinimalAll, - observabilityMinimalAllSpacesAll, -} from '../../../../../../../rule_registry/common/lib/authentication/roles'; -import { - obsMinReadAlertsRead, - obsMinReadAlertsReadSpacesAll, - obsMinRead, - obsMinReadSpacesAll, - superUser, - obsMinReadAlertsAll, - obsMinReadAlertsAllSpacesAll, - obsMinAll, - obsMinAllSpacesAll, -} from '../../../../../../../rule_registry/common/lib/authentication/users'; - -export default ({ loadTestFile, getService }: FtrProviderContextWithSpaces): void => { - describe('@ess timeline security and spaces enabled: trial', function () { - before(async () => { - await createSpaces(getService); - await createUsersAndRoles( - getService, - [ - obsMinReadAlertsRead, - obsMinReadAlertsReadSpacesAll, - obsMinRead, - obsMinReadSpacesAll, - superUser, - obsMinReadAlertsAll, - obsMinReadAlertsAllSpacesAll, - obsMinAll, - obsMinAllSpacesAll, - ], - [ - observabilityMinReadAlertsRead, - observabilityMinReadAlertsReadSpacesAll, - observabilityMinimalRead, - observabilityMinimalReadSpacesAll, - observabilityMinReadAlertsAll, - observabilityMinReadAlertsAllSpacesAll, - observabilityMinimalAll, - observabilityMinimalAllSpacesAll, - ] - ); - }); - - after(async () => { - await deleteSpaces(getService); - await deleteUsersAndRoles( - getService, - [ - obsMinReadAlertsRead, - obsMinReadAlertsReadSpacesAll, - obsMinRead, - obsMinReadSpacesAll, - superUser, - obsMinReadAlertsAll, - obsMinReadAlertsAllSpacesAll, - obsMinAll, - obsMinAllSpacesAll, - ], - [ - observabilityMinReadAlertsRead, - observabilityMinReadAlertsReadSpacesAll, - observabilityMinimalRead, - observabilityMinimalReadSpacesAll, - observabilityMinReadAlertsAll, - observabilityMinReadAlertsAllSpacesAll, - observabilityMinimalAll, - observabilityMinimalAllSpacesAll, - ] - ); - }); - - // Trial - loadTestFile(require.resolve('./events')); - }); -}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/events.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts similarity index 94% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/events.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts index c42ac64de4a23..9db1a5dfceb22 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/events.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/events.ts @@ -15,9 +15,9 @@ import { } from '@kbn/security-solution-plugin/common/search_strategy'; import TestAgent from 'supertest/lib/agent'; import { BsearchService } from '@kbn/ftr-common-functional-services'; -import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; -import { getFieldsToRequest, getFilterValue } from '../../../../utils'; +import { getFieldsToRequest, getFilterValue } from '../../../utils'; const TO = '3000-01-01T00:00:00.000Z'; const FROM = '2000-01-01T00:00:00.000Z'; @@ -60,7 +60,7 @@ export default function ({ getService }: FtrProviderContextWithSpaces) { }, }); - describe('Timeline', () => { + describe('@skipInServerless Timeline', () => { let supertest: TestAgent; let bsearch: BsearchService; diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/import_timelines.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts similarity index 98% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/import_timelines.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts index 455780b333c8f..90f56e82a310a 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/import_timelines.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/import_timelines.ts @@ -9,8 +9,8 @@ import expect from '@kbn/expect'; import { TIMELINE_IMPORT_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; -import { deleteAllTimelines } from '../../../utils'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; +import { deleteAllTimelines } from '../utils'; export default ({ getService }: FtrProviderContextWithSpaces): void => { const supertest = getService('supertest'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/index.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts similarity index 65% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/index.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts index ebf592d01282b..0d14c693ea828 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/index.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/index.ts @@ -5,14 +5,15 @@ * 2.0. */ -import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; export default function ({ loadTestFile }: FtrProviderContextWithSpaces) { - // Failed in serverless: https://github.com/elastic/kibana/issues/183645 - describe('@ess @serverless @skipInServerless SecuritySolution Timeline', () => { + describe('@ess @serverless SecuritySolution Timeline', () => { loadTestFile(require.resolve('./events')); loadTestFile(require.resolve('./timeline_details')); loadTestFile(require.resolve('./timeline')); loadTestFile(require.resolve('./timeline_migrations')); + loadTestFile(require.resolve('./import_timelines')); + loadTestFile(require.resolve('./install_prepackaged_timelines')); }); } diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts similarity index 63% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts index 3e85d2a85c399..58c9442b12159 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/security_and_spaces/tests/basic/install_prepackaged_timelines.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/install_prepackaged_timelines.ts @@ -8,13 +8,12 @@ import expect from '@kbn/expect'; import { TIMELINE_PREPACKAGED_URL } from '@kbn/security-solution-plugin/common/constants'; -import { FtrProviderContextWithSpaces } from '../../../../../../ftr_provider_context_with_spaces'; -import { deleteAllTimelines, waitFor } from '../../../utils'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; +import { deleteAllTimelines } from '../utils'; export default ({ getService }: FtrProviderContextWithSpaces): void => { const supertest = getService('supertest'); const es = getService('es'); - const log = getService('log'); describe('install_prepackaged_timelines', () => { describe('creating prepackaged rules', () => { @@ -22,15 +21,27 @@ export default ({ getService }: FtrProviderContextWithSpaces): void => { await deleteAllTimelines(es); }); - // TODO: Fix or update the tests - it.skip('should contain timelines_installed, and timelines_updated', async () => { + it('should contain timelines_installed, and timelines_updated', async () => { const { body } = await supertest .post(TIMELINE_PREPACKAGED_URL) .set('kbn-xsrf', 'true') .send() .expect(200); - expect(Object.keys(body)).to.eql(['timelines_installed', 'timelines_updated']); + expect(Object.keys(body)).to.eql([ + 'success', + 'success_count', + 'timelines_installed', + 'timelines_updated', + 'errors', + ]); + expect(body).to.eql({ + success: true, + success_count: 10, + errors: [], + timelines_installed: 10, + timelines_updated: 0, + }); }); it('should create the prepackaged timelines and return a count greater than zero', async () => { @@ -53,29 +64,16 @@ export default ({ getService }: FtrProviderContextWithSpaces): void => { expect(body.timelines_updated).to.eql(0); }); - // TODO: Fix or update the tests - it.skip('should be possible to call the API twice and the second time the number of timelines installed should be zero', async () => { + it('should be possible to call the API twice and the second time the number of timelines installed should be zero', async () => { await supertest.post(TIMELINE_PREPACKAGED_URL).set('kbn-xsrf', 'true').send().expect(200); - await waitFor( - async () => { - const { body } = await supertest - .get(`${TIMELINE_PREPACKAGED_URL}/_status`) - .set('kbn-xsrf', 'true') - .expect(200); - return body.timelines_not_installed === 0; - }, - `${TIMELINE_PREPACKAGED_URL}/_status`, - log - ); - - const { body } = await supertest + const { body: timelinePrepackagedResponseBody } = await supertest .post(TIMELINE_PREPACKAGED_URL) .set('kbn-xsrf', 'true') .send() .expect(200); - expect(body.timelines_installed).to.eql(0); + expect(timelinePrepackagedResponseBody.timelines_installed).to.eql(0); }); }); }); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts similarity index 93% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts index 8a37ad6e9cac9..db5abd723f6f6 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline.ts @@ -8,11 +8,11 @@ import expect from '@kbn/expect'; import { SavedTimeline, TimelineTypeEnum } from '@kbn/security-solution-plugin/common/api/timeline'; -import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; import { createBasicTimeline, createBasicTimelineTemplate, -} from '../../../saved_objects/trial_license_complete_tier/helpers'; +} from '../../saved_objects/tests/helpers'; export default function ({ getService }: FtrProviderContextWithSpaces) { const supertest = getService('supertest'); @@ -60,7 +60,11 @@ export default function ({ getService }: FtrProviderContextWithSpaces) { ).to.equal(0); }); }); - describe('resolve timeline', () => { + /** + * Migration of saved object not working to current serverless version + * https://github.com/elastic/kibana/issues/196483 + * */ + describe.skip('resolve timeline', () => { before(async () => { await esArchiver.load( 'x-pack/test/functional/es_archives/security_solution/timelines/7.15.0' diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_details.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts similarity index 94% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_details.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts index 12539d43a145f..7d127ab7c0f96 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_details.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_details.ts @@ -15,7 +15,7 @@ import { import TestAgent from 'supertest/lib/agent'; import { BsearchService } from '@kbn/ftr-common-functional-services'; -import { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; +import { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; import { timelineDetailsFilebeatExpectedResults as EXPECTED_DATA } from '../mocks/timeline_details'; // typical values that have to change after an update from "scripts/es_archiver" @@ -34,7 +34,7 @@ export default function ({ getService }: FtrProviderContextWithSpaces) { const esArchiver = getService('esArchiver'); const utils = getService('securitySolutionUtils'); - describe('Timeline Details', () => { + describe('@skipInServerless Timeline Details', () => { let supertest: TestAgent; let bsearch: BsearchService; before(async () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_migrations.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts similarity index 97% rename from x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_migrations.ts rename to x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts index c91d4ce24ce51..4aafce9938ae1 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/tests/timeline_migrations.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/tests/timeline_migrations.ts @@ -16,8 +16,8 @@ import { BarePinnedEventWithoutExternalRefs, TimelineWithoutExternalRefs, } from '@kbn/security-solution-plugin/common/api/timeline'; -import type { FtrProviderContextWithSpaces } from '../../../../../ftr_provider_context_with_spaces'; -import { getSavedObjectFromES } from '../../../../utils'; +import type { FtrProviderContextWithSpaces } from '../../../../ftr_provider_context_with_spaces'; +import { getSavedObjectFromES } from '../../../utils'; interface TimelineWithoutSavedQueryId { [timelineSavedObjectType]: TimelineWithoutExternalRefs; @@ -34,7 +34,7 @@ interface PinnedEventWithoutTimelineId { export default function ({ getService }: FtrProviderContextWithSpaces) { const supertest = getService('supertest'); - describe('Timeline migrations', () => { + describe('@skipInServerless Timeline migrations', () => { const esArchiver = getService('esArchiver'); const es = getService('es'); const kibanaServer = getService('kibanaServer'); diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts index 8fd44a2a2c5d9..8d9c8ad8a4652 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/ess.config.ts @@ -20,7 +20,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { `--xpack.securitySolution.enableExperimental=${JSON.stringify([])}`, ], }, - testFiles: [require.resolve('../tests')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Timeline Integration Tests - ESS Env - Trial License', }, diff --git a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts index 0a2827db15d66..0f8a8a350c3ed 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/investigation/timeline/trial_license_complete_tier/configs/serverless.config.ts @@ -16,7 +16,7 @@ export default createTestConfig({ { product_line: 'cloud', product_tier: 'complete' }, ])}`, ], - testFiles: [require.resolve('../tests')], + testFiles: [require.resolve('../../tests')], junit: { reportName: 'Timeline Integration Tests - Serverless Env - Complete Tier', }, diff --git a/x-pack/test/security_solution_api_integration/tsconfig.json b/x-pack/test/security_solution_api_integration/tsconfig.json index 82decfa5a6db3..b7a320dd19720 100644 --- a/x-pack/test/security_solution_api_integration/tsconfig.json +++ b/x-pack/test/security_solution_api_integration/tsconfig.json @@ -45,7 +45,6 @@ "@kbn/actions-plugin", "@kbn/task-manager-plugin", "@kbn/utility-types", - "@kbn/timelines-plugin", "@kbn/dev-cli-runner", "@kbn/elastic-assistant-common", "@kbn/search-types",