Merge branch 'main' into 197612-obxuxinfra-remove-feature-flags-for-g…

…a-features

.buildkite/ftr_oblt_stateful_configs.yml

@@ -30,7 +30,6 @@ enabled:
   - x-pack/test/api_integration/apis/metrics_ui/config.ts
   - x-pack/test/api_integration/apis/osquery/config.ts
   - x-pack/test/api_integration/apis/synthetics/config.ts
-  - x-pack/test/api_integration/apis/slos/config.ts
   - x-pack/test/api_integration/apis/uptime/config.ts
   - x-pack/test/api_integration/apis/entity_manager/config.ts
   - x-pack/test/apm_api_integration/basic/config.ts

.gitignore

@@ -157,4 +157,5 @@ x-pack/test/security_solution_playwright/playwright-report/
 x-pack/test/security_solution_playwright/blob-report/
 x-pack/test/security_solution_playwright/playwright/.cache/
 x-pack/test/security_solution_playwright/.auth/
-x-pack/test/security_solution_playwright/.env
+x-pack/test/security_solution_playwright/.env
+.codeql

scripts/codeql/codeql.dockerfile

@@ -0,0 +1,39 @@
+FROM ubuntu:latest
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+ARG USERNAME=codeql
+ARG CODEQL_VERSION="v2.19.0"
+ENV CODEQL_HOME /usr/local/codeql-home
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    passwd \
+    adduser \
+    bash \
+    curl \
+    git \
+    unzip \
+    nodejs \
+    jq
+
+RUN adduser --home ${CODEQL_HOME} ${USERNAME}
+
+RUN curl -Lk "https://github.com/github/codeql-action/releases/download/codeql-bundle-${CODEQL_VERSION}/codeql-bundle-linux64.tar.gz" -o codeql.tar.gz \
+    && mkdir -p ${CODEQL_HOME} \
+    && tar -xvzf codeql.tar.gz -C ${CODEQL_HOME} \
+    && rm codeql.tar.gz
+
+RUN chmod +x ${CODEQL_HOME}/codeql/codeql
+
+RUN chown -R ${USERNAME}:${USERNAME} ${CODEQL_HOME}
+
+USER ${USERNAME}
+
+ENV PATH="${CODEQL_HOME}/codeql:${PATH}"
+
+RUN echo $PATH && codeql --version
+
+WORKDIR /workspace
+
+ENTRYPOINT ["/bin/bash", "-c"]

scripts/codeql/quick_check.sh

@@ -0,0 +1,126 @@
+#!/bin/bash
+
+LANGUAGE="javascript"
+CODEQL_DIR=".codeql"
+DATABASE_PATH="$CODEQL_DIR/database"
+QUERY_OUTPUT="$DATABASE_PATH/results.sarif"
+OUTPUT_FORMAT="sarif-latest"
+DOCKER_IMAGE="codeql-env"
+BASE_DIR="$(cd "$(dirname "$0")"; pwd)"
+
+# Colors
+bold=$(tput bold)
+reset=$(tput sgr0)
+red=$(tput setaf 1)
+green=$(tput setaf 2)
+blue=$(tput setaf 4)
+yellow=$(tput setaf 3)
+
+while getopts ":s:r:" opt; do
+  case $opt in
+    s) SRC_DIR="$OPTARG" ;;
+    r) CODEQL_DIR="$OPTARG"; DATABASE_PATH="$CODEQL_DIR/database"; QUERY_OUTPUT="$DATABASE_PATH/results.sarif" ;;
+    \?) echo "Invalid option -$OPTARG" >&2; exit 1 ;;
+    :) echo "Option -$OPTARG requires an argument." >&2; exit 1 ;;
+  esac
+done
+
+if [ -z "$SRC_DIR" ]; then
+    echo "Usage: $0 -s <source_dir> [-r <results_dir>]"
+    exit 1
+fi
+
+mkdir -p "$CODEQL_DIR"
+
+# Check the architecture
+ARCH=$(uname -m)
+PLATFORM_FLAG=""
+
+# CodeQL CLI binary does not support arm64 architecture, setting the platform to linux/amd64
+if [[ "$ARCH" == "arm64" ]]; then
+    PLATFORM_FLAG="--platform linux/amd64"
+fi
+
+if [[ "$(docker images -q $DOCKER_IMAGE 2> /dev/null)" == "" ]]; then
+    echo "Docker image $DOCKER_IMAGE not found. Building locally..."
+    docker build $PLATFORM_FLAG -t "$DOCKER_IMAGE" -f "$BASE_DIR/codeql.dockerfile" "$BASE_DIR"
+    if [ $? -ne 0 ]; then
+        echo "${red}Docker image build failed.${reset}"
+        exit 1
+    fi
+fi
+
+cleanup_database() {
+  echo "Deleting contents of $CODEQL_DIR."
+  rm -rf "$CODEQL_DIR"/*
+}
+
+SRC_DIR="$(cd "$(dirname "$SRC_DIR")"; pwd)/$(basename "$SRC_DIR")"
+CODEQL_DIR="$(cd "$(dirname "$CODEQL_DIR")"; pwd)/$(basename "$CODEQL_DIR")"
+DATABASE_PATH="$(cd "$(dirname "$DATABASE_PATH")"; pwd)/$(basename "$DATABASE_PATH")"
+
+# Step 1: Run the Docker container to create a CodeQL database from the source code.
+echo "Creating a CodeQL database from the source code: $SRC_DIR"
+docker run $PLATFORM_FLAG --rm -v "$SRC_DIR":/workspace/source-code \
+    -v "${DATABASE_PATH}":/workspace/shared $DOCKER_IMAGE \
+    "codeql database create /workspace/shared/codeql-db --language=javascript --source-root=/workspace/source-code --overwrite"
+
+if [ $? -ne 0 ]; then
+  echo "CodeQL database creation failed."
+  cleanup_database
+  exit 1
+fi
+
+echo "Analyzing a CodeQL database: $DATABASE_PATH"
+# Step 2: Run the Docker container to analyze the CodeQL database.
+docker run $PLATFORM_FLAG --rm -v "${DATABASE_PATH}":/workspace/shared $DOCKER_IMAGE \
+    "codeql database analyze --format=${OUTPUT_FORMAT} --output=/workspace/shared/results.sarif /workspace/shared/codeql-db javascript-security-and-quality.qls"
+
+if [ $? -ne 0 ]; then
+  echo "CodeQL database analysis failed."
+  cleanup_database
+  exit 1
+fi
+
+# Step 3: Print summary of SARIF results
+echo "Analysis complete. Results saved to $QUERY_OUTPUT"
+if command -v jq &> /dev/null; then
+    vulnerabilities=$(jq -r '.runs[] | select(.results | length > 0)' "$QUERY_OUTPUT")
+
+    if [[ -z "$vulnerabilities" ]]; then
+        echo "${blue}${bold}No vulnerabilities found in the SARIF results.${reset}"
+    else
+        echo "${yellow}${bold}Summary of SARIF results:${reset}"
+        jq -r '
+          .runs[] |
+          .results[] as $result |
+          .tool.driver.rules[] as $rule |
+          select($rule.id == $result.ruleId) |
+          "Rule: \($result.ruleId)\nMessage: \($result.message.text)\nFile: \($result.locations[].physicalLocation.artifactLocation.uri)\nLine: \($result.locations[].physicalLocation.region.startLine)\nSecurity Severity: \($rule.properties."security-severity" // "N/A")\n"' "$QUERY_OUTPUT" |
+        while IFS= read -r line; do
+            case "$line" in
+                Rule:*)
+                    echo "${red}${bold}$line${reset}"
+                    ;;
+                Message:*)
+                    echo "${green}$line${reset}"
+                    ;;
+                File:*)
+                    echo "${blue}$line${reset}"
+                    ;;
+                Line:*)
+                    echo "${yellow}$line${reset}"
+                    ;;
+                Security\ Severity:*)
+                    echo "${yellow}$line${reset}"
+                    ;;
+                *)
+                    echo "$line"
+                    ;;
+            esac
+        done
+    fi
+else
+    echo "${red}${bold}Please install jq to display a summary of the SARIF results.${reset}"
+    echo "${bold}You can view the full results in the SARIF file using a SARIF viewer.${reset}"
+fi

src/plugins/discover/public/application/main/components/total_documents/total_documents.tsx

@@ -11,25 +11,45 @@ import React from 'react';
 import { FormattedMessage, FormattedNumber } from '@kbn/i18n-react';
 import { EuiText } from '@elastic/eui';
 
-export const TotalDocuments = ({ totalHitCount }: { totalHitCount: number }) => {
+export const TotalDocuments = ({
+  totalHitCount,
+  isEsqlMode,
+}: {
+  totalHitCount: number;
+  isEsqlMode?: boolean;
+}) => {
+  const totalDocuments = (
+    <strong>
+      <FormattedNumber value={totalHitCount} />
+    </strong>
+  );
+
   return (
     <EuiText
       grow={false}
       size="s"
       style={{ paddingRight: 2 }}
       data-test-subj="savedSearchTotalDocuments"
     >
-      <FormattedMessage
-        id="discover.docTable.totalDocuments"
-        defaultMessage="{totalDocuments} documents"
-        values={{
-          totalDocuments: (
-            <strong>
-              <FormattedNumber value={totalHitCount} />
-            </strong>
-          ),
-        }}
-      />
+      {isEsqlMode ? (
+        <FormattedMessage
+          id="discover.embeddable.totalResults"
+          defaultMessage="{totalDocuments} {totalHitCount, plural, one {result} other {results}}"
+          values={{
+            totalDocuments,
+            totalHitCount,
+          }}
+        />
+      ) : (
+        <FormattedMessage
+          id="discover.embeddable.totalDocuments"
+          defaultMessage="{totalDocuments} {totalHitCount, plural, one {document} other {documents}}"
+          values={{
+            totalDocuments,
+            totalHitCount,
+          }}
+        />
+      )}
     </EuiText>
   );
 };

src/plugins/discover/public/components/view_mode_toggle/view_mode_toggle.test.tsx

@@ -94,6 +94,7 @@ describe('Document view mode toggle component', () => {
     expect(findTestSubject(component, 'dscViewModeDocumentButton').exists()).toBe(true);
     expect(findTestSubject(component, 'dscViewModePatternAnalysisButton').exists()).toBe(true);
     expect(findTestSubject(component, 'dscViewModeFieldStatsButton').exists()).toBe(true);
+    expect(findTestSubject(component, 'dscViewModeDocumentButton').text()).toBe('Documents (10)');
   });
 
   it('should not render if SHOW_FIELD_STATISTICS is false', async () => {
@@ -114,6 +115,7 @@ describe('Document view mode toggle component', () => {
     expect(findTestSubject(component, 'dscViewModeDocumentButton').exists()).toBe(true);
     expect(findTestSubject(component, 'dscViewModePatternAnalysisButton').exists()).toBe(false);
     expect(findTestSubject(component, 'dscViewModeFieldStatsButton').exists()).toBe(true);
+    expect(findTestSubject(component, 'dscViewModeDocumentButton').text()).toBe('Results (10)');
   });
 
   it('should set the view mode to VIEW_MODE.DOCUMENT_LEVEL when dscViewModeDocumentButton is clicked', async () => {

src/plugins/discover/public/components/view_mode_toggle/view_mode_toggle.tsx

@@ -130,7 +130,14 @@ export const DocumentViewModeToggle = ({
               onClick={() => setDiscoverViewMode(VIEW_MODE.DOCUMENT_LEVEL)}
               data-test-subj="dscViewModeDocumentButton"
             >
-              <FormattedMessage id="discover.viewModes.document.label" defaultMessage="Documents" />
+              {isEsqlMode ? (
+                <FormattedMessage id="discover.viewModes.esql.label" defaultMessage="Results" />
+              ) : (
+                <FormattedMessage
+                  id="discover.viewModes.document.label"
+                  defaultMessage="Documents"
+                />
+              )}
               <HitsCounter mode={HitsCounterMode.appended} stateContainer={stateContainer} />
             </EuiTab>
 

src/plugins/discover/public/embeddable/components/saved_search_grid.tsx

@@ -85,10 +85,10 @@ export function DiscoverGridEmbeddable(props: DiscoverGridEmbeddableProps) {
       getRenderCustomToolbarWithElements({
         leftSide:
           typeof props.totalHitCount === 'number' ? (
-            <TotalDocuments totalHitCount={props.totalHitCount} />
+            <TotalDocuments totalHitCount={props.totalHitCount} isEsqlMode={props.isPlainRecord} />
           ) : undefined,
       }),
-    [props.totalHitCount]
+    [props.totalHitCount, props.isPlainRecord]
   );
 
   const getCellRenderersAccessor = useProfileAccessor('getCellRenderers');

x-pack/plugins/cases/public/components/configure_cases/connectors.test.tsx

@@ -21,12 +21,20 @@ import {
 import { ConnectorsDropdown } from './connectors_dropdown';
 import { connectors, actionTypes } from './__mock__';
 import { ConnectorTypes } from '../../../common/types/domain';
+import userEvent from '@testing-library/user-event';
+import { useApplicationCapabilities } from '../../common/lib/kibana';
+
+const useApplicationCapabilitiesMock = useApplicationCapabilities as jest.Mocked<
+  typeof useApplicationCapabilities
+>;
+jest.mock('../../common/lib/kibana');
 
 describe('Connectors', () => {
   let wrapper: ReactWrapper;
   let appMockRender: AppMockRenderer;
   const onChangeConnector = jest.fn();
   const handleShowEditFlyout = jest.fn();
+  const onAddNewConnector = jest.fn();
 
   const props: Props = {
     actionTypes,
@@ -38,6 +46,7 @@ describe('Connectors', () => {
     onChangeConnector,
     selectedConnector: { id: 'none', type: ConnectorTypes.none },
     updateConnectorDisabled: false,
+    onAddNewConnector,
   };
 
   beforeAll(() => {
@@ -104,12 +113,16 @@ describe('Connectors', () => {
   });
 
   it('shows the add connector button', () => {
-    wrapper.find('button[data-test-subj="dropdown-connectors"]').simulate('click');
-    wrapper.update();
+    appMockRender.render(<Connectors {...props} />);
 
-    expect(
-      wrapper.find('button[data-test-subj="dropdown-connector-add-connector"]').exists()
-    ).toBeTruthy();
+    expect(screen.getByTestId('add-new-connector')).toBeInTheDocument();
+  });
+
+  it('shows the add connector flyout when the button is clicked', async () => {
+    appMockRender.render(<Connectors {...props} />);
+
+    await userEvent.click(await screen.findByTestId('add-new-connector'));
+    expect(onAddNewConnector).toHaveBeenCalled();
   });
 
   it('the text of the update button is shown correctly', () => {
@@ -156,16 +169,14 @@ describe('Connectors', () => {
   });
 
   it('shows the actions permission message if the user does not have read access to actions', async () => {
-    appMockRender.coreStart.application.capabilities = {
-      ...appMockRender.coreStart.application.capabilities,
-      actions: { save: false, show: false },
-    };
+    useApplicationCapabilitiesMock().actions = { crud: false, read: false };
+
+    appMockRender.render(<Connectors {...props} />);
 
-    const result = appMockRender.render(<Connectors {...props} />);
     expect(
-      result.getByTestId('configure-case-connector-permissions-error-msg')
+      await screen.findByTestId('configure-case-connector-permissions-error-msg')
     ).toBeInTheDocument();
-    expect(result.queryByTestId('case-connectors-dropdown')).toBe(null);
+    expect(screen.queryByTestId('case-connectors-dropdown')).not.toBeInTheDocument();
   });
 
   it('shows the actions permission message if the user does not have access to case connector', async () => {
@@ -177,4 +188,12 @@ describe('Connectors', () => {
     ).toBeInTheDocument();
     expect(result.queryByTestId('case-connectors-dropdown')).toBe(null);
   });
+
+  it('it should hide the "Add Connector" button when the user lacks the capability to add a new connector', () => {
+    useApplicationCapabilitiesMock().actions = { crud: false, read: true };
+
+    appMockRender.render(<Connectors {...props} />);
+
+    expect(screen.queryByTestId('add-new-connector')).not.toBeInTheDocument();
+  });
 });