Skip to content

Commit

Permalink
[Detection Engine][FTR] Add FTR exception list tests for Serverless p…
Browse files Browse the repository at this point in the history
…rebuilt roles (#198420)

## Summary

Adds FTR tests that check our Serverless prebuilt roles against our
exception list endpoints.

We have had little coverage or visibility to know if any changes made in
elasticsearch-controller introduce a bug in our prebuilt roles.

We could certainly discuss how such tests should be organized - I chose
to create an `authentication` folder that then has a matching folder for
the other sections and a file for each prebuilt role. With us nearing
GA, I'd like to prioritize having coverage and following up with any
improvements.

(cherry picked from commit 4c649d9)
  • Loading branch information
yctercero committed Nov 6, 2024
1 parent 4e53ca9 commit a794ee7
Show file tree
Hide file tree
Showing 47 changed files with 4,879 additions and 22 deletions.
3 changes: 3 additions & 0 deletions .buildkite/ftr_security_serverless_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,9 @@ disabled:
- x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/basic_license_essentials_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/entity_analytics/entity_store/trial_license_complete_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/exception_lists_items/trial_license_complete_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/lists/essentials_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/common/essentials_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/authorization/exceptions/items/essentials_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/lists_and_exception_lists/lists_items/trial_license_complete_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/explore/hosts/trial_license_complete_tier/configs/serverless.config.ts
- x-pack/test/security_solution_api_integration/test_suites/explore/network/trial_license_complete_tier/configs/serverless.config.ts
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,51 @@ steps:
- exit_status: '1'
limit: 2

- label: Running exception_lists:auth:lists:qa:serverless
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:lists:qa:serverless
key: exception_lists:auth:lists:qa:serverless
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
preemptible: true
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2

- label: Running exception_lists:auth:common:qa:serverless
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:common:qa:serverless
key: exception_lists:auth:common:qa:serverless
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
preemptible: true
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2

- label: Running exception_lists:auth:items:qa:serverless
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:items:qa:serverless
key: exception_lists:auth:items:qa:serverless
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
preemptible: true
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2

- label: Running lists_items:qa:serverless
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh lists_items:qa:serverless
key: lists_items:qa:serverless
Expand Down
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
steps:
- group: "Cypress MKI - Detection Engine"
- group: 'Cypress MKI - Detection Engine'
key: cypress_test_detections_engine
steps:
- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine
label: "Cypress MKI - Detection Engine"
label: 'Cypress MKI - Detection Engine'
key: test_detection_engine
env:
BK_TEST_SUITE_KEY: "serverless-cypress-detection-engine"
BK_TEST_SUITE_KEY: 'serverless-cypress-detection-engine'
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
Expand All @@ -17,10 +17,10 @@ steps:
parallelism: 1

- command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine:exceptions
label: "Cypress MKI - Detection Engine - Exceptions"
label: 'Cypress MKI - Detection Engine - Exceptions'
key: test_detection_engine_exceptions
env:
BK_TEST_SUITE_KEY: "serverless-cypress-detection-engine"
BK_TEST_SUITE_KEY: 'serverless-cypress-detection-engine'
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
Expand All @@ -30,7 +30,7 @@ steps:
timeout_in_minutes: 300
parallelism: 1

- group: "API MKI - Detection Engine"
- group: 'API MKI - Detection Engine'
key: api_test_detections_engine
steps:
- label: Running exception_lists_items:qa:serverless:release
Expand All @@ -44,7 +44,49 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running exception_lists:auth:lists:qa:serverless:release
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:auth:lists:qa:serverless:release
key: exception_lists:auth:lists:qa:serverless:release
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2

- label: Running exception_lists:common:lists:qa:serverless:release
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:common:lists:qa:serverless:release
key: exception_lists:common:lists:qa:serverless:release
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2

- label: Running exception_lists:items:lists:qa:serverless:release
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh exception_lists:items:lists:qa:serverless:release
key: exception_lists:items:lists:qa:serverless:release
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-4
timeout_in_minutes: 120
retry:
automatic:
- exit_status: '1'
limit: 2

- label: Running lists_items:qa:serverless:release
Expand All @@ -58,7 +100,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running user_roles:qa:serverless:release
Expand All @@ -72,7 +114,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running telemetry:qa:serverless:release
Expand All @@ -86,7 +128,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running exception_workflows:essentials:qa:serverless:release
Expand All @@ -100,7 +142,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running exception_operators_date_types:essentials:qa:serverless:release
Expand Down Expand Up @@ -156,7 +198,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running exception_operators_keyword:essentials:qa:serverless:release
Expand All @@ -170,7 +212,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running exception_operators_ips:essentials:qa:serverless:release
Expand All @@ -184,7 +226,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running exception_operators_long:essentials:qa:serverless:release
Expand All @@ -198,7 +240,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running exception_operators_text:essentials:qa:serverless:release
Expand All @@ -212,7 +254,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running actions:qa:serverless:release
Expand All @@ -226,7 +268,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running alerts:qa:serverless:release
Expand All @@ -240,7 +282,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running alerts:essentials:qa:serverless:release
Expand All @@ -254,7 +296,7 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2

- label: Running rule_execution_logic:eql:qa:serverless:release
Expand Down Expand Up @@ -366,5 +408,5 @@ steps:
timeout_in_minutes: 120
retry:
automatic:
- exit_status: "1"
- exit_status: '1'
limit: 2
18 changes: 18 additions & 0 deletions x-pack/test/security_solution_api_integration/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,9 @@
"initialize-server:lists:complete": "node ./scripts/index.js server lists_and_exception_lists trial_license_complete_tier",
"run-tests:lists:complete": "node ./scripts/index.js runner lists_and_exception_lists trial_license_complete_tier",

"initialize-server:lists:essentials_only": "node ./scripts/index.js server lists_and_exception_lists essentials_tier",
"run-tests:lists:essentials_only": "node ./scripts/index.js runner lists_and_exception_lists essentials_tier",

"initialize-server:edr-workflows": "node ./scripts/index.js server edr_workflows trial_license_complete_tier",
"run-tests:edr-workflows": "node ./scripts/index.js runner edr_workflows trial_license_complete_tier",

Expand Down Expand Up @@ -136,6 +139,21 @@
"edr_workflows:response_actions:server:ess": "npm run initialize-server:edr-workflows response_actions ess",
"edr_workflows:response_actions:runner:ess": "npm run run-tests:edr-workflows response_actions ess essEnv",

"exception_lists:auth:lists:server:serverless": "npm run initialize-server:lists:essentials_only authorization/exceptions/lists serverless",
"exception_lists:auth:lists:runner:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/lists serverless serverlessEnv",
"exception_lists:auth:lists:qa:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/lists serverless qaPeriodicEnv",
"exception_lists:auth:lists:qa:serverless:release": "npm run run-tests:lists:essentials_only authorization/exceptions/lists serverless qaEnv",

"exception_lists:auth:common:server:serverless": "npm run initialize-server:lists:essentials_only authorization/exceptions/common serverless",
"exception_lists:auth:common:runner:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/common serverless serverlessEnv",
"exception_lists:auth:common:qa:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/common serverless qaPeriodicEnv",
"exception_lists:auth:common:qa:serverless:release": "npm run run-tests:lists:essentials_only authorization/exceptions/common serverless qaEnv",

"exception_lists:auth:items:server:serverless": "npm run initialize-server:lists:essentials_only authorization/exceptions/items serverless",
"exception_lists:auth:items:runner:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/items serverless serverlessEnv",
"exception_lists:auth:items:qa:serverless": "npm run run-tests:lists:essentials_only authorization/exceptions/items serverless qaPeriodicEnv",
"exception_lists:auth:items:qa:serverless:release": "npm run run-tests:lists:essentials_only authorization/exceptions/items serverless qaEnv",

"exception_lists_items:server:serverless": "npm run initialize-server:lists:complete exception_lists_items serverless",
"exception_lists_items:runner:serverless": "npm run run-tests:lists:complete exception_lists_items serverless serverlessEnv",
"exception_lists_items:qa:serverless": "npm run run-tests:lists:complete exception_lists_items serverless qaPeriodicEnv",
Expand Down
Loading

0 comments on commit a794ee7

Please sign in to comment.