From b908520b09583ce7abcd215b799f3bcc64811f0d Mon Sep 17 00:00:00 2001
From: Ashokaditya <ashokaditya@elastic.co>
Date: Wed, 24 Jan 2024 17:01:46 +0100
Subject: [PATCH 1/5] unskip test

closes elastic/kibana/issues/170435
closes elastic/kibana/issues/172374
closes elastic/kibana/issues/172512
---
 .../test/security_solution_endpoint/apps/endpoint/responder.ts | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/responder.ts b/x-pack/test/security_solution_endpoint/apps/endpoint/responder.ts
index 6f00806e67c05..bcc3177846d37 100644
--- a/x-pack/test/security_solution_endpoint/apps/endpoint/responder.ts
+++ b/x-pack/test/security_solution_endpoint/apps/endpoint/responder.ts
@@ -82,8 +82,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
     );
   };
 
-  // FLAKY: https://github.com/elastic/kibana/issues/153071
-  describe.skip('Response Actions Responder', function () {
+  describe('Response Actions Responder', function () {
     targetTags(this, ['@ess', '@serverless']);
 
     let indexedData: IndexedHostsAndAlertsResponse;

From 5fbeae7df6f16b62d6503b88d3a6ff4f3667041a Mon Sep 17 00:00:00 2001
From: Ashokaditya <ashokaditya@elastic.co>
Date: Wed, 24 Jan 2024 17:02:23 +0100
Subject: [PATCH 2/5] change for flaky runner

---
 .../security_solution_endpoint/apps/endpoint/index.ts     | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/index.ts b/x-pack/test/security_solution_endpoint/apps/endpoint/index.ts
index 081a03fef4f51..a702ac423ab06 100644
--- a/x-pack/test/security_solution_endpoint/apps/endpoint/index.ts
+++ b/x-pack/test/security_solution_endpoint/apps/endpoint/index.ts
@@ -42,10 +42,10 @@ export default function (providerContext: FtrProviderContext) {
         await pageObjects.svlCommonPage.login();
       }
     });
-    loadTestFile(require.resolve('./endpoint_list'));
-    loadTestFile(require.resolve('./endpoint_telemetry'));
-    loadTestFile(require.resolve('./endpoint_permissions'));
+    // loadTestFile(require.resolve('./endpoint_list'));
+    // loadTestFile(require.resolve('./endpoint_telemetry'));
+    // loadTestFile(require.resolve('./endpoint_permissions'));
     loadTestFile(require.resolve('./responder'));
-    loadTestFile(require.resolve('./endpoint_solution_integrations'));
+    // loadTestFile(require.resolve('./endpoint_solution_integrations'));
   });
 }

From 6c72721640111ffb591bdc40ef4a8b5327699630 Mon Sep 17 00:00:00 2001
From: Ashokaditya <ashokaditya@elastic.co>
Date: Thu, 15 Feb 2024 16:12:56 +0100
Subject: [PATCH 3/5] add missing version

---
 x-pack/test/security_solution_ftr/services/timeline/index.ts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/x-pack/test/security_solution_ftr/services/timeline/index.ts b/x-pack/test/security_solution_ftr/services/timeline/index.ts
index b9acf21a9384e..ebf6497567d81 100644
--- a/x-pack/test/security_solution_ftr/services/timeline/index.ts
+++ b/x-pack/test/security_solution_ftr/services/timeline/index.ts
@@ -58,6 +58,7 @@ export class TimelineTestService extends FtrService {
       await this.supertest
         .post(TIMELINE_DRAFT_URL)
         .set('kbn-xsrf', 'true')
+        .set('elastic-api-version', '2023-10-31')
         .send({ timelineType: 'default' })
         .then(this.getHttpResponseFailureHandler())
         .then((response) => response.body as TimelineResponse)
@@ -112,6 +113,7 @@ export class TimelineTestService extends FtrService {
     return await this.supertest
       .patch(TIMELINE_URL)
       .set('kbn-xsrf', 'true')
+      .set('elastic-api-version', '2023-10-31')
       .send({
         timelineId,
         version,
@@ -126,6 +128,7 @@ export class TimelineTestService extends FtrService {
     await this.supertest
       .delete(TIMELINE_URL)
       .set('kbn-xsrf', 'true')
+      .set('elastic-api-version', '2023-10-31')
       .send({
         savedObjectIds: Array.isArray(id) ? id : [id],
       })

From 61133bb7afe51a0d4efd8609ceb4eef7e8fc5a3d Mon Sep 17 00:00:00 2001
From: Ashokaditya <ashokaditya@elastic.co>
Date: Fri, 23 Feb 2024 16:41:50 +0100
Subject: [PATCH 4/5] remove redundant ftr test

---
 .../apps/endpoint/responder.ts                | 246 ------------------
 1 file changed, 246 deletions(-)
 delete mode 100644 x-pack/test/security_solution_endpoint/apps/endpoint/responder.ts

diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/responder.ts b/x-pack/test/security_solution_endpoint/apps/endpoint/responder.ts
deleted file mode 100644
index bcc3177846d37..0000000000000
--- a/x-pack/test/security_solution_endpoint/apps/endpoint/responder.ts
+++ /dev/null
@@ -1,246 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import { IndexedHostsAndAlertsResponse } from '@kbn/security-solution-plugin/common/endpoint/index_data';
-import { TimelineResponse } from '@kbn/security-solution-plugin/common/api/timeline';
-import { type IndexedEndpointRuleAlerts } from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_endpoint_rule_alerts';
-import { DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP } from '@kbn/security-solution-plugin/common/test';
-import { FtrProviderContext } from '../../ftr_provider_context';
-import { targetTags } from '../../target_tags';
-
-export default ({ getPageObjects, getService }: FtrProviderContext) => {
-  const pageObjects = getPageObjects([
-    'common',
-    'endpoint',
-    'header',
-    'endpointPageUtils',
-    'responder',
-    'timeline',
-    'detections',
-  ]);
-  const testSubjects = getService('testSubjects');
-  const endpointTestResources = getService('endpointTestResources');
-  const timelineTestService = getService('timeline');
-  const detectionsTestService = getService('detections');
-  const log = getService('log');
-
-  // The Alerts Rule seems to run every 5 minutes when there are no failures. This timeout ensures
-  // that we wait long enough for them to show up.
-  const MAX_WAIT_FOR_ALERTS_TIMEOUT = 60_000 * 6;
-
-  const performResponderSanityChecks = async () => {
-    // Show the Action log
-    await pageObjects.responder.openActionLogFlyout();
-
-    // Ensure the popover in the action log date quick select picker is accessible
-    // (this is especially important for when Responder is displayed from a Timeline)
-    await pageObjects.responder.clickActionLogSuperDatePickerQuickMenuButton();
-    await testSubjects.click(DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP['Last 1 year']);
-    await pageObjects.responder.closeActionLogFlyout();
-
-    // Close responder
-    await pageObjects.responder.closeResponder();
-  };
-  const getEndpointAlertsQueryForAgentId = (
-    agentId: string
-  ): object & { $stringify: () => string } => {
-    return Object.assign(
-      Object.create({
-        $stringify() {
-          return JSON.stringify(this);
-        },
-      }),
-
-      {
-        bool: {
-          filter: [
-            {
-              bool: {
-                should: [{ match_phrase: { 'agent.type': 'endpoint' } }],
-                minimum_should_match: 1,
-              },
-            },
-            {
-              bool: {
-                should: [{ match_phrase: { 'agent.id': agentId } }],
-                minimum_should_match: 1,
-              },
-            },
-            {
-              bool: {
-                should: [{ exists: { field: 'kibana.alert.rule.uuid' } }],
-                minimum_should_match: 1,
-              },
-            },
-          ],
-        },
-      }
-    );
-  };
-
-  describe('Response Actions Responder', function () {
-    targetTags(this, ['@ess', '@serverless']);
-
-    let indexedData: IndexedHostsAndAlertsResponse;
-    let endpointAgentId: string;
-
-    before(async () => {
-      indexedData = await endpointTestResources.loadEndpointData({
-        numHosts: 2,
-        generatorSeed: `responder ${Math.random()}`,
-      });
-
-      endpointAgentId = indexedData.hosts[0].agent.id;
-
-      // start/stop the endpoint rule. This should cause the rule to run immediately
-      // and create the Alerts and avoid us having to wait for the interval (of 5 minutes)
-      await detectionsTestService.stopStartEndpointRule();
-    });
-
-    after(async () => {
-      if (indexedData) {
-        log.info('Cleaning up loaded endpoint data');
-        await endpointTestResources.unloadEndpointData(indexedData);
-      }
-    });
-
-    describe('from the Endpoint list and details', () => {
-      before(async () => {
-        await pageObjects.endpoint.navigateToEndpointList();
-      });
-
-      it('should show Responder from the endpoint list', async () => {
-        await pageObjects.endpoint.showResponderFromEndpointList(endpointAgentId);
-        await performResponderSanityChecks();
-      });
-
-      it('should show Responder from the endpoint details', async () => {
-        await pageObjects.endpoint.showResponderFromEndpointDetails(endpointAgentId);
-        await performResponderSanityChecks();
-      });
-    });
-
-    describe('from timeline', () => {
-      let timeline: TimelineResponse;
-      let indexedAlerts: IndexedEndpointRuleAlerts;
-
-      before(async () => {
-        timeline = await timelineTestService.createTimeline('endpoint responder test');
-
-        // Add all alerts for the Endpoint to the timeline created
-        timeline = await timelineTestService.updateTimeline(
-          timeline.data.persistTimeline.timeline.savedObjectId,
-          {
-            title: timeline.data.persistTimeline.timeline.title,
-            kqlQuery: {
-              filterQuery: {
-                kuery: {
-                  kind: 'kuery',
-                  expression: `agent.type: "endpoint" AND agent.id : "${endpointAgentId}" AND kibana.alert.rule.uuid : *`,
-                },
-                serializedQuery: getEndpointAlertsQueryForAgentId(endpointAgentId).$stringify(),
-              },
-            },
-            savedSearchId: null,
-          },
-          timeline.data.persistTimeline.timeline.version
-        );
-
-        indexedAlerts = await detectionsTestService.loadEndpointRuleAlerts(endpointAgentId);
-
-        await detectionsTestService.waitForAlerts(
-          getEndpointAlertsQueryForAgentId(endpointAgentId),
-          MAX_WAIT_FOR_ALERTS_TIMEOUT
-        );
-
-        await pageObjects.timeline.navigateToTimelineList();
-      });
-
-      after(async () => {
-        if (timeline) {
-          log.info(
-            `Cleaning up created timeline [${timeline.data.persistTimeline.timeline.title} - ${timeline.data.persistTimeline.timeline.savedObjectId}]`
-          );
-          await timelineTestService.deleteTimeline(
-            timeline.data.persistTimeline.timeline.savedObjectId
-          );
-        }
-
-        if (indexedAlerts) {
-          log.info(`Cleaning up loaded alerts for Timeline`);
-          await indexedAlerts.cleanup();
-        }
-      });
-
-      it('should show Responder from alert in a timeline', async () => {
-        await pageObjects.timeline.openTimelineById(
-          timeline.data.persistTimeline.timeline.savedObjectId
-        );
-        await pageObjects.timeline.setDateRange('Last 1 year');
-        await pageObjects.timeline.waitForEvents(MAX_WAIT_FOR_ALERTS_TIMEOUT);
-
-        // Show event/alert details for the first one in the list
-        await pageObjects.timeline.showEventDetails();
-
-        // TODO: The index already exists error toast should not show up
-        // close and dismiss it if it does
-        if (await testSubjects.exists('globalToastList')) {
-          await testSubjects.click('toastCloseButton');
-        }
-        // Click responder from the take action button
-        await testSubjects.click('take-action-dropdown-btn');
-        await testSubjects.clickWhenNotDisabled('endpointResponseActions-action-item');
-        await testSubjects.existOrFail('consolePageOverlay');
-
-        // close tour popup
-        if (await testSubjects.exists('timeline-save-tour-close-button')) {
-          await testSubjects.click('timeline-save-tour-close-button');
-        }
-
-        await performResponderSanityChecks();
-        await pageObjects.timeline.closeTimeline();
-      });
-    });
-
-    describe('from alerts', () => {
-      let indexedAlerts: IndexedEndpointRuleAlerts;
-
-      before(async () => {
-        await getService('kibanaServer').request({
-          path: `internal/kibana/settings`,
-          method: 'POST',
-          body: { changes: { 'securitySolution:enableExpandableFlyout': false } },
-        });
-
-        indexedAlerts = await detectionsTestService.loadEndpointRuleAlerts(endpointAgentId);
-
-        await detectionsTestService.waitForAlerts(
-          getEndpointAlertsQueryForAgentId(endpointAgentId),
-          MAX_WAIT_FOR_ALERTS_TIMEOUT
-        );
-      });
-
-      after(async () => {
-        if (indexedAlerts) {
-          log.info(`Cleaning up alerts loaded for Alerts page`);
-          await indexedAlerts.cleanup();
-        }
-      });
-
-      it('should show Responder from alert details under alerts list page', async () => {
-        const hostname = indexedData.hosts[0].host.name;
-        await pageObjects.detections.navigateToAlerts(
-          `query=(language:kuery,query:'host.hostname: "${hostname}" ')`
-        );
-        await pageObjects.detections.waitForListToHaveAlerts(MAX_WAIT_FOR_ALERTS_TIMEOUT);
-        await pageObjects.detections.openFirstAlertDetailsForHostName(hostname);
-        await pageObjects.detections.openResponseConsoleFromAlertDetails();
-        await performResponderSanityChecks();
-      });
-    });
-  });
-};

From 054ac120dfe7a471a16cf9296310be7f84242dab Mon Sep 17 00:00:00 2001
From: Ashokaditya <ashokaditya@elastic.co>
Date: Fri, 23 Feb 2024 16:44:30 +0100
Subject: [PATCH 5/5] undo spec change

---
 .../security_solution_endpoint/apps/endpoint/index.ts    | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/x-pack/test/security_solution_endpoint/apps/endpoint/index.ts b/x-pack/test/security_solution_endpoint/apps/endpoint/index.ts
index a702ac423ab06..6786f82a6fabe 100644
--- a/x-pack/test/security_solution_endpoint/apps/endpoint/index.ts
+++ b/x-pack/test/security_solution_endpoint/apps/endpoint/index.ts
@@ -42,10 +42,9 @@ export default function (providerContext: FtrProviderContext) {
         await pageObjects.svlCommonPage.login();
       }
     });
-    // loadTestFile(require.resolve('./endpoint_list'));
-    // loadTestFile(require.resolve('./endpoint_telemetry'));
-    // loadTestFile(require.resolve('./endpoint_permissions'));
-    loadTestFile(require.resolve('./responder'));
-    // loadTestFile(require.resolve('./endpoint_solution_integrations'));
+    loadTestFile(require.resolve('./endpoint_list'));
+    loadTestFile(require.resolve('./endpoint_telemetry'));
+    loadTestFile(require.resolve('./endpoint_permissions'));
+    loadTestFile(require.resolve('./endpoint_solution_integrations'));
   });
 }