Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[8.x] [Fleet] Improve policy_secrets test suite performance (#193359) #193476

Merged
merged 1 commit into from
Sep 19, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
131 changes: 81 additions & 50 deletions x-pack/test/fleet_api_integration/apis/policy_secrets.ts
Original file line number Diff line number Diff line change
Expand Up @@ -108,33 +108,28 @@ export default function (providerContext: FtrProviderContext) {
.expect(200);
}

try {
await es.deleteByQuery({
await Promise.all([
es.deleteByQuery({
index: ENROLLMENT_API_KEYS_INDEX,
refresh: true,
body: {
query: {
match_all: {},
},
},
});
} catch (err) {
// index doesn't exist
}

try {
await es.deleteByQuery({
}),
es.deleteByQuery({
index: AGENT_POLICY_INDEX,
refresh: true,
body: {
query: {
match_all: {},
},
},
});
} catch (err) {
}),
]).catch((err) => {
// index doesn't exist
}
});
};

const cleanupAgents = async () => {
Expand All @@ -157,6 +152,7 @@ export default function (providerContext: FtrProviderContext) {
try {
await es.deleteByQuery({
index: SECRETS_INDEX_NAME,
refresh: true,
body: {
query: {
match_all: {},
Expand Down Expand Up @@ -379,6 +375,7 @@ export default function (providerContext: FtrProviderContext) {
skipIfNoDockerRegistry(providerContext);

before(async () => {
await kibanaServer.savedObjects.cleanStandardList();
await fleetAndAgents.setup();
await getService('esArchiver').load(
'x-pack/test/functional/es_archives/fleet/empty_fleet_server'
Expand All @@ -389,20 +386,15 @@ export default function (providerContext: FtrProviderContext) {
await getService('esArchiver').unload(
'x-pack/test/functional/es_archives/fleet/empty_fleet_server'
);
});

afterEach(async () => {
await cleanupAgents();
await cleanupPolicies();
await cleanupSecrets();
await kibanaServer.savedObjects.cleanStandardList();
});

describe('create package policy with secrets', () => {
let testAgentPolicy: any;
let fleetServerAgentPolicy: any;
let packagePolicyWithSecrets: any;

beforeEach(async () => {
before(async () => {
// Policy secrets require at least one Fleet server on v8.10+
const createFleetServerAgentPolicyRes = await createFleetServerAgentPolicy();
fleetServerAgentPolicy = createFleetServerAgentPolicyRes.fleetServerAgentPolicy;
Expand All @@ -416,6 +408,11 @@ export default function (providerContext: FtrProviderContext) {
packagePolicyWithSecrets = await createPackagePolicyWithSecrets(testAgentPolicy.id);
});

after(async () => {
await Promise.all([cleanupAgents(), cleanupSecrets()]);
await cleanupPolicies();
});

it('should correctly create the policy with secrets', async () => {
const packageVarId = packagePolicyWithSecrets.vars.package_var_secret.value.id;

Expand Down Expand Up @@ -598,7 +595,7 @@ export default function (providerContext: FtrProviderContext) {
let packagePolicyWithSecrets: any;
let updatedPackagePolicy: any;

beforeEach(async () => {
before(async () => {
// Policy secrets require at least one Fleet server on v8.10+
const createFleetServerAgentPolicyRes = await createFleetServerAgentPolicy();
fleetServerAgentPolicy = createFleetServerAgentPolicyRes.fleetServerAgentPolicy;
Expand All @@ -623,6 +620,12 @@ export default function (providerContext: FtrProviderContext) {
updatedPackagePolicy = updateRes.body.item;
});

after(async () => {
await cleanupAgents();
await cleanupPolicies();
await cleanupSecrets();
});

it('should allow secret values to be updated (single policy update API)', async () => {
const updatedPackageVarId = updatedPackagePolicy.vars.package_var_secret.value.id;
expect(updatedPackageVarId).to.be.a('string');
Expand Down Expand Up @@ -698,7 +701,7 @@ export default function (providerContext: FtrProviderContext) {
let duplicatedAgentPolicy: any;
let duplicatedPackagePolicy: any;

beforeEach(async () => {
before(async () => {
// Policy secrets require at least one Fleet server on v8.10+
const createFleetServerAgentPolicyRes = await createFleetServerAgentPolicy();
fleetServerAgentPolicy = createFleetServerAgentPolicyRes.fleetServerAgentPolicy;
Expand Down Expand Up @@ -727,6 +730,12 @@ export default function (providerContext: FtrProviderContext) {
duplicatedPackagePolicy = duplicatedAgentPolicy.package_policies[0];
});

after(async () => {
await cleanupAgents();
await cleanupPolicies();
await cleanupSecrets();
});

it('should not duplicate secrets after duplicating agent policy', async () => {
const packageVarId = duplicatedPackagePolicy.vars.package_var_secret.value.id;
const inputVarId = duplicatedPackagePolicy.inputs[0].vars.input_var_secret.value.id;
Expand Down Expand Up @@ -813,7 +822,7 @@ export default function (providerContext: FtrProviderContext) {
let fleetServerAgentPolicy: any;
let packagePolicyWithSecrets: any;

beforeEach(async () => {
before(async () => {
// Policy secrets require at least one Fleet server on v8.10+
const createFleetServerAgentPolicyRes = await createFleetServerAgentPolicy();
fleetServerAgentPolicy = createFleetServerAgentPolicyRes.fleetServerAgentPolicy;
Expand All @@ -827,6 +836,12 @@ export default function (providerContext: FtrProviderContext) {
packagePolicyWithSecrets = await createPackagePolicyWithSecrets(testAgentPolicy.id);
});

after(async () => {
await cleanupAgents();
await cleanupPolicies();
await cleanupSecrets();
});

it('should delete all secrets on package policy delete', async () => {
await deletePackagePolicy(packagePolicyWithSecrets.id);

Expand All @@ -844,6 +859,11 @@ export default function (providerContext: FtrProviderContext) {
});

describe('fleet server version requirements', () => {
afterEach(async () => {
await cleanupAgents();
await cleanupPolicies();
await cleanupSecrets();
});
it('should not store secrets if fleet server does not meet minimum version', async () => {
const { fleetServerAgentPolicy } = await createFleetServerAgentPolicy();
await createFleetServerAgent(fleetServerAgentPolicy.id, 'server_1', '7.0.0');
Expand Down Expand Up @@ -1117,41 +1137,52 @@ export default function (providerContext: FtrProviderContext) {
});
});

// TODO: Output secrets should be moved to another test suite
it('should return output secrets if policy uses output with secrets', async () => {
// Output secrets require at least one Fleet server on 8.12.0 or higher (and none under 8.12.0).
const { fleetServerAgentPolicy } = await createFleetServerAgentPolicy();
await createFleetServerAgent(fleetServerAgentPolicy.id, 'server_1', '8.12.0');
await callFleetSetup();
describe('output secrets', () => {
afterEach(async () => {
await cleanupAgents();
await cleanupPolicies();
await cleanupSecrets();
});

const outputWithSecret = await createOutputWithSecret();
// TODO: Output secrets should be moved to another test suite
it('should return output secrets if policy uses output with secrets', async () => {
// ensure output is created
await callFleetSetup();

const { body: agentPolicyResponse } = await supertest
.post(`/api/fleet/agent_policies`)
.set('kbn-xsrf', 'xxxx')
.send({
name: `Test policy ${uuidv4()}`,
namespace: 'default',
data_output_id: outputWithSecret.id,
monitoring_output_id: outputWithSecret.id,
})
.expect(200);
// Output secrets require at least one Fleet server on 8.12.0 or higher (and none under 8.12.0).
const { fleetServerAgentPolicy } = await createFleetServerAgentPolicy();
await createFleetServerAgent(fleetServerAgentPolicy.id, 'server_1', '8.12.0');
await callFleetSetup();

const fullAgentPolicy = await getFullAgentPolicyById(agentPolicyResponse.item.id);
const outputWithSecret = await createOutputWithSecret();

const passwordSecretId = outputWithSecret!.secrets?.password?.id;
const { body: agentPolicyResponse } = await supertest
.post(`/api/fleet/agent_policies`)
.set('kbn-xsrf', 'xxxx')
.send({
name: `Test policy ${uuidv4()}`,
namespace: 'default',
data_output_id: outputWithSecret.id,
monitoring_output_id: outputWithSecret.id,
})
.expect(200);

expect(fullAgentPolicy.secret_references).to.eql([{ id: passwordSecretId }]);
const fullAgentPolicy = await getFullAgentPolicyById(agentPolicyResponse.item.id);

const output = Object.entries(fullAgentPolicy.outputs)[0][1];
// @ts-expect-error
expect(output.secrets.password.id).to.eql(passwordSecretId);
const passwordSecretId = outputWithSecret!.secrets?.password?.id;

// delete output with secret
await supertest
.delete(`/api/fleet/outputs/${outputWithSecret.id}`)
.set('kbn-xsrf', 'xxxx')
.expect(200);
expect(fullAgentPolicy.secret_references).to.eql([{ id: passwordSecretId }]);

const output = Object.entries(fullAgentPolicy.outputs)[0][1];
// @ts-expect-error
expect(output.secrets.password.id).to.eql(passwordSecretId);

// delete output with secret
await supertest
.delete(`/api/fleet/outputs/${outputWithSecret.id}`)
.set('kbn-xsrf', 'xxxx')
.expect(200);
});
});
});
}
Loading