-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] Fixes required_fields
being removed after rule PATCH
calls
#199901
[Security Solution] Fixes required_fields
being removed after rule PATCH
calls
#199901
Conversation
Pinging @elastic/security-solution (Team: SecuritySolution) |
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
Flaky Test Runner Stats🎉 All tests passed! - kibana-flaky-test-suite-runner#7397[✅] x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_patch/basic_license_essentials_tier/configs/ess.config.ts: 100/100 tests passed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed the diff and tested the fix locally in main with the feature flag turned OFF.
I installed a prebuilt rule and PATCHed its name. Everything worked as expected:
- The
name
field was updated - The
required_fields
field remained unchanged - No other rule parameters were changed by mistake
- A few technical fields were updated:
updated_at
revision
was updated from0
to1
rule_source.is_customized
was updated fromfalse
totrue
Here's a diff between two revisions of the rule and a screenshot of the updated rule's Details page:
So the bug has been fixed and we don't have any other similar bugs in the PATCH endpoint.
@dplumlee Thank you for the fix and adding that integration test! 🚀
@elasticmachine merge upstream |
💔 Build Failed
Failed CI StepsTest FailuresMetrics [docs]
History
cc @dplumlee |
d965d89
to
aea65f4
Compare
⏳ Build in-progress, with failures
Failed CI StepsTest Failures
Metrics [docs]
History
cc @dplumlee |
@elasticmachine merge upstream |
Starting backport for target branches: 8.16, 8.x |
…`PATCH` calls (elastic#199901) **Fixes elastic#199665 ## Summary Fixes the `required_fields` field being removed from the existing rule when not present in the rule `PATCH` API call. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [ ] This will appear in the **Release Notes** and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Georgii Gorbachev <[email protected]> Co-authored-by: kibanamachine <[email protected]> (cherry picked from commit f716948)
…`PATCH` calls (elastic#199901) **Fixes elastic#199665 ## Summary Fixes the `required_fields` field being removed from the existing rule when not present in the rule `PATCH` API call. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [ ] This will appear in the **Release Notes** and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Georgii Gorbachev <[email protected]> Co-authored-by: kibanamachine <[email protected]> (cherry picked from commit f716948)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
…moved after rule `PATCH` calls (#199901) (#200306) # Backport This will backport the following commits from `main` to `8.16`: - [[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls (#199901)](#199901) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Davis Plumlee","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-15T15:17:37Z","message":"[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls (#199901)\n\n**Fixes https://github.com/elastic/kibana/issues/199665**\r\n\r\n## Summary\r\n\r\nFixes the `required_fields` field being removed from the existing rule\r\nwhen not present in the rule `PATCH` API call.\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [x] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Georgii Gorbachev <[email protected]>\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"f716948053c1b6f4a9f1dda27d4f5a501631b692","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","impact:medium","v9.0.0","Feature:Detection Rules","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","backport:version","v8.17.0","v8.16.1"],"title":"[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls","number":199901,"url":"https://github.com/elastic/kibana/pull/199901","mergeCommit":{"message":"[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls (#199901)\n\n**Fixes https://github.com/elastic/kibana/issues/199665**\r\n\r\n## Summary\r\n\r\nFixes the `required_fields` field being removed from the existing rule\r\nwhen not present in the rule `PATCH` API call.\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [x] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Georgii Gorbachev <[email protected]>\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"f716948053c1b6f4a9f1dda27d4f5a501631b692"}},"sourceBranch":"main","suggestedTargetBranches":["8.x","8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199901","number":199901,"mergeCommit":{"message":"[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls (#199901)\n\n**Fixes https://github.com/elastic/kibana/issues/199665**\r\n\r\n## Summary\r\n\r\nFixes the `required_fields` field being removed from the existing rule\r\nwhen not present in the rule `PATCH` API call.\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [x] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Georgii Gorbachev <[email protected]>\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"f716948053c1b6f4a9f1dda27d4f5a501631b692"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.16","label":"v8.16.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Davis Plumlee <[email protected]>
…oved after rule `PATCH` calls (#199901) (#200307) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls (#199901)](#199901) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Davis Plumlee","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-15T15:17:37Z","message":"[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls (#199901)\n\n**Fixes https://github.com/elastic/kibana/issues/199665**\r\n\r\n## Summary\r\n\r\nFixes the `required_fields` field being removed from the existing rule\r\nwhen not present in the rule `PATCH` API call.\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [x] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Georgii Gorbachev <[email protected]>\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"f716948053c1b6f4a9f1dda27d4f5a501631b692","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","impact:medium","v9.0.0","Feature:Detection Rules","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","backport:version","v8.17.0","v8.16.1"],"title":"[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls","number":199901,"url":"https://github.com/elastic/kibana/pull/199901","mergeCommit":{"message":"[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls (#199901)\n\n**Fixes https://github.com/elastic/kibana/issues/199665**\r\n\r\n## Summary\r\n\r\nFixes the `required_fields` field being removed from the existing rule\r\nwhen not present in the rule `PATCH` API call.\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [x] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Georgii Gorbachev <[email protected]>\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"f716948053c1b6f4a9f1dda27d4f5a501631b692"}},"sourceBranch":"main","suggestedTargetBranches":["8.x","8.16"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199901","number":199901,"mergeCommit":{"message":"[Security Solution] Fixes `required_fields` being removed after rule `PATCH` calls (#199901)\n\n**Fixes https://github.com/elastic/kibana/issues/199665**\r\n\r\n## Summary\r\n\r\nFixes the `required_fields` field being removed from the existing rule\r\nwhen not present in the rule `PATCH` API call.\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n- [x] [Flaky Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\r\nused on any tests changed\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for breaking API changes and was [labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels)\r\n- [ ] This will appear in the **Release Notes** and follow the\r\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by: Georgii Gorbachev <[email protected]>\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"f716948053c1b6f4a9f1dda27d4f5a501631b692"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.16","label":"v8.16.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Davis Plumlee <[email protected]>
…`PATCH` calls (elastic#199901) **Fixes elastic#199665 ## Summary Fixes the `required_fields` field being removed from the existing rule when not present in the rule `PATCH` API call. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [ ] This will appear in the **Release Notes** and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Georgii Gorbachev <[email protected]> Co-authored-by: kibanamachine <[email protected]>
…`PATCH` calls (elastic#199901) **Fixes elastic#199665 ## Summary Fixes the `required_fields` field being removed from the existing rule when not present in the rule `PATCH` API call. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#_add_your_labels) - [ ] This will appear in the **Release Notes** and follow the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Georgii Gorbachev <[email protected]> Co-authored-by: kibanamachine <[email protected]>
Fixes #199665
Summary
Fixes the
required_fields
field being removed from the existing rule when not present in the rulePATCH
API call.Checklist
Delete any items that are not applicable to this PR.
For maintainers