diff --git a/x-pack/test/fleet_api_integration/apis/policy_secrets.ts b/x-pack/test/fleet_api_integration/apis/policy_secrets.ts index 0abeb46accd5a..ce08126bf29d3 100644 --- a/x-pack/test/fleet_api_integration/apis/policy_secrets.ts +++ b/x-pack/test/fleet_api_integration/apis/policy_secrets.ts @@ -108,8 +108,8 @@ export default function (providerContext: FtrProviderContext) { .expect(200); } - try { - await es.deleteByQuery({ + await Promise.all([ + es.deleteByQuery({ index: ENROLLMENT_API_KEYS_INDEX, refresh: true, body: { @@ -117,13 +117,8 @@ export default function (providerContext: FtrProviderContext) { match_all: {}, }, }, - }); - } catch (err) { - // index doesn't exist - } - - try { - await es.deleteByQuery({ + }), + es.deleteByQuery({ index: AGENT_POLICY_INDEX, refresh: true, body: { @@ -131,10 +126,10 @@ export default function (providerContext: FtrProviderContext) { match_all: {}, }, }, - }); - } catch (err) { + }), + ]).catch((err) => { // index doesn't exist - } + }); }; const cleanupAgents = async () => { @@ -157,6 +152,7 @@ export default function (providerContext: FtrProviderContext) { try { await es.deleteByQuery({ index: SECRETS_INDEX_NAME, + refresh: true, body: { query: { match_all: {}, @@ -379,6 +375,7 @@ export default function (providerContext: FtrProviderContext) { skipIfNoDockerRegistry(providerContext); before(async () => { + await kibanaServer.savedObjects.cleanStandardList(); await fleetAndAgents.setup(); await getService('esArchiver').load( 'x-pack/test/functional/es_archives/fleet/empty_fleet_server' @@ -389,12 +386,7 @@ export default function (providerContext: FtrProviderContext) { await getService('esArchiver').unload( 'x-pack/test/functional/es_archives/fleet/empty_fleet_server' ); - }); - - afterEach(async () => { - await cleanupAgents(); - await cleanupPolicies(); - await cleanupSecrets(); + await kibanaServer.savedObjects.cleanStandardList(); }); describe('create package policy with secrets', () => { @@ -402,7 +394,7 @@ export default function (providerContext: FtrProviderContext) { let fleetServerAgentPolicy: any; let packagePolicyWithSecrets: any; - beforeEach(async () => { + before(async () => { // Policy secrets require at least one Fleet server on v8.10+ const createFleetServerAgentPolicyRes = await createFleetServerAgentPolicy(); fleetServerAgentPolicy = createFleetServerAgentPolicyRes.fleetServerAgentPolicy; @@ -416,6 +408,11 @@ export default function (providerContext: FtrProviderContext) { packagePolicyWithSecrets = await createPackagePolicyWithSecrets(testAgentPolicy.id); }); + after(async () => { + await Promise.all([cleanupAgents(), cleanupSecrets()]); + await cleanupPolicies(); + }); + it('should correctly create the policy with secrets', async () => { const packageVarId = packagePolicyWithSecrets.vars.package_var_secret.value.id; @@ -598,7 +595,7 @@ export default function (providerContext: FtrProviderContext) { let packagePolicyWithSecrets: any; let updatedPackagePolicy: any; - beforeEach(async () => { + before(async () => { // Policy secrets require at least one Fleet server on v8.10+ const createFleetServerAgentPolicyRes = await createFleetServerAgentPolicy(); fleetServerAgentPolicy = createFleetServerAgentPolicyRes.fleetServerAgentPolicy; @@ -623,6 +620,12 @@ export default function (providerContext: FtrProviderContext) { updatedPackagePolicy = updateRes.body.item; }); + after(async () => { + await cleanupAgents(); + await cleanupPolicies(); + await cleanupSecrets(); + }); + it('should allow secret values to be updated (single policy update API)', async () => { const updatedPackageVarId = updatedPackagePolicy.vars.package_var_secret.value.id; expect(updatedPackageVarId).to.be.a('string'); @@ -698,7 +701,7 @@ export default function (providerContext: FtrProviderContext) { let duplicatedAgentPolicy: any; let duplicatedPackagePolicy: any; - beforeEach(async () => { + before(async () => { // Policy secrets require at least one Fleet server on v8.10+ const createFleetServerAgentPolicyRes = await createFleetServerAgentPolicy(); fleetServerAgentPolicy = createFleetServerAgentPolicyRes.fleetServerAgentPolicy; @@ -727,6 +730,12 @@ export default function (providerContext: FtrProviderContext) { duplicatedPackagePolicy = duplicatedAgentPolicy.package_policies[0]; }); + after(async () => { + await cleanupAgents(); + await cleanupPolicies(); + await cleanupSecrets(); + }); + it('should not duplicate secrets after duplicating agent policy', async () => { const packageVarId = duplicatedPackagePolicy.vars.package_var_secret.value.id; const inputVarId = duplicatedPackagePolicy.inputs[0].vars.input_var_secret.value.id; @@ -813,7 +822,7 @@ export default function (providerContext: FtrProviderContext) { let fleetServerAgentPolicy: any; let packagePolicyWithSecrets: any; - beforeEach(async () => { + before(async () => { // Policy secrets require at least one Fleet server on v8.10+ const createFleetServerAgentPolicyRes = await createFleetServerAgentPolicy(); fleetServerAgentPolicy = createFleetServerAgentPolicyRes.fleetServerAgentPolicy; @@ -827,6 +836,12 @@ export default function (providerContext: FtrProviderContext) { packagePolicyWithSecrets = await createPackagePolicyWithSecrets(testAgentPolicy.id); }); + after(async () => { + await cleanupAgents(); + await cleanupPolicies(); + await cleanupSecrets(); + }); + it('should delete all secrets on package policy delete', async () => { await deletePackagePolicy(packagePolicyWithSecrets.id); @@ -844,6 +859,11 @@ export default function (providerContext: FtrProviderContext) { }); describe('fleet server version requirements', () => { + afterEach(async () => { + await cleanupAgents(); + await cleanupPolicies(); + await cleanupSecrets(); + }); it('should not store secrets if fleet server does not meet minimum version', async () => { const { fleetServerAgentPolicy } = await createFleetServerAgentPolicy(); await createFleetServerAgent(fleetServerAgentPolicy.id, 'server_1', '7.0.0'); @@ -1117,41 +1137,52 @@ export default function (providerContext: FtrProviderContext) { }); }); - // TODO: Output secrets should be moved to another test suite - it('should return output secrets if policy uses output with secrets', async () => { - // Output secrets require at least one Fleet server on 8.12.0 or higher (and none under 8.12.0). - const { fleetServerAgentPolicy } = await createFleetServerAgentPolicy(); - await createFleetServerAgent(fleetServerAgentPolicy.id, 'server_1', '8.12.0'); - await callFleetSetup(); + describe('output secrets', () => { + afterEach(async () => { + await cleanupAgents(); + await cleanupPolicies(); + await cleanupSecrets(); + }); - const outputWithSecret = await createOutputWithSecret(); + // TODO: Output secrets should be moved to another test suite + it('should return output secrets if policy uses output with secrets', async () => { + // ensure output is created + await callFleetSetup(); - const { body: agentPolicyResponse } = await supertest - .post(`/api/fleet/agent_policies`) - .set('kbn-xsrf', 'xxxx') - .send({ - name: `Test policy ${uuidv4()}`, - namespace: 'default', - data_output_id: outputWithSecret.id, - monitoring_output_id: outputWithSecret.id, - }) - .expect(200); + // Output secrets require at least one Fleet server on 8.12.0 or higher (and none under 8.12.0). + const { fleetServerAgentPolicy } = await createFleetServerAgentPolicy(); + await createFleetServerAgent(fleetServerAgentPolicy.id, 'server_1', '8.12.0'); + await callFleetSetup(); - const fullAgentPolicy = await getFullAgentPolicyById(agentPolicyResponse.item.id); + const outputWithSecret = await createOutputWithSecret(); - const passwordSecretId = outputWithSecret!.secrets?.password?.id; + const { body: agentPolicyResponse } = await supertest + .post(`/api/fleet/agent_policies`) + .set('kbn-xsrf', 'xxxx') + .send({ + name: `Test policy ${uuidv4()}`, + namespace: 'default', + data_output_id: outputWithSecret.id, + monitoring_output_id: outputWithSecret.id, + }) + .expect(200); - expect(fullAgentPolicy.secret_references).to.eql([{ id: passwordSecretId }]); + const fullAgentPolicy = await getFullAgentPolicyById(agentPolicyResponse.item.id); - const output = Object.entries(fullAgentPolicy.outputs)[0][1]; - // @ts-expect-error - expect(output.secrets.password.id).to.eql(passwordSecretId); + const passwordSecretId = outputWithSecret!.secrets?.password?.id; - // delete output with secret - await supertest - .delete(`/api/fleet/outputs/${outputWithSecret.id}`) - .set('kbn-xsrf', 'xxxx') - .expect(200); + expect(fullAgentPolicy.secret_references).to.eql([{ id: passwordSecretId }]); + + const output = Object.entries(fullAgentPolicy.outputs)[0][1]; + // @ts-expect-error + expect(output.secrets.password.id).to.eql(passwordSecretId); + + // delete output with secret + await supertest + .delete(`/api/fleet/outputs/${outputWithSecret.id}`) + .set('kbn-xsrf', 'xxxx') + .expect(200); + }); }); }); }