From afbe790725bd7e99bcba2eb880f71bd40e973e49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Kopyci=C5=84ski?= Date: Thu, 3 Feb 2022 09:44:29 +0100 Subject: [PATCH 1/4] [Osquery] Update cypress runner to latest Fleet changes (#124398) --- .../osquery/cypress/tasks/integrations.ts | 4 +- x-pack/test/osquery_cypress/agent.ts | 15 ++---- .../test/osquery_cypress/artifact_manager.ts | 9 ++-- x-pack/test/osquery_cypress/fleet_server.ts | 46 +++++++++++++------ x-pack/test/osquery_cypress/runner.ts | 41 ++++++++++------- x-pack/test/osquery_cypress/users.ts | 4 +- 6 files changed, 69 insertions(+), 50 deletions(-) diff --git a/x-pack/plugins/osquery/cypress/tasks/integrations.ts b/x-pack/plugins/osquery/cypress/tasks/integrations.ts index 673f2091760a6..ebf8668483d1c 100644 --- a/x-pack/plugins/osquery/cypress/tasks/integrations.ts +++ b/x-pack/plugins/osquery/cypress/tasks/integrations.ts @@ -13,10 +13,10 @@ import { DATA_COLLECTION_SETUP_STEP, } from '../screens/integrations'; -export const addIntegration = (agent = 'Default fleet') => { +export const addIntegration = (agentPolicy = 'Default Fleet Server policy') => { cy.getBySel(ADD_POLICY_BTN).click(); cy.getBySel(DATA_COLLECTION_SETUP_STEP).find('.euiLoadingSpinner').should('not.exist'); - cy.getBySel('comboBoxInput').click().type(`${agent} {downArrow} {enter}`); + cy.getBySel('agentPolicySelect').select(agentPolicy); cy.getBySel(CREATE_PACKAGE_POLICY_SAVE_BTN).click(); // sometimes agent is assigned to default policy, sometimes not closeModalIfVisible(); diff --git a/x-pack/test/osquery_cypress/agent.ts b/x-pack/test/osquery_cypress/agent.ts index 1838d9df8b3e2..c0e5b2374889d 100644 --- a/x-pack/test/osquery_cypress/agent.ts +++ b/x-pack/test/osquery_cypress/agent.ts @@ -11,11 +11,12 @@ import { ChildProcess, spawn } from 'child_process'; import { getLatestVersion } from './artifact_manager'; import { Manager } from './resource_manager'; -interface AgentManagerParams { +export interface AgentManagerParams { user: string; password: string; kibanaUrl: string; esHost: string; + esPort: string; } export class AgentManager extends Manager { @@ -23,19 +24,11 @@ export class AgentManager extends Manager { private log: ToolingLog; private agentProcess?: ChildProcess; private requestOptions: AxiosRequestConfig; - constructor(params: AgentManagerParams, log: ToolingLog) { + constructor(params: AgentManagerParams, log: ToolingLog, requestOptions: AxiosRequestConfig) { super(); this.log = log; this.params = params; - this.requestOptions = { - headers: { - 'kbn-xsrf': 'kibana', - }, - auth: { - username: this.params.user, - password: this.params.password, - }, - }; + this.requestOptions = requestOptions; } public async setup() { diff --git a/x-pack/test/osquery_cypress/artifact_manager.ts b/x-pack/test/osquery_cypress/artifact_manager.ts index 17ba9b0a5517d..498d873747185 100644 --- a/x-pack/test/osquery_cypress/artifact_manager.ts +++ b/x-pack/test/osquery_cypress/artifact_manager.ts @@ -5,10 +5,11 @@ * 2.0. */ -import axios from 'axios'; -import { last } from 'lodash'; +// import axios from 'axios'; +// import { last } from 'lodash'; export async function getLatestVersion(): Promise { - const response: any = await axios('https://artifacts-api.elastic.co/v1/versions'); - return last(response.data.versions as string[]) || '8.1.0-SNAPSHOT'; + return '8.0.0-SNAPSHOT'; + // const response: any = await axios('https://artifacts-api.elastic.co/v1/versions'); + // return last(response.data.versions as string[]) || '8.1.0-SNAPSHOT'; } diff --git a/x-pack/test/osquery_cypress/fleet_server.ts b/x-pack/test/osquery_cypress/fleet_server.ts index fe2b8c7459229..b64b1871637bc 100644 --- a/x-pack/test/osquery_cypress/fleet_server.ts +++ b/x-pack/test/osquery_cypress/fleet_server.ts @@ -7,34 +7,49 @@ import { ChildProcess, spawn } from 'child_process'; import { ToolingLog } from '@kbn/dev-utils'; -import axios from 'axios'; +import axios, { AxiosRequestConfig } from 'axios'; import { Manager } from './resource_manager'; import { getLatestVersion } from './artifact_manager'; - -export interface ElasticsearchConfig { - esHost: string; - user: string; - password: string; - port: string; -} +import { AgentManagerParams } from './agent'; export class FleetManager extends Manager { private fleetProcess?: ChildProcess; - private esConfig: ElasticsearchConfig; + private config: AgentManagerParams; private log: ToolingLog; - constructor(esConfig: ElasticsearchConfig, log: ToolingLog) { + private requestOptions: AxiosRequestConfig; + constructor(config: AgentManagerParams, log: ToolingLog, requestOptions: AxiosRequestConfig) { super(); - this.esConfig = esConfig; + this.config = config; this.log = log; + this.requestOptions = requestOptions; } public async setup(): Promise { this.log.info('Setting fleet up'); return new Promise(async (res, rej) => { try { + // default fleet server policy no longer created by default + const { + data: { + item: { id: policyId }, + }, + } = await axios.post( + `${this.config.kibanaUrl}/api/fleet/agent_policies`, + { + name: 'Default Fleet Server policy', + description: '', + namespace: 'default', + monitoring_enabled: ['logs', 'metrics'], + has_fleet_server: true, + }, + this.requestOptions + ); + const response = await axios.post( - `${this.esConfig.esHost}/_security/service/elastic/fleet-server/credential/token` + `${this.config.kibanaUrl}/api/fleet/service_tokens`, + {}, + this.requestOptions ); - const serviceToken = response.data.token.value; + const serviceToken = response.data.value; const artifact = `docker.elastic.co/beats/elastic-agent:${await getLatestVersion()}`; this.log.info(artifact); @@ -49,12 +64,15 @@ export class FleetManager extends Manager { '--env', 'FLEET_SERVER_ENABLE=true', '--env', - `FLEET_SERVER_ELASTICSEARCH_HOST=http://${host}:${this.esConfig.port}`, + `FLEET_SERVER_ELASTICSEARCH_HOST=http://${host}:${this.config.esPort}`, '--env', `FLEET_SERVER_SERVICE_TOKEN=${serviceToken}`, + '--env', + `FLEET_SERVER_POLICY=${policyId}`, '--rm', artifact, ]; + this.log.info('docker ' + args.join(' ')); this.fleetProcess = spawn('docker', args, { stdio: 'inherit', }); diff --git a/x-pack/test/osquery_cypress/runner.ts b/x-pack/test/osquery_cypress/runner.ts index a72eed0bb8c93..3f4855217de37 100644 --- a/x-pack/test/osquery_cypress/runner.ts +++ b/x-pack/test/osquery_cypress/runner.ts @@ -12,7 +12,10 @@ import { withProcRunner } from '@kbn/dev-utils'; import { FtrProviderContext } from './ftr_provider_context'; -import { AgentManager } from './agent'; +import { + // AgentManager, + AgentManagerParams, +} from './agent'; import { FleetManager } from './fleet_server'; async function withFleetAgent( @@ -23,25 +26,29 @@ async function withFleetAgent( const config = getService('config'); const esHost = Url.format(config.get('servers.elasticsearch')); - const esConfig = { + const params: AgentManagerParams = { user: config.get('servers.elasticsearch.username'), password: config.get('servers.elasticsearch.password'), esHost, - port: config.get('servers.elasticsearch.port'), + esPort: config.get('servers.elasticsearch.port'), + kibanaUrl: Url.format({ + protocol: config.get('servers.kibana.protocol'), + hostname: config.get('servers.kibana.hostname'), + port: config.get('servers.kibana.port'), + }), }; - const fleetManager = new FleetManager(esConfig, log); - - const agentManager = new AgentManager( - { - ...esConfig, - kibanaUrl: Url.format({ - protocol: config.get('servers.kibana.protocol'), - hostname: config.get('servers.kibana.hostname'), - port: config.get('servers.kibana.port'), - }), + const requestOptions = { + headers: { + 'kbn-xsrf': 'kibana', }, - log - ); + auth: { + username: params.user, + password: params.password, + }, + }; + const fleetManager = new FleetManager(params, log, requestOptions); + + // const agentManager = new AgentManager(params, log, requestOptions); // Since the managers will create uncaughtException event handlers we need to exit manually process.on('uncaughtException', (err) => { @@ -50,13 +57,13 @@ async function withFleetAgent( process.exit(1); }); - await agentManager.setup(); + // await agentManager.setup(); await fleetManager.setup(); try { await runner({}); } finally { fleetManager.cleanup(); - agentManager.cleanup(); + // agentManager.cleanup(); } } diff --git a/x-pack/test/osquery_cypress/users.ts b/x-pack/test/osquery_cypress/users.ts index bfe8abfd8452f..cdeea3ddde122 100644 --- a/x-pack/test/osquery_cypress/users.ts +++ b/x-pack/test/osquery_cypress/users.ts @@ -5,7 +5,7 @@ * 2.0. */ import axios from 'axios'; -import { ElasticsearchConfig } from './fleet_server'; +import { AgentManagerParams } from './agent'; interface Roles { [roleName: string]: { @@ -83,7 +83,7 @@ export const USERS: Users = { }, }; -export const setupUsers = async (config: ElasticsearchConfig) => { +export const setupUsers = async (config: AgentManagerParams) => { const { esHost, user: username, password } = config; const params = { auth: { username, password }, From 2a933111217445ad2477c28aa52973ca73221c40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20S=C3=A1nchez?= Date: Thu, 3 Feb 2022 10:33:38 +0100 Subject: [PATCH 2/4] [Security Solution][Endpoint] Removes Eslint rule exception extracting code outside component (#124167) * Removes eslint rule exception extractig code outisde component * Change function params to be an object * Adds default values Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> --- .../view/host_isolation_exceptions_list.tsx | 27 ++++++++++++++----- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx index b3dcc4a0fbc97..5af8863f3a5cc 100644 --- a/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/host_isolation_exceptions/view/host_isolation_exceptions_list.tsx @@ -50,7 +50,21 @@ type HostIsolationExceptionPaginatedContent = PaginatedContentProps< typeof ExceptionItem >; -/* eslint-disable complexity */ +const getPaginationObject = ({ + total = 0, + perPage = MANAGEMENT_DEFAULT_PAGE_SIZE, + page = 1, +}: { + total?: number; + perPage?: number; + page?: number; +}) => ({ + totalItemCount: total, + pageSize: perPage, + pageSizeOptions: [...MANAGEMENT_PAGE_SIZE_OPTIONS], + pageIndex: page - 1, +}); + export const HostIsolationExceptionsList = () => { const history = useHistory(); const privileges = useUserPrivileges().endpointPrivileges; @@ -102,12 +116,11 @@ export const HostIsolationExceptionsList = () => { }, }); - const pagination = { - totalItemCount: data?.total ?? 0, - pageSize: data?.per_page ?? MANAGEMENT_DEFAULT_PAGE_SIZE, - pageSizeOptions: [...MANAGEMENT_PAGE_SIZE_OPTIONS], - pageIndex: (data?.page ?? 1) - 1, - }; + const pagination = getPaginationObject({ + total: data?.total, + perPage: data?.per_page, + page: data?.page, + }); const listItems = data?.data || []; const allListItems = allData?.data || []; From 5e3d0b299c2f96560f67605582b6622fc513a5db Mon Sep 17 00:00:00 2001 From: Ignacio Rivas Date: Thu, 3 Feb 2022 10:34:03 +0100 Subject: [PATCH 3/4] [Remote Clusters] Fix table filtering when there are clusters with proxy mode (#124220) * Fix table search for clusters with proxy mode * commit using @elastic.co * Fix tests and add docs * Add tests for different kinds of search --- .../list/remote_clusters_list.test.js | 61 +++++++++++++++++-- .../remote_cluster_table.js | 18 +++++- 2 files changed, 73 insertions(+), 6 deletions(-) diff --git a/x-pack/plugins/remote_clusters/__jest__/client_integration/list/remote_clusters_list.test.js b/x-pack/plugins/remote_clusters/__jest__/client_integration/list/remote_clusters_list.test.js index 209c224618f78..a6987fa19d1ee 100644 --- a/x-pack/plugins/remote_clusters/__jest__/client_integration/list/remote_clusters_list.test.js +++ b/x-pack/plugins/remote_clusters/__jest__/client_integration/list/remote_clusters_list.test.js @@ -77,6 +77,51 @@ describe('', () => { }); }); + describe('can search', () => { + let table; + let component; + let form; + + const remoteClusters = [ + { + name: 'simple_remote_cluster', + seeds: ['127.0.0.1:2000', '127.0.0.2:3000'], + }, + { + name: 'remote_cluster_with_proxy', + proxyAddress: '192.168.0.1:80', + mode: PROXY_MODE, + }, + ]; + + beforeEach(async () => { + httpRequestsMockHelpers.setLoadRemoteClustersResponse(remoteClusters); + + await act(async () => { + ({ table, component, form } = setup()); + }); + + component.update(); + }); + + test('without any search params it should show all clusters', () => { + const { tableCellsValues } = table.getMetaData('remoteClusterListTable'); + expect(tableCellsValues.length).toBe(2); + }); + + test('search by seed works', () => { + form.setInputValue('remoteClusterSearch', 'simple'); + const { tableCellsValues } = table.getMetaData('remoteClusterListTable'); + expect(tableCellsValues.length).toBe(1); + }); + + test('search by proxyAddress works', () => { + form.setInputValue('remoteClusterSearch', 'proxy'); + const { tableCellsValues } = table.getMetaData('remoteClusterListTable'); + expect(tableCellsValues.length).toBe(1); + }); + }); + describe('when there are multiple pages of remote clusters', () => { let table; let actions; @@ -91,10 +136,18 @@ describe('', () => { ]; for (let i = 0; i < 29; i++) { - remoteClusters.push({ - name: `name${i}`, - seeds: [], - }); + if (i % 2 === 0) { + remoteClusters.push({ + name: `cluster-${i}`, + seeds: [], + }); + } else { + remoteClusters.push({ + name: `cluster_with_proxy-${i}`, + proxyAddress: `127.0.0.1:10${i}`, + mode: PROXY_MODE, + }); + } } beforeEach(async () => { diff --git a/x-pack/plugins/remote_clusters/public/application/sections/remote_cluster_list/remote_cluster_table/remote_cluster_table.js b/x-pack/plugins/remote_clusters/public/application/sections/remote_cluster_list/remote_cluster_table/remote_cluster_table.js index 0b3a272f5bdc4..b53c735ef9fbb 100644 --- a/x-pack/plugins/remote_clusters/public/application/sections/remote_cluster_list/remote_cluster_table/remote_cluster_table.js +++ b/x-pack/plugins/remote_clusters/public/application/sections/remote_cluster_list/remote_cluster_table/remote_cluster_table.js @@ -31,13 +31,22 @@ const getFilteredClusters = (clusters, queryText) => { const normalizedSearchText = queryText.toLowerCase(); return clusters.filter((cluster) => { - const { name, seeds } = cluster; + const { name, seeds, proxyAddress } = cluster; const normalizedName = name.toLowerCase(); + if (normalizedName.toLowerCase().includes(normalizedSearchText)) { return true; } - return seeds.some((seed) => seed.includes(normalizedSearchText)); + if (proxyAddress && proxyAddress.toLowerCase().includes(normalizedSearchText)) { + return true; + } + + if (seeds) { + return seeds.some((seed) => seed.includes(normalizedSearchText)); + } + + return false; }); } else { return clusters; @@ -81,6 +90,11 @@ export class RemoteClusterTable extends Component { } onSearch = ({ query }) => { + // There's no need to update the state if there arent any search params + if (!query) { + return; + } + const { clusters } = this.props; const { text } = query; From d90ac6893eb8c15cc32ff3a09f81dea99c1bd375 Mon Sep 17 00:00:00 2001 From: Ashokaditya <1849116+ashokaditya@users.noreply.github.com> Date: Thu, 3 Feb 2022 11:04:28 +0100 Subject: [PATCH 4/4] [Security Solution][Endpoint] Fix data generator for event filter artifact (#124333) * fix data generator for event filter refs elastic/kibana/pull/124272 elastic/security-team/issues/2906 * use named constants for effect_scopes review change * use ExceptionsListItemGenerator for fake evenFilter data review changes * use custom values --- .../data_generators/event_filter_generator.ts | 36 +++++++++++-------- 1 file changed, 21 insertions(+), 15 deletions(-) diff --git a/x-pack/plugins/security_solution/common/endpoint/data_generators/event_filter_generator.ts b/x-pack/plugins/security_solution/common/endpoint/data_generators/event_filter_generator.ts index 6c827d763bb34..daf96a3149649 100644 --- a/x-pack/plugins/security_solution/common/endpoint/data_generators/event_filter_generator.ts +++ b/x-pack/plugins/security_solution/common/endpoint/data_generators/event_filter_generator.ts @@ -8,24 +8,30 @@ import type { CreateExceptionListItemSchema } from '@kbn/securitysolution-io-ts-list-types'; import { ENDPOINT_EVENT_FILTERS_LIST_ID } from '@kbn/securitysolution-list-constants'; import { BaseDataGenerator } from './base_data_generator'; -import { getCreateExceptionListItemSchemaMock } from '../../../../lists/common/schemas/request/create_exception_list_item_schema.mock'; +import { ExceptionsListItemGenerator } from './exceptions_list_item_generator'; +import { BY_POLICY_ARTIFACT_TAG_PREFIX, GLOBAL_ARTIFACT_TAG } from '../service/artifacts'; -const EFFECT_SCOPE_TYPES = ['policy:', 'policy:all']; +const EFFECT_SCOPE_TYPES = [BY_POLICY_ARTIFACT_TAG_PREFIX, GLOBAL_ARTIFACT_TAG]; export class EventFilterGenerator extends BaseDataGenerator { generate(): CreateExceptionListItemSchema { - const overrides: Partial = { - name: `generator event ${this.randomString(5)}`, - list_id: ENDPOINT_EVENT_FILTERS_LIST_ID, - item_id: `generator_endpoint_event_filter_${this.randomUUID()}`, - os_types: [this.randomOSFamily()] as CreateExceptionListItemSchema['os_types'], - tags: [this.randomChoice(EFFECT_SCOPE_TYPES)], - namespace_type: 'agnostic', - meta: undefined, - }; - - return Object.assign>( - getCreateExceptionListItemSchemaMock(), - overrides + const eventFilterGenerator = new ExceptionsListItemGenerator(); + const eventFilterData: CreateExceptionListItemSchema = eventFilterGenerator.generateEventFilter( + { + name: `Generated event ${this.randomString(5)}`, + item_id: `generator_endpoint_event_filter_${this.randomUUID()}`, + list_id: ENDPOINT_EVENT_FILTERS_LIST_ID, + os_types: [this.randomOSFamily()] as CreateExceptionListItemSchema['os_types'], + tags: [this.randomChoice(EFFECT_SCOPE_TYPES)], + _version: undefined, + created_at: undefined, + created_by: undefined, + id: undefined, + tie_breaker_id: undefined, + updated_at: undefined, + updated_by: undefined, + } ); + + return eventFilterData; } }