[Cloud Posture] Rule template schema - 870 (#149409)

elastic · Jan 29, 2023 · c47013b · c47013b
1 parent d9f4039
commit c47013b
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 6 deletions.
diff --git a/x-pack/plugins/cloud_security_posture/common/schemas/csp_rule_template.ts b/x-pack/plugins/cloud_security_posture/common/schemas/csp_rule_template.ts
@@ -5,7 +5,10 @@
  * 2.0.
  */
 import { schema as rt, TypeOf } from '@kbn/config-schema';
-import { cspRuleTemplateMetadataSchema } from './csp_rule_template_metadata';
+import {
+  cspRuleTemplateMetadataSchemaV840,
+  cspRuleTemplateMetadataSchemaV870,
+} from './csp_rule_template_metadata';
 
 export const cspRuleTemplateSchemaV830 = rt.object({
   audit: rt.string(),
@@ -29,12 +32,12 @@ export const cspRuleTemplateSchemaV830 = rt.object({
 
 export const cspRuleTemplateSchemaV840 = rt.object({
   enabled: rt.boolean(),
-  metadata: cspRuleTemplateMetadataSchema,
+  metadata: cspRuleTemplateMetadataSchemaV840,
   muted: rt.boolean(),
 });
 
 export const cspRuleTemplateSchemaV870 = rt.object({
-  metadata: cspRuleTemplateMetadataSchema,
+  metadata: cspRuleTemplateMetadataSchemaV870,
 });
 
 export type CspRuleTemplateV830 = TypeOf<typeof cspRuleTemplateSchemaV830>;

diff --git a/x-pack/plugins/cloud_security_posture/common/schemas/csp_rule_template_metadata.ts b/x-pack/plugins/cloud_security_posture/common/schemas/csp_rule_template_metadata.ts
@@ -6,7 +6,29 @@
  */
 import { schema as rt, TypeOf } from '@kbn/config-schema';
 
-export const cspRuleTemplateMetadataSchema = rt.object({
+export const cspRuleTemplateMetadataSchemaV840 = rt.object({
+  audit: rt.string(),
+  benchmark: rt.object({
+    name: rt.string(),
+    id: rt.string(),
+    version: rt.string(),
+  }),
+  default_value: rt.maybe(rt.string()),
+  description: rt.string(),
+  id: rt.string(),
+  impact: rt.maybe(rt.string()),
+  name: rt.string(),
+  profile_applicability: rt.string(),
+  rationale: rt.string(),
+  references: rt.maybe(rt.string()),
+  rego_rule_id: rt.string(),
+  remediation: rt.string(),
+  section: rt.string(),
+  tags: rt.arrayOf(rt.string()),
+  version: rt.string(),
+});
+
+export const cspRuleTemplateMetadataSchemaV870 = rt.object({
   audit: rt.string(),
   benchmark: rt.object({
     name: rt.string(),
@@ -29,4 +51,6 @@ export const cspRuleTemplateMetadataSchema = rt.object({
   version: rt.string(),
 });
 
-export type CspRuleTemplateMetadata = TypeOf<typeof cspRuleTemplateMetadataSchema>;
+export type CspRuleMetadataV840 = TypeOf<typeof cspRuleTemplateMetadataSchemaV840>;
+export type CspRuleMetadataV870 = TypeOf<typeof cspRuleTemplateMetadataSchemaV870>;
+export type CspRuleTemplateMetadata = CspRuleMetadataV870;
diff --git a/x-pack/plugins/cloud_security_posture/server/saved_objects/migrations/csp_rule_template.ts b/x-pack/plugins/cloud_security_posture/server/saved_objects/migrations/csp_rule_template.ts
@@ -28,7 +28,7 @@ function migrateCspRuleTemplatesToV840(
       muted,
       metadata: {
         ...metadata,
-        benchmark: { ...benchmark, id: 'cis_k8s', rule_number: '' },
+        benchmark: { ...benchmark, id: 'cis_k8s' },
         impact: metadata.impact || undefined,
         default_value: metadata.default_value || undefined,
         references: metadata.references || undefined,