diff --git a/.buildkite/ftr_configs.yml b/.buildkite/ftr_configs.yml index 720e9c0eb6234..ca6914bcf2ac0 100644 --- a/.buildkite/ftr_configs.yml +++ b/.buildkite/ftr_configs.yml @@ -46,6 +46,7 @@ disabled: - x-pack/plugins/apm/ftr_e2e/ftr_config.ts - x-pack/test_serverless/functional/test_suites/observability/cypress/config_headless.ts - x-pack/test_serverless/functional/test_suites/observability/cypress/config_runner.ts + - x-pack/test/security_solution_cypress/serverless_config.ts - x-pack/plugins/profiling/e2e/ftr_config_open.ts - x-pack/plugins/profiling/e2e/ftr_config_runner.ts - x-pack/plugins/profiling/e2e/ftr_config.ts diff --git a/.buildkite/pipelines/pull_request/base.yml b/.buildkite/pipelines/pull_request/base.yml index cfae5749f8013..aeb15233a85ae 100644 --- a/.buildkite/pipelines/pull_request/base.yml +++ b/.buildkite/pipelines/pull_request/base.yml @@ -94,13 +94,14 @@ steps: automatic: - exit_status: '-1' limit: 3 - + - command: .buildkite/scripts/steps/functional/security_serverless.sh label: 'Serverless Security Cypress Tests' agents: queue: n2-4-spot depends_on: build timeout_in_minutes: 40 + parallelism: 10 soft_fail: - exit_status: 10 retry: @@ -110,8 +111,60 @@ steps: - exit_status: '*' limit: 1 artifact_paths: - - "target/kibana-security-serverless/**/*" + - "target/kibana-security-solution/**/*" + - command: .buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh + label: 'Serverless Security Defend Workflows Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 40 + soft_fail: + - exit_status: 10 + retry: + automatic: + - exit_status: '-1' + limit: 3 + - exit_status: '*' + limit: 1 + artifact_paths: + - "target/kibana-security-solution/**/*" + + - command: .buildkite/scripts/steps/functional/security_serverless_investigations.sh + label: 'Serverless Security Investigations Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 40 + parallelism: 4 + soft_fail: + - exit_status: 10 + retry: + automatic: + - exit_status: '-1' + limit: 3 + - exit_status: '*' + limit: 1 + artifact_paths: + - "target/kibana-security-solution/**/*" + + - command: .buildkite/scripts/steps/functional/security_serverless_explore.sh + label: 'Serverless Security Explore Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 40 + parallelism: 2 + soft_fail: + - exit_status: 10 + retry: + automatic: + - exit_status: '-1' + limit: 3 + - exit_status: '*' + limit: 1 + artifact_paths: + - "target/kibana-security-solution/**/*" - command: .buildkite/scripts/steps/lint.sh label: 'Linting' diff --git a/.buildkite/pipelines/pull_request/security_solution.yml b/.buildkite/pipelines/pull_request/security_solution.yml index 9444c821d5db1..2b73e9482b156 100644 --- a/.buildkite/pipelines/pull_request/security_solution.yml +++ b/.buildkite/pipelines/pull_request/security_solution.yml @@ -11,15 +11,4 @@ steps: - exit_status: '*' limit: 1 artifact_paths: - - "target/kibana-security-solution/**/*" - - - command: .buildkite/scripts/steps/functional/security_solution_burn.sh - label: 'Security Solution Cypress tests, burning changed specs' - agents: - queue: n2-4-spot - depends_on: build - timeout_in_minutes: 120 - parallelism: 1 - soft_fail: true - artifact_paths: - - "target/kibana-security-solution/**/*" + - "target/kibana-security-solution/**/*" \ No newline at end of file diff --git a/.buildkite/scripts/steps/functional/response_ops.sh b/.buildkite/scripts/steps/functional/response_ops.sh index 6e61ac3b65ed9..ad603752c1239 100755 --- a/.buildkite/scripts/steps/functional/response_ops.sh +++ b/.buildkite/scripts/steps/functional/response_ops.sh @@ -10,4 +10,4 @@ export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} echo "--- Response Ops Cypress Tests on Security Solution" -yarn --cwd x-pack/plugins/security_solution cypress:run:respops +yarn --cwd x-pack/test/security_solution_cypress cypress:run:respops:ess diff --git a/.buildkite/scripts/steps/functional/response_ops_cases.sh b/.buildkite/scripts/steps/functional/response_ops_cases.sh index 07a736d0c2342..6d4cac8ef4472 100755 --- a/.buildkite/scripts/steps/functional/response_ops_cases.sh +++ b/.buildkite/scripts/steps/functional/response_ops_cases.sh @@ -10,4 +10,4 @@ export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} echo "--- Response Ops Cases Cypress Tests on Security Solution" -yarn --cwd x-pack/plugins/security_solution cypress:run:cases +yarn --cwd x-pack/test/security_solution_cypress cypress:run:cases:ess diff --git a/.buildkite/scripts/steps/functional/security_serverless.sh b/.buildkite/scripts/steps/functional/security_serverless.sh index 6271c8b2e823e..bd156deb583f0 100644 --- a/.buildkite/scripts/steps/functional/security_serverless.sh +++ b/.buildkite/scripts/steps/functional/security_serverless.sh @@ -10,4 +10,4 @@ export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} echo "--- Security Serverless Cypress" -yarn --cwd x-pack/test_serverless/functional/test_suites/security/cypress cypress:run +yarn --cwd x-pack/test/security_solution_cypress cypress:run:serverless diff --git a/.buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh b/.buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh new file mode 100644 index 0000000000000..323f1fc2224f1 --- /dev/null +++ b/.buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/steps/functional/common.sh +source .buildkite/scripts/steps/functional/common_cypress.sh + +export JOB=kibana-serverless-security-cypress +export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} + +echo "--- Security Defend Workflows Serverless Cypress" + +yarn --cwd x-pack/test_serverless/functional/test_suites/security/cypress cypress:run \ No newline at end of file diff --git a/.buildkite/scripts/steps/functional/security_serverless_explore.sh b/.buildkite/scripts/steps/functional/security_serverless_explore.sh new file mode 100644 index 0000000000000..d443e25cf82ad --- /dev/null +++ b/.buildkite/scripts/steps/functional/security_serverless_explore.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/steps/functional/common.sh +source .buildkite/scripts/steps/functional/common_cypress.sh + +export JOB=kibana-security-solution-chrome +export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} + +echo "--- Explore Cypress Tests on Serverless" + +yarn --cwd x-pack/test/security_solution_cypress cypress:explore:run:serverless diff --git a/.buildkite/scripts/steps/functional/security_serverless_investigations.sh b/.buildkite/scripts/steps/functional/security_serverless_investigations.sh new file mode 100644 index 0000000000000..57989361049b5 --- /dev/null +++ b/.buildkite/scripts/steps/functional/security_serverless_investigations.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/steps/functional/common.sh +source .buildkite/scripts/steps/functional/common_cypress.sh + +export JOB=kibana-security-solution-chrome +export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} + +echo "--- Investigations Cypress Tests on Serverless" + +yarn --cwd x-pack/test/security_solution_cypress cypress:investigations:run:serverless diff --git a/.buildkite/scripts/steps/functional/security_solution.sh b/.buildkite/scripts/steps/functional/security_solution.sh index 5890b463f7735..fdddc8573cff1 100755 --- a/.buildkite/scripts/steps/functional/security_solution.sh +++ b/.buildkite/scripts/steps/functional/security_solution.sh @@ -10,4 +10,4 @@ export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} echo "--- Security Solution Cypress tests (Chrome)" -yarn --cwd x-pack/plugins/security_solution cypress:run +yarn --cwd x-pack/test/security_solution_cypress cypress:run:ess diff --git a/.buildkite/scripts/steps/functional/security_solution_burn.sh b/.buildkite/scripts/steps/functional/security_solution_burn.sh index f8b809dbbdac1..755c5c6cd049d 100755 --- a/.buildkite/scripts/steps/functional/security_solution_burn.sh +++ b/.buildkite/scripts/steps/functional/security_solution_burn.sh @@ -12,4 +12,4 @@ buildkite-agent meta-data set "${BUILDKITE_JOB_ID}_is_test_execution_step" 'fals echo "--- Security Solution Cypress tests, burning changed specs (Chrome)" -yarn --cwd x-pack/plugins/security_solution cypress:changed-specs-only +yarn --cwd x-pack/test/security_solution_cypress cypress:changed-specs-only:ess diff --git a/.buildkite/scripts/steps/functional/security_solution_explore.sh b/.buildkite/scripts/steps/functional/security_solution_explore.sh index 6a13b09d15167..ff373dd8238e1 100644 --- a/.buildkite/scripts/steps/functional/security_solution_explore.sh +++ b/.buildkite/scripts/steps/functional/security_solution_explore.sh @@ -10,4 +10,4 @@ export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} echo "--- Explore Cypress Tests on Security Solution" -yarn --cwd x-pack/plugins/security_solution cypress:explore:run +yarn --cwd x-pack/test/security_solution_cypress cypress:explore:run:ess diff --git a/.buildkite/scripts/steps/functional/security_solution_investigations.sh b/.buildkite/scripts/steps/functional/security_solution_investigations.sh index e5685ac9dcb51..2ba771a0d658d 100644 --- a/.buildkite/scripts/steps/functional/security_solution_investigations.sh +++ b/.buildkite/scripts/steps/functional/security_solution_investigations.sh @@ -10,4 +10,4 @@ export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} echo "--- Investigations Cypress Tests on Security Solution" -yarn --cwd x-pack/plugins/security_solution cypress:investigations:run +yarn --cwd x-pack/test/security_solution_cypress cypress:investigations:run:ess diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 7e6319bff534d..b4906423ba9dd 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1088,7 +1088,7 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib /x-pack/plugins/security_solution/common/search_strategy/timeline @elastic/security-threat-hunting-investigations /x-pack/plugins/security_solution/common/types/timeline @elastic/security-threat-hunting-investigations -/x-pack/plugins/security_solution/cypress/e2e/investigations @elastic/security-threat-hunting-investigations +/x-pack/test/security_solution_cypress/cypress/e2e/investigations @elastic/security-threat-hunting-investigations /x-pack/plugins/security_solution/public/common/components/alerts_viewer @elastic/security-threat-hunting-investigations /x-pack/plugins/security_solution/public/detections/components/alerts_table/timeline_action @elastic/security-threat-hunting-investigations @@ -1112,12 +1112,11 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib /x-pack/plugins/security_solution/common/search_strategy/security_solution/network @elastic/security-threat-hunting-explore /x-pack/plugins/security_solution/common/search_strategy/security_solution/user @elastic/security-threat-hunting-explore -/x-pack/plugins/security_solution/cypress/e2e/explore @elastic/security-threat-hunting-explore -/x-pack/plugins/security_solution/cypress/screens/hosts @elastic/security-threat-hunting-explore -/x-pack/plugins/security_solution/cypress/screens/network @elastic/security-threat-hunting-explore -/x-pack/plugins/security_solution/cypress/tasks/hosts @elastic/security-threat-hunting-explore -/x-pack/plugins/security_solution/cypress/tasks/network @elastic/security-threat-hunting-explore -/x-pack/plugins/security_solution/cypress/upgrade_e2e/threat_hunting/cases @elastic/security-threat-hunting-explore +/x-pack/test/security_solution_cypress/cypress/e2e/explore @elastic/security-threat-hunting-explore +/x-pack/test/security_solution_cypress/cypress/screens/hosts @elastic/security-threat-hunting-explore +/x-pack/test/security_solution_cypress/cypress/screens/network @elastic/security-threat-hunting-explore +/x-pack/test/security_solution_cypress/cypress/tasks/hosts @elastic/security-threat-hunting-explore +/x-pack/test/security_solution_cypress/cypress/tasks/network @elastic/security-threat-hunting-explore /x-pack/plugins/security_solution/public/common/components/guided_onboarding_tour @elastic/security-threat-hunting-explore /x-pack/plugins/security_solution/public/common/components/charts @elastic/security-threat-hunting-explore @@ -1169,8 +1168,8 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib /x-pack/plugins/security_solution/common/detection_engine/rule_management @elastic/security-detection-rule-management /x-pack/plugins/security_solution/common/detection_engine/rule_monitoring @elastic/security-detection-rule-management -/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules @elastic/security-detection-rule-management -/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management @elastic/security-detection-rule-management +/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules @elastic/security-detection-rule-management +/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management @elastic/security-detection-rule-management /x-pack/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules @elastic/security-detection-rule-management /x-pack/plugins/security_solution/docs/testing/test_plans/detection_response/rule_management @elastic/security-detection-rule-management @@ -1217,12 +1216,12 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib /x-pack/plugins/security_solution/server/lib/detection_engine/routes/index @elastic/security-detection-engine /x-pack/plugins/security_solution/server/lib/detection_engine/routes/signals @elastic/security-detection-engine -/x-pack/plugins/security_solution/cypress/e2e/data_sources @elastic/security-detection-engine -/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation @elastic/security-detection-engine -/x-pack/plugins/security_solution/cypress/e2e/detection_response/value_lists @elastic/security-detection-engine -/x-pack/plugins/security_solution/cypress/e2e/entity_analytics @elastic/security-detection-engine -/x-pack/plugins/security_solution/cypress/e2e/exceptions @elastic/security-detection-engine -/x-pack/plugins/security_solution/cypress/e2e/overview @elastic/security-detection-engine +/x-pack/test/security_solution_cypress/cypress/e2e/data_sources @elastic/security-detection-engine +/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation @elastic/security-detection-engine +/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists @elastic/security-detection-engine +/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics @elastic/security-detection-engine +/x-pack/test/security_solution_cypress/cypress/e2e/exceptions @elastic/security-detection-engine +/x-pack/test/security_solution_cypress/cypress/e2e/overview @elastic/security-detection-engine /x-pack/plugins/security_solution/common/detection_engine/rule_exceptions @elastic/security-detection-engine @@ -1241,14 +1240,14 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib /x-pack/plugins/security_solution/public/common/components/threat_match @elastic/security-detection-engine ## Security Solution cross teams ownership -/x-pack/plugins/security_solution/cypress/fixtures @elastic/security-detections-response @elastic/security-threat-hunting -/x-pack/plugins/security_solution/cypress/helpers @elastic/security-detections-response @elastic/security-threat-hunting -/x-pack/plugins/security_solution/cypress/e2e/detection_rules @elastic/security-detection-rule-management @elastic/security-detection-engine -/x-pack/plugins/security_solution/cypress/objects @elastic/security-detections-response @elastic/security-threat-hunting -/x-pack/plugins/security_solution/cypress/plugins @elastic/security-detections-response @elastic/security-threat-hunting -/x-pack/plugins/security_solution/cypress/screens/common @elastic/security-detections-response @elastic/security-threat-hunting -/x-pack/plugins/security_solution/cypress/support @elastic/security-detections-response @elastic/security-threat-hunting -/x-pack/plugins/security_solution/cypress/urls @elastic/security-threat-hunting-investigations @elastic/security-detection-engine +/x-pack/test/security_solution_cypress/cypress/fixtures @elastic/security-detections-response @elastic/security-threat-hunting +/x-pack/test/security_solution_cypress/cypress/helpers @elastic/security-detections-response @elastic/security-threat-hunting +/x-pack/test/security_solution_cypress/cypress/e2e/detection_rules @elastic/security-detection-rule-management @elastic/security-detection-engine +/x-pack/test/security_solution_cypress/cypress/objects @elastic/security-detections-response @elastic/security-threat-hunting +/x-pack/test/security_solution_cypress/cypress/plugins @elastic/security-detections-response @elastic/security-threat-hunting +/x-pack/test/security_solution_cypress/cypress/screens/common @elastic/security-detections-response @elastic/security-threat-hunting +/x-pack/test/security_solution_cypress/cypress/support @elastic/security-detections-response @elastic/security-threat-hunting +/x-pack/test/security_solution_cypress/cypress/urls @elastic/security-threat-hunting-investigations @elastic/security-detection-engine /x-pack/plugins/security_solution/common/ecs @elastic/security-threat-hunting-investigations /x-pack/plugins/security_solution/common/test @elastic/security-detection-rule-management @elastic/security-detection-engine @@ -1284,9 +1283,7 @@ x-pack/plugins/security_solution/server/usage/ @elastic/security-data-analytics x-pack/plugins/security_solution/server/lib/telemetry/ @elastic/security-data-analytics ## Security Solution sub teams - security-engineering-productivity -x-pack/plugins/security_solution/cypress/ccs_e2e @elastic/security-engineering-productivity -x-pack/plugins/security_solution/cypress/upgrade_e2e @elastic/security-engineering-productivity -x-pack/plugins/security_solution/cypress/README.md @elastic/security-engineering-productivity +x-pack/test/security_solution_cypress/cypress/README.md @elastic/security-engineering-productivity x-pack/test/security_solution_cypress @elastic/security-engineering-productivity ## Security Solution sub teams - adaptive-workload-protection diff --git a/docs/management/advanced-options.asciidoc b/docs/management/advanced-options.asciidoc index 0974a7cf5caf3..5873af1ef9cb1 100644 --- a/docs/management/advanced-options.asciidoc +++ b/docs/management/advanced-options.asciidoc @@ -430,6 +430,9 @@ preview:[] Sorts services without anomaly detection rules on the APM Service inv [[observability-default-service-env]]`observability:apmDefaultServiceEnvironment`:: Set the default environment for the APM app. When left empty, data from all environments will be displayed by default. +[[observability-apm-enable-profiling]]`observability:apmEnableProfilingIntegration`:: +Enable the Universal Profiling integration in APM. + [[observability-enable-aws-lambda-metrics]]`observability:enableAwsLambdaMetrics`:: preview:[] Display Amazon Lambda metrics in the service metrics tab. diff --git a/src/plugins/controls/public/control_group/actions/delete_control_action.test.tsx b/src/plugins/controls/public/control_group/actions/delete_control_action.test.tsx index 0f64334b94787..cff04dc7e56a4 100644 --- a/src/plugins/controls/public/control_group/actions/delete_control_action.test.tsx +++ b/src/plugins/controls/public/control_group/actions/delete_control_action.test.tsx @@ -8,6 +8,7 @@ import { ErrorEmbeddable } from '@kbn/embeddable-plugin/public'; +import { OPTIONS_LIST_CONTROL } from '../../../common'; import { ControlOutput } from '../../types'; import { ControlGroupInput } from '../types'; import { pluginServices } from '../../services'; @@ -15,6 +16,7 @@ import { DeleteControlAction } from './delete_control_action'; import { OptionsListEmbeddableInput } from '../../options_list'; import { controlGroupInputBuilder } from '../external_api/control_group_input_builder'; import { ControlGroupContainer } from '../embeddable/control_group_container'; +import { OptionsListEmbeddableFactory } from '../../options_list/embeddable/options_list_embeddable_factory'; import { OptionsListEmbeddable } from '../../options_list/embeddable/options_list_embeddable'; import { mockedReduxEmbeddablePackage } from '@kbn/presentation-util-plugin/public/mocks'; @@ -22,6 +24,12 @@ let container: ControlGroupContainer; let embeddable: OptionsListEmbeddable; beforeAll(async () => { + pluginServices.getServices().controls.getControlFactory = jest + .fn() + .mockImplementation((type: string) => { + if (type === OPTIONS_LIST_CONTROL) return new OptionsListEmbeddableFactory(); + }); + const controlGroupInput = { chainingSystem: 'NONE', panels: {} } as ControlGroupInput; controlGroupInputBuilder.addOptionsListControl(controlGroupInput, { dataViewId: 'test-data-view', @@ -34,6 +42,7 @@ beforeAll(async () => { await container.untilInitialized(); embeddable = container.getChild(container.getChildIds()[0]); + expect(embeddable.type).toBe(OPTIONS_LIST_CONTROL); }); test('Action is incompatible with Error Embeddables', async () => { diff --git a/src/plugins/controls/public/control_group/actions/edit_control_action.test.tsx b/src/plugins/controls/public/control_group/actions/edit_control_action.test.tsx index d8a1bdb30832f..a496e8671f6d6 100644 --- a/src/plugins/controls/public/control_group/actions/edit_control_action.test.tsx +++ b/src/plugins/controls/public/control_group/actions/edit_control_action.test.tsx @@ -8,6 +8,7 @@ import { ErrorEmbeddable } from '@kbn/embeddable-plugin/public'; +import { OPTIONS_LIST_CONTROL } from '../../../common'; import { ControlOutput } from '../../types'; import { ControlGroupInput } from '../types'; import { pluginServices } from '../../services'; @@ -55,13 +56,14 @@ test('Action is compatible with embeddables that are editable', async () => { const editControlAction = new EditControlAction(deleteControlAction); const emptyContainer = new ControlGroupContainer(mockedReduxEmbeddablePackage, controlGroupInput); await emptyContainer.untilInitialized(); - await emptyContainer.addOptionsListControl({ + const control = await emptyContainer.addOptionsListControl({ dataViewId: 'test-data-view', title: 'test', fieldName: 'test-field', width: 'medium', grow: false, }); + expect(emptyContainer.getInput().panels[control.getInput().id].type).toBe(OPTIONS_LIST_CONTROL); expect( await editControlAction.isCompatible({ @@ -88,18 +90,16 @@ test('Execute should open a flyout', async () => { const emptyContainer = new ControlGroupContainer(mockedReduxEmbeddablePackage, controlGroupInput); await emptyContainer.untilInitialized(); - await emptyContainer.addOptionsListControl({ + const control = (await emptyContainer.addOptionsListControl({ dataViewId: 'test-data-view', title: 'test', fieldName: 'test-field', width: 'medium', grow: false, - }); - const embeddable: OptionsListEmbeddable = emptyContainer.getChild( - emptyContainer.getChildIds()[0] - ); + })) as OptionsListEmbeddable; + expect(emptyContainer.getInput().panels[control.getInput().id].type).toBe(OPTIONS_LIST_CONTROL); const editControlAction = new EditControlAction(deleteControlAction); - await editControlAction.execute({ embeddable }); + await editControlAction.execute({ embeddable: control }); expect(spyOn).toHaveBeenCalled(); }); diff --git a/test/functional/apps/discover/group2/_sql_view.ts b/test/functional/apps/discover/group2/_sql_view.ts index 95ce1516728d2..e25d8a1fce36c 100644 --- a/test/functional/apps/discover/group2/_sql_view.ts +++ b/test/functional/apps/discover/group2/_sql_view.ts @@ -31,7 +31,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { 'discover:enableSql': true, }; - describe('discover sql view', async function () { + // Failing: See https://github.com/elastic/kibana/issues/159194 + describe.skip('discover sql view', async function () { before(async () => { await security.testUser.setRoles(['kibana_admin', 'test_logstash_reader']); log.debug('load kibana index with default index pattern'); diff --git a/x-pack/plugins/fleet/server/integration_tests/fleet_usage_telemetry.test.ts b/x-pack/plugins/fleet/server/integration_tests/fleet_usage_telemetry.test.ts index b85f7e9bc91a5..7ab921ddca4b6 100644 --- a/x-pack/plugins/fleet/server/integration_tests/fleet_usage_telemetry.test.ts +++ b/x-pack/plugins/fleet/server/integration_tests/fleet_usage_telemetry.test.ts @@ -20,7 +20,8 @@ import { waitForFleetSetup } from './helpers'; const logFilePath = path.join(__dirname, 'logs.log'); -describe('fleet usage telemetry', () => { +// Failing ES promotion: https://github.com/elastic/kibana/issues/156245 +describe.skip('fleet usage telemetry', () => { let core: any; let esServer: TestElasticsearchUtils; let kbnServer: TestKibanaUtils; diff --git a/x-pack/plugins/osquery/package.json b/x-pack/plugins/osquery/package.json index 13ec9d29f13a7..91b9cf67d361c 100644 --- a/x-pack/plugins/osquery/package.json +++ b/x-pack/plugins/osquery/package.json @@ -5,8 +5,8 @@ "private": true, "license": "Elastic License 2.0", "scripts": { - "cypress:open": "node ../security_solution/scripts/start_cypress_parallel open --config-file ../osquery/cypress.config.ts --ftr-config-file ../../../../../../x-pack/test/osquery_cypress/cli_config", - "cypress:run": "node ../security_solution/scripts/start_cypress_parallel run --config-file ../osquery/cypress.config.ts --ftr-config-file ../../../../../../x-pack/test/osquery_cypress/cli_config --concurrency 1", + "cypress:open": "node ../security_solution/scripts/start_cypress_parallel open --config-file ../osquery/cypress.config.ts --ftr-config-file ../../../x-pack/test/osquery_cypress/cli_config", + "cypress:run": "node ../security_solution/scripts/start_cypress_parallel run --config-file ../osquery/cypress.config.ts --ftr-config-file ../../../x-pack/test/osquery_cypress/cli_config --concurrency 1", "nyc": "../../../node_modules/.bin/nyc report --reporter=text-summary" } } diff --git a/x-pack/plugins/reporting/public/share_context_menu/register_pdf_png_reporting.tsx b/x-pack/plugins/reporting/public/share_context_menu/register_pdf_png_reporting.tsx index 7efea3195b76a..4bcf9e5f37ecb 100644 --- a/x-pack/plugins/reporting/public/share_context_menu/register_pdf_png_reporting.tsx +++ b/x-pack/plugins/reporting/public/share_context_menu/register_pdf_png_reporting.tsx @@ -82,7 +82,6 @@ export const reportingScreenshotShareProvider = ({ let capabilityHasDashboardScreenshotReporting = false; let capabilityHasVisualizeScreenshotReporting = false; if (usesUiCapabilities) { - // TODO: add abstractions in ExportTypeRegistry to use here? capabilityHasDashboardScreenshotReporting = application.capabilities.dashboard?.generateScreenshot === true; capabilityHasVisualizeScreenshotReporting = @@ -106,7 +105,11 @@ export const reportingScreenshotShareProvider = ({ return []; } - if (isSupportedType && !capabilityHasVisualizeScreenshotReporting) { + if ( + isSupportedType && + !capabilityHasVisualizeScreenshotReporting && + !capabilityHasDashboardScreenshotReporting + ) { return []; } diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts deleted file mode 100644 index a091af3cc1417..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ROLES } from '../../../common/test'; -import { DETECTIONS_RULE_MANAGEMENT_URL, ALERTS_URL } from '../../urls/navigation'; -import { getNewRule } from '../../objects/rule'; -import { PAGE_TITLE } from '../../screens/common/page'; - -import { login, visitWithoutDateRange, waitForPageWithoutDateRange } from '../../tasks/login'; -import { goToRuleDetails } from '../../tasks/alerts_detection_rules'; -import { createRule, deleteCustomRule } from '../../tasks/api_calls/rules'; -import { getCallOut, waitForCallOutToBeShown } from '../../tasks/common/callouts'; - -const loadPageAsPlatformEngineerUser = (url: string) => { - login(ROLES.soc_manager); - waitForPageWithoutDateRange(url, ROLES.soc_manager); - waitForPageTitleToBeShown(); -}; - -const waitForPageTitleToBeShown = () => { - cy.get(PAGE_TITLE).should('be.visible'); -}; - -describe('Detections > Need Admin Callouts indicating an admin is needed to migrate the alert data set', () => { - const NEED_ADMIN_FOR_UPDATE_CALLOUT = 'need-admin-for-update-rules'; - - before(() => { - // First, we have to open the app on behalf of a privileged user in order to initialize it. - // Otherwise the app will be disabled and show a "welcome"-like page. - login(); - visitWithoutDateRange(ALERTS_URL); - waitForPageTitleToBeShown(); - }); - - context( - 'The users index_mapping_outdated is "true" and their admin callouts should show up', - () => { - beforeEach(() => { - // Index mapping outdated is forced to return true as being outdated so that we get the - // need admin callouts being shown. - cy.intercept('GET', '/api/detection_engine/index', (req) => { - req.reply((res) => { - res.send(200, { - index_mapping_outdated: true, - name: '.alerts-security.alerts-default', - }); - }); - }); - }); - - context('On Detections home page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(ALERTS_URL); - }); - - it('We show the need admin primary callout', () => { - waitForCallOutToBeShown(NEED_ADMIN_FOR_UPDATE_CALLOUT, 'primary'); - }); - }); - - context('On Rules Management page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); - }); - - it('We show 1 primary callout of need admin', () => { - waitForCallOutToBeShown(NEED_ADMIN_FOR_UPDATE_CALLOUT, 'primary'); - }); - }); - - context('On Rule Details page', () => { - beforeEach(() => { - createRule(getNewRule({ rule_id: 'rule_testing' })); - loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); - waitForPageTitleToBeShown(); - goToRuleDetails(); - }); - - afterEach(() => { - deleteCustomRule(); - }); - - it('We show 1 primary callout', () => { - waitForCallOutToBeShown(NEED_ADMIN_FOR_UPDATE_CALLOUT, 'primary'); - }); - }); - } - ); - - context( - 'The users index_mapping_outdated is "false" and their admin callouts should not show up ', - () => { - beforeEach(() => { - // Index mapping outdated is forced to return true as being outdated so that we get the - // need admin callouts being shown. - cy.intercept('GET', '/api/detection_engine/index', { - index_mapping_outdated: false, - name: '.alerts-security.alerts-default', - }); - }); - context('On Detections home page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(ALERTS_URL); - }); - - it('We show the need admin primary callout', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - - context('On Rules Management page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); - }); - - it('We show 1 primary callout of need admin', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - - context('On Rule Details page', () => { - beforeEach(() => { - createRule(getNewRule({ rule_id: 'rule_testing' })); - loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); - waitForPageTitleToBeShown(); - goToRuleDetails(); - }); - - afterEach(() => { - deleteCustomRule(); - }); - - it('We show 1 primary callout', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - } - ); - - context( - 'The users index_mapping_outdated is "null" and their admin callouts should not show up ', - () => { - beforeEach(() => { - // Index mapping outdated is forced to return true as being outdated so that we get the - // need admin callouts being shown. - cy.intercept('GET', '/api/detection_engine/index', { - index_mapping_outdated: null, - name: '.alerts-security.alerts-default', - }); - }); - context('On Detections home page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(ALERTS_URL); - }); - - it('We show the need admin primary callout', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - - context('On Rules Management page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); - }); - - it('We show 1 primary callout of need admin', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - - context('On Rule Details page', () => { - beforeEach(() => { - createRule(getNewRule({ rule_id: 'rule_testing' })); - loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); - waitForPageTitleToBeShown(); - goToRuleDetails(); - }); - - afterEach(() => { - deleteCustomRule(); - }); - - it('We show 1 primary callout', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - } - ); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_authorization.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_authorization.cy.ts deleted file mode 100644 index 202fb6766fc6f..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_authorization.cy.ts +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { APP_PATH, RULES_ADD_PATH, RULES_UPDATES } from '../../../../common/constants'; -import { createRuleAssetSavedObject } from '../../../helpers/rules'; -import { waitForRulesTableToBeLoaded } from '../../../tasks/alerts_detection_rules'; -import { createAndInstallMockedPrebuiltRules } from '../../../tasks/api_calls/prebuilt_rules'; -import { resetRulesTableState, deleteAlertsAndRules } from '../../../tasks/common'; -import { login, waitForPageWithoutDateRange } from '../../../tasks/login'; -import { SECURITY_DETECTIONS_RULES_URL } from '../../../urls/navigation'; -import { ROLES } from '../../../../common/test'; -import { - ADD_ELASTIC_RULES_BTN, - getInstallSingleRuleButtonByRuleId, - getUpgradeSingleRuleButtonByRuleId, - INSTALL_ALL_RULES_BUTTON, - RULES_UPDATES_TAB, - RULE_CHECKBOX, - UPGRADE_ALL_RULES_BUTTON, -} from '../../../screens/alerts_detection_rules'; - -const RULE_1_ID = 'rule_1'; -const RULE_2_ID = 'rule_2'; -const OUTDATED_RULE_1 = createRuleAssetSavedObject({ - name: 'Outdated rule 1', - rule_id: RULE_1_ID, - version: 1, -}); -const UPDATED_RULE_1 = createRuleAssetSavedObject({ - name: 'Updated rule 1', - rule_id: RULE_1_ID, - version: 2, -}); -const OUTDATED_RULE_2 = createRuleAssetSavedObject({ - name: 'Outdated rule 2', - rule_id: RULE_2_ID, - version: 1, -}); -const UPDATED_RULE_2 = createRuleAssetSavedObject({ - name: 'Updated rule 2', - rule_id: RULE_2_ID, - version: 2, -}); - -const loadPageAsReadOnlyUser = (url: string) => { - login(ROLES.reader); - waitForPageWithoutDateRange(url, ROLES.reader); -}; - -describe('Detection rules, Prebuilt Rules Installation and Update - Authorization/RBAC', () => { - beforeEach(() => { - login(); - resetRulesTableState(); - deleteAlertsAndRules(); - cy.task('esArchiverResetKibana'); - waitForRulesTableToBeLoaded(); - createAndInstallMockedPrebuiltRules({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); - }); - - describe('User with read privileges on Security Solution', () => { - const RULE_1 = createRuleAssetSavedObject({ - name: 'Test rule 1', - rule_id: 'rule_1', - }); - const RULE_2 = createRuleAssetSavedObject({ - name: 'Test rule 2', - rule_id: 'rule_2', - }); - beforeEach(() => { - // Now login with read-only user in preparation for test - createAndInstallMockedPrebuiltRules({ rules: [RULE_1, RULE_2], installToKibana: false }); - loadPageAsReadOnlyUser(SECURITY_DETECTIONS_RULES_URL); - waitForRulesTableToBeLoaded(); - }); - - it('should not be able to install prebuilt rules', () => { - // Check that Add Elastic Rules button is disabled - cy.get(ADD_ELASTIC_RULES_BTN).should('be.disabled'); - - // Navigate to Add Elastic Rules page anyways via URL - // and assert that rules cannot be selected and all - // installation buttons are disabled - cy.visit(`${APP_PATH}${RULES_ADD_PATH}`); - cy.get(INSTALL_ALL_RULES_BUTTON).should('be.disabled'); - cy.get(getInstallSingleRuleButtonByRuleId(RULE_1['security-rule'].rule_id)).should( - 'not.exist' - ); - cy.get(RULE_CHECKBOX).should('not.exist'); - }); - }); - - describe('User with read privileges on Security Solution', () => { - beforeEach(() => { - /* Create a second version of the rule, making it available for update */ - createAndInstallMockedPrebuiltRules({ - rules: [UPDATED_RULE_1, UPDATED_RULE_2], - installToKibana: false, - }); - // Now login with read-only user in preparation for test - loadPageAsReadOnlyUser(SECURITY_DETECTIONS_RULES_URL); - waitForRulesTableToBeLoaded(); - }); - - it('should not be able to upgrade prebuilt rules', () => { - // Check that Rule Update tab is not shown - cy.get(RULES_UPDATES_TAB).should('not.exist'); - - // Navigate to Rule Update tab anyways via URL - // and assert that rules cannot be selected and all - // upgrade buttons are disabled - cy.visit(`${APP_PATH}${RULES_UPDATES}`); - cy.get(UPGRADE_ALL_RULES_BUTTON).should('be.disabled'); - cy.get(getUpgradeSingleRuleButtonByRuleId(OUTDATED_RULE_1['security-rule'].rule_id)).should( - 'not.exist' - ); - cy.get(RULE_CHECKBOX).should('not.exist'); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_error_handling.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_error_handling.cy.ts deleted file mode 100644 index 9016816589610..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_error_handling.cy.ts +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createRuleAssetSavedObject } from '../../../helpers/rules'; -import { waitForRulesTableToBeLoaded } from '../../../tasks/alerts_detection_rules'; -import { createAndInstallMockedPrebuiltRules } from '../../../tasks/api_calls/prebuilt_rules'; -import { resetRulesTableState, deleteAlertsAndRules, reload } from '../../../tasks/common'; -import { login, visitWithoutDateRange } from '../../../tasks/login'; -import { SECURITY_DETECTIONS_RULES_URL } from '../../../urls/navigation'; -import { - addElasticRulesButtonClick, - assertRuleAvailableForInstallAndInstallOne, - assertRuleAvailableForInstallAndInstallSelected, - assertRuleAvailableForInstallAndInstallAllInPage, - assertRuleAvailableForInstallAndInstallAll, - assertRuleUpgradeAvailableAndUpgradeOne, - assertRuleUpgradeAvailableAndUpgradeSelected, - assertRuleUpgradeAvailableAndUpgradeAllInPage, - assertRuleUpgradeAvailableAndUpgradeAll, - ruleUpdatesTabClick, -} from '../../../tasks/prebuilt_rules'; - -describe('Detection rules, Prebuilt Rules Installation and Update - Error handling', () => { - beforeEach(() => { - login(); - resetRulesTableState(); - deleteAlertsAndRules(); - cy.task('esArchiverResetKibana'); - - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - }); - - describe('Installation of prebuilt rules - Should fail gracefully with toast error message when', () => { - const RULE_1 = createRuleAssetSavedObject({ - name: 'Test rule 1', - rule_id: 'rule_1', - }); - const RULE_2 = createRuleAssetSavedObject({ - name: 'Test rule 2', - rule_id: 'rule_2', - }); - beforeEach(() => { - createAndInstallMockedPrebuiltRules({ rules: [RULE_1, RULE_2], installToKibana: false }); - waitForRulesTableToBeLoaded(); - }); - - it('installing prebuilt rules one by one', () => { - addElasticRulesButtonClick(); - assertRuleAvailableForInstallAndInstallOne({ rules: [RULE_1], didRequestFail: true }); - }); - - it('installing multiple selected prebuilt rules by selecting them individually', () => { - addElasticRulesButtonClick(); - assertRuleAvailableForInstallAndInstallSelected({ - rules: [RULE_1, RULE_2], - didRequestFail: true, - }); - }); - - it('installing multiple selected prebuilt rules by selecting all in page', () => { - addElasticRulesButtonClick(); - assertRuleAvailableForInstallAndInstallAllInPage({ - rules: [RULE_1, RULE_2], - didRequestFail: true, - }); - }); - - it('installing all available rules at once', () => { - addElasticRulesButtonClick(); - assertRuleAvailableForInstallAndInstallAll({ rules: [RULE_1, RULE_2], didRequestFail: true }); - }); - }); - - describe('Update of prebuilt rules - Should fail gracefully with toast error message when', () => { - const RULE_1_ID = 'rule_1'; - const RULE_2_ID = 'rule_2'; - const OUTDATED_RULE_1 = createRuleAssetSavedObject({ - name: 'Outdated rule 1', - rule_id: RULE_1_ID, - version: 1, - }); - const UPDATED_RULE_1 = createRuleAssetSavedObject({ - name: 'Updated rule 1', - rule_id: RULE_1_ID, - version: 2, - }); - const OUTDATED_RULE_2 = createRuleAssetSavedObject({ - name: 'Outdated rule 2', - rule_id: RULE_2_ID, - version: 1, - }); - const UPDATED_RULE_2 = createRuleAssetSavedObject({ - name: 'Updated rule 2', - rule_id: RULE_2_ID, - version: 2, - }); - beforeEach(() => { - /* Create a new rule and install it */ - createAndInstallMockedPrebuiltRules({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); - /* Create a second version of the rule, making it available for update */ - createAndInstallMockedPrebuiltRules({ - rules: [UPDATED_RULE_1, UPDATED_RULE_2], - installToKibana: false, - }); - waitForRulesTableToBeLoaded(); - reload(); - }); - - it('upgrading prebuilt rules one by one', () => { - ruleUpdatesTabClick(); - assertRuleUpgradeAvailableAndUpgradeOne({ rules: [OUTDATED_RULE_1], didRequestFail: true }); - }); - - it('upgrading multiple selected prebuilt rules by selecting them individually', () => { - ruleUpdatesTabClick(); - assertRuleUpgradeAvailableAndUpgradeSelected({ - rules: [OUTDATED_RULE_1, OUTDATED_RULE_2], - didRequestFail: true, - }); - }); - - it('upgrading multiple selected prebuilt rules by selecting all in page', () => { - ruleUpdatesTabClick(); - assertRuleUpgradeAvailableAndUpgradeAllInPage({ - rules: [OUTDATED_RULE_1, OUTDATED_RULE_2], - didRequestFail: true, - }); - }); - - it('upgrading all rules with available upgrades at once', () => { - ruleUpdatesTabClick(); - assertRuleUpgradeAvailableAndUpgradeAll({ - rules: [OUTDATED_RULE_1, OUTDATED_RULE_2], - didRequestFail: true, - }); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_workflows.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_workflows.cy.ts deleted file mode 100644 index f148e973300dd..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_workflows.cy.ts +++ /dev/null @@ -1,262 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { BulkInstallPackageInfo } from '@kbn/fleet-plugin/common'; -import type { Rule } from '../../../../public/detection_engine/rule_management/logic/types'; -import { createRuleAssetSavedObject } from '../../../helpers/rules'; -import { - GO_BACK_TO_RULES_TABLE_BUTTON, - INSTALL_ALL_RULES_BUTTON, - INSTALL_SELECTED_RULES_BUTTON, - NO_RULES_AVAILABLE_FOR_INSTALL_MESSSAGE, - NO_RULES_AVAILABLE_FOR_UPGRADE_MESSSAGE, - RULES_UPDATES_TAB, - RULE_CHECKBOX, - SELECT_ALL_RULES_ON_PAGE_CHECKBOX, - TOASTER, -} from '../../../screens/alerts_detection_rules'; -import { waitForRulesTableToBeLoaded } from '../../../tasks/alerts_detection_rules'; -import { - getRuleAssets, - createAndInstallMockedPrebuiltRules, -} from '../../../tasks/api_calls/prebuilt_rules'; -import { resetRulesTableState, deleteAlertsAndRules, reload } from '../../../tasks/common'; -import { login, visitWithoutDateRange } from '../../../tasks/login'; -import { SECURITY_DETECTIONS_RULES_URL } from '../../../urls/navigation'; -import { - addElasticRulesButtonClick, - assertRuleAvailableForInstallAndInstallOne, - assertRuleAvailableForInstallAndInstallSelected, - assertRuleAvailableForInstallAndInstallAllInPage, - assertRuleAvailableForInstallAndInstallAll, - assertRuleUpgradeAvailableAndUpgradeOne, - assertRuleUpgradeAvailableAndUpgradeSelected, - assertRuleUpgradeAvailableAndUpgradeAllInPage, - assertRuleUpgradeAvailableAndUpgradeAll, - ruleUpdatesTabClick, -} from '../../../tasks/prebuilt_rules'; - -describe('Detection rules, Prebuilt Rules Installation and Update workflow', () => { - beforeEach(() => { - login(); - resetRulesTableState(); - deleteAlertsAndRules(); - cy.task('esArchiverResetKibana'); - - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - }); - - describe('Installation of prebuilt rules package via Fleet', () => { - beforeEach(() => { - cy.intercept('POST', '/api/fleet/epm/packages/_bulk*').as('installPackageBulk'); - cy.intercept('POST', '/api/fleet/epm/packages/security_detection_engine/*').as( - 'installPackage' - ); - waitForRulesTableToBeLoaded(); - }); - - it('should install package from Fleet in the background', () => { - /* Assert that the package in installed from Fleet */ - cy.wait('@installPackageBulk', { - timeout: 60000, - }).then(({ response: bulkResponse }) => { - cy.wrap(bulkResponse?.statusCode).should('eql', 200); - - const packages = bulkResponse?.body.items.map( - ({ name, result }: BulkInstallPackageInfo) => ({ - name, - }) - ); - - const packagesBulkInstalled = packages.map(({ name }: { name: string }) => name); - - // Under normal flow the package is installed via the Fleet bulk install API. - // However, for testing purposes the package can be installed via the Fleet individual install API, - // so we need to intercept and wait for that request as well. - if (!packagesBulkInstalled.includes('security_detection_engine')) { - // Should happen only during testing when the `xpack.securitySolution.prebuiltRulesPackageVersion` flag is set - cy.wait('@installPackage').then(({ response }) => { - cy.wrap(response?.statusCode).should('eql', 200); - cy.wrap(response?.body) - .should('have.property', 'items') - .should('have.length.greaterThan', 0); - }); - } else { - // Normal flow, install via the Fleet bulk install API - expect(packages.length).to.have.greaterThan(0); - // At least one of the packages installed should be the security_detection_engine package - expect(packages).to.satisfy((pckgs: BulkInstallPackageInfo[]) => - pckgs.some((pkg) => pkg.name === 'security_detection_engine') - ); - } - }); - }); - - it('should install rules from the Fleet package when user clicks on CTA', () => { - const getRulesAndAssertNumberInstalled = () => { - getRuleAssets().then((response) => { - const ruleIds = response.body.hits.hits.map( - (hit: { _source: { ['security-rule']: Rule } }) => hit._source['security-rule'].rule_id - ); - - const numberOfRulesToInstall = new Set(ruleIds).size; - addElasticRulesButtonClick(); - - cy.get(INSTALL_ALL_RULES_BUTTON).should('be.enabled').click(); - cy.get(TOASTER) - .should('be.visible') - .should('have.text', `${numberOfRulesToInstall} rules installed successfully.`); - }); - }; - /* Retrieve how many rules were installed from the Fleet package */ - /* See comments in test above for more details */ - cy.wait('@installPackageBulk', { - timeout: 60000, - }).then(({ response: bulkResponse }) => { - cy.wrap(bulkResponse?.statusCode).should('eql', 200); - - const packagesBulkInstalled = bulkResponse?.body.items.map( - ({ name }: { name: string }) => name - ); - - if (!packagesBulkInstalled.includes('security_detection_engine')) { - cy.wait('@installPackage').then(() => { - getRulesAndAssertNumberInstalled(); - }); - } else { - getRulesAndAssertNumberInstalled(); - } - }); - }); - }); - - describe('Installation of prebuilt rules', () => { - const RULE_1 = createRuleAssetSavedObject({ - name: 'Test rule 1', - rule_id: 'rule_1', - }); - const RULE_2 = createRuleAssetSavedObject({ - name: 'Test rule 2', - rule_id: 'rule_2', - }); - beforeEach(() => { - createAndInstallMockedPrebuiltRules({ rules: [RULE_1, RULE_2], installToKibana: false }); - waitForRulesTableToBeLoaded(); - cy.intercept('POST', '/internal/detection_engine/prebuilt_rules/installation/_perform').as( - 'installPrebuiltRules' - ); - }); - - it('should install prebuilt rules one by one', () => { - addElasticRulesButtonClick(); - assertRuleAvailableForInstallAndInstallOne({ rules: [RULE_1] }); - }); - - it('should install multiple selected prebuilt rules by selecting them individually', () => { - addElasticRulesButtonClick(); - assertRuleAvailableForInstallAndInstallSelected({ rules: [RULE_1, RULE_2] }); - }); - - it('should install multiple selected prebuilt rules by selecting all in page', () => { - addElasticRulesButtonClick(); - assertRuleAvailableForInstallAndInstallAllInPage({ rules: [RULE_1, RULE_2] }); - }); - - it('should install all available rules at once', () => { - addElasticRulesButtonClick(); - assertRuleAvailableForInstallAndInstallAll({ rules: [RULE_1, RULE_2] }); - }); - - it('should display an empty screen when all available prebuilt rules have been installed', () => { - addElasticRulesButtonClick(); - cy.get(INSTALL_ALL_RULES_BUTTON).click(); - cy.get(TOASTER).should('be.visible').should('have.text', `2 rules installed successfully.`); - cy.get(RULE_CHECKBOX).should('not.exist'); - cy.get(NO_RULES_AVAILABLE_FOR_INSTALL_MESSSAGE).should('exist'); - cy.get(GO_BACK_TO_RULES_TABLE_BUTTON).should('exist'); - }); - - it('should fail gracefully with toast error message when request to install rules fails', () => { - /* Stub request to force rules installation to fail */ - cy.intercept('POST', '/internal/detection_engine/prebuilt_rules/installation/_perform', { - statusCode: 500, - }).as('installPrebuiltRules'); - addElasticRulesButtonClick(); - cy.get(SELECT_ALL_RULES_ON_PAGE_CHECKBOX).click(); - cy.get(INSTALL_SELECTED_RULES_BUTTON).click(); - cy.wait('@installPrebuiltRules'); - cy.get(TOASTER).should('be.visible').should('have.text', 'Rule installation failed'); - }); - }); - - describe('Upgrade of prebuilt rules', () => { - const RULE_1_ID = 'rule_1'; - const RULE_2_ID = 'rule_2'; - const OUTDATED_RULE_1 = createRuleAssetSavedObject({ - name: 'Outdated rule 1', - rule_id: RULE_1_ID, - version: 1, - }); - const UPDATED_RULE_1 = createRuleAssetSavedObject({ - name: 'Updated rule 1', - rule_id: RULE_1_ID, - version: 2, - }); - const OUTDATED_RULE_2 = createRuleAssetSavedObject({ - name: 'Outdated rule 2', - rule_id: RULE_2_ID, - version: 1, - }); - const UPDATED_RULE_2 = createRuleAssetSavedObject({ - name: 'Updated rule 2', - rule_id: RULE_2_ID, - version: 2, - }); - beforeEach(() => { - cy.intercept('POST', '/internal/detection_engine/prebuilt_rules/upgrade/_perform').as( - 'updatePrebuiltRules' - ); - /* Create a new rule and install it */ - createAndInstallMockedPrebuiltRules({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); - /* Create a second version of the rule, making it available for update */ - createAndInstallMockedPrebuiltRules({ - rules: [UPDATED_RULE_1, UPDATED_RULE_2], - installToKibana: false, - }); - waitForRulesTableToBeLoaded(); - reload(); - }); - - it('should upgrade prebuilt rules one by one', () => { - ruleUpdatesTabClick(); - assertRuleUpgradeAvailableAndUpgradeOne({ rules: [OUTDATED_RULE_1] }); - }); - - it('should upgrade multiple selected prebuilt rules by selecting them individually', () => { - ruleUpdatesTabClick(); - assertRuleUpgradeAvailableAndUpgradeSelected({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); - }); - - it('should upgrade multiple selected prebuilt rules by selecting all in page', () => { - ruleUpdatesTabClick(); - assertRuleUpgradeAvailableAndUpgradeAllInPage({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); - }); - - it('should upgrade all rules with available upgrades at once', () => { - ruleUpdatesTabClick(); - assertRuleUpgradeAvailableAndUpgradeAll({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); - cy.get(RULES_UPDATES_TAB).should('not.exist'); - }); - - it('should display an empty screen when all rules with available updates have been upgraded', () => { - ruleUpdatesTabClick(); - assertRuleUpgradeAvailableAndUpgradeAll({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); - cy.get(RULES_UPDATES_TAB).should('not.exist'); - cy.get(NO_RULES_AVAILABLE_FOR_UPGRADE_MESSSAGE).should('exist'); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_notifications.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_notifications.cy.ts deleted file mode 100644 index 9fb1dcf16cbfe..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_notifications.cy.ts +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createRuleAssetSavedObject } from '../../../helpers/rules'; -import { ADD_ELASTIC_RULES_BTN, RULES_UPDATES_TAB } from '../../../screens/alerts_detection_rules'; -import { - deleteFirstRule, - waitForRulesTableToBeLoaded, -} from '../../../tasks/alerts_detection_rules'; -import { - installAllPrebuiltRulesRequest, - createAndInstallMockedPrebuiltRules, -} from '../../../tasks/api_calls/prebuilt_rules'; -import { - resetRulesTableState, - deleteAlertsAndRules, - reload, - deletePrebuiltRulesAssets, -} from '../../../tasks/common'; -import { login, visitWithoutDateRange } from '../../../tasks/login'; -import { SECURITY_DETECTIONS_RULES_URL } from '../../../urls/navigation'; - -const RULE_1 = createRuleAssetSavedObject({ - name: 'Test rule 1', - rule_id: 'rule_1', -}); - -describe('Detection rules, Prebuilt Rules Installation and Update Notifications', () => { - beforeEach(() => { - login(); - /* Make sure persisted rules table state is cleared */ - resetRulesTableState(); - deleteAlertsAndRules(); - deletePrebuiltRulesAssets(); - }); - - describe('No notifications', () => { - it('should NOT display install or update notifications when no prebuilt assets and no rules are installed', () => { - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - waitForRulesTableToBeLoaded(); - // TODO: test plan asserts "should NOT see a CTA to install prebuilt rules" - // but current behavior is to always show the CTA, even with no prebuilt rule assets installed - // Update that behaviour and then update this test. - cy.get(RULES_UPDATES_TAB).should('not.exist'); - }); - - it('should NOT display install or update notifications when latest rules are installed', () => { - createAndInstallMockedPrebuiltRules({ rules: [RULE_1], installToKibana: true }); - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - waitForRulesTableToBeLoaded(); - - /* Assert that there are no installation or update notifications */ - /* Add Elastic Rules button should not contain a number badge */ - /* and Rule Upgrade tab should not be displayed */ - cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', 'Add Elastic rules'); - cy.get(RULES_UPDATES_TAB).should('not.exist'); - }); - }); - - describe('Notifications', () => { - beforeEach(() => { - createAndInstallMockedPrebuiltRules({ rules: [RULE_1], installToKibana: false }); - }); - - describe('Rules installation notification when no rules have been installed', () => { - beforeEach(() => { - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - }); - - it('should notify user about prebuilt rules available for installation', () => { - cy.get(ADD_ELASTIC_RULES_BTN).should('be.visible'); - cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', `Add Elastic rules${1}`); - cy.get(RULES_UPDATES_TAB).should('not.exist'); - }); - }); - - describe('Rule installation notification when at least one rule already installed', () => { - beforeEach(() => { - installAllPrebuiltRulesRequest().then(() => { - /* Create new rule assets with a different rule_id as the one that was */ - /* installed before in order to trigger the installation notification */ - const RULE_2 = createRuleAssetSavedObject({ - name: 'Test rule 2', - rule_id: 'rule_2', - }); - const RULE_3 = createRuleAssetSavedObject({ - name: 'Test rule 3', - rule_id: 'rule_3', - }); - - createAndInstallMockedPrebuiltRules({ rules: [RULE_2, RULE_3], installToKibana: false }); - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - waitForRulesTableToBeLoaded(); - }); - }); - - it('should notify user about prebuilt rules available for installation', () => { - const numberOfAvailableRules = 2; - cy.get(ADD_ELASTIC_RULES_BTN).should('be.visible'); - cy.get(ADD_ELASTIC_RULES_BTN).should( - 'have.text', - `Add Elastic rules${numberOfAvailableRules}` - ); - cy.get(RULES_UPDATES_TAB).should('not.exist'); - }); - - it('should notify user a rule is again available for installation if it is deleted', () => { - /* Install available rules, assert that the notification is gone */ - /* then delete one rule and assert that the notification is back */ - installAllPrebuiltRulesRequest().then(() => { - reload(); - deleteFirstRule(); - cy.get(ADD_ELASTIC_RULES_BTN).should('be.visible'); - cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', `Add Elastic rules${1}`); - }); - }); - }); - - describe('Rule update notification', () => { - beforeEach(() => { - installAllPrebuiltRulesRequest().then(() => { - /* Create new rule asset with the same rule_id as the one that was installed */ - /* but with a higher version, in order to trigger the update notification */ - const UPDATED_RULE = createRuleAssetSavedObject({ - name: 'Test rule 1.1 (updated)', - rule_id: 'rule_1', - version: 2, - }); - createAndInstallMockedPrebuiltRules({ rules: [UPDATED_RULE], installToKibana: false }); - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - waitForRulesTableToBeLoaded(); - reload(); - }); - }); - - it('should notify user about prebuilt rules package available for update', () => { - // No rules available for installation - cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', `Add Elastic rules`); - // But 1 rule available for update - cy.get(RULES_UPDATES_TAB).should('be.visible'); - cy.get(RULES_UPDATES_TAB).should('have.text', `Rule Updates${1}`); - }); - }); - - describe('Rule installation available and rule update available notifications', () => { - beforeEach(() => { - installAllPrebuiltRulesRequest().then(() => { - /* Create new rule assets with a different rule_id as the one that was */ - /* installed before in order to trigger the installation notification */ - const RULE_2 = createRuleAssetSavedObject({ - name: 'Test rule 2', - rule_id: 'rule_2', - }); - /* Create new rule asset with the same rule_id as the one that was installed */ - /* but with a higher version, in order to trigger the update notification */ - const UPDATED_RULE = createRuleAssetSavedObject({ - name: 'Test rule 1.1 (updated)', - rule_id: 'rule_1', - version: 2, - }); - createAndInstallMockedPrebuiltRules({ - rules: [RULE_2, UPDATED_RULE], - installToKibana: false, - }); - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - waitForRulesTableToBeLoaded(); - }); - }); - - it('should notify user about prebuilt rules available for installation and for upgrade', () => { - // 1 rule available for installation - cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', `Add Elastic rules${1}`); - // 1 rule available for update - cy.get(RULES_UPDATES_TAB).should('be.visible'); - cy.get(RULES_UPDATES_TAB).should('have.text', `Rule Updates${1}`); - }); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_actions/rule_actions.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_actions/rule_actions.cy.ts deleted file mode 100644 index 58bf0726918c0..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_actions/rule_actions.cy.ts +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { getIndexConnector } from '../../../objects/connector'; -import { getSimpleCustomQueryRule } from '../../../objects/rule'; - -import { goToRuleDetails } from '../../../tasks/alerts_detection_rules'; -import { deleteIndex, waitForNewDocumentToBeIndexed } from '../../../tasks/api_calls/elasticsearch'; -import { - cleanKibana, - deleteAlertsAndRules, - deleteConnectors, - deleteDataView, -} from '../../../tasks/common'; -import { - createAndEnableRule, - fillAboutRuleAndContinue, - fillDefineCustomRuleAndContinue, - fillRuleAction, - fillScheduleRuleAndContinue, -} from '../../../tasks/create_new_rule'; -import { login, visit } from '../../../tasks/login'; - -import { RULE_CREATION } from '../../../urls/navigation'; - -describe('Rule actions during detection rule creation', () => { - const indexConnector = getIndexConnector(); - - before(() => { - cleanKibana(); - }); - - beforeEach(() => { - login(); - deleteAlertsAndRules(); - deleteConnectors(); - deleteIndex(indexConnector.index); - deleteDataView(indexConnector.index); - }); - - const rule = getSimpleCustomQueryRule(); - const actions = { connectors: [indexConnector] }; - const index = actions.connectors[0].index; - const initialNumberOfDocuments = 0; - const expectedJson = JSON.parse(actions.connectors[0].document); - - it('Indexes a new document after the index action is triggered ', function () { - visit(RULE_CREATION); - fillDefineCustomRuleAndContinue(rule); - fillAboutRuleAndContinue(rule); - fillScheduleRuleAndContinue(rule); - fillRuleAction(actions); - createAndEnableRule(); - goToRuleDetails(); - - /* When the rule is executed, the action is triggered. We wait for the new document to be indexed */ - waitForNewDocumentToBeIndexed(index, initialNumberOfDocuments); - - /* We assert that the new indexed document is the one set on the index action */ - cy.request({ - method: 'GET', - url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_search`, - headers: { 'kbn-xsrf': 'cypress-creds' }, - }).then((response) => { - expect(response.body.hits.hits[0]._source).to.deep.equal(expectedJson); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts deleted file mode 100644 index 386d0be97d2a8..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts +++ /dev/null @@ -1,221 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { RuleActionArray } from '@kbn/securitysolution-io-ts-alerting-types'; -import { ROLES } from '../../../../../../common/test'; - -import { - RULES_BULK_EDIT_ACTIONS_INFO, - RULES_BULK_EDIT_ACTIONS_WARNING, - ADD_RULE_ACTIONS_MENU_ITEM, -} from '../../../../../screens/rules_bulk_actions'; -import { actionFormSelector } from '../../../../../screens/common/rule_actions'; - -import { cleanKibana, deleteAlertsAndRules, deleteConnectors } from '../../../../../tasks/common'; -import type { RuleActionCustomFrequency } from '../../../../../tasks/common/rule_actions'; -import { - addSlackRuleAction, - assertSlackRuleAction, - addEmailConnectorAndRuleAction, - assertEmailRuleAction, - assertSelectedCustomFrequencyOption, - assertSelectedPerRuleRunFrequencyOption, - assertSelectedSummaryOfAlertsOption, - pickCustomFrequencyOption, - pickPerRuleRunFrequencyOption, - pickSummaryOfAlertsOption, -} from '../../../../../tasks/common/rule_actions'; -import { - waitForRulesTableToBeLoaded, - selectNumberOfRules, - goToEditRuleActionsSettingsOf, -} from '../../../../../tasks/alerts_detection_rules'; -import { - waitForBulkEditActionToFinish, - submitBulkEditForm, - checkOverwriteRuleActionsCheckbox, - openBulkEditRuleActionsForm, - openBulkActionsMenu, -} from '../../../../../tasks/rules_bulk_actions'; -import { login, visitWithoutDateRange } from '../../../../../tasks/login'; - -import { SECURITY_DETECTIONS_RULES_URL } from '../../../../../urls/navigation'; - -import { createRule } from '../../../../../tasks/api_calls/rules'; -import { createSlackConnector } from '../../../../../tasks/api_calls/connectors'; - -import { - getEqlRule, - getNewThreatIndicatorRule, - getNewRule, - getNewThresholdRule, - getMachineLearningRule, - getNewTermsRule, -} from '../../../../../objects/rule'; -import { excessivelyInstallAllPrebuiltRules } from '../../../../../tasks/api_calls/prebuilt_rules'; - -const ruleNameToAssert = 'Custom rule name with actions'; -const expectedNumberOfCustomRulesToBeEdited = 7; -// 7 custom rules of different types + 3 prebuilt. -// number of selected rules doesn't matter, we only want to make sure they will be edited an no modal window displayed as for other actions -const expectedNumberOfRulesToBeEdited = expectedNumberOfCustomRulesToBeEdited + 3; - -const expectedExistingSlackMessage = 'Existing slack action'; -const expectedSlackMessage = 'Slack action test message'; - -// TODO: Fix flakiness and unskip https://github.com/elastic/kibana/issues/154721 -describe.skip('Detection rules, bulk edit of rule actions', () => { - before(() => { - cleanKibana(); - login(); - }); - - beforeEach(() => { - deleteAlertsAndRules(); - deleteConnectors(); - cy.task('esArchiverResetKibana'); - - createSlackConnector().then(({ body }) => { - const actions: RuleActionArray = [ - { - id: body.id, - action_type_id: '.slack', - group: 'default', - params: { - message: expectedExistingSlackMessage, - }, - frequency: { - summary: true, - throttle: null, - notifyWhen: 'onActiveAlert', - }, - }, - ]; - - createRule(getNewRule({ name: ruleNameToAssert, rule_id: '1', max_signals: 500, actions })); - }); - - createRule(getEqlRule({ rule_id: '2' })); - createRule(getMachineLearningRule({ rule_id: '3' })); - createRule(getNewThreatIndicatorRule({ rule_id: '4' })); - createRule(getNewThresholdRule({ rule_id: '5' })); - createRule(getNewTermsRule({ rule_id: '6' })); - createRule(getNewRule({ saved_id: 'mocked', rule_id: '7' })); - - createSlackConnector(); - }); - - context('Restricted action privileges', () => { - it("User with no privileges can't add rule actions", () => { - login(ROLES.hunter_no_actions); - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL, ROLES.hunter_no_actions); - waitForRulesTableToBeLoaded(); - - selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); - - openBulkActionsMenu(); - - cy.get(ADD_RULE_ACTIONS_MENU_ITEM).should('be.disabled'); - }); - }); - - context('All actions privileges', () => { - beforeEach(() => { - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - waitForRulesTableToBeLoaded(); - }); - - it('Add a rule action to rules (existing connector)', () => { - const expectedActionFrequency: RuleActionCustomFrequency = { - throttle: 1, - throttleUnit: 'd', - }; - - excessivelyInstallAllPrebuiltRules(); - - // select both custom and prebuilt rules - selectNumberOfRules(expectedNumberOfRulesToBeEdited); - openBulkEditRuleActionsForm(); - - // ensure rule actions info callout displayed on the form - cy.get(RULES_BULK_EDIT_ACTIONS_INFO).should('be.visible'); - - addSlackRuleAction(expectedSlackMessage); - pickSummaryOfAlertsOption(); - pickCustomFrequencyOption(expectedActionFrequency); - - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfRulesToBeEdited }); - - // check if rule has been updated - goToEditRuleActionsSettingsOf(ruleNameToAssert); - - assertSelectedSummaryOfAlertsOption(); - assertSelectedCustomFrequencyOption(expectedActionFrequency, 1); - assertSlackRuleAction(expectedExistingSlackMessage, 0); - assertSlackRuleAction(expectedSlackMessage, 1); - // ensure there is no third action - cy.get(actionFormSelector(2)).should('not.exist'); - }); - - it('Overwrite rule actions in rules', () => { - excessivelyInstallAllPrebuiltRules(); - - // select both custom and prebuilt rules - selectNumberOfRules(expectedNumberOfRulesToBeEdited); - openBulkEditRuleActionsForm(); - - addSlackRuleAction(expectedSlackMessage); - pickSummaryOfAlertsOption(); - pickPerRuleRunFrequencyOption(); - - // check overwrite box, ensure warning is displayed - checkOverwriteRuleActionsCheckbox(); - cy.get(RULES_BULK_EDIT_ACTIONS_WARNING).contains( - `You're about to overwrite rule actions for ${expectedNumberOfRulesToBeEdited} selected rules` - ); - - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfRulesToBeEdited }); - - // check if rule has been updated - goToEditRuleActionsSettingsOf(ruleNameToAssert); - - assertSelectedSummaryOfAlertsOption(); - assertSelectedPerRuleRunFrequencyOption(); - assertSlackRuleAction(expectedSlackMessage); - // ensure existing action was overwritten - cy.get(actionFormSelector(1)).should('not.exist'); - }); - - it('Add a rule action to rules (new connector)', () => { - const expectedActionFrequency: RuleActionCustomFrequency = { - throttle: 2, - throttleUnit: 'h', - }; - const expectedEmail = 'test@example.com'; - const expectedSubject = 'Subject'; - - selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); - openBulkEditRuleActionsForm(); - - addEmailConnectorAndRuleAction(expectedEmail, expectedSubject); - pickSummaryOfAlertsOption(); - pickCustomFrequencyOption(expectedActionFrequency); - - submitBulkEditForm(); - waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfCustomRulesToBeEdited }); - - // check if rule has been updated - goToEditRuleActionsSettingsOf(ruleNameToAssert); - - assertSelectedSummaryOfAlertsOption(); - assertSelectedCustomFrequencyOption(expectedActionFrequency, 1); - assertEmailRuleAction(expectedEmail, expectedSubject); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts deleted file mode 100644 index 16fd49767fcc4..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts +++ /dev/null @@ -1,242 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { - RULES_BULK_EDIT_DATA_VIEWS_WARNING, - RULES_BULK_EDIT_OVERWRITE_DATA_VIEW_CHECKBOX, -} from '../../../../../screens/rules_bulk_actions'; - -import { DATA_VIEW_DETAILS, INDEX_PATTERNS_DETAILS } from '../../../../../screens/rule_details'; - -import { - waitForRulesTableToBeLoaded, - goToRuleDetails, - selectNumberOfRules, - goToTheRuleDetailsOf, -} from '../../../../../tasks/alerts_detection_rules'; - -import { - typeIndexPatterns, - waitForBulkEditActionToFinish, - submitBulkEditForm, - checkOverwriteDataViewCheckbox, - checkOverwriteIndexPatternsCheckbox, - openBulkEditAddIndexPatternsForm, - openBulkEditDeleteIndexPatternsForm, -} from '../../../../../tasks/rules_bulk_actions'; - -import { - hasIndexPatterns, - getDetails, - assertDetailsNotExist, -} from '../../../../../tasks/rule_details'; -import { login, visitWithoutDateRange } from '../../../../../tasks/login'; - -import { SECURITY_DETECTIONS_RULES_URL } from '../../../../../urls/navigation'; -import { createRule } from '../../../../../tasks/api_calls/rules'; -import { cleanKibana, deleteAlertsAndRules, postDataView } from '../../../../../tasks/common'; - -import { - getEqlRule, - getNewThreatIndicatorRule, - getNewRule, - getNewThresholdRule, - getNewTermsRule, -} from '../../../../../objects/rule'; - -const DATA_VIEW_ID = 'auditbeat'; - -const expectedIndexPatterns = ['index-1-*', 'index-2-*']; - -const expectedNumberOfCustomRulesToBeEdited = 6; - -describe('Bulk editing index patterns of rules with a data view only', () => { - before(() => { - cleanKibana(); - }); - - beforeEach(() => { - deleteAlertsAndRules(); - cy.task('esArchiverResetKibana'); - login(); - - postDataView(DATA_VIEW_ID); - - createRule(getNewRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '1' })); - createRule(getEqlRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '2' })); - createRule( - getNewThreatIndicatorRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '3' }) - ); - createRule(getNewThresholdRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '4' })); - createRule(getNewTermsRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '5' })); - createRule( - getNewRule({ index: undefined, data_view_id: DATA_VIEW_ID, saved_id: 'mocked', rule_id: '6' }) - ); - - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - - waitForRulesTableToBeLoaded(); - }); - - it('Add index patterns to custom rules with configured data view: all rules are skipped', () => { - selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); - - openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(expectedIndexPatterns); - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ - skippedCount: expectedNumberOfCustomRulesToBeEdited, - showDataViewsWarning: true, - }); - - // check if rule still has data view and index patterns field does not exist - goToRuleDetails(); - getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID); - assertDetailsNotExist(INDEX_PATTERNS_DETAILS); - }); - - it('Add index patterns to custom rules with configured data view when data view checkbox is checked: rules are updated', () => { - selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); - - openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(expectedIndexPatterns); - - // click on data view overwrite checkbox, ensure warning is displayed - cy.get(RULES_BULK_EDIT_DATA_VIEWS_WARNING).should('not.exist'); - checkOverwriteDataViewCheckbox(); - cy.get(RULES_BULK_EDIT_DATA_VIEWS_WARNING).should('be.visible'); - - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfCustomRulesToBeEdited }); - - // check if rule has been updated with index patterns and data view does not exist - goToRuleDetails(); - hasIndexPatterns(expectedIndexPatterns.join('')); - assertDetailsNotExist(DATA_VIEW_DETAILS); - }); - - it('Overwrite index patterns in custom rules with configured data view when overwrite data view checkbox is NOT checked:: rules are skipped', () => { - selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); - - openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(expectedIndexPatterns); - checkOverwriteIndexPatternsCheckbox(); - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ - skippedCount: expectedNumberOfCustomRulesToBeEdited, - showDataViewsWarning: true, - }); - - // check if rule still has data view and index patterns field does not exist - goToRuleDetails(); - getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID); - assertDetailsNotExist(INDEX_PATTERNS_DETAILS); - }); - - it('Overwrite index patterns in custom rules with configured data view when overwrite data view checkbox is checked: rules are updated', () => { - selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); - - openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(expectedIndexPatterns); - checkOverwriteIndexPatternsCheckbox(); - checkOverwriteDataViewCheckbox(); - - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfCustomRulesToBeEdited }); - - // check if rule has been overwritten with index patterns and data view does not exist - goToRuleDetails(); - hasIndexPatterns(expectedIndexPatterns.join('')); - assertDetailsNotExist(DATA_VIEW_DETAILS); - }); - - it('Delete index patterns in custom rules with configured data view: rules are skipped', () => { - selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); - - openBulkEditDeleteIndexPatternsForm(); - typeIndexPatterns(expectedIndexPatterns); - - // in delete form data view checkbox is absent - cy.get(RULES_BULK_EDIT_OVERWRITE_DATA_VIEW_CHECKBOX).should('not.exist'); - - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ - skippedCount: expectedNumberOfCustomRulesToBeEdited, - showDataViewsWarning: true, - }); - - // check if rule still has data view and index patterns field does not exist - goToRuleDetails(); - getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID); - }); -}); - -describe('Bulk editing index patterns of rules with index patterns and rules with a data view', () => { - const customRulesNumber = 2; - - before(() => { - cleanKibana(); - }); - - beforeEach(() => { - login(); - deleteAlertsAndRules(); - cy.task('esArchiverResetKibana'); - - postDataView(DATA_VIEW_ID); - - createRule( - getNewRule({ name: 'with dataview', index: [], data_view_id: DATA_VIEW_ID, rule_id: '1' }) - ); - createRule(getNewRule({ name: 'no data view', index: ['test-index-1-*'], rule_id: '2' })); - - visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); - - waitForRulesTableToBeLoaded(); - }); - - it('Add index patterns to custom rules: one rule is updated, one rule is skipped', () => { - selectNumberOfRules(customRulesNumber); - - openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(expectedIndexPatterns); - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ - updatedCount: 1, - skippedCount: 1, - showDataViewsWarning: true, - }); - - // check if rule still has data view and index patterns field does not exist - goToTheRuleDetailsOf('with dataview'); - getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID); - assertDetailsNotExist(INDEX_PATTERNS_DETAILS); - }); - - it('Add index patterns to custom rules when overwrite data view checkbox is checked: all rules are updated', () => { - selectNumberOfRules(customRulesNumber); - - openBulkEditAddIndexPatternsForm(); - typeIndexPatterns(expectedIndexPatterns); - checkOverwriteDataViewCheckbox(); - submitBulkEditForm(); - - waitForBulkEditActionToFinish({ - updatedCount: 2, - }); - - // check if rule still has data view and index patterns field does not exist - goToRuleDetails(); - assertDetailsNotExist(DATA_VIEW_DETAILS); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts deleted file mode 100644 index 7fcf303b96118..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts +++ /dev/null @@ -1,121 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { deleteAlertsAndRules } from '../../../tasks/common'; -import { - expandFirstAlert, - goToClosedAlertsOnRuleDetailsPage, - openAddEndpointExceptionFromAlertActionButton, - openAddEndpointExceptionFromFirstAlert, - waitForAlerts, -} from '../../../tasks/alerts'; -import { login, visitWithoutDateRange } from '../../../tasks/login'; -import { getEndpointRule } from '../../../objects/rule'; -import { goToRuleDetails } from '../../../tasks/alerts_detection_rules'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { - waitForAlertsToPopulate, - waitForTheRuleToBeExecuted, -} from '../../../tasks/create_new_rule'; -import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation'; -import { - addExceptionEntryFieldValueAndSelectSuggestion, - addExceptionEntryFieldValueValue, - addExceptionFlyoutItemName, - editExceptionFlyoutItemName, - selectCloseSingleAlerts, - submitNewExceptionItem, - validateExceptionConditionField, -} from '../../../tasks/exceptions'; -import { ALERTS_COUNT } from '../../../screens/alerts'; -import { - ADD_AND_BTN, - EXCEPTION_CARD_ITEM_CONDITIONS, - EXCEPTION_CARD_ITEM_NAME, - EXCEPTION_ITEM_VIEWER_CONTAINER, -} from '../../../screens/exceptions'; -import { goToEndpointExceptionsTab } from '../../../tasks/rule_details'; - -describe('Endpoint Exceptions workflows from Alert', () => { - const ITEM_NAME = 'Sample Exception List Item'; - const ITEM_NAME_EDIT = 'Sample Exception List Item'; - const ADDITIONAL_ENTRY = 'host.hostname'; - - beforeEach(() => { - cy.task('esArchiverUnload', 'endpoint'); - cy.task('esArchiverResetKibana'); - login(); - deleteAlertsAndRules(); - cy.task('esArchiverLoad', 'endpoint'); - createRule(getEndpointRule()); - visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL); - goToRuleDetails(); - waitForTheRuleToBeExecuted(); - waitForAlertsToPopulate(); - }); - - after(() => { - cy.task('esArchiverUnload', 'endpoint'); - }); - - it('Should be able to create and close single Endpoint exception from overflow menu', () => { - // The Endpoint will populated with predefined fields - openAddEndpointExceptionFromFirstAlert(); - - // As the endpoint.alerts-* is used to trigger the alert the - // file.Ext.code_signature will be auto-populated - validateExceptionConditionField('file.Ext.code_signature'); - - selectCloseSingleAlerts(); - addExceptionFlyoutItemName(ITEM_NAME); - submitNewExceptionItem(); - - // Instead of immediately checking if the Opened Alert has moved to the closed tab, - // use the waitForAlerts method to create a buffer, allowing the alerts some time to - // be moved to the Closed Alert tab. - waitForAlerts(); - - // Closed alert should appear in table - goToClosedAlertsOnRuleDetailsPage(); - cy.get(ALERTS_COUNT).should('exist'); - }); - - it('Should be able to create Endpoint exception from Alerts take action button, and change multiple exception items without resetting to initial auto-prefilled entries', () => { - // Open first Alert Summary - expandFirstAlert(); - - // The Endpoint should populated with predefined fields - openAddEndpointExceptionFromAlertActionButton(); - - // As the endpoint.alerts-* is used to trigger the alert the - // file.Ext.code_signature will be auto-populated - validateExceptionConditionField('file.Ext.code_signature'); - addExceptionFlyoutItemName(ITEM_NAME); - - cy.get(ADD_AND_BTN).click(); - // edit conditions - addExceptionEntryFieldValueAndSelectSuggestion(ADDITIONAL_ENTRY, 6); - addExceptionEntryFieldValueValue('foo', 4); - - // Change the name again - editExceptionFlyoutItemName(ITEM_NAME_EDIT); - - // validate the condition is still "agent.name" or got rest after the name is changed - validateExceptionConditionField(ADDITIONAL_ENTRY); - - selectCloseSingleAlerts(); - submitNewExceptionItem(); - - // Endpoint Exception will move to Endpoint List under Exception tab of rule - goToEndpointExceptionsTab(); - - // new exception item displays - cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); - cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME_EDIT); - cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).contains('span', ADDITIONAL_ENTRY); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts deleted file mode 100644 index 6bbdec283d976..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { LOADING_INDICATOR } from '../../../../screens/security_header'; -import { getEndpointRule } from '../../../../objects/rule'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { goToRuleDetails } from '../../../../tasks/alerts_detection_rules'; -import { - addExceptionFromFirstAlert, - expandFirstAlert, - openAddRuleExceptionFromAlertActionButton, -} from '../../../../tasks/alerts'; -import { - addExceptionEntryFieldValue, - addExceptionEntryFieldValueValue, - addExceptionFlyoutItemName, - submitNewExceptionItem, - validateExceptionConditionField, - validateExceptionCommentCountAndText, - editExceptionFlyoutItemName, - validateHighlightedFieldsPopulatedAsExceptionConditions, - validateEmptyExceptionConditionField, -} from '../../../../tasks/exceptions'; -import { login, visitWithoutDateRange } from '../../../../tasks/login'; -import { goToExceptionsTab } from '../../../../tasks/rule_details'; - -import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../../urls/navigation'; -import { deleteAlertsAndRules } from '../../../../tasks/common'; -import { - ADD_AND_BTN, - ENTRY_DELETE_BTN, - EXCEPTION_CARD_ITEM_CONDITIONS, - EXCEPTION_CARD_ITEM_NAME, - EXCEPTION_ITEM_VIEWER_CONTAINER, -} from '../../../../screens/exceptions'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; - -describe('Auto populate exception with Alert data', () => { - const ITEM_NAME = 'Sample Exception Item'; - const ITEM_NAME_EDIT = 'Sample Exception Item Edit'; - const ADDITIONAL_ENTRY = 'host.hostname'; - - beforeEach(() => { - cy.task('esArchiverUnload', 'endpoint'); - cy.task('esArchiverResetKibana'); - cy.task('esArchiverLoad', 'endpoint'); - login(); - createRule(getEndpointRule()); - visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL); - goToRuleDetails(); - waitForAlertsToPopulate(); - }); - after(() => { - cy.task('esArchiverUnload', 'endpoint'); - deleteAlertsAndRules(); - }); - afterEach(() => { - cy.task('esArchiverUnload', 'endpoint'); - }); - - it('Should create a Rule exception item from alert actions overflow menu and auto populate the conditions using alert Highlighted fields', () => { - cy.get(LOADING_INDICATOR).should('not.exist'); - addExceptionFromFirstAlert(); - - const highlightedFieldsBasedOnAlertDoc = [ - 'host.name', - 'agent.id', - 'user.name', - 'process.executable', - 'file.path', - ]; - - /** - * Validate the highlighted fields are auto populated, these - * fields are based on the alert document that should be generated - * when the endpoint rule runs - */ - validateHighlightedFieldsPopulatedAsExceptionConditions(highlightedFieldsBasedOnAlertDoc); - - /** - * Validate that the comments are opened by default with one comment added - * showing a text contains information about the pre-filled conditions - */ - validateExceptionCommentCountAndText( - 1, - 'Exception conditions are pre-filled with relevant data from an alert with the alert id (_id):' - ); - - addExceptionFlyoutItemName(ITEM_NAME); - submitNewExceptionItem(); - }); - it('Should create a Rule exception from Alerts take action button and change multiple exception items without resetting to initial auto-prefilled entries', () => { - cy.get(LOADING_INDICATOR).should('not.exist'); - - // Open first Alert Summary - expandFirstAlert(); - - // The Rule exception should populated with highlighted fields - openAddRuleExceptionFromAlertActionButton(); - - const highlightedFieldsBasedOnAlertDoc = [ - 'host.name', - 'agent.id', - 'user.name', - 'process.executable', - 'file.path', - ]; - - /** - * Validate the highlighted fields are auto populated, these - * fields are based on the alert document that should be generated - * when the endpoint rule runs - */ - validateHighlightedFieldsPopulatedAsExceptionConditions(highlightedFieldsBasedOnAlertDoc); - - /** - * Validate that the comments are opened by default with one comment added - * showing a text contains information about the pre-filled conditions - */ - validateExceptionCommentCountAndText( - 1, - 'Exception conditions are pre-filled with relevant data from an alert with the alert id (_id):' - ); - - addExceptionFlyoutItemName(ITEM_NAME); - - cy.get(ADD_AND_BTN).click(); - - // edit conditions - addExceptionEntryFieldValue(ADDITIONAL_ENTRY, 5); - addExceptionEntryFieldValueValue('foo', 5); - - // Change the name again - editExceptionFlyoutItemName(ITEM_NAME_EDIT); - - // validate the condition is still 'host.hostname' or got rest after the name is changed - validateExceptionConditionField(ADDITIONAL_ENTRY); - - submitNewExceptionItem(); - - goToExceptionsTab(); - - // new exception item displays - cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); - cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME_EDIT); - cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).contains('span', 'host.hostname'); - }); - it('Should delete all prefilled exception entries when creating a Rule exception from Alerts take action button without resetting to initial auto-prefilled entries', () => { - cy.get(LOADING_INDICATOR).should('not.exist'); - - // Open first Alert Summary - expandFirstAlert(); - - // The Rule exception should populated with highlighted fields - openAddRuleExceptionFromAlertActionButton(); - - const highlightedFieldsBasedOnAlertDoc = [ - 'host.name', - 'agent.id', - 'user.name', - 'process.executable', - 'file.path', - ]; - - /** - * Validate the highlighted fields are auto populated, these - * fields are based on the alert document that should be generated - * when the endpoint rule runs - */ - validateHighlightedFieldsPopulatedAsExceptionConditions(highlightedFieldsBasedOnAlertDoc); - - /** - * Delete all the highlighted fields to see if any condition - * will prefuilled again. - */ - const highlightedFieldsCount = highlightedFieldsBasedOnAlertDoc.length - 1; - highlightedFieldsBasedOnAlertDoc.forEach((_, index) => - cy - .get(ENTRY_DELETE_BTN) - .eq(highlightedFieldsCount - index) - .click() - ); - - /** - * Validate that there are no highlighted fields are auto populated - * after the deletion - */ - validateEmptyExceptionConditionField(); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts deleted file mode 100644 index 963ef64dfc150..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { getNewRule } from '../../../objects/rule'; -import { ALERTS_COUNT, EMPTY_ALERT_TABLE } from '../../../screens/alerts'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { goToRuleDetails } from '../../../tasks/alerts_detection_rules'; -import { - goToClosedAlertsOnRuleDetailsPage, - goToOpenedAlertsOnRuleDetailsPage, -} from '../../../tasks/alerts'; -import { - editException, - editExceptionFlyoutItemName, - submitEditedExceptionItem, -} from '../../../tasks/exceptions'; -import { login, visitWithoutDateRange } from '../../../tasks/login'; -import { - addFirstExceptionFromRuleDetails, - goToAlertsTab, - goToExceptionsTab, - openEditException, - removeException, - waitForTheRuleToBeExecuted, -} from '../../../tasks/rule_details'; - -import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation'; -import { postDataView, deleteAlertsAndRules } from '../../../tasks/common'; -import { - NO_EXCEPTIONS_EXIST_PROMPT, - EXCEPTION_ITEM_VIEWER_CONTAINER, - EXCEPTION_CARD_ITEM_NAME, - EXCEPTION_CARD_ITEM_CONDITIONS, - EXCEPTION_ITEM_CONTAINER, - VALUES_INPUT, - FIELD_INPUT_PARENT, -} from '../../../screens/exceptions'; -import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; - -describe('Add exception using data views from rule details', () => { - const NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS = '1 alert'; - const ITEM_NAME = 'Sample Exception List Item'; - - before(() => { - cy.task('esArchiverResetKibana'); - cy.task('esArchiverLoad', 'exceptions'); - login(); - postDataView('exceptions-*'); - }); - - after(() => { - cy.task('esArchiverUnload', 'exceptions'); - }); - - beforeEach(() => { - deleteAlertsAndRules(); - createRule( - getNewRule({ - query: 'agent.name:*', - data_view_id: 'exceptions-*', - interval: '10s', - rule_id: 'rule_testing', - }) - ); - login(); - visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL); - goToRuleDetails(); - waitForAlertsToPopulate(); - }); - - afterEach(() => { - cy.task('esArchiverUnload', 'exceptions_2'); - }); - - it('Creates an exception item and close all matching alerts', () => { - goToExceptionsTab(); - // when no exceptions exist, empty component shows with action to add exception - cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('exist'); - - // clicks prompt button to add first exception that will also select to close - // all matching alerts - addFirstExceptionFromRuleDetails( - { - field: 'agent.name', - operator: 'is', - values: ['foo'], - }, - ITEM_NAME - ); - - // new exception item displays - cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); - - // Alerts table should now be empty from having added exception and closed - // matching alert - goToAlertsTab(); - cy.get(EMPTY_ALERT_TABLE).should('exist'); - - // Closed alert should appear in table - goToClosedAlertsOnRuleDetailsPage(); - cy.get(ALERTS_COUNT).should('exist'); - cy.get(ALERTS_COUNT).should('have.text', `${NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS}`); - - // Remove the exception and load an event that would have matched that exception - // to show that said exception now starts to show up again - goToExceptionsTab(); - - // when removing exception and again, no more exist, empty screen shows again - removeException(); - cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('exist'); - - // load more docs - cy.task('esArchiverLoad', 'exceptions_2'); - - // now that there are no more exceptions, the docs should match and populate alerts - goToAlertsTab(); - goToOpenedAlertsOnRuleDetailsPage(); - waitForTheRuleToBeExecuted(); - waitForAlertsToPopulate(); - - cy.get(ALERTS_COUNT).should('exist'); - cy.get(ALERTS_COUNT).should('have.text', '2 alerts'); - }); - - it('Edits an exception item', () => { - const NEW_ITEM_NAME = 'Exception item-EDITED'; - const ITEM_FIELD = 'unique_value.test'; - const FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD = 'agent.name'; - - goToExceptionsTab(); - // add item to edit - addFirstExceptionFromRuleDetails( - { - field: ITEM_FIELD, - operator: 'is', - values: ['foo'], - }, - ITEM_NAME - ); - - // displays existing exception items - cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); - cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('not.exist'); - cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME); - cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ' unique_value.testIS foo'); - - // open edit exception modal - openEditException(); - - // edit exception item name - editExceptionFlyoutItemName(NEW_ITEM_NAME); - - // check that the existing item's field is being populated - cy.get(EXCEPTION_ITEM_CONTAINER) - .eq(0) - .find(FIELD_INPUT_PARENT) - .eq(0) - .should('have.text', ITEM_FIELD); - cy.get(VALUES_INPUT).should('have.text', 'foo'); - - // edit conditions - editException(FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD, 0, 0); - - // submit - submitEditedExceptionItem(); - - // new exception item displays - cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); - - // check that updates stuck - cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', NEW_ITEM_NAME); - cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ' agent.nameIS foo'); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts deleted file mode 100644 index 6a0300f270b79..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ -import { getExceptionList, expectedExportedExceptionList } from '../../../../objects/exception'; -import { getNewRule } from '../../../../objects/rule'; - -import { createRule } from '../../../../tasks/api_calls/rules'; -import { login, visitWithoutDateRange, waitForPageWithoutDateRange } from '../../../../tasks/login'; - -import { EXCEPTIONS_URL } from '../../../../urls/navigation'; -import { - deleteExceptionListWithoutRuleReferenceByListId, - deleteExceptionListWithRuleReferenceByListId, - exportExceptionList, - waitForExceptionsTableToBeLoaded, - createSharedExceptionList, - linkRulesToExceptionList, - assertNumberLinkedRules, -} from '../../../../tasks/exceptions_table'; -import { - EXCEPTIONS_LIST_MANAGEMENT_NAME, - EXCEPTIONS_TABLE_SHOWING_LISTS, -} from '../../../../screens/exceptions'; -import { createExceptionList } from '../../../../tasks/api_calls/exceptions'; - -import { TOASTER } from '../../../../screens/alerts_detection_rules'; - -const EXCEPTION_LIST_NAME = 'My test list'; -const EXCEPTION_LIST_TO_DUPLICATE_NAME = 'A test list 2'; - -const getExceptionList1 = () => ({ - ...getExceptionList(), - name: EXCEPTION_LIST_NAME, - list_id: 'exception_list_1', -}); - -const getExceptionList2 = () => ({ - ...getExceptionList(), - name: EXCEPTION_LIST_TO_DUPLICATE_NAME, - list_id: 'exception_list_2', -}); - -describe('Manage lists from "Shared Exception Lists" page', () => { - describe('Create/Export/Delete List', () => { - before(() => { - createRule(getNewRule({ name: 'Another rule' })); - - // Create exception list associated with a rule - createExceptionList(getExceptionList2(), getExceptionList2().list_id).then((response) => - createRule( - getNewRule({ - exceptions_list: [ - { - id: response.body.id, - list_id: getExceptionList2().list_id, - type: getExceptionList2().type, - namespace_type: getExceptionList2().namespace_type, - }, - ], - }) - ) - ); - - // Create exception list not used by any rules - createExceptionList(getExceptionList1(), getExceptionList1().list_id).as( - 'exceptionListResponse' - ); - }); - - beforeEach(() => { - login(); - visitWithoutDateRange(EXCEPTIONS_URL); - waitForExceptionsTableToBeLoaded(); - }); - - it('Export exception list', function () { - cy.intercept(/(\/api\/exception_lists\/_export)/).as('export'); - - exportExceptionList(getExceptionList1().list_id); - - cy.wait('@export').then(({ response }) => { - cy.wrap(response?.body).should( - 'eql', - expectedExportedExceptionList(this.exceptionListResponse) - ); - - cy.get(TOASTER).should( - 'have.text', - `Exception list "${EXCEPTION_LIST_NAME}" exported successfully` - ); - }); - }); - - it('Link rules to shared exception list', function () { - assertNumberLinkedRules(getExceptionList2().list_id, '1'); - linkRulesToExceptionList(getExceptionList2().list_id, 1); - assertNumberLinkedRules(getExceptionList2().list_id, '2'); - }); - - it('Create exception list', function () { - createSharedExceptionList( - { name: 'Newly created list', description: 'This is my list.' }, - true - ); - - // After creation - directed to list detail page - cy.get(EXCEPTIONS_LIST_MANAGEMENT_NAME).should('have.text', 'Newly created list'); - }); - - it('Delete exception list without rule reference', () => { - // Using cy.contains because we do not care about the exact text, - // just checking number of lists shown - cy.contains(EXCEPTIONS_TABLE_SHOWING_LISTS, '4'); - - deleteExceptionListWithoutRuleReferenceByListId(getExceptionList1().list_id); - - // Using cy.contains because we do not care about the exact text, - // just checking number of lists shown - cy.contains(EXCEPTIONS_TABLE_SHOWING_LISTS, '3'); - }); - - it('Deletes exception list with rule reference', () => { - waitForPageWithoutDateRange(EXCEPTIONS_URL); - waitForExceptionsTableToBeLoaded(); - - // Using cy.contains because we do not care about the exact text, - // just checking number of lists shown - cy.contains(EXCEPTIONS_TABLE_SHOWING_LISTS, '3'); - - deleteExceptionListWithRuleReferenceByListId(getExceptionList2().list_id); - - // Using cy.contains because we do not care about the exact text, - // just checking number of lists shown - cy.contains(EXCEPTIONS_TABLE_SHOWING_LISTS, '2'); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_correlations_tab.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_correlations_tab.cy.ts deleted file mode 100644 index 0b02939f5ca4f..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_correlations_tab.cy.ts +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { createRule } from '../../../../tasks/api_calls/rules'; -import { getNewRule } from '../../../../objects/rule'; -import { - CORRELATIONS_ANCESTRY_SECTION, - CORRELATIONS_ANCESTRY_TABLE, - CORRELATIONS_CASES_SECTION, - CORRELATIONS_SESSION_SECTION, - CORRELATIONS_SOURCE_SECTION, - DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_CORRELATIONS_BUTTON, -} from '../../../../screens/expandable_flyout/alert_details_left_panel_correlations_tab'; -import { - DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB, - DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_BUTTON_GROUP, -} from '../../../../screens/expandable_flyout/alert_details_left_panel'; -import { - expandCorrelationsSection, - openCorrelationsTab, -} from '../../../../tasks/expandable_flyout/alert_details_left_panel_correlations_tab'; -import { openInsightsTab } from '../../../../tasks/expandable_flyout/alert_details_left_panel'; -import { expandDocumentDetailsExpandableFlyoutLeftSection } from '../../../../tasks/expandable_flyout/alert_details_right_panel'; -import { - createNewCaseFromExpandableFlyout, - expandFirstAlertExpandableFlyout, -} from '../../../../tasks/expandable_flyout/common'; -import { cleanKibana } from '../../../../tasks/common'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; -import { login, visit } from '../../../../tasks/login'; -import { ALERTS_URL } from '../../../../urls/navigation'; - -describe('Expandable flyout left panel correlations', () => { - beforeEach(() => { - cleanKibana(); - login(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - expandFirstAlertExpandableFlyout(); - expandDocumentDetailsExpandableFlyoutLeftSection(); - createNewCaseFromExpandableFlyout(); - openInsightsTab(); - openCorrelationsTab(); - }); - - it('should render correlations details correctly', () => { - cy.log('link the alert to a new case'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB).scrollIntoView(); - - cy.log('should render the Insights header'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB).should('be.visible').and('have.text', 'Insights'); - - cy.log('should render the inner tab switch'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_BUTTON_GROUP).should('be.visible'); - - cy.log('should render correlations tab activator / button'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_CORRELATIONS_BUTTON) - .should('be.visible') - .and('have.text', 'Correlations'); - - cy.log('should render all the correlations sections'); - - cy.get(CORRELATIONS_ANCESTRY_SECTION) - .should('be.visible') - .and('have.text', '1 alert related by ancestry'); - - cy.get(CORRELATIONS_SOURCE_SECTION) - .should('be.visible') - .and('have.text', '0 alerts related by source event'); - - cy.get(CORRELATIONS_SESSION_SECTION) - .should('be.visible') - .and('have.text', '1 alert related by session'); - - cy.get(CORRELATIONS_CASES_SECTION).should('be.visible').and('have.text', '1 related case'); - - expandCorrelationsSection(CORRELATIONS_ANCESTRY_SECTION); - - cy.get(CORRELATIONS_ANCESTRY_TABLE).should('be.visible'); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel.cy.ts deleted file mode 100644 index a166a72148fd3..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel.cy.ts +++ /dev/null @@ -1,231 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { upperFirst } from 'lodash'; -import { - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_CREATE_BUTTON, - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_DESCRIPTION_INPUT, - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_NAME_INPUT, - EXISTING_CASE_SELECT_BUTTON, - VIEW_CASE_TOASTER_LINK, -} from '../../../../screens/expandable_flyout/common'; -import { - createNewCaseFromCases, - expandFirstAlertExpandableFlyout, - navigateToAlertsPage, - navigateToCasesPage, -} from '../../../../tasks/expandable_flyout/common'; -import { ALERT_CHECKBOX } from '../../../../screens/alerts'; -import { CASE_DETAILS_PAGE_TITLE } from '../../../../screens/case_details'; -import { - DOCUMENT_DETAILS_FLYOUT_COLLAPSE_DETAILS_BUTTON, - DOCUMENT_DETAILS_FLYOUT_EXPAND_DETAILS_BUTTON, - DOCUMENT_DETAILS_FLYOUT_FOOTER, - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_ENDPOINT_EXCEPTION, - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_MARK_AS_ACKNOWLEDGED, - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION, - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION_FLYOUT_CANCEL_BUTTON, - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION_FLYOUT_HEADER, - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_EXISTING_CASE, - DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE, - DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE, - DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE_ENTRY, - DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE_SECTION, - DOCUMENT_DETAILS_FLYOUT_FOOTER_MARK_AS_CLOSED, - DOCUMENT_DETAILS_FLYOUT_FOOTER_RESPOND, - DOCUMENT_DETAILS_FLYOUT_FOOTER_TAKE_ACTION_BUTTON, - DOCUMENT_DETAILS_FLYOUT_HEADER_CHAT_BUTTON, - DOCUMENT_DETAILS_FLYOUT_HEADER_RISK_SCORE, - DOCUMENT_DETAILS_FLYOUT_HEADER_RISK_SCORE_VALUE, - DOCUMENT_DETAILS_FLYOUT_HEADER_SEVERITY, - DOCUMENT_DETAILS_FLYOUT_HEADER_SEVERITY_VALUE, - DOCUMENT_DETAILS_FLYOUT_HEADER_STATUS, - DOCUMENT_DETAILS_FLYOUT_HEADER_TITLE, - DOCUMENT_DETAILS_FLYOUT_JSON_TAB, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB, - DOCUMENT_DETAILS_FLYOUT_TABLE_TAB, -} from '../../../../screens/expandable_flyout/alert_details_right_panel'; -import { - collapseDocumentDetailsExpandableFlyoutLeftSection, - expandDocumentDetailsExpandableFlyoutLeftSection, - openJsonTab, - openTableTab, - openTakeActionButton, - openTakeActionButtonAndSelectItem, - selectTakeActionItem, -} from '../../../../tasks/expandable_flyout/alert_details_right_panel'; -import { cleanKibana } from '../../../../tasks/common'; -import { login, visit } from '../../../../tasks/login'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { getNewRule } from '../../../../objects/rule'; -import { ALERTS_URL } from '../../../../urls/navigation'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; - -describe('Alert details expandable flyout right panel', () => { - const rule = getNewRule(); - - beforeEach(() => { - cleanKibana(); - login(); - createRule(rule); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - }); - - it('should display header and footer basics', () => { - expandFirstAlertExpandableFlyout(); - - cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_TITLE).should('be.visible').and('have.text', rule.name); - - cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_CHAT_BUTTON).should('be.visible'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_STATUS).should('be.visible'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_RISK_SCORE).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_RISK_SCORE_VALUE) - .should('be.visible') - .and('have.text', rule.risk_score); - - cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_SEVERITY).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_SEVERITY_VALUE) - .should('be.visible') - .and('have.text', upperFirst(rule.severity)); - - cy.log('Verify all 3 tabs are visible'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB).should('be.visible').and('have.text', 'Overview'); - cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB).should('be.visible').and('have.text', 'Table'); - cy.get(DOCUMENT_DETAILS_FLYOUT_JSON_TAB).should('be.visible').and('have.text', 'JSON'); - - cy.log('Verify the expand/collapse button is visible and functionality works'); - - expandDocumentDetailsExpandableFlyoutLeftSection(); - cy.get(DOCUMENT_DETAILS_FLYOUT_COLLAPSE_DETAILS_BUTTON) - .should('be.visible') - .and('have.text', 'Collapse details'); - - collapseDocumentDetailsExpandableFlyoutLeftSection(); - cy.get(DOCUMENT_DETAILS_FLYOUT_EXPAND_DETAILS_BUTTON) - .should('be.visible') - .and('have.text', 'Expand details'); - - cy.log('Verify the take action button is visible on all tabs'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_TAKE_ACTION_BUTTON).should('be.visible'); - - openTableTab(); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_TAKE_ACTION_BUTTON).should('be.visible'); - - openJsonTab(); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_TAKE_ACTION_BUTTON).should('be.visible'); - }); - - // TODO this will change when add to existing case is improved - // https://github.com/elastic/security-team/issues/6298 - it('should add to existing case', () => { - navigateToCasesPage(); - createNewCaseFromCases(); - - cy.get(CASE_DETAILS_PAGE_TITLE).should('be.visible').and('have.text', 'case'); - navigateToAlertsPage(); - expandFirstAlertExpandableFlyout(); - openTakeActionButtonAndSelectItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_EXISTING_CASE); - - cy.get(EXISTING_CASE_SELECT_BUTTON).should('be.visible').contains('Select').click(); - cy.get(VIEW_CASE_TOASTER_LINK).should('be.visible').and('contain.text', 'View case'); - }); - - // TODO this will change when add to new case is improved - // https://github.com/elastic/security-team/issues/6298 - it('should add to new case', () => { - expandFirstAlertExpandableFlyout(); - openTakeActionButtonAndSelectItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE); - - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_NAME_INPUT).type('case'); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_DESCRIPTION_INPUT).type( - 'case description' - ); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_CREATE_BUTTON).click(); - - cy.get(VIEW_CASE_TOASTER_LINK).should('be.visible').and('contain.text', 'View case'); - }); - - it('should mark as acknowledged', () => { - cy.get(ALERT_CHECKBOX).should('have.length', 2); - - expandFirstAlertExpandableFlyout(); - openTakeActionButtonAndSelectItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_MARK_AS_ACKNOWLEDGED); - - // TODO figure out how to verify the toasts pops up - // cy.get(KIBANA_TOAST) - // .should('be.visible') - // .and('have.text', 'Successfully marked 1 alert as acknowledged.'); - cy.get(ALERT_CHECKBOX).should('have.length', 1); - }); - - it('should mark as closed', () => { - cy.get(ALERT_CHECKBOX).should('have.length', 2); - - expandFirstAlertExpandableFlyout(); - openTakeActionButtonAndSelectItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_MARK_AS_CLOSED); - - // TODO figure out how to verify the toasts pops up - // cy.get(KIBANA_TOAST).should('be.visible').and('have.text', 'Successfully closed 1 alert.'); - cy.get(ALERT_CHECKBOX).should('have.length', 1); - }); - - // these actions are now grouped together as we're not really testing their functionality but just the existence of the option in the dropdown - it('should test other action within take action dropdown', () => { - expandFirstAlertExpandableFlyout(); - - cy.log('should add endpoint exception'); - - // TODO figure out why this option is disabled in Cypress but not running the app locally - // https://github.com/elastic/security-team/issues/6300 - openTakeActionButton(); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_ENDPOINT_EXCEPTION).should('be.disabled'); - - cy.log('should add rule exception'); - - // TODO this isn't fully testing the add rule exception yet - // https://github.com/elastic/security-team/issues/6301 - selectTakeActionItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION_FLYOUT_HEADER).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION_FLYOUT_CANCEL_BUTTON) - .should('be.visible') - .click(); - - // cy.log('should isolate host'); - - // TODO figure out why isolate host isn't showing up in the dropdown - // https://github.com/elastic/security-team/issues/6302 - // openTakeActionButton(); - // cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ISOLATE_HOST).should('be.visible'); - - cy.log('should respond'); - - // TODO this will change when respond is improved - // https://github.com/elastic/security-team/issues/6303 - openTakeActionButton(); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_RESPOND).should('be.disabled'); - - cy.log('should investigate in timeline'); - - selectTakeActionItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE); - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE_SECTION) - .first() - .within(() => - cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE_ENTRY).should('be.visible') - ); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_overview_tab.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_overview_tab.cy.ts deleted file mode 100644 index ef8884f560dce..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_overview_tab.cy.ts +++ /dev/null @@ -1,351 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { collapseDocumentDetailsExpandableFlyoutLeftSection } from '../../../../tasks/expandable_flyout/alert_details_right_panel'; -import { DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB_CONTENT } from '../../../../screens/expandable_flyout/alert_details_left_panel_investigation_tab'; -import { - createNewCaseFromExpandableFlyout, - expandFirstAlertExpandableFlyout, -} from '../../../../tasks/expandable_flyout/common'; -import { - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ABOUT_SECTION_CONTENT, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ABOUT_SECTION_HEADER, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ANALYZER_PREVIEW_CONTENT, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_DETAILS, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_TITLE, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_OPEN_RULE_PREVIEW_BUTTON, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_DETAILS, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_HEADER_TITLE, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_CONTENT, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_HEADER, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_CONTENT, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_HEADER, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_CONTENT, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_HEADER, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_VALUES, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_CONTENT, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_HEADER, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_VALUES, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_GUIDE_BUTTON, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_SECTION_CONTENT, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_SECTION_HEADER, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_MITRE_ATTACK_DETAILS, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_MITRE_ATTACK_TITLE, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_REASON_DETAILS, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_REASON_TITLE, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_SESSION_PREVIEW_CONTENT, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_FIELD_CELL, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_VALUE_CELL, - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_RESPONSE_SECTION_EMPTY_RESPONSE, -} from '../../../../screens/expandable_flyout/alert_details_right_panel_overview_tab'; -import { - navigateToCorrelationsDetails, - clickInvestigationGuideButton, - navigateToPrevalenceDetails, - toggleOverviewTabAboutSection, - toggleOverviewTabInsightsSection, - toggleOverviewTabInvestigationSection, - toggleOverviewTabResponseSection, - toggleOverviewTabVisualizationsSection, -} from '../../../../tasks/expandable_flyout/alert_details_right_panel_overview_tab'; -import { cleanKibana } from '../../../../tasks/common'; -import { login, visit } from '../../../../tasks/login'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { getNewRule } from '../../../../objects/rule'; -import { ALERTS_URL } from '../../../../urls/navigation'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; -import { - DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT, - DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS, - DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS, -} from '../../../../screens/expandable_flyout/alert_details_left_panel_entities_tab'; - -describe('Alert details expandable flyout right panel overview tab', () => { - const rule = getNewRule(); - - beforeEach(() => { - cleanKibana(); - login(); - createRule(rule); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - expandFirstAlertExpandableFlyout(); - }); - - describe('about section', () => { - it('should display about section', () => { - cy.log('header and content'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ABOUT_SECTION_HEADER) - .should('be.visible') - .and('have.text', 'About'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ABOUT_SECTION_CONTENT).should('be.visible'); - - cy.log('description'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_TITLE) - .should('be.visible') - .and('contain.text', 'Rule description'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_TITLE) - .should('be.visible') - .within(() => { - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_OPEN_RULE_PREVIEW_BUTTON) - .should('be.visible') - .and('have.text', 'Rule summary'); - }); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_DETAILS) - .should('be.visible') - .and('have.text', rule.description); - - cy.log('reason'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_REASON_TITLE) - .should('be.visible') - .and('have.text', 'Alert reason'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_REASON_DETAILS) - .should('be.visible') - .and('contain.text', rule.name); - - cy.log('mitre attack'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_MITRE_ATTACK_TITLE) - .should('be.visible') - // @ts-ignore - .and('contain.text', rule.threat[0].framework); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_MITRE_ATTACK_DETAILS) - .should('be.visible') - // @ts-ignore - .and('contain.text', rule.threat[0].technique[0].name) - // @ts-ignore - .and('contain.text', rule.threat[0].tactic.name); - }); - }); - - describe('visualizations section', () => { - it('should display analyzer and session previews', () => { - toggleOverviewTabAboutSection(); - toggleOverviewTabVisualizationsSection(); - - cy.log('analyzer graph preview'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ANALYZER_PREVIEW_CONTENT).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ANALYZER_PREVIEW_CONTENT).should('be.visible'); - - cy.log('session view preview'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_SESSION_PREVIEW_CONTENT).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_SESSION_PREVIEW_CONTENT).should('be.visible'); - }); - }); - - describe('investigation section', () => { - it('should display investigation section', () => { - toggleOverviewTabAboutSection(); - - cy.log('header and content'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_SECTION_HEADER) - .should('be.visible') - .and('have.text', 'Investigation'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_SECTION_CONTENT).should( - 'be.visible' - ); - - cy.log('investigation guide button'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_GUIDE_BUTTON) - .should('be.visible') - .and('have.text', 'Investigation guide'); - - cy.log('should navigate to left Investigation tab'); - - clickInvestigationGuideButton(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB_CONTENT).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB_CONTENT).should('be.visible'); - - cy.log('highlighted fields'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_HEADER_TITLE) - .should('be.visible') - .and('have.text', 'Highlighted fields'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_DETAILS).should('be.visible'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_FIELD_CELL) - .should('be.visible') - .and('contain.text', 'host.name'); - const hostNameCell = - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_VALUE_CELL('siem-kibana'); - cy.get(hostNameCell).should('be.visible').and('have.text', 'siem-kibana'); - - cy.get(hostNameCell).click(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS).should('be.visible'); - - collapseDocumentDetailsExpandableFlyoutLeftSection(); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_FIELD_CELL) - .should('be.visible') - .and('contain.text', 'user.name'); - const userNameCell = - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_VALUE_CELL('test'); - cy.get(userNameCell).should('be.visible').and('have.text', 'test'); - - cy.get(userNameCell).click(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS).should('be.visible'); - }); - }); - - describe('insights section', () => { - it('should display entities section', () => { - toggleOverviewTabAboutSection(); - toggleOverviewTabInvestigationSection(); - toggleOverviewTabInsightsSection(); - - cy.log('header and content'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_HEADER).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_HEADER) - .should('be.visible') - .and('have.text', 'Entities'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_CONTENT).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_HEADER).should('be.visible'); - - cy.log('should navigate to left panel Entities tab'); - - // TODO: skipping this section as Cypress can't seem to find the element (though it's in the DOM) - // navigateToEntitiesDetails(); - // cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT).should('be.visible'); - }); - - it('should display threat intelligence section', () => { - toggleOverviewTabAboutSection(); - toggleOverviewTabInvestigationSection(); - toggleOverviewTabInsightsSection(); - - cy.log('header and content'); - - cy.get( - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_HEADER - ).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_HEADER) - .should('be.visible') - .and('have.text', 'Threat Intelligence'); - cy.get( - DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_CONTENT - ).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_CONTENT) - .should('be.visible') - .within(() => { - // threat match detected - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_VALUES) - .eq(0) - .should('be.visible') - .and('have.text', '0 threat match detected'); // TODO work on getting proper IoC data to get proper data here - - // field with threat enrichement - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_VALUES) - .eq(1) - .should('be.visible') - .and('have.text', '0 field enriched with threat intelligence'); // TODO work on getting proper IoC data to get proper data here - }); - - cy.log('should navigate to left panel Threat Intelligence tab'); - - // TODO: skipping this section as Cypress can't seem to find the element (though it's in the DOM) - // navigateToThreatIntelligenceDetails(); - // cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT).should('be.visible'); // TODO update when we can navigate to Threat Intelligence sub tab directly - }); - - // TODO: skipping this due to flakiness - it.skip('should display correlations section', () => { - cy.log('link the alert to a new case'); - - createNewCaseFromExpandableFlyout(); - - toggleOverviewTabAboutSection(); - toggleOverviewTabInvestigationSection(); - toggleOverviewTabInsightsSection(); - - cy.log('header and content'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_HEADER).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_HEADER) - .should('be.visible') - .and('have.text', 'Correlations'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_CONTENT).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_CONTENT) - .should('be.visible') - .within(() => { - // TODO the order in which these appear is not deterministic currently, hence this can cause flakiness - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES) - .eq(0) - .should('be.visible') - .and('have.text', '1 alert related by ancestry'); - // cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES) - // .eq(2) - // .should('be.visible') - // .and('have.text', '1 alert related by the same source event'); // TODO work on getting proper data to display some same source data here - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES) - .eq(2) - .should('be.visible') - .and('have.text', '1 alert related by session'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES) - .eq(1) - .should('be.visible') - .and('have.text', '1 related case'); - }); - - cy.log('should navigate to left panel Correlations tab'); - - navigateToCorrelationsDetails(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT).should('be.visible'); // TODO update when we can navigate to Correlations sub tab directly - }); - - // TODO work on getting proper data to make the prevalence section work here - // we need to generate enough data to have at least one field with prevalence - it.skip('should display prevalence section', () => { - toggleOverviewTabAboutSection(); - toggleOverviewTabInvestigationSection(); - toggleOverviewTabInsightsSection(); - - cy.log('header and content'); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_HEADER).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_HEADER) - .should('be.visible') - .and('have.text', 'Prevalence'); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_CONTENT).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_CONTENT) - .should('be.visible') - .within(() => { - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_VALUES) - .should('be.visible') - .and('have.text', 'is uncommon'); - }); - - cy.log('should navigate to left panel Prevalence tab'); - - navigateToPrevalenceDetails(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT).should('be.visible'); // TODO update when we can navigate to Prevalence sub tab directly - }); - }); - - describe('response section', () => { - it('should display empty message', () => { - toggleOverviewTabAboutSection(); - toggleOverviewTabInvestigationSection(); - toggleOverviewTabResponseSection(); - - cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_RESPONSE_SECTION_EMPTY_RESPONSE).should( - 'be.visible' - ); - }); - }); -}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/unsaved_timeline.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/unsaved_timeline.cy.ts deleted file mode 100644 index bc3025914a68a..0000000000000 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/unsaved_timeline.cy.ts +++ /dev/null @@ -1,167 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { Timeline } from '../../../objects/timeline'; -import { - MODAL_CONFIRMATION_BTN, - MODAL_CONFIRMATION_CANCEL_BTN, -} from '../../../screens/alerts_detection_rules'; -import { - ALERTS_PAGE, - APP_LEAVE_CONFIRM_MODAL, - CASES_PAGE, - MANAGE_PAGE, - OBSERVABILITY_ALERTS_PAGE, -} from '../../../screens/kibana_navigation'; -import { TIMELINE_SAVE_MODAL } from '../../../screens/timeline'; -import { cleanKibana } from '../../../tasks/common'; -import { - navigateFromKibanaCollapsibleTo, - openKibanaNavigation, -} from '../../../tasks/kibana_navigation'; -import { login, visit } from '../../../tasks/login'; -import { closeTimelineUsingToggle } from '../../../tasks/security_main'; -import { - addNameAndDescriptionToTimeline, - createNewTimeline, - populateTimeline, - waitForTimelineChanges, -} from '../../../tasks/timeline'; -import { HOSTS_URL, MANAGE_URL } from '../../../urls/navigation'; - -describe('Save Timeline Prompts', () => { - before(() => { - cleanKibana(); - login(); - /* - * When timeline changes are pending, chrome would popup with - * a confirm dialog stating that `you can lose unsaved changed. - * Below changes will disable that. - * - * */ - cy.window().then((win) => { - win.onbeforeunload = null; - }); - }); - - beforeEach(() => { - login(); - visit(HOSTS_URL); - createNewTimeline(); - }); - - it('unchanged & unsaved timeline should NOT prompt when user navigates away', () => { - openKibanaNavigation(); - navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); - cy.url().should('not.contain', HOSTS_URL); - }); - - it('Changed & unsaved timeline should prompt when user navigates away from security solution', () => { - populateTimeline(); - waitForTimelineChanges(); - closeTimelineUsingToggle(); - openKibanaNavigation(); - navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); - cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); - cy.get(MODAL_CONFIRMATION_BTN).click(); - }); - - it('Changed & unsaved timeline should NOT prompt when user navigates away within security solution where timelines are enabled', () => { - populateTimeline(); - - waitForTimelineChanges(); - closeTimelineUsingToggle(); - // navigate to any other page in security solution - openKibanaNavigation(); - cy.get(CASES_PAGE).click(); - cy.get(APP_LEAVE_CONFIRM_MODAL).should('not.exist'); - }); - - it('Changed & unsaved timeline should prompt when user navigates away within security solution where timelines are disbaled eg. admin screen', () => { - populateTimeline(); - waitForTimelineChanges(); - openKibanaNavigation(); - cy.get(MANAGE_PAGE).click(); - cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); - cy.get(MODAL_CONFIRMATION_BTN).click(); - }); - - it('Changed & saved timeline should NOT prompt when user navigates away out of security solution', () => { - populateTimeline(); - waitForTimelineChanges(); - closeTimelineUsingToggle(); - openKibanaNavigation(); - navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); - cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); - cy.get(MODAL_CONFIRMATION_CANCEL_BTN).click(); - addNameAndDescriptionToTimeline( - { - title: 'Some Timeline', - description: 'Some Timeline', - } as Timeline, - true - ); - openKibanaNavigation(); - navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); - cy.url().should('not.contain', HOSTS_URL); - }); - - it('Changed & saved timeline should NOT prompt when user navigates within security solution where timelines are disabled', () => { - populateTimeline(); - waitForTimelineChanges(); - closeTimelineUsingToggle(); - openKibanaNavigation(); - cy.get(MANAGE_PAGE).click(); - cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); - cy.get(MODAL_CONFIRMATION_CANCEL_BTN).click(); - addNameAndDescriptionToTimeline( - { - title: 'Some Timeline', - description: 'Some Timeline', - } as Timeline, - true - ); - openKibanaNavigation(); - cy.get(MANAGE_PAGE).click(); - cy.url().should('not.contain', HOSTS_URL); - }); - - it('When user navigates to the page where timeline is present, Time save modal should not exists.', () => { - populateTimeline(); - waitForTimelineChanges(); - closeTimelineUsingToggle(); - openKibanaNavigation(); - cy.get(MANAGE_PAGE).click(); - cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); - cy.get(MODAL_CONFIRMATION_BTN).click(); - - // Navigate back to HOSTS_URL and ensure that - // timeline save modal is NOT present - - openKibanaNavigation(); - cy.get(ALERTS_PAGE).click(); - cy.get(TIMELINE_SAVE_MODAL).should('not.exist'); - }); - - it('Changed and unsaved timeline should NOT prompt when user navigates from the page where timeline is disabled', () => { - populateTimeline(); - waitForTimelineChanges(); - closeTimelineUsingToggle(); - openKibanaNavigation(); - cy.get(MANAGE_PAGE).click(); - cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); - cy.get(MODAL_CONFIRMATION_BTN).click(); - // now we have come from MANAGE_PAGE where timeline is disabled - // to outside app where timeline is not present. - // There should be NO confirmation model in that case. - openKibanaNavigation(); - navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); - // should not be manage page i.e. successfull navigation - cy.get(TIMELINE_SAVE_MODAL).should('not.exist'); - cy.url().should('not.contain', MANAGE_URL); - }); -}); diff --git a/x-pack/plugins/security_solution/package.json b/x-pack/plugins/security_solution/package.json index 7f7b3e6f746e2..16e511dd1e507 100644 --- a/x-pack/plugins/security_solution/package.json +++ b/x-pack/plugins/security_solution/package.json @@ -10,17 +10,11 @@ "cypress": "../../../node_modules/.bin/cypress", "cypress:burn": "yarn cypress:run:reporter --env burn=2 --concurrency=1 --headed", "cypress:changed-specs-only": "yarn cypress:run:reporter --changed-specs-only --env burn=2", - "cypress:open": "TZ=UTC node ./scripts/start_cypress_parallel open --spec './cypress/e2e/**/*.cy.ts' --config-file ./cypress/cypress.config.ts --ftr-config-file ../../../../../../x-pack/test/security_solution_cypress/cli_config", - "cypress:run": "yarn cypress:run:reporter --spec './cypress/e2e/{,!(investigations,explore)/**/}*.cy.ts'; status=$?; yarn junit:merge && exit $status", - "cypress:run:cases": "yarn cypress:run:reporter --spec './cypress/e2e/explore/cases/*.cy.ts' --ftr-config-file ../../../../../../x-pack/test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", - "cypress:run:reporter": "TZ=UTC node ./scripts/start_cypress_parallel run --browser chrome --config-file ./cypress/cypress_ci.config.ts --ftr-config-file ../../../../../../x-pack/test/security_solution_cypress/cli_config --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json", - "cypress:run:respops": "yarn cypress:run:reporter --spec './cypress/e2e/(detection_alerts|detection_rules|exceptions)/*.cy.ts' --ftr-config-file ../../../../../../x-pack/test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", - "cypress:dw:open": "node ./scripts/start_cypress_parallel open --config-file ./public/management/cypress.config.ts ts --ftr-config-file ../../../../../../x-pack/test/defend_workflows_cypress/cli_config", - "cypress:dw:run": "node ./scripts/start_cypress_parallel run --config-file ./public/management/cypress.config.ts --ftr-config-file ../../../../../../x-pack/test/defend_workflows_cypress/cli_config --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json; status=$?; yarn junit:merge && exit $status", - "cypress:dw:endpoint:run": "node ./scripts/start_cypress_parallel run --config-file ./public/management/cypress_endpoint.config.ts --ftr-config-file ../../../../../../x-pack/test/defend_workflows_cypress/endpoint_config --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json --concurrency 1; status=$?; yarn junit:merge && exit $status", - "cypress:dw:endpoint:open": "node ./scripts/start_cypress_parallel open --config-file ./public/management/cypress_endpoint.config.ts ts --ftr-config-file ../../../../../../x-pack/test/defend_workflows_cypress/endpoint_config", - "cypress:investigations:run": "yarn cypress:run:reporter --spec './cypress/e2e/investigations/**/*.cy.ts' --ftr-config-file ../../../../../../x-pack/test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", - "cypress:explore:run": "yarn cypress:run:reporter --spec './cypress/e2e/explore/**/*.cy.ts' --ftr-config-file ../../../../../../x-pack/test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", + "cypress:run:reporter": "TZ=UTC node ./scripts/start_cypress_parallel run --ftr-config-file ../../test/defend_workflows_cypress/cli_config --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=../../test/security_solution_cypress/cypress/reporter_config.json", + "cypress:dw:open": "node ./scripts/start_cypress_parallel open --config-file ./public/management/cypress.config.ts ts --ftr-config-file ../../test/defend_workflows_cypress/cli_config", + "cypress:dw:run": "node ./scripts/start_cypress_parallel run --config-file ./public/management/cypress.config.ts --ftr-config-file ../../test/defend_workflows_cypress/cli_config --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=../../test/security_solution_cypress/cypress/reporter_config.json; status=$?; yarn junit:merge && exit $status", + "cypress:dw:endpoint:run": "node ./scripts/start_cypress_parallel run --config-file ./public/management/cypress_endpoint.config.ts --ftr-config-file ../../test/defend_workflows_cypress/endpoint_config --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=../../test/security_solution_cypress/cypress/reporter_config.json --concurrency 1; status=$?; yarn junit:merge && exit $status", + "cypress:dw:endpoint:open": "node ./scripts/start_cypress_parallel open --config-file ./public/management/cypress_endpoint.config.ts ts --ftr-config-file ../../test/defend_workflows_cypress/endpoint_config", "junit:merge": "../../../node_modules/.bin/mochawesome-merge ../../../target/kibana-security-solution/cypress/results/mochawesome*.json > ../../../target/kibana-security-solution/cypress/results/output.json && ../../../node_modules/.bin/marge ../../../target/kibana-security-solution/cypress/results/output.json --reportDir ../../../target/kibana-security-solution/cypress/results && yarn junit:transform && mkdir -p ../../../target/junit && cp ../../../target/kibana-security-solution/cypress/results/*.xml ../../../target/junit/", "test:generate": "node scripts/endpoint/resolver_generator", "mappings:generate": "node scripts/mappings/mappings_generator", diff --git a/x-pack/plugins/security_solution/scripts/run_cypress/parallel.ts b/x-pack/plugins/security_solution/scripts/run_cypress/parallel.ts index cf2f3897bd5ab..7ea6be3314be8 100644 --- a/x-pack/plugins/security_solution/scripts/run_cypress/parallel.ts +++ b/x-pack/plugins/security_solution/scripts/run_cypress/parallel.ts @@ -84,8 +84,10 @@ export const cli = () => { ); const isOpen = argv._[0] === 'open'; - const cypressConfigFilePath = require.resolve(`../../${argv.configFile}`) as string; - const cypressConfigFile = await import(require.resolve(`../../${argv.configFile}`)); + const cypressConfigFilePath = require.resolve( + `../../${_.isArray(argv.configFile) ? _.last(argv.configFile) : argv.configFile}` + ) as string; + const cypressConfigFile = await import(cypressConfigFilePath); const spec: string | undefined = argv?.spec as string; let files = retrieveIntegrations(spec ? [spec] : cypressConfigFile?.e2e?.specPattern); @@ -192,7 +194,9 @@ export const cli = () => { const config = await readConfigFile( log, EsVersion.getDefault(), - _.isArray(argv.ftrConfigFile) ? _.last(argv.ftrConfigFile) : argv.ftrConfigFile, + path.resolve( + _.isArray(argv.ftrConfigFile) ? _.last(argv.ftrConfigFile) : argv.ftrConfigFile + ), { servers: { elasticsearch: { diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/error_handler.ts b/x-pack/plugins/security_solution/server/endpoint/routes/error_handler.ts index 9b6de8ac0b6e0..f7ffa856d6f6c 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/error_handler.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/error_handler.ts @@ -8,7 +8,7 @@ import type { IKibanaResponse, KibanaResponseFactory, Logger } from '@kbn/core/server'; import { CustomHttpRequestError } from '../../utils/custom_http_request_error'; import { NotFoundError } from '../errors'; -import { EndpointHostUnEnrolledError } from '../services/metadata'; +import { EndpointHostUnEnrolledError, EndpointHostNotFoundError } from '../services/metadata'; /** * Default Endpoint Routes error handler @@ -21,7 +21,15 @@ export const errorHandler = ( res: KibanaResponseFactory, error: E ): IKibanaResponse => { - logger.error(error); + const shouldLogToDebug = () => { + return error instanceof EndpointHostNotFoundError; + }; + + if (shouldLogToDebug()) { + logger.debug(error.message); + } else { + logger.error(error); + } if (error instanceof CustomHttpRequestError) { return res.customError({ @@ -38,6 +46,10 @@ export const errorHandler = ( return res.badRequest({ body: error }); } + if (error instanceof EndpointHostNotFoundError) { + return res.notFound({ body: error }); + } + // Kibana CORE will take care of `500` errors when the handler `throw`'s, including logging the error throw error; }; diff --git a/x-pack/plugins/security_solution/server/endpoint/services/metadata/endpoint_metadata_service.ts b/x-pack/plugins/security_solution/server/endpoint/services/metadata/endpoint_metadata_service.ts index d5a973593f225..748e2c1058036 100644 --- a/x-pack/plugins/security_solution/server/endpoint/services/metadata/endpoint_metadata_service.ts +++ b/x-pack/plugins/security_solution/server/endpoint/services/metadata/endpoint_metadata_service.ts @@ -170,7 +170,7 @@ export class EndpointMetadataService { fleetAgent = await this.getFleetAgent(fleetServices.agent, fleetAgentId); } catch (error) { if (error instanceof FleetAgentNotFoundError) { - this.logger?.warn(`agent with id ${fleetAgentId} not found`); + this.logger?.debug(`agent with id ${fleetAgentId} not found`); } else { throw error; } diff --git a/x-pack/plugins/threat_intelligence/cypress/tasks/login.ts b/x-pack/plugins/threat_intelligence/cypress/tasks/login.ts index cd60e071b1e00..32188787b9cf2 100644 --- a/x-pack/plugins/threat_intelligence/cypress/tasks/login.ts +++ b/x-pack/plugins/threat_intelligence/cypress/tasks/login.ts @@ -10,12 +10,12 @@ import Url from 'url'; import * as yaml from 'js-yaml'; +import { encode } from '@kbn/rison'; +import { NEW_FEATURES_TOUR_STORAGE_KEYS } from '@kbn/security-solution-plugin/common/constants'; import { LOADING_INDICATOR, LOADING_INDICATOR_HIDDEN, -} from '@kbn/security-solution-plugin/cypress/screens/security_header'; -import { encode } from '@kbn/rison'; -import { NEW_FEATURES_TOUR_STORAGE_KEYS } from '@kbn/security-solution-plugin/common/constants'; +} from '../../../../test/security_solution_cypress/cypress/screens/security_header'; import type { ROLES } from './privileges'; const LOGIN_API_ENDPOINT = '/internal/security/login'; diff --git a/x-pack/plugins/threat_intelligence/package.json b/x-pack/plugins/threat_intelligence/package.json index 32b2d1b415ceb..a887c13c3ba4b 100644 --- a/x-pack/plugins/threat_intelligence/package.json +++ b/x-pack/plugins/threat_intelligence/package.json @@ -5,12 +5,12 @@ "license": "Elastic License 2.0", "scripts": { "cypress": "../../../node_modules/.bin/cypress", - "cypress:open": "TZ=UTC node ../security_solution/scripts/start_cypress_parallel open --spec './cypress/e2e/**/*.cy.ts' --config-file ./cypress/cypress.config.ts --ftr-config-file ../../../../../../x-pack/test/threat_intelligence_cypress/cli_config_parallel", + "cypress:open": "TZ=UTC node ../security_solution/scripts/start_cypress_parallel open --spec './cypress/e2e/**/*.cy.ts' --config-file ../../plugins/threat_intelligence/cypress/cypress.config.ts --ftr-config-file ../../test/threat_intelligence_cypress/cli_config_parallel", "cypress:run": "yarn cypress:run:reporter --browser chrome --spec './cypress/e2e/**/*.cy.ts'; status=$?; yarn junit:merge && exit $status", "cypress:run:spec": "yarn cypress:run:reporter --browser chrome --spec ${SPEC_LIST:-'./cypress/e2e/**/*.cy.ts'}; status=$?; yarn junit:merge && exit $status", - "cypress:run:cases": "yarn cypress:run:reporter --browser chrome --spec './cypress/e2e/cases/*.cy.ts' --ftr-config-file ../../../../../../x-pack/test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", - "cypress:run:reporter": "TZ=UTC node ../security_solution/scripts/start_cypress_parallel run --config-file ./cypress/cypress.config.ts --ftr-config-file ../../../../../../x-pack/test/threat_intelligence_cypress/cli_config_parallel --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json", - "cypress:run:respops": "yarn cypress:run:reporter --browser chrome --spec ./cypress/e2e/detection_alerts/*.cy.ts,./cypress/e2e/detection_rules/*.cy.ts,./cypress/e2e/exceptions/*.cy.ts --ftr-config-file ../../../../../../x-pack/test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", + "cypress:run:cases": "yarn cypress:run:reporter --browser chrome --spec './cypress/e2e/cases/*.cy.ts' --ftr-config-file ../../test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", + "cypress:run:reporter": "TZ=UTC node ../security_solution/scripts/start_cypress_parallel run --config-file ../../plugins/threat_intelligence/cypress/cypress.config.ts --ftr-config-file ../../test/threat_intelligence_cypress/cli_config_parallel --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json", + "cypress:run:respops": "yarn cypress:run:reporter --browser chrome --spec ./cypress/e2e/detection_alerts/*.cy.ts,./cypress/e2e/detection_rules/*.cy.ts,./cypress/e2e/exceptions/*.cy.ts --ftr-config-file ../../x-pack/test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", "junit:merge": "../../../node_modules/.bin/mochawesome-merge ../../../target/kibana-threat-intelligence/cypress/results/mochawesome*.json > ../../../target/kibana-threat-intelligence/cypress/results/output.json && ../../../node_modules/.bin/marge ../../../target/kibana-threat-intelligence/cypress/results/output.json --reportDir ../../../target/kibana-threat-intelligence/cypress/results && mkdir -p ../../../target/junit && cp ../../../target/kibana-threat-intelligence/cypress/results/*.xml ../../../target/junit/" } } diff --git a/x-pack/plugins/uptime/public/legacy_uptime/components/overview/query_bar/use_query_bar.test.tsx b/x-pack/plugins/uptime/public/legacy_uptime/components/overview/query_bar/use_query_bar.test.tsx index 6b04916e4bbda..4a9c459dd36ea 100644 --- a/x-pack/plugins/uptime/public/legacy_uptime/components/overview/query_bar/use_query_bar.test.tsx +++ b/x-pack/plugins/uptime/public/legacy_uptime/components/overview/query_bar/use_query_bar.test.tsx @@ -18,7 +18,7 @@ import { UptimeUrlParams } from '../../../lib/helper/url_params'; const SAMPLE_ES_FILTERS = `{"bool":{"should":[{"match_phrase":{"monitor.id":"NodeServer"}}],"minimum_should_match":1}}`; // FLAKY: https://github.com/elastic/kibana/issues/112677 -describe.skip('useQueryBar', () => { +describe('useQueryBar', () => { let DEFAULT_URL_PARAMS: UptimeUrlParams; let wrapper: any; let useUrlParamsSpy: jest.SpyInstance<[URL.GetUrlParams, URL.UpdateUrlParams]>; diff --git a/x-pack/test/cloud_security_posture_functional/pages/findings_onboarding.ts b/x-pack/test/cloud_security_posture_functional/pages/findings_onboarding.ts index 474ed8d47c2a5..1df0d3ec11c21 100644 --- a/x-pack/test/cloud_security_posture_functional/pages/findings_onboarding.ts +++ b/x-pack/test/cloud_security_posture_functional/pages/findings_onboarding.ts @@ -12,7 +12,8 @@ import { FtrProviderContext } from '../ftr_provider_context'; export default ({ getPageObjects }: FtrProviderContext) => { const PageObjects = getPageObjects(['common', 'findings', 'header']); - describe('Findings Page onboarding', function () { + // Failing: See https://github.com/elastic/kibana/issues/163950 + describe.skip('Findings Page onboarding', function () { this.tags(['cloud_security_posture_findings_onboarding']); let findings: typeof PageObjects.findings; let notInstalledVulnerabilities: typeof findings.notInstalledVulnerabilities; diff --git a/x-pack/test/functional/apps/lens/group4/tsdb.ts b/x-pack/test/functional/apps/lens/group4/tsdb.ts index 3200c7a073dc4..16d1298eab440 100644 --- a/x-pack/test/functional/apps/lens/group4/tsdb.ts +++ b/x-pack/test/functional/apps/lens/group4/tsdb.ts @@ -311,7 +311,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { log.info(`Indexed ${res.items.length} test data docs.`); }; - describe('lens tsdb', function () { + // Failing ES promotion: https://github.com/elastic/kibana/issues/163970 + describe.skip('lens tsdb', function () { const tsdbIndex = 'kibana_sample_data_logstsdb'; const tsdbDataView = tsdbIndex; const tsdbEsArchive = 'test/functional/fixtures/es_archiver/kibana_sample_data_logs_tsdb'; @@ -384,7 +385,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { }); }); - describe('for rolled up metric (downsampled)', () => { + // FAILING ES PROMOTION: https://github.com/elastic/kibana/issues/163971 + describe.skip('for rolled up metric (downsampled)', () => { it('defaults to average for rolled up metric', async () => { await PageObjects.lens.switchDataPanelIndexPattern(downsampleDataView.dataView); await PageObjects.lens.removeLayer(); diff --git a/x-pack/plugins/security_solution/cypress/.eslintrc.json b/x-pack/test/security_solution_cypress/cypress/.eslintrc.json similarity index 100% rename from x-pack/plugins/security_solution/cypress/.eslintrc.json rename to x-pack/test/security_solution_cypress/cypress/.eslintrc.json diff --git a/x-pack/plugins/security_solution/cypress/.gitignore b/x-pack/test/security_solution_cypress/cypress/.gitignore similarity index 100% rename from x-pack/plugins/security_solution/cypress/.gitignore rename to x-pack/test/security_solution_cypress/cypress/.gitignore diff --git a/x-pack/plugins/security_solution/cypress/README.md b/x-pack/test/security_solution_cypress/cypress/README.md similarity index 77% rename from x-pack/plugins/security_solution/cypress/README.md rename to x-pack/test/security_solution_cypress/cypress/README.md index 6b3b641e8e59c..9a8ee567ff9a1 100644 --- a/x-pack/plugins/security_solution/cypress/README.md +++ b/x-pack/test/security_solution_cypress/cypress/README.md @@ -38,21 +38,39 @@ of data for your test, [**Running the tests**](#running-the-tests) to know how t Please, before opening a PR with the new test, please make sure that the test fails. If you never see your test fail you don’t know if your test is actually testing the right thing, or testing anything at all. +Note that we use tags in order to select which tests we want to execute: + +```typescript +export const tag = { + SERVERLESS: '@serverless', + ESS: '@ess', + BROKEN_IN_SERVERLESS: '@brokenInServerless', +}; +``` + +Please, before opening a PR with the new test, make sure that the test fails. If you never see your test fail you don’t know if your test is actually testing the right thing, or testing anything at all. + ## Running the tests ### Run them locally -Run the tests with the following yarn scripts: +When running the tests, FTR is used to spawn both a Kibana instance (http://localhost:5620) and an Elasticsearch instance (http://localhost:9220) with a preloaded minimum set of data (see preceding "Test data" section). + +Run the tests with the following yarn scripts from `x-pack/test/security_solution_cypress`: | Script Name | Description | | ----------- | ----------- | | cypress | Runs the default Cypress command | -| cypress:open | Opens the Cypress UI with all tests in the `e2e` directory. This also runs a local kibana and ES instance. The kibana instance will reload when you make code changes. This is the recommended way to debug and develop tests. |C -| cypress:run | Runs all tests in the `e2e` directory excluding `investigations` and `explore` directories in headless mode | -| cypress:run:cases | Runs all tests under `explore/cases` in the `e2e` directory related to the Cases area team in headless mode | -| cypress:run:reporter | Runs all tests with the specified configuration in headless mode and produces a report using `cypress-multi-reporters` | -| cypress:run:respops | Runs all tests related to the Response Ops area team, specifically tests in `detection_alerts`, `detection_rules`, and `exceptions` directories in headless mode | -| cypress:investigations:run | Runs all tests in the `e2e/investigations` directory in headless mode | -| cypress:explore:run | Runs all tests in the `e2e/explore` directory in headless mode | +| cypress:open:ess | Opens the Cypress UI with all tests in the `e2e` directory. This also runs a local kibana and ES instance. The kibana instance will reload when you make code changes. This is the recommended way to debug and develop tests. | +| cypress:open:serverless | Opens the Cypress UI with all tests in the `e2e` directory. This also runs a mocked serverless environment. The kibana instance will reload when you make code changes. This is the recommended way to debug and develop tests. | +| cypress:run:ess | Runs all tests tagged as ESS placed in the `e2e` directory excluding `investigations` and `explore` directories in headless mode | +| cypress:run:cases:ess | Runs all tests under `explore/cases` in the `e2e` directory related to the Cases area team in headless mode | +| cypress:ess | Runs all ESS tests with the specified configuration in headless mode and produces a report using `cypress-multi-reporters` | +| cypress:run:respops:ess | Runs all tests related to the Response Ops area team, specifically tests in `detection_alerts`, `detection_rules`, and `exceptions` directories in headless mode | +| cypress:run:serverless | Runs all tests tagged as SERVERLESS in the `e2e` directory excluding `investigations` and `explore` directories in headless mode | +| cypress:investigations:run:ess | Runs all tests tagged as ESS in the `e2e/investigations` directory in headless mode | +| cypress:explore:run:ess | Runs all tests tagged as ESS in the `e2e/explore` directory in headless mode | +| cypress:investigations:run:serverless | Runs all tests tagged as SERVERLESS in the `e2e/investigations` directory in headless mode | +| cypress:explore:run:serverless | Runs all tests tagged as SERVERLESS in the `e2e/explore` directory in headless mode | | junit:merge | Merges individual test reports into a single report and moves the report to the `junit` directory | Please note that all the headless mode commands do not open the Cypress UI and are typically used in CI/CD environments. The scripts that open the Cypress UI are useful for development and debugging. @@ -148,7 +166,7 @@ We use es_archiver to manage the data that our Cypress tests need. 1. Set up a clean instance of kibana and elasticsearch (if this is not possible, try to clean/minimize the data that you are going to archive). 2. With the kibana and elasticsearch instance up and running, create the data that you need for your test. -3. When you are sure that you have all the data you need run the following command from: `x-pack/plugins/security_solution` +3. When you are sure that you have all the data you need run the following command from: `x-pack/test/security_solution_cypress` ```sh node ../../../scripts/es_archiver save --dir ../../test/security_solution_cypress/es_archives --config ../../../test/functional/config.base.js --es-url http://:@: @@ -164,7 +182,7 @@ Note that the command will create the folder if it does not exist. ### Using an archive from within the Cypress tests -Task [cypress/support/es_archiver.ts](https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/cypress/support/es_archiver.ts) provides helpers such as `esArchiverLoad` and `esArchiverUnload` by means of `es_archiver`'s CLI. +Task [cypress/support/es_archiver.ts](https://github.com/elastic/kibana/blob/main/x-pack/test/security_solution_cypress/cypress/support/es_archiver.ts) provides helpers such as `esArchiverLoad` and `esArchiverUnload` by means of `es_archiver`'s CLI. ## Development Best Practices diff --git a/x-pack/plugins/security_solution/cypress/cypress.config.ts b/x-pack/test/security_solution_cypress/cypress/cypress.config.ts similarity index 82% rename from x-pack/plugins/security_solution/cypress/cypress.config.ts rename to x-pack/test/security_solution_cypress/cypress/cypress.config.ts index 9dae3a0acf3cf..1d158df535266 100644 --- a/x-pack/plugins/security_solution/cypress/cypress.config.ts +++ b/x-pack/test/security_solution_cypress/cypress/cypress.config.ts @@ -10,6 +10,10 @@ import { esArchiver } from './support/es_archiver'; export default defineCypressConfig({ defaultCommandTimeout: 60000, + env: { + grepFilterSpecs: true, + grepTags: '@ess', + }, execTimeout: 60000, pageLoadTimeout: 60000, responseTimeout: 60000, @@ -25,6 +29,9 @@ export default defineCypressConfig({ experimentalMemoryManagement: true, setupNodeEvents(on, config) { esArchiver(on, config); + // eslint-disable-next-line @typescript-eslint/no-var-requires + require('@cypress/grep/src/plugin')(config); + return config; }, }, }); diff --git a/x-pack/plugins/security_solution/cypress/cypress_ci.config.ts b/x-pack/test/security_solution_cypress/cypress/cypress_ci.config.ts similarity index 83% rename from x-pack/plugins/security_solution/cypress/cypress_ci.config.ts rename to x-pack/test/security_solution_cypress/cypress/cypress_ci.config.ts index c3556b8c1d36c..6927775fcce8a 100644 --- a/x-pack/plugins/security_solution/cypress/cypress_ci.config.ts +++ b/x-pack/test/security_solution_cypress/cypress/cypress_ci.config.ts @@ -11,6 +11,10 @@ import { esArchiver } from './support/es_archiver'; // eslint-disable-next-line import/no-default-export export default defineCypressConfig({ defaultCommandTimeout: 150000, + env: { + grepFilterSpecs: true, + grepTags: '@ess', + }, execTimeout: 150000, pageLoadTimeout: 150000, numTestsKeptInMemory: 0, @@ -29,6 +33,9 @@ export default defineCypressConfig({ specPattern: './cypress/e2e/**/*.cy.ts', setupNodeEvents(on, config) { esArchiver(on, config); + // eslint-disable-next-line @typescript-eslint/no-var-requires + require('@cypress/grep/src/plugin')(config); + return config; }, }, }); diff --git a/x-pack/test/security_solution_cypress/cypress/cypress_ci_serverless.config.ts b/x-pack/test/security_solution_cypress/cypress/cypress_ci_serverless.config.ts new file mode 100644 index 0000000000000..86ab94768f8e2 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/cypress_ci_serverless.config.ts @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { defineCypressConfig } from '@kbn/cypress-config'; +import { esArchiver } from './support/es_archiver'; + +// eslint-disable-next-line import/no-default-export +export default defineCypressConfig({ + defaultCommandTimeout: 150000, + env: { + grepFilterSpecs: true, + grepTags: '@serverless --@brokenInServerless', + }, + execTimeout: 150000, + pageLoadTimeout: 150000, + numTestsKeptInMemory: 0, + retries: { + runMode: 1, + }, + screenshotsFolder: '../../../target/kibana-security-solution/cypress/screenshots', + trashAssetsBeforeRuns: false, + video: false, + videosFolder: '../../../../target/kibana-security-solution/cypress/videos', + viewportHeight: 946, + viewportWidth: 1680, + e2e: { + baseUrl: 'http://localhost:5601', + experimentalMemoryManagement: true, + specPattern: './cypress/e2e/**/*.cy.ts', + setupNodeEvents(on, config) { + esArchiver(on, config); + // eslint-disable-next-line @typescript-eslint/no-var-requires + require('@cypress/grep/src/plugin')(config); + return config; + }, + }, +}); diff --git a/x-pack/test/security_solution_cypress/cypress/cypress_serverless.config.ts b/x-pack/test/security_solution_cypress/cypress/cypress_serverless.config.ts new file mode 100644 index 0000000000000..d0a89bb34a68a --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/cypress_serverless.config.ts @@ -0,0 +1,38 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { defineCypressConfig } from '@kbn/cypress-config'; +import { esArchiver } from './support/es_archiver'; + +// eslint-disable-next-line import/no-default-export +export default defineCypressConfig({ + defaultCommandTimeout: 60000, + execTimeout: 60000, + pageLoadTimeout: 60000, + responseTimeout: 60000, + screenshotsFolder: '../../../target/kibana-security-solution/cypress/screenshots', + trashAssetsBeforeRuns: false, + video: false, + videosFolder: '../../../target/kibana-security-solution/cypress/videos', + viewportHeight: 946, + viewportWidth: 1680, + numTestsKeptInMemory: 10, + env: { + grepFilterSpecs: true, + grepTags: '@serverless --@brokenInServerless', + }, + e2e: { + experimentalRunAllSpecs: true, + experimentalMemoryManagement: true, + setupNodeEvents(on, config) { + esArchiver(on, config); + // eslint-disable-next-line @typescript-eslint/no-var-requires + require('@cypress/grep/src/plugin')(config); + return config; + }, + }, +}); diff --git a/x-pack/plugins/security_solution/cypress/data/detection_engine.ts b/x-pack/test/security_solution_cypress/cypress/data/detection_engine.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/data/detection_engine.ts rename to x-pack/test/security_solution_cypress/cypress/data/detection_engine.ts index d05ca3c1a1542..a465c338156b5 100644 --- a/x-pack/plugins/security_solution/cypress/data/detection_engine.ts +++ b/x-pack/test/security_solution_cypress/cypress/data/detection_engine.ts @@ -24,7 +24,7 @@ import type { RuleName, RuleReferenceArray, RuleTagArray, -} from '../../common/api/detection_engine'; +} from '@kbn/security-solution-plugin/common/api/detection_engine'; interface RuleFields { defaultIndexPatterns: IndexPatternArray; diff --git a/x-pack/plugins/security_solution/cypress/e2e/data_sources/create_runtime_field.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/data_sources/create_runtime_field.cy.ts similarity index 94% rename from x-pack/plugins/security_solution/cypress/e2e/data_sources/create_runtime_field.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/data_sources/create_runtime_field.cy.ts index bc64948a94ded..3f30d0d73d999 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/data_sources/create_runtime_field.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/data_sources/create_runtime_field.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { login, visit } from '../../tasks/login'; import { openTimelineUsingToggle } from '../../tasks/security_main'; import { openTimelineFieldsBrowser, populateTimeline } from '../../tasks/timeline'; @@ -25,7 +27,7 @@ import { GET_TIMELINE_HEADER } from '../../screens/timeline'; const alertRunTimeField = 'field.name.alert.page'; const timelineRuntimeField = 'field.name.timeline'; -describe('Create DataView runtime field', () => { +describe('Create DataView runtime field', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { deleteRuntimeField('security-solution-default', alertRunTimeField); deleteRuntimeField('security-solution-default', timelineRuntimeField); diff --git a/x-pack/plugins/security_solution/cypress/e2e/data_sources/sourcerer.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/data_sources/sourcerer.cy.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/e2e/data_sources/sourcerer.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/data_sources/sourcerer.cy.ts index f758128ae74d4..255e20dda250c 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/data_sources/sourcerer.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/data_sources/sourcerer.cy.ts @@ -5,6 +5,12 @@ * 2.0. */ +import { + DEFAULT_ALERTS_INDEX, + DEFAULT_INDEX_PATTERN, +} from '@kbn/security-solution-plugin/common/constants'; +import { tag } from '../../tags'; + import { login, loginWithUser, visit, visitWithUser } from '../../tasks/login'; import { HOSTS_URL, TIMELINES_URL } from '../../urls/navigation'; @@ -30,7 +36,6 @@ import { postDataView } from '../../tasks/common'; import { openTimelineUsingToggle } from '../../tasks/security_main'; import { createUsersAndRoles, secReadCasesAll, secReadCasesAllUser } from '../../tasks/privileges'; import { TOASTER } from '../../screens/configure_cases'; -import { DEFAULT_ALERTS_INDEX, DEFAULT_INDEX_PATTERN } from '../../../common/constants'; import { SOURCERER } from '../../screens/sourcerer'; import { createTimeline } from '../../tasks/api_calls/timelines'; import { getTimeline, getTimelineModifiedSourcerer } from '../../objects/timeline'; @@ -46,7 +51,7 @@ describe('Sourcerer', () => { cy.task('esArchiverResetKibana'); dataViews.forEach((dataView: string) => postDataView(dataView)); }); - describe('permissions', () => { + describe('permissions', { tags: tag.ESS }, () => { before(() => { createUsersAndRoles(usersToCreate, rolesToCreate); }); @@ -57,7 +62,7 @@ describe('Sourcerer', () => { }); }); - describe('Default scope', () => { + describe('Default scope', { tags: [tag.ESS, tag.SERVERLESS] }, () => { beforeEach(() => { cy.clearLocalStorage(); login(); @@ -117,20 +122,24 @@ describe('Sourcerer', () => { cy.get(SOURCERER.saveButton).should('be.disabled'); }); - it('adds a pattern to the default index and correctly filters out auditbeat-*', () => { - openSourcerer(); - isSourcererSelection(`auditbeat-*`); - isNotSourcererSelection('*beat*'); - addIndexToDefault('*beat*'); - isHostsStatValue('1'); - openSourcerer(); - openAdvancedSettings(); - isSourcererSelection(`auditbeat-*`); - isSourcererSelection('*beat*'); - }); + it( + 'adds a pattern to the default index and correctly filters out auditbeat-*', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + openSourcerer(); + isSourcererSelection(`auditbeat-*`); + isNotSourcererSelection('*beat*'); + addIndexToDefault('*beat*'); + isHostsStatValue('1'); + openSourcerer(); + openAdvancedSettings(); + isSourcererSelection(`auditbeat-*`); + isSourcererSelection('*beat*'); + } + ); }); }); -describe('Timeline scope', () => { +describe('Timeline scope', { tags: tag.BROKEN_IN_SERVERLESS }, () => { beforeEach(() => { cy.clearLocalStorage(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/alert_tags.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/alert_tags.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/detection_alerts/alert_tags.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/alert_tags.cy.ts index b749604ef58e4..940e01b0b9ced 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/alert_tags.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/alert_tags.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { getNewRule } from '../../objects/rule'; import { clickAlertTag, @@ -24,7 +26,7 @@ import { UNSELECTED_ALERT_TAG, } from '../../screens/alerts'; -describe('Alert tagging', () => { +describe('Alert tagging', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverResetKibana'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/alerts_charts.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/alerts_charts.cy.ts similarity index 94% rename from x-pack/plugins/security_solution/cypress/e2e/detection_alerts/alerts_charts.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/alerts_charts.cy.ts index 1b88322326736..e2ce8ab68f4b1 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/alerts_charts.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/alerts_charts.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { getNewRule } from '../../objects/rule'; import { ALERTS_COUNT } from '../../screens/alerts'; import { @@ -24,7 +26,7 @@ import { } from '../../screens/search_bar'; import { TOASTER } from '../../screens/alerts_detection_rules'; -describe('Histogram legend hover actions', () => { +describe('Histogram legend hover actions', { tags: [tag.ESS, tag.SERVERLESS] }, () => { const ruleConfigs = getNewRule(); before(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts new file mode 100644 index 0000000000000..59aa3a5abe793 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts @@ -0,0 +1,199 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../tags'; + +import { DETECTIONS_RULE_MANAGEMENT_URL, ALERTS_URL } from '../../urls/navigation'; +import { getNewRule } from '../../objects/rule'; +import { PAGE_TITLE } from '../../screens/common/page'; + +import { login, visitWithoutDateRange, waitForPageWithoutDateRange } from '../../tasks/login'; +import { goToRuleDetails } from '../../tasks/alerts_detection_rules'; +import { createRule, deleteCustomRule } from '../../tasks/api_calls/rules'; +import { getCallOut, waitForCallOutToBeShown } from '../../tasks/common/callouts'; + +const loadPageAsPlatformEngineerUser = (url: string) => { + login(ROLES.soc_manager); + waitForPageWithoutDateRange(url, ROLES.soc_manager); + waitForPageTitleToBeShown(); +}; + +const waitForPageTitleToBeShown = () => { + cy.get(PAGE_TITLE).should('be.visible'); +}; + +describe( + 'Detections > Need Admin Callouts indicating an admin is needed to migrate the alert data set', + { tags: tag.ESS }, + () => { + const NEED_ADMIN_FOR_UPDATE_CALLOUT = 'need-admin-for-update-rules'; + + before(() => { + // First, we have to open the app on behalf of a privileged user in order to initialize it. + // Otherwise the app will be disabled and show a "welcome"-like page. + login(); + visitWithoutDateRange(ALERTS_URL); + waitForPageTitleToBeShown(); + }); + + context( + 'The users index_mapping_outdated is "true" and their admin callouts should show up', + () => { + beforeEach(() => { + // Index mapping outdated is forced to return true as being outdated so that we get the + // need admin callouts being shown. + cy.intercept('GET', '/api/detection_engine/index', (req) => { + req.reply((res) => { + res.send(200, { + index_mapping_outdated: true, + name: '.alerts-security.alerts-default', + }); + }); + }); + }); + + context('On Detections home page', () => { + beforeEach(() => { + loadPageAsPlatformEngineerUser(ALERTS_URL); + }); + + it('We show the need admin primary callout', () => { + waitForCallOutToBeShown(NEED_ADMIN_FOR_UPDATE_CALLOUT, 'primary'); + }); + }); + + context('On Rules Management page', () => { + beforeEach(() => { + loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); + }); + + it('We show 1 primary callout of need admin', () => { + waitForCallOutToBeShown(NEED_ADMIN_FOR_UPDATE_CALLOUT, 'primary'); + }); + }); + + context('On Rule Details page', () => { + beforeEach(() => { + createRule(getNewRule({ rule_id: 'rule_testing' })); + loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); + waitForPageTitleToBeShown(); + goToRuleDetails(); + }); + + afterEach(() => { + deleteCustomRule(); + }); + + it('We show 1 primary callout', () => { + waitForCallOutToBeShown(NEED_ADMIN_FOR_UPDATE_CALLOUT, 'primary'); + }); + }); + } + ); + + context( + 'The users index_mapping_outdated is "false" and their admin callouts should not show up ', + () => { + beforeEach(() => { + // Index mapping outdated is forced to return true as being outdated so that we get the + // need admin callouts being shown. + cy.intercept('GET', '/api/detection_engine/index', { + index_mapping_outdated: false, + name: '.alerts-security.alerts-default', + }); + }); + context('On Detections home page', () => { + beforeEach(() => { + loadPageAsPlatformEngineerUser(ALERTS_URL); + }); + + it('We show the need admin primary callout', () => { + getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); + }); + }); + + context('On Rules Management page', () => { + beforeEach(() => { + loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); + }); + + it('We show 1 primary callout of need admin', () => { + getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); + }); + }); + + context('On Rule Details page', () => { + beforeEach(() => { + createRule(getNewRule({ rule_id: 'rule_testing' })); + loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); + waitForPageTitleToBeShown(); + goToRuleDetails(); + }); + + afterEach(() => { + deleteCustomRule(); + }); + + it('We show 1 primary callout', () => { + getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); + }); + }); + } + ); + + context( + 'The users index_mapping_outdated is "null" and their admin callouts should not show up ', + () => { + beforeEach(() => { + // Index mapping outdated is forced to return true as being outdated so that we get the + // need admin callouts being shown. + cy.intercept('GET', '/api/detection_engine/index', { + index_mapping_outdated: null, + name: '.alerts-security.alerts-default', + }); + }); + context('On Detections home page', () => { + beforeEach(() => { + loadPageAsPlatformEngineerUser(ALERTS_URL); + }); + + it('We show the need admin primary callout', () => { + getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); + }); + }); + + context('On Rules Management page', () => { + beforeEach(() => { + loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); + }); + + it('We show 1 primary callout of need admin', () => { + getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); + }); + }); + + context('On Rule Details page', () => { + beforeEach(() => { + createRule(getNewRule({ rule_id: 'rule_testing' })); + loadPageAsPlatformEngineerUser(DETECTIONS_RULE_MANAGEMENT_URL); + waitForPageTitleToBeShown(); + goToRuleDetails(); + }); + + afterEach(() => { + deleteCustomRule(); + }); + + it('We show 1 primary callout', () => { + getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); + }); + }); + } + ); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/cti_enrichments.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/cti_enrichments.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/detection_alerts/cti_enrichments.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/cti_enrichments.cy.ts index 0a626f2fff8d4..35a328cb7aabe 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/cti_enrichments.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/cti_enrichments.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { disableExpandableFlyout } from '../../tasks/api_calls/kibana_advanced_settings'; import { getNewThreatIndicatorRule, indicatorRuleMatchingDoc } from '../../objects/rule'; import { cleanKibana } from '../../tasks/common'; @@ -28,7 +30,7 @@ import { openJsonView, openThreatIndicatorDetails } from '../../tasks/alerts_det import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../urls/navigation'; import { addsFieldsToTimeline } from '../../tasks/rule_details'; -describe('CTI Enrichment', () => { +describe('CTI Enrichment', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverLoad', 'threat_indicator'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/enrichments.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/enrichments.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/detection_alerts/enrichments.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/enrichments.cy.ts index 95481b23174f1..07a5ceb837c48 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/enrichments.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/enrichments.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { getNewRule } from '../../objects/rule'; import { HOST_RISK_HEADER_COLIMN, @@ -30,7 +32,7 @@ import { login, visit } from '../../tasks/login'; import { ALERTS_URL } from '../../urls/navigation'; -describe('Enrichment', () => { +describe('Enrichment', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverLoad', 'risk_users'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/missing_privileges_callout.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/missing_privileges_callout.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/detection_alerts/missing_privileges_callout.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/missing_privileges_callout.cy.ts index 21b125336e7c6..4ca60eebad297 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/missing_privileges_callout.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/missing_privileges_callout.cy.ts @@ -5,7 +5,9 @@ * 2.0. */ -import { ROLES } from '../../../common/test'; +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../tags'; + import { DETECTIONS_RULE_MANAGEMENT_URL, ALERTS_URL } from '../../urls/navigation'; import { getNewRule } from '../../objects/rule'; import { PAGE_TITLE } from '../../screens/common/page'; @@ -36,7 +38,7 @@ const waitForPageTitleToBeShown = () => { cy.get(PAGE_TITLE).should('be.visible'); }; -describe('Detections > Callouts', () => { +describe('Detections > Callouts', { tags: tag.ESS }, () => { const MISSING_PRIVILEGES_CALLOUT = 'missing-user-privileges'; before(() => { diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/ransomware_detection.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/ransomware_detection.cy.ts similarity index 94% rename from x-pack/plugins/security_solution/cypress/e2e/detection_alerts/ransomware_detection.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/ransomware_detection.cy.ts index 1f9dd2fe5cc47..5d2b91416e85c 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/ransomware_detection.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/ransomware_detection.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { waitForAlertsToPopulate } from '../../tasks/create_new_rule'; import { login, visit } from '../../tasks/login'; @@ -14,7 +16,7 @@ import { TIMELINE_QUERY, TIMELINE_VIEW_IN_ANALYZER } from '../../screens/timelin import { selectAlertsHistogram } from '../../tasks/alerts'; import { createTimeline } from '../../tasks/timelines'; -describe('Ransomware Detection Alerts', () => { +describe('Ransomware Detection Alerts', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cy.task('esArchiverLoad', 'ransomware_detection'); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/ransomware_prevention.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/ransomware_prevention.cy.ts similarity index 94% rename from x-pack/plugins/security_solution/cypress/e2e/detection_alerts/ransomware_prevention.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/ransomware_prevention.cy.ts index bd3e36f962d00..d289e9061db80 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_alerts/ransomware_prevention.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/ransomware_prevention.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { waitForAlertsToPopulate } from '../../tasks/create_new_rule'; import { login, visit } from '../../tasks/login'; @@ -14,7 +16,7 @@ import { TIMELINE_QUERY, TIMELINE_VIEW_IN_ANALYZER } from '../../screens/timelin import { selectAlertsHistogram } from '../../tasks/alerts'; import { createTimeline } from '../../tasks/timelines'; -describe('Ransomware Prevention Alerts', () => { +describe('Ransomware Prevention Alerts', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cy.task('esArchiverLoad', 'ransomware_prevention'); }); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_authorization.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_authorization.cy.ts new file mode 100644 index 0000000000000..8f97d240488e5 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_authorization.cy.ts @@ -0,0 +1,133 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { + APP_PATH, + RULES_ADD_PATH, + RULES_UPDATES, +} from '@kbn/security-solution-plugin/common/constants'; +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../../tags'; + +import { createRuleAssetSavedObject } from '../../../helpers/rules'; +import { waitForRulesTableToBeLoaded } from '../../../tasks/alerts_detection_rules'; +import { createAndInstallMockedPrebuiltRules } from '../../../tasks/api_calls/prebuilt_rules'; +import { resetRulesTableState, deleteAlertsAndRules } from '../../../tasks/common'; +import { login, waitForPageWithoutDateRange } from '../../../tasks/login'; +import { SECURITY_DETECTIONS_RULES_URL } from '../../../urls/navigation'; +import { + ADD_ELASTIC_RULES_BTN, + getInstallSingleRuleButtonByRuleId, + getUpgradeSingleRuleButtonByRuleId, + INSTALL_ALL_RULES_BUTTON, + RULES_UPDATES_TAB, + RULE_CHECKBOX, + UPGRADE_ALL_RULES_BUTTON, +} from '../../../screens/alerts_detection_rules'; + +const RULE_1_ID = 'rule_1'; +const RULE_2_ID = 'rule_2'; +const OUTDATED_RULE_1 = createRuleAssetSavedObject({ + name: 'Outdated rule 1', + rule_id: RULE_1_ID, + version: 1, +}); +const UPDATED_RULE_1 = createRuleAssetSavedObject({ + name: 'Updated rule 1', + rule_id: RULE_1_ID, + version: 2, +}); +const OUTDATED_RULE_2 = createRuleAssetSavedObject({ + name: 'Outdated rule 2', + rule_id: RULE_2_ID, + version: 1, +}); +const UPDATED_RULE_2 = createRuleAssetSavedObject({ + name: 'Updated rule 2', + rule_id: RULE_2_ID, + version: 2, +}); + +const loadPageAsReadOnlyUser = (url: string) => { + login(ROLES.reader); + waitForPageWithoutDateRange(url, ROLES.reader); +}; + +describe( + 'Detection rules, Prebuilt Rules Installation and Update - Authorization/RBAC', + { tags: tag.ESS }, + () => { + beforeEach(() => { + login(); + resetRulesTableState(); + deleteAlertsAndRules(); + cy.task('esArchiverResetKibana'); + waitForRulesTableToBeLoaded(); + createAndInstallMockedPrebuiltRules({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); + }); + + describe('User with read privileges on Security Solution', () => { + const RULE_1 = createRuleAssetSavedObject({ + name: 'Test rule 1', + rule_id: 'rule_1', + }); + const RULE_2 = createRuleAssetSavedObject({ + name: 'Test rule 2', + rule_id: 'rule_2', + }); + beforeEach(() => { + // Now login with read-only user in preparation for test + createAndInstallMockedPrebuiltRules({ rules: [RULE_1, RULE_2], installToKibana: false }); + loadPageAsReadOnlyUser(SECURITY_DETECTIONS_RULES_URL); + waitForRulesTableToBeLoaded(); + }); + + it('should not be able to install prebuilt rules', () => { + // Check that Add Elastic Rules button is disabled + cy.get(ADD_ELASTIC_RULES_BTN).should('be.disabled'); + + // Navigate to Add Elastic Rules page anyways via URL + // and assert that rules cannot be selected and all + // installation buttons are disabled + cy.visit(`${APP_PATH}${RULES_ADD_PATH}`); + cy.get(INSTALL_ALL_RULES_BUTTON).should('be.disabled'); + cy.get(getInstallSingleRuleButtonByRuleId(RULE_1['security-rule'].rule_id)).should( + 'not.exist' + ); + cy.get(RULE_CHECKBOX).should('not.exist'); + }); + }); + + describe('User with read privileges on Security Solution', () => { + beforeEach(() => { + /* Create a second version of the rule, making it available for update */ + createAndInstallMockedPrebuiltRules({ + rules: [UPDATED_RULE_1, UPDATED_RULE_2], + installToKibana: false, + }); + // Now login with read-only user in preparation for test + loadPageAsReadOnlyUser(SECURITY_DETECTIONS_RULES_URL); + waitForRulesTableToBeLoaded(); + }); + + it('should not be able to upgrade prebuilt rules', () => { + // Check that Rule Update tab is not shown + cy.get(RULES_UPDATES_TAB).should('not.exist'); + + // Navigate to Rule Update tab anyways via URL + // and assert that rules cannot be selected and all + // upgrade buttons are disabled + cy.visit(`${APP_PATH}${RULES_UPDATES}`); + cy.get(UPGRADE_ALL_RULES_BUTTON).should('be.disabled'); + cy.get(getUpgradeSingleRuleButtonByRuleId(OUTDATED_RULE_1['security-rule'].rule_id)).should( + 'not.exist' + ); + cy.get(RULE_CHECKBOX).should('not.exist'); + }); + }); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_error_handling.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_error_handling.cy.ts new file mode 100644 index 0000000000000..a5be1d78c537a --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_error_handling.cy.ts @@ -0,0 +1,151 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { tag } from '../../../tags'; + +import { createRuleAssetSavedObject } from '../../../helpers/rules'; +import { waitForRulesTableToBeLoaded } from '../../../tasks/alerts_detection_rules'; +import { createAndInstallMockedPrebuiltRules } from '../../../tasks/api_calls/prebuilt_rules'; +import { resetRulesTableState, deleteAlertsAndRules, reload } from '../../../tasks/common'; +import { login, visitWithoutDateRange } from '../../../tasks/login'; +import { SECURITY_DETECTIONS_RULES_URL } from '../../../urls/navigation'; +import { + addElasticRulesButtonClick, + assertRuleAvailableForInstallAndInstallOne, + assertRuleAvailableForInstallAndInstallSelected, + assertRuleAvailableForInstallAndInstallAllInPage, + assertRuleAvailableForInstallAndInstallAll, + assertRuleUpgradeAvailableAndUpgradeOne, + assertRuleUpgradeAvailableAndUpgradeSelected, + assertRuleUpgradeAvailableAndUpgradeAllInPage, + assertRuleUpgradeAvailableAndUpgradeAll, + ruleUpdatesTabClick, +} from '../../../tasks/prebuilt_rules'; + +describe( + 'Detection rules, Prebuilt Rules Installation and Update - Error handling', + { tags: tag.ESS }, + () => { + beforeEach(() => { + login(); + resetRulesTableState(); + deleteAlertsAndRules(); + cy.task('esArchiverResetKibana'); + + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + }); + + describe('Installation of prebuilt rules - Should fail gracefully with toast error message when', () => { + const RULE_1 = createRuleAssetSavedObject({ + name: 'Test rule 1', + rule_id: 'rule_1', + }); + const RULE_2 = createRuleAssetSavedObject({ + name: 'Test rule 2', + rule_id: 'rule_2', + }); + beforeEach(() => { + createAndInstallMockedPrebuiltRules({ rules: [RULE_1, RULE_2], installToKibana: false }); + waitForRulesTableToBeLoaded(); + }); + + it('installing prebuilt rules one by one', () => { + addElasticRulesButtonClick(); + assertRuleAvailableForInstallAndInstallOne({ rules: [RULE_1], didRequestFail: true }); + }); + + it('installing multiple selected prebuilt rules by selecting them individually', () => { + addElasticRulesButtonClick(); + assertRuleAvailableForInstallAndInstallSelected({ + rules: [RULE_1, RULE_2], + didRequestFail: true, + }); + }); + + it('installing multiple selected prebuilt rules by selecting all in page', () => { + addElasticRulesButtonClick(); + assertRuleAvailableForInstallAndInstallAllInPage({ + rules: [RULE_1, RULE_2], + didRequestFail: true, + }); + }); + + it('installing all available rules at once', () => { + addElasticRulesButtonClick(); + assertRuleAvailableForInstallAndInstallAll({ + rules: [RULE_1, RULE_2], + didRequestFail: true, + }); + }); + }); + + describe('Update of prebuilt rules - Should fail gracefully with toast error message when', () => { + const RULE_1_ID = 'rule_1'; + const RULE_2_ID = 'rule_2'; + const OUTDATED_RULE_1 = createRuleAssetSavedObject({ + name: 'Outdated rule 1', + rule_id: RULE_1_ID, + version: 1, + }); + const UPDATED_RULE_1 = createRuleAssetSavedObject({ + name: 'Updated rule 1', + rule_id: RULE_1_ID, + version: 2, + }); + const OUTDATED_RULE_2 = createRuleAssetSavedObject({ + name: 'Outdated rule 2', + rule_id: RULE_2_ID, + version: 1, + }); + const UPDATED_RULE_2 = createRuleAssetSavedObject({ + name: 'Updated rule 2', + rule_id: RULE_2_ID, + version: 2, + }); + beforeEach(() => { + /* Create a new rule and install it */ + createAndInstallMockedPrebuiltRules({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); + /* Create a second version of the rule, making it available for update */ + createAndInstallMockedPrebuiltRules({ + rules: [UPDATED_RULE_1, UPDATED_RULE_2], + installToKibana: false, + }); + waitForRulesTableToBeLoaded(); + reload(); + }); + + it('upgrading prebuilt rules one by one', () => { + ruleUpdatesTabClick(); + assertRuleUpgradeAvailableAndUpgradeOne({ rules: [OUTDATED_RULE_1], didRequestFail: true }); + }); + + it('upgrading multiple selected prebuilt rules by selecting them individually', () => { + ruleUpdatesTabClick(); + assertRuleUpgradeAvailableAndUpgradeSelected({ + rules: [OUTDATED_RULE_1, OUTDATED_RULE_2], + didRequestFail: true, + }); + }); + + it('upgrading multiple selected prebuilt rules by selecting all in page', () => { + ruleUpdatesTabClick(); + assertRuleUpgradeAvailableAndUpgradeAllInPage({ + rules: [OUTDATED_RULE_1, OUTDATED_RULE_2], + didRequestFail: true, + }); + }); + + it('upgrading all rules with available upgrades at once', () => { + ruleUpdatesTabClick(); + assertRuleUpgradeAvailableAndUpgradeAll({ + rules: [OUTDATED_RULE_1, OUTDATED_RULE_2], + didRequestFail: true, + }); + }); + }); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_workflows.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_workflows.cy.ts new file mode 100644 index 0000000000000..8863dbf2f1239 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_install_update_workflows.cy.ts @@ -0,0 +1,270 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { BulkInstallPackageInfo } from '@kbn/fleet-plugin/common'; +import type { Rule } from '@kbn/security-solution-plugin/public/detection_engine/rule_management/logic/types'; +import { tag } from '../../../tags'; +import { createRuleAssetSavedObject } from '../../../helpers/rules'; +import { + GO_BACK_TO_RULES_TABLE_BUTTON, + INSTALL_ALL_RULES_BUTTON, + INSTALL_SELECTED_RULES_BUTTON, + NO_RULES_AVAILABLE_FOR_INSTALL_MESSSAGE, + NO_RULES_AVAILABLE_FOR_UPGRADE_MESSSAGE, + RULES_UPDATES_TAB, + RULE_CHECKBOX, + SELECT_ALL_RULES_ON_PAGE_CHECKBOX, + TOASTER, +} from '../../../screens/alerts_detection_rules'; +import { waitForRulesTableToBeLoaded } from '../../../tasks/alerts_detection_rules'; +import { + getRuleAssets, + createAndInstallMockedPrebuiltRules, +} from '../../../tasks/api_calls/prebuilt_rules'; +import { resetRulesTableState, deleteAlertsAndRules, reload } from '../../../tasks/common'; +import { login, visitWithoutDateRange } from '../../../tasks/login'; +import { SECURITY_DETECTIONS_RULES_URL } from '../../../urls/navigation'; +import { + addElasticRulesButtonClick, + assertRuleAvailableForInstallAndInstallOne, + assertRuleAvailableForInstallAndInstallSelected, + assertRuleAvailableForInstallAndInstallAllInPage, + assertRuleAvailableForInstallAndInstallAll, + assertRuleUpgradeAvailableAndUpgradeOne, + assertRuleUpgradeAvailableAndUpgradeSelected, + assertRuleUpgradeAvailableAndUpgradeAllInPage, + assertRuleUpgradeAvailableAndUpgradeAll, + ruleUpdatesTabClick, +} from '../../../tasks/prebuilt_rules'; + +describe( + 'Detection rules, Prebuilt Rules Installation and Update workflow', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + login(); + resetRulesTableState(); + deleteAlertsAndRules(); + cy.task('esArchiverResetKibana'); + + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + }); + + describe('Installation of prebuilt rules package via Fleet', () => { + beforeEach(() => { + cy.intercept('POST', '/api/fleet/epm/packages/_bulk*').as('installPackageBulk'); + cy.intercept('POST', '/api/fleet/epm/packages/security_detection_engine/*').as( + 'installPackage' + ); + waitForRulesTableToBeLoaded(); + }); + + it('should install package from Fleet in the background', () => { + /* Assert that the package in installed from Fleet */ + cy.wait('@installPackageBulk', { + timeout: 60000, + }).then(({ response: bulkResponse }) => { + cy.wrap(bulkResponse?.statusCode).should('eql', 200); + + const packages = bulkResponse?.body.items.map( + ({ name, result }: BulkInstallPackageInfo) => ({ + name, + }) + ); + + const packagesBulkInstalled = packages.map(({ name }: { name: string }) => name); + + // Under normal flow the package is installed via the Fleet bulk install API. + // However, for testing purposes the package can be installed via the Fleet individual install API, + // so we need to intercept and wait for that request as well. + if (!packagesBulkInstalled.includes('security_detection_engine')) { + // Should happen only during testing when the `xpack.securitySolution.prebuiltRulesPackageVersion` flag is set + cy.wait('@installPackage').then(({ response }) => { + cy.wrap(response?.statusCode).should('eql', 200); + cy.wrap(response?.body) + .should('have.property', 'items') + .should('have.length.greaterThan', 0); + }); + } else { + // Normal flow, install via the Fleet bulk install API + expect(packages.length).to.have.greaterThan(0); + // At least one of the packages installed should be the security_detection_engine package + expect(packages).to.satisfy((pckgs: BulkInstallPackageInfo[]) => + pckgs.some((pkg) => pkg.name === 'security_detection_engine') + ); + } + }); + }); + + it('should install rules from the Fleet package when user clicks on CTA', () => { + const getRulesAndAssertNumberInstalled = () => { + getRuleAssets().then((response) => { + const ruleIds = response.body.hits.hits.map( + (hit: { _source: { ['security-rule']: Rule } }) => + hit._source['security-rule'].rule_id + ); + + const numberOfRulesToInstall = new Set(ruleIds).size; + addElasticRulesButtonClick(); + + cy.get(INSTALL_ALL_RULES_BUTTON).should('be.enabled').click(); + cy.get(TOASTER) + .should('be.visible') + .should('have.text', `${numberOfRulesToInstall} rules installed successfully.`); + }); + }; + /* Retrieve how many rules were installed from the Fleet package */ + /* See comments in test above for more details */ + cy.wait('@installPackageBulk', { + timeout: 60000, + }).then(({ response: bulkResponse }) => { + cy.wrap(bulkResponse?.statusCode).should('eql', 200); + + const packagesBulkInstalled = bulkResponse?.body.items.map( + ({ name }: { name: string }) => name + ); + + if (!packagesBulkInstalled.includes('security_detection_engine')) { + cy.wait('@installPackage').then(() => { + getRulesAndAssertNumberInstalled(); + }); + } else { + getRulesAndAssertNumberInstalled(); + } + }); + }); + }); + + describe('Installation of prebuilt rules', () => { + const RULE_1 = createRuleAssetSavedObject({ + name: 'Test rule 1', + rule_id: 'rule_1', + }); + const RULE_2 = createRuleAssetSavedObject({ + name: 'Test rule 2', + rule_id: 'rule_2', + }); + beforeEach(() => { + createAndInstallMockedPrebuiltRules({ rules: [RULE_1, RULE_2], installToKibana: false }); + waitForRulesTableToBeLoaded(); + cy.intercept('POST', '/internal/detection_engine/prebuilt_rules/installation/_perform').as( + 'installPrebuiltRules' + ); + }); + + it('should install prebuilt rules one by one', () => { + addElasticRulesButtonClick(); + assertRuleAvailableForInstallAndInstallOne({ rules: [RULE_1] }); + }); + + it('should install multiple selected prebuilt rules by selecting them individually', () => { + addElasticRulesButtonClick(); + assertRuleAvailableForInstallAndInstallSelected({ rules: [RULE_1, RULE_2] }); + }); + + it('should install multiple selected prebuilt rules by selecting all in page', () => { + addElasticRulesButtonClick(); + assertRuleAvailableForInstallAndInstallAllInPage({ rules: [RULE_1, RULE_2] }); + }); + + it('should install all available rules at once', () => { + addElasticRulesButtonClick(); + assertRuleAvailableForInstallAndInstallAll({ rules: [RULE_1, RULE_2] }); + }); + + it('should display an empty screen when all available prebuilt rules have been installed', () => { + addElasticRulesButtonClick(); + cy.get(INSTALL_ALL_RULES_BUTTON).click(); + cy.get(TOASTER).should('be.visible').should('have.text', `2 rules installed successfully.`); + cy.get(RULE_CHECKBOX).should('not.exist'); + cy.get(NO_RULES_AVAILABLE_FOR_INSTALL_MESSSAGE).should('exist'); + cy.get(GO_BACK_TO_RULES_TABLE_BUTTON).should('exist'); + }); + + it('should fail gracefully with toast error message when request to install rules fails', () => { + /* Stub request to force rules installation to fail */ + cy.intercept('POST', '/internal/detection_engine/prebuilt_rules/installation/_perform', { + statusCode: 500, + }).as('installPrebuiltRules'); + addElasticRulesButtonClick(); + cy.get(SELECT_ALL_RULES_ON_PAGE_CHECKBOX).click(); + cy.get(INSTALL_SELECTED_RULES_BUTTON).click(); + cy.wait('@installPrebuiltRules'); + cy.get(TOASTER).should('be.visible').should('have.text', 'Rule installation failed'); + }); + }); + + describe('Upgrade of prebuilt rules', () => { + const RULE_1_ID = 'rule_1'; + const RULE_2_ID = 'rule_2'; + const OUTDATED_RULE_1 = createRuleAssetSavedObject({ + name: 'Outdated rule 1', + rule_id: RULE_1_ID, + version: 1, + }); + const UPDATED_RULE_1 = createRuleAssetSavedObject({ + name: 'Updated rule 1', + rule_id: RULE_1_ID, + version: 2, + }); + const OUTDATED_RULE_2 = createRuleAssetSavedObject({ + name: 'Outdated rule 2', + rule_id: RULE_2_ID, + version: 1, + }); + const UPDATED_RULE_2 = createRuleAssetSavedObject({ + name: 'Updated rule 2', + rule_id: RULE_2_ID, + version: 2, + }); + beforeEach(() => { + cy.intercept('POST', '/internal/detection_engine/prebuilt_rules/upgrade/_perform').as( + 'updatePrebuiltRules' + ); + /* Create a new rule and install it */ + createAndInstallMockedPrebuiltRules({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); + /* Create a second version of the rule, making it available for update */ + createAndInstallMockedPrebuiltRules({ + rules: [UPDATED_RULE_1, UPDATED_RULE_2], + installToKibana: false, + }); + waitForRulesTableToBeLoaded(); + reload(); + }); + + it('should upgrade prebuilt rules one by one', () => { + ruleUpdatesTabClick(); + assertRuleUpgradeAvailableAndUpgradeOne({ rules: [OUTDATED_RULE_1] }); + }); + + it('should upgrade multiple selected prebuilt rules by selecting them individually', () => { + ruleUpdatesTabClick(); + assertRuleUpgradeAvailableAndUpgradeSelected({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); + }); + + it('should upgrade multiple selected prebuilt rules by selecting all in page', () => { + ruleUpdatesTabClick(); + assertRuleUpgradeAvailableAndUpgradeAllInPage({ + rules: [OUTDATED_RULE_1, OUTDATED_RULE_2], + }); + }); + + it('should upgrade all rules with available upgrades at once', () => { + ruleUpdatesTabClick(); + assertRuleUpgradeAvailableAndUpgradeAll({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); + cy.get(RULES_UPDATES_TAB).should('not.exist'); + }); + + it('should display an empty screen when all rules with available updates have been upgraded', () => { + ruleUpdatesTabClick(); + assertRuleUpgradeAvailableAndUpgradeAll({ rules: [OUTDATED_RULE_1, OUTDATED_RULE_2] }); + cy.get(RULES_UPDATES_TAB).should('not.exist'); + cy.get(NO_RULES_AVAILABLE_FOR_UPGRADE_MESSSAGE).should('exist'); + }); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_management.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_management.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_management.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_management.cy.ts index 07478b229e21c..128f8d27b5da2 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_management.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_management.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../tags'; + import { createRuleAssetSavedObject } from '../../../helpers/rules'; import { COLLAPSED_ACTION_BTN, @@ -49,7 +51,7 @@ const rules = Array.from(Array(5)).map((_, i) => { }); }); -describe('Prebuilt rules', () => { +describe('Prebuilt rules', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_notifications.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_notifications.cy.ts new file mode 100644 index 0000000000000..abeaee0820558 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/prebuilt_rules/prebuilt_rules_notifications.cy.ts @@ -0,0 +1,192 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { tag } from '../../../tags'; + +import { createRuleAssetSavedObject } from '../../../helpers/rules'; +import { ADD_ELASTIC_RULES_BTN, RULES_UPDATES_TAB } from '../../../screens/alerts_detection_rules'; +import { + deleteFirstRule, + waitForRulesTableToBeLoaded, +} from '../../../tasks/alerts_detection_rules'; +import { + installAllPrebuiltRulesRequest, + createAndInstallMockedPrebuiltRules, +} from '../../../tasks/api_calls/prebuilt_rules'; +import { + resetRulesTableState, + deleteAlertsAndRules, + reload, + deletePrebuiltRulesAssets, +} from '../../../tasks/common'; +import { login, visitWithoutDateRange } from '../../../tasks/login'; +import { SECURITY_DETECTIONS_RULES_URL } from '../../../urls/navigation'; + +const RULE_1 = createRuleAssetSavedObject({ + name: 'Test rule 1', + rule_id: 'rule_1', +}); + +describe( + 'Detection rules, Prebuilt Rules Installation and Update Notifications', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + login(); + /* Make sure persisted rules table state is cleared */ + resetRulesTableState(); + deleteAlertsAndRules(); + deletePrebuiltRulesAssets(); + }); + + describe('No notifications', () => { + it('should NOT display install or update notifications when no prebuilt assets and no rules are installed', () => { + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + waitForRulesTableToBeLoaded(); + // TODO: test plan asserts "should NOT see a CTA to install prebuilt rules" + // but current behavior is to always show the CTA, even with no prebuilt rule assets installed + // Update that behaviour and then update this test. + cy.get(RULES_UPDATES_TAB).should('not.exist'); + }); + + it('should NOT display install or update notifications when latest rules are installed', () => { + createAndInstallMockedPrebuiltRules({ rules: [RULE_1], installToKibana: true }); + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + waitForRulesTableToBeLoaded(); + + /* Assert that there are no installation or update notifications */ + /* Add Elastic Rules button should not contain a number badge */ + /* and Rule Upgrade tab should not be displayed */ + cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', 'Add Elastic rules'); + cy.get(RULES_UPDATES_TAB).should('not.exist'); + }); + }); + + describe('Notifications', () => { + beforeEach(() => { + createAndInstallMockedPrebuiltRules({ rules: [RULE_1], installToKibana: false }); + }); + + describe('Rules installation notification when no rules have been installed', () => { + beforeEach(() => { + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + }); + + it('should notify user about prebuilt rules available for installation', () => { + cy.get(ADD_ELASTIC_RULES_BTN).should('be.visible'); + cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', `Add Elastic rules${1}`); + cy.get(RULES_UPDATES_TAB).should('not.exist'); + }); + }); + + describe('Rule installation notification when at least one rule already installed', () => { + beforeEach(() => { + installAllPrebuiltRulesRequest().then(() => { + /* Create new rule assets with a different rule_id as the one that was */ + /* installed before in order to trigger the installation notification */ + const RULE_2 = createRuleAssetSavedObject({ + name: 'Test rule 2', + rule_id: 'rule_2', + }); + const RULE_3 = createRuleAssetSavedObject({ + name: 'Test rule 3', + rule_id: 'rule_3', + }); + + createAndInstallMockedPrebuiltRules({ + rules: [RULE_2, RULE_3], + installToKibana: false, + }); + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + waitForRulesTableToBeLoaded(); + }); + }); + + it('should notify user about prebuilt rules available for installation', () => { + const numberOfAvailableRules = 2; + cy.get(ADD_ELASTIC_RULES_BTN).should('be.visible'); + cy.get(ADD_ELASTIC_RULES_BTN).should( + 'have.text', + `Add Elastic rules${numberOfAvailableRules}` + ); + cy.get(RULES_UPDATES_TAB).should('not.exist'); + }); + + it('should notify user a rule is again available for installation if it is deleted', () => { + /* Install available rules, assert that the notification is gone */ + /* then delete one rule and assert that the notification is back */ + installAllPrebuiltRulesRequest().then(() => { + reload(); + deleteFirstRule(); + cy.get(ADD_ELASTIC_RULES_BTN).should('be.visible'); + cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', `Add Elastic rules${1}`); + }); + }); + }); + + describe('Rule update notification', () => { + beforeEach(() => { + installAllPrebuiltRulesRequest().then(() => { + /* Create new rule asset with the same rule_id as the one that was installed */ + /* but with a higher version, in order to trigger the update notification */ + const UPDATED_RULE = createRuleAssetSavedObject({ + name: 'Test rule 1.1 (updated)', + rule_id: 'rule_1', + version: 2, + }); + createAndInstallMockedPrebuiltRules({ rules: [UPDATED_RULE], installToKibana: false }); + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + waitForRulesTableToBeLoaded(); + reload(); + }); + }); + + it('should notify user about prebuilt rules package available for update', () => { + // No rules available for installation + cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', `Add Elastic rules`); + // But 1 rule available for update + cy.get(RULES_UPDATES_TAB).should('be.visible'); + cy.get(RULES_UPDATES_TAB).should('have.text', `Rule Updates${1}`); + }); + }); + + describe('Rule installation available and rule update available notifications', () => { + beforeEach(() => { + installAllPrebuiltRulesRequest().then(() => { + /* Create new rule assets with a different rule_id as the one that was */ + /* installed before in order to trigger the installation notification */ + const RULE_2 = createRuleAssetSavedObject({ + name: 'Test rule 2', + rule_id: 'rule_2', + }); + /* Create new rule asset with the same rule_id as the one that was installed */ + /* but with a higher version, in order to trigger the update notification */ + const UPDATED_RULE = createRuleAssetSavedObject({ + name: 'Test rule 1.1 (updated)', + rule_id: 'rule_1', + version: 2, + }); + createAndInstallMockedPrebuiltRules({ + rules: [RULE_2, UPDATED_RULE], + installToKibana: false, + }); + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + waitForRulesTableToBeLoaded(); + }); + }); + + it('should notify user about prebuilt rules available for installation and for upgrade', () => { + // 1 rule available for installation + cy.get(ADD_ELASTIC_RULES_BTN).should('have.text', `Add Elastic rules${1}`); + // 1 rule available for update + cy.get(RULES_UPDATES_TAB).should('be.visible'); + cy.get(RULES_UPDATES_TAB).should('have.text', `Rule Updates${1}`); + }); + }); + }); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions.cy.ts new file mode 100644 index 0000000000000..021735f679a20 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions.cy.ts @@ -0,0 +1,78 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { tag } from '../../../tags'; + +import { getIndexConnector } from '../../../objects/connector'; +import { getSimpleCustomQueryRule } from '../../../objects/rule'; + +import { goToRuleDetails } from '../../../tasks/alerts_detection_rules'; +import { deleteIndex, waitForNewDocumentToBeIndexed } from '../../../tasks/api_calls/elasticsearch'; +import { + cleanKibana, + deleteAlertsAndRules, + deleteConnectors, + deleteDataView, +} from '../../../tasks/common'; +import { + createAndEnableRule, + fillAboutRuleAndContinue, + fillDefineCustomRuleAndContinue, + fillRuleAction, + fillScheduleRuleAndContinue, +} from '../../../tasks/create_new_rule'; +import { login, visit } from '../../../tasks/login'; + +import { RULE_CREATION } from '../../../urls/navigation'; + +describe( + 'Rule actions during detection rule creation', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + const indexConnector = getIndexConnector(); + + before(() => { + cleanKibana(); + }); + + beforeEach(() => { + login(); + deleteAlertsAndRules(); + deleteConnectors(); + deleteIndex(indexConnector.index); + deleteDataView(indexConnector.index); + }); + + const rule = getSimpleCustomQueryRule(); + const actions = { connectors: [indexConnector] }; + const index = actions.connectors[0].index; + const initialNumberOfDocuments = 0; + const expectedJson = JSON.parse(actions.connectors[0].document); + + it('Indexes a new document after the index action is triggered ', function () { + visit(RULE_CREATION); + fillDefineCustomRuleAndContinue(rule); + fillAboutRuleAndContinue(rule); + fillScheduleRuleAndContinue(rule); + fillRuleAction(actions); + createAndEnableRule(); + goToRuleDetails(); + + /* When the rule is executed, the action is triggered. We wait for the new document to be indexed */ + waitForNewDocumentToBeIndexed(index, initialNumberOfDocuments); + + /* We assert that the new indexed document is the one set on the index action */ + cy.request({ + method: 'GET', + url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_search`, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, + }).then((response) => { + expect(response.body.hits.hits[0]._source).to.deep.equal(expectedJson); + }); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts similarity index 99% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts index eb1abd71cd43e..5658a0d4aee3e 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../tags'; + import { ruleFields } from '../../../data/detection_engine'; import { getNewRule, @@ -112,7 +114,7 @@ import { enablesRule, getDetails } from '../../../tasks/rule_details'; import { RULE_CREATION, DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation'; -describe('Custom query rules', () => { +describe('Custom query rules', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_query_rule_data_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule_data_view.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_query_rule_data_view.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule_data_view.cy.ts index b1bcf1336670a..e352af5671ae0 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_query_rule_data_view.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule_data_view.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../tags'; + import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; import { getDataViewRule } from '../../../objects/rule'; import { ALERTS_COUNT, ALERT_GRID_CELL } from '../../../screens/alerts'; @@ -67,7 +69,7 @@ import { getDetails } from '../../../tasks/rule_details'; import { RULE_CREATION } from '../../../urls/navigation'; -describe('Custom query rules', () => { +describe('Custom query rules', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { describe('Custom detection rules creation with data views', () => { const rule = getDataViewRule(); const expectedUrls = rule.references?.join(''); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts index 8cb8fc2ba7576..5c512e4c2eff8 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../tags'; + import { getNewRule, getSavedQueryRule } from '../../../objects/rule'; import { @@ -45,7 +47,7 @@ const savedQueryName = 'custom saved query'; const savedQueryQuery = 'process.name: test'; const savedQueryFilterKey = 'testAgent.value'; -describe('Custom saved_query rules', () => { +describe('Custom saved_query rules', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/event_correlation_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/event_correlation_rule.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/event_correlation_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/event_correlation_rule.cy.ts index a470a322b1831..2d06b9ec977e7 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/event_correlation_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/event_correlation_rule.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../tags'; + import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; import { getEqlRule, getEqlSequenceRule, getIndexPatterns } from '../../../objects/rule'; @@ -61,7 +63,7 @@ import { login, visit } from '../../../tasks/login'; import { RULE_CREATION } from '../../../urls/navigation'; -describe('EQL rules', () => { +describe('EQL rules', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); }); @@ -150,10 +152,10 @@ describe('EQL rules', () => { const rule = getEqlSequenceRule(); - before(() => { + beforeEach(() => { cy.task('esArchiverLoad', 'auditbeat_big'); }); - after(() => { + afterEach(() => { cy.task('esArchiverUnload', 'auditbeat_big'); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/indicator_match_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/indicator_match_rule.cy.ts similarity index 99% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/indicator_match_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/indicator_match_rule.cy.ts index ec216364a2031..9f2e8a796ee95 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/indicator_match_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/indicator_match_rule.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../tags'; + import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; import { getIndexPatterns, @@ -108,7 +110,7 @@ import { DETECTIONS_RULE_MANAGEMENT_URL, RULE_CREATION } from '../../../urls/nav const DEFAULT_THREAT_MATCH_QUERY = '@timestamp >= "now-30d/d"'; -describe('indicator match', () => { +describe('indicator match', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { describe('Detection rules, Indicator Match', () => { const expectedUrls = getNewThreatIndicatorRule().references?.join(''); const expectedFalsePositives = getNewThreatIndicatorRule().false_positives?.join(''); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/machine_learning_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/machine_learning_rule.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/machine_learning_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/machine_learning_rule.cy.ts index d975be9249a5e..815da8ae92cb1 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/machine_learning_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/machine_learning_rule.cy.ts @@ -4,8 +4,8 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ - import { isArray } from 'lodash'; +import { tag } from '../../../tags'; import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; import { getMachineLearningRule } from '../../../objects/rule'; @@ -54,7 +54,7 @@ import { login, visitWithoutDateRange } from '../../../tasks/login'; import { RULE_CREATION } from '../../../urls/navigation'; -describe('Detection rules, machine learning', () => { +describe('Detection rules, machine learning', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { const expectedUrls = (getMachineLearningRule().references ?? []).join(''); const expectedFalsePositives = (getMachineLearningRule().false_positives ?? []).join(''); const expectedTags = (getMachineLearningRule().tags ?? []).join(''); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/new_terms_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/new_terms_rule.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/new_terms_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/new_terms_rule.cy.ts index ae6296aea904b..14b4b9ad2c717 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/new_terms_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/new_terms_rule.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../tags'; + import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; import { getIndexPatterns, getNewTermsRule } from '../../../objects/rule'; @@ -59,7 +61,7 @@ import { login, visit } from '../../../tasks/login'; import { RULE_CREATION } from '../../../urls/navigation'; -describe('New Terms rules', () => { +describe('New Terms rules', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/override.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/override.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/override.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/override.cy.ts index 0e6a9462237d8..01f7ff28e2507 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/override.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/override.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../tags'; + import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; import { getIndexPatterns, getNewOverrideRule, getSeveritiesOverride } from '../../../objects/rule'; @@ -61,7 +63,7 @@ import { getDetails } from '../../../tasks/rule_details'; import { RULE_CREATION } from '../../../urls/navigation'; -describe('Detection rules, override', () => { +describe('Detection rules, override', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { const rule = getNewOverrideRule(); const expectedUrls = rule.references?.join(''); const expectedFalsePositives = rule.false_positives?.join(''); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/threshold_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/threshold_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule.cy.ts index 5c244b8bb52ca..7c29afc4c0abe 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_creation/threshold_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../tags'; + import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; import { getIndexPatterns, getNewThresholdRule } from '../../../objects/rule'; @@ -59,7 +61,7 @@ import { login, visitWithoutDateRange } from '../../../tasks/login'; import { RULE_CREATION } from '../../../urls/navigation'; -describe('Detection rules, threshold', () => { +describe('Detection rules, threshold', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { const rule = getNewThresholdRule(); const expectedUrls = rule.references?.join(''); const expectedFalsePositives = rule.false_positives?.join(''); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/authorization/all_rules_read_only.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/authorization/all_rules_read_only.cy.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/authorization/all_rules_read_only.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/authorization/all_rules_read_only.cy.ts index eb7fa7054896f..62f484b69427a 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/authorization/all_rules_read_only.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/authorization/all_rules_read_only.cy.ts @@ -5,7 +5,9 @@ * 2.0. */ -import { ROLES } from '../../../../../common/test'; +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../../../tags'; + import { getNewRule } from '../../../../objects/rule'; import { COLLAPSED_ACTION_BTN, @@ -26,7 +28,7 @@ import { SECURITY_DETECTIONS_RULES_URL } from '../../../../urls/navigation'; const MISSING_PRIVILEGES_CALLOUT = 'missing-user-privileges'; -describe('All rules - read only', () => { +describe('All rules - read only', { tags: tag.ESS }, () => { before(() => { cleanKibana(); createRule(getNewRule({ rule_id: '1' })); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/maintenance_windows/maintenance_window_callout.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/maintenance_windows/maintenance_window_callout.cy.ts similarity index 83% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/maintenance_windows/maintenance_window_callout.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/maintenance_windows/maintenance_window_callout.cy.ts index 738c844262bf2..e72e8d1664119 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/maintenance_windows/maintenance_window_callout.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/maintenance_windows/maintenance_window_callout.cy.ts @@ -8,11 +8,12 @@ import { INTERNAL_ALERTING_API_MAINTENANCE_WINDOW_PATH } from '@kbn/alerting-plugin/common'; import type { MaintenanceWindowCreateBody } from '@kbn/alerting-plugin/common'; import type { AsApiContract } from '@kbn/alerting-plugin/server/routes/lib'; +import { tag } from '../../../../tags'; import { cleanKibana } from '../../../../tasks/common'; import { login, visit } from '../../../../tasks/login'; import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../../urls/navigation'; -describe('Maintenance window callout on Rule Management page', () => { +describe('Maintenance window callout on Rule Management page', { tags: [tag.ESS] }, () => { let maintenanceWindowId = ''; before(() => { @@ -34,7 +35,7 @@ describe('Maintenance window callout on Rule Management page', () => { cy.request({ method: 'POST', url: INTERNAL_ALERTING_API_MAINTENANCE_WINDOW_PATH, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, body, }).then((response) => { maintenanceWindowId = response.body.id; @@ -46,7 +47,7 @@ describe('Maintenance window callout on Rule Management page', () => { cy.request({ method: 'DELETE', url: `${INTERNAL_ALERTING_API_MAINTENANCE_WINDOW_PATH}/${maintenanceWindowId}`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/related_integrations/related_integrations.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/related_integrations/related_integrations.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/related_integrations/related_integrations.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/related_integrations/related_integrations.cy.ts index 56865abd794c3..c13079d1dd134 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/related_integrations/related_integrations.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/related_integrations/related_integrations.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../../tags'; + import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../../urls/navigation'; import { FIELD } from '../../../../screens/alerts_details'; @@ -52,7 +54,7 @@ Note that the rule we are using for testing purposes has the following character - Integration: unknown */ -describe('Related integrations', () => { +describe('Related integrations', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts index c687deff53cf9..bc228b7160a89 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_duplicate_rules.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../../../tags'; + import { waitForRulesTableToBeLoaded, goToTheRuleDetailsOf, @@ -53,7 +55,7 @@ const EXPIRED_EXCEPTION_ITEM_NAME = 'Sample exception item'; const NON_EXPIRED_EXCEPTION_ITEM_NAME = 'Sample exception item with future expiration'; -describe('Detection rules, bulk duplicate', () => { +describe('Detection rules, bulk duplicate', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts similarity index 99% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts index 385a4476b2e8a..9aea185783e7d 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../../../tags'; + import { MODAL_CONFIRMATION_BTN, MODAL_CONFIRMATION_BODY, @@ -121,7 +123,7 @@ const defaultRuleData = { timeline_id: '495ad7a7-316e-4544-8a0f-9c098daee76e', }; -describe('Detection rules, bulk edit', () => { +describe('Detection rules, bulk edit', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts new file mode 100644 index 0000000000000..d6000c671fb86 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_actions.cy.ts @@ -0,0 +1,226 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { RuleActionArray } from '@kbn/securitysolution-io-ts-alerting-types'; +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../../../../tags'; + +import { + RULES_BULK_EDIT_ACTIONS_INFO, + RULES_BULK_EDIT_ACTIONS_WARNING, + ADD_RULE_ACTIONS_MENU_ITEM, +} from '../../../../../screens/rules_bulk_actions'; +import { actionFormSelector } from '../../../../../screens/common/rule_actions'; + +import { cleanKibana, deleteAlertsAndRules, deleteConnectors } from '../../../../../tasks/common'; +import type { RuleActionCustomFrequency } from '../../../../../tasks/common/rule_actions'; +import { + addSlackRuleAction, + assertSlackRuleAction, + addEmailConnectorAndRuleAction, + assertEmailRuleAction, + assertSelectedCustomFrequencyOption, + assertSelectedPerRuleRunFrequencyOption, + assertSelectedSummaryOfAlertsOption, + pickCustomFrequencyOption, + pickPerRuleRunFrequencyOption, + pickSummaryOfAlertsOption, +} from '../../../../../tasks/common/rule_actions'; +import { + waitForRulesTableToBeLoaded, + selectNumberOfRules, + goToEditRuleActionsSettingsOf, +} from '../../../../../tasks/alerts_detection_rules'; +import { + waitForBulkEditActionToFinish, + submitBulkEditForm, + checkOverwriteRuleActionsCheckbox, + openBulkEditRuleActionsForm, + openBulkActionsMenu, +} from '../../../../../tasks/rules_bulk_actions'; +import { login, visitWithoutDateRange } from '../../../../../tasks/login'; + +import { SECURITY_DETECTIONS_RULES_URL } from '../../../../../urls/navigation'; + +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { createSlackConnector } from '../../../../../tasks/api_calls/connectors'; + +import { + getEqlRule, + getNewThreatIndicatorRule, + getNewRule, + getNewThresholdRule, + getMachineLearningRule, + getNewTermsRule, +} from '../../../../../objects/rule'; +import { excessivelyInstallAllPrebuiltRules } from '../../../../../tasks/api_calls/prebuilt_rules'; + +const ruleNameToAssert = 'Custom rule name with actions'; +const expectedNumberOfCustomRulesToBeEdited = 7; +// 7 custom rules of different types + 3 prebuilt. +// number of selected rules doesn't matter, we only want to make sure they will be edited an no modal window displayed as for other actions +const expectedNumberOfRulesToBeEdited = expectedNumberOfCustomRulesToBeEdited + 3; + +const expectedExistingSlackMessage = 'Existing slack action'; +const expectedSlackMessage = 'Slack action test message'; + +// TODO: Fix flakiness and unskip https://github.com/elastic/kibana/issues/154721 +describe.skip( + 'Detection rules, bulk edit of rule actions', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + before(() => { + cleanKibana(); + login(); + }); + + beforeEach(() => { + deleteAlertsAndRules(); + deleteConnectors(); + cy.task('esArchiverResetKibana'); + + createSlackConnector().then(({ body }) => { + const actions: RuleActionArray = [ + { + id: body.id, + action_type_id: '.slack', + group: 'default', + params: { + message: expectedExistingSlackMessage, + }, + frequency: { + summary: true, + throttle: null, + notifyWhen: 'onActiveAlert', + }, + }, + ]; + + createRule(getNewRule({ name: ruleNameToAssert, rule_id: '1', max_signals: 500, actions })); + }); + + createRule(getEqlRule({ rule_id: '2' })); + createRule(getMachineLearningRule({ rule_id: '3' })); + createRule(getNewThreatIndicatorRule({ rule_id: '4' })); + createRule(getNewThresholdRule({ rule_id: '5' })); + createRule(getNewTermsRule({ rule_id: '6' })); + createRule(getNewRule({ saved_id: 'mocked', rule_id: '7' })); + + createSlackConnector(); + }); + + context('Restricted action privileges', () => { + it("User with no privileges can't add rule actions", () => { + login(ROLES.hunter_no_actions); + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL, ROLES.hunter_no_actions); + waitForRulesTableToBeLoaded(); + + selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); + + openBulkActionsMenu(); + + cy.get(ADD_RULE_ACTIONS_MENU_ITEM).should('be.disabled'); + }); + }); + + context('All actions privileges', () => { + beforeEach(() => { + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + waitForRulesTableToBeLoaded(); + }); + + it('Add a rule action to rules (existing connector)', () => { + const expectedActionFrequency: RuleActionCustomFrequency = { + throttle: 1, + throttleUnit: 'd', + }; + + excessivelyInstallAllPrebuiltRules(); + + // select both custom and prebuilt rules + selectNumberOfRules(expectedNumberOfRulesToBeEdited); + openBulkEditRuleActionsForm(); + + // ensure rule actions info callout displayed on the form + cy.get(RULES_BULK_EDIT_ACTIONS_INFO).should('be.visible'); + + addSlackRuleAction(expectedSlackMessage); + pickSummaryOfAlertsOption(); + pickCustomFrequencyOption(expectedActionFrequency); + + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfRulesToBeEdited }); + + // check if rule has been updated + goToEditRuleActionsSettingsOf(ruleNameToAssert); + + assertSelectedSummaryOfAlertsOption(); + assertSelectedCustomFrequencyOption(expectedActionFrequency, 1); + assertSlackRuleAction(expectedExistingSlackMessage, 0); + assertSlackRuleAction(expectedSlackMessage, 1); + // ensure there is no third action + cy.get(actionFormSelector(2)).should('not.exist'); + }); + + it('Overwrite rule actions in rules', () => { + excessivelyInstallAllPrebuiltRules(); + + // select both custom and prebuilt rules + selectNumberOfRules(expectedNumberOfRulesToBeEdited); + openBulkEditRuleActionsForm(); + + addSlackRuleAction(expectedSlackMessage); + pickSummaryOfAlertsOption(); + pickPerRuleRunFrequencyOption(); + + // check overwrite box, ensure warning is displayed + checkOverwriteRuleActionsCheckbox(); + cy.get(RULES_BULK_EDIT_ACTIONS_WARNING).contains( + `You're about to overwrite rule actions for ${expectedNumberOfRulesToBeEdited} selected rules` + ); + + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfRulesToBeEdited }); + + // check if rule has been updated + goToEditRuleActionsSettingsOf(ruleNameToAssert); + + assertSelectedSummaryOfAlertsOption(); + assertSelectedPerRuleRunFrequencyOption(); + assertSlackRuleAction(expectedSlackMessage); + // ensure existing action was overwritten + cy.get(actionFormSelector(1)).should('not.exist'); + }); + + it('Add a rule action to rules (new connector)', () => { + const expectedActionFrequency: RuleActionCustomFrequency = { + throttle: 2, + throttleUnit: 'h', + }; + const expectedEmail = 'test@example.com'; + const expectedSubject = 'Subject'; + + selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); + openBulkEditRuleActionsForm(); + + addEmailConnectorAndRuleAction(expectedEmail, expectedSubject); + pickSummaryOfAlertsOption(); + pickCustomFrequencyOption(expectedActionFrequency); + + submitBulkEditForm(); + waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfCustomRulesToBeEdited }); + + // check if rule has been updated + goToEditRuleActionsSettingsOf(ruleNameToAssert); + + assertSelectedSummaryOfAlertsOption(); + assertSelectedCustomFrequencyOption(expectedActionFrequency, 1); + assertEmailRuleAction(expectedEmail, expectedSubject); + }); + }); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts new file mode 100644 index 0000000000000..824699e2cd230 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/bulk_actions/bulk_edit_rules_data_view.cy.ts @@ -0,0 +1,255 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { tag } from '../../../../../tags'; + +import { + RULES_BULK_EDIT_DATA_VIEWS_WARNING, + RULES_BULK_EDIT_OVERWRITE_DATA_VIEW_CHECKBOX, +} from '../../../../../screens/rules_bulk_actions'; + +import { DATA_VIEW_DETAILS, INDEX_PATTERNS_DETAILS } from '../../../../../screens/rule_details'; + +import { + waitForRulesTableToBeLoaded, + goToRuleDetails, + selectNumberOfRules, + goToTheRuleDetailsOf, +} from '../../../../../tasks/alerts_detection_rules'; + +import { + typeIndexPatterns, + waitForBulkEditActionToFinish, + submitBulkEditForm, + checkOverwriteDataViewCheckbox, + checkOverwriteIndexPatternsCheckbox, + openBulkEditAddIndexPatternsForm, + openBulkEditDeleteIndexPatternsForm, +} from '../../../../../tasks/rules_bulk_actions'; + +import { + hasIndexPatterns, + getDetails, + assertDetailsNotExist, +} from '../../../../../tasks/rule_details'; +import { login, visitWithoutDateRange } from '../../../../../tasks/login'; + +import { SECURITY_DETECTIONS_RULES_URL } from '../../../../../urls/navigation'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { cleanKibana, deleteAlertsAndRules, postDataView } from '../../../../../tasks/common'; + +import { + getEqlRule, + getNewThreatIndicatorRule, + getNewRule, + getNewThresholdRule, + getNewTermsRule, +} from '../../../../../objects/rule'; + +const DATA_VIEW_ID = 'auditbeat'; + +const expectedIndexPatterns = ['index-1-*', 'index-2-*']; + +const expectedNumberOfCustomRulesToBeEdited = 6; + +describe( + 'Bulk editing index patterns of rules with a data view only', + { tags: [tag.ESS, tag.SERVERLESS] }, + () => { + before(() => { + cleanKibana(); + }); + + beforeEach(() => { + deleteAlertsAndRules(); + cy.task('esArchiverResetKibana'); + login(); + + postDataView(DATA_VIEW_ID); + + createRule(getNewRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '1' })); + createRule(getEqlRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '2' })); + createRule( + getNewThreatIndicatorRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '3' }) + ); + createRule( + getNewThresholdRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '4' }) + ); + createRule(getNewTermsRule({ index: undefined, data_view_id: DATA_VIEW_ID, rule_id: '5' })); + createRule( + getNewRule({ + index: undefined, + data_view_id: DATA_VIEW_ID, + saved_id: 'mocked', + rule_id: '6', + }) + ); + + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + + waitForRulesTableToBeLoaded(); + }); + + it('Add index patterns to custom rules with configured data view: all rules are skipped', () => { + selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); + + openBulkEditAddIndexPatternsForm(); + typeIndexPatterns(expectedIndexPatterns); + submitBulkEditForm(); + + waitForBulkEditActionToFinish({ + skippedCount: expectedNumberOfCustomRulesToBeEdited, + showDataViewsWarning: true, + }); + + // check if rule still has data view and index patterns field does not exist + goToRuleDetails(); + getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID); + assertDetailsNotExist(INDEX_PATTERNS_DETAILS); + }); + + it('Add index patterns to custom rules with configured data view when data view checkbox is checked: rules are updated', () => { + selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); + + openBulkEditAddIndexPatternsForm(); + typeIndexPatterns(expectedIndexPatterns); + + // click on data view overwrite checkbox, ensure warning is displayed + cy.get(RULES_BULK_EDIT_DATA_VIEWS_WARNING).should('not.exist'); + checkOverwriteDataViewCheckbox(); + cy.get(RULES_BULK_EDIT_DATA_VIEWS_WARNING).should('be.visible'); + + submitBulkEditForm(); + + waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfCustomRulesToBeEdited }); + + // check if rule has been updated with index patterns and data view does not exist + goToRuleDetails(); + hasIndexPatterns(expectedIndexPatterns.join('')); + assertDetailsNotExist(DATA_VIEW_DETAILS); + }); + + it('Overwrite index patterns in custom rules with configured data view when overwrite data view checkbox is NOT checked:: rules are skipped', () => { + selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); + + openBulkEditAddIndexPatternsForm(); + typeIndexPatterns(expectedIndexPatterns); + checkOverwriteIndexPatternsCheckbox(); + submitBulkEditForm(); + + waitForBulkEditActionToFinish({ + skippedCount: expectedNumberOfCustomRulesToBeEdited, + showDataViewsWarning: true, + }); + + // check if rule still has data view and index patterns field does not exist + goToRuleDetails(); + getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID); + assertDetailsNotExist(INDEX_PATTERNS_DETAILS); + }); + + it('Overwrite index patterns in custom rules with configured data view when overwrite data view checkbox is checked: rules are updated', () => { + selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); + + openBulkEditAddIndexPatternsForm(); + typeIndexPatterns(expectedIndexPatterns); + checkOverwriteIndexPatternsCheckbox(); + checkOverwriteDataViewCheckbox(); + + submitBulkEditForm(); + + waitForBulkEditActionToFinish({ updatedCount: expectedNumberOfCustomRulesToBeEdited }); + + // check if rule has been overwritten with index patterns and data view does not exist + goToRuleDetails(); + hasIndexPatterns(expectedIndexPatterns.join('')); + assertDetailsNotExist(DATA_VIEW_DETAILS); + }); + + it('Delete index patterns in custom rules with configured data view: rules are skipped', () => { + selectNumberOfRules(expectedNumberOfCustomRulesToBeEdited); + + openBulkEditDeleteIndexPatternsForm(); + typeIndexPatterns(expectedIndexPatterns); + + // in delete form data view checkbox is absent + cy.get(RULES_BULK_EDIT_OVERWRITE_DATA_VIEW_CHECKBOX).should('not.exist'); + + submitBulkEditForm(); + + waitForBulkEditActionToFinish({ + skippedCount: expectedNumberOfCustomRulesToBeEdited, + showDataViewsWarning: true, + }); + + // check if rule still has data view and index patterns field does not exist + goToRuleDetails(); + getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID); + }); + } +); + +describe('Bulk editing index patterns of rules with index patterns and rules with a data view', () => { + const customRulesNumber = 2; + + before(() => { + cleanKibana(); + }); + + beforeEach(() => { + login(); + deleteAlertsAndRules(); + cy.task('esArchiverResetKibana'); + + postDataView(DATA_VIEW_ID); + + createRule( + getNewRule({ name: 'with dataview', index: [], data_view_id: DATA_VIEW_ID, rule_id: '1' }) + ); + createRule(getNewRule({ name: 'no data view', index: ['test-index-1-*'], rule_id: '2' })); + + visitWithoutDateRange(SECURITY_DETECTIONS_RULES_URL); + + waitForRulesTableToBeLoaded(); + }); + + it('Add index patterns to custom rules: one rule is updated, one rule is skipped', () => { + selectNumberOfRules(customRulesNumber); + + openBulkEditAddIndexPatternsForm(); + typeIndexPatterns(expectedIndexPatterns); + submitBulkEditForm(); + + waitForBulkEditActionToFinish({ + updatedCount: 1, + skippedCount: 1, + showDataViewsWarning: true, + }); + + // check if rule still has data view and index patterns field does not exist + goToTheRuleDetailsOf('with dataview'); + getDetails(DATA_VIEW_DETAILS).contains(DATA_VIEW_ID); + assertDetailsNotExist(INDEX_PATTERNS_DETAILS); + }); + + it('Add index patterns to custom rules when overwrite data view checkbox is checked: all rules are updated', () => { + selectNumberOfRules(customRulesNumber); + + openBulkEditAddIndexPatternsForm(); + typeIndexPatterns(expectedIndexPatterns); + checkOverwriteDataViewCheckbox(); + submitBulkEditForm(); + + waitForBulkEditActionToFinish({ + updatedCount: 2, + }); + + // check if rule still has data view and index patterns field does not exist + goToRuleDetails(); + assertDetailsNotExist(DATA_VIEW_DETAILS); + }); +}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts index 6c3c1dee6c7ad..e88920efd9726 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts @@ -6,6 +6,7 @@ */ import path from 'path'; +import { tag } from '../../../../../tags'; import { expectedExportedRule, getNewRule } from '../../../../../objects/rule'; import { @@ -56,7 +57,7 @@ const prebuiltRules = Array.from(Array(7)).map((_, i) => { }); }); -describe('Export rules', () => { +describe('Export rules', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { const downloadsFolder = Cypress.config('downloadsFolder'); before(() => { diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts index 183ab85bbd5d3..4c3eaaefd03c1 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/import_export/import_rules.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../../../tags'; + import { TOASTER } from '../../../../../screens/alerts_detection_rules'; import { expectManagementTableRules, @@ -17,7 +19,7 @@ import { login, visitWithoutDateRange } from '../../../../../tasks/login'; import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../../../urls/navigation'; const RULES_TO_IMPORT_FILENAME = 'cypress/fixtures/7_16_rules.ndjson'; -describe('Import rules', () => { +describe('Import rules', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts index b3939ff3c7b27..c16ca1a337622 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts @@ -6,7 +6,9 @@ */ import { INTERNAL_ALERTING_API_FIND_RULES_PATH } from '@kbn/alerting-plugin/common'; -import type { RuleResponse } from '../../../../../../common/api/detection_engine'; +import type { RuleResponse } from '@kbn/security-solution-plugin/common/api/detection_engine'; +import { tag } from '../../../../../tags'; + import { createRule, snoozeRule as snoozeRuleViaAPI } from '../../../../../tasks/api_calls/rules'; import { cleanKibana, deleteAlertsAndRules, deleteConnectors } from '../../../../../tasks/common'; import { login, visitWithoutDateRange } from '../../../../../tasks/login'; @@ -42,7 +44,7 @@ import { TOOLTIP } from '../../../../../screens/common'; const RULES_TO_IMPORT_FILENAME = 'cypress/fixtures/7_16_rules.ndjson'; -describe('rule snoozing', () => { +describe('rule snoozing', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts index bd3363572915d..d56beb1fec0e0 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_auto_refresh.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../../tags'; + import { RULE_CHECKBOX, REFRESH_RULES_STATUS, @@ -32,7 +34,7 @@ import { getNewRule } from '../../../../objects/rule'; const DEFAULT_RULE_REFRESH_INTERVAL_VALUE = 60000; const NUM_OF_TEST_RULES = 6; -describe('Rules table: auto-refresh', () => { +describe('Rules table: auto-refresh', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts index 5c94cfb3f1bcb..3c113648e2a23 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_filtering.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../../tags'; + import { cleanKibana, resetRulesTableState, deleteAlertsAndRules } from '../../../../tasks/common'; import { login, visitWithoutDateRange } from '../../../../tasks/login'; import { @@ -26,7 +28,7 @@ import { import { getNewRule } from '../../../../objects/rule'; -describe('Rules table: filtering', () => { +describe('Rules table: filtering', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts index b7fa19531065d..fe638d41f6587 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_links.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../../tags'; + import { getNewRule } from '../../../../objects/rule'; import { RULES_MONITORING_TAB, RULE_NAME } from '../../../../screens/alerts_detection_rules'; import { createRule } from '../../../../tasks/api_calls/rules'; @@ -12,7 +14,7 @@ import { cleanKibana, deleteAlertsAndRules } from '../../../../tasks/common'; import { login, visitWithoutDateRange } from '../../../../tasks/login'; import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../../urls/navigation'; -describe('Rules table: links', () => { +describe('Rules table: links', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_persistent_state.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_persistent_state.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_persistent_state.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_persistent_state.cy.ts index ef3d23cf71162..a6ef9d1d0115e 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_persistent_state.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_persistent_state.cy.ts @@ -6,6 +6,8 @@ */ import { encode } from '@kbn/rison'; +import { tag } from '../../../../tags'; + import { cleanKibana, resetRulesTableState } from '../../../../tasks/common'; import { login, visit } from '../../../../tasks/login'; import { @@ -98,7 +100,7 @@ function expectDefaultRulesTableState(): void { expectTablePage(1); } -describe('Rules table: persistent state', () => { +describe('Rules table: persistent state', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); createTestRules(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_selection.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_selection.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_selection.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_selection.cy.ts index db68e62d92315..3ff965be8c663 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_selection.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_selection.cy.ts @@ -4,6 +4,9 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ + +import { tag } from '../../../../tags'; + import { createRuleAssetSavedObject } from '../../../../helpers/rules'; import { SELECTED_RULES_NUMBER_LABEL, @@ -32,7 +35,7 @@ const RULE_2 = createRuleAssetSavedObject({ rule_id: 'rule_2', }); -describe('Rules table: selection', () => { +describe('Rules table: selection', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts index 66fe81f43c874..99b7cc9a3a8e1 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rules_table/rules_table_sorting.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../../tags'; + import { FIRST_RULE, RULE_NAME, @@ -37,7 +39,7 @@ import { } from '../../../../tasks/table_pagination'; import { TABLE_FIRST_PAGE, TABLE_SECOND_PAGE } from '../../../../screens/table_pagination'; -describe('Rules table: sorting', () => { +describe('Rules table: sorting', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_response/value_lists/value_lists.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/value_lists.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/detection_response/value_lists/value_lists.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/value_lists.cy.ts index dbbb9badd8b9d..60b0b02d79726 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/detection_response/value_lists/value_lists.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/value_lists.cy.ts @@ -5,8 +5,10 @@ * 2.0. */ -import { ROLES } from '../../../../common/test'; -import { deleteRoleAndUser, login, visitWithoutDateRange } from '../../../tasks/login'; +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../../tags'; + +import { login, visitWithoutDateRange } from '../../../tasks/login'; import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation'; import { createListsIndex, @@ -29,7 +31,7 @@ import { } from '../../../screens/lists'; describe('value lists', () => { - describe('management modal', () => { + describe('management modal', { tags: [tag.ESS, tag.SERVERLESS] }, () => { beforeEach(() => { login(); createListsIndex(); @@ -221,17 +223,10 @@ describe('value lists', () => { }); }); - describe('user with restricted access role', () => { - before(() => { + describe('user with restricted access role', { tags: tag.ESS }, () => { + it('Does not allow a t1 analyst user to upload a value list', () => { login(ROLES.t1_analyst); visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL, ROLES.t1_analyst); - }); - - after(() => { - deleteRoleAndUser(ROLES.t1_analyst); - }); - - it('Does not allow a t1 analyst user to upload a value list', () => { cy.get(VALUE_LISTS_MODAL_ACTIVATOR).should('have.attr', 'disabled'); }); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/entity_analytics/entity_analytics_management_page.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/entity_analytics_management_page.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/entity_analytics/entity_analytics_management_page.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/entity_analytics_management_page.cy.ts index da06359fc789b..b70a25a676459 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/entity_analytics/entity_analytics_management_page.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/entity_analytics/entity_analytics_management_page.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { PAGE_TITLE, HOST_RISK_PREVIEW_TABLE, @@ -41,7 +43,10 @@ import { describe( 'Entity analytics management page', - { env: { ftrConfig: { enableExperimental: ['riskScoringRoutesEnabled'] } } }, + { + env: { ftrConfig: { enableExperimental: ['riskScoringRoutesEnabled'] } }, + tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS], + }, () => { before(() => { cleanKibana(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts new file mode 100644 index 0000000000000..3e29f3a08cb70 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts @@ -0,0 +1,127 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { tag } from '../../../tags'; + +import { deleteAlertsAndRules } from '../../../tasks/common'; +import { + expandFirstAlert, + goToClosedAlertsOnRuleDetailsPage, + openAddEndpointExceptionFromAlertActionButton, + openAddEndpointExceptionFromFirstAlert, + waitForAlerts, +} from '../../../tasks/alerts'; +import { login, visitWithoutDateRange } from '../../../tasks/login'; +import { getEndpointRule } from '../../../objects/rule'; +import { goToRuleDetails } from '../../../tasks/alerts_detection_rules'; +import { createRule } from '../../../tasks/api_calls/rules'; +import { + waitForAlertsToPopulate, + waitForTheRuleToBeExecuted, +} from '../../../tasks/create_new_rule'; +import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation'; +import { + addExceptionEntryFieldValueAndSelectSuggestion, + addExceptionEntryFieldValueValue, + addExceptionFlyoutItemName, + editExceptionFlyoutItemName, + selectCloseSingleAlerts, + submitNewExceptionItem, + validateExceptionConditionField, +} from '../../../tasks/exceptions'; +import { ALERTS_COUNT } from '../../../screens/alerts'; +import { + ADD_AND_BTN, + EXCEPTION_CARD_ITEM_CONDITIONS, + EXCEPTION_CARD_ITEM_NAME, + EXCEPTION_ITEM_VIEWER_CONTAINER, +} from '../../../screens/exceptions'; +import { goToEndpointExceptionsTab } from '../../../tasks/rule_details'; + +describe( + 'Endpoint Exceptions workflows from Alert', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + const ITEM_NAME = 'Sample Exception List Item'; + const ITEM_NAME_EDIT = 'Sample Exception List Item'; + const ADDITIONAL_ENTRY = 'host.hostname'; + + beforeEach(() => { + cy.task('esArchiverUnload', 'endpoint'); + cy.task('esArchiverResetKibana'); + login(); + deleteAlertsAndRules(); + cy.task('esArchiverLoad', 'endpoint'); + createRule(getEndpointRule()); + visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL); + goToRuleDetails(); + waitForTheRuleToBeExecuted(); + waitForAlertsToPopulate(); + }); + + after(() => { + cy.task('esArchiverUnload', 'endpoint'); + }); + + it('Should be able to create and close single Endpoint exception from overflow menu', () => { + // The Endpoint will populated with predefined fields + openAddEndpointExceptionFromFirstAlert(); + + // As the endpoint.alerts-* is used to trigger the alert the + // file.Ext.code_signature will be auto-populated + validateExceptionConditionField('file.Ext.code_signature'); + + selectCloseSingleAlerts(); + addExceptionFlyoutItemName(ITEM_NAME); + submitNewExceptionItem(); + + // Instead of immediately checking if the Opened Alert has moved to the closed tab, + // use the waitForAlerts method to create a buffer, allowing the alerts some time to + // be moved to the Closed Alert tab. + waitForAlerts(); + + // Closed alert should appear in table + goToClosedAlertsOnRuleDetailsPage(); + cy.get(ALERTS_COUNT).should('exist'); + }); + + it('Should be able to create Endpoint exception from Alerts take action button, and change multiple exception items without resetting to initial auto-prefilled entries', () => { + // Open first Alert Summary + expandFirstAlert(); + + // The Endpoint should populated with predefined fields + openAddEndpointExceptionFromAlertActionButton(); + + // As the endpoint.alerts-* is used to trigger the alert the + // file.Ext.code_signature will be auto-populated + validateExceptionConditionField('file.Ext.code_signature'); + addExceptionFlyoutItemName(ITEM_NAME); + + cy.get(ADD_AND_BTN).click(); + // edit conditions + addExceptionEntryFieldValueAndSelectSuggestion(ADDITIONAL_ENTRY, 6); + addExceptionEntryFieldValueValue('foo', 4); + + // Change the name again + editExceptionFlyoutItemName(ITEM_NAME_EDIT); + + // validate the condition is still "agent.name" or got rest after the name is changed + validateExceptionConditionField(ADDITIONAL_ENTRY); + + selectCloseSingleAlerts(); + submitNewExceptionItem(); + + // Endpoint Exception will move to Endpoint List under Exception tab of rule + goToEndpointExceptionsTab(); + + // new exception item displays + cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); + cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME_EDIT); + cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).contains('span', ADDITIONAL_ENTRY); + }); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts new file mode 100644 index 0000000000000..6a7df890aec06 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts @@ -0,0 +1,198 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { tag } from '../../../../tags'; +import { LOADING_INDICATOR } from '../../../../screens/security_header'; +import { getEndpointRule } from '../../../../objects/rule'; +import { createRule } from '../../../../tasks/api_calls/rules'; +import { goToRuleDetails } from '../../../../tasks/alerts_detection_rules'; +import { + addExceptionFromFirstAlert, + expandFirstAlert, + openAddRuleExceptionFromAlertActionButton, +} from '../../../../tasks/alerts'; +import { + addExceptionEntryFieldValue, + addExceptionEntryFieldValueValue, + addExceptionFlyoutItemName, + submitNewExceptionItem, + validateExceptionConditionField, + validateExceptionCommentCountAndText, + editExceptionFlyoutItemName, + validateHighlightedFieldsPopulatedAsExceptionConditions, + validateEmptyExceptionConditionField, +} from '../../../../tasks/exceptions'; +import { login, visitWithoutDateRange } from '../../../../tasks/login'; +import { goToExceptionsTab } from '../../../../tasks/rule_details'; + +import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../../urls/navigation'; +import { deleteAlertsAndRules } from '../../../../tasks/common'; +import { + ADD_AND_BTN, + ENTRY_DELETE_BTN, + EXCEPTION_CARD_ITEM_CONDITIONS, + EXCEPTION_CARD_ITEM_NAME, + EXCEPTION_ITEM_VIEWER_CONTAINER, +} from '../../../../screens/exceptions'; +import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; + +describe( + 'Auto populate exception with Alert data', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + const ITEM_NAME = 'Sample Exception Item'; + const ITEM_NAME_EDIT = 'Sample Exception Item Edit'; + const ADDITIONAL_ENTRY = 'host.hostname'; + + beforeEach(() => { + cy.task('esArchiverUnload', 'endpoint'); + cy.task('esArchiverResetKibana'); + cy.task('esArchiverLoad', 'endpoint'); + login(); + createRule(getEndpointRule()); + visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL); + goToRuleDetails(); + waitForAlertsToPopulate(); + }); + after(() => { + cy.task('esArchiverUnload', 'endpoint'); + deleteAlertsAndRules(); + }); + afterEach(() => { + cy.task('esArchiverUnload', 'endpoint'); + }); + + it('Should create a Rule exception item from alert actions overflow menu and auto populate the conditions using alert Highlighted fields', () => { + cy.get(LOADING_INDICATOR).should('not.exist'); + addExceptionFromFirstAlert(); + + const highlightedFieldsBasedOnAlertDoc = [ + 'host.name', + 'agent.id', + 'user.name', + 'process.executable', + 'file.path', + ]; + + /** + * Validate the highlighted fields are auto populated, these + * fields are based on the alert document that should be generated + * when the endpoint rule runs + */ + validateHighlightedFieldsPopulatedAsExceptionConditions(highlightedFieldsBasedOnAlertDoc); + + /** + * Validate that the comments are opened by default with one comment added + * showing a text contains information about the pre-filled conditions + */ + validateExceptionCommentCountAndText( + 1, + 'Exception conditions are pre-filled with relevant data from an alert with the alert id (_id):' + ); + + addExceptionFlyoutItemName(ITEM_NAME); + submitNewExceptionItem(); + }); + it('Should create a Rule exception from Alerts take action button and change multiple exception items without resetting to initial auto-prefilled entries', () => { + cy.get(LOADING_INDICATOR).should('not.exist'); + + // Open first Alert Summary + expandFirstAlert(); + + // The Rule exception should populated with highlighted fields + openAddRuleExceptionFromAlertActionButton(); + + const highlightedFieldsBasedOnAlertDoc = [ + 'host.name', + 'agent.id', + 'user.name', + 'process.executable', + 'file.path', + ]; + + /** + * Validate the highlighted fields are auto populated, these + * fields are based on the alert document that should be generated + * when the endpoint rule runs + */ + validateHighlightedFieldsPopulatedAsExceptionConditions(highlightedFieldsBasedOnAlertDoc); + + /** + * Validate that the comments are opened by default with one comment added + * showing a text contains information about the pre-filled conditions + */ + validateExceptionCommentCountAndText( + 1, + 'Exception conditions are pre-filled with relevant data from an alert with the alert id (_id):' + ); + + addExceptionFlyoutItemName(ITEM_NAME); + + cy.get(ADD_AND_BTN).click(); + + // edit conditions + addExceptionEntryFieldValue(ADDITIONAL_ENTRY, 5); + addExceptionEntryFieldValueValue('foo', 5); + + // Change the name again + editExceptionFlyoutItemName(ITEM_NAME_EDIT); + + // validate the condition is still 'host.hostname' or got rest after the name is changed + validateExceptionConditionField(ADDITIONAL_ENTRY); + + submitNewExceptionItem(); + + goToExceptionsTab(); + + // new exception item displays + cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); + cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME_EDIT); + cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).contains('span', 'host.hostname'); + }); + it('Should delete all prefilled exception entries when creating a Rule exception from Alerts take action button without resetting to initial auto-prefilled entries', () => { + cy.get(LOADING_INDICATOR).should('not.exist'); + + // Open first Alert Summary + expandFirstAlert(); + + // The Rule exception should populated with highlighted fields + openAddRuleExceptionFromAlertActionButton(); + + const highlightedFieldsBasedOnAlertDoc = [ + 'host.name', + 'agent.id', + 'user.name', + 'process.executable', + 'file.path', + ]; + + /** + * Validate the highlighted fields are auto populated, these + * fields are based on the alert document that should be generated + * when the endpoint rule runs + */ + validateHighlightedFieldsPopulatedAsExceptionConditions(highlightedFieldsBasedOnAlertDoc); + + /** + * Delete all the highlighted fields to see if any condition + * will prefuilled again. + */ + const highlightedFieldsCount = highlightedFieldsBasedOnAlertDoc.length - 1; + highlightedFieldsBasedOnAlertDoc.forEach((_, index) => + cy + .get(ENTRY_DELETE_BTN) + .eq(highlightedFieldsCount - index) + .click() + ); + + /** + * Validate that there are no highlighted fields are auto populated + * after the deletion + */ + validateEmptyExceptionConditionField(); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/entry/flyout_validation.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/flyout_validation.cy.ts similarity index 99% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/entry/flyout_validation.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/flyout_validation.cy.ts index a6f52c4d39d90..92b63e1eb9137 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/entry/flyout_validation.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/flyout_validation.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getNewRule } from '../../../objects/rule'; @@ -65,7 +66,7 @@ import { getExceptionList } from '../../../objects/exception'; // to test in enzyme and very small changes can inadvertently add // bugs. As the complexity within the builder grows, these should // ensure the most basic logic holds. -describe.skip('Exceptions flyout', { testIsolation: false }, () => { +describe.skip('Exceptions flyout', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cy.task('esArchiverResetKibana'); // this is a made-up index that has just the necessary diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/entry/multiple_conditions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/multiple_conditions.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/entry/multiple_conditions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/multiple_conditions.cy.ts index d417673ea8e31..424bc9dfd5505 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/entry/multiple_conditions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/multiple_conditions.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getNewRule } from '../../../objects/rule'; @@ -30,7 +31,7 @@ import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation'; describe( 'Add multiple conditions and validate the generated exceptions', - { testIsolation: false }, + { tags: [tag.ESS, tag.SERVERLESS] }, () => { beforeEach(() => { cy.task('esArchiverResetKibana'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/entry/use_value_list.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/use_value_list.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/entry/use_value_list.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/use_value_list.cy.ts index efde240ebb70b..381024e413794 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/entry/use_value_list.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/use_value_list.cy.ts @@ -4,6 +4,8 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; + import { addExceptionEntryFieldMatchIncludedValue, addExceptionEntryFieldValue, @@ -49,7 +51,7 @@ const goToRulesAndOpenValueListModal = () => { openValueListsModal(); }; -describe('Use Value list in exception entry', () => { +describe('Use Value list in exception entry', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts index be3fa9bdce58b..4f523c9fe0290 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getNewRule } from '../../../objects/rule'; @@ -44,7 +45,7 @@ import { } from '../../../screens/exceptions'; import { createEndpointExceptionList } from '../../../tasks/api_calls/exceptions'; -describe('Add endpoint exception from rule details', () => { +describe('Add endpoint exception from rule details', { tags: [tag.ESS, tag.SERVERLESS] }, () => { const ITEM_NAME = 'Sample Exception List Item'; before(() => { diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/add_edit_exception.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/add_edit_exception.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception.cy.ts index ebf396ce7dbe1..fc91468b88c56 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/add_edit_exception.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getException, getExceptionList } from '../../../objects/exception'; import { getNewRule } from '../../../objects/rule'; @@ -59,7 +60,7 @@ import { } from '../../../tasks/api_calls/exceptions'; import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; -describe('Add/edit exception from rule details', () => { +describe('Add/edit exception from rule details', { tags: [tag.ESS, tag.SERVERLESS] }, () => { const NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS = '1 alert'; const FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD = 'agent.name'; const ITEM_FIELD = 'unique_value.test'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts new file mode 100644 index 0000000000000..1d020462683da --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts @@ -0,0 +1,183 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { tag } from '../../../tags'; + +import { getNewRule } from '../../../objects/rule'; +import { ALERTS_COUNT, EMPTY_ALERT_TABLE } from '../../../screens/alerts'; +import { createRule } from '../../../tasks/api_calls/rules'; +import { goToRuleDetails } from '../../../tasks/alerts_detection_rules'; +import { + goToClosedAlertsOnRuleDetailsPage, + goToOpenedAlertsOnRuleDetailsPage, +} from '../../../tasks/alerts'; +import { + editException, + editExceptionFlyoutItemName, + submitEditedExceptionItem, +} from '../../../tasks/exceptions'; +import { login, visitWithoutDateRange } from '../../../tasks/login'; +import { + addFirstExceptionFromRuleDetails, + goToAlertsTab, + goToExceptionsTab, + openEditException, + removeException, + waitForTheRuleToBeExecuted, +} from '../../../tasks/rule_details'; + +import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation'; +import { postDataView, deleteAlertsAndRules } from '../../../tasks/common'; +import { + NO_EXCEPTIONS_EXIST_PROMPT, + EXCEPTION_ITEM_VIEWER_CONTAINER, + EXCEPTION_CARD_ITEM_NAME, + EXCEPTION_CARD_ITEM_CONDITIONS, + EXCEPTION_ITEM_CONTAINER, + VALUES_INPUT, + FIELD_INPUT_PARENT, +} from '../../../screens/exceptions'; +import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; + +describe( + 'Add exception using data views from rule details', + { tags: [tag.ESS, tag.SERVERLESS] }, + () => { + const NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS = '1 alert'; + const ITEM_NAME = 'Sample Exception List Item'; + + before(() => { + cy.task('esArchiverResetKibana'); + cy.task('esArchiverLoad', 'exceptions'); + login(); + postDataView('exceptions-*'); + }); + + after(() => { + cy.task('esArchiverUnload', 'exceptions'); + }); + + beforeEach(() => { + deleteAlertsAndRules(); + createRule( + getNewRule({ + query: 'agent.name:*', + data_view_id: 'exceptions-*', + interval: '10s', + rule_id: 'rule_testing', + }) + ); + login(); + visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL); + goToRuleDetails(); + waitForAlertsToPopulate(); + }); + + afterEach(() => { + cy.task('esArchiverUnload', 'exceptions_2'); + }); + + it('Creates an exception item and close all matching alerts', () => { + goToExceptionsTab(); + // when no exceptions exist, empty component shows with action to add exception + cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('exist'); + + // clicks prompt button to add first exception that will also select to close + // all matching alerts + addFirstExceptionFromRuleDetails( + { + field: 'agent.name', + operator: 'is', + values: ['foo'], + }, + ITEM_NAME + ); + + // new exception item displays + cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); + + // Alerts table should now be empty from having added exception and closed + // matching alert + goToAlertsTab(); + cy.get(EMPTY_ALERT_TABLE).should('exist'); + + // Closed alert should appear in table + goToClosedAlertsOnRuleDetailsPage(); + cy.get(ALERTS_COUNT).should('exist'); + cy.get(ALERTS_COUNT).should('have.text', `${NUMBER_OF_AUDITBEAT_EXCEPTIONS_ALERTS}`); + + // Remove the exception and load an event that would have matched that exception + // to show that said exception now starts to show up again + goToExceptionsTab(); + + // when removing exception and again, no more exist, empty screen shows again + removeException(); + cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('exist'); + + // load more docs + cy.task('esArchiverLoad', 'exceptions_2'); + + // now that there are no more exceptions, the docs should match and populate alerts + goToAlertsTab(); + goToOpenedAlertsOnRuleDetailsPage(); + waitForTheRuleToBeExecuted(); + waitForAlertsToPopulate(); + + cy.get(ALERTS_COUNT).should('exist'); + cy.get(ALERTS_COUNT).should('have.text', '2 alerts'); + }); + + it('Edits an exception item', () => { + const NEW_ITEM_NAME = 'Exception item-EDITED'; + const ITEM_FIELD = 'unique_value.test'; + const FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD = 'agent.name'; + + goToExceptionsTab(); + // add item to edit + addFirstExceptionFromRuleDetails( + { + field: ITEM_FIELD, + operator: 'is', + values: ['foo'], + }, + ITEM_NAME + ); + + // displays existing exception items + cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); + cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('not.exist'); + cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME); + cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ' unique_value.testIS foo'); + + // open edit exception modal + openEditException(); + + // edit exception item name + editExceptionFlyoutItemName(NEW_ITEM_NAME); + + // check that the existing item's field is being populated + cy.get(EXCEPTION_ITEM_CONTAINER) + .eq(0) + .find(FIELD_INPUT_PARENT) + .eq(0) + .should('have.text', ITEM_FIELD); + cy.get(VALUES_INPUT).should('have.text', 'foo'); + + // edit conditions + editException(FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD, 0, 0); + + // submit + submitEditedExceptionItem(); + + // new exception item displays + cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1); + + // check that updates stuck + cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', NEW_ITEM_NAME); + cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ' agent.nameIS foo'); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts index 6464b782ae675..0e0aaeea06ddc 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts @@ -4,10 +4,11 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../../tags'; import { getExceptionList } from '../../../objects/exception'; import { getNewRule } from '../../../objects/rule'; -import { ROLES } from '../../../../common/test'; import { createRule } from '../../../tasks/api_calls/rules'; import { login, visitWithoutDateRange } from '../../../tasks/login'; import { goToExceptionsTab, goToAlertsTab } from '../../../tasks/rule_details'; @@ -27,7 +28,7 @@ import { deleteExceptionList, } from '../../../tasks/api_calls/exceptions'; -describe('Exceptions viewer read only', () => { +describe('Exceptions viewer read only', { tags: tag.ESS }, () => { const exceptionList = getExceptionList(); before(() => { diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts index bb7c17cab612b..dca4ee9d805f0 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { getExceptionList } from '../../../../objects/exception'; import { getNewRule } from '../../../../objects/rule'; @@ -40,7 +41,7 @@ const getExceptionList1 = () => ({ const EXCEPTION_LIST_NAME = 'Newly created list'; -describe('Exception list detail page', () => { +describe('Exception list detail page', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cy.task('esArchiverResetKibana'); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts index 5782534470930..9a56d20d244de 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getNewRule } from '../../../objects/rule'; import { login, visitWithoutDateRange } from '../../../tasks/login'; @@ -38,7 +39,7 @@ import { waitForExceptionsTableToBeLoaded, } from '../../../tasks/exceptions_table'; -describe('Add, edit and delete exception', () => { +describe('Add, edit and delete exception', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cy.task('esArchiverResetKibana'); cy.task('esArchiverLoad', 'exceptions'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts index b47816f7ed693..3f73aaf88a01e 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { createRule } from '../../../../tasks/api_calls/rules'; import { getExceptionList } from '../../../../objects/exception'; @@ -40,7 +41,7 @@ const getExceptionList2 = () => ({ list_id: 'exception_list_2', }); -describe('Duplicate List', () => { +describe('Duplicate List', { tags: [tag.ESS, tag.SERVERLESS] }, () => { beforeEach(() => { cy.task('esArchiverResetKibana'); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts index a8815ab8219bb..52e7386032608 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts @@ -4,6 +4,8 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; + import { getExceptionList } from '../../../../objects/exception'; import { getNewRule } from '../../../../objects/rule'; import { @@ -34,7 +36,7 @@ const getExceptionList2 = () => ({ name: EXCEPTION_LIST_NAME_TWO, list_id: 'exception_list_2', }); -describe('Filter Lists', () => { +describe('Filter Lists', { tags: [tag.ESS, tag.SERVERLESS] }, () => { beforeEach(() => { cy.task('esArchiverResetKibana'); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts index 8e07fc219f8d3..d453b2f89edbe 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { IMPORT_SHARED_EXCEPTION_LISTS_CLOSE_BTN, @@ -20,7 +21,7 @@ import { import { login, visitWithoutDateRange } from '../../../../tasks/login'; import { EXCEPTIONS_URL } from '../../../../urls/navigation'; -describe('Import Lists', () => { +describe('Import Lists', { tags: [tag.ESS, tag.SERVERLESS] }, () => { const LIST_TO_IMPORT_FILENAME = 'cypress/fixtures/7_16_exception_list.ndjson'; before(() => { cy.task('esArchiverResetKibana'); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts new file mode 100644 index 0000000000000..a1f3e9eb96faf --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts @@ -0,0 +1,146 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { tag } from '../../../../tags'; + +import { getExceptionList, expectedExportedExceptionList } from '../../../../objects/exception'; +import { getNewRule } from '../../../../objects/rule'; + +import { createRule } from '../../../../tasks/api_calls/rules'; +import { login, visitWithoutDateRange, waitForPageWithoutDateRange } from '../../../../tasks/login'; + +import { EXCEPTIONS_URL } from '../../../../urls/navigation'; +import { + deleteExceptionListWithoutRuleReferenceByListId, + deleteExceptionListWithRuleReferenceByListId, + exportExceptionList, + waitForExceptionsTableToBeLoaded, + createSharedExceptionList, + linkRulesToExceptionList, + assertNumberLinkedRules, +} from '../../../../tasks/exceptions_table'; +import { + EXCEPTIONS_LIST_MANAGEMENT_NAME, + EXCEPTIONS_TABLE_SHOWING_LISTS, +} from '../../../../screens/exceptions'; +import { createExceptionList } from '../../../../tasks/api_calls/exceptions'; + +import { TOASTER } from '../../../../screens/alerts_detection_rules'; + +const EXCEPTION_LIST_NAME = 'My test list'; +const EXCEPTION_LIST_TO_DUPLICATE_NAME = 'A test list 2'; + +const getExceptionList1 = () => ({ + ...getExceptionList(), + name: EXCEPTION_LIST_NAME, + list_id: 'exception_list_1', +}); + +const getExceptionList2 = () => ({ + ...getExceptionList(), + name: EXCEPTION_LIST_TO_DUPLICATE_NAME, + list_id: 'exception_list_2', +}); + +describe( + 'Manage lists from "Shared Exception Lists" page', + { tags: [tag.ESS, tag.SERVERLESS] }, + () => { + describe('Create/Export/Delete List', () => { + before(() => { + createRule(getNewRule({ name: 'Another rule' })); + + // Create exception list associated with a rule + createExceptionList(getExceptionList2(), getExceptionList2().list_id).then((response) => + createRule( + getNewRule({ + exceptions_list: [ + { + id: response.body.id, + list_id: getExceptionList2().list_id, + type: getExceptionList2().type, + namespace_type: getExceptionList2().namespace_type, + }, + ], + }) + ) + ); + + // Create exception list not used by any rules + createExceptionList(getExceptionList1(), getExceptionList1().list_id).as( + 'exceptionListResponse' + ); + }); + + beforeEach(() => { + login(); + visitWithoutDateRange(EXCEPTIONS_URL); + waitForExceptionsTableToBeLoaded(); + }); + + it('Export exception list', function () { + cy.intercept(/(\/api\/exception_lists\/_export)/).as('export'); + + exportExceptionList(getExceptionList1().list_id); + + cy.wait('@export').then(({ response }) => { + cy.wrap(response?.body).should( + 'eql', + expectedExportedExceptionList(this.exceptionListResponse) + ); + + cy.get(TOASTER).should( + 'have.text', + `Exception list "${EXCEPTION_LIST_NAME}" exported successfully` + ); + }); + }); + + it('Link rules to shared exception list', function () { + assertNumberLinkedRules(getExceptionList2().list_id, '1'); + linkRulesToExceptionList(getExceptionList2().list_id, 1); + assertNumberLinkedRules(getExceptionList2().list_id, '2'); + }); + + it('Create exception list', function () { + createSharedExceptionList( + { name: 'Newly created list', description: 'This is my list.' }, + true + ); + + // After creation - directed to list detail page + cy.get(EXCEPTIONS_LIST_MANAGEMENT_NAME).should('have.text', 'Newly created list'); + }); + + it('Delete exception list without rule reference', () => { + // Using cy.contains because we do not care about the exact text, + // just checking number of lists shown + cy.contains(EXCEPTIONS_TABLE_SHOWING_LISTS, '4'); + + deleteExceptionListWithoutRuleReferenceByListId(getExceptionList1().list_id); + + // Using cy.contains because we do not care about the exact text, + // just checking number of lists shown + cy.contains(EXCEPTIONS_TABLE_SHOWING_LISTS, '3'); + }); + + it('Deletes exception list with rule reference', () => { + waitForPageWithoutDateRange(EXCEPTIONS_URL); + waitForExceptionsTableToBeLoaded(); + + // Using cy.contains because we do not care about the exact text, + // just checking number of lists shown + cy.contains(EXCEPTIONS_TABLE_SHOWING_LISTS, '3'); + + deleteExceptionListWithRuleReferenceByListId(getExceptionList2().list_id); + + // Using cy.contains because we do not care about the exact text, + // just checking number of lists shown + cy.contains(EXCEPTIONS_TABLE_SHOWING_LISTS, '2'); + }); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts index c86660a93f512..25b9d2e34fe2e 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts @@ -4,8 +4,9 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../../../tags'; -import { ROLES } from '../../../../../common/test'; import { getExceptionList } from '../../../../objects/exception'; import { EXCEPTIONS_OVERFLOW_ACTIONS_BTN, @@ -22,7 +23,7 @@ import { EXCEPTIONS_URL } from '../../../../urls/navigation'; const MISSING_PRIVILEGES_CALLOUT = 'missing-user-privileges'; -describe('Shared exception lists - read only', () => { +describe('Shared exception lists - read only', { tags: tag.ESS }, () => { before(() => { cy.task('esArchiverResetKibana'); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/attach_alert_to_case.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/attach_alert_to_case.cy.ts similarity index 88% rename from x-pack/plugins/security_solution/cypress/e2e/explore/cases/attach_alert_to_case.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/attach_alert_to_case.cy.ts index a567befcb5b3b..a60c45c0add28 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/attach_alert_to_case.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/attach_alert_to_case.cy.ts @@ -4,9 +4,10 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../../tags'; import { getNewRule } from '../../../objects/rule'; -import { ROLES } from '../../../../common/test'; import { expandFirstAlertActions } from '../../../tasks/alerts'; import { createRule } from '../../../tasks/api_calls/rules'; @@ -34,7 +35,7 @@ describe('Alerts timeline', () => { waitForAlertsToPopulate(); }); - context('Privileges: read only', () => { + context('Privileges: read only', { tags: tag.ESS }, () => { beforeEach(() => { loadDetectionsPage(ROLES.reader); }); @@ -52,10 +53,10 @@ describe('Alerts timeline', () => { }); }); - context('Privileges: can crud', () => { + context('Privileges: can crud', { tags: tag.ESS }, () => { beforeEach(() => { loadDetectionsPage(ROLES.platform_engineer); - cy.get(LOADING_INDICATOR).should('not.exist'); // on CI, waitForPageToBeLoaded fails because the loading icon can't be found + cy.get(LOADING_INDICATOR).should('not.exist'); }); it('should allow a user with crud privileges to attach alerts to cases', () => { diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/attach_timeline.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/attach_timeline.cy.ts similarity index 77% rename from x-pack/plugins/security_solution/cypress/e2e/explore/cases/attach_timeline.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/attach_timeline.cy.ts index 85713b7acae49..669d73fc597a9 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/attach_timeline.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/attach_timeline.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { login, visitTimeline } from '../../../tasks/login'; import { @@ -19,7 +20,7 @@ import { createTimeline } from '../../../tasks/api_calls/timelines'; import { cleanKibana, deleteTimelines } from '../../../tasks/common'; import { createCase } from '../../../tasks/api_calls/cases'; -describe('attach timeline to case', () => { +describe('attach timeline to case', { tags: [tag.ESS, tag.SERVERLESS] }, () => { context('without cases created', () => { before(() => { cleanKibana(); @@ -33,7 +34,7 @@ describe('attach timeline to case', () => { }); }); - it('attach timeline to a new case', function () { + it('attach timeline to a new case', { tags: tag.BROKEN_IN_SERVERLESS }, function () { visitTimeline(this.myTimeline.savedObjectId); attachTimelineToNewCase(); @@ -45,21 +46,25 @@ describe('attach timeline to case', () => { }); }); - it('attach timeline to an existing case with no case', function () { - visitTimeline(this.myTimeline.savedObjectId); - attachTimelineToExistingCase(); - addNewCase(); + it( + 'attach timeline to an existing case with no case', + { tags: tag.BROKEN_IN_SERVERLESS }, + function () { + visitTimeline(this.myTimeline.savedObjectId); + attachTimelineToExistingCase(); + addNewCase(); - cy.location('origin').then((origin) => { - cy.get(DESCRIPTION_INPUT).should( - 'have.text', - `[${this.myTimeline.title}](${origin}/app/security/timelines?timeline=(id:%27${this.myTimeline.savedObjectId}%27,isOpen:!t))` - ); - }); - }); + cy.location('origin').then((origin) => { + cy.get(DESCRIPTION_INPUT).should( + 'have.text', + `[${this.myTimeline.title}](${origin}/app/security/timelines?timeline=(id:%27${this.myTimeline.savedObjectId}%27,isOpen:!t))` + ); + }); + } + ); }); - context('with cases created', () => { + context('with cases created', { tags: tag.BROKEN_IN_SERVERLESS }, () => { before(() => { login(); deleteTimelines(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/connector_options.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/connector_options.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/explore/cases/connector_options.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/connector_options.cy.ts index b70f559bfbda0..0b4b0372b2f2f 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/connector_options.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/connector_options.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { login, visitWithoutDateRange } from '../../../tasks/login'; import { @@ -28,7 +29,7 @@ import { CASES_URL } from '../../../urls/navigation'; import { CONNECTOR_CARD_DETAILS, CONNECTOR_TITLE } from '../../../screens/case_details'; import { cleanKibana } from '../../../tasks/common'; -describe('Cases connector incident fields', () => { +describe('Cases connector incident fields', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/connectors.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/connectors.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/explore/cases/connectors.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/connectors.cy.ts index b3cb9551cf2c8..2789b72b09acf 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/connectors.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/connectors.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getServiceNowConnector, getServiceNowITSMHealthResponse } from '../../../objects/case'; @@ -20,7 +21,7 @@ import { login, visitWithoutDateRange } from '../../../tasks/login'; import { CASES_URL } from '../../../urls/navigation'; -describe('Cases connectors', () => { +describe('Cases connectors', { tags: [tag.ESS, tag.SERVERLESS] }, () => { const configureResult = { connector: { id: 'e271c3b8-f702-4fbc-98e0-db942b573bbd', diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/creation.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/creation.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/explore/cases/creation.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/creation.cy.ts index 33bbd68ac9cb0..868c80a7b743f 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/creation.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/creation.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import type { TestCase } from '../../../objects/case'; import { getCase1 } from '../../../objects/case'; @@ -53,7 +54,7 @@ import { loginWithUser, visit, visitWithoutDateRange } from '../../../tasks/logi import { CASES_URL, OVERVIEW_URL } from '../../../urls/navigation'; -describe('Cases', () => { +describe('Cases', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); createTimeline(getCase1().timeline).then((response) => @@ -86,8 +87,8 @@ describe('Cases', () => { cy.get(ALL_CASES_OPEN_CASES_COUNT).should('have.text', 'Open (1)'); cy.get(ALL_CASES_TAGS_COUNT).should('have.text', 'Tags2'); cy.get(ALL_CASES_NAME).should('have.text', this.mycase.name); - (this.mycase as TestCase).tags.forEach((tag) => { - cy.get(ALL_CASES_TAGS(tag)).should('have.text', tag); + (this.mycase as TestCase).tags.forEach((CaseTag) => { + cy.get(ALL_CASES_TAGS(CaseTag)).should('have.text', CaseTag); }); cy.get(ALL_CASES_COMMENTS_COUNT).should('have.text', '0'); cy.get(ALL_CASES_OPENED_ON).should('include.text', 'ago'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/privileges.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/privileges.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/explore/cases/privileges.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/privileges.cy.ts index ce55e05c6e5e8..fa494a832a634 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/cases/privileges.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/cases/privileges.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import type { TestCaseWithoutTimeline } from '../../../objects/case'; import { ALL_CASES_CREATE_NEW_CASE_BTN, ALL_CASES_NAME } from '../../../screens/all_cases'; @@ -48,7 +49,7 @@ const testCase: TestCaseWithoutTimeline = { owner: 'securitySolution', }; -describe('Cases privileges', () => { +describe('Cases privileges', { tags: tag.ESS }, () => { before(() => { cleanKibana(); createUsersAndRoles(usersToCreate, rolesToCreate); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/dashboards/enable_risk_score.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/enable_risk_score.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/explore/dashboards/enable_risk_score.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/enable_risk_score.cy.ts index 2761d04ed0f07..d7c7aca013282 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/dashboards/enable_risk_score.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/enable_risk_score.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getNewRule } from '../../../objects/rule'; import { @@ -32,7 +33,7 @@ import { ENTITY_ANALYTICS_URL } from '../../../urls/navigation'; const spaceId = 'default'; -describe('Enable risk scores', () => { +describe('Enable risk scores', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/dashboards/entity_analytics.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/explore/dashboards/entity_analytics.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts index b261ad0ed5828..14d326febf11a 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/dashboards/entity_analytics.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts @@ -4,12 +4,13 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { login, visit } from '../../../tasks/login'; import { ALERTS_URL, ENTITY_ANALYTICS_URL } from '../../../urls/navigation'; -import { cleanKibana, deleteAlertsAndRules, waitForPageToBeLoaded } from '../../../tasks/common'; +import { cleanKibana, deleteAlertsAndRules } from '../../../tasks/common'; import { ANOMALIES_TABLE, @@ -55,7 +56,7 @@ const SIEM_KIBANA_HOST_ALERTS = 2; const SIEM_KIBANA_HOST_NAME = 'siem-kibana'; const END_DATE = 'Jan 19, 2019 @ 20:33:29.186'; -describe('Entity Analytics Dashboard', () => { +describe('Entity Analytics Dashboard', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); }); @@ -307,7 +308,6 @@ describe('Entity Analytics Dashboard', () => { cy.task('esArchiverLoad', 'network'); login(); visit(ENTITY_ANALYTICS_URL); - waitForPageToBeLoaded(); cy.get(ANOMALIES_TABLE).should('be.visible'); waitForAnomaliesToBeLoaded(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/dashboards/upgrade_risk_score.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/upgrade_risk_score.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/explore/dashboards/upgrade_risk_score.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/upgrade_risk_score.cy.ts index 636f6e0bdb988..de6d2ad295b58 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/dashboards/upgrade_risk_score.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/upgrade_risk_score.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getNewRule } from '../../../objects/rule'; import { @@ -38,7 +39,7 @@ import { ENTITY_ANALYTICS_URL } from '../../../urls/navigation'; const spaceId = 'default'; -describe('Upgrade risk scores', () => { +describe('Upgrade risk scores', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/filters/pinned_filters.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/filters/pinned_filters.cy.ts similarity index 83% rename from x-pack/plugins/security_solution/cypress/e2e/explore/filters/pinned_filters.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/filters/pinned_filters.cy.ts index 96878e7eac2e8..d1c2649d901d3 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/filters/pinned_filters.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/filters/pinned_filters.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { login, visitWithoutDateRange } from '../../../tasks/login'; @@ -22,7 +23,7 @@ import { import { ALERTS_PAGE } from '../../../screens/kibana_navigation'; import { postDataView } from '../../../tasks/common'; -describe('pinned filters', () => { +describe('pinned filters', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { postDataView('audit*'); }); @@ -31,7 +32,7 @@ describe('pinned filters', () => { login(); }); - it('show pinned filters on security', () => { + it('show pinned filters on security', { tags: tag.BROKEN_IN_SERVERLESS }, () => { visitWithoutDateRange(DISCOVER_WITH_PINNED_FILTER_URL); cy.get(GLOBAL_SEARCH_BAR_FILTER_ITEM).find(GLOBAL_SEARCH_BAR_PINNED_FILTER).should('exist'); @@ -41,7 +42,7 @@ describe('pinned filters', () => { cy.get(GLOBAL_SEARCH_BAR_FILTER_ITEM).should('have.text', 'host.name: test-host'); }); - it('does not show discover filters on security', () => { + it('does not show discover filters on security', { tags: tag.BROKEN_IN_SERVERLESS }, () => { visitWithoutDateRange(DISCOVER_WITH_FILTER_URL); cy.get(GLOBAL_SEARCH_BAR_FILTER_ITEM).should('exist'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/guided_onboarding/tour.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/guided_onboarding/tour.cy.ts similarity index 57% rename from x-pack/plugins/security_solution/cypress/e2e/explore/guided_onboarding/tour.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/guided_onboarding/tour.cy.ts index 1c180857c00b9..eaad7fb549bf6 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/guided_onboarding/tour.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/guided_onboarding/tour.cy.ts @@ -4,6 +4,8 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { AlertsCasesTourSteps } from '@kbn/security-solution-plugin/public/common/components/guided_onboarding_tour/tour_config'; +import { tag } from '../../../tags'; import { disableExpandableFlyout } from '../../../tasks/api_calls/kibana_advanced_settings'; import { navigateFromHeaderTo } from '../../../tasks/security_header'; @@ -26,10 +28,9 @@ import { getNewRule } from '../../../objects/rule'; import { ALERTS_URL, DASHBOARDS_URL } from '../../../urls/navigation'; import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; import { login, visit } from '../../../tasks/login'; -import { quitGlobalTour, startAlertsCasesTour } from '../../../tasks/api_calls/tour'; -import { AlertsCasesTourSteps } from '../../../../public/common/components/guided_onboarding_tour/tour_config'; +import { startAlertsCasesTour } from '../../../tasks/api_calls/tour'; -describe('Guided onboarding tour', () => { +describe('Guided onboarding tour', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); login(); @@ -42,9 +43,7 @@ describe('Guided onboarding tour', () => { visit(ALERTS_URL); waitForAlertsToPopulate(); }); - after(() => { - quitGlobalTour(); - }); + it('Completes the tour with next button clicks', () => { startTour(); completeTourWithNextButton(); @@ -71,37 +70,49 @@ describe('Guided onboarding tour', () => { assertTourStepExist(AlertsCasesTourSteps.pointToAlertName); }); - describe('persists tour steps in flyout on flyout toggle', () => { - const stepsInAlertsFlyout = [ - AlertsCasesTourSteps.reviewAlertDetailsFlyout, - AlertsCasesTourSteps.addAlertToCase, - AlertsCasesTourSteps.viewCase, - ]; + describe.skip( + 'persists tour steps in flyout on flyout toggle', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + const stepsInAlertsFlyout = [ + AlertsCasesTourSteps.reviewAlertDetailsFlyout, + AlertsCasesTourSteps.addAlertToCase, + AlertsCasesTourSteps.viewCase, + ]; - const stepsInCasesFlyout = [AlertsCasesTourSteps.createCase, AlertsCasesTourSteps.submitCase]; + const stepsInCasesFlyout = [AlertsCasesTourSteps.createCase, AlertsCasesTourSteps.submitCase]; - stepsInAlertsFlyout.forEach((step) => { - it(`step: ${step}, resets to ${step}`, () => { - startTour(); - goToStep(step); - assertTourStepExist(step); - closeAlertFlyout(); - assertTourStepNotExist(step); - expandFirstAlert(); - assertTourStepExist(step); + stepsInAlertsFlyout.forEach((step) => { + it( + `step: ${step}, resets to ${step}`, + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + startTour(); + goToStep(step); + assertTourStepExist(step); + closeAlertFlyout(); + assertTourStepNotExist(step); + expandFirstAlert(); + assertTourStepExist(step); + } + ); }); - }); - stepsInCasesFlyout.forEach((step) => { - it(`step: ${step}, resets to ${AlertsCasesTourSteps.createCase}`, () => { - startTour(); - goToStep(step); - assertTourStepExist(step); - closeCreateCaseFlyout(); - assertTourStepNotExist(step); - addToCase(); - assertTourStepExist(AlertsCasesTourSteps.createCase); + stepsInCasesFlyout.forEach((step) => { + it( + `step: ${step}, resets to ${AlertsCasesTourSteps.createCase}`, + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + startTour(); + goToStep(step); + assertTourStepExist(step); + closeCreateCaseFlyout(); + assertTourStepNotExist(step); + addToCase(); + assertTourStepExist(AlertsCasesTourSteps.createCase); + } + ); }); - }); - }); + } + ); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/host_details/risk_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/host_details/risk_tab.cy.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/e2e/explore/host_details/risk_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/host_details/risk_tab.cy.ts index 46797adc1a7d8..e6b7d1636de28 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/host_details/risk_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/host_details/risk_tab.cy.ts @@ -4,13 +4,14 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { login, visitHostDetailsPage } from '../../../tasks/login'; import { cleanKibana, waitForTableToLoad } from '../../../tasks/common'; import { TABLE_CELL, TABLE_ROWS } from '../../../screens/alerts_details'; -describe('risk tab', () => { +describe('risk tab', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverLoad', 'risk_hosts'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/hosts/events_viewer.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/events_viewer.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/explore/hosts/events_viewer.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/events_viewer.cy.ts index e97dc0722d815..54583bae3042e 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/hosts/events_viewer.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/events_viewer.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { FIELDS_BROWSER_CHECKBOX, @@ -45,7 +46,7 @@ const defaultHeadersInDefaultEcsCategory = [ { id: 'destination.ip' }, ]; -describe('Events Viewer', () => { +describe('Events Viewer', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cy.task('esArchiverLoad', 'auditbeat_big'); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/hosts/host_risk_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/host_risk_tab.cy.ts similarity index 94% rename from x-pack/plugins/security_solution/cypress/e2e/explore/hosts/host_risk_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/host_risk_tab.cy.ts index a6d1ab1ebdb50..0f6b1823f3388 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/hosts/host_risk_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/host_risk_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { cleanKibana } from '../../../tasks/common'; import { @@ -21,7 +22,7 @@ import { login, visit } from '../../../tasks/login'; import { HOSTS_URL } from '../../../urls/navigation'; import { clearSearchBar, kqlSearch } from '../../../tasks/security_header'; -describe('risk tab', () => { +describe('risk tab', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverLoad', 'risk_hosts'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/hosts/hosts_risk_column.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/hosts_risk_column.cy.ts similarity index 90% rename from x-pack/plugins/security_solution/cypress/e2e/explore/hosts/hosts_risk_column.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/hosts_risk_column.cy.ts index 79149b9374789..b38dda89423ac 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/hosts/hosts_risk_column.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/hosts/hosts_risk_column.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { login, visit } from '../../../tasks/login'; @@ -12,7 +13,7 @@ import { cleanKibana } from '../../../tasks/common'; import { TABLE_CELL } from '../../../screens/alerts_details'; import { kqlSearch } from '../../../tasks/security_header'; -describe('All hosts table', () => { +describe('All hosts table', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverLoad', 'risk_hosts'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/network/hover_actions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/network/hover_actions.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/explore/network/hover_actions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/network/hover_actions.cy.ts index 4859b7e4cd09b..30104b2aa8a88 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/network/hover_actions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/network/hover_actions.cy.ts @@ -4,6 +4,8 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; + import { TOP_N_CONTAINER } from '../../../screens/network/flows'; import { GLOBAL_SEARCH_BAR_FILTER_ITEM } from '../../../screens/search_bar'; import { DATA_PROVIDERS } from '../../../screens/timeline'; @@ -24,7 +26,7 @@ import { openTimelineUsingToggle } from '../../../tasks/security_main'; const testDomain = 'myTest'; // tracked by https://github.com/elastic/kibana/issues/161874 -describe.skip('Hover actions', () => { +describe.skip('Hover actions', { tags: [tag.ESS, tag.SERVERLESS] }, () => { const onBeforeLoadCallback = (win: Cypress.AUTWindow) => { // avoid cypress being held by windows prompt and timeout cy.stub(win, 'prompt').returns(true); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/network/overflow_items.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/network/overflow_items.cy.ts similarity index 94% rename from x-pack/plugins/security_solution/cypress/e2e/explore/network/overflow_items.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/network/overflow_items.cy.ts index 305a80a2cd482..1dc34f50e2b7a 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/network/overflow_items.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/network/overflow_items.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { ADD_TO_TIMELINE, @@ -22,7 +23,7 @@ import { NETWORK_URL } from '../../../urls/navigation'; const testDomainOne = 'myTest'; const testDomainTwo = 'myTest2'; -describe('Overflow items', () => { +describe('Overflow items', { tags: [tag.ESS, tag.SERVERLESS] }, () => { context('Network stats and tables', () => { before(() => { cy.task('esArchiverLoad', 'network'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/overview/overview.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/overview/overview.cy.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/e2e/explore/overview/overview.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/overview/overview.cy.ts index b26cf4759d5f5..b031a73b69e37 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/overview/overview.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/overview/overview.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { HOST_STATS, NETWORK_STATS, OVERVIEW_EMPTY_PAGE } from '../../../screens/overview'; @@ -16,7 +17,7 @@ import { cleanKibana } from '../../../tasks/common'; import { createTimeline, favoriteTimeline } from '../../../tasks/api_calls/timelines'; import { getTimeline } from '../../../objects/timeline'; -describe('Overview Page', () => { +describe('Overview Page', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverLoad', 'overview'); @@ -64,7 +65,7 @@ describe('Overview Page', () => { }); }); -describe('Overview page with no data', () => { +describe('Overview page with no data', { tags: tag.BROKEN_IN_SERVERLESS }, () => { before(() => { cy.task('esArchiverUnload', 'auditbeat'); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/pagination/pagination.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/pagination/pagination.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/explore/pagination/pagination.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/pagination/pagination.cy.ts index a6a0aa98406e1..93a2e2b9d2dbb 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/explore/pagination/pagination.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/pagination/pagination.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { PROCESS_NAME_FIELD, @@ -20,7 +21,7 @@ import { ALL_HOSTS_TABLE } from '../../../screens/hosts/all_hosts'; import { ALL_USERS_TABLE } from '../../../screens/users/all_users'; import { goToTablePage, sortFirstTableColumn } from '../../../tasks/table_pagination'; -describe('Pagination', () => { +describe('Pagination', { tags: [tag.ESS, tag.SERVERLESS] }, () => { describe('Host uncommon processes table)', () => { before(() => { cy.task('esArchiverLoad', 'host_uncommon_processes'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/users/user_details.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/users/user_details.cy.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/e2e/explore/users/user_details.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/users/user_details.cy.ts diff --git a/x-pack/plugins/security_solution/cypress/e2e/explore/users/users_tabs.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/users/users_tabs.cy.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/e2e/explore/users/users_tabs.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/explore/users/users_tabs.cy.ts diff --git a/x-pack/plugins/security_solution/cypress/e2e/header/navigation.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/header/navigation.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/header/navigation.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/header/navigation.cy.ts index ee848736e3279..55321e4027e37 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/header/navigation.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/header/navigation.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../tags'; import { CASES, @@ -77,7 +78,7 @@ import { THREAT_INTELLIGENCE_PAGE, } from '../../screens/kibana_navigation'; -describe('top-level navigation common to all pages in the Security app', () => { +describe('top-level navigation common to all pages in the Security app', { tags: tag.ESS }, () => { beforeEach(() => { login(); visit(TIMELINES_URL); @@ -199,7 +200,7 @@ describe('top-level navigation common to all pages in the Security app', () => { }); }); -describe('Kibana navigation to all pages in the Security app ', () => { +describe('Kibana navigation to all pages in the Security app ', { tags: tag.ESS }, () => { beforeEach(() => { login(); visit(KIBANA_HOME); diff --git a/x-pack/plugins/security_solution/cypress/e2e/header/search_bar.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/header/search_bar.cy.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/e2e/header/search_bar.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/header/search_bar.cy.ts index a138849a8a934..aec33676ad60f 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/header/search_bar.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/header/search_bar.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../tags'; import { login, visit } from '../../tasks/login'; import { @@ -22,7 +23,7 @@ import { getHostIpFilter } from '../../objects/filter'; import { HOSTS_URL } from '../../urls/navigation'; import { waitForAllHostsToBeLoaded } from '../../tasks/hosts/all_hosts'; -describe('SearchBar', () => { +describe('SearchBar', { tags: [tag.ESS, tag.SERVERLESS] }, () => { beforeEach(() => { login(); visit(HOSTS_URL); diff --git a/x-pack/plugins/security_solution/cypress/e2e/inspect/inspect_button.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/inspect/inspect_button.cy.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/e2e/inspect/inspect_button.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/inspect/inspect_button.cy.ts index 7b18eeab0a7e9..a71b22ead9f5f 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/inspect/inspect_button.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/inspect/inspect_button.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../tags'; import { INSPECT_BUTTONS_IN_SECURITY, @@ -17,16 +18,12 @@ import { openTableInspectModal, } from '../../tasks/inspect'; import { login, visit } from '../../tasks/login'; -import { - postDataView, - waitForPageToBeLoaded, - waitForWelcomePanelToBeLoaded, -} from '../../tasks/common'; +import { postDataView, waitForWelcomePanelToBeLoaded } from '../../tasks/common'; import { selectDataView } from '../../tasks/sourcerer'; const DATA_VIEW = 'auditbeat-*'; -describe('Inspect Explore pages', () => { +describe('Inspect Explore pages', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cy.task('esArchiverLoad', 'risk_users'); cy.task('esArchiverLoad', 'risk_hosts'); @@ -51,7 +48,6 @@ describe('Inspect Explore pages', () => { visit(url, { onLoad: () => { waitForWelcomePanelToBeLoaded(); - waitForPageToBeLoaded(); selectDataView(DATA_VIEW); }, }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alert_table_action_column.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alert_table_action_column.cy.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alert_table_action_column.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alert_table_action_column.cy.ts index efa04027025f5..9b8babc551503 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alert_table_action_column.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alert_table_action_column.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { OVERLAY_CONTAINER } from '../../../screens/alerts'; import { @@ -15,7 +16,7 @@ import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; import { login, visit } from '../../../tasks/login'; import { ALERTS_URL } from '../../../urls/navigation'; -describe('Alerts Table Action column', () => { +describe('Alerts Table Action column', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverLoad', 'process_ancestry'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alert_table_controls.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alert_table_controls.cy.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alert_table_controls.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alert_table_controls.cy.ts diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alerts_cell_actions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alerts_cell_actions.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alerts_cell_actions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alerts_cell_actions.cy.ts index 7b80498aad9d7..be84fba1cb9e5 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alerts_cell_actions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alerts_cell_actions.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getNewRule } from '../../../objects/rule'; import { CELL_COPY_BUTTON, FILTER_BADGE, SHOW_TOP_N_HEADER } from '../../../screens/alerts'; @@ -37,7 +38,7 @@ import { openActiveTimeline } from '../../../tasks/timeline'; import { ALERTS_URL } from '../../../urls/navigation'; -describe('Alerts cell actions', () => { +describe('Alerts cell actions', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); createRule(getNewRule()); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alerts_details.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alerts_details.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alerts_details.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alerts_details.cy.ts index 7f5e0cde93b10..0808b79de216e 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/alerts_details.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/alerts_details.cy.ts @@ -4,8 +4,8 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ - import type { DataTableModel } from '@kbn/securitysolution-data-table'; +import { tag } from '../../../tags'; import { disableExpandableFlyout } from '../../../tasks/api_calls/kibana_advanced_settings'; import { ALERT_FLYOUT, @@ -35,7 +35,7 @@ import { ALERT_SUMMARY_SEVERITY_DONUT_CHART } from '../../../screens/alerts'; import { getLocalstorageEntryAsObject } from '../../../helpers/common'; import { goToRuleDetails } from '../../../tasks/alerts_detection_rules'; -describe('Alert details flyout', () => { +describe('Alert details flyout', { tags: [tag.ESS, tag.SERVERLESS] }, () => { describe('Basic functions', () => { before(() => { cleanKibana(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/building_block_alerts.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/building_block_alerts.cy.ts similarity index 50% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/building_block_alerts.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/building_block_alerts.cy.ts index d0455ad1466bb..d215f88886093 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/building_block_alerts.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/building_block_alerts.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getBuildingBlockRule } from '../../../objects/rule'; import { OVERVIEW_ALERTS_HISTOGRAM_EMPTY } from '../../../screens/overview'; @@ -22,33 +23,37 @@ import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation'; const EXPECTED_NUMBER_OF_ALERTS = 5; -describe('Alerts generated by building block rules', () => { - before(() => { - cy.task('esArchiverLoad', 'auditbeat_big'); - cleanKibana(); - login(); - }); - beforeEach(() => { - createRule(getBuildingBlockRule()); - }); - after(() => { - cy.task('esArchiverUnload', 'auditbeat_big'); - }); - - it('Alerts should be visible on the Rule Detail page and not visible on the Overview page', () => { - visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL); - goToRuleDetails(); - waitForTheRuleToBeExecuted(); - - // Check that generated events are visible on the Details page - waitForAlertsToPopulate(EXPECTED_NUMBER_OF_ALERTS); - - // Make sure rows are highlighted - cy.get(HIGHLIGHTED_ROWS_IN_TABLE).should('exist'); - - navigateFromHeaderTo(OVERVIEW); - - // Check that generated events are hidden on the Overview page - cy.get(OVERVIEW_ALERTS_HISTOGRAM_EMPTY).should('contain.text', 'No results found'); - }); -}); +describe( + 'Alerts generated by building block rules', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + before(() => { + cy.task('esArchiverLoad', 'auditbeat_big'); + cleanKibana(); + login(); + }); + beforeEach(() => { + createRule(getBuildingBlockRule()); + }); + after(() => { + cy.task('esArchiverUnload', 'auditbeat_big'); + }); + + it('Alerts should be visible on the Rule Detail page and not visible on the Overview page', () => { + visitWithoutDateRange(DETECTIONS_RULE_MANAGEMENT_URL); + goToRuleDetails(); + waitForTheRuleToBeExecuted(); + + // Check that generated events are visible on the Details page + waitForAlertsToPopulate(EXPECTED_NUMBER_OF_ALERTS); + + // Make sure rows are highlighted + cy.get(HIGHLIGHTED_ROWS_IN_TABLE).should('exist'); + + navigateFromHeaderTo(OVERVIEW); + + // Check that generated events are hidden on the Overview page + cy.get(OVERVIEW_ALERTS_HISTOGRAM_EMPTY).should('contain.text', 'No results found'); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/changing_alert_status.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/changing_alert_status.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/changing_alert_status.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/changing_alert_status.cy.ts index 3b65d1ac80bdf..d714226e4021d 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/changing_alert_status.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/changing_alert_status.cy.ts @@ -4,8 +4,9 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../../tags'; -import { ROLES } from '../../../../common/test'; import { getNewRule } from '../../../objects/rule'; import { ALERTS_COUNT, @@ -38,7 +39,7 @@ import { login, visit } from '../../../tasks/login'; import { ALERTS_URL } from '../../../urls/navigation'; -describe('Changing alert status', () => { +describe('Changing alert status', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cy.task('esArchiverLoad', 'auditbeat_big'); cleanKibana(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/detection_page_filters.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/detection_page_filters.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/detection_page_filters.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/detection_page_filters.cy.ts index acff1f8acb426..e9ea4d15b6152 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/detection_page_filters.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/detection_page_filters.cy.ts @@ -4,9 +4,12 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ - import { encode } from '@kbn/rison'; -import type { FilterItemObj } from '../../../../public/common/components/filter_group/types'; +import type { FilterItemObj } from '@kbn/security-solution-plugin/public/common/components/filter_group/types'; +import { DEFAULT_DETECTION_PAGE_FILTERS } from '@kbn/security-solution-plugin/common/constants'; +import { formatPageFilterSearchParam } from '@kbn/security-solution-plugin/common/utils/format_page_filter_search_param'; +import { tag } from '../../../tags'; + import { getNewRule } from '../../../objects/rule'; import { CONTROL_FRAMES, @@ -24,8 +27,6 @@ import { createRule } from '../../../tasks/api_calls/rules'; import { cleanKibana } from '../../../tasks/common'; import { login, visit } from '../../../tasks/login'; import { ALERTS_URL } from '../../../urls/navigation'; -import { DEFAULT_DETECTION_PAGE_FILTERS } from '../../../../common/constants'; -import { formatPageFilterSearchParam } from '../../../../common/utils/format_page_filter_search_param'; import { closePageFilterPopover, markAcknowledgedFirstAlert, @@ -107,7 +108,7 @@ const assertFilterControlsWithFilterObject = ( }); }; -describe(`Detections : Page Filters`, () => { +describe(`Detections : Page Filters`, { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); createRule(getNewRule({ rule_id: 'custom_rule_filters' })); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/event_rendered_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/event_rendered_view.cy.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/event_rendered_view.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/event_rendered_view.cy.ts diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.cy.ts similarity index 57% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.cy.ts index 573286b921d56..a413a3097b3f0 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../../../tags'; + import { DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_GRAPH_ANALYZER_BUTTON, DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_GRAPH_ANALYZER_CONTENT, @@ -24,30 +26,34 @@ import { getNewRule } from '../../../../objects/rule'; import { ALERTS_URL } from '../../../../urls/navigation'; import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; -describe('Alert details expandable flyout left panel analyzer graph', () => { - beforeEach(() => { - cleanKibana(); - login(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - expandFirstAlertExpandableFlyout(); - expandDocumentDetailsExpandableFlyoutLeftSection(); - openGraphAnalyzerTab(); - }); +describe( + 'Alert details expandable flyout left panel analyzer graph', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + cleanKibana(); + login(); + createRule(getNewRule()); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + expandFirstAlertExpandableFlyout(); + expandDocumentDetailsExpandableFlyoutLeftSection(); + openGraphAnalyzerTab(); + }); - it('should display analyzer graph and node list under visualize', () => { - cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB) - .should('be.visible') - .and('have.text', 'Visualize'); + it('should display analyzer graph and node list under visualize', () => { + cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB) + .should('be.visible') + .and('have.text', 'Visualize'); - cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_BUTTON_GROUP).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_BUTTON_GROUP).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_GRAPH_ANALYZER_BUTTON) - .should('be.visible') - .and('have.text', 'Analyzer Graph'); + cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_GRAPH_ANALYZER_BUTTON) + .should('be.visible') + .and('have.text', 'Analyzer Graph'); - cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_GRAPH_ANALYZER_CONTENT).should('be.visible'); - cy.get(ANALYZER_NODE).first().should('be.visible'); - }); -}); + cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_GRAPH_ANALYZER_CONTENT).should('be.visible'); + cy.get(ANALYZER_NODE).first().should('be.visible'); + }); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_correlations_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_correlations_tab.cy.ts new file mode 100644 index 0000000000000..b80e9cdd76646 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_correlations_tab.cy.ts @@ -0,0 +1,93 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { tag } from '../../../../tags'; +import { createRule } from '../../../../tasks/api_calls/rules'; +import { getNewRule } from '../../../../objects/rule'; +import { + CORRELATIONS_ANCESTRY_SECTION, + CORRELATIONS_ANCESTRY_TABLE, + CORRELATIONS_CASES_SECTION, + CORRELATIONS_SESSION_SECTION, + CORRELATIONS_SOURCE_SECTION, + DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_CORRELATIONS_BUTTON, +} from '../../../../screens/expandable_flyout/alert_details_left_panel_correlations_tab'; +import { + DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB, + DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_BUTTON_GROUP, +} from '../../../../screens/expandable_flyout/alert_details_left_panel'; +import { + expandCorrelationsSection, + openCorrelationsTab, +} from '../../../../tasks/expandable_flyout/alert_details_left_panel_correlations_tab'; +import { openInsightsTab } from '../../../../tasks/expandable_flyout/alert_details_left_panel'; +import { expandDocumentDetailsExpandableFlyoutLeftSection } from '../../../../tasks/expandable_flyout/alert_details_right_panel'; +import { + createNewCaseFromExpandableFlyout, + expandFirstAlertExpandableFlyout, +} from '../../../../tasks/expandable_flyout/common'; +import { cleanKibana } from '../../../../tasks/common'; +import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +import { login, visit } from '../../../../tasks/login'; +import { ALERTS_URL } from '../../../../urls/navigation'; + +describe( + 'Expandable flyout left panel correlations', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + cleanKibana(); + login(); + createRule(getNewRule()); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + expandFirstAlertExpandableFlyout(); + expandDocumentDetailsExpandableFlyoutLeftSection(); + createNewCaseFromExpandableFlyout(); + openInsightsTab(); + openCorrelationsTab(); + }); + + it('should render correlations details correctly', () => { + cy.log('link the alert to a new case'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB).scrollIntoView(); + + cy.log('should render the Insights header'); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB) + .should('be.visible') + .and('have.text', 'Insights'); + + cy.log('should render the inner tab switch'); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_BUTTON_GROUP).should('be.visible'); + + cy.log('should render correlations tab activator / button'); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_CORRELATIONS_BUTTON) + .should('be.visible') + .and('have.text', 'Correlations'); + + cy.log('should render all the correlations sections'); + + cy.get(CORRELATIONS_ANCESTRY_SECTION) + .should('be.visible') + .and('have.text', '1 alert related by ancestry'); + + cy.get(CORRELATIONS_SOURCE_SECTION) + .should('be.visible') + .and('have.text', '0 alerts related by source event'); + + cy.get(CORRELATIONS_SESSION_SECTION) + .should('be.visible') + .and('have.text', '1 alert related by session'); + + cy.get(CORRELATIONS_CASES_SECTION).should('be.visible').and('have.text', '1 related case'); + + expandCorrelationsSection(CORRELATIONS_ANCESTRY_SECTION); + + cy.get(CORRELATIONS_ANCESTRY_TABLE).should('be.visible'); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_entities_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_entities_tab.cy.ts similarity index 54% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_entities_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_entities_tab.cy.ts index a680f783af336..66433f2c193a3 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_entities_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_entities_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_BUTTON, @@ -25,32 +26,38 @@ import { getNewRule } from '../../../../objects/rule'; import { ALERTS_URL } from '../../../../urls/navigation'; import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; -describe('Alert details expandable flyout left panel entities', () => { - beforeEach(() => { - cleanKibana(); - login(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - expandFirstAlertExpandableFlyout(); - expandDocumentDetailsExpandableFlyoutLeftSection(); - openInsightsTab(); - openEntitiesTab(); - }); +describe( + 'Alert details expandable flyout left panel entities', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + cleanKibana(); + login(); + createRule(getNewRule()); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + expandFirstAlertExpandableFlyout(); + expandDocumentDetailsExpandableFlyoutLeftSection(); + openInsightsTab(); + openEntitiesTab(); + }); - it('should display analyzer graph and node list under Insights Entities', () => { - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB).should('be.visible').and('have.text', 'Insights'); + it('should display analyzer graph and node list under Insights Entities', () => { + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB) + .should('be.visible') + .and('have.text', 'Insights'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_BUTTON_GROUP).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_BUTTON_GROUP).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_BUTTON) - .should('be.visible') - .and('have.text', 'Entities'); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_BUTTON) + .should('be.visible') + .and('have.text', 'Entities'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS).should('be.visible'); - }); -}); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS).should('be.visible'); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_investigation_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_investigation_tab.cy.ts similarity index 61% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_investigation_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_investigation_tab.cy.ts index 833d591344f57..13bae3fe61d67 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_investigation_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_investigation_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB, @@ -19,23 +20,27 @@ import { getNewRule } from '../../../../objects/rule'; import { ALERTS_URL } from '../../../../urls/navigation'; import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; -describe('Alert details expandable flyout left panel investigation', () => { - beforeEach(() => { - cleanKibana(); - login(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - expandFirstAlertExpandableFlyout(); - expandDocumentDetailsExpandableFlyoutLeftSection(); - openInvestigationTab(); - }); +describe( + 'Alert details expandable flyout left panel investigation', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + cleanKibana(); + login(); + createRule(getNewRule()); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + expandFirstAlertExpandableFlyout(); + expandDocumentDetailsExpandableFlyoutLeftSection(); + openInvestigationTab(); + }); - it('should display investigation guide', () => { - cy.get(DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB) - .should('be.visible') - .and('have.text', 'Investigation'); + it('should display investigation guide', () => { + cy.get(DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB) + .should('be.visible') + .and('have.text', 'Investigation'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB_CONTENT).should('be.visible'); - }); -}); + cy.get(DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB_CONTENT).should('be.visible'); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_prevalence_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_prevalence_tab.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_prevalence_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_prevalence_tab.cy.ts index ab06e9fea187e..0db69f8471bbb 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_prevalence_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_prevalence_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { openPrevalenceTab } from '../../../../tasks/expandable_flyout/alert_details_left_panel_prevalence_tab'; import { openInsightsTab } from '../../../../tasks/expandable_flyout/alert_details_left_panel'; @@ -43,7 +44,7 @@ describe('Alert details expandable flyout left panel prevalence', () => { openPrevalenceTab(); }); - it('should display prevalence tab', () => { + it('should display prevalence tab', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB).should('be.visible').and('have.text', 'Insights'); cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_BUTTON_GROUP).should('be.visible'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_response_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_response_tab.cy.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_response_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_response_tab.cy.ts diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_session_view_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_session_view_tab.cy.ts similarity index 51% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_session_view_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_session_view_tab.cy.ts index afc3ac1b0b918..190e45a0e5f4a 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_session_view_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_session_view_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_SESSION_VIEW_BUTTON, @@ -22,32 +23,36 @@ import { getNewRule } from '../../../../objects/rule'; import { ALERTS_URL } from '../../../../urls/navigation'; import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; -describe('Alert details expandable flyout left panel session view', () => { - beforeEach(() => { - cleanKibana(); - login(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - expandFirstAlertExpandableFlyout(); - expandDocumentDetailsExpandableFlyoutLeftSection(); - }); +describe( + 'Alert details expandable flyout left panel session view', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + cleanKibana(); + login(); + createRule(getNewRule()); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + expandFirstAlertExpandableFlyout(); + expandDocumentDetailsExpandableFlyoutLeftSection(); + }); - it('should display session view under visualize', () => { - cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB) - .should('be.visible') - .and('have.text', 'Visualize'); + it('should display session view under visualize', () => { + cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB) + .should('be.visible') + .and('have.text', 'Visualize'); - cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_BUTTON_GROUP).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_BUTTON_GROUP).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_SESSION_VIEW_BUTTON) - .should('be.visible') - .and('have.text', 'Session View'); + cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_SESSION_VIEW_BUTTON) + .should('be.visible') + .and('have.text', 'Session View'); - // TODO ideally we would have a test for the session view component instead - cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_SESSION_VIEW_ERROR) - .should('be.visible') - .and('contain.text', 'Unable to display session view') - .and('contain.text', 'There was an error displaying session view'); - }); -}); + // TODO ideally we would have a test for the session view component instead + cy.get(DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_SESSION_VIEW_ERROR) + .should('be.visible') + .and('contain.text', 'Unable to display session view') + .and('contain.text', 'There was an error displaying session view'); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.cy.ts similarity index 60% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.cy.ts index c5cd168836179..af5504b08ce7b 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { createRule } from '../../../../tasks/api_calls/rules'; import { getNewRule } from '../../../../objects/rule'; @@ -22,28 +23,34 @@ import { } from '../../../../screens/expandable_flyout/alert_details_left_panel'; import { DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_THREAT_INTELLIGENCE_BUTTON } from '../../../../screens/expandable_flyout/alert_details_left_panel_threat_intelligence_tab'; -describe('Expandable flyout left panel threat intelligence', () => { - beforeEach(() => { - cleanKibana(); - login(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - expandFirstAlertExpandableFlyout(); - expandDocumentDetailsExpandableFlyoutLeftSection(); - openInsightsTab(); - openThreatIntelligenceTab(); - }); +describe( + 'Expandable flyout left panel threat intelligence', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + cleanKibana(); + login(); + createRule(getNewRule()); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + expandFirstAlertExpandableFlyout(); + expandDocumentDetailsExpandableFlyoutLeftSection(); + openInsightsTab(); + openThreatIntelligenceTab(); + }); - it('should serialize its state to url', () => { - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB).should('be.visible').and('have.text', 'Insights'); + it('should serialize its state to url', () => { + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB) + .should('be.visible') + .and('have.text', 'Insights'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_BUTTON_GROUP).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_BUTTON_GROUP).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_THREAT_INTELLIGENCE_BUTTON) - .should('be.visible') - .and('have.text', 'Threat Intelligence'); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_THREAT_INTELLIGENCE_BUTTON) + .should('be.visible') + .and('have.text', 'Threat Intelligence'); - cy.get(INDICATOR_MATCH_ENRICHMENT_SECTION).should('be.visible'); - }); -}); + cy.get(INDICATOR_MATCH_ENRICHMENT_SECTION).should('be.visible'); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_preview_panel_rule_preview.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_preview_panel_rule_preview.cy.ts similarity index 53% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_preview_panel_rule_preview.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_preview_panel_rule_preview.cy.ts index cc48e4568d908..d22d1894b5325 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_preview_panel_rule_preview.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_preview_panel_rule_preview.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { expandFirstAlertExpandableFlyout } from '../../../../tasks/expandable_flyout/common'; import { @@ -48,49 +49,55 @@ describe('Alert details expandable flyout rule preview panel', () => { }); describe('rule preview', () => { - it('should display rule preview and its sub sections', () => { - cy.log('rule preview panel'); + it( + 'should display rule preview and its sub sections', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + cy.log('rule preview panel'); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_SECTION).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_HEADER).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_BODY).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_SECTION).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_HEADER).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_BODY).should('be.visible'); - cy.log('title'); + cy.log('title'); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_TITLE).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_TITLE).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_CREATED_BY).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_UPDATED_BY).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_TITLE).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_TITLE).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_CREATED_BY).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_UPDATED_BY).should('be.visible'); - cy.log('about'); + cy.log('about'); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_ABOUT_SECTION_HEADER) - .should('be.visible') - .and('contain.text', 'About'); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_ABOUT_SECTION_CONTENT).should('be.visible'); - toggleRulePreviewAboutSection(); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_ABOUT_SECTION_HEADER) + .should('be.visible') + .and('contain.text', 'About'); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_ABOUT_SECTION_CONTENT).should('be.visible'); + toggleRulePreviewAboutSection(); - cy.log('definition'); + cy.log('definition'); - toggleRulePreviewDefinitionSection(); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_DEFINITION_SECTION_HEADER) - .should('be.visible') - .and('contain.text', 'Definition'); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_DEFINITION_SECTION_CONTENT).should('be.visible'); - toggleRulePreviewDefinitionSection(); + toggleRulePreviewDefinitionSection(); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_DEFINITION_SECTION_HEADER) + .should('be.visible') + .and('contain.text', 'Definition'); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_DEFINITION_SECTION_CONTENT).should( + 'be.visible' + ); + toggleRulePreviewDefinitionSection(); - cy.log('schedule'); + cy.log('schedule'); - toggleRulePreviewScheduleSection(); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_SCHEDULE_SECTION_HEADER) - .should('be.visible') - .and('contain.text', 'Schedule'); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_SCHEDULE_SECTION_CONTENT).should('be.visible'); - toggleRulePreviewScheduleSection(); + toggleRulePreviewScheduleSection(); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_SCHEDULE_SECTION_HEADER) + .should('be.visible') + .and('contain.text', 'Schedule'); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_SCHEDULE_SECTION_CONTENT).should('be.visible'); + toggleRulePreviewScheduleSection(); - cy.log('footer'); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_FOOTER).scrollIntoView(); - cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_FOOTER).should('be.visible'); - }); + cy.log('footer'); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_FOOTER).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_FOOTER).should('be.visible'); + } + ); }); }); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel.cy.ts new file mode 100644 index 0000000000000..612d49f328fef --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel.cy.ts @@ -0,0 +1,239 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { upperFirst } from 'lodash'; +import { tag } from '../../../../tags'; + +import { + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_CREATE_BUTTON, + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_DESCRIPTION_INPUT, + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_NAME_INPUT, + EXISTING_CASE_SELECT_BUTTON, + VIEW_CASE_TOASTER_LINK, +} from '../../../../screens/expandable_flyout/common'; +import { + createNewCaseFromCases, + expandFirstAlertExpandableFlyout, + navigateToAlertsPage, + navigateToCasesPage, +} from '../../../../tasks/expandable_flyout/common'; +import { ALERT_CHECKBOX } from '../../../../screens/alerts'; +import { CASE_DETAILS_PAGE_TITLE } from '../../../../screens/case_details'; +import { + DOCUMENT_DETAILS_FLYOUT_COLLAPSE_DETAILS_BUTTON, + DOCUMENT_DETAILS_FLYOUT_EXPAND_DETAILS_BUTTON, + DOCUMENT_DETAILS_FLYOUT_FOOTER, + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_ENDPOINT_EXCEPTION, + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_MARK_AS_ACKNOWLEDGED, + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION, + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION_FLYOUT_CANCEL_BUTTON, + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION_FLYOUT_HEADER, + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_EXISTING_CASE, + DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE, + DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE, + DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE_ENTRY, + DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE_SECTION, + DOCUMENT_DETAILS_FLYOUT_FOOTER_MARK_AS_CLOSED, + DOCUMENT_DETAILS_FLYOUT_FOOTER_RESPOND, + DOCUMENT_DETAILS_FLYOUT_FOOTER_TAKE_ACTION_BUTTON, + DOCUMENT_DETAILS_FLYOUT_HEADER_CHAT_BUTTON, + DOCUMENT_DETAILS_FLYOUT_HEADER_RISK_SCORE, + DOCUMENT_DETAILS_FLYOUT_HEADER_RISK_SCORE_VALUE, + DOCUMENT_DETAILS_FLYOUT_HEADER_SEVERITY, + DOCUMENT_DETAILS_FLYOUT_HEADER_SEVERITY_VALUE, + DOCUMENT_DETAILS_FLYOUT_HEADER_STATUS, + DOCUMENT_DETAILS_FLYOUT_HEADER_TITLE, + DOCUMENT_DETAILS_FLYOUT_JSON_TAB, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB, + DOCUMENT_DETAILS_FLYOUT_TABLE_TAB, +} from '../../../../screens/expandable_flyout/alert_details_right_panel'; +import { + collapseDocumentDetailsExpandableFlyoutLeftSection, + expandDocumentDetailsExpandableFlyoutLeftSection, + openJsonTab, + openTableTab, + openTakeActionButton, + openTakeActionButtonAndSelectItem, + selectTakeActionItem, +} from '../../../../tasks/expandable_flyout/alert_details_right_panel'; +import { cleanKibana } from '../../../../tasks/common'; +import { login, visit } from '../../../../tasks/login'; +import { createRule } from '../../../../tasks/api_calls/rules'; +import { getNewRule } from '../../../../objects/rule'; +import { ALERTS_URL } from '../../../../urls/navigation'; +import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; + +describe( + 'Alert details expandable flyout right panel', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + const rule = getNewRule(); + + beforeEach(() => { + cleanKibana(); + login(); + createRule(rule); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + }); + + it('should display header and footer basics', () => { + expandFirstAlertExpandableFlyout(); + + cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_TITLE).should('be.visible').and('have.text', rule.name); + + cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_CHAT_BUTTON).should('be.visible'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_STATUS).should('be.visible'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_RISK_SCORE).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_RISK_SCORE_VALUE) + .should('be.visible') + .and('have.text', rule.risk_score); + + cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_SEVERITY).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_HEADER_SEVERITY_VALUE) + .should('be.visible') + .and('have.text', upperFirst(rule.severity)); + + cy.log('Verify all 3 tabs are visible'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB) + .should('be.visible') + .and('have.text', 'Overview'); + cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB).should('be.visible').and('have.text', 'Table'); + cy.get(DOCUMENT_DETAILS_FLYOUT_JSON_TAB).should('be.visible').and('have.text', 'JSON'); + + cy.log('Verify the expand/collapse button is visible and functionality works'); + + expandDocumentDetailsExpandableFlyoutLeftSection(); + cy.get(DOCUMENT_DETAILS_FLYOUT_COLLAPSE_DETAILS_BUTTON) + .should('be.visible') + .and('have.text', 'Collapse details'); + + collapseDocumentDetailsExpandableFlyoutLeftSection(); + cy.get(DOCUMENT_DETAILS_FLYOUT_EXPAND_DETAILS_BUTTON) + .should('be.visible') + .and('have.text', 'Expand details'); + + cy.log('Verify the take action button is visible on all tabs'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_TAKE_ACTION_BUTTON).should('be.visible'); + + openTableTab(); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_TAKE_ACTION_BUTTON).should('be.visible'); + + openJsonTab(); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_TAKE_ACTION_BUTTON).should('be.visible'); + }); + + // TODO this will change when add to existing case is improved + // https://github.com/elastic/security-team/issues/6298 + it('should add to existing case', () => { + navigateToCasesPage(); + createNewCaseFromCases(); + + cy.get(CASE_DETAILS_PAGE_TITLE).should('be.visible').and('have.text', 'case'); + navigateToAlertsPage(); + expandFirstAlertExpandableFlyout(); + openTakeActionButtonAndSelectItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_EXISTING_CASE); + + cy.get(EXISTING_CASE_SELECT_BUTTON).should('be.visible').contains('Select').click(); + cy.get(VIEW_CASE_TOASTER_LINK).should('be.visible').and('contain.text', 'View case'); + }); + + // TODO this will change when add to new case is improved + // https://github.com/elastic/security-team/issues/6298 + it('should add to new case', () => { + expandFirstAlertExpandableFlyout(); + openTakeActionButtonAndSelectItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE); + + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_NAME_INPUT).type('case'); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_DESCRIPTION_INPUT).type( + 'case description' + ); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_TO_NEW_CASE_CREATE_BUTTON).click(); + + cy.get(VIEW_CASE_TOASTER_LINK).should('be.visible').and('contain.text', 'View case'); + }); + + it('should mark as acknowledged', () => { + cy.get(ALERT_CHECKBOX).should('have.length', 2); + + expandFirstAlertExpandableFlyout(); + openTakeActionButtonAndSelectItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_MARK_AS_ACKNOWLEDGED); + + // TODO figure out how to verify the toasts pops up + // cy.get(KIBANA_TOAST) + // .should('be.visible') + // .and('have.text', 'Successfully marked 1 alert as acknowledged.'); + cy.get(ALERT_CHECKBOX).should('have.length', 1); + }); + + it('should mark as closed', () => { + cy.get(ALERT_CHECKBOX).should('have.length', 2); + + expandFirstAlertExpandableFlyout(); + openTakeActionButtonAndSelectItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_MARK_AS_CLOSED); + + // TODO figure out how to verify the toasts pops up + // cy.get(KIBANA_TOAST).should('be.visible').and('have.text', 'Successfully closed 1 alert.'); + cy.get(ALERT_CHECKBOX).should('have.length', 1); + }); + + // these actions are now grouped together as we're not really testing their functionality but just the existence of the option in the dropdown + it('should test other action within take action dropdown', () => { + expandFirstAlertExpandableFlyout(); + + cy.log('should add endpoint exception'); + + // TODO figure out why this option is disabled in Cypress but not running the app locally + // https://github.com/elastic/security-team/issues/6300 + openTakeActionButton(); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_ENDPOINT_EXCEPTION).should('be.disabled'); + + cy.log('should add rule exception'); + + // TODO this isn't fully testing the add rule exception yet + // https://github.com/elastic/security-team/issues/6301 + selectTakeActionItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION_FLYOUT_HEADER).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ADD_RULE_EXCEPTION_FLYOUT_CANCEL_BUTTON) + .should('be.visible') + .click(); + + // cy.log('should isolate host'); + + // TODO figure out why isolate host isn't showing up in the dropdown + // https://github.com/elastic/security-team/issues/6302 + // openTakeActionButton(); + // cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_ISOLATE_HOST).should('be.visible'); + + cy.log('should respond'); + + // TODO this will change when respond is improved + // https://github.com/elastic/security-team/issues/6303 + openTakeActionButton(); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_RESPOND).should('be.disabled'); + + cy.log('should investigate in timeline'); + + selectTakeActionItem(DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE); + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE_SECTION) + .first() + .within(() => + cy.get(DOCUMENT_DETAILS_FLYOUT_FOOTER_INVESTIGATE_IN_TIMELINE_ENTRY).should('be.visible') + ); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_json_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_json_tab.cy.ts similarity index 57% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_json_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_json_tab.cy.ts index 5a1c9703ae83d..482ffd4a16417 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_json_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_json_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { scrollWithinDocumentDetailsExpandableFlyoutRightSection } from '../../../../tasks/expandable_flyout/alert_details_right_panel_json_tab'; import { openJsonTab } from '../../../../tasks/expandable_flyout/alert_details_right_panel'; @@ -16,21 +17,25 @@ import { getNewRule } from '../../../../objects/rule'; import { ALERTS_URL } from '../../../../urls/navigation'; import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; -describe('Alert details expandable flyout right panel json tab', () => { - beforeEach(() => { - cleanKibana(); - login(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - expandFirstAlertExpandableFlyout(); - openJsonTab(); - }); +describe( + 'Alert details expandable flyout right panel json tab', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + cleanKibana(); + login(); + createRule(getNewRule()); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + expandFirstAlertExpandableFlyout(); + openJsonTab(); + }); - it('should display the json component', () => { - // the json component is rendered within a dom element with overflow, so Cypress isn't finding it - // this next line is a hack that vertically scrolls down to ensure Cypress finds it - scrollWithinDocumentDetailsExpandableFlyoutRightSection(0, 7000); - cy.get(DOCUMENT_DETAILS_FLYOUT_JSON_TAB_CONTENT).should('be.visible'); - }); -}); + it('should display the json component', () => { + // the json component is rendered within a dom element with overflow, so Cypress isn't finding it + // this next line is a hack that vertically scrolls down to ensure Cypress finds it + scrollWithinDocumentDetailsExpandableFlyoutRightSection(0, 7000); + cy.get(DOCUMENT_DETAILS_FLYOUT_JSON_TAB_CONTENT).should('be.visible'); + }); + } +); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_overview_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_overview_tab.cy.ts new file mode 100644 index 0000000000000..2cdf95746dcfa --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_overview_tab.cy.ts @@ -0,0 +1,359 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { tag } from '../../../../tags'; + +import { collapseDocumentDetailsExpandableFlyoutLeftSection } from '../../../../tasks/expandable_flyout/alert_details_right_panel'; +import { DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB_CONTENT } from '../../../../screens/expandable_flyout/alert_details_left_panel_investigation_tab'; +import { + createNewCaseFromExpandableFlyout, + expandFirstAlertExpandableFlyout, +} from '../../../../tasks/expandable_flyout/common'; +import { + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ABOUT_SECTION_CONTENT, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ABOUT_SECTION_HEADER, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ANALYZER_PREVIEW_CONTENT, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_DETAILS, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_TITLE, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_OPEN_RULE_PREVIEW_BUTTON, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_DETAILS, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_HEADER_TITLE, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_CONTENT, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_HEADER, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_CONTENT, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_HEADER, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_CONTENT, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_HEADER, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_VALUES, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_CONTENT, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_HEADER, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_VALUES, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_GUIDE_BUTTON, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_SECTION_CONTENT, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_SECTION_HEADER, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_MITRE_ATTACK_DETAILS, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_MITRE_ATTACK_TITLE, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_REASON_DETAILS, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_REASON_TITLE, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_SESSION_PREVIEW_CONTENT, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_FIELD_CELL, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_VALUE_CELL, + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_RESPONSE_SECTION_EMPTY_RESPONSE, +} from '../../../../screens/expandable_flyout/alert_details_right_panel_overview_tab'; +import { + navigateToCorrelationsDetails, + clickInvestigationGuideButton, + navigateToPrevalenceDetails, + toggleOverviewTabAboutSection, + toggleOverviewTabInsightsSection, + toggleOverviewTabInvestigationSection, + toggleOverviewTabResponseSection, + toggleOverviewTabVisualizationsSection, +} from '../../../../tasks/expandable_flyout/alert_details_right_panel_overview_tab'; +import { cleanKibana } from '../../../../tasks/common'; +import { login, visit } from '../../../../tasks/login'; +import { createRule } from '../../../../tasks/api_calls/rules'; +import { getNewRule } from '../../../../objects/rule'; +import { ALERTS_URL } from '../../../../urls/navigation'; +import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +import { + DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT, + DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS, + DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS, +} from '../../../../screens/expandable_flyout/alert_details_left_panel_entities_tab'; + +describe( + 'Alert details expandable flyout right panel overview tab', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + const rule = getNewRule(); + + beforeEach(() => { + cleanKibana(); + login(); + createRule(rule); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + expandFirstAlertExpandableFlyout(); + }); + + describe('about section', () => { + it('should display about section', () => { + cy.log('header and content'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ABOUT_SECTION_HEADER) + .should('be.visible') + .and('have.text', 'About'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ABOUT_SECTION_CONTENT).should('be.visible'); + + cy.log('description'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_TITLE) + .should('be.visible') + .and('contain.text', 'Rule description'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_TITLE) + .should('be.visible') + .within(() => { + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_OPEN_RULE_PREVIEW_BUTTON) + .should('be.visible') + .and('have.text', 'Rule summary'); + }); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_DESCRIPTION_DETAILS) + .should('be.visible') + .and('have.text', rule.description); + + cy.log('reason'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_REASON_TITLE) + .should('be.visible') + .and('have.text', 'Alert reason'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_REASON_DETAILS) + .should('be.visible') + .and('contain.text', rule.name); + + cy.log('mitre attack'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_MITRE_ATTACK_TITLE) + .should('be.visible') + // @ts-ignore + .and('contain.text', rule.threat[0].framework); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_MITRE_ATTACK_DETAILS) + .should('be.visible') + // @ts-ignore + .and('contain.text', rule.threat[0].technique[0].name) + // @ts-ignore + .and('contain.text', rule.threat[0].tactic.name); + }); + }); + + describe('visualizations section', () => { + it('should display analyzer and session previews', () => { + toggleOverviewTabAboutSection(); + toggleOverviewTabVisualizationsSection(); + + cy.log('analyzer graph preview'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ANALYZER_PREVIEW_CONTENT).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ANALYZER_PREVIEW_CONTENT).should('be.visible'); + + cy.log('session view preview'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_SESSION_PREVIEW_CONTENT).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_SESSION_PREVIEW_CONTENT).should('be.visible'); + }); + }); + + describe('investigation section', () => { + it('should display investigation section', () => { + toggleOverviewTabAboutSection(); + + cy.log('header and content'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_SECTION_HEADER) + .should('be.visible') + .and('have.text', 'Investigation'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_SECTION_CONTENT).should( + 'be.visible' + ); + + cy.log('investigation guide button'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INVESTIGATION_GUIDE_BUTTON) + .should('be.visible') + .and('have.text', 'Investigation guide'); + + cy.log('should navigate to left Investigation tab'); + + clickInvestigationGuideButton(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB_CONTENT).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB_CONTENT).should('be.visible'); + + cy.log('highlighted fields'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_HEADER_TITLE) + .should('be.visible') + .and('have.text', 'Highlighted fields'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_DETAILS).should( + 'be.visible' + ); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_FIELD_CELL) + .should('be.visible') + .and('contain.text', 'host.name'); + const hostNameCell = + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_VALUE_CELL('siem-kibana'); + cy.get(hostNameCell).should('be.visible').and('have.text', 'siem-kibana'); + + cy.get(hostNameCell).click(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_HOST_DETAILS).should('be.visible'); + + collapseDocumentDetailsExpandableFlyoutLeftSection(); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_FIELD_CELL) + .should('be.visible') + .and('contain.text', 'user.name'); + const userNameCell = + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_HIGHLIGHTED_FIELDS_TABLE_VALUE_CELL('test'); + cy.get(userNameCell).should('be.visible').and('have.text', 'test'); + + cy.get(userNameCell).click(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_USER_DETAILS).should('be.visible'); + }); + }); + + describe('insights section', () => { + it('should display entities section', () => { + toggleOverviewTabAboutSection(); + toggleOverviewTabInvestigationSection(); + toggleOverviewTabInsightsSection(); + + cy.log('header and content'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_HEADER).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_HEADER) + .should('be.visible') + .and('have.text', 'Entities'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_CONTENT).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_ENTITIES_HEADER).should('be.visible'); + + cy.log('should navigate to left panel Entities tab'); + + // TODO: skipping this section as Cypress can't seem to find the element (though it's in the DOM) + // navigateToEntitiesDetails(); + // cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT).should('be.visible'); + }); + + it('should display threat intelligence section', () => { + toggleOverviewTabAboutSection(); + toggleOverviewTabInvestigationSection(); + toggleOverviewTabInsightsSection(); + + cy.log('header and content'); + + cy.get( + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_HEADER + ).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_HEADER) + .should('be.visible') + .and('have.text', 'Threat Intelligence'); + cy.get( + DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_CONTENT + ).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_CONTENT) + .should('be.visible') + .within(() => { + // threat match detected + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_VALUES) + .eq(0) + .should('be.visible') + .and('have.text', '0 threat match detected'); // TODO work on getting proper IoC data to get proper data here + + // field with threat enrichement + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_THREAT_INTELLIGENCE_VALUES) + .eq(1) + .should('be.visible') + .and('have.text', '0 field enriched with threat intelligence'); // TODO work on getting proper IoC data to get proper data here + }); + + cy.log('should navigate to left panel Threat Intelligence tab'); + + // TODO: skipping this section as Cypress can't seem to find the element (though it's in the DOM) + // navigateToThreatIntelligenceDetails(); + // cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT).should('be.visible'); // TODO update when we can navigate to Threat Intelligence sub tab directly + }); + + // TODO: skipping this due to flakiness + it.skip('should display correlations section', () => { + cy.log('link the alert to a new case'); + + createNewCaseFromExpandableFlyout(); + + toggleOverviewTabAboutSection(); + toggleOverviewTabInvestigationSection(); + toggleOverviewTabInsightsSection(); + + cy.log('header and content'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_HEADER).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_HEADER) + .should('be.visible') + .and('have.text', 'Correlations'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_CONTENT).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_CONTENT) + .should('be.visible') + .within(() => { + // TODO the order in which these appear is not deterministic currently, hence this can cause flakiness + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES) + .eq(0) + .should('be.visible') + .and('have.text', '1 alert related by ancestry'); + // cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES) + // .eq(2) + // .should('be.visible') + // .and('have.text', '1 alert related by the same source event'); // TODO work on getting proper data to display some same source data here + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES) + .eq(2) + .should('be.visible') + .and('have.text', '1 alert related by session'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_CORRELATIONS_VALUES) + .eq(1) + .should('be.visible') + .and('have.text', '1 related case'); + }); + + cy.log('should navigate to left panel Correlations tab'); + + navigateToCorrelationsDetails(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT).should('be.visible'); // TODO update when we can navigate to Correlations sub tab directly + }); + + // TODO work on getting proper data to make the prevalence section work here + // we need to generate enough data to have at least one field with prevalence + it.skip('should display prevalence section', () => { + toggleOverviewTabAboutSection(); + toggleOverviewTabInvestigationSection(); + toggleOverviewTabInsightsSection(); + + cy.log('header and content'); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_HEADER).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_HEADER) + .should('be.visible') + .and('have.text', 'Prevalence'); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_CONTENT).scrollIntoView(); + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_CONTENT) + .should('be.visible') + .within(() => { + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_INSIGHTS_PREVALENCE_VALUES) + .should('be.visible') + .and('have.text', 'is uncommon'); + }); + + cy.log('should navigate to left panel Prevalence tab'); + + navigateToPrevalenceDetails(); + cy.get(DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_CONTENT).should('be.visible'); // TODO update when we can navigate to Prevalence sub tab directly + }); + }); + + describe('response section', () => { + it('should display empty message', () => { + toggleOverviewTabAboutSection(); + toggleOverviewTabInvestigationSection(); + toggleOverviewTabResponseSection(); + + cy.get(DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_RESPONSE_SECTION_EMPTY_RESPONSE).should( + 'be.visible' + ); + }); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_table_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_table_tab.cy.ts similarity index 50% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_table_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_table_tab.cy.ts index ff89e16a02b03..ec6768c5ddc3c 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_table_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_right_panel_table_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { openTableTab } from '../../../../tasks/expandable_flyout/alert_details_right_panel'; import { expandFirstAlertExpandableFlyout } from '../../../../tasks/expandable_flyout/common'; @@ -31,48 +32,52 @@ import { getNewRule } from '../../../../objects/rule'; import { ALERTS_URL } from '../../../../urls/navigation'; import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; -describe('Alert details expandable flyout right panel table tab', () => { - beforeEach(() => { - cleanKibana(); - login(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - expandFirstAlertExpandableFlyout(); - openTableTab(); - }); +describe( + 'Alert details expandable flyout right panel table tab', + { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, + () => { + beforeEach(() => { + cleanKibana(); + login(); + createRule(getNewRule()); + visit(ALERTS_URL); + waitForAlertsToPopulate(); + expandFirstAlertExpandableFlyout(); + openTableTab(); + }); - it('should display and filter the table', () => { - cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB_TIMESTAMP_ROW).should('be.visible'); - cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB_ID_ROW).should('be.visible'); - filterTableTabTable('timestamp'); - cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB_TIMESTAMP_ROW).should('be.visible'); - clearFilterTableTabTable(); - }); + it('should display and filter the table', () => { + cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB_TIMESTAMP_ROW).should('be.visible'); + cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB_ID_ROW).should('be.visible'); + filterTableTabTable('timestamp'); + cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB_TIMESTAMP_ROW).should('be.visible'); + clearFilterTableTabTable(); + }); - it('should test cell actions', () => { - cy.log('cell actions filter in'); + it('should test cell actions', () => { + cy.log('cell actions filter in'); - filterInTableTabTable(); - cy.get(FILTER_BADGE).first().should('contain.text', '@timestamp:'); - removeKqlFilter(); + filterInTableTabTable(); + cy.get(FILTER_BADGE).first().should('contain.text', '@timestamp:'); + removeKqlFilter(); - cy.log('cell actions filter out'); + cy.log('cell actions filter out'); - filterOutTableTabTable(); - cy.get(FILTER_BADGE).first().should('contain.text', 'NOT @timestamp:'); - removeKqlFilter(); + filterOutTableTabTable(); + cy.get(FILTER_BADGE).first().should('contain.text', 'NOT @timestamp:'); + removeKqlFilter(); - cy.log('cell actions add to timeline'); + cy.log('cell actions add to timeline'); - addToTimelineTableTabTable(); - openActiveTimeline(); - cy.get(PROVIDER_BADGE).first().should('contain.text', '@timestamp'); - closeTimeline(); + addToTimelineTableTabTable(); + openActiveTimeline(); + cy.get(PROVIDER_BADGE).first().should('contain.text', '@timestamp'); + closeTimeline(); - cy.log('cell actions copy to clipboard'); + cy.log('cell actions copy to clipboard'); - copyToClipboardTableTabTable(); - cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB_ROW_CELL_COPY_TO_CLIPBOARD).should('be.visible'); - }); -}); + copyToClipboardTableTabTable(); + cy.get(DOCUMENT_DETAILS_FLYOUT_TABLE_TAB_ROW_CELL_COPY_TO_CLIPBOARD).should('be.visible'); + }); + } +); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_url_sync.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_url_sync.cy.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_url_sync.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_url_sync.cy.ts index e926e93e63301..e61c41234d22b 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_url_sync.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout/alert_details_url_sync.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../../tags'; import { getNewRule } from '../../../../objects/rule'; import { cleanKibana } from '../../../../tasks/common'; @@ -15,7 +16,7 @@ import { closeFlyout } from '../../../../tasks/expandable_flyout/alert_details_r import { expandFirstAlertExpandableFlyout } from '../../../../tasks/expandable_flyout/common'; import { DOCUMENT_DETAILS_FLYOUT_HEADER_TITLE } from '../../../../screens/expandable_flyout/alert_details_right_panel'; -describe('Expandable flyout state sync', () => { +describe('Expandable flyout state sync', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { const rule = getNewRule(); beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/investigate_in_timeline.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/investigate_in_timeline.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/investigate_in_timeline.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/investigate_in_timeline.cy.ts index 5ef959899178a..f4e2530be4e88 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/investigate_in_timeline.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/investigate_in_timeline.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { disableExpandableFlyout } from '../../../tasks/api_calls/kibana_advanced_settings'; import { getNewRule } from '../../../objects/rule'; @@ -27,7 +28,7 @@ import { } from '../../../screens/alerts_details'; import { verifyInsightCount } from '../../../tasks/alerts_details'; -describe('Investigate in timeline', () => { +describe('Investigate in timeline', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); createRule(getNewRule()); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/navigation.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/navigation.cy.ts similarity index 94% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/navigation.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/navigation.cy.ts index 201e31271c170..120ae0130e369 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/navigation.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/navigation.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { expandFirstAlert, waitForAlerts } from '../../../tasks/alerts'; import { createRule } from '../../../tasks/api_calls/rules'; @@ -23,7 +24,7 @@ import { OPEN_ALERT_DETAILS_PAGE } from '../../../screens/alerts_details'; // This is skipped as the details page POC will be removed in favor of the expanded alert flyout // https://github.com/elastic/kibana/issues/154477 -describe.skip('Alert Details Page Navigation', () => { +describe.skip('Alert Details Page Navigation', { tags: [tag.ESS, tag.SERVERLESS] }, () => { describe('navigating to alert details page', () => { const rule = getNewRule(); before(() => { diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/resolver.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/resolver.cy.ts similarity index 92% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/resolver.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/resolver.cy.ts index 8da8aa484607d..fdb910a12aca0 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/alerts/resolver.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/resolver.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { ANALYZER_NODE } from '../../../screens/alerts'; @@ -17,7 +18,7 @@ import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; import { login, visit } from '../../../tasks/login'; import { ALERTS_URL } from '../../../urls/navigation'; -describe('Analyze events view for alerts', () => { +describe('Analyze events view for alerts', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); createRule(getNewRule()); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/dasbhoards/detection_response.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/dasbhoards/detection_response.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/dasbhoards/detection_response.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/dasbhoards/detection_response.cy.ts index 5b9d2e6ae133d..d399648842977 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/dasbhoards/detection_response.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/dasbhoards/detection_response.cy.ts @@ -4,6 +4,8 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; + import { getNewRule } from '../../../objects/rule'; import { ALERTS_COUNT } from '../../../screens/alerts'; import { @@ -41,7 +43,7 @@ import { ALERTS_URL, DASHBOARDS_URL, DETECTIONS_RESPONSE_URL } from '../../../ur const TEST_USER_NAME = 'test'; const SIEM_KIBANA_HOST_NAME = 'siem-kibana'; -describe('Detection response view', () => { +describe('Detection response view', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); createRule(getNewRule()); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timeline_templates/creation.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timeline_templates/creation.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timeline_templates/creation.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timeline_templates/creation.cy.ts index c2cbf8ecf5d2d..1a07cac483c03 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timeline_templates/creation.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timeline_templates/creation.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getTimeline } from '../../../objects/timeline'; @@ -48,7 +49,7 @@ import { openTimeline, waitForTimelinesPanelToBeLoaded } from '../../../tasks/ti import { TIMELINES_URL } from '../../../urls/navigation'; -describe('Timeline Templates', () => { +describe('Timeline Templates', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timeline_templates/export.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timeline_templates/export.cy.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timeline_templates/export.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timeline_templates/export.cy.ts index bdfbf897d01a1..52efe04b5957b 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timeline_templates/export.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timeline_templates/export.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { exportTimeline } from '../../../tasks/timelines'; import { login, visitWithoutDateRange } from '../../../tasks/login'; @@ -17,7 +18,7 @@ import { createTimelineTemplate } from '../../../tasks/api_calls/timelines'; import { cleanKibana } from '../../../tasks/common'; import { searchByTitle } from '../../../tasks/table_pagination'; -describe('Export timelines', () => { +describe('Export timelines', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/bulk_add_to_timeline.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/bulk_add_to_timeline.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/bulk_add_to_timeline.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/bulk_add_to_timeline.cy.ts index c609e885bd31c..6bf2ee2fca787 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/bulk_add_to_timeline.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/bulk_add_to_timeline.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getNewRule } from '../../../objects/rule'; import { SELECTED_ALERTS } from '../../../screens/alerts'; @@ -22,7 +23,7 @@ import { openEvents, openSessions } from '../../../tasks/hosts/main'; import { login, visit } from '../../../tasks/login'; import { ALERTS_URL, HOSTS_URL } from '../../../urls/navigation'; -describe('Bulk Investigate in Timeline', () => { +describe('Bulk Investigate in Timeline', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverLoad', 'bulk_process'); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/correlation_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/correlation_tab.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/correlation_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/correlation_tab.cy.ts index f1c53df7ba361..31ed9a15f8394 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/correlation_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/correlation_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { openTimeline } from '../../../tasks/timelines'; import { getTimeline } from '../../../objects/timeline'; @@ -22,7 +23,7 @@ import { TIMELINES_URL } from '../../../urls/navigation'; import { EQL_QUERY_VALIDATION_ERROR } from '../../../screens/create_new_rule'; import { deleteTimelines } from '../../../tasks/common'; -describe('Correlation tab', () => { +describe('Correlation tab', { tags: [tag.ESS, tag.SERVERLESS] }, () => { const eql = 'any where process.name == "zsh"'; beforeEach(() => { diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/creation.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/creation.cy.ts similarity index 58% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/creation.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/creation.cy.ts index fb207b1dcca31..d6cece5eb0bc0 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/creation.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/creation.cy.ts @@ -4,9 +4,10 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../../tags'; import { getTimeline } from '../../../objects/timeline'; -import { ROLES } from '../../../../common/test'; import { LOCKED_ICON, @@ -42,7 +43,7 @@ import { import { OVERVIEW_URL, TIMELINE_TEMPLATES_URL } from '../../../urls/navigation'; -describe.skip('Create a timeline from a template', () => { +describe.skip('Create a timeline from a template', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { deleteTimelines(); login(); @@ -54,16 +55,20 @@ describe.skip('Create a timeline from a template', () => { visitWithoutDateRange(TIMELINE_TEMPLATES_URL); }); - it('Should have the same query and open the timeline modal', () => { - selectCustomTemplates(); - expandEventAction(); - clickingOnCreateTimelineFormTemplateBtn(); - - cy.get(TIMELINE_FLYOUT_WRAPPER).should('have.css', 'visibility', 'visible'); - cy.get(TIMELINE_DESCRIPTION).should('have.text', getTimeline().description); - cy.get(TIMELINE_QUERY).should('have.text', getTimeline().query); - closeTimeline(); - }); + it( + 'Should have the same query and open the timeline modal', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + selectCustomTemplates(); + expandEventAction(); + clickingOnCreateTimelineFormTemplateBtn(); + + cy.get(TIMELINE_FLYOUT_WRAPPER).should('have.css', 'visibility', 'visible'); + cy.get(TIMELINE_DESCRIPTION).should('have.text', getTimeline().description); + cy.get(TIMELINE_QUERY).should('have.text', getTimeline().query); + closeTimeline(); + } + ); }); describe('Timelines', (): void => { @@ -72,7 +77,7 @@ describe('Timelines', (): void => { }); describe('Toggle create timeline from plus icon', () => { - context('Privileges: CRUD', () => { + context('Privileges: CRUD', { tags: tag.ESS }, () => { beforeEach(() => { login(); visit(OVERVIEW_URL); @@ -85,7 +90,7 @@ describe('Timelines', (): void => { }); }); - context('Privileges: READ', () => { + context('Privileges: READ', { tags: tag.ESS }, () => { beforeEach(() => { login(ROLES.reader); visit(OVERVIEW_URL, undefined, ROLES.reader); @@ -105,37 +110,41 @@ describe('Timelines', (): void => { }); }); - describe.skip('Creates a timeline by clicking untitled timeline from bottom bar', () => { - beforeEach(() => { - login(); - visit(OVERVIEW_URL); - openTimelineUsingToggle(); - addNameAndDescriptionToTimeline(getTimeline()); - populateTimeline(); - goToQueryTab(); - }); + describe.skip( + 'Creates a timeline by clicking untitled timeline from bottom bar', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + beforeEach(() => { + login(); + visit(OVERVIEW_URL); + openTimelineUsingToggle(); + addNameAndDescriptionToTimeline(getTimeline()); + populateTimeline(); + goToQueryTab(); + }); - it('can be added filter', () => { - addFilter(getTimeline().filter); - cy.get(TIMELINE_FILTER(getTimeline().filter)).should('exist'); - }); + it('can be added filter', () => { + addFilter(getTimeline().filter); + cy.get(TIMELINE_FILTER(getTimeline().filter)).should('exist'); + }); - it('pins an event', () => { - pinFirstEvent(); - cy.get(PIN_EVENT) - .should('have.attr', 'aria-label') - .and('match', /Unpin the event in row 2/); - }); + it('pins an event', () => { + pinFirstEvent(); + cy.get(PIN_EVENT) + .should('have.attr', 'aria-label') + .and('match', /Unpin the event in row 2/); + }); - it('has a lock icon', () => { - cy.get(LOCKED_ICON).should('be.visible'); - }); + it('has a lock icon', () => { + cy.get(LOCKED_ICON).should('be.visible'); + }); - it('can be added notes', () => { - addNotesToTimeline(getTimeline().notes); - cy.get(TIMELINE_TAB_CONTENT_GRAPHS_NOTES) - .find(NOTES_TEXT) - .should('have.text', getTimeline().notes); - }); - }); + it('can be added notes', () => { + addNotesToTimeline(getTimeline().notes); + cy.get(TIMELINE_TAB_CONTENT_GRAPHS_NOTES) + .find(NOTES_TEXT) + .should('have.text', getTimeline().notes); + }); + } + ); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/data_providers.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/data_providers.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/data_providers.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/data_providers.cy.ts index f1bee2d9190ef..aaac56b7c2413 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/data_providers.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/data_providers.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { TIMELINE_DROPPED_DATA_PROVIDERS, @@ -29,7 +30,7 @@ import { getTimeline } from '../../../objects/timeline'; import { HOSTS_URL } from '../../../urls/navigation'; import { cleanKibana, scrollToBottom } from '../../../tasks/common'; -describe('timeline data providers', () => { +describe('timeline data providers', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/export.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/export.cy.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/export.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/export.cy.ts index aa36ef1a4f458..4c58a03904855 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/export.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/export.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { exportTimeline, @@ -20,7 +21,7 @@ import { createTimeline } from '../../../tasks/api_calls/timelines'; import { expectedExportedTimeline, getTimeline } from '../../../objects/timeline'; import { cleanKibana } from '../../../tasks/common'; -describe('Export timelines', () => { +describe('Export timelines', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/fields_browser.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/fields_browser.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/fields_browser.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/fields_browser.cy.ts index d13c21325dfdf..b0287d26c11ef 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/fields_browser.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/fields_browser.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { FIELDS_BROWSER_CATEGORIES_COUNT, @@ -49,7 +50,7 @@ const defaultHeaders = [ { id: 'user.name' }, ]; -describe('Fields Browser', () => { +describe('Fields Browser', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/flyout_button.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/flyout_button.cy.ts similarity index 86% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/flyout_button.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/flyout_button.cy.ts index e4cfa5e4b80f2..3cfe4260f3d9d 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/flyout_button.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/flyout_button.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { TIMELINE_BOTTOM_BAR_TOGGLE_BUTTON } from '../../../screens/security_main'; import { CREATE_NEW_TIMELINE, TIMELINE_FLYOUT_HEADER } from '../../../screens/timeline'; @@ -23,7 +24,7 @@ import { import { HOSTS_URL } from '../../../urls/navigation'; -describe('timeline flyout button', () => { +describe('timeline flyout button', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); }); @@ -47,12 +48,16 @@ describe('timeline flyout button', () => { cy.get(TIMELINE_BOTTOM_BAR_TOGGLE_BUTTON).should('have.focus'); }); - it('re-focuses the toggle button when timeline is closed by clicking the [X] close button', () => { - openTimelineUsingToggle(); - closeTimelineUsingCloseButton(); + it( + 're-focuses the toggle button when timeline is closed by clicking the [X] close button', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + openTimelineUsingToggle(); + closeTimelineUsingCloseButton(); - cy.get(TIMELINE_BOTTOM_BAR_TOGGLE_BUTTON).should('have.focus'); - }); + cy.get(TIMELINE_BOTTOM_BAR_TOGGLE_BUTTON).should('have.focus'); + } + ); it('re-focuses the toggle button when timeline is closed by pressing the Esc key', () => { openTimelineUsingToggle(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/full_screen.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/full_screen.cy.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/full_screen.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/full_screen.cy.ts index 56778ddc6bd6e..e28d12969ff99 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/full_screen.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/full_screen.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { TIMELINE_HEADER, TIMELINE_TABS } from '../../../screens/timeline'; import { cleanKibana } from '../../../tasks/common'; @@ -18,7 +19,7 @@ import { populateTimeline } from '../../../tasks/timeline'; import { HOSTS_URL } from '../../../urls/navigation'; -describe('Toggle full screen', () => { +describe('Toggle full screen', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/inspect.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/inspect.cy.ts similarity index 89% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/inspect.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/inspect.cy.ts index a637508c90e98..9c50d534a5d10 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/inspect.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/inspect.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { INSPECT_MODAL } from '../../../screens/inspect'; @@ -13,7 +14,7 @@ import { executeTimelineKQL, openTimelineInspectButton } from '../../../tasks/ti import { HOSTS_URL } from '../../../urls/navigation'; -describe('Inspect', () => { +describe('Inspect', { tags: [tag.ESS, tag.SERVERLESS] }, () => { context('Timeline', () => { it('inspects the timeline', () => { const hostExistsQuery = 'host.name: *'; diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/local_storage.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/local_storage.cy.ts similarity index 88% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/local_storage.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/local_storage.cy.ts index 239dbea8fce96..ad1b79de8c63f 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/local_storage.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/local_storage.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { reload } from '../../../tasks/common'; import { login, visit } from '../../../tasks/login'; @@ -13,7 +14,7 @@ import { DATAGRID_HEADERS, DATAGRID_HEADER } from '../../../screens/timeline'; import { waitsForEventsToBeLoaded } from '../../../tasks/hosts/events'; import { removeColumn } from '../../../tasks/timeline'; -describe('persistent timeline', () => { +describe('persistent timeline', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { login(); visit(HOSTS_URL); @@ -27,7 +28,7 @@ describe('persistent timeline', () => { ); }); - it('persist the deletion of a column', function () { + it('persist the deletion of a column', { tags: tag.BROKEN_IN_SERVERLESS }, function () { /* For testing purposes we are going to use the message column */ const COLUMN = 'message'; diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/notes_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/notes_tab.cy.ts similarity index 97% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/notes_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/notes_tab.cy.ts index cbde4900d2e79..2c891ea89534a 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/notes_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/notes_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getTimelineNonValidQuery } from '../../../objects/timeline'; @@ -35,7 +36,7 @@ import { TIMELINES_URL } from '../../../urls/navigation'; const text = 'system_indices_superuser'; const link = 'https://www.elastic.co/'; -describe.skip('Timeline notes tab', () => { +describe.skip('Timeline notes tab', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); login(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/open_timeline.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/open_timeline.cy.ts similarity index 67% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/open_timeline.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/open_timeline.cy.ts index da6215d26796c..bc09f0318cc83 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/open_timeline.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/open_timeline.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getTimeline } from '../../../objects/timeline'; @@ -35,33 +36,33 @@ import { import { TIMELINES_URL } from '../../../urls/navigation'; -describe('Open timeline', () => { - before(() => { - cleanKibana(); - login(); - visitWithoutDateRange(TIMELINES_URL); - - createTimeline(getTimeline()) - .then((response) => response.body.data.persistTimeline.timeline.savedObjectId) - .then((timelineId: string) => { - refreshTimelinesUntilTimeLinePresent(timelineId) - // This cy.wait is here because we cannot do a pipe on a timeline as that will introduce multiple URL - // request responses and indeterminism since on clicks to activates URL's. - .then(() => cy.wrap(timelineId).as('timelineId')) - // eslint-disable-next-line cypress/no-unnecessary-waiting - .then(() => cy.wait(1000)) - .then(() => - addNoteToTimeline(getTimeline().notes, timelineId).should((response) => - expect(response.status).to.equal(200) +describe('Open timeline', { tags: [tag.BROKEN_IN_SERVERLESS, tag.ESS] }, () => { + describe('Open timeline modal', () => { + before(function () { + cleanKibana(); + login(); + visitWithoutDateRange(TIMELINES_URL); + + createTimeline(getTimeline()) + .then((response) => response.body.data.persistTimeline.timeline.savedObjectId) + .then((timelineId: string) => { + refreshTimelinesUntilTimeLinePresent(timelineId) + // This cy.wait is here because we cannot do a pipe on a timeline as that will introduce multiple URL + // request responses and indeterminism since on clicks to activates URL's. + .then(() => cy.wrap(timelineId).as('timelineId')) + // eslint-disable-next-line cypress/no-unnecessary-waiting + .then(() => cy.wait(1000)) + .then(() => + addNoteToTimeline(getTimeline().notes, timelineId).should((response) => + expect(response.status).to.equal(200) + ) ) - ) - .then(() => openTimelineById(timelineId)) - .then(() => pinFirstEvent()) - .then(() => markAsFavorite()); - }); - }); + .then(() => openTimelineById(timelineId)) + .then(() => pinFirstEvent()) + .then(() => markAsFavorite()); + }); + }); - describe('Open timeline modal', () => { beforeEach(function () { login(); visitWithoutDateRange(TIMELINES_URL); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/overview.cy.tsx b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/overview.cy.tsx similarity index 96% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/overview.cy.tsx rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/overview.cy.tsx index 7c2fd9ba06020..ff01b83df97b1 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/overview.cy.tsx +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/overview.cy.tsx @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { TIMELINES_OVERVIEW_TABLE, @@ -24,7 +25,7 @@ import { createTimeline, favoriteTimeline } from '../../../tasks/api_calls/timel import { TIMELINES_URL } from '../../../urls/navigation'; -describe('timeline overview search', () => { +describe('timeline overview search', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/pagination.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/pagination.cy.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/pagination.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/pagination.cy.ts index be6827f0365db..df9a9d32fa08b 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/pagination.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/pagination.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { TIMELINE_EVENT, @@ -23,7 +24,7 @@ import { populateTimeline } from '../../../tasks/timeline'; import { HOSTS_URL } from '../../../urls/navigation'; const defaultPageSize = 25; -describe('Pagination', () => { +describe('Pagination', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.task('esArchiverLoad', 'timeline'); @@ -48,7 +49,7 @@ describe('Pagination', () => { cy.get(TIMELINE_EVENTS_COUNT_PER_PAGE).should('contain.text', defaultPageSize); }); - it('should be able to go to next / previous page', () => { + it('should be able to go to next / previous page', { tags: tag.BROKEN_IN_SERVERLESS }, () => { cy.get(`${TIMELINE_FLYOUT} ${TIMELINE_EVENTS_COUNT_NEXT_PAGE}`).first().click(); cy.get(`${TIMELINE_FLYOUT} ${TIMELINE_EVENTS_COUNT_PREV_PAGE}`).first().click(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/query_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/query_tab.cy.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/query_tab.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/query_tab.cy.ts index bd8d80ceed851..e4661d5e7ef20 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/query_tab.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/query_tab.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { getTimeline } from '../../../objects/timeline'; @@ -30,7 +31,7 @@ import { import { TIMELINES_URL } from '../../../urls/navigation'; -describe.skip('Timeline query tab', () => { +describe.skip('Timeline query tab', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); login(); @@ -81,7 +82,7 @@ describe.skip('Timeline query tab', () => { .and('match', /Unpin the event in row 2/); }); - it('should have an unlock icon', () => { + it('should have an unlock icon', { tags: tag.BROKEN_IN_SERVERLESS }, () => { cy.get(UNLOCKED_ICON).should('be.visible'); }); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/row_renderers.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/row_renderers.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/row_renderers.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/row_renderers.cy.ts index 9ae5993f8b80c..bbb54d9c0d7e4 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/row_renderers.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/row_renderers.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { elementsOverlap } from '../../../helpers/rules'; import { @@ -15,12 +16,7 @@ import { TIMELINE_ROW_RENDERERS_SURICATA_SIGNATURE_TOOLTIP, TIMELINE_ROW_RENDERERS_SURICATA_LINK_TOOLTIP, } from '../../../screens/timeline'; -import { - cleanKibana, - deleteTimelines, - waitForPageToBeLoaded, - waitForWelcomePanelToBeLoaded, -} from '../../../tasks/common'; +import { cleanKibana, deleteTimelines, waitForWelcomePanelToBeLoaded } from '../../../tasks/common'; import { waitForAllHostsToBeLoaded } from '../../../tasks/hosts/all_hosts'; import { login, visit } from '../../../tasks/login'; @@ -29,7 +25,7 @@ import { populateTimeline } from '../../../tasks/timeline'; import { HOSTS_URL } from '../../../urls/navigation'; -describe('Row renderers', () => { +describe('Row renderers', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); }); @@ -40,7 +36,6 @@ describe('Row renderers', () => { visit(HOSTS_URL, { onLoad: () => { waitForWelcomePanelToBeLoaded(); - waitForPageToBeLoaded(); waitForAllHostsToBeLoaded(); }, }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/search_or_filter.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/search_or_filter.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/search_or_filter.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/search_or_filter.cy.ts index eb72baca67af1..903a9c28acaeb 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/search_or_filter.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/search_or_filter.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { ADD_FILTER, @@ -26,7 +27,7 @@ import { waitForTimelinesPanelToBeLoaded } from '../../../tasks/timelines'; import { HOSTS_URL, TIMELINES_URL } from '../../../urls/navigation'; -describe('Timeline search and filters', () => { +describe('Timeline search and filters', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { before(() => { cleanKibana(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/toggle_column.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/toggle_column.cy.ts similarity index 92% rename from x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/toggle_column.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/toggle_column.cy.ts index 7ee011ca931f4..76604b3fc12f2 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/toggle_column.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/toggle_column.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../../tags'; import { ID_HEADER_FIELD, TIMESTAMP_HEADER_FIELD } from '../../../screens/timeline'; import { cleanKibana } from '../../../tasks/common'; @@ -19,7 +20,7 @@ import { import { HOSTS_URL } from '../../../urls/navigation'; -describe('toggle column in timeline', () => { +describe('toggle column in timeline', { tags: [tag.ESS, tag.SERVERLESS] }, () => { before(() => { cleanKibana(); cy.intercept('POST', '/api/timeline/_export?file_name=timelines_export.ndjson').as('export'); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/unsaved_timeline.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/unsaved_timeline.cy.ts new file mode 100644 index 0000000000000..5614d649531b7 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/e2e/investigations/timelines/unsaved_timeline.cy.ts @@ -0,0 +1,200 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { tag } from '../../../tags'; + +import type { Timeline } from '../../../objects/timeline'; +import { + MODAL_CONFIRMATION_BTN, + MODAL_CONFIRMATION_CANCEL_BTN, +} from '../../../screens/alerts_detection_rules'; +import { + ALERTS_PAGE, + APP_LEAVE_CONFIRM_MODAL, + CASES_PAGE, + MANAGE_PAGE, + OBSERVABILITY_ALERTS_PAGE, +} from '../../../screens/kibana_navigation'; +import { TIMELINE_SAVE_MODAL } from '../../../screens/timeline'; +import { cleanKibana } from '../../../tasks/common'; +import { + navigateFromKibanaCollapsibleTo, + openKibanaNavigation, +} from '../../../tasks/kibana_navigation'; +import { login, visit } from '../../../tasks/login'; +import { closeTimelineUsingToggle } from '../../../tasks/security_main'; +import { + addNameAndDescriptionToTimeline, + createNewTimeline, + populateTimeline, + waitForTimelineChanges, +} from '../../../tasks/timeline'; +import { HOSTS_URL, MANAGE_URL } from '../../../urls/navigation'; + +describe('Save Timeline Prompts', { tags: [tag.ESS, tag.SERVERLESS] }, () => { + before(() => { + cleanKibana(); + login(); + /* + * When timeline changes are pending, chrome would popup with + * a confirm dialog stating that `you can lose unsaved changed. + * Below changes will disable that. + * + * */ + cy.window().then((win) => { + win.onbeforeunload = null; + }); + }); + + beforeEach(() => { + login(); + visit(HOSTS_URL); + createNewTimeline(); + }); + + it( + 'unchanged & unsaved timeline should NOT prompt when user navigates away', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + openKibanaNavigation(); + navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); + cy.url().should('not.contain', HOSTS_URL); + } + ); + + it( + 'Changed & unsaved timeline should prompt when user navigates away from security solution', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + populateTimeline(); + waitForTimelineChanges(); + closeTimelineUsingToggle(); + openKibanaNavigation(); + navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); + cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); + cy.get(MODAL_CONFIRMATION_BTN).click(); + } + ); + + it( + 'Changed & unsaved timeline should NOT prompt when user navigates away within security solution where timelines are enabled', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + populateTimeline(); + + waitForTimelineChanges(); + closeTimelineUsingToggle(); + // navigate to any other page in security solution + openKibanaNavigation(); + cy.get(CASES_PAGE).click(); + cy.get(APP_LEAVE_CONFIRM_MODAL).should('not.exist'); + } + ); + + it( + 'Changed & unsaved timeline should prompt when user navigates away within security solution where timelines are disbaled eg. admin screen', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + populateTimeline(); + waitForTimelineChanges(); + openKibanaNavigation(); + cy.get(MANAGE_PAGE).click(); + cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); + cy.get(MODAL_CONFIRMATION_BTN).click(); + } + ); + + it( + 'Changed & saved timeline should NOT prompt when user navigates away out of security solution', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + populateTimeline(); + waitForTimelineChanges(); + closeTimelineUsingToggle(); + openKibanaNavigation(); + navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); + cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); + cy.get(MODAL_CONFIRMATION_CANCEL_BTN).click(); + addNameAndDescriptionToTimeline( + { + title: 'Some Timeline', + description: 'Some Timeline', + } as Timeline, + true + ); + openKibanaNavigation(); + navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); + cy.url().should('not.contain', HOSTS_URL); + } + ); + + it( + 'Changed & saved timeline should NOT prompt when user navigates within security solution where timelines are disabled', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + populateTimeline(); + waitForTimelineChanges(); + closeTimelineUsingToggle(); + openKibanaNavigation(); + cy.get(MANAGE_PAGE).click(); + cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); + cy.get(MODAL_CONFIRMATION_CANCEL_BTN).click(); + addNameAndDescriptionToTimeline( + { + title: 'Some Timeline', + description: 'Some Timeline', + } as Timeline, + true + ); + openKibanaNavigation(); + cy.get(MANAGE_PAGE).click(); + cy.url().should('not.contain', HOSTS_URL); + } + ); + + it( + 'When user navigates to the page where timeline is present, Time save modal should not exists.', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + populateTimeline(); + waitForTimelineChanges(); + closeTimelineUsingToggle(); + openKibanaNavigation(); + cy.get(MANAGE_PAGE).click(); + cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); + cy.get(MODAL_CONFIRMATION_BTN).click(); + + // Navigate back to HOSTS_URL and ensure that + // timeline save modal is NOT present + + openKibanaNavigation(); + cy.get(ALERTS_PAGE).click(); + cy.get(TIMELINE_SAVE_MODAL).should('not.exist'); + } + ); + + it( + 'Changed and unsaved timeline should NOT prompt when user navigates from the page where timeline is disabled', + { tags: tag.BROKEN_IN_SERVERLESS }, + () => { + populateTimeline(); + waitForTimelineChanges(); + closeTimelineUsingToggle(); + openKibanaNavigation(); + cy.get(MANAGE_PAGE).click(); + cy.get(APP_LEAVE_CONFIRM_MODAL).should('be.visible'); + cy.get(MODAL_CONFIRMATION_BTN).click(); + // now we have come from MANAGE_PAGE where timeline is disabled + // to outside app where timeline is not present. + // There should be NO confirmation model in that case. + openKibanaNavigation(); + navigateFromKibanaCollapsibleTo(OBSERVABILITY_ALERTS_PAGE); + // should not be manage page i.e. successfull navigation + cy.get(TIMELINE_SAVE_MODAL).should('not.exist'); + cy.url().should('not.contain', MANAGE_URL); + } + ); +}); diff --git a/x-pack/plugins/security_solution/cypress/e2e/ml/ml_conditional_links.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/ml/ml_conditional_links.cy.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/e2e/ml/ml_conditional_links.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/ml/ml_conditional_links.cy.ts index 40caf2ae4ed8e..11ae0be3373e1 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/ml/ml_conditional_links.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/ml/ml_conditional_links.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../tags'; import { KQL_INPUT } from '../../screens/security_header'; @@ -25,7 +26,7 @@ import { mlNetworkSingleIpNullKqlQuery, } from '../../urls/ml_conditional_links'; -describe('ml conditional links', () => { +describe('ml conditional links', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { beforeEach(() => { login(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/overview/cti_link_panel.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/overview/cti_link_panel.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/overview/cti_link_panel.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/overview/cti_link_panel.cy.ts index 1bc501260b850..f8044b318c76e 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/overview/cti_link_panel.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/overview/cti_link_panel.cy.ts @@ -4,6 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { tag } from '../../tags'; import { OVERVIEW_CTI_ENABLE_MODULE_BUTTON, @@ -15,7 +16,7 @@ import { import { login, visit } from '../../tasks/login'; import { OVERVIEW_URL } from '../../urls/navigation'; -describe('CTI Link Panel', () => { +describe('CTI Link Panel', { tags: [tag.ESS, tag.SERVERLESS] }, () => { beforeEach(() => { login(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/urls/compatibility.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/urls/compatibility.cy.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/e2e/urls/compatibility.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/urls/compatibility.cy.ts index 9e522baf4a4b1..990e960011b32 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/urls/compatibility.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/urls/compatibility.cy.ts @@ -4,8 +4,9 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { ROLES } from '@kbn/security-solution-plugin/common/test'; +import { tag } from '../../tags'; -import { ROLES } from '../../../common/test'; import { login, visit, visitWithoutDateRange } from '../../tasks/login'; import { @@ -34,13 +35,10 @@ const ABSOLUTE_DATE = { const RULE_ID = '5a4a0460-d822-11eb-8962-bfd4aff0a9b3'; -describe('URL compatibility', () => { - before(() => { +describe('URL compatibility', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { + beforeEach(() => { login(ROLES.platform_engineer); visit(SECURITY_DETECTIONS_URL); - }); - - beforeEach(() => { login(); }); diff --git a/x-pack/plugins/security_solution/cypress/e2e/urls/not_found.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/urls/not_found.cy.ts similarity index 95% rename from x-pack/plugins/security_solution/cypress/e2e/urls/not_found.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/urls/not_found.cy.ts index 0f1b064403025..0a5ca24b510df 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/urls/not_found.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/urls/not_found.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { login, visit } from '../../tasks/login'; import { @@ -24,7 +26,7 @@ import { NOT_FOUND } from '../../screens/common/page'; const mockRuleId = '5a4a0460-d822-11eb-8962-bfd4aff0a9b3'; -describe('Display not found page', () => { +describe('Display not found page', { tags: [tag.ESS, tag.SERVERLESS] }, () => { beforeEach(() => { login(); visit(TIMELINES_URL); diff --git a/x-pack/plugins/security_solution/cypress/e2e/urls/state.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/urls/state.cy.ts similarity index 99% rename from x-pack/plugins/security_solution/cypress/e2e/urls/state.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/urls/state.cy.ts index fcb9c6298c03d..b696f4943ad22 100644 --- a/x-pack/plugins/security_solution/cypress/e2e/urls/state.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/urls/state.cy.ts @@ -5,6 +5,8 @@ * 2.0. */ +import { tag } from '../../tags'; + import { DATE_PICKER_APPLY_BUTTON_TIMELINE, DATE_PICKER_END_DATE_POPOVER_BUTTON, @@ -70,7 +72,7 @@ const ABSOLUTE_DATE = { firefoxStartTimeTyped: '2019-08-01T14:33:29', }; -describe('url state', () => { +describe('url state', { tags: [tag.ESS, tag.BROKEN_IN_SERVERLESS] }, () => { beforeEach(() => { login(); }); diff --git a/x-pack/plugins/security_solution/cypress/fixtures/7_15_timeline.ndjson b/x-pack/test/security_solution_cypress/cypress/fixtures/7_15_timeline.ndjson similarity index 100% rename from x-pack/plugins/security_solution/cypress/fixtures/7_15_timeline.ndjson rename to x-pack/test/security_solution_cypress/cypress/fixtures/7_15_timeline.ndjson diff --git a/x-pack/plugins/security_solution/cypress/fixtures/7_16_case.ndjson b/x-pack/test/security_solution_cypress/cypress/fixtures/7_16_case.ndjson similarity index 100% rename from x-pack/plugins/security_solution/cypress/fixtures/7_16_case.ndjson rename to x-pack/test/security_solution_cypress/cypress/fixtures/7_16_case.ndjson diff --git a/x-pack/plugins/security_solution/cypress/fixtures/7_16_exception_list.ndjson b/x-pack/test/security_solution_cypress/cypress/fixtures/7_16_exception_list.ndjson similarity index 100% rename from x-pack/plugins/security_solution/cypress/fixtures/7_16_exception_list.ndjson rename to x-pack/test/security_solution_cypress/cypress/fixtures/7_16_exception_list.ndjson diff --git a/x-pack/plugins/security_solution/cypress/fixtures/7_16_rules.ndjson b/x-pack/test/security_solution_cypress/cypress/fixtures/7_16_rules.ndjson similarity index 100% rename from x-pack/plugins/security_solution/cypress/fixtures/7_16_rules.ndjson rename to x-pack/test/security_solution_cypress/cypress/fixtures/7_16_rules.ndjson diff --git a/x-pack/plugins/security_solution/cypress/fixtures/cidr_list.txt b/x-pack/test/security_solution_cypress/cypress/fixtures/cidr_list.txt similarity index 100% rename from x-pack/plugins/security_solution/cypress/fixtures/cidr_list.txt rename to x-pack/test/security_solution_cypress/cypress/fixtures/cidr_list.txt diff --git a/x-pack/plugins/security_solution/cypress/fixtures/ip_list.txt b/x-pack/test/security_solution_cypress/cypress/fixtures/ip_list.txt similarity index 100% rename from x-pack/plugins/security_solution/cypress/fixtures/ip_list.txt rename to x-pack/test/security_solution_cypress/cypress/fixtures/ip_list.txt diff --git a/x-pack/plugins/security_solution/cypress/fixtures/related_integrations.ndjson b/x-pack/test/security_solution_cypress/cypress/fixtures/related_integrations.ndjson similarity index 100% rename from x-pack/plugins/security_solution/cypress/fixtures/related_integrations.ndjson rename to x-pack/test/security_solution_cypress/cypress/fixtures/related_integrations.ndjson diff --git a/x-pack/plugins/security_solution/cypress/fixtures/value_list.txt b/x-pack/test/security_solution_cypress/cypress/fixtures/value_list.txt similarity index 100% rename from x-pack/plugins/security_solution/cypress/fixtures/value_list.txt rename to x-pack/test/security_solution_cypress/cypress/fixtures/value_list.txt diff --git a/x-pack/plugins/security_solution/cypress/helpers/common.ts b/x-pack/test/security_solution_cypress/cypress/helpers/common.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/helpers/common.ts rename to x-pack/test/security_solution_cypress/cypress/helpers/common.ts diff --git a/x-pack/plugins/security_solution/cypress/helpers/rules.ts b/x-pack/test/security_solution_cypress/cypress/helpers/rules.ts similarity index 90% rename from x-pack/plugins/security_solution/cypress/helpers/rules.ts rename to x-pack/test/security_solution_cypress/cypress/helpers/rules.ts index 86b5255d100c9..40b3b8e5798b4 100644 --- a/x-pack/plugins/security_solution/cypress/helpers/rules.ts +++ b/x-pack/test/security_solution_cypress/cypress/helpers/rules.ts @@ -6,10 +6,10 @@ */ import dateMath from '@kbn/datemath'; import moment from 'moment'; -import type { PrebuiltRuleAsset } from '../../server/lib/detection_engine/prebuilt_rules'; -import { getPrebuiltRuleMock } from '../../server/lib/detection_engine/prebuilt_rules/mocks'; +import type { PrebuiltRuleAsset } from '@kbn/security-solution-plugin/server/lib/detection_engine/prebuilt_rules'; +import { getPrebuiltRuleMock } from '@kbn/security-solution-plugin/server/lib/detection_engine/prebuilt_rules/mocks'; -import type { ThreatArray } from '../../common/api/detection_engine'; +import type { ThreatArray } from '@kbn/security-solution-plugin/common/api/detection_engine'; export const formatMitreAttackDescription = (mitre: ThreatArray) => { return mitre diff --git a/x-pack/plugins/security_solution/cypress/objects/case.ts b/x-pack/test/security_solution_cypress/cypress/objects/case.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/objects/case.ts rename to x-pack/test/security_solution_cypress/cypress/objects/case.ts diff --git a/x-pack/plugins/security_solution/cypress/objects/connector.ts b/x-pack/test/security_solution_cypress/cypress/objects/connector.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/objects/connector.ts rename to x-pack/test/security_solution_cypress/cypress/objects/connector.ts diff --git a/x-pack/plugins/security_solution/cypress/objects/exception.ts b/x-pack/test/security_solution_cypress/cypress/objects/exception.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/objects/exception.ts rename to x-pack/test/security_solution_cypress/cypress/objects/exception.ts diff --git a/x-pack/plugins/security_solution/cypress/objects/filter.ts b/x-pack/test/security_solution_cypress/cypress/objects/filter.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/objects/filter.ts rename to x-pack/test/security_solution_cypress/cypress/objects/filter.ts diff --git a/x-pack/plugins/security_solution/cypress/objects/rule.ts b/x-pack/test/security_solution_cypress/cypress/objects/rule.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/objects/rule.ts rename to x-pack/test/security_solution_cypress/cypress/objects/rule.ts index 8488d94e9d329..e2920f4975478 100644 --- a/x-pack/plugins/security_solution/cypress/objects/rule.ts +++ b/x-pack/test/security_solution_cypress/cypress/objects/rule.ts @@ -6,7 +6,7 @@ */ import type { SeverityMappingItem, Threat } from '@kbn/securitysolution-io-ts-alerting-types'; -import { getMockThreatData } from '../../public/detections/mitre/mitre_tactics_techniques'; +import { getMockThreatData } from '@kbn/security-solution-plugin/public/detections/mitre/mitre_tactics_techniques'; import type { EqlRuleCreateProps, MachineLearningRuleCreateProps, @@ -16,7 +16,7 @@ import type { SavedQueryRuleCreateProps, ThreatMatchRuleCreateProps, ThresholdRuleCreateProps, -} from '../../common/api/detection_engine'; +} from '@kbn/security-solution-plugin/common/api/detection_engine'; import type { CreateRulePropsRewrites } from './types'; const ccsRemoteName: string = Cypress.env('CCS_REMOTE_NAME'); diff --git a/x-pack/plugins/security_solution/cypress/objects/timeline.ts b/x-pack/test/security_solution_cypress/cypress/objects/timeline.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/objects/timeline.ts rename to x-pack/test/security_solution_cypress/cypress/objects/timeline.ts index 885734f93f734..5ad542ac49530 100644 --- a/x-pack/plugins/security_solution/cypress/objects/timeline.ts +++ b/x-pack/test/security_solution_cypress/cypress/objects/timeline.ts @@ -5,7 +5,7 @@ * 2.0. */ -import type { TimelineResponse } from '../../common/api/timeline'; +import type { TimelineResponse } from '@kbn/security-solution-plugin/common/api/timeline'; export interface Timeline { title: string; diff --git a/x-pack/plugins/security_solution/cypress/objects/types.ts b/x-pack/test/security_solution_cypress/cypress/objects/types.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/objects/types.ts rename to x-pack/test/security_solution_cypress/cypress/objects/types.ts diff --git a/x-pack/plugins/security_solution/cypress/reporter_config.json b/x-pack/test/security_solution_cypress/cypress/reporter_config.json similarity index 100% rename from x-pack/plugins/security_solution/cypress/reporter_config.json rename to x-pack/test/security_solution_cypress/cypress/reporter_config.json diff --git a/x-pack/plugins/security_solution/cypress/screens/alerts.ts b/x-pack/test/security_solution_cypress/cypress/screens/alerts.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/alerts.ts rename to x-pack/test/security_solution_cypress/cypress/screens/alerts.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/alerts_details.ts b/x-pack/test/security_solution_cypress/cypress/screens/alerts_details.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/alerts_details.ts rename to x-pack/test/security_solution_cypress/cypress/screens/alerts_details.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/alerts_detection_rules.ts b/x-pack/test/security_solution_cypress/cypress/screens/alerts_detection_rules.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/alerts_detection_rules.ts rename to x-pack/test/security_solution_cypress/cypress/screens/alerts_detection_rules.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/all_cases.ts b/x-pack/test/security_solution_cypress/cypress/screens/all_cases.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/all_cases.ts rename to x-pack/test/security_solution_cypress/cypress/screens/all_cases.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/case_details.ts b/x-pack/test/security_solution_cypress/cypress/screens/case_details.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/case_details.ts rename to x-pack/test/security_solution_cypress/cypress/screens/case_details.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/common.ts b/x-pack/test/security_solution_cypress/cypress/screens/common.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/common.ts rename to x-pack/test/security_solution_cypress/cypress/screens/common.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/common/callouts.ts b/x-pack/test/security_solution_cypress/cypress/screens/common/callouts.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/common/callouts.ts rename to x-pack/test/security_solution_cypress/cypress/screens/common/callouts.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/common/controls.ts b/x-pack/test/security_solution_cypress/cypress/screens/common/controls.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/common/controls.ts rename to x-pack/test/security_solution_cypress/cypress/screens/common/controls.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/common/data_grid.ts b/x-pack/test/security_solution_cypress/cypress/screens/common/data_grid.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/common/data_grid.ts rename to x-pack/test/security_solution_cypress/cypress/screens/common/data_grid.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/common/filter_group.ts b/x-pack/test/security_solution_cypress/cypress/screens/common/filter_group.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/common/filter_group.ts rename to x-pack/test/security_solution_cypress/cypress/screens/common/filter_group.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/common/page.ts b/x-pack/test/security_solution_cypress/cypress/screens/common/page.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/common/page.ts rename to x-pack/test/security_solution_cypress/cypress/screens/common/page.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/common/rule_actions.ts b/x-pack/test/security_solution_cypress/cypress/screens/common/rule_actions.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/common/rule_actions.ts rename to x-pack/test/security_solution_cypress/cypress/screens/common/rule_actions.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/configure_cases.ts b/x-pack/test/security_solution_cypress/cypress/screens/configure_cases.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/configure_cases.ts rename to x-pack/test/security_solution_cypress/cypress/screens/configure_cases.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/create_new_case.ts b/x-pack/test/security_solution_cypress/cypress/screens/create_new_case.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/create_new_case.ts rename to x-pack/test/security_solution_cypress/cypress/screens/create_new_case.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts b/x-pack/test/security_solution_cypress/cypress/screens/create_new_rule.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/create_new_rule.ts rename to x-pack/test/security_solution_cypress/cypress/screens/create_new_rule.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/create_runtime_field.ts b/x-pack/test/security_solution_cypress/cypress/screens/create_runtime_field.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/create_runtime_field.ts rename to x-pack/test/security_solution_cypress/cypress/screens/create_runtime_field.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/dashboards/common.ts b/x-pack/test/security_solution_cypress/cypress/screens/dashboards/common.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/dashboards/common.ts rename to x-pack/test/security_solution_cypress/cypress/screens/dashboards/common.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/date_picker.ts b/x-pack/test/security_solution_cypress/cypress/screens/date_picker.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/date_picker.ts rename to x-pack/test/security_solution_cypress/cypress/screens/date_picker.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/detection_response.ts b/x-pack/test/security_solution_cypress/cypress/screens/detection_response.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/detection_response.ts rename to x-pack/test/security_solution_cypress/cypress/screens/detection_response.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/edit_connector.ts b/x-pack/test/security_solution_cypress/cypress/screens/edit_connector.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/edit_connector.ts rename to x-pack/test/security_solution_cypress/cypress/screens/edit_connector.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/edit_rule.ts b/x-pack/test/security_solution_cypress/cypress/screens/edit_rule.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/edit_rule.ts rename to x-pack/test/security_solution_cypress/cypress/screens/edit_rule.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/entity_analytics.ts b/x-pack/test/security_solution_cypress/cypress/screens/entity_analytics.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/entity_analytics.ts rename to x-pack/test/security_solution_cypress/cypress/screens/entity_analytics.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/entity_analytics_management.ts b/x-pack/test/security_solution_cypress/cypress/screens/entity_analytics_management.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/entity_analytics_management.ts rename to x-pack/test/security_solution_cypress/cypress/screens/entity_analytics_management.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/exceptions.ts b/x-pack/test/security_solution_cypress/cypress/screens/exceptions.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/exceptions.ts rename to x-pack/test/security_solution_cypress/cypress/screens/exceptions.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel.ts similarity index 81% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel.ts index f62d5848270c2..4a00d44cee981 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel.ts @@ -8,9 +8,12 @@ import { INSIGHTS_TAB_BUTTON_GROUP_TEST_ID, VISUALIZE_TAB_BUTTON_GROUP_TEST_ID, -} from '../../../public/flyout/left/tabs/test_ids'; +} from '@kbn/security-solution-plugin/public/flyout/left/tabs/test_ids'; +import { + INSIGHTS_TAB_TEST_ID, + VISUALIZE_TAB_TEST_ID, +} from '@kbn/security-solution-plugin/public/flyout/left/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; -import { INSIGHTS_TAB_TEST_ID, VISUALIZE_TAB_TEST_ID } from '../../../public/flyout/left/test_ids'; export const DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB = getDataTestSubjectSelector(INSIGHTS_TAB_TEST_ID); diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts similarity index 71% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts index cb35dff64b9be..c9b16f3ada2cd 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts @@ -5,9 +5,9 @@ * 2.0. */ +import { VISUALIZE_TAB_GRAPH_ANALYZER_BUTTON_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/tabs/test_ids'; +import { ANALYZER_GRAPH_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/components/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; -import { VISUALIZE_TAB_GRAPH_ANALYZER_BUTTON_TEST_ID } from '../../../public/flyout/left/tabs/test_ids'; -import { ANALYZER_GRAPH_TEST_ID } from '../../../public/flyout/left/components/test_ids'; export const DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_GRAPH_ANALYZER_BUTTON = getDataTestSubjectSelector(VISUALIZE_TAB_GRAPH_ANALYZER_BUTTON_TEST_ID); diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_correlations_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_correlations_tab.ts similarity index 86% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_correlations_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_correlations_tab.ts index c05c0da82c820..2e01659976b1e 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_correlations_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_correlations_tab.ts @@ -5,15 +5,15 @@ * 2.0. */ -import { getDataTestSubjectSelector } from '../../helpers/common'; -import { INSIGHTS_TAB_CORRELATIONS_BUTTON_TEST_ID } from '../../../public/flyout/left/tabs/test_ids'; +import { INSIGHTS_TAB_CORRELATIONS_BUTTON_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/tabs/test_ids'; import { CORRELATIONS_DETAILS_BY_ANCESTRY_SECTION_TEST_ID, CORRELATIONS_DETAILS_BY_ANCESTRY_TABLE_TEST_ID, CORRELATIONS_DETAILS_BY_SESSION_SECTION_TEST_ID, CORRELATIONS_DETAILS_BY_SOURCE_SECTION_TEST_ID, CORRELATIONS_DETAILS_CASES_SECTION_TEST_ID, -} from '../../../public/flyout/left/components/test_ids'; +} from '@kbn/security-solution-plugin/public/flyout/left/components/test_ids'; +import { getDataTestSubjectSelector } from '../../helpers/common'; export const DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_CORRELATIONS_BUTTON = getDataTestSubjectSelector( INSIGHTS_TAB_CORRELATIONS_BUTTON_TEST_ID diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_entities_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_entities_tab.ts similarity index 82% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_entities_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_entities_tab.ts index 32620b112bb83..20e8940aa5488 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_entities_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_entities_tab.ts @@ -9,9 +9,9 @@ import { ENTITIES_DETAILS_TEST_ID, HOST_DETAILS_TEST_ID, USER_DETAILS_TEST_ID, -} from '../../../public/flyout/left/components/test_ids'; +} from '@kbn/security-solution-plugin/public/flyout/left/components/test_ids'; +import { INSIGHTS_TAB_ENTITIES_BUTTON_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/tabs/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; -import { INSIGHTS_TAB_ENTITIES_BUTTON_TEST_ID } from '../../../public/flyout/left/tabs/test_ids'; export const DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_ENTITIES_BUTTON = getDataTestSubjectSelector( INSIGHTS_TAB_ENTITIES_BUTTON_TEST_ID diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_investigation_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_investigation_tab.ts similarity index 72% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_investigation_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_investigation_tab.ts index 084d2dc63b013..e981af1cdb895 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_investigation_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_investigation_tab.ts @@ -5,9 +5,9 @@ * 2.0. */ +import { INVESTIGATION_TAB_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/test_ids'; +import { INVESTIGATION_TAB_CONTENT_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/tabs/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; -import { INVESTIGATION_TAB_TEST_ID } from '../../../public/flyout/left/test_ids'; -import { INVESTIGATION_TAB_CONTENT_TEST_ID } from '../../../public/flyout/left/tabs/test_ids'; export const DOCUMENT_DETAILS_FLYOUT_INVESTIGATION_TAB = getDataTestSubjectSelector(INVESTIGATION_TAB_TEST_ID); diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_prevalence_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_prevalence_tab.ts similarity index 90% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_prevalence_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_prevalence_tab.ts index b1e19dd9588a2..0b343d4375233 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_prevalence_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_prevalence_tab.ts @@ -13,9 +13,9 @@ import { PREVALENCE_DETAILS_TABLE_TEST_ID, PREVALENCE_DETAILS_TABLE_TYPE_CELL_TEST_ID, PREVALENCE_DETAILS_TABLE_USER_PREVALENCE_CELL_TEST_ID, -} from '../../../public/flyout/left/components/test_ids'; +} from '@kbn/security-solution-plugin/public/flyout/left/components/test_ids'; +import { INSIGHTS_TAB_PREVALENCE_BUTTON_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/tabs/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; -import { INSIGHTS_TAB_PREVALENCE_BUTTON_TEST_ID } from '../../../public/flyout/left/tabs/test_ids'; export const DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_PREVALENCE_BUTTON = getDataTestSubjectSelector( INSIGHTS_TAB_PREVALENCE_BUTTON_TEST_ID diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_response_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_response_tab.ts similarity index 71% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_response_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_response_tab.ts index 0620d34230b8c..15d0aeede669b 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_response_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_response_tab.ts @@ -5,8 +5,8 @@ * 2.0. */ -import { RESPONSE_TAB_TEST_ID } from '../../../public/flyout/left/test_ids'; -import { RESPONSE_EMPTY_TEST_ID } from '../../../public/flyout/left/components/test_ids'; +import { RESPONSE_TAB_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/test_ids'; +import { RESPONSE_EMPTY_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/components/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; export const DOCUMENT_DETAILS_FLYOUT_RESPONSE_TAB = diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_session_view_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_session_view_tab.ts similarity index 71% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_session_view_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_session_view_tab.ts index b382e85e47174..d7e4f86d79c82 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_session_view_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_session_view_tab.ts @@ -5,9 +5,9 @@ * 2.0. */ +import { VISUALIZE_TAB_SESSION_VIEW_BUTTON_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/tabs/test_ids'; +import { SESSION_VIEW_ERROR_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/components/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; -import { VISUALIZE_TAB_SESSION_VIEW_BUTTON_TEST_ID } from '../../../public/flyout/left/tabs/test_ids'; -import { SESSION_VIEW_ERROR_TEST_ID } from '../../../public/flyout/left/components/test_ids'; export const DOCUMENT_DETAILS_FLYOUT_VISUALIZE_TAB_SESSION_VIEW_BUTTON = getDataTestSubjectSelector( VISUALIZE_TAB_SESSION_VIEW_BUTTON_TEST_ID diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts similarity index 89% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts index ab7275d50ea57..a60a7d7a40105 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts @@ -5,8 +5,8 @@ * 2.0. */ +import { INSIGHTS_TAB_THREAT_INTELLIGENCE_BUTTON_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/left/tabs/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; -import { INSIGHTS_TAB_THREAT_INTELLIGENCE_BUTTON_TEST_ID } from '../../../public/flyout/left/tabs/test_ids'; export const DOCUMENT_DETAILS_FLYOUT_INSIGHTS_TAB_THREAT_INTELLIGENCE_BUTTON = getDataTestSubjectSelector(INSIGHTS_TAB_THREAT_INTELLIGENCE_BUTTON_TEST_ID); diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_preview_panel_rule_preview.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_preview_panel_rule_preview.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_preview_panel_rule_preview.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_preview_panel_rule_preview.ts index 5ccb58e1ef969..23a3985a36d9a 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_preview_panel_rule_preview.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_preview_panel_rule_preview.ts @@ -17,7 +17,7 @@ import { RULE_PREVIEW_SCHEDULE_HEADER_TEST_ID, RULE_PREVIEW_SCHEDULE_CONTENT_TEST_ID, RULE_PREVIEW_FOOTER_TEST_ID, -} from '../../../public/flyout/preview/components/test_ids'; +} from '@kbn/security-solution-plugin/public/flyout/preview/components/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; export const DOCUMENT_DETAILS_FLYOUT_RULE_PREVIEW_SECTION = diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel.ts index 60ebbe7fdd071..7ea0712aae290 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel.ts @@ -5,13 +5,12 @@ * 2.0. */ -import { getDataTestSubjectSelector } from '../../helpers/common'; import { FLYOUT_BODY_TEST_ID, JSON_TAB_TEST_ID, OVERVIEW_TAB_TEST_ID, TABLE_TAB_TEST_ID, -} from '../../../public/flyout/right/test_ids'; +} from '@kbn/security-solution-plugin/public/flyout/right/test_ids'; import { COLLAPSE_DETAILS_BUTTON_TEST_ID, EXPAND_DETAILS_BUTTON_TEST_ID, @@ -22,7 +21,8 @@ import { FLYOUT_HEADER_SEVERITY_VALUE_TEST_ID, FLYOUT_HEADER_STATUS_BUTTON_TEST_ID, FLYOUT_HEADER_TITLE_TEST_ID, -} from '../../../public/flyout/right/components/test_ids'; +} from '@kbn/security-solution-plugin/public/flyout/right/components/test_ids'; +import { getDataTestSubjectSelector } from '../../helpers/common'; export const DOCUMENT_DETAILS_FLYOUT_BODY = getDataTestSubjectSelector(FLYOUT_BODY_TEST_ID); diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel_json_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel_json_tab.ts similarity index 80% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel_json_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel_json_tab.ts index e7de5c5114250..f3cd1a262b281 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel_json_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel_json_tab.ts @@ -5,8 +5,8 @@ * 2.0. */ +import { JSON_TAB_CONTENT_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/right/tabs/test_ids'; import { getDataTestSubjectSelector } from '../../helpers/common'; -import { JSON_TAB_CONTENT_TEST_ID } from '../../../public/flyout/right/tabs/test_ids'; export const DOCUMENT_DETAILS_FLYOUT_JSON_TAB_CONTENT = getDataTestSubjectSelector(JSON_TAB_CONTENT_TEST_ID); diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel_overview_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel_overview_tab.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel_overview_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel_overview_tab.ts index 6bc2f1400e0ae..dc7e3fdd1020e 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel_overview_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel_overview_tab.ts @@ -5,7 +5,6 @@ * 2.0. */ -import { getDataTestSubjectSelector } from '../../helpers/common'; import { ABOUT_SECTION_CONTENT_TEST_ID, ABOUT_SECTION_HEADER_TEST_ID, @@ -39,7 +38,8 @@ import { ANALYZER_PREVIEW_CONTENT_TEST_ID, SESSION_PREVIEW_CONTENT_TEST_ID, INSIGHTS_PREVALENCE_VALUE_TEST_ID, -} from '../../../public/flyout/right/components/test_ids'; +} from '@kbn/security-solution-plugin/public/flyout/right/components/test_ids'; +import { getDataTestSubjectSelector } from '../../helpers/common'; /* About section */ diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel_table_tab.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel_table_tab.ts similarity index 94% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel_table_tab.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel_table_tab.ts index 0d23b23692f42..b8cd86f639e2a 100644 --- a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/alert_details_right_panel_table_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/alert_details_right_panel_table_tab.ts @@ -5,8 +5,8 @@ * 2.0. */ +import { TABLE_TAB_CONTENT_TEST_ID } from '@kbn/security-solution-plugin/public/flyout/right/tabs/test_ids'; import { getClassSelector, getDataTestSubjectSelector } from '../../helpers/common'; -import { TABLE_TAB_CONTENT_TEST_ID } from '../../../public/flyout/right/tabs/test_ids'; export const DOCUMENT_DETAILS_FLYOUT_TABLE_TAB_CONTENT = getDataTestSubjectSelector(TABLE_TAB_CONTENT_TEST_ID); diff --git a/x-pack/plugins/security_solution/cypress/screens/expandable_flyout/common.ts b/x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/common.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/expandable_flyout/common.ts rename to x-pack/test/security_solution_cypress/cypress/screens/expandable_flyout/common.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/fields_browser.ts b/x-pack/test/security_solution_cypress/cypress/screens/fields_browser.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/fields_browser.ts rename to x-pack/test/security_solution_cypress/cypress/screens/fields_browser.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/guided_onboarding.ts b/x-pack/test/security_solution_cypress/cypress/screens/guided_onboarding.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/guided_onboarding.ts rename to x-pack/test/security_solution_cypress/cypress/screens/guided_onboarding.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/hosts/all_hosts.ts b/x-pack/test/security_solution_cypress/cypress/screens/hosts/all_hosts.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/hosts/all_hosts.ts rename to x-pack/test/security_solution_cypress/cypress/screens/hosts/all_hosts.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/hosts/authentications.ts b/x-pack/test/security_solution_cypress/cypress/screens/hosts/authentications.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/hosts/authentications.ts rename to x-pack/test/security_solution_cypress/cypress/screens/hosts/authentications.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/hosts/events.ts b/x-pack/test/security_solution_cypress/cypress/screens/hosts/events.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/hosts/events.ts rename to x-pack/test/security_solution_cypress/cypress/screens/hosts/events.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/hosts/host_risk.ts b/x-pack/test/security_solution_cypress/cypress/screens/hosts/host_risk.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/hosts/host_risk.ts rename to x-pack/test/security_solution_cypress/cypress/screens/hosts/host_risk.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/hosts/main.ts b/x-pack/test/security_solution_cypress/cypress/screens/hosts/main.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/hosts/main.ts rename to x-pack/test/security_solution_cypress/cypress/screens/hosts/main.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/hosts/uncommon_processes.ts b/x-pack/test/security_solution_cypress/cypress/screens/hosts/uncommon_processes.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/hosts/uncommon_processes.ts rename to x-pack/test/security_solution_cypress/cypress/screens/hosts/uncommon_processes.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/inspect.ts b/x-pack/test/security_solution_cypress/cypress/screens/inspect.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/inspect.ts rename to x-pack/test/security_solution_cypress/cypress/screens/inspect.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/integrations.ts b/x-pack/test/security_solution_cypress/cypress/screens/integrations.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/integrations.ts rename to x-pack/test/security_solution_cypress/cypress/screens/integrations.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/kibana_navigation.ts b/x-pack/test/security_solution_cypress/cypress/screens/kibana_navigation.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/kibana_navigation.ts rename to x-pack/test/security_solution_cypress/cypress/screens/kibana_navigation.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/lists.ts b/x-pack/test/security_solution_cypress/cypress/screens/lists.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/lists.ts rename to x-pack/test/security_solution_cypress/cypress/screens/lists.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/loading.ts b/x-pack/test/security_solution_cypress/cypress/screens/loading.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/loading.ts rename to x-pack/test/security_solution_cypress/cypress/screens/loading.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/network/dns.ts b/x-pack/test/security_solution_cypress/cypress/screens/network/dns.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/network/dns.ts rename to x-pack/test/security_solution_cypress/cypress/screens/network/dns.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/network/flows.ts b/x-pack/test/security_solution_cypress/cypress/screens/network/flows.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/network/flows.ts rename to x-pack/test/security_solution_cypress/cypress/screens/network/flows.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/network/http.ts b/x-pack/test/security_solution_cypress/cypress/screens/network/http.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/network/http.ts rename to x-pack/test/security_solution_cypress/cypress/screens/network/http.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/network/tls.ts b/x-pack/test/security_solution_cypress/cypress/screens/network/tls.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/network/tls.ts rename to x-pack/test/security_solution_cypress/cypress/screens/network/tls.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/overview.ts b/x-pack/test/security_solution_cypress/cypress/screens/overview.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/overview.ts rename to x-pack/test/security_solution_cypress/cypress/screens/overview.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/rule_details.ts b/x-pack/test/security_solution_cypress/cypress/screens/rule_details.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/rule_details.ts rename to x-pack/test/security_solution_cypress/cypress/screens/rule_details.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/rule_snoozing.ts b/x-pack/test/security_solution_cypress/cypress/screens/rule_snoozing.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/rule_snoozing.ts rename to x-pack/test/security_solution_cypress/cypress/screens/rule_snoozing.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/rules_bulk_actions.ts b/x-pack/test/security_solution_cypress/cypress/screens/rules_bulk_actions.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/rules_bulk_actions.ts rename to x-pack/test/security_solution_cypress/cypress/screens/rules_bulk_actions.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/saved_objects.ts b/x-pack/test/security_solution_cypress/cypress/screens/saved_objects.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/saved_objects.ts rename to x-pack/test/security_solution_cypress/cypress/screens/saved_objects.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/search_bar.ts b/x-pack/test/security_solution_cypress/cypress/screens/search_bar.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/search_bar.ts rename to x-pack/test/security_solution_cypress/cypress/screens/search_bar.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/security_header.ts b/x-pack/test/security_solution_cypress/cypress/screens/security_header.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/security_header.ts rename to x-pack/test/security_solution_cypress/cypress/screens/security_header.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/security_main.ts b/x-pack/test/security_solution_cypress/cypress/screens/security_main.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/security_main.ts rename to x-pack/test/security_solution_cypress/cypress/screens/security_main.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/shared.ts b/x-pack/test/security_solution_cypress/cypress/screens/shared.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/shared.ts rename to x-pack/test/security_solution_cypress/cypress/screens/shared.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/sourcerer.ts b/x-pack/test/security_solution_cypress/cypress/screens/sourcerer.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/sourcerer.ts rename to x-pack/test/security_solution_cypress/cypress/screens/sourcerer.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/table_pagination.ts b/x-pack/test/security_solution_cypress/cypress/screens/table_pagination.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/table_pagination.ts rename to x-pack/test/security_solution_cypress/cypress/screens/table_pagination.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/templates.ts b/x-pack/test/security_solution_cypress/cypress/screens/templates.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/templates.ts rename to x-pack/test/security_solution_cypress/cypress/screens/templates.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/timeline.ts b/x-pack/test/security_solution_cypress/cypress/screens/timeline.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/timeline.ts rename to x-pack/test/security_solution_cypress/cypress/screens/timeline.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/timelines.ts b/x-pack/test/security_solution_cypress/cypress/screens/timelines.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/timelines.ts rename to x-pack/test/security_solution_cypress/cypress/screens/timelines.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/users/all_users.ts b/x-pack/test/security_solution_cypress/cypress/screens/users/all_users.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/users/all_users.ts rename to x-pack/test/security_solution_cypress/cypress/screens/users/all_users.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/users/user_anomalies.ts b/x-pack/test/security_solution_cypress/cypress/screens/users/user_anomalies.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/users/user_anomalies.ts rename to x-pack/test/security_solution_cypress/cypress/screens/users/user_anomalies.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/users/user_authentications.ts b/x-pack/test/security_solution_cypress/cypress/screens/users/user_authentications.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/users/user_authentications.ts rename to x-pack/test/security_solution_cypress/cypress/screens/users/user_authentications.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/users/user_events.ts b/x-pack/test/security_solution_cypress/cypress/screens/users/user_events.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/users/user_events.ts rename to x-pack/test/security_solution_cypress/cypress/screens/users/user_events.ts diff --git a/x-pack/plugins/security_solution/cypress/screens/users/user_risk_score.ts b/x-pack/test/security_solution_cypress/cypress/screens/users/user_risk_score.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/screens/users/user_risk_score.ts rename to x-pack/test/security_solution_cypress/cypress/screens/users/user_risk_score.ts diff --git a/x-pack/plugins/security_solution/cypress/support/commands.js b/x-pack/test/security_solution_cypress/cypress/support/commands.js similarity index 100% rename from x-pack/plugins/security_solution/cypress/support/commands.js rename to x-pack/test/security_solution_cypress/cypress/support/commands.js diff --git a/x-pack/plugins/security_solution/cypress/support/e2e.js b/x-pack/test/security_solution_cypress/cypress/support/e2e.js similarity index 100% rename from x-pack/plugins/security_solution/cypress/support/e2e.js rename to x-pack/test/security_solution_cypress/cypress/support/e2e.js diff --git a/x-pack/plugins/security_solution/cypress/support/es_archiver.ts b/x-pack/test/security_solution_cypress/cypress/support/es_archiver.ts similarity index 68% rename from x-pack/plugins/security_solution/cypress/support/es_archiver.ts rename to x-pack/test/security_solution_cypress/cypress/support/es_archiver.ts index efc3285686555..42ddb4a526387 100644 --- a/x-pack/plugins/security_solution/cypress/support/es_archiver.ts +++ b/x-pack/test/security_solution_cypress/cypress/support/es_archiver.ts @@ -30,29 +30,13 @@ export const esArchiver = ( log, client, kbnClient, - baseDir: '../../../test/security_solution_cypress/es_archives', + baseDir: '../es_archives', }); on('task', { esArchiverLoad: async (archiveName) => esArchiverInstance.load(archiveName), esArchiverUnload: async (archiveName) => esArchiverInstance.unload(archiveName), esArchiverResetKibana: async () => esArchiverInstance.emptyKibanaIndex(), - esArchiverCCSLoad: async (archiveName) => { - const ccsEsArchiverInstance = new EsArchiver({ - client: new Client({ - node: config.env.CCS_ELASTICSEARCH_URL, - Connection: HttpConnection, - }), - log, - kbnClient: new KbnClient({ - log, - url: config.env.CCS_KIBANA_URL, - }), - baseDir: '../../../test/security_solution_cypress/es_archives', - }); - - return ccsEsArchiverInstance.load(archiveName); - }, }); return esArchiverInstance; diff --git a/x-pack/plugins/security_solution/cypress/support/index.d.ts b/x-pack/test/security_solution_cypress/cypress/support/index.d.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/support/index.d.ts rename to x-pack/test/security_solution_cypress/cypress/support/index.d.ts diff --git a/x-pack/test/security_solution_cypress/cypress/tags.ts b/x-pack/test/security_solution_cypress/cypress/tags.ts new file mode 100644 index 0000000000000..a0698a4c40951 --- /dev/null +++ b/x-pack/test/security_solution_cypress/cypress/tags.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const tag = { + SERVERLESS: '@serverless', + ESS: '@ess', + BROKEN_IN_SERVERLESS: '@brokenInServerless', +}; diff --git a/x-pack/plugins/security_solution/cypress/tasks/alerts.ts b/x-pack/test/security_solution_cypress/cypress/tasks/alerts.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/tasks/alerts.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/alerts.ts index e69a8705f7e22..8816851dcec7c 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/alerts.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/alerts.ts @@ -7,7 +7,8 @@ import { encode } from '@kbn/rison'; import { recurse } from 'cypress-recurse'; -import { formatPageFilterSearchParam } from '../../common/utils/format_page_filter_search_param'; +import { formatPageFilterSearchParam } from '@kbn/security-solution-plugin/common/utils/format_page_filter_search_param'; +import type { FilterItemObj } from '@kbn/security-solution-plugin/public/common/components/filter_group/types'; import { TOP_N_CONTAINER } from '../screens/network/flows'; import { ADD_EXCEPTION_BTN, @@ -82,7 +83,6 @@ import { import { LOADING_SPINNER } from '../screens/common/page'; import { ALERTS_URL } from '../urls/navigation'; import { FIELDS_BROWSER_BTN } from '../screens/rule_details'; -import type { FilterItemObj } from '../../public/common/components/filter_group/types'; import { visit } from './login'; import { openFilterGroupContextMenu } from './common/filter_group'; diff --git a/x-pack/plugins/security_solution/cypress/tasks/alerts_details.ts b/x-pack/test/security_solution_cypress/cypress/tasks/alerts_details.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/alerts_details.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/alerts_details.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/alerts_detection_rules.ts b/x-pack/test/security_solution_cypress/cypress/tasks/alerts_detection_rules.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/alerts_detection_rules.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/alerts_detection_rules.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/all_cases.ts b/x-pack/test/security_solution_cypress/cypress/tasks/all_cases.ts similarity index 87% rename from x-pack/plugins/security_solution/cypress/tasks/all_cases.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/all_cases.ts index 5485a47214ac3..90d41a92c8f16 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/all_cases.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/all_cases.ts @@ -10,15 +10,12 @@ import { ALL_CASES_CREATE_NEW_CASE_BTN, EDIT_EXTERNAL_CONNECTION, } from '../screens/all_cases'; -import { waitForPageToBeLoaded } from './common'; export const goToCreateNewCase = () => { cy.get(ALL_CASES_CREATE_NEW_CASE_BTN, { timeout: 60000 }).click({ force: true }); - waitForPageToBeLoaded(); }; export const goToCaseDetails = () => { - waitForPageToBeLoaded(); cy.get(ALL_CASES_NAME).click({ force: true }); }; diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/cases.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/cases.ts similarity index 88% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/cases.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/cases.ts index f41f1f40d5493..e75b408089d93 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/cases.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/cases.ts @@ -26,5 +26,5 @@ export const createCase = (newCase: TestCase) => }, owner: newCase.owner, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/connectors.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/connectors.ts similarity index 87% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/connectors.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/connectors.ts index a89e578764eec..38936d78cc360 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/connectors.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/connectors.ts @@ -10,7 +10,7 @@ export const createConnector = (connector: Record) => method: 'POST', url: '/api/actions/action', body: connector, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); const slackConnectorAPIPayload = { diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/elasticsearch.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/elasticsearch.ts similarity index 86% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/elasticsearch.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/elasticsearch.ts index 7312339497f2c..bd4c2c4af873c 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/elasticsearch.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/elasticsearch.ts @@ -10,7 +10,7 @@ export const deleteIndex = (index: string) => { rootRequest({ method: 'DELETE', url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); }; @@ -39,7 +39,7 @@ export const waitForNewDocumentToBeIndexed = (index: string, initialNumberOfDocu rootRequest<{ hits: { hits: unknown[] } }>({ method: 'GET', url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_search`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }).then((response) => { if (response.status !== 200) { @@ -58,7 +58,7 @@ export const refreshIndex = (index: string) => { rootRequest({ method: 'POST', url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_refresh`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }).then((response) => { if (response.status !== 200) { diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/exceptions.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/exceptions.ts similarity index 84% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/exceptions.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/exceptions.ts index 8b258c79a7edf..622e311fa0fd1 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/exceptions.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/exceptions.ts @@ -16,7 +16,7 @@ export const createEndpointExceptionList = () => rootRequest({ method: 'POST', url: '/api/endpoint_list', - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); @@ -33,7 +33,7 @@ export const createExceptionList = ( name: exceptionList.name, type: exceptionList.type, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); @@ -66,7 +66,7 @@ export const createExceptionListItem = ( ], expire_time: exceptionListItem?.expire_time, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); @@ -77,7 +77,7 @@ export const createRuleExceptionItem = (ruleId: string, exceptionListItems: Rule body: { items: exceptionListItems, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); @@ -92,7 +92,7 @@ export const updateExceptionListItem = ( item_id: exceptionListItemId, ...exceptionListItemUpdate, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); @@ -100,6 +100,6 @@ export const deleteExceptionList = (listId: string, namespaceType: string) => rootRequest({ method: 'DELETE', url: `/api/exception_lists?list_id=${listId}&namespace_type=${namespaceType}`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/fleet.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/fleet.ts similarity index 74% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/fleet.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/fleet.ts index 57995a0645388..95647649259dc 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/fleet.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/fleet.ts @@ -25,13 +25,13 @@ const deleteAgentPolicies = () => { return rootRequest<{ items: Array<{ id: string }> }>({ method: 'GET', url: 'api/fleet/agent_policies', - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }).then((response) => { response.body.items.forEach((item: { id: string }) => { rootRequest({ method: 'POST', url: `api/fleet/agent_policies/delete`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, body: { agentPolicyId: item.id, }, @@ -44,12 +44,12 @@ const deletePackagePolicies = () => { return rootRequest<{ items: Array<{ id: string }> }>({ method: 'GET', url: 'api/fleet/package_policies', - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }).then((response) => { rootRequest({ method: 'POST', url: `api/fleet/package_policies/delete`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, body: { packagePolicyIds: response.body.items.map((item: { id: string }) => item.id), }, @@ -61,14 +61,17 @@ const deletePackages = () => { return rootRequest<{ items: Array<{ status: string; name: string; version: string }> }>({ method: 'GET', url: 'api/fleet/epm/packages', - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }).then((response) => { response.body.items.forEach((item) => { if (item.status === 'installed') { rootRequest({ method: 'DELETE', url: `api/fleet/epm/packages/${item.name}/${item.version}`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + }, }); } }); diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/kibana_advanced_settings.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/kibana_advanced_settings.ts similarity index 90% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/kibana_advanced_settings.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/kibana_advanced_settings.ts index 6256539beca1d..f86cd0186c8c2 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/kibana_advanced_settings.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/kibana_advanced_settings.ts @@ -12,7 +12,7 @@ const kibanaSettings = (body: Cypress.RequestBody) => { method: 'POST', url: 'internal/kibana/settings', body, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); }; diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/notes.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/notes.ts similarity index 84% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/notes.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/notes.ts index 3efc24bc8083e..d1addc0407900 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/notes.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/notes.ts @@ -17,5 +17,5 @@ export const addNoteToTimeline = ( version: null, note: { note, timelineId }, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/prebuilt_rules.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/prebuilt_rules.ts similarity index 83% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/prebuilt_rules.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/prebuilt_rules.ts index 7242422355855..c11c1afb01404 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/prebuilt_rules.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/prebuilt_rules.ts @@ -5,16 +5,16 @@ * 2.0. */ -import { ELASTIC_SECURITY_RULE_ID } from '../../../common/detection_engine/constants'; -import type { PrePackagedRulesStatusResponse } from '../../../public/detection_engine/rule_management/logic/types'; -import { getPrebuiltRuleWithExceptionsMock } from '../../../server/lib/detection_engine/prebuilt_rules/mocks'; +import { ELASTIC_SECURITY_RULE_ID } from '@kbn/security-solution-plugin/common/detection_engine/constants'; +import type { PrePackagedRulesStatusResponse } from '@kbn/security-solution-plugin/public/detection_engine/rule_management/logic/types'; +import { getPrebuiltRuleWithExceptionsMock } from '@kbn/security-solution-plugin/server/lib/detection_engine/prebuilt_rules/mocks'; import { createRuleAssetSavedObject } from '../../helpers/rules'; export const getPrebuiltRulesStatus = () => { return cy.request({ method: 'GET', url: 'api/detection_engine/rules/prepackaged/_status', - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); }; @@ -34,7 +34,7 @@ export const installAllPrebuiltRulesRequest = () => { return cy.request({ method: 'POST', url: 'internal/detection_engine/prebuilt_rules/installation/_perform', - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, body: { mode: 'ALL_RULES', }, @@ -84,7 +84,11 @@ export const waitUntilAllRuleAssetsCreated = ( .request({ method: 'GET', url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_search`, - headers: { 'kbn-xsrf': 'cypress-creds', 'Content-Type': 'application/json' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + 'Content-Type': 'application/json', + }, failOnStatusCode: false, body: { query: { @@ -126,7 +130,11 @@ export const createNewRuleAsset = ({ .request({ method: 'PUT', url, - headers: { 'kbn-xsrf': 'cypress-creds', 'Content-Type': 'application/json' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + 'Content-Type': 'application/json', + }, failOnStatusCode: false, body: rule, }) @@ -166,6 +174,7 @@ export const bulkCreateRuleAssets = ({ }, headers: { 'Content-Type': 'application/json', + 'x-elastic-internal-origin': 'security-solution', }, }); @@ -175,7 +184,11 @@ export const bulkCreateRuleAssets = ({ .request({ method: 'POST', url, - headers: { 'kbn-xsrf': 'cypress-creds', 'Content-Type': 'application/json' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + 'Content-Type': 'application/json', + }, failOnStatusCode: false, body: bulkIndexRequestBody, }) @@ -190,7 +203,11 @@ export const getRuleAssets = (index: string | undefined = '.kibana_security_solu return cy.request({ method: 'GET', url, - headers: { 'kbn-xsrf': 'cypress-creds', 'Content-Type': 'application/json' }, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', + 'Content-Type': 'application/json', + }, failOnStatusCode: false, body: { query: { diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_engine.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_engine.ts similarity index 85% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_engine.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_engine.ts index 2564615f2ccda..7305bef6f0b88 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_engine.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_engine.ts @@ -10,7 +10,7 @@ export const deleteConfiguration = () => { method: 'GET', url: `/api/saved_objects/_find?type=risk-engine-configuration`, failOnStatusCode: false, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }).then((res) => { const savedObjectId = res?.body?.saved_objects?.[0]?.id; if (savedObjectId) { @@ -18,7 +18,7 @@ export const deleteConfiguration = () => { method: 'DELETE', url: `/api/saved_objects/risk-engine-configuration/${savedObjectId}`, failOnStatusCode: false, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); } }); diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/index.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/index.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/index.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/index.ts index 30c5b5fccefd1..5cadf80cf9674 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/index.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/index.ts @@ -298,7 +298,7 @@ export const installRiskScoreModule = () => { body: { riskScoreEntity: 'host', }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }) .its('status') .should('eql', 200); diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/indices.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/indices.ts similarity index 81% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/indices.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/indices.ts index 680159d43156d..f31feb9229648 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/indices.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/indices.ts @@ -17,7 +17,7 @@ export const createIndex = (options: { method: 'put', url: `${INDICES_URL}/create`, body: options, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); }; @@ -29,7 +29,7 @@ export const deleteRiskScoreIndicies = (riskScoreEntity: RiskScoreEntity, spaceI body: { indices: [getPivotTransformIndex(riskScoreEntity, spaceId)], }, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }) .then(() => { @@ -39,7 +39,7 @@ export const deleteRiskScoreIndicies = (riskScoreEntity: RiskScoreEntity, spaceI body: { indices: [getLatestTransformIndex(riskScoreEntity, spaceId)], }, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); }); diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/ingest_pipelines.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/ingest_pipelines.ts similarity index 79% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/ingest_pipelines.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/ingest_pipelines.ts index 818b0cf8d18fd..c438baf5c9273 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/ingest_pipelines.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/ingest_pipelines.ts @@ -11,7 +11,7 @@ export const createIngestPipeline = (options: { name: string; processors: Array< return cy.request({ method: 'post', url: `${INGEST_PIPELINES_URL}`, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, body: options, }); }; @@ -20,7 +20,7 @@ export const deleteRiskScoreIngestPipelines = (names: string[]) => { return cy.request({ method: 'delete', url: `${INGEST_PIPELINES_URL}/${names.join(',')}`, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); }; diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/saved_objects.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/saved_objects.ts similarity index 83% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/saved_objects.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/saved_objects.ts index 3e96bbcd2cb2c..353e52fea53aa 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/saved_objects.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/saved_objects.ts @@ -17,7 +17,7 @@ export const deleteSavedObjects = (templateName: `${RiskScoreEntity}RiskScoreDas body: { deleteAll: true, }, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); }; @@ -30,7 +30,7 @@ export const findSavedObjects = (riskScoreEntity: RiskScoreEntity, spaceId = 'de .request({ method: 'get', url: `${SAVED_OBJECTS_URL}/_find?fields=id&type=tag&sort_field=updated_at&search=${search}&search_fields=name`, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }) .then((res) => cy.request({ @@ -38,7 +38,7 @@ export const findSavedObjects = (riskScoreEntity: RiskScoreEntity, spaceId = 'de url: `${SAVED_OBJECTS_URL}/_find?fields=id&type=index-pattern&type=tag&type=visualization&type=dashboard&type=lens&sort_field=updated_at&has_reference=${getReference( res.body.saved_objects[0].id )}`, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }) ); }; diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/stored_scripts.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/stored_scripts.ts similarity index 81% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/stored_scripts.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/stored_scripts.ts index de5a2b3616075..803673f351fc5 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/risk_scores/stored_scripts.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/risk_scores/stored_scripts.ts @@ -12,7 +12,7 @@ export const createStoredScript = (options: { id: string; script: {} }) => { method: 'put', url: `${STORED_SCRIPTS_URL}/create`, body: options, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); }; @@ -22,7 +22,7 @@ const deleteStoredScript = (id: string) => { url: `${STORED_SCRIPTS_URL}/delete`, body: { id }, failOnStatusCode: false, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); }; diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/rules.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/rules.ts similarity index 77% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/rules.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/rules.ts index 6c87b812046dc..20551524d4340 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/rules.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/rules.ts @@ -6,14 +6,17 @@ */ import moment from 'moment'; -import { rootRequest } from '../common'; import { DETECTION_ENGINE_RULES_URL, DETECTION_ENGINE_RULES_URL_FIND, -} from '../../../common/constants'; -import type { RuleCreateProps, RuleResponse } from '../../../common/api/detection_engine'; +} from '@kbn/security-solution-plugin/common/constants'; +import type { + RuleCreateProps, + RuleResponse, +} from '@kbn/security-solution-plugin/common/api/detection_engine'; +import type { FetchRulesResponse } from '@kbn/security-solution-plugin/public/detection_engine/rule_management/logic/types'; import { internalAlertingSnoozeRule } from '../../urls/routes'; -import type { FetchRulesResponse } from '../../../public/detection_engine/rule_management/logic/types'; +import { rootRequest } from '../common'; export const createRule = ( rule: RuleCreateProps @@ -22,7 +25,7 @@ export const createRule = ( method: 'POST', url: DETECTION_ENGINE_RULES_URL, body: rule, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); }; @@ -43,7 +46,7 @@ export const snoozeRule = (id: string, duration: number): Cypress.Chainable => rRule: { dtstart: new Date().toISOString(), count: 1, tzid: moment().format('zz') }, }, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); @@ -51,7 +54,7 @@ export const deleteCustomRule = (ruleId = '1') => { rootRequest({ method: 'DELETE', url: `api/detection_engine/rules?rule_id=${ruleId}`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); }; @@ -69,6 +72,7 @@ export const importRule = (ndjsonPath: string) => { headers: { 'kbn-xsrf': 'cypress-creds', 'content-type': 'multipart/form-data', + 'x-elastic-internal-origin': 'security-solution', }, body: formdata, }) @@ -83,6 +87,11 @@ export const waitForRulesToFinishExecution = (ruleIds: string[], afterDate?: Dat rootRequest({ method: 'GET', url: DETECTION_ENGINE_RULES_URL_FIND, + headers: { + 'kbn-xsrf': 'cypress-creds', + 'content-type': 'multipart/form-data', + 'x-elastic-internal-origin': 'security-solution', + }, }).then((response) => { const areAllRulesFinished = ruleIds.every((ruleId) => response.body.data.some((rule) => { diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/saved_queries.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/saved_queries.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/saved_queries.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/saved_queries.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/timelines.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/timelines.ts similarity index 86% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/timelines.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/timelines.ts index ab64ac02698ca..2f555e8a9ed9a 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/timelines.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/timelines.ts @@ -5,7 +5,7 @@ * 2.0. */ -import type { TimelineResponse } from '../../../common/api/timeline'; +import type { TimelineResponse } from '@kbn/security-solution-plugin/common/api/timeline'; import type { CompleteTimeline } from '../../objects/timeline'; import { rootRequest } from '../common'; @@ -53,7 +53,7 @@ export const createTimeline = (timeline: CompleteTimeline) => : {}), }, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); export const createTimelineTemplate = (timeline: CompleteTimeline) => @@ -99,14 +99,14 @@ export const createTimelineTemplate = (timeline: CompleteTimeline) => savedQueryId: null, }, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); export const loadPrepackagedTimelineTemplates = () => rootRequest({ method: 'POST', url: 'api/timeline/_prepackaged', - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); export const favoriteTimeline = ({ @@ -129,5 +129,5 @@ export const favoriteTimeline = ({ templateTimelineId: templateTimelineId || null, templateTimelineVersion: templateTimelineVersion || null, }, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, }); diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/tour.ts b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/tour.ts similarity index 77% rename from x-pack/plugins/security_solution/cypress/tasks/api_calls/tour.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/api_calls/tour.ts index ee17795a46d52..6b225f5027c6e 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/api_calls/tour.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/api_calls/tour.ts @@ -6,7 +6,7 @@ */ import { API_BASE_PATH } from '@kbn/guided-onboarding-plugin/common'; -import { siemGuideId } from '../../../common/guided_onboarding/siem_guide_config'; +import { siemGuideId } from '@kbn/security-solution-plugin/common/guided_onboarding/siem_guide_config'; const alertsGuideActiveState = { isActive: true, @@ -23,7 +23,7 @@ export const startAlertsCasesTour = () => cy.request({ method: 'PUT', url: `${API_BASE_PATH}/state`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, body: { status: 'in_progress', guide: alertsGuideActiveState, @@ -34,7 +34,7 @@ export const quitGlobalTour = () => cy.request({ method: 'PUT', url: `${API_BASE_PATH}/state`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, body: { status: 'quit', guide: { diff --git a/x-pack/plugins/security_solution/cypress/tasks/case_details.ts b/x-pack/test/security_solution_cypress/cypress/tasks/case_details.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/case_details.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/case_details.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/common.ts b/x-pack/test/security_solution_cypress/cypress/tasks/common.ts similarity index 94% rename from x-pack/plugins/security_solution/cypress/tasks/common.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/common.ts index fc6a7096e1814..a1a6cf8a476f8 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/common.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/common.ts @@ -7,11 +7,7 @@ import { DATA_VIEW_PATH, INITIAL_REST_VERSION } from '@kbn/data-views-plugin/server/constants'; import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; -import { - KIBANA_LOADING_ICON, - LOADING_INDICATOR, - LOADING_INDICATOR_HIDDEN, -} from '../screens/security_header'; +import { KIBANA_LOADING_ICON } from '../screens/security_header'; import { EUI_BASIC_TABLE_LOADING } from '../screens/common/controls'; const primaryButton = 0; @@ -112,7 +108,7 @@ export const deleteAlertsAndRules = () => { action: 'delete', }, failOnStatusCode: false, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, timeout: 300000, }); @@ -254,7 +250,8 @@ export const postDataView = (dataSource: string) => { }, }, headers: { - 'kbn-xsrf': 'cypress-creds-via-config', + 'kbn-xsrf': 'cypress-creds', + 'x-elastic-internal-origin': 'security-solution', [ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION], }, failOnStatusCode: false, @@ -265,18 +262,13 @@ export const deleteDataView = (dataSource: string) => { rootRequest({ method: 'DELETE', url: `api/data_views/data_view/${dataSource}`, - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); }; export const scrollToBottom = () => cy.scrollTo('bottom'); -export const waitForPageToBeLoaded = () => { - cy.get(LOADING_INDICATOR_HIDDEN).should('exist'); - cy.get(LOADING_INDICATOR).should('not.exist'); -}; - export const waitForWelcomePanelToBeLoaded = () => { cy.get(KIBANA_LOADING_ICON).should('exist'); cy.get(KIBANA_LOADING_ICON).should('not.exist'); diff --git a/x-pack/plugins/security_solution/cypress/tasks/common/callouts.ts b/x-pack/test/security_solution_cypress/cypress/tasks/common/callouts.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/common/callouts.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/common/callouts.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/common/event_table.ts b/x-pack/test/security_solution_cypress/cypress/tasks/common/event_table.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/common/event_table.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/common/event_table.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/common/filter_group.ts b/x-pack/test/security_solution_cypress/cypress/tasks/common/filter_group.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/common/filter_group.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/common/filter_group.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/common/rule_actions.ts b/x-pack/test/security_solution_cypress/cypress/tasks/common/rule_actions.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/common/rule_actions.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/common/rule_actions.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/configure_cases.ts b/x-pack/test/security_solution_cypress/cypress/tasks/configure_cases.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/configure_cases.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/configure_cases.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/create_new_case.ts b/x-pack/test/security_solution_cypress/cypress/tasks/create_new_case.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/create_new_case.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/create_new_case.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts b/x-pack/test/security_solution_cypress/cypress/tasks/create_new_rule.ts similarity index 99% rename from x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/create_new_rule.ts index 1d33d2f169549..dabd0b89e4fb1 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/create_new_rule.ts @@ -13,6 +13,15 @@ import type { ThreatSubtechnique, ThreatTechnique, } from '@kbn/securitysolution-io-ts-alerting-types'; +import type { + EqlRuleCreateProps, + MachineLearningRuleCreateProps, + NewTermsRuleCreateProps, + QueryRuleCreateProps, + RuleCreateProps, + ThreatMatchRuleCreateProps, + ThresholdRuleCreateProps, +} from '@kbn/security-solution-plugin/common/api/detection_engine/model'; import type { Actions } from '../objects/types'; // For some reason importing these functions from ../../public/detections/pages/detection_engine/rules/helpers // causes a "Webpack Compilation Error" in this file specifically, even though it imports fine in the test files @@ -115,15 +124,6 @@ import { TIMELINE } from '../screens/timelines'; import { EUI_FILTER_SELECT_ITEM, COMBO_BOX_INPUT } from '../screens/common/controls'; import { ruleFields } from '../data/detection_engine'; import { BACK_TO_RULES_TABLE } from '../screens/rule_details'; -import type { - EqlRuleCreateProps, - MachineLearningRuleCreateProps, - NewTermsRuleCreateProps, - QueryRuleCreateProps, - RuleCreateProps, - ThreatMatchRuleCreateProps, - ThresholdRuleCreateProps, -} from '../../common/api/detection_engine/model'; import { waitForAlerts } from './alerts'; import { refreshPage } from './security_header'; import { EMPTY_ALERT_TABLE } from '../screens/alerts'; diff --git a/x-pack/plugins/security_solution/cypress/tasks/create_runtime_field.ts b/x-pack/test/security_solution_cypress/cypress/tasks/create_runtime_field.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/create_runtime_field.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/create_runtime_field.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/dashboards/common.ts b/x-pack/test/security_solution_cypress/cypress/tasks/dashboards/common.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/dashboards/common.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/dashboards/common.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/date_picker.ts b/x-pack/test/security_solution_cypress/cypress/tasks/date_picker.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/date_picker.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/date_picker.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/edit_rule.ts b/x-pack/test/security_solution_cypress/cypress/tasks/edit_rule.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/edit_rule.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/edit_rule.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/entity_analytics.ts b/x-pack/test/security_solution_cypress/cypress/tasks/entity_analytics.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/entity_analytics.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/entity_analytics.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/exceptions.ts b/x-pack/test/security_solution_cypress/cypress/tasks/exceptions.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/exceptions.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/exceptions.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/exceptions_table.ts b/x-pack/test/security_solution_cypress/cypress/tasks/exceptions_table.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/exceptions_table.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/exceptions_table.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_analyzer_graph_tab.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_correlations_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_correlations_tab.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_correlations_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_correlations_tab.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_entities_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_entities_tab.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_entities_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_entities_tab.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_investigation_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_investigation_tab.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_investigation_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_investigation_tab.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_prevalence_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_prevalence_tab.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_prevalence_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_prevalence_tab.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_response_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_response_tab.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_response_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_response_tab.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_left_panel_threat_intelligence_tab.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_preview_panel_rule_preview.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_preview_panel_rule_preview.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_preview_panel_rule_preview.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_preview_panel_rule_preview.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_right_panel.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_right_panel.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_right_panel.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_right_panel.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_right_panel_json_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_right_panel_json_tab.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_right_panel_json_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_right_panel_json_tab.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_right_panel_overview_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_right_panel_overview_tab.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_right_panel_overview_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_right_panel_overview_tab.ts index 90b040845812b..c87a3c2afb9fe 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_right_panel_overview_tab.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_right_panel_overview_tab.ts @@ -10,7 +10,7 @@ import { INSIGHTS_ENTITIES_TITLE_LINK_TEST_ID, INSIGHTS_PREVALENCE_TITLE_LINK_TEST_ID, INSIGHTS_THREAT_INTELLIGENCE_TITLE_LINK_TEST_ID, -} from '../../../public/flyout/right/components/test_ids'; +} from '@kbn/security-solution-plugin/public/flyout/right/components/test_ids'; import { DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_ABOUT_SECTION_HEADER, DOCUMENT_DETAILS_FLYOUT_OVERVIEW_TAB_VISUALIZATIONS_SECTION_HEADER, diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_right_panel_table_tab.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_right_panel_table_tab.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/alert_details_right_panel_table_tab.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/alert_details_right_panel_table_tab.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/common.ts b/x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/common.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/expandable_flyout/common.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout/common.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/fields_browser.ts b/x-pack/test/security_solution_cypress/cypress/tasks/fields_browser.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/fields_browser.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/fields_browser.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/guided_onboarding.ts b/x-pack/test/security_solution_cypress/cypress/tasks/guided_onboarding.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/guided_onboarding.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/guided_onboarding.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/host_risk.ts b/x-pack/test/security_solution_cypress/cypress/tasks/host_risk.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/host_risk.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/host_risk.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/hosts/all_hosts.ts b/x-pack/test/security_solution_cypress/cypress/tasks/hosts/all_hosts.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/hosts/all_hosts.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/hosts/all_hosts.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/hosts/events.ts b/x-pack/test/security_solution_cypress/cypress/tasks/hosts/events.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/hosts/events.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/hosts/events.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/hosts/main.ts b/x-pack/test/security_solution_cypress/cypress/tasks/hosts/main.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/hosts/main.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/hosts/main.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/hosts/uncommon_processes.ts b/x-pack/test/security_solution_cypress/cypress/tasks/hosts/uncommon_processes.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/hosts/uncommon_processes.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/hosts/uncommon_processes.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/inspect.ts b/x-pack/test/security_solution_cypress/cypress/tasks/inspect.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/inspect.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/inspect.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/integrations.ts b/x-pack/test/security_solution_cypress/cypress/tasks/integrations.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/integrations.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/integrations.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/kibana_navigation.ts b/x-pack/test/security_solution_cypress/cypress/tasks/kibana_navigation.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/kibana_navigation.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/kibana_navigation.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/lists.ts b/x-pack/test/security_solution_cypress/cypress/tasks/lists.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/tasks/lists.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/lists.ts index 1eee68fc38628..d160f4c2deb42 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/lists.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/lists.ts @@ -20,13 +20,17 @@ export const createListsIndex = () => { cy.request({ method: 'POST', url: '/api/lists/index', - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); }; export const waitForListsIndex = () => { - cy.request({ url: '/api/lists/index', retryOnStatusCodeFailure: true }).then((response) => { + cy.request({ + url: '/api/lists/index', + headers: { 'x-elastic-internal-origin': 'security-solution' }, + retryOnStatusCodeFailure: true, + }).then((response) => { if (response.status !== 200) { // eslint-disable-next-line cypress/no-unnecessary-waiting cy.wait(7500); @@ -83,7 +87,7 @@ const deleteValueList = (list: string): Cypress.Chainable ({ const postRoleAndUser = (role: ROLES) => { const env = getCurlScriptEnvVars(); - const detectionsRoleScriptPath = `./server/lib/detection_engine/scripts/roles_users/${role}/post_detections_role.sh`; - const detectionsRoleJsonPath = `./server/lib/detection_engine/scripts/roles_users/${role}/detections_role.json`; - const detectionsUserScriptPath = `./server/lib/detection_engine/scripts/roles_users/${role}/post_detections_user.sh`; - const detectionsUserJsonPath = `./server/lib/detection_engine/scripts/roles_users/${role}/detections_user.json`; + const detectionsRoleScriptPath = `../../plugins/security_solution/server/lib/detection_engine/scripts/roles_users/${role}/post_detections_role.sh`; + const detectionsRoleJsonPath = `../../plugins/security_solution/server/lib/detection_engine/scripts/roles_users/${role}/detections_role.json`; + const detectionsUserScriptPath = `../../plugins/security_solution/server/lib/detection_engine/scripts/roles_users/${role}/post_detections_user.sh`; + const detectionsUserJsonPath = `../../plugins/security_solution/server/lib/detection_engine/scripts/roles_users/${role}/detections_user.json`; // post the role cy.exec(`bash ${detectionsRoleScriptPath} ${detectionsRoleJsonPath}`, { @@ -128,7 +127,7 @@ const postRoleAndUser = (role: ROLES) => { export const deleteRoleAndUser = (role: ROLES) => { const env = getCurlScriptEnvVars(); - const detectionsUserDeleteScriptPath = `./server/lib/detection_engine/scripts/roles_users/${role}/delete_detections_user.sh`; + const detectionsUserDeleteScriptPath = `../../plugins/security_solution/server/lib/detection_engine/scripts/roles_users/${role}/delete_detections_user.sh`; // delete the role cy.exec(`bash ${detectionsUserDeleteScriptPath}`, { @@ -148,7 +147,10 @@ export const loginWithUser = (user: User) => { password: user.password, }, }, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { + 'kbn-xsrf': 'cypress-creds-via-config', + 'x-elastic-internal-origin': 'security-solution', + }, method: 'POST', url: constructUrlWithUser(user, LOGIN_API_ENDPOINT), }); @@ -173,7 +175,10 @@ const loginWithRole = async (role: ROLES) => { password: 'changeme', }, }, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { + 'kbn-xsrf': 'cypress-creds-via-config', + 'x-elastic-internal-origin': 'security-solution', + }, method: 'POST', url: getUrlWithRoute(role, LOGIN_API_ENDPOINT), }); @@ -231,7 +236,10 @@ const loginViaEnvironmentCredentials = () => { password, }, }, - headers: { 'kbn-xsrf': 'cypress-creds-via-env' }, + headers: { + 'kbn-xsrf': 'cypress-creds-via-env', + 'x-elastic-internal-origin': 'security-solution', + }, method: 'POST', url: `${Cypress.config().baseUrl}${LOGIN_API_ENDPOINT}`, }); @@ -263,7 +271,10 @@ const loginViaConfig = () => { password: config.elasticsearch.password, }, }, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { + 'kbn-xsrf': 'cypress-creds-via-config', + 'x-elastic-internal-origin': 'security-solution', + }, method: 'POST', url: `${Cypress.config().baseUrl}${LOGIN_API_ENDPOINT}`, }); @@ -318,7 +329,6 @@ export const waitForPage = (url: string) => { cy.visit( `${url}?timerange=(global:(linkTo:!(timeline),timerange:(from:1547914976217,fromStr:'2019-01-19T16:22:56.217Z',kind:relative,to:1579537385745,toStr:now)),timeline:(linkTo:!(global),timerange:(from:1547914976217,fromStr:'2019-01-19T16:22:56.217Z',kind:relative,to:1579537385745,toStr:now)))` ); - waitForPageToBeLoaded(); }; export const visit = (url: string, options: Partial = {}, role?: ROLES) => { @@ -356,21 +366,18 @@ export const visit = (url: string, options: Partial = {}, options.onLoad?.(win); }, }); - waitForPageToBeLoaded(); }; export const visitWithoutDateRange = (url: string, role?: ROLES) => { cy.visit(role ? getUrlWithRoute(role, url) : url, { onBeforeLoad: disableNewFeaturesTours, }); - waitForPageToBeLoaded(); }; export const visitWithUser = (url: string, user: User) => { cy.visit(constructUrlWithUser(user, url), { onBeforeLoad: disableNewFeaturesTours, }); - waitForPageToBeLoaded(); }; export const visitTimeline = (timelineId: string, role?: ROLES) => { @@ -378,7 +385,6 @@ export const visitTimeline = (timelineId: string, role?: ROLES) => { cy.visit(role ? getUrlWithRoute(role, route) : route, { onBeforeLoad: disableNewFeaturesTours, }); - waitForPageToBeLoaded(); }; export const visitHostDetailsPage = (hostName = 'suricata-iowa') => { @@ -393,7 +399,6 @@ export const visitUserDetailsPage = (userName = 'test') => { export const waitForPageWithoutDateRange = (url: string, role?: ROLES) => { cy.visit(role ? getUrlWithRoute(role, url) : url); - waitForPageToBeLoaded(); }; export const logout = () => { diff --git a/x-pack/plugins/security_solution/cypress/tasks/network/flows.ts b/x-pack/test/security_solution_cypress/cypress/tasks/network/flows.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/network/flows.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/network/flows.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/overview.ts b/x-pack/test/security_solution_cypress/cypress/tasks/overview.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/overview.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/overview.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/prebuilt_rules.ts b/x-pack/test/security_solution_cypress/cypress/tasks/prebuilt_rules.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/tasks/prebuilt_rules.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/prebuilt_rules.ts index bf9199aa1f81e..e6945c551c965 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/prebuilt_rules.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/prebuilt_rules.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { RULES_ADD_PATH, RULES_UPDATES } from '../../common/constants'; +import { RULES_ADD_PATH, RULES_UPDATES } from '@kbn/security-solution-plugin/common/constants'; import { ADD_ELASTIC_RULES_BTN, ADD_ELASTIC_RULES_TABLE, diff --git a/x-pack/plugins/security_solution/cypress/tasks/privileges.ts b/x-pack/test/security_solution_cypress/cypress/tasks/privileges.ts similarity index 93% rename from x-pack/plugins/security_solution/cypress/tasks/privileges.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/privileges.ts index b0489b14e8a8e..19c056cfba8e3 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/privileges.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/privileges.ts @@ -188,7 +188,7 @@ export const createUsersAndRoles = (users: User[], roles: Role[]) => { cy.log(`Creating role: ${JSON.stringify(role)}`); cy.request({ body: role.privileges, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, method: 'PUT', url: constructUrlWithUser(envUser, `/api/security/role/${role.name}`), }) @@ -207,7 +207,7 @@ export const createUsersAndRoles = (users: User[], roles: Role[]) => { full_name: userInfo.full_name, email: userInfo.email, }, - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, method: 'POST', url: constructUrlWithUser(envUser, `/internal/security/users/${user.username}`), }) @@ -221,7 +221,7 @@ export const deleteUsersAndRoles = (users: User[], roles: Role[]) => { for (const user of users) { cy.log(`Deleting user: ${JSON.stringify(user)}`); cy.request({ - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, method: 'DELETE', url: constructUrlWithUser(envUser, `/internal/security/users/${user.username}`), failOnStatusCode: false, @@ -233,7 +233,7 @@ export const deleteUsersAndRoles = (users: User[], roles: Role[]) => { for (const role of roles) { cy.log(`Deleting role: ${JSON.stringify(role)}`); cy.request({ - headers: { 'kbn-xsrf': 'cypress-creds-via-config' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, method: 'DELETE', url: constructUrlWithUser(envUser, `/api/security/role/${role.name}`), failOnStatusCode: false, diff --git a/x-pack/plugins/security_solution/cypress/tasks/risk_scores/common.ts b/x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/common.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/risk_scores/common.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/common.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/risk_scores/index.ts b/x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/index.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/risk_scores/index.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/index.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/risk_scores/indices.ts b/x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/indices.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/risk_scores/indices.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/indices.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/risk_scores/ingest_pipelines.ts b/x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/ingest_pipelines.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/risk_scores/ingest_pipelines.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/ingest_pipelines.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/risk_scores/saved_objects.ts b/x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/saved_objects.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/risk_scores/saved_objects.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/saved_objects.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/risk_scores/stored_scripts.ts b/x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/stored_scripts.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/risk_scores/stored_scripts.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/stored_scripts.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/risk_scores/transforms.ts b/x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/transforms.ts similarity index 91% rename from x-pack/plugins/security_solution/cypress/tasks/risk_scores/transforms.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/transforms.ts index 334607acc4da2..8e04a4a5ac557 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/risk_scores/transforms.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/risk_scores/transforms.ts @@ -35,7 +35,11 @@ export const getTransformState = (transformId: string) => { return cy.request<{ transforms: Array<{ id: string; state: string }>; count: number }>({ method: 'get', url: `${TRANSFORMS_URL}/transforms/${transformId}/_stats`, - headers: { 'kbn-xsrf': 'cypress-creds-via-config', [ELASTIC_HTTP_VERSION_HEADER]: '1' }, + headers: { + 'kbn-xsrf': 'cypress-creds-via-config', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, }); }; @@ -43,7 +47,11 @@ export const startTransforms = (transformIds: string[]) => { return cy.request({ method: 'post', url: `${TRANSFORMS_URL}/start_transforms`, - headers: { 'kbn-xsrf': 'cypress-creds-via-config', [ELASTIC_HTTP_VERSION_HEADER]: '1' }, + headers: { + 'kbn-xsrf': 'cypress-creds-via-config', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, body: transformIds.map((id) => ({ id, })), @@ -57,7 +65,11 @@ const stopTransform = (state: { return cy.request({ method: 'post', url: `${TRANSFORMS_URL}/stop_transforms`, - headers: { 'kbn-xsrf': 'cypress-creds-via-config', [ELASTIC_HTTP_VERSION_HEADER]: '1' }, + headers: { + 'kbn-xsrf': 'cypress-creds-via-config', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, body: state != null && state.transforms.length > 0 ? [ @@ -74,7 +86,11 @@ export const createTransform = (transformId: string, options: string | Record { return cy.request({ method: 'post', url: `${TRANSFORMS_URL}/delete_transforms`, - headers: { 'kbn-xsrf': 'cypress-creds-via-config', [ELASTIC_HTTP_VERSION_HEADER]: '1' }, + headers: { + 'kbn-xsrf': 'cypress-creds-via-config', + 'x-elastic-internal-origin': 'security-solution', + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, failOnStatusCode: false, body: { transformsInfo: [ diff --git a/x-pack/plugins/security_solution/cypress/tasks/rule_details.ts b/x-pack/test/security_solution_cypress/cypress/tasks/rule_details.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/rule_details.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/rule_details.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/rule_filters.ts b/x-pack/test/security_solution_cypress/cypress/tasks/rule_filters.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/rule_filters.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/rule_filters.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/rule_snoozing.ts b/x-pack/test/security_solution_cypress/cypress/tasks/rule_snoozing.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/rule_snoozing.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/rule_snoozing.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/rules_bulk_actions.ts b/x-pack/test/security_solution_cypress/cypress/tasks/rules_bulk_actions.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/rules_bulk_actions.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/rules_bulk_actions.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/saved_objects.ts b/x-pack/test/security_solution_cypress/cypress/tasks/saved_objects.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/saved_objects.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/saved_objects.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/search_bar.ts b/x-pack/test/security_solution_cypress/cypress/tasks/search_bar.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/search_bar.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/search_bar.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/security_header.ts b/x-pack/test/security_solution_cypress/cypress/tasks/security_header.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/security_header.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/security_header.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/security_main.ts b/x-pack/test/security_solution_cypress/cypress/tasks/security_main.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/security_main.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/security_main.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/sourcerer.ts b/x-pack/test/security_solution_cypress/cypress/tasks/sourcerer.ts similarity index 96% rename from x-pack/plugins/security_solution/cypress/tasks/sourcerer.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/sourcerer.ts index 00fa6b1152201..131a22fd24a74 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/sourcerer.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/sourcerer.ts @@ -5,11 +5,11 @@ * 2.0. */ +import { DEFAULT_ALERTS_INDEX } from '@kbn/security-solution-plugin/common/constants'; import { HOSTS_STAT, SOURCERER } from '../screens/sourcerer'; import { HOSTS_URL } from '../urls/navigation'; import { visit, waitForPage } from './login'; import { openTimelineUsingToggle } from './security_main'; -import { DEFAULT_ALERTS_INDEX } from '../../common/constants'; import { rootRequest } from './common'; export const openSourcerer = (sourcererScope?: string) => { @@ -137,7 +137,7 @@ export const deleteRuntimeField = (dataView: string, fieldName: string) => { rootRequest({ url: deleteRuntimeFieldPath, method: 'DELETE', - headers: { 'kbn-xsrf': 'cypress-creds' }, + headers: { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' }, failOnStatusCode: false, }); }; diff --git a/x-pack/plugins/security_solution/cypress/tasks/table_pagination.ts b/x-pack/test/security_solution_cypress/cypress/tasks/table_pagination.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/table_pagination.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/table_pagination.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/templates.ts b/x-pack/test/security_solution_cypress/cypress/tasks/templates.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/templates.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/templates.ts diff --git a/x-pack/plugins/security_solution/cypress/tasks/timeline.ts b/x-pack/test/security_solution_cypress/cypress/tasks/timeline.ts similarity index 98% rename from x-pack/plugins/security_solution/cypress/tasks/timeline.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/timeline.ts index 05d08ba9702bf..fbec4a495d0fe 100644 --- a/x-pack/plugins/security_solution/cypress/tasks/timeline.ts +++ b/x-pack/test/security_solution_cypress/cypress/tasks/timeline.ts @@ -336,9 +336,9 @@ export const deleteTimeline = () => { }; export const markAsFavorite = () => { - cy.get(STAR_ICON).should('be.visible').click(); - cy.get(LOADING_INDICATOR).should('exist'); - cy.get(LOADING_INDICATOR).should('not.exist'); + cy.intercept('PATCH', 'api/timeline/_favorite').as('markedAsFavourite'); + cy.get(STAR_ICON).click({ force: true }); + cy.wait('@markedAsFavourite'); }; export const openTimelineFieldsBrowser = () => { @@ -473,7 +473,10 @@ export const setKibanaTimezoneToUTC = () => method: 'POST', url: 'internal/kibana/settings', body: { changes: { 'dateFormat:tz': 'UTC' } }, - headers: { 'kbn-xsrf': 'set-kibana-timezone-utc' }, + headers: { + 'kbn-xsrf': 'set-kibana-timezone-utc', + 'x-elastic-internal-origin': 'security-solution', + }, }) .then(() => { cy.reload(); diff --git a/x-pack/plugins/security_solution/cypress/tasks/timelines.ts b/x-pack/test/security_solution_cypress/cypress/tasks/timelines.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/tasks/timelines.ts rename to x-pack/test/security_solution_cypress/cypress/tasks/timelines.ts diff --git a/x-pack/plugins/security_solution/cypress/tsconfig.json b/x-pack/test/security_solution_cypress/cypress/tsconfig.json similarity index 91% rename from x-pack/plugins/security_solution/cypress/tsconfig.json rename to x-pack/test/security_solution_cypress/cypress/tsconfig.json index 7d674e03fcf4c..8ee21e233a223 100644 --- a/x-pack/plugins/security_solution/cypress/tsconfig.json +++ b/x-pack/test/security_solution_cypress/cypress/tsconfig.json @@ -25,7 +25,7 @@ // in a way that can't be auto-matically deteceted at this time // so we have to force the inclusion of this reference { - "path": "../tsconfig.json", + "path": "../../../plugins/security_solution/tsconfig.json", "force": true }, "@kbn/rison", @@ -42,5 +42,6 @@ "@kbn/tooling-log", "@kbn/fleet-plugin", "@kbn/cases-components", + "@kbn/security-solution-plugin", ] } diff --git a/x-pack/plugins/security_solution/cypress/urls/ml_conditional_links.ts b/x-pack/test/security_solution_cypress/cypress/urls/ml_conditional_links.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/urls/ml_conditional_links.ts rename to x-pack/test/security_solution_cypress/cypress/urls/ml_conditional_links.ts diff --git a/x-pack/plugins/security_solution/cypress/urls/navigation.ts b/x-pack/test/security_solution_cypress/cypress/urls/navigation.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/urls/navigation.ts rename to x-pack/test/security_solution_cypress/cypress/urls/navigation.ts diff --git a/x-pack/plugins/security_solution/cypress/urls/risk_score.ts b/x-pack/test/security_solution_cypress/cypress/urls/risk_score.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/urls/risk_score.ts rename to x-pack/test/security_solution_cypress/cypress/urls/risk_score.ts diff --git a/x-pack/plugins/security_solution/cypress/urls/routes.ts b/x-pack/test/security_solution_cypress/cypress/urls/routes.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/urls/routes.ts rename to x-pack/test/security_solution_cypress/cypress/urls/routes.ts diff --git a/x-pack/plugins/security_solution/cypress/urls/state.ts b/x-pack/test/security_solution_cypress/cypress/urls/state.ts similarity index 100% rename from x-pack/plugins/security_solution/cypress/urls/state.ts rename to x-pack/test/security_solution_cypress/cypress/urls/state.ts diff --git a/x-pack/test/security_solution_cypress/package.json b/x-pack/test/security_solution_cypress/package.json new file mode 100644 index 0000000000000..741205b8f7771 --- /dev/null +++ b/x-pack/test/security_solution_cypress/package.json @@ -0,0 +1,26 @@ +{ + "author": "Elastic", + "name": "@kbn/security-solution-plugin", + "version": "1.0.0", + "private": true, + "license": "Elastic License 2.0", + "scripts": { + "cypress": "../../../node_modules/.bin/cypress", + "cypress:open:ess": "TZ=UTC node ../../plugins/security_solution/scripts/start_cypress_parallel open --spec './cypress/e2e/**/*.cy.ts' --config-file ../../test/security_solution_cypress/cypress/cypress.config.ts --ftr-config-file ../../test/security_solution_cypress/cli_config", + "cypress:run:ess": "yarn cypress:ess --config-file ../../test/security_solution_cypress/cypress/cypress_ci.config.ts --browser chrome --spec './cypress/e2e/{,!(investigations,explore)/**/}*.cy.ts'; status=$?; yarn junit:merge && exit $status", + "cypress:run:cases:ess": "yarn cypress:ess --config-file ../../test/security_solution_cypress/cypress/cypress_ci.config.ts --browser chrome --spec './cypress/e2e/explore/cases/*.cy.ts' --ftr-config-file ../../test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", + "cypress:ess": "TZ=UTC node ../../plugins/security_solution/scripts/start_cypress_parallel run --config-file ../../test/security_solution_cypress/cypress/cypress_ci.config.ts --ftr-config-file ../../test/security_solution_cypress/cli_config --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json", + "cypress:run:respops:ess": "yarn cypress:ess --config-file ../../test/security_solution_cypress/cypress/cypress_ci.config.ts --browser chrome --spec './cypress/e2e/(detection_alerts|detection_rules|exceptions)/*.cy.ts' --ftr-config-file ../../test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", + "cypress:investigations:run:ess": "yarn cypress:ess --config-file ../../test/security_solution_cypress/cypress/cypress_ci.config.ts --browser chrome --spec './cypress/e2e/investigations/**/*.cy.ts' --ftr-config-file ../../test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", + "cypress:explore:run:ess": "yarn cypress:ess --config-file ../../test/security_solution_cypress/cypress/cypress_ci.config.ts --browser chrome --spec './cypress/e2e/explore/**/*.cy.ts' --ftr-config-file ../../test/security_solution_cypress/cli_config; status=$?; yarn junit:merge && exit $status", + "cypress:changed-specs-only:ess": "yarn cypress:ess --changed-specs-only --env burn=2", + "junit:merge": "../../../node_modules/.bin/mochawesome-merge ../../../target/kibana-security-solution/cypress/results/mochawesome*.json > ../../../target/kibana-security-solution/cypress/results/output.json && ../../../node_modules/.bin/marge ../../../target/kibana-security-solution/cypress/results/output.json --reportDir ../../../target/kibana-security-solution/cypress/results && yarn junit:transform && mkdir -p ../../../target/junit && cp ../../../target/kibana-security-solution/cypress/results/*.xml ../../../target/junit/", + "junit:transform": "node ../../plugins/security_solution/scripts/junit_transformer --pathPattern '../../../target/kibana-security-solution/cypress/results/*.xml' --rootDirectory ../../../ --reportName 'Security Solution Cypress' --writeInPlace", + "cypress:serverless": "TZ=UTC node ../../plugins/security_solution/scripts/start_cypress_parallel --config-file ../../test/security_solution_cypress/cypress/cypress_ci_serverless.config.ts --ftr-config-file ../../test/security_solution_cypress/serverless_config --reporter ../../../node_modules/cypress-multi-reporters --reporter-options configFile=./cypress/reporter_config.json", + "cypress:open:serverless": "yarn cypress:serverless open --config-file ../../test/security_solution_cypress/cypress/cypress_serverless.config.ts --spec './cypress/e2e/**/*.cy.ts'", + "cypress:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/{,!(investigations,explore)/**/}*.cy.ts'; status=$?; yarn junit:merge && exit $status", + "cypress:investigations:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/investigations/**/*.cy.ts'; status=$?; yarn junit:merge && exit $status", + "cypress:explore:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/explore/**/*.cy.ts'; status=$?; yarn junit:merge && exit $status", + "cypress:changed-specs-only:serverless": "yarn cypress:serverless --changed-specs-only --env burn=2" + } + } diff --git a/x-pack/test/security_solution_cypress/serverless_config.ts b/x-pack/test/security_solution_cypress/serverless_config.ts new file mode 100644 index 0000000000000..b2917f829384f --- /dev/null +++ b/x-pack/test/security_solution_cypress/serverless_config.ts @@ -0,0 +1,38 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; +import { SecuritySolutionConfigurableCypressTestRunner } from './runner'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const svlSharedConfig = await readConfigFile( + require.resolve('../../test_serverless/shared/config.base.ts') + ); + + return { + ...svlSharedConfig.getAll(), + esTestCluster: { + ...svlSharedConfig.get('esTestCluster'), + serverArgs: [ + ...svlSharedConfig.get('esTestCluster.serverArgs'), + // define custom es server here + // API Keys is enabled at the top level + ], + }, + kbnTestServer: { + ...svlSharedConfig.get('kbnTestServer'), + serverArgs: [ + ...svlSharedConfig.get('kbnTestServer.serverArgs'), + '--csp.strict=false', + '--csp.warnLegacyBrowsers=false', + '--serverless=security', + '--xpack.encryptedSavedObjects.encryptionKey="abcdefghijklmnopqrstuvwxyz123456"', + ], + }, + testRunner: SecuritySolutionConfigurableCypressTestRunner, + }; +} diff --git a/x-pack/test/tsconfig.json b/x-pack/test/tsconfig.json index 7992cf9ba2504..efe7ea1f5e8f8 100644 --- a/x-pack/test/tsconfig.json +++ b/x-pack/test/tsconfig.json @@ -18,7 +18,7 @@ "../../typings/**/*", "../../packages/kbn-test/types/ftr_globals/**/*" ], - "exclude": ["target/**/*", "*/plugins/**/*", "*/packages/**/*", "*/*/packages/**/*"], + "exclude": ["security_solution_cypress/cypress/**/*", "target/**/*", "*/plugins/**/*", "*/packages/**/*", "*/*/packages/**/*" ], "kbn_references": [ { "path": "../../test/tsconfig.json" }, "@kbn/core", @@ -138,7 +138,7 @@ "@kbn/ml-category-validator", "@kbn/observability-ai-assistant-plugin", "@kbn/stack-connectors-plugin", + "@kbn/aiops-utils", "@kbn/stack-alerts-plugin", - "@kbn/aiops-utils" ] } diff --git a/x-pack/test_serverless/api_integration/test_suites/common/alerting/helpers/alerting_api_helper.ts b/x-pack/test_serverless/api_integration/test_suites/common/alerting/helpers/alerting_api_helper.ts new file mode 100644 index 0000000000000..a8bcd98d89689 --- /dev/null +++ b/x-pack/test_serverless/api_integration/test_suites/common/alerting/helpers/alerting_api_helper.ts @@ -0,0 +1,239 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { SuperTest, Test } from 'supertest'; + +interface CreateEsQueryRuleParams { + size: number; + thresholdComparator: string; + threshold: number[]; + timeWindowSize?: number; + timeWindowUnit?: string; + esQuery?: string; + timeField?: string; + searchConfiguration?: unknown; + indexName?: string; + excludeHitsFromPreviousRun?: boolean; + aggType?: string; + aggField?: string; + groupBy?: string; + termField?: string; + termSize?: number; + index?: string[]; +} + +export async function createIndexConnector({ + supertest, + name, + indexName, +}: { + supertest: SuperTest; + name: string; + indexName: string; +}) { + const { body } = await supertest + .post(`/api/actions/connector`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo') + .send({ + name, + config: { + index: indexName, + refresh: true, + }, + connector_type_id: '.index', + }); + return body.id as string; +} + +export async function createSlackConnector({ + supertest, + name, +}: { + supertest: SuperTest; + name: string; +}) { + const { body } = await supertest + .post(`/api/actions/connector`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo') + .send({ + name, + config: {}, + secrets: { + webhookUrl: 'http://test', + }, + connector_type_id: '.slack', + }); + return body.id as string; +} + +export async function createEsQueryRule({ + supertest, + name, + ruleTypeId, + params, + actions = [], + tags = [], + schedule, + consumer, + notifyWhen, + enabled = true, +}: { + supertest: SuperTest; + ruleTypeId: string; + name: string; + params: CreateEsQueryRuleParams; + consumer: string; + actions?: any[]; + tags?: any[]; + schedule?: { interval: string }; + notifyWhen?: string; + enabled?: boolean; +}) { + const { body } = await supertest + .post(`/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo') + .send({ + enabled, + params, + consumer, + schedule: schedule || { + interval: '1h', + }, + tags, + name, + rule_type_id: ruleTypeId, + actions, + ...(notifyWhen ? { notify_when: notifyWhen, throttle: '1m' } : {}), + }); + return body; +} + +export async function disableRule({ + supertest, + ruleId, +}: { + supertest: SuperTest; + ruleId: string; +}) { + const { body } = await supertest + .post(`/api/alerting/rule/${ruleId}/_disable`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo'); + return body; +} + +export async function updateEsQueryRule({ + supertest, + ruleId, + updates, +}: { + supertest: SuperTest; + ruleId: string; + updates: any; +}) { + const { body: r } = await supertest + .get(`/api/alerting/rule/${ruleId}`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo'); + const body = await supertest + .put(`/api/alerting/rule/${ruleId}`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo') + .send({ + ...{ + name: r.name, + schedule: r.schedule, + throttle: r.throttle, + tags: r.tags, + params: r.params, + notify_when: r.notifyWhen, + actions: r.actions.map((action: any) => ({ + group: action.group, + params: action.params, + id: action.id, + frequency: action.frequency, + })), + }, + ...updates, + }); + return body; +} + +export async function runRule({ + supertest, + ruleId, +}: { + supertest: SuperTest; + ruleId: string; +}) { + const { body } = await supertest + .post(`/internal/alerting/rule/${ruleId}/_run_soon`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo'); + return body; +} + +export async function muteRule({ + supertest, + ruleId, +}: { + supertest: SuperTest; + ruleId: string; +}) { + const { body } = await supertest + .post(`/api/alerting/rule/${ruleId}/_mute_all`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo'); + return body; +} + +export async function enableRule({ + supertest, + ruleId, +}: { + supertest: SuperTest; + ruleId: string; +}) { + const { body } = await supertest + .post(`/api/alerting/rule/${ruleId}/_enable`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo'); + return body; +} + +export async function muteAlert({ + supertest, + ruleId, + alertId, +}: { + supertest: SuperTest; + ruleId: string; + alertId: string; +}) { + const { body } = await supertest + .post(`/api/alerting/rule/${ruleId}/alert/${alertId}/_mute`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo'); + return body; +} + +export async function unmuteRule({ + supertest, + ruleId, +}: { + supertest: SuperTest; + ruleId: string; +}) { + const { body } = await supertest + .post(`/api/alerting/rule/${ruleId}/_unmute_all`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo'); + return body; +} diff --git a/x-pack/test_serverless/api_integration/test_suites/common/alerting/helpers/alerting_wait_for_helpers.ts b/x-pack/test_serverless/api_integration/test_suites/common/alerting/helpers/alerting_wait_for_helpers.ts new file mode 100644 index 0000000000000..1b5723cc07de5 --- /dev/null +++ b/x-pack/test_serverless/api_integration/test_suites/common/alerting/helpers/alerting_wait_for_helpers.ts @@ -0,0 +1,303 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import pRetry from 'p-retry'; +import type { Client } from '@elastic/elasticsearch'; +import type { + AggregationsAggregate, + SearchResponse, +} from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; + +export async function waitForDocumentInIndex({ + esClient, + indexName, + num = 1, +}: { + esClient: Client; + indexName: string; + num?: number; +}): Promise { + return pRetry( + async () => { + const response = await esClient.search({ index: indexName }); + if (response.hits.hits.length < num) { + throw new Error('No hits found'); + } + return response; + }, + { retries: 10 } + ); +} + +export async function getDocumentsInIndex({ + esClient, + indexName, +}: { + esClient: Client; + indexName: string; +}): Promise { + return await esClient.search({ index: indexName }); +} + +export async function createIndex({ + esClient, + indexName, +}: { + esClient: Client; + indexName: string; +}) { + return await esClient.indices.create( + { + index: indexName, + body: {}, + }, + { meta: true } + ); +} + +export async function waitForAlertInIndex({ + esClient, + indexName, + ruleId, +}: { + esClient: Client; + indexName: string; + ruleId: string; +}): Promise>> { + return pRetry( + async () => { + const response = await esClient.search({ + index: indexName, + body: { + query: { + term: { + 'kibana.alert.rule.uuid': ruleId, + }, + }, + }, + }); + if (response.hits.hits.length === 0) { + throw new Error('No hits found'); + } + return response; + }, + { retries: 10 } + ); +} + +export async function waitForAllTasksIdle({ + esClient, + filter, +}: { + esClient: Client; + filter: Date; +}): Promise { + return pRetry( + async () => { + const response = await esClient.search({ + index: '.kibana_task_manager', + body: { + query: { + bool: { + must: [ + { + terms: { + 'task.scope': ['actions', 'alerting'], + }, + }, + { + range: { + 'task.scheduledAt': { + gte: filter.getTime().toString(), + }, + }, + }, + ], + must_not: [ + { + term: { + 'task.status': 'idle', + }, + }, + ], + }, + }, + }, + }); + if (response.hits.hits.length !== 0) { + throw new Error(`Expected 0 hits but received ${response.hits.hits.length}`); + } + return response; + }, + { retries: 10 } + ); +} + +export async function waitForAllTasks({ + esClient, + filter, + taskType, + attempts, +}: { + esClient: Client; + filter: Date; + taskType: string; + attempts: number; +}): Promise { + return pRetry( + async () => { + const response = await esClient.search({ + index: '.kibana_task_manager', + body: { + query: { + bool: { + must: [ + { + term: { + 'task.status': 'idle', + }, + }, + { + term: { + 'task.attempts': attempts, + }, + }, + { + terms: { + 'task.scope': ['actions', 'alerting'], + }, + }, + { + term: { + 'task.taskType': taskType, + }, + }, + { + range: { + 'task.scheduledAt': { + gte: filter.getTime().toString(), + }, + }, + }, + ], + }, + }, + }, + }); + if (response.hits.hits.length === 0) { + throw new Error('No hits found'); + } + return response; + }, + { retries: 10 } + ); +} + +export async function waitForDisabled({ + esClient, + ruleId, + filter, +}: { + esClient: Client; + ruleId: string; + filter: Date; +}): Promise { + return pRetry( + async () => { + const response = await esClient.search({ + index: '.kibana_task_manager', + body: { + query: { + bool: { + must: [ + { + term: { + 'task.id': `task:${ruleId}`, + }, + }, + { + terms: { + 'task.scope': ['actions', 'alerting'], + }, + }, + { + range: { + 'task.scheduledAt': { + gte: filter.getTime().toString(), + }, + }, + }, + { + term: { + 'task.enabled': true, + }, + }, + ], + }, + }, + }, + }); + if (response.hits.hits.length !== 0) { + throw new Error(`Expected 0 hits but received ${response.hits.hits.length}`); + } + return response; + }, + { retries: 10 } + ); +} + +export async function waitForEventLog({ + esClient, + provider, + filter, + num = 1, +}: { + esClient: Client; + provider: string; + filter: Date; + num?: number; +}): Promise { + return pRetry( + async () => { + const response = await esClient.search({ + index: '.kibana-event-log*', + body: { + query: { + bool: { + filter: [ + { + term: { + 'event.provider': { + value: provider, + }, + }, + }, + { + term: { + 'event.action': 'execute', + }, + }, + { + range: { + '@timestamp': { + gte: filter.getTime().toString(), + }, + }, + }, + ], + }, + }, + }, + }); + if (response.hits.hits.length < num) { + throw new Error('No hits found'); + } + return response; + }, + { retries: 10 } + ); +} diff --git a/x-pack/test_serverless/api_integration/test_suites/common/alerting/index.ts b/x-pack/test_serverless/api_integration/test_suites/common/alerting/index.ts new file mode 100644 index 0000000000000..4a78d448a7d20 --- /dev/null +++ b/x-pack/test_serverless/api_integration/test_suites/common/alerting/index.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrProviderContext } from '../../../ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { + describe('Alerting APIs', function () { + loadTestFile(require.resolve('./rules')); + }); +} diff --git a/x-pack/test_serverless/api_integration/test_suites/common/alerting/rules.ts b/x-pack/test_serverless/api_integration/test_suites/common/alerting/rules.ts new file mode 100644 index 0000000000000..86fdf7afb842a --- /dev/null +++ b/x-pack/test_serverless/api_integration/test_suites/common/alerting/rules.ts @@ -0,0 +1,1010 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; +import { FtrProviderContext } from '../../../ftr_provider_context'; +import { + createIndexConnector, + createEsQueryRule, + disableRule, + updateEsQueryRule, + runRule, + muteRule, + enableRule, + muteAlert, + unmuteRule, + createSlackConnector, +} from './helpers/alerting_api_helper'; +import { + createIndex, + getDocumentsInIndex, + waitForAllTasks, + waitForAllTasksIdle, + waitForDisabled, + waitForDocumentInIndex, + waitForEventLog, +} from './helpers/alerting_wait_for_helpers'; + +export default function ({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + const esClient = getService('es'); + const esDeleteAllIndices = getService('esDeleteAllIndices'); + + describe('Alerting rules', () => { + const RULE_TYPE_ID = '.es-query'; + const ALERT_ACTION_INDEX = 'alert-action-es-query'; + let actionId: string; + let ruleId: string; + + afterEach(async () => { + await supertest + .delete(`/api/actions/connector/${actionId}`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo'); + await supertest + .delete(`/api/alerting/rule/${ruleId}`) + .set('kbn-xsrf', 'foo') + .set('x-elastic-internal-origin', 'foo'); + await esClient.deleteByQuery({ + index: '.kibana-event-log-*', + query: { term: { 'kibana.alert.rule.consumer': 'alerts' } }, + }); + await esDeleteAllIndices([ALERT_ACTION_INDEX]); + }); + + it('should schedule task, run rule and schedule actions when appropriate', async () => { + const testStart = new Date(); + + actionId = await createIndexConnector({ + supertest, + name: 'Index Connector: Alerting API test', + indexName: ALERT_ACTION_INDEX, + }); + expect(actionId).not.to.be(undefined); + + const createdRule = await createEsQueryRule({ + supertest, + consumer: 'alerts', + name: 'always fire', + ruleTypeId: RULE_TYPE_ID, + params: { + size: 100, + thresholdComparator: '>', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + actions: [ + { + group: 'query matched', + id: actionId, + params: { + documents: [ + { + ruleId: '{{rule.id}}', + ruleName: '{{rule.name}}', + ruleParams: '{{rule.params}}', + spaceId: '{{rule.spaceId}}', + tags: '{{rule.tags}}', + alertId: '{{alert.id}}', + alertActionGroup: '{{alert.actionGroup}}', + instanceContextValue: '{{context.instanceContextValue}}', + instanceStateValue: '{{state.instanceStateValue}}', + }, + ], + }, + frequency: { + notify_when: 'onActiveAlert', + throttle: null, + summary: false, + }, + }, + ], + }); + ruleId = createdRule.id; + expect(ruleId).not.to.be(undefined); + + // Wait for the action to index a document before disabling the alert and waiting for tasks to finish + const resp = await waitForDocumentInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + }); + expect(resp.hits.hits.length).to.be(1); + + await waitForAllTasksIdle({ + esClient, + filter: testStart, + }); + + await disableRule({ + supertest, + ruleId, + }); + + await waitForDisabled({ + esClient, + ruleId, + filter: testStart, + }); + + const document = resp.hits.hits[0]; + expect(document._source).to.eql({ + alertActionGroup: 'query matched', + alertId: 'query matched', + instanceContextValue: '', + instanceStateValue: '', + ruleId, + ruleName: 'always fire', + ruleParams: + '{"size":100,"thresholdComparator":">","threshold":[-1],"index":["alert-test-data"],"timeField":"date","esQuery":"{\\n \\"query\\":{\\n \\"match_all\\" : {}\\n }\\n}","timeWindowSize":20,"timeWindowUnit":"s","excludeHitsFromPreviousRun":true,"aggType":"count","groupBy":"all","searchType":"esQuery"}', + spaceId: 'default', + tags: '', + }); + + const eventLogResp = await waitForEventLog({ + esClient, + provider: 'alerting', + filter: testStart, + }); + expect(eventLogResp.hits.hits.length).to.be(1); + + const eventLogDocument = eventLogResp.hits.hits[0]._source; + await validateEventLog(eventLogDocument, { + ruleId, + ruleTypeId: RULE_TYPE_ID, + outcome: 'success', + name: 'always fire', + message: `rule executed: ${RULE_TYPE_ID}:${ruleId}: 'always fire'`, + }); + }); + + it('should pass updated rule params to executor', async () => { + const testStart = new Date(); + + actionId = await createIndexConnector({ + supertest, + name: 'Index Connector: Alerting API test', + indexName: ALERT_ACTION_INDEX, + }); + expect(actionId).not.to.be(undefined); + + const createdRule = await createEsQueryRule({ + supertest, + consumer: 'alerts', + name: 'always fire', + ruleTypeId: RULE_TYPE_ID, + params: { + size: 100, + thresholdComparator: '>', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + actions: [ + { + group: 'query matched', + id: actionId, + params: { + documents: [ + { + ruleId: '{{rule.id}}', + ruleName: '{{rule.name}}', + ruleParams: '{{rule.params}}', + spaceId: '{{rule.spaceId}}', + tags: '{{rule.tags}}', + alertId: '{{alert.id}}', + alertActionGroup: '{{alert.actionGroup}}', + instanceContextValue: '{{context.instanceContextValue}}', + instanceStateValue: '{{state.instanceStateValue}}', + }, + ], + }, + frequency: { + notify_when: 'onActiveAlert', + throttle: null, + summary: false, + }, + }, + ], + }); + ruleId = createdRule.id; + expect(ruleId).not.to.be(undefined); + + // Wait for the action to index a document before disabling the alert and waiting for tasks to finish + const resp = await waitForDocumentInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + }); + expect(resp.hits.hits.length).to.be(1); + + const document = resp.hits.hits[0]; + expect(document._source).to.eql({ + alertActionGroup: 'query matched', + alertId: 'query matched', + instanceContextValue: '', + instanceStateValue: '', + ruleId, + ruleName: 'always fire', + ruleParams: + '{"size":100,"thresholdComparator":">","threshold":[-1],"index":["alert-test-data"],"timeField":"date","esQuery":"{\\n \\"query\\":{\\n \\"match_all\\" : {}\\n }\\n}","timeWindowSize":20,"timeWindowUnit":"s","excludeHitsFromPreviousRun":true,"aggType":"count","groupBy":"all","searchType":"esQuery"}', + spaceId: 'default', + tags: '', + }); + + await waitForAllTasksIdle({ + esClient, + filter: testStart, + }); + + await updateEsQueryRule({ + supertest, + ruleId, + updates: { + name: 'def', + tags: ['fee', 'fi', 'fo'], + }, + }); + + await runRule({ + supertest, + ruleId, + }); + + // make sure alert info passed to executor is correct + const resp2 = await waitForDocumentInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + num: 2, + }); + expect(resp2.hits.hits.length).to.be(2); + + const document2 = resp2.hits.hits[1]; + expect(document2._source).to.eql({ + alertActionGroup: 'query matched', + alertId: 'query matched', + instanceContextValue: '', + instanceStateValue: '', + ruleId, + ruleName: 'def', + ruleParams: + '{"size":100,"thresholdComparator":">","threshold":[-1],"index":["alert-test-data"],"timeField":"date","esQuery":"{\\n \\"query\\":{\\n \\"match_all\\" : {}\\n }\\n}","timeWindowSize":20,"timeWindowUnit":"s","excludeHitsFromPreviousRun":true,"aggType":"count","groupBy":"all","searchType":"esQuery"}', + spaceId: 'default', + tags: 'fee,fi,fo', + }); + }); + + it('should retry when appropriate', async () => { + const testStart = new Date(); + + // Should fail + actionId = await createSlackConnector({ + supertest, + name: 'Slack Connector: Alerting API test', + }); + expect(actionId).not.to.be(undefined); + + const createdRule = await createEsQueryRule({ + supertest, + consumer: 'alerts', + name: 'always fire', + ruleTypeId: RULE_TYPE_ID, + params: { + size: 100, + thresholdComparator: '>', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + actions: [ + { + group: 'query matched', + id: actionId, + params: { + message: `message: {{rule.id}}`, + }, + frequency: { + notify_when: 'onActiveAlert', + throttle: null, + summary: false, + }, + }, + ], + }); + ruleId = createdRule.id; + expect(ruleId).not.to.be(undefined); + + // Should retry when the the action fails + const resp = await waitForAllTasks({ + esClient, + filter: testStart, + taskType: 'actions:.slack', + attempts: 1, + }); + expect(resp.hits.hits.length).to.be(1); + }); + + it('should throttle alerts when appropriate', async () => { + const testStart = new Date(); + + actionId = await createIndexConnector({ + supertest, + name: 'Index Connector: Alerting API test', + indexName: ALERT_ACTION_INDEX, + }); + expect(actionId).not.to.be(undefined); + + const createdRule = await createEsQueryRule({ + supertest, + consumer: 'alerts', + name: 'always fire', + ruleTypeId: RULE_TYPE_ID, + schedule: { interval: '5s' }, + notifyWhen: 'onThrottleInterval', + params: { + size: 100, + thresholdComparator: '>', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + actions: [ + { + group: 'query matched', + id: actionId, + params: { + documents: [ + { + ruleId: '{{rule.id}}', + ruleName: '{{rule.name}}', + ruleParams: '{{rule.params}}', + spaceId: '{{rule.spaceId}}', + tags: '{{rule.tags}}', + alertId: '{{alert.id}}', + alertActionGroup: '{{alert.actionGroup}}', + instanceContextValue: '{{context.instanceContextValue}}', + instanceStateValue: '{{state.instanceStateValue}}', + }, + ], + }, + }, + ], + }); + ruleId = createdRule.id; + expect(ruleId).not.to.be(undefined); + + // Wait until alerts ran at least 3 times before disabling the alert and waiting for tasks to finish + const eventLogResp = await waitForEventLog({ + esClient, + provider: 'alerting', + filter: testStart, + num: 3, + }); + expect(eventLogResp.hits.hits.length >= 3).to.be(true); + + await disableRule({ + supertest, + ruleId, + }); + + await waitForDisabled({ + esClient, + ruleId, + filter: testStart, + }); + + // Ensure actions only executed once + const resp = await waitForDocumentInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + }); + expect(resp.hits.hits.length).to.be(1); + }); + + it('should throttle alerts with throttled action when appropriate', async () => { + const testStart = new Date(); + + actionId = await createIndexConnector({ + supertest, + name: 'Index Connector: Alerting API test', + indexName: ALERT_ACTION_INDEX, + }); + expect(actionId).not.to.be(undefined); + + const createdRule = await createEsQueryRule({ + supertest, + consumer: 'alerts', + name: 'always fire', + ruleTypeId: RULE_TYPE_ID, + schedule: { interval: '5s' }, + params: { + size: 100, + thresholdComparator: '>', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + actions: [ + { + group: 'query matched', + id: actionId, + params: { + documents: [ + { + ruleId: '{{rule.id}}', + ruleName: '{{rule.name}}', + ruleParams: '{{rule.params}}', + spaceId: '{{rule.spaceId}}', + tags: '{{rule.tags}}', + alertId: '{{alert.id}}', + alertActionGroup: '{{alert.actionGroup}}', + instanceContextValue: '{{context.instanceContextValue}}', + instanceStateValue: '{{state.instanceStateValue}}', + }, + ], + }, + frequency: { + notify_when: 'onThrottleInterval', + throttle: '1m', + summary: false, + }, + }, + ], + }); + ruleId = createdRule.id; + expect(ruleId).not.to.be(undefined); + + // Wait until alerts ran at least 3 times before disabling the alert and waiting for tasks to finish + const eventLogResp = await waitForEventLog({ + esClient, + provider: 'alerting', + filter: testStart, + num: 3, + }); + expect(eventLogResp.hits.hits.length >= 3).to.be(true); + + await disableRule({ + supertest, + ruleId, + }); + + await waitForDisabled({ + esClient, + ruleId, + filter: testStart, + }); + + // Ensure actions only executed once + const resp = await waitForDocumentInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + }); + expect(resp.hits.hits.length).to.be(1); + }); + + it('should reset throttle window when not firing and should not throttle when changing groups', async () => { + const testStart = new Date(); + + actionId = await createIndexConnector({ + supertest, + name: 'Index Connector: Alerting API test', + indexName: ALERT_ACTION_INDEX, + }); + expect(actionId).not.to.be(undefined); + + const createdRule = await createEsQueryRule({ + supertest, + consumer: 'alerts', + name: 'always fire', + ruleTypeId: RULE_TYPE_ID, + schedule: { interval: '1m' }, + params: { + size: 100, + thresholdComparator: '>', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + actions: [ + { + group: 'query matched', + id: actionId, + params: { + documents: [ + { + ruleId: '{{rule.id}}', + ruleName: '{{rule.name}}', + ruleParams: '{{rule.params}}', + spaceId: '{{rule.spaceId}}', + tags: '{{rule.tags}}', + alertId: '{{alert.id}}', + alertActionGroup: '{{alert.actionGroup}}', + instanceContextValue: '{{context.instanceContextValue}}', + instanceStateValue: '{{state.instanceStateValue}}', + }, + ], + }, + frequency: { + notify_when: 'onThrottleInterval', + throttle: '1m', + summary: false, + }, + }, + { + group: 'recovered', + id: actionId, + params: { + documents: [ + { + ruleId: '{{rule.id}}', + ruleName: '{{rule.name}}', + ruleParams: '{{rule.params}}', + spaceId: '{{rule.spaceId}}', + tags: '{{rule.tags}}', + alertId: '{{alert.id}}', + alertActionGroup: '{{alert.actionGroup}}', + instanceContextValue: '{{context.instanceContextValue}}', + instanceStateValue: '{{state.instanceStateValue}}', + }, + ], + }, + frequency: { + notify_when: 'onThrottleInterval', + throttle: '1m', + summary: false, + }, + }, + ], + }); + ruleId = createdRule.id; + expect(ruleId).not.to.be(undefined); + + // Wait for the action to index a document + const resp = await waitForDocumentInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + }); + expect(resp.hits.hits.length).to.be(1); + + await waitForAllTasksIdle({ + esClient, + filter: testStart, + }); + + // Update the rule to recover + await updateEsQueryRule({ + supertest, + ruleId, + updates: { + name: 'never fire', + params: { + size: 100, + thresholdComparator: '<', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + }, + }); + + await runRule({ + supertest, + ruleId, + }); + + const eventLogResp = await waitForEventLog({ + esClient, + provider: 'alerting', + filter: testStart, + num: 2, + }); + expect(eventLogResp.hits.hits.length).to.be(2); + + await disableRule({ + supertest, + ruleId, + }); + + await waitForDisabled({ + esClient, + ruleId, + filter: testStart, + }); + + // Ensure only 2 actions are executed + const resp2 = await waitForDocumentInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + num: 2, + }); + expect(resp2.hits.hits.length).to.be(2); + }); + + it(`shouldn't schedule actions when alert is muted`, async () => { + const testStart = new Date(); + await createIndex({ esClient, indexName: ALERT_ACTION_INDEX }); + + actionId = await createIndexConnector({ + supertest, + name: 'Index Connector: Alerting API test', + indexName: ALERT_ACTION_INDEX, + }); + expect(actionId).not.to.be(undefined); + + const createdRule = await createEsQueryRule({ + supertest, + enabled: false, + consumer: 'alerts', + name: 'always fire', + ruleTypeId: RULE_TYPE_ID, + schedule: { interval: '5s' }, + params: { + size: 100, + thresholdComparator: '>', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + actions: [ + { + group: 'query matched', + id: actionId, + params: { + documents: [ + { + ruleId: '{{rule.id}}', + ruleName: '{{rule.name}}', + ruleParams: '{{rule.params}}', + spaceId: '{{rule.spaceId}}', + tags: '{{rule.tags}}', + alertId: '{{alert.id}}', + alertActionGroup: '{{alert.actionGroup}}', + instanceContextValue: '{{context.instanceContextValue}}', + instanceStateValue: '{{state.instanceStateValue}}', + }, + ], + }, + frequency: { + notify_when: 'onActiveAlert', + throttle: null, + summary: false, + }, + }, + ], + }); + ruleId = createdRule.id; + expect(ruleId).not.to.be(undefined); + + await muteRule({ + supertest, + ruleId, + }); + + await enableRule({ + supertest, + ruleId, + }); + + // Wait until alerts schedule actions twice to ensure actions had a chance to skip + // execution once before disabling the alert and waiting for tasks to finish + const eventLogResp = await waitForEventLog({ + esClient, + provider: 'alerting', + filter: testStart, + num: 2, + }); + expect(eventLogResp.hits.hits.length >= 2).to.be(true); + + await disableRule({ + supertest, + ruleId, + }); + + await waitForDisabled({ + esClient, + ruleId, + filter: testStart, + }); + + // Should not have executed any action + const resp2 = await getDocumentsInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + }); + expect(resp2.hits.hits.length).to.be(0); + }); + + it(`shouldn't schedule actions when alert instance is muted`, async () => { + const testStart = new Date(); + await createIndex({ esClient, indexName: ALERT_ACTION_INDEX }); + + actionId = await createIndexConnector({ + supertest, + name: 'Index Connector: Alerting API test', + indexName: ALERT_ACTION_INDEX, + }); + expect(actionId).not.to.be(undefined); + + const createdRule = await createEsQueryRule({ + supertest, + enabled: false, + consumer: 'alerts', + name: 'always fire', + ruleTypeId: RULE_TYPE_ID, + schedule: { interval: '5s' }, + params: { + size: 100, + thresholdComparator: '>', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + actions: [ + { + group: 'query matched', + id: actionId, + params: { + documents: [ + { + ruleId: '{{rule.id}}', + ruleName: '{{rule.name}}', + ruleParams: '{{rule.params}}', + spaceId: '{{rule.spaceId}}', + tags: '{{rule.tags}}', + alertId: '{{alert.id}}', + alertActionGroup: '{{alert.actionGroup}}', + instanceContextValue: '{{context.instanceContextValue}}', + instanceStateValue: '{{state.instanceStateValue}}', + }, + ], + }, + frequency: { + notify_when: 'onActiveAlert', + throttle: null, + summary: false, + }, + }, + ], + }); + ruleId = createdRule.id; + expect(ruleId).not.to.be(undefined); + + await muteAlert({ + supertest, + ruleId, + alertId: 'query matched', + }); + + await enableRule({ + supertest, + ruleId, + }); + + // Wait until alerts schedule actions twice to ensure actions had a chance to skip + // execution once before disabling the alert and waiting for tasks to finish + const eventLogResp = await waitForEventLog({ + esClient, + provider: 'alerting', + filter: testStart, + num: 2, + }); + expect(eventLogResp.hits.hits.length >= 2).to.be(true); + + await disableRule({ + supertest, + ruleId, + }); + + await waitForDisabled({ + esClient, + ruleId, + filter: testStart, + }); + + // Should not have executed any action + const resp2 = await getDocumentsInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + }); + expect(resp2.hits.hits.length).to.be(0); + }); + + it(`should unmute all instances when unmuting an alert`, async () => { + actionId = await createIndexConnector({ + supertest, + name: 'Index Connector: Alerting API test', + indexName: ALERT_ACTION_INDEX, + }); + expect(actionId).not.to.be(undefined); + + const createdRule = await createEsQueryRule({ + supertest, + enabled: false, + consumer: 'alerts', + name: 'always fire', + ruleTypeId: RULE_TYPE_ID, + params: { + size: 100, + thresholdComparator: '>', + threshold: [-1], + index: ['alert-test-data'], + timeField: 'date', + esQuery: `{\n \"query\":{\n \"match_all\" : {}\n }\n}`, + timeWindowSize: 20, + timeWindowUnit: 's', + }, + actions: [ + { + group: 'query matched', + id: actionId, + params: { + documents: [ + { + ruleId: '{{rule.id}}', + ruleName: '{{rule.name}}', + ruleParams: '{{rule.params}}', + spaceId: '{{rule.spaceId}}', + tags: '{{rule.tags}}', + alertId: '{{alert.id}}', + alertActionGroup: '{{alert.actionGroup}}', + instanceContextValue: '{{context.instanceContextValue}}', + instanceStateValue: '{{state.instanceStateValue}}', + }, + ], + }, + frequency: { + notify_when: 'onActiveAlert', + throttle: null, + summary: false, + }, + }, + ], + }); + ruleId = createdRule.id; + expect(ruleId).not.to.be(undefined); + + await muteAlert({ + supertest, + ruleId, + alertId: 'query matched', + }); + + await muteRule({ + supertest, + ruleId, + }); + + await unmuteRule({ + supertest, + ruleId, + }); + + await enableRule({ + supertest, + ruleId, + }); + + // Should have one document indexed by the action + const resp = await waitForDocumentInIndex({ + esClient, + indexName: ALERT_ACTION_INDEX, + }); + expect(resp.hits.hits.length).to.be(1); + }); + }); +} + +interface ValidateEventLogParams { + ruleId: string; + ruleTypeId: string; + outcome: string; + name: string; + message: string; + errorMessage?: string; +} + +function validateEventLog(event: any, params: ValidateEventLogParams) { + const duration = event?.event?.duration; + const eventStart = Date.parse(event?.event?.start || 'undefined'); + const eventEnd = Date.parse(event?.event?.end || 'undefined'); + const dateNow = Date.now(); + + expect(typeof duration).to.be('string'); + expect(eventStart).to.be.ok(); + expect(eventEnd).to.be.ok(); + + expect(eventStart <= eventEnd).to.equal(true); + expect(eventEnd <= dateNow).to.equal(true); + + const outcome = params.outcome; + expect(event?.event?.outcome).to.equal(outcome); + expect(event?.kibana?.alerting?.outcome).to.equal(outcome); + + expect(event?.kibana?.saved_objects).to.eql([ + { + rel: 'primary', + type: 'alert', + id: params.ruleId, + type_id: params.ruleTypeId, + }, + ]); + + expect(event?.kibana?.alert?.rule?.execution?.metrics?.number_of_triggered_actions).to.be(1); + expect(event?.kibana?.alert?.rule?.execution?.metrics?.number_of_searches).to.be(1); + expect(event?.kibana?.alert?.rule?.execution?.metrics?.es_search_duration_ms).to.be(0); + expect( + event?.kibana?.alert?.rule?.execution?.metrics?.total_search_duration_ms + ).to.be.greaterThan(0); + expect(event?.kibana?.alert?.rule?.execution?.metrics?.alert_counts?.active).to.be(1); + expect(event?.kibana?.alert?.rule?.execution?.metrics?.alert_counts?.new).to.be(1); + expect(event?.kibana?.alert?.rule?.execution?.metrics?.alert_counts?.recovered).to.be(0); + + expect( + event?.kibana?.alert?.rule?.execution?.metrics?.claim_to_start_duration_ms + ).to.be.greaterThan(0); + expect(event?.kibana?.alert?.rule?.execution?.metrics?.total_run_duration_ms).to.be.greaterThan( + 0 + ); + expect( + event?.kibana?.alert?.rule?.execution?.metrics?.prepare_rule_duration_ms + ).to.be.greaterThan(0); + expect( + event?.kibana?.alert?.rule?.execution?.metrics?.rule_type_run_duration_ms + ).to.be.greaterThan(0); + // Process alerts is fast enough that it will sometimes report 0ms + const procesAlertsDurationMs = + event?.kibana?.alert?.rule?.execution?.metrics?.process_alerts_duration_ms; + expect( + (typeof procesAlertsDurationMs === 'number' ? procesAlertsDurationMs : -1) >= 0 + ).to.be.ok(); + expect( + event?.kibana?.alert?.rule?.execution?.metrics?.trigger_actions_duration_ms + ).to.be.greaterThan(0); + expect( + event?.kibana?.alert?.rule?.execution?.metrics?.process_rule_duration_ms + ).to.be.greaterThan(0); + + expect(event?.rule).to.eql({ + id: params.ruleId, + license: 'basic', + category: params.ruleTypeId, + ruleset: 'stackAlerts', + name: params.name, + }); + + expect(event?.message).to.eql(params.message); + + if (params.errorMessage) { + expect(event?.error?.message).to.eql(params.errorMessage); + } +} diff --git a/x-pack/test_serverless/api_integration/test_suites/common/index.ts b/x-pack/test_serverless/api_integration/test_suites/common/index.ts index 3ca6b715102d9..1bfb13f2c5f2c 100644 --- a/x-pack/test_serverless/api_integration/test_suites/common/index.ts +++ b/x-pack/test_serverless/api_integration/test_suites/common/index.ts @@ -14,5 +14,6 @@ export default function ({ loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./security_response_headers')); loadTestFile(require.resolve('./rollups')); loadTestFile(require.resolve('./index_management')); + loadTestFile(require.resolve('./alerting')); }); }