From adb62ce58f18db984195aba44eb7f237df70a2aa Mon Sep 17 00:00:00 2001 From: Kfir Peled Date: Sun, 17 Apr 2022 12:13:58 +0300 Subject: [PATCH 1/3] renamed package to cloud_security_posture --- .../plugins/cloud_security_posture/common/constants.ts | 6 +++--- .../common/api/use_cis_kubernetes_integration.tsx | 4 ++-- .../server/create_indices/create_transforms_indices.ts | 10 +++++----- .../server/routes/benchmarks/benchmarks.ts | 4 ++-- .../server/routes/compliance_dashboard/get_trends.ts | 4 ++-- .../routes/configuration/update_rules_configuration.ts | 7 +++---- 6 files changed, 17 insertions(+), 18 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts index 363adc568ba9b..a1e300c2f16ef 100644 --- a/x-pack/plugins/cloud_security_posture/common/constants.ts +++ b/x-pack/plugins/cloud_security_posture/common/constants.ts @@ -20,10 +20,10 @@ export const LATEST_FINDINGS_INDEX_NAME = 'cloud_security_posture.findings_lates export const BENCHMARK_SCORE_INDEX_NAME = 'cloud_security_posture.scores'; export const AGENT_LOGS_INDEX_PATTERN = '.logs-cis_kubernetes_benchmark.metadata*'; -export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cis_kubernetes_benchmark.findings-*'; +export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cis_kubernetes_benchmark.findings*'; export const FINDINGS_INDEX_PATTERN = 'logs-' + FINDINGS_DATA_STREAM_NAME + '-default*'; -export const LATEST_FINDINGS_INDEX_PATTERN = 'logs-' + LATEST_FINDINGS_INDEX_NAME + '-default'; -export const BENCHMARK_SCORE_INDEX_PATTERN = 'logs-' + BENCHMARK_SCORE_INDEX_NAME + '-default'; +export const LATEST_FINDINGS_INDEX_DEFAULT_NS = 'logs-' + LATEST_FINDINGS_INDEX_NAME + '-default'; +export const BENCHMARK_SCORE_INDEX_DEFAULT_NS = 'logs-' + BENCHMARK_SCORE_INDEX_NAME + '-default'; export const RULE_PASSED = `passed`; export const RULE_FAILED = `failed`; diff --git a/x-pack/plugins/cloud_security_posture/public/common/api/use_cis_kubernetes_integration.tsx b/x-pack/plugins/cloud_security_posture/public/common/api/use_cis_kubernetes_integration.tsx index 0a9f2c2134a6e..cc39897845b29 100644 --- a/x-pack/plugins/cloud_security_posture/public/common/api/use_cis_kubernetes_integration.tsx +++ b/x-pack/plugins/cloud_security_posture/public/common/api/use_cis_kubernetes_integration.tsx @@ -11,7 +11,7 @@ import { type GetInfoResponse, type DefaultPackagesInstallationError, } from '@kbn/fleet-plugin/common'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../../../common/constants'; +import { CLOUD_SECURITY_PACKAGE_NAME } from '../../../common/constants'; import { useKibana } from '../hooks/use_kibana'; /** @@ -21,7 +21,7 @@ export const useCisKubernetesIntegration = () => { const { http } = useKibana().services; return useQuery(['integrations'], () => - http.get(epmRouteService.getInfoPath(CIS_KUBERNETES_PACKAGE_NAME), { + http.get(epmRouteService.getInfoPath(CLOUD_SECURITY_PACKAGE_NAME), { query: { experimental: true }, }) ); diff --git a/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts b/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts index c30bf09a60e0f..32d53b0a89695 100644 --- a/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts +++ b/x-pack/plugins/cloud_security_posture/server/create_indices/create_transforms_indices.ts @@ -10,9 +10,9 @@ import type { ElasticsearchClient, Logger } from '@kbn/core/server'; import { benchmarkScoreMapping } from './benchmark_score_mapping'; import { latestFindingsMapping } from './latest_findings_mapping'; import { - LATEST_FINDINGS_INDEX_PATTERN, + LATEST_FINDINGS_INDEX_DEFAULT_NS, LATEST_FINDINGS_INDEX_NAME, - BENCHMARK_SCORE_INDEX_PATTERN, + BENCHMARK_SCORE_INDEX_DEFAULT_NS, BENCHMARK_SCORE_INDEX_NAME, } from '../../common/constants'; @@ -25,14 +25,14 @@ export const initializeCspTransformsIndices = async ( createIndexIfNotExists( esClient, LATEST_FINDINGS_INDEX_NAME, - LATEST_FINDINGS_INDEX_PATTERN, + LATEST_FINDINGS_INDEX_DEFAULT_NS, latestFindingsMapping, logger ), createIndexIfNotExists( esClient, BENCHMARK_SCORE_INDEX_NAME, - BENCHMARK_SCORE_INDEX_PATTERN, + BENCHMARK_SCORE_INDEX_DEFAULT_NS, benchmarkScoreMapping, logger ), @@ -65,7 +65,7 @@ export const createIndexIfNotExists = async ( } } catch (err) { const error = transformError(err); - logger.error(`Failed to create ${LATEST_FINDINGS_INDEX_PATTERN}`); + logger.error(`Failed to create ${LATEST_FINDINGS_INDEX_DEFAULT_NS}`); logger.error(error.message); } }; diff --git a/x-pack/plugins/cloud_security_posture/server/routes/benchmarks/benchmarks.ts b/x-pack/plugins/cloud_security_posture/server/routes/benchmarks/benchmarks.ts index f0c1dc6e1bf96..3ae4243bd2a63 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/benchmarks/benchmarks.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/benchmarks/benchmarks.ts @@ -19,7 +19,7 @@ import type { AgentPolicy, ListResult, } from '@kbn/fleet-plugin/common'; -import { BENCHMARKS_ROUTE_PATH, CIS_KUBERNETES_PACKAGE_NAME } from '../../../common/constants'; +import { BENCHMARKS_ROUTE_PATH, CLOUD_SECURITY_PACKAGE_NAME } from '../../../common/constants'; import { BENCHMARK_PACKAGE_POLICY_PREFIX, benchmarksInputSchema, @@ -165,7 +165,7 @@ export const defineGetBenchmarksRoute = (router: CspRouter, cspContext: CspAppCo const packagePolicies = await getPackagePolicies( soClient, packagePolicyService, - CIS_KUBERNETES_PACKAGE_NAME, + CLOUD_SECURITY_PACKAGE_NAME, query ); diff --git a/x-pack/plugins/cloud_security_posture/server/routes/compliance_dashboard/get_trends.ts b/x-pack/plugins/cloud_security_posture/server/routes/compliance_dashboard/get_trends.ts index eba14cb8215c2..08d8cd3553fe2 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/compliance_dashboard/get_trends.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/compliance_dashboard/get_trends.ts @@ -6,7 +6,7 @@ */ import { ElasticsearchClient } from '@kbn/core/server'; -import { BENCHMARK_SCORE_INDEX_PATTERN } from '../../../common/constants'; +import { BENCHMARK_SCORE_INDEX_DEFAULT_NS } from '../../../common/constants'; import { Stats } from '../../../common/types'; import { calculatePostureScore } from './get_stats'; @@ -26,7 +26,7 @@ export interface ScoreTrendDoc { } export const getTrendsQuery = () => ({ - index: BENCHMARK_SCORE_INDEX_PATTERN, + index: BENCHMARK_SCORE_INDEX_DEFAULT_NS, size: 5, sort: '@timestamp:desc', }); diff --git a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts index 91bc47a19dad9..7faad9ea518db 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts @@ -22,7 +22,7 @@ import { CspAppContext } from '../../plugin'; import { CspRulesConfigSchema } from '../../../common/schemas/csp_configuration'; import { CspRuleSchema, cspRuleAssetSavedObjectType } from '../../../common/schemas/csp_rule'; import { UPDATE_RULES_CONFIG_ROUTE_PATH } from '../../../common/constants'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../../../common/constants'; +import { CLOUD_SECURITY_PACKAGE_NAME } from '../../../common/constants'; import { CspRouter } from '../../types'; export const getPackagePolicy = async ( @@ -36,9 +36,8 @@ export const getPackagePolicy = async ( if (!packagePolicies || !packagePolicies[0].version) { throw new Error(`package policy Id '${packagePolicyId}' is not exist`); } - if (packagePolicies[0].package?.name !== CIS_KUBERNETES_PACKAGE_NAME) { - // TODO: improve this validator to support any future CSP package - throw new Error(`Package Policy Id '${packagePolicyId}' is not CSP package`); + if (packagePolicies[0].package?.name !== CLOUD_SECURITY_PACKAGE_NAME) { + throw new Error(`Package Policy Id '${packagePolicyId}' is not of type cloud security posture package`); } return packagePolicies![0]; From 03f8587e6ee015c0105f8882febaabd6ffc0ce0a Mon Sep 17 00:00:00 2001 From: Kfir Peled Date: Wed, 20 Apr 2022 17:25:55 +0300 Subject: [PATCH 2/3] refactoring --- .../cloud_security_posture/common/constants.ts | 18 ++++++++---------- .../fleet_integration.test.ts | 4 ++-- .../fleet_integration/fleet_integration.ts | 4 ++-- .../cloud_security_posture/server/plugin.ts | 6 +++--- 4 files changed, 15 insertions(+), 17 deletions(-) diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts index a1e300c2f16ef..eff4c1e385a41 100644 --- a/x-pack/plugins/cloud_security_posture/common/constants.ts +++ b/x-pack/plugins/cloud_security_posture/common/constants.ts @@ -11,18 +11,16 @@ export const BENCHMARKS_ROUTE_PATH = '/internal/cloud_security_posture/benchmark export const UPDATE_RULES_CONFIG_ROUTE_PATH = '/internal/cloud_security_posture/update_rules_config'; -export const CSP_FINDINGS_INDEX_NAME = 'findings'; -export const CIS_KUBERNETES_PACKAGE_NAME = 'cis_kubernetes_benchmark'; -export const FINDINGS_DATA_STREAM_NAME = - // Currently 'cis_kubernetes_benchmark.findings', To be refactored to 'cloud_security_posture.findings' - CIS_KUBERNETES_PACKAGE_NAME + '.' + CSP_FINDINGS_INDEX_NAME; -export const LATEST_FINDINGS_INDEX_NAME = 'cloud_security_posture.findings_latest'; -export const BENCHMARK_SCORE_INDEX_NAME = 'cloud_security_posture.scores'; +export const CLOUD_SECURITY_POSTURE_PACKAGE_NAME = 'cloud_security_posture'; + +export const AGENT_LOGS_INDEX_PATTERN = '.logs-cloud_security_posture.metadata*'; +export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cloud_security_posture.findings*'; +export const FINDINGS_INDEX_PATTERN = 'logs-cloud_security_posture.findings-default*'; -export const AGENT_LOGS_INDEX_PATTERN = '.logs-cis_kubernetes_benchmark.metadata*'; -export const CSP_KUBEBEAT_INDEX_PATTERN = 'logs-cis_kubernetes_benchmark.findings*'; -export const FINDINGS_INDEX_PATTERN = 'logs-' + FINDINGS_DATA_STREAM_NAME + '-default*'; +export const LATEST_FINDINGS_INDEX_NAME = 'cloud_security_posture.findings_latest'; export const LATEST_FINDINGS_INDEX_DEFAULT_NS = 'logs-' + LATEST_FINDINGS_INDEX_NAME + '-default'; + +export const BENCHMARK_SCORE_INDEX_NAME = 'cloud_security_posture.scores'; export const BENCHMARK_SCORE_INDEX_DEFAULT_NS = 'logs-' + BENCHMARK_SCORE_INDEX_NAME + '-default'; export const RULE_PASSED = `passed`; diff --git a/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.test.ts b/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.test.ts index 8872c359fc770..69e13ab8c5065 100644 --- a/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.test.ts +++ b/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.test.ts @@ -8,7 +8,7 @@ import { loggingSystemMock, savedObjectsClientMock } from '@kbn/core/server/mocks'; import { SavedObjectsClientContract, SavedObjectsFindResponse } from '@kbn/core/server'; import { createPackagePolicyMock } from '@kbn/fleet-plugin/common/mocks'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../../common/constants'; +import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../../common/constants'; import { onPackagePolicyPostCreateCallback } from './fleet_integration'; describe('create CSP rules with post package create callback', () => { @@ -40,7 +40,7 @@ describe('create CSP rules with post package create callback', () => { }); it('should create stateful rules based on rule template', async () => { const mockPackagePolicy = createPackagePolicyMock(); - mockPackagePolicy.package!.name = CIS_KUBERNETES_PACKAGE_NAME; + mockPackagePolicy.package!.name = CLOUD_SECURITY_POSTURE_PACKAGE_NAME; mockSoClient.find.mockResolvedValueOnce({ saved_objects: [ { diff --git a/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.ts b/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.ts index 521252f1558e4..cbf45ab0cc47e 100644 --- a/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.ts +++ b/x-pack/plugins/cloud_security_posture/server/fleet_integration/fleet_integration.ts @@ -17,7 +17,7 @@ import { cloudSecurityPostureRuleTemplateSavedObjectType, CloudSecurityPostureRuleTemplateSchema, } from '../../common/schemas/csp_rule_template'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../../common/constants'; +import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../../common/constants'; import { CspRuleSchema, cspRuleAssetSavedObjectType } from '../../common/schemas/csp_rule'; type ArrayElement = ArrayType extends ReadonlyArray< @@ -29,7 +29,7 @@ type ArrayElement = ArrayType extends Read const isCspPackagePolicy = ( packagePolicy: T ): boolean => { - return packagePolicy.package?.name === CIS_KUBERNETES_PACKAGE_NAME; + return packagePolicy.package?.name === CLOUD_SECURITY_POSTURE_PACKAGE_NAME; }; /** diff --git a/x-pack/plugins/cloud_security_posture/server/plugin.ts b/x-pack/plugins/cloud_security_posture/server/plugin.ts index 99900d4aed0d4..33571857db685 100755 --- a/x-pack/plugins/cloud_security_posture/server/plugin.ts +++ b/x-pack/plugins/cloud_security_posture/server/plugin.ts @@ -31,7 +31,7 @@ import { onPackagePolicyPostCreateCallback, onPackagePolicyDeleteCallback, } from './fleet_integration/fleet_integration'; -import { CIS_KUBERNETES_PACKAGE_NAME } from '../common/constants'; +import { CLOUD_SECURITY_POSTURE_PACKAGE_NAME } from '../common/constants'; export interface CspAppContext { logger: Logger; @@ -87,7 +87,7 @@ export class CspPlugin context: RequestHandlerContext, request: KibanaRequest ): Promise => { - if (packagePolicy.package?.name === CIS_KUBERNETES_PACKAGE_NAME) { + if (packagePolicy.package?.name === CLOUD_SECURITY_POSTURE_PACKAGE_NAME) { await onPackagePolicyPostCreateCallback( this.logger, packagePolicy, @@ -103,7 +103,7 @@ export class CspPlugin 'postPackagePolicyDelete', async (deletedPackagePolicies: DeepReadonly) => { for (const deletedPackagePolicy of deletedPackagePolicies) { - if (deletedPackagePolicy.package?.name === CIS_KUBERNETES_PACKAGE_NAME) { + if (deletedPackagePolicy.package?.name === CLOUD_SECURITY_POSTURE_PACKAGE_NAME) { await onPackagePolicyDeleteCallback( this.logger, deletedPackagePolicy, From 4e52fdc50a0c8196d75d689fe75c2acbde9d2f75 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 20 Apr 2022 15:17:37 +0000 Subject: [PATCH 3/3] [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' --- .../server/routes/configuration/update_rules_configuration.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts index 7faad9ea518db..da11beee92440 100644 --- a/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts +++ b/x-pack/plugins/cloud_security_posture/server/routes/configuration/update_rules_configuration.ts @@ -37,7 +37,9 @@ export const getPackagePolicy = async ( throw new Error(`package policy Id '${packagePolicyId}' is not exist`); } if (packagePolicies[0].package?.name !== CLOUD_SECURITY_PACKAGE_NAME) { - throw new Error(`Package Policy Id '${packagePolicyId}' is not of type cloud security posture package`); + throw new Error( + `Package Policy Id '${packagePolicyId}' is not of type cloud security posture package` + ); } return packagePolicies![0];