elastic · MadameSheema · Sep 22, 2023 · Sep 5, 2023 · Sep 13, 2023 · Sep 13, 2023
@@ -34,8 +34,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
       ...xpackFunctionalTestsConfig.get('kbnTestServer'),
       serverArgs: [
         ...xpackFunctionalTestsConfig.get('kbnTestServer.serverArgs'),
-        '--csp.strict=false',
-        '--csp.warnLegacyBrowsers=false',
         '--usageCollection.uiCounters.enabled=false',
         // define custom kibana server args here
         `--elasticsearch.ssl.certificateAuthorities=${CA_CERT_PATH}`,

@@ -27,6 +27,7 @@ export default defineCypressConfig({
   e2e: {
     experimentalRunAllSpecs: true,
     experimentalMemoryManagement: true,
+    experimentalCspAllowList: ['default-src', 'script-src', 'script-src-elem'],
     setupNodeEvents(on, config) {
       esArchiver(on, config);
       // eslint-disable-next-line @typescript-eslint/no-var-requires

@@ -35,6 +35,7 @@ export default defineCypressConfig({
   e2e: {
     baseUrl: 'http://localhost:5601',
     experimentalMemoryManagement: true,
+    experimentalCspAllowList: ['default-src', 'script-src', 'script-src-elem'],
     specPattern: './cypress/e2e/**/*.cy.ts',
     setupNodeEvents(on, config) {
       esArchiver(on, config);

@@ -34,6 +34,7 @@ export default defineCypressConfig({
   viewportWidth: 1680,
   e2e: {
     baseUrl: 'http://localhost:5601',
+    experimentalCspAllowList: ['default-src', 'script-src', 'script-src-elem'],
     experimentalMemoryManagement: true,
     specPattern: './cypress/e2e/**/*.cy.ts',
     setupNodeEvents(on, config) {

@@ -26,6 +26,7 @@ export default defineCypressConfig({
     grepTags: '@serverless --@brokenInServerless --@skipInServerless',
   },
   e2e: {
+    experimentalCspAllowList: ['default-src', 'script-src', 'script-src-elem'],
     experimentalRunAllSpecs: true,
     experimentalMemoryManagement: true,
     setupNodeEvents(on, config) {

@@ -19,16 +19,24 @@ export const esArchiver = (
   const log = new ToolingLog({ level: 'verbose', writeTo: process.stdout });
 
   const isServerless = config.env.IS_SERVERLESS;
+  const isCloudServerless = config.env.CLOUD_SERVERLESS;
+  const cloudUser = {
+    username: 'elastic',
+    password: config.env.ELASTICSEARCH_PASSWORD,
+  };
+  const serverlessUser = isCloudServerless ? cloudUser : systemIndicesSuperuser;
 
   const client = createEsClientForTesting({
     esUrl: Url.format(config.env.ELASTICSEARCH_URL),
     // Use system indices user so tests can write to system indices
-    authOverride: !isServerless ? systemIndicesSuperuser : undefined,
+    authOverride: !isServerless ? serverlessUser : undefined,
   });
 
+  const kibanaUrl = config.env.KIBANA_URL ? config.env.KIBANA_URL : config.env.BASE_URL;
+
   const kbnClient = new KbnClient({
     log,
-    url: config.env.BASE_URL as string,
+    url: kibanaUrl as string,
     ...(config.env.ELASTICSEARCH_URL.includes('https')
       ? { certificateAuthorities: [Fs.readFileSync(CA_CERT_PATH)] }
       : {}),

@@ -143,8 +143,8 @@ const loginWithUsernameAndPassword = (username: string, password: string) => {
     throw Error(`Cypress config baseUrl not set!`);
   }
 
+  // Programmatically authenticate without interacting with the Kibana login page.
   const headers = { 'kbn-xsrf': 'cypress-creds', 'x-elastic-internal-origin': 'security-solution' };
-  // programmatically authenticate without interacting with the Kibana login page
   cy.request<LoginState>({ headers, url: `${baseUrl}/internal/security/login_state` }).then(
     (loginState) => {
       const basicProvider = loginState.body.selector.providers.find(

@@ -18,8 +18,11 @@
       "junit:merge": "../../../node_modules/.bin/mochawesome-merge ../../../target/kibana-security-solution/cypress/results/mochawesome*.json > ../../../target/kibana-security-solution/cypress/results/output.json && ../../../node_modules/.bin/marge ../../../target/kibana-security-solution/cypress/results/output.json --reportDir ../../../target/kibana-security-solution/cypress/results && yarn junit:transform && mkdir -p ../../../target/junit && cp ../../../target/kibana-security-solution/cypress/results/*.xml ../../../target/junit/",
       "junit:transform": "node ../../plugins/security_solution/scripts/junit_transformer --pathPattern '../../../target/kibana-security-solution/cypress/results/*.xml' --rootDirectory ../../../ --reportName 'Security Solution Cypress' --writeInPlace",
       "cypress:serverless": "TZ=UTC NODE_OPTIONS=--openssl-legacy-provider node ../../plugins/security_solution/scripts/start_cypress_parallel --config-file ../../test/security_solution_cypress/cypress/cypress_ci_serverless.config.ts --ftr-config-file ../../test/security_solution_cypress/serverless_config",
+      "cypress:cloud:serverless": "TZ=UTC NODE_OPTIONS=--openssl-legacy-provider NODE_TLS_REJECT_UNAUTHORIZED=0 ../../../node_modules/.bin/cypress",
+      "cypress:open:cloud:serverless": "yarn cypress:cloud:serverless open --config-file ./cypress/cypress_serverless.config.ts --env CLOUD_SERVERLESS=true",
       "cypress:open:serverless": "yarn cypress:serverless open --config-file ../../test/security_solution_cypress/cypress/cypress_serverless.config.ts --spec './cypress/e2e/**/*.cy.ts'",
       "cypress:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/!(investigations|explore)/**/*.cy.ts'",
+      "cypress:run:cloud:serverless": "yarn cypress:cloud:serverless run --config-file ./cypress/cypress_ci_serverless.config.ts --env CLOUD_SERVERLESS=true",
       "cypress:investigations:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/investigations/**/*.cy.ts'",
       "cypress:explore:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/explore/**/*.cy.ts'",
       "cypress:changed-specs-only:serverless": "yarn cypress:serverless --changed-specs-only --env burn=2",

@@ -15,7 +15,6 @@ export async function SecuritySolutionConfigurableCypressTestRunner({
   getService,
 }: FtrProviderContext) {
   const config = getService('config');
-
   return {
     FORCE_COLOR: '1',
     BASE_URL: Url.format(config.get('servers.kibana')),

@@ -27,8 +27,6 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) {
       ...svlSharedConfig.get('kbnTestServer'),
       serverArgs: [
         ...svlSharedConfig.get('kbnTestServer.serverArgs'),
-        '--csp.strict=false',
-        '--csp.warnLegacyBrowsers=false',
         '--serverless=security',
         '--xpack.encryptedSavedObjects.encryptionKey="abcdefghijklmnopqrstuvwxyz123456"',
         `--xpack.securitySolutionServerless.productTypes=${JSON.stringify([