Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[8.11] [EDR Workflows] Verify flaky osquery tests (#169749) #170930

Merged
merged 7 commits into from
Nov 14, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .buildkite/scripts/lifecycle/post_command.sh
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@ if [[ "$IS_TEST_EXECUTION_STEP" == "true" ]]; then
buildkite-agent artifact upload 'target/kibana-coverage/functional/**/*'
buildkite-agent artifact upload 'target/kibana-*'
buildkite-agent artifact upload 'target/kibana-security-solution/**/*.png'
buildkite-agent artifact upload 'target/kibana-osquery/**/*.png'
buildkite-agent artifact upload 'target/kibana-osquery/**/*.mp4'
buildkite-agent artifact upload 'target/kibana-fleet/**/*.png'
buildkite-agent artifact upload 'target/test-metrics/*'
buildkite-agent artifact upload 'target/test-suites-ci-plan.json'
Expand Down
13 changes: 9 additions & 4 deletions x-pack/plugins/osquery/cypress/cypress.config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import path from 'path';
import { safeLoad as loadYaml } from 'js-yaml';
import { readFileSync } from 'fs';

import { getFailedSpecVideos } from './support/filter_videos';
import type { YamlRoleDefinitions } from '../../../test_serverless/shared/lib';
import { setupUserDataLoader } from '../../../test_serverless/functional/test_suites/security/cypress/support/setup_data_loader_tasks';
const ROLES_YAML_FILE_PATH = path.join(
Expand All @@ -20,6 +21,11 @@ const ROLES_YAML_FILE_PATH = path.join(
const roleDefinitions = loadYaml(readFileSync(ROLES_YAML_FILE_PATH, 'utf8')) as YamlRoleDefinitions;

export default defineCypressConfig({
reporter: '../../../node_modules/cypress-multi-reporters',
reporterOptions: {
configFile: './cypress/reporter_config.json',
},

defaultCommandTimeout: 60000,
execTimeout: 120000,
pageLoadTimeout: 12000,
Expand All @@ -31,16 +37,14 @@ export default defineCypressConfig({

screenshotsFolder: '../../../target/kibana-osquery/cypress/screenshots',
trashAssetsBeforeRuns: false,
video: false,
video: true,
videosFolder: '../../../target/kibana-osquery/cypress/videos',
videoCompression: 15,
viewportHeight: 900,
viewportWidth: 1440,
experimentalStudio: true,

env: {
'cypress-react-selector': {
root: '#osquery-app',
},
grepFilterSpecs: true,
grepTags: '@ess',
grepOmitFiltered: true,
Expand All @@ -54,6 +58,7 @@ export default defineCypressConfig({
numTestsKeptInMemory: 3,
setupNodeEvents(on, config) {
setupUserDataLoader(on, config, { roleDefinitions, additionalRoleName: 'viewer' });
on('after:spec', getFailedSpecVideos);

return config;
},
Expand Down
31 changes: 18 additions & 13 deletions x-pack/plugins/osquery/cypress/e2e/all/add_integration.cy.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
* 2.0.
*/

import {
ADD_PACK_HEADER_BUTTON,
ADD_QUERY_BUTTON,
formFieldInputSelector,
TABLE_ROWS,
} from '../../screens/packs';
import {
cleanupPack,
cleanupAgentPolicy,
Expand All @@ -28,7 +34,7 @@ import {
interceptAgentPolicyId,
policyContainsIntegration,
} from '../../tasks/integrations';
import { findAndClickButton, findFormFieldByRowsLabelAndType } from '../../tasks/live_query';
import { ServerlessRoleName } from '../../support/roles';

describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {
let savedQueryId: string;
Expand All @@ -40,7 +46,7 @@ describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {
});

beforeEach(() => {
cy.login('elastic');
cy.login(ServerlessRoleName.PLATFORM_ENGINEER);
});

after(() => {
Expand Down Expand Up @@ -118,12 +124,13 @@ describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {
cy.getBySel('epmList.searchBar').type('osquery');
cy.getBySel('integration-card:epr:osquery_manager').click();
cy.getBySel('addIntegrationPolicyButton').click();
cy.getBySel('globalLoadingIndicator').should('not.exist');

cy.getBySel('agentPolicySelect').within(() => {
cy.contains(policyName);
});
cy.getBySel('packagePolicyNameInput')
.wait(500)
.type(`{selectall}{backspace}${integrationName}`);
cy.getBySel('packagePolicyNameInput').clear().wait(500);
cy.getBySel('packagePolicyNameInput').type(`${integrationName}`);
cy.getBySel(CREATE_PACKAGE_POLICY_SAVE_BTN).click();
cy.getBySel('confirmModalCancelButton').click();
cy.get(`[title="${integrationName}"]`).should('exist');
Expand Down Expand Up @@ -170,13 +177,11 @@ describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {
cy.getBySel('euiFlyoutCloseButton').click();

navigateTo('app/osquery/packs');
findAndClickButton('Add pack');
findFormFieldByRowsLabelAndType('Name', packName);
findFormFieldByRowsLabelAndType(
'Scheduled agent policies (optional)',
`${policyName} {downArrow}{enter}{esc}`
);
findAndClickButton('Add query');
cy.getBySel(ADD_PACK_HEADER_BUTTON).click();
cy.get(formFieldInputSelector('name')).type(`${packName}{downArrow}{enter}`);
cy.getBySel('policyIdsComboBox').type(`${policyName} {downArrow}{enter}`);

cy.getBySel(ADD_QUERY_BUTTON).click();
cy.getBySel('savedQuerySelect').click().type('{downArrow}{enter}');
cy.contains(/^Save$/).click();
cy.contains(/^Save pack$/).click();
Expand All @@ -202,7 +207,7 @@ describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {

// test list of prebuilt queries
navigateTo('/app/osquery/saved_queries');
cy.react('EuiTableRow').should('have.length.above', 5);
cy.get(TABLE_ROWS).should('have.length.above', 5);
});
});
});
Original file line number Diff line number Diff line change
Expand Up @@ -5,115 +5,114 @@
* 2.0.
*/

import { initializeDataViews } from '../../tasks/login';
import { cleanupRule, loadRule } from '../../tasks/api_fixtures';
import { checkActionItemsInResults, loadRuleAlerts } from '../../tasks/live_query';

const UUID_REGEX = '[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}';

describe(
'Alert Flyout Automated Action Results',
{
tags: ['@ess', '@serverless'],
},
() => {
let ruleId: string;
describe('Alert Flyout Automated Action Results', () => {
let ruleId: string;

beforeEach(() => {
loadRule(true).then((data) => {
ruleId = data.id;
loadRuleAlerts(data.name);
});
});
before(() => {
initializeDataViews();
});

afterEach(() => {
cleanupRule(ruleId);
beforeEach(() => {
loadRule(true).then((data) => {
ruleId = data.id;
loadRuleAlerts(data.name);
});
});

it('can visit discover from response action results', () => {
const discoverRegex = new RegExp(`action_id: ${UUID_REGEX}`);
cy.getBySel('expand-event').first().click();
cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
cy.getBySel('securitySolutionFlyoutResponseButton').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
checkActionItemsInResults({
lens: true,
discover: true,
cases: true,
timeline: true,
});
cy.contains('View in Discover')
.should('exist')
.should('have.attr', 'href')
.then(($href) => {
// @ts-expect-error-next-line href string - check types
cy.visit($href);
cy.getBySel('discoverDocTable', { timeout: 60000 }).within(() => {
cy.contains('action_data{ "query":');
});
cy.contains(discoverRegex);
});
});
afterEach(() => {
cleanupRule(ruleId);
});

it('can visit lens from response action results', () => {
const lensRegex = new RegExp(`Action ${UUID_REGEX} results`);
cy.getBySel('expand-event').first().click();
cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
cy.getBySel('securitySolutionFlyoutResponseButton').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
checkActionItemsInResults({
lens: true,
discover: true,
cases: true,
timeline: true,
});
cy.getBySel('osquery-results-comment')
.first()
.within(() => {
let lensUrl = '';
cy.window().then((win) => {
cy.stub(win, 'open')
.as('windowOpen')
.callsFake((url) => {
lensUrl = url;
});
});
cy.get(`[aria-label="View in Lens"]`).click();
cy.window()
.its('open')
.then(() => {
cy.visit(lensUrl);
});
});
cy.getBySel('lnsWorkspace').should('exist');
cy.getBySel('breadcrumbs').contains(lensRegex);
it('can visit discover from response action results', { tags: ['@ess'] }, () => {
const discoverRegex = new RegExp(`action_id: ${UUID_REGEX}`);
cy.getBySel('expand-event').first().click();
cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
cy.getBySel('securitySolutionFlyoutResponseButton').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
checkActionItemsInResults({
lens: true,
discover: true,
cases: true,
timeline: true,
});

it('can add to timeline from response action results', () => {
const timelineRegex = new RegExp(`Added ${UUID_REGEX} to timeline`);
const filterRegex = new RegExp(`action_id: "${UUID_REGEX}"`);
cy.getBySel('expand-event').first().click();
cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
cy.getBySel('securitySolutionFlyoutResponseButton').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
checkActionItemsInResults({
lens: true,
discover: true,
cases: true,
timeline: true,
cy.contains('View in Discover')
.should('exist')
.should('have.attr', 'href')
.then(($href) => {
// @ts-expect-error-next-line href string - check types
cy.visit($href);
cy.getBySel('discoverDocTable', { timeout: 60000 }).within(() => {
cy.contains('action_data{ "query":');
});
cy.contains(discoverRegex);
});
cy.getBySel('osquery-results-comment')
.first()
.within(() => {
cy.get('.euiTableRow')
.first()
.within(() => {
cy.getBySel('add-to-timeline').click();
});

it('can visit lens from response action results', { tags: ['@ess'] }, () => {
const lensRegex = new RegExp(`Action ${UUID_REGEX} results`);
cy.getBySel('expand-event').first().click();
cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
cy.getBySel('securitySolutionFlyoutResponseButton').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
checkActionItemsInResults({
lens: true,
discover: true,
cases: true,
timeline: true,
});
cy.getBySel('osquery-results-comment')
.first()
.within(() => {
let lensUrl = '';
cy.window().then((win) => {
cy.stub(win, 'open')
.as('windowOpen')
.callsFake((url) => {
lensUrl = url;
});
});
cy.contains(timelineRegex);
cy.getBySel('securitySolutionFlyoutHeaderCollapseDetailButton').click();
cy.getBySel('flyoutBottomBar').contains('Untitled timeline').click();
cy.contains(filterRegex);
cy.get(`[aria-label="View in Lens"]`).click();
cy.window()
.its('open')
.then(() => {
cy.visit(lensUrl);
});
});
cy.getBySel('lnsWorkspace').should('exist');
cy.getBySel('breadcrumbs').contains(lensRegex);
});

it('can add to timeline from response action results', { tags: ['@ess', '@serverless'] }, () => {
const timelineRegex = new RegExp(`Added ${UUID_REGEX} to timeline`);
const filterRegex = new RegExp(`action_id: "${UUID_REGEX}"`);
cy.getBySel('expand-event').first().click();
cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
cy.getBySel('securitySolutionFlyoutResponseButton').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
checkActionItemsInResults({
lens: true,
discover: true,
cases: true,
timeline: true,
});
}
);
cy.getBySel('osquery-results-comment')
.first()
.within(() => {
cy.get('.euiTableRow')
.first()
.within(() => {
cy.getBySel('add-to-timeline').click();
});
});
cy.contains(timelineRegex);
cy.getBySel('securitySolutionFlyoutHeaderCollapseDetailButton').click();
cy.getBySel('flyoutBottomBar').contains('Untitled timeline').click();
cy.contains(filterRegex);
});
});
4 changes: 4 additions & 0 deletions x-pack/plugins/osquery/cypress/e2e/all/alerts_cases.cy.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
* 2.0.
*/

import { initializeDataViews } from '../../tasks/login';
import { OSQUERY_FLYOUT_BODY_EDITOR } from '../../screens/live_query';
import {
cleanupCase,
Expand All @@ -29,6 +30,9 @@ describe('Alert Event Details - Cases', { tags: ['@ess', '@serverless'] }, () =>
let packId: string;
let packName: string;
const packData = packFixture();
before(() => {
initializeDataViews();
});

beforeEach(() => {
loadPack(packData).then((data) => {
Expand Down
Loading
Loading