Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Added the rule_source field to the rule schemas #181581

Merged
merged 1 commit into from
May 2, 2024
Merged

[Security Solution] Added the rule_source field to the rule schemas #181581

merged 1 commit into from
May 2, 2024

Conversation

xcrzx
Copy link
Contributor

@xcrzx xcrzx commented Apr 24, 2024
edited
Loading

Resolves: #180121
Resolves: #180122
Resolves: #180124

Summary

As part of the preparatory changes for the work in Milestone 3, we want to add the new rule_source field to the API schema.

  • Added rule_source as an optional property to RuleResponse, by introducing it as an optional property in the ResponseFields schema.
    • For now, all endpoints should return undefined for the rule_source field.
  • Added rule_source as an optional property to RuleToImport, which defines the schema of required and accepted fields when importing a rule.
    • For now, the new rule_source field should be ignored in the endpoint logic.
  • Added the ruleSource field to the BaseRuleParams schema, as an optional field.
  • Implemented a Zod transformation from snake_case to camelCase for object keys to reduce code duplication.

@xcrzx xcrzx added Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area v8.15.0 release_note:skip Skip the PR/issue when compiling release notes labels Apr 24, 2024
@xcrzx xcrzx marked this pull request as ready for review April 24, 2024 14:07
@xcrzx xcrzx requested review from a team as code owners April 24, 2024 14:07
@xcrzx xcrzx requested review from banderror and nkhristinin April 24, 2024 14:07
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

@xcrzx xcrzx force-pushed the rule-source-schema branch 4 times, most recently from 0644a27 to b552f76 Compare April 25, 2024 12:26
@xcrzx xcrzx requested review from a team as code owners April 25, 2024 12:26
@xcrzx xcrzx changed the title [Security Solution] Added the rule_source field to the rule response schema [Security Solution] Added the rule_source field to the rule schemas Apr 25, 2024
@xcrzx xcrzx force-pushed the rule-source-schema branch from b552f76 to 0fe40ae Compare April 25, 2024 13:04
jbudz
jbudz approved these changes Apr 25, 2024
View reviewed changes
Copy link
Member

@jbudz jbudz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

jest-preset

@xcrzx xcrzx force-pushed the rule-source-schema branch from 0fe40ae to 6969bf9 Compare April 25, 2024 16:03
@pheyos pheyos removed the request for review from a team April 25, 2024 16:04
@xcrzx xcrzx force-pushed the rule-source-schema branch from 6969bf9 to cff3ca9 Compare April 26, 2024 07:49
@xcrzx xcrzx requested a review from a team as a code owner April 26, 2024 07:49
@xcrzx xcrzx force-pushed the rule-source-schema branch from cff3ca9 to 23c0db9 Compare April 26, 2024 09:05
@xcrzx xcrzx force-pushed the rule-source-schema branch from 23c0db9 to 2a5cfc0 Compare April 26, 2024 10:03
ymao1
ymao1 approved these changes Apr 26, 2024
View reviewed changes
Copy link
Contributor

@ymao1 ymao1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Response Ops changes LGTM! This is an addition to the detection rule params schema, so I checked that it follows the guidelines for intermediate release:
✅ - optional field added to the schema
✅ - no changes to actually set the field from the UI.

Please ensure that this PR is merged and released to serverless before any followup PRs that make use of this new field. Please reach out if there are any questions about this process. Thanks!

@nikitaindik nikitaindik self-requested a review April 29, 2024 09:54
nkhristinin
nkhristinin approved these changes May 1, 2024
View reviewed changes
Copy link
Contributor

@nkhristinin nkhristinin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

nikitaindik
nikitaindik approved these changes May 1, 2024
View reviewed changes
Copy link
Contributor

@nikitaindik nikitaindik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @xcrzx! The changes look good to me. I left one comment. Please take a look when you can.

@xcrzx xcrzx force-pushed the rule-source-schema branch from 2a5cfc0 to b40118e Compare May 2, 2024 08:32
@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 13.7MB 13.7MB +351.0B

History

  • 💛 Build #206281 was flaky 2a5cfc0e4c1747ce7114c3934d2608fa7e56f4d5
  • 💔 Build #206259 failed 23c0db962e555dffb9e573e7f18a93e57364eebf
  • 💔 Build #206232 failed cff3ca9753713c01bf5ad58c4dea9efa6e999615
  • 💔 Build #206070 failed 6969bf95f0fbe9f45135dd86515946c7d195b2af
  • 💔 Build #205976 failed 0fe40ae1f521886910fd7eca05172aa53b09f4d0

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@xcrzx xcrzx merged commit 36ecb80 into elastic:main May 2, 2024
37 checks passed
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label May 2, 2024
@xcrzx xcrzx deleted the rule-source-schema branch May 2, 2024 14:24
@jpdjere jpdjere mentioned this pull request May 3, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jpdjere jpdjere jpdjere left review comments

@nikitaindik nikitaindik nikitaindik approved these changes

@ymao1 ymao1 ymao1 approved these changes

@nkhristinin nkhristinin nkhristinin approved these changes

@jbudz jbudz jbudz approved these changes

@banderror banderror Awaiting requested review from banderror banderror is a code owner automatically assigned from elastic/security-detection-rule-management

Assignees
No one assigned
Labels
8.15 candidate backport:skip This commit does not require backporting Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area release_note:skip Skip the PR/issue when compiling release notes Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.15.0
Projects
None yet
Milestone
No milestone
10 participants
@xcrzx @elasticmachine @kibana-ci @jbudz @jpdjere @nkhristinin @ymao1 @nikitaindik @banderror @kibanamachine