Merge branch 'main' into fix/vulnerabilities-flyout

elastic · Oct 18, 2023 · 2d118d0 · 2d118d0
2 parents 0035302 + 8fd827f
commit 2d118d0
Show file tree

Hide file tree

Showing 19 changed files with 501 additions and 88 deletions.
diff --git a/.buildkite/pipelines/on_merge.yml b/.buildkite/pipelines/on_merge.yml
@@ -187,6 +187,18 @@ steps:
         - exit_status: '*'
           limit: 1
 
+  - command: .buildkite/scripts/steps/functional/osquery_cypress.sh
+    label: 'Osquery Cypress Tests'
+    agents:
+      queue: n2-4-spot
+    depends_on: build
+    timeout_in_minutes: 50
+    parallelism: 6
+    retry:
+      automatic:
+        - exit_status: '*'
+          limit: 1
+
   - command: '.buildkite/scripts/steps/functional/on_merge_unsupported_ftrs.sh'
     label: Trigger unsupported ftr tests
     timeout_in_minutes: 10

diff --git a/.buildkite/pipelines/on_merge_unsupported_ftrs.yml b/.buildkite/pipelines/on_merge_unsupported_ftrs.yml
@@ -63,15 +63,3 @@ steps:
           limit: 3
         - exit_status: '*'
           limit: 1
-
-  - command: .buildkite/scripts/steps/functional/osquery_cypress.sh
-    label: 'Osquery Cypress Tests'
-    agents:
-      queue: n2-4-spot
-    depends_on: build
-    timeout_in_minutes: 50
-    parallelism: 6
-    retry:
-      automatic:
-        - exit_status: '*'
-          limit: 1
diff --git a/.buildkite/pipelines/pull_request/base.yml b/.buildkite/pipelines/pull_request/base.yml
@@ -187,6 +187,18 @@ steps:
         - exit_status: '*'
           limit: 1
 
+  - command: .buildkite/scripts/steps/functional/osquery_cypress.sh
+    label: 'Osquery Cypress Tests'
+    agents:
+      queue: n2-4-spot
+    depends_on: build
+    timeout_in_minutes: 50
+    parallelism: 6
+    retry:
+      automatic:
+        - exit_status: '*'
+          limit: 1
+
   - command: .buildkite/scripts/steps/functional/security_solution_burn.sh
     label: 'Security Solution Cypress tests, burning changed specs'
     agents:
@@ -198,6 +210,28 @@ steps:
       automatic: false
     soft_fail: true
 
+  - command: .buildkite/scripts/steps/functional/osquery_cypress_burn.sh
+    label: 'Osquery Cypress Tests, burning changed specs'
+    agents:
+      queue: n2-4-spot
+    depends_on: build
+    timeout_in_minutes: 50
+    soft_fail: true
+    retry:
+      automatic: false
+
+  - command: .buildkite/scripts/steps/functional/security_serverless_osquery.sh
+    label: 'Serverless Osquery Cypress Tests'
+    agents:
+      queue: n2-4-spot
+    depends_on: build
+    timeout_in_minutes: 50
+    parallelism: 6
+    retry:
+      automatic:
+        - exit_status: '*'
+          limit: 1
+
   # status_exception: Native role management is not enabled in this Elasticsearch instance
   # - command: .buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh
   #   label: 'Serverless Security Defend Workflows Cypress Tests'

diff --git a/.buildkite/pipelines/pull_request/osquery_cypress.yml b/.buildkite/pipelines/pull_request/osquery_cypress.yml
diff --git a/.buildkite/scripts/pipelines/pull_request/pipeline.ts b/.buildkite/scripts/pipelines/pull_request/pipeline.ts
@@ -151,14 +151,6 @@ const uploadPipeline = (pipelineContent: string | object) => {
       pipeline.push(getPipeline('.buildkite/pipelines/pull_request/webpack_bundle_analyzer.yml'));
     }
 
-    if (
-      ((await doAnyChangesMatch([/^x-pack\/plugins\/osquery/, /^x-pack\/test\/osquery_cypress/])) ||
-        GITHUB_PR_LABELS.includes('ci:all-cypress-suites')) &&
-      !GITHUB_PR_LABELS.includes('ci:skip-cypress-osquery')
-    ) {
-      pipeline.push(getPipeline('.buildkite/pipelines/pull_request/osquery_cypress.yml'));
-    }
-
     if (
       (await doAnyChangesMatch([
         /\.docnav\.json$/,

diff --git a/package.json b/package.json
@@ -1093,7 +1093,7 @@
     "@babel/preset-react": "^7.18.6",
     "@babel/preset-typescript": "^7.21.0",
     "@babel/register": "^7.21.0",
-    "@babel/traverse": "^7.21.2",
+    "@babel/traverse": "^7.23.2",
     "@babel/types": "^7.21.2",
     "@bazel/ibazel": "^0.16.2",
     "@bazel/typescript": "4.6.2",

diff --git a/x-pack/plugins/fleet/server/services/files/mocks.ts b/x-pack/plugins/fleet/server/services/files/mocks.ts
@@ -10,12 +10,12 @@ import { Readable } from 'stream';
 import type { estypes } from '@elastic/elasticsearch';
 
 import type {
+  FleetFile,
   FleetFromHostFileClientInterface,
   FleetToHostFileClientInterface,
   HapiReadableStream,
+  HostUploadedFileMetadata,
 } from './types';
-import type { FleetFile } from './types';
-import type { HostUploadedFileMetadata } from './types';
 
 export const createFleetFromHostFilesClientMock =
   (): jest.Mocked<FleetFromHostFileClientInterface> => {

diff --git a/...urity_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts b/...urity_solution/public/management/cypress/e2e/automated_response_actions/history_log.cy.ts
@@ -22,8 +22,6 @@ describe(
     const [endpointAgentId, endpointHostname] = generateRandomStringName(2);
 
     before(() => {
-      login(ROLE.endpoint_response_actions_access);
-
       indexEndpointHosts({ numResponseActions: 2 }).then((indexEndpoints) => {
         endpointData = indexEndpoints;
       });
@@ -59,6 +57,10 @@ describe(
       }
     });
 
+    beforeEach(() => {
+      login(ROLE.endpoint_response_actions_access);
+    });
+
     it('enable filtering by type', () => {
       cy.visit(`/app/security/administration/response_actions_history`);
 

diff --git a/...ity_solution/public/management/cypress/e2e/response_actions/alerts_response_console.cy.ts b/...ity_solution/public/management/cypress/e2e/response_actions/alerts_response_console.cy.ts
@@ -0,0 +1,115 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { closeAllToasts } from '../../tasks/toasts';
+import {
+  getAlertsTableRows,
+  openAlertDetailsView,
+  openInvestigateInTimelineView,
+  openResponderFromEndpointAlertDetails,
+} from '../../screens/alerts';
+import { ensureOnResponder } from '../../screens/responder';
+import { cleanupRule, loadRule } from '../../tasks/api_fixtures';
+import type { PolicyData } from '../../../../../common/endpoint/types';
+import type { CreateAndEnrollEndpointHostResponse } from '../../../../../scripts/endpoint/common/endpoint_host_services';
+import { waitForEndpointListPageToBeLoaded } from '../../tasks/response_console';
+import type { IndexedFleetEndpointPolicyResponse } from '../../../../../common/endpoint/data_loaders/index_fleet_endpoint_policy';
+import { createAgentPolicyTask, getEndpointIntegrationVersion } from '../../tasks/fleet';
+import { toggleRuleOffAndOn, visitRuleAlerts } from '../../tasks/isolate';
+
+import { login } from '../../tasks/login';
+import { enableAllPolicyProtections } from '../../tasks/endpoint_policy';
+import { createEndpointHost } from '../../tasks/create_endpoint_host';
+import { deleteAllLoadedEndpointData } from '../../tasks/delete_all_endpoint_data';
+
+describe('Response console', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => {
+  let indexedPolicy: IndexedFleetEndpointPolicyResponse;
+  let policy: PolicyData;
+  let createdHost: CreateAndEnrollEndpointHostResponse;
+
+  beforeEach(() => {
+    login();
+  });
+
+  before(() => {
+    getEndpointIntegrationVersion().then((version) =>
+      createAgentPolicyTask(version).then((data) => {
+        indexedPolicy = data;
+        policy = indexedPolicy.integrationPolicies[0];
+
+        return enableAllPolicyProtections(policy.id).then(() => {
+          // Create and enroll a new Endpoint host
+          return createEndpointHost(policy.policy_id).then((host) => {
+            createdHost = host as CreateAndEnrollEndpointHostResponse;
+          });
+        });
+      })
+    );
+  });
+
+  after(() => {
+    if (createdHost) {
+      cy.task('destroyEndpointHost', createdHost);
+    }
+
+    if (indexedPolicy) {
+      cy.task('deleteIndexedFleetEndpointPolicies', indexedPolicy);
+    }
+
+    if (createdHost) {
+      deleteAllLoadedEndpointData({ endpointAgentIds: [createdHost.agentId] });
+    }
+  });
+
+  describe('From Alerts', () => {
+    let ruleId: string;
+    let ruleName: string;
+
+    before(() => {
+      loadRule(
+        { query: `agent.name: ${createdHost.hostname} and agent.type: endpoint` },
+        false
+      ).then((data) => {
+        ruleId = data.id;
+        ruleName = data.name;
+      });
+    });
+
+    after(() => {
+      if (ruleId) {
+        cleanupRule(ruleId);
+      }
+    });
+
+    it('should open responder from alert details flyout', () => {
+      waitForEndpointListPageToBeLoaded(createdHost.hostname);
+      toggleRuleOffAndOn(ruleName);
+      visitRuleAlerts(ruleName);
+      closeAllToasts();
+      getAlertsTableRows().should('have.length.greaterThan', 0);
+      openAlertDetailsView();
+
+      openResponderFromEndpointAlertDetails();
+      ensureOnResponder();
+    });
+
+    it('should open responder from timeline view alert details flyout', () => {
+      waitForEndpointListPageToBeLoaded(createdHost.hostname);
+      toggleRuleOffAndOn(ruleName);
+      visitRuleAlerts(ruleName);
+      closeAllToasts();
+
+      getAlertsTableRows().should('have.length.greaterThan', 0);
+      openInvestigateInTimelineView();
+      cy.getByTestSubj('timeline-flyout').within(() => {
+        openAlertDetailsView();
+      });
+      openResponderFromEndpointAlertDetails();
+      ensureOnResponder();
+    });
+  });
+});