[D4C] k8s selector conditions renamed. also updated manage page links. (#153970)

## Summary - renames the orchestrator selector conditions to be specific to kubernetes (in future we can add other conditions for other orchestrators) - renamed the links and "Cloud security posture" category under Security -> Manage. see screenshot - beta tag added to CWP link ![image](https://user-images.githubusercontent.com/16198204/228638928-dda1d6cd-2c8e-4d79-9ef6-92da176a4539.png) ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
2025-04-24 09:48:58 -04:00 · 2023-03-30 15:36:38 -07:00 · 2023-03-30 15:36:38 -07:00 · 0f03b0c1d2
commit 0f03b0c1d2
parent 5437cdab57
8 changed files with 54 additions and 97 deletions
--- a/x-pack/plugins/cloud_defend/public/common/navigation/constants.ts
+++ b/x-pack/plugins/cloud_defend/public/common/navigation/constants.ts
@ -10,7 +10,7 @@ import type { CloudDefendPage, CloudDefendPageNavigationItem } from './types';

 const NAV_ITEMS_NAMES = {
  POLICIES: i18n.translate('xpack.cloudDefend.navigation.policiesNavItemLabel', {
-    defaultMessage: 'Defend for containers (D4C)',
+    defaultMessage: 'Container Workload Protection',
  }),
 };

--- a/x-pack/plugins/cloud_defend/public/components/control_general_view_selector/index.test.tsx
+++ b/x-pack/plugins/cloud_defend/public/components/control_general_view_selector/index.test.tsx
@ -109,7 +109,7 @@ describe('<ControlGeneralViewSelector />', () => {
    const conditions = getSelectorConditions('file');
    expect(options).toHaveLength(conditions.length - 1); // -1 since operation is already present

-    await waitFor(() => userEvent.click(options[0])); // add first option "containerImageName"
+    await waitFor(() => userEvent.click(options[1])); // add second option "containerImageName"

    // rerender and check that containerImageName is not in the list anymore
    const updatedSelector: Selector = { ...onChange.mock.calls[0][0] };
--- a/x-pack/plugins/cloud_defend/public/components/control_yaml_view/hooks/policy_schema.json
+++ b/x-pack/plugins/cloud_defend/public/components/control_yaml_view/hooks/policy_schema.json
@ -66,31 +66,25 @@
          "required": ["containerImageName"]
        },
        {
-          "required": ["fullContainerImageName"]
+          "required": ["containerImageFullName"]
        },
        {
          "required": ["containerImageTag"]
        },
        {
-          "required": ["orchestratorClusterId"]
+          "required": ["kubernetesClusterId"]
        },
        {
-          "required": ["orchestratorClusterName"]
+          "required": ["kubernetesClusterName"]
        },
        {
-          "required": ["orchestratorNamespace"]
+          "required": ["kubernetesNamespace"]
        },
        {
-          "required": ["orchestratorResourceLabel"]
+          "required": ["kubernetesResourceLabel"]
        },
        {
-          "required": ["orchestratorResourceName"]
-        },
-        {
-          "required": ["orchestratorResourceType"]
-        },
-        {
-          "required": ["orchestratorType"]
+          "required": ["kubernetesResourceName"]
        },
        {
          "required": ["targetFilePath"]
@ -129,28 +123,28 @@
            "pattern": "^(?:\\[[a-fA-F0-9:]+\\]|(?:[a-zA-Z0-9-](?:\\.[a-z0-9]+)*)+)(?::[0-9]+)?(?:\\/[a-z0-9]+)+$"
          }
        },
-        "orchestratorClusterId": {
+        "kubernetesClusterId": {
          "type": "array",
          "minItems": 1,
          "items": {
            "type": "string"
          }
        },
-        "orchestratorClusterName": {
+        "kubernetesClusterName": {
          "type": "array",
          "minItems": 1,
          "items": {
            "type": "string"
          }
        },
-        "orchestratorNamespace": {
+        "kubernetesNamespace": {
          "type": "array",
          "minItems": 1,
          "items": {
            "type": "string"
          }
        },
-        "orchestratorResourceLabel": {
+        "kubernetesResourceLabel": {
          "type": "array",
          "minItems": 1,
          "items": {
@ -158,27 +152,13 @@
            "pattern": "^([a-zA-Z0-9\\.\\-]+\\/)?[a-zA-Z0-9\\.\\-]+:[a-zA-Z0-9\\.\\-\\_]*\\*?$"
          }
        },
-        "orchestratorResourceName": {
+        "kubernetesResourceName": {
          "type": "array",
          "minItems": 1,
          "items": {
            "type": "string"
          }
        },
-        "orchestratorResourceType": {
-          "type": "array",
-          "minItems": 1,
-          "items": {
-            "enum": ["node", "pod"]
-          }
-        },
-        "orchestratorType": {
-          "type": "array",
-          "minItems": 1,
-          "items": {
-            "enum": ["kubernetes"]
-          }
-        },
        "operation": {
          "type": "array",
          "minItems": 1,
@ -239,25 +219,19 @@
          "required": ["containerImageTag"]
        },
        {
-          "required": ["orchestratorClusterId"]
+          "required": ["kubernetesClusterId"]
        },
        {
-          "required": ["orchestratorClusterName"]
+          "required": ["kubernetesClusterName"]
        },
        {
-          "required": ["orchestratorNamespace"]
+          "required": ["kubernetesNamespace"]
        },
        {
-          "required": ["orchestratorResourceLabel"]
+          "required": ["kubernetesResourceLabel"]
        },
        {
-          "required": ["orchestratorResourceName"]
-        },
-        {
-          "required": ["orchestratorResourceType"]
-        },
-        {
-          "required": ["orchestratorType"]
+          "required": ["kubernetesResourceName"]
        },
        {
          "required": ["processExecutable"]
@ -302,28 +276,28 @@
            "pattern": "^(?:\\[[a-fA-F0-9:]+\\]|(?:[a-zA-Z0-9-](?:\\.[a-z0-9]+)*)+)(?::[0-9]+)?(?:\\/[a-z0-9]+)+$"
          }
        },
-        "orchestratorClusterId": {
+        "kubernetesClusterId": {
          "type": "array",
          "minItems": 1,
          "items": {
            "type": "string"
          }
        },
-        "orchestratorClusterName": {
+        "kubernetesClusterName": {
          "type": "array",
          "minItems": 1,
          "items": {
            "type": "string"
          }
        },
-        "orchestratorNamespace": {
+        "kubernetesNamespace": {
          "type": "array",
          "minItems": 1,
          "items": {
            "type": "string"
          }
        },
-        "orchestratorResourceLabel": {
+        "kubernetesResourceLabel": {
          "type": "array",
          "minItems": 1,
          "items": {
@ -331,27 +305,13 @@
            "pattern": "^([a-zA-Z0-9\\.\\-]+\\/)?[a-zA-Z0-9\\.\\-]+:[a-zA-Z0-9\\.\\-\\_]*\\*?$"
          }
        },
-        "orchestratorResourceName": {
+        "kubernetesResourceName": {
          "type": "array",
          "minItems": 1,
          "items": {
            "type": "string"
          }
        },
-        "orchestratorResourceType": {
-          "type": "array",
-          "minItems": 1,
-          "items": {
-            "enum": ["node", "pod"]
-          }
-        },
-        "orchestratorType": {
-          "type": "array",
-          "minItems": 1,
-          "items": {
-            "enum": ["kubernetes"]
-          }
-        },
        "operation": {
          "type": "array",
          "minItems": 1,
@ -387,7 +347,8 @@
          "type": "array",
          "minItems": 1,
          "items": {
-            "type": "string"
+            "type": "string",
+            "maxLength": 8
          }
        }
      },
--- a/x-pack/plugins/cloud_defend/public/types.ts
+++ b/x-pack/plugins/cloud_defend/public/types.ts
@ -64,16 +64,14 @@ export type SelectorType = 'file' | 'process';
 export type SelectorConditionType = 'stringArray' | 'flag' | 'boolean';

 export type SelectorCondition =
+  | 'containerImageFullName'
  | 'containerImageName'
  | 'containerImageTag'
-  | 'fullContainerImageName'
-  | 'orchestratorClusterId'
-  | 'orchestratorClusterName'
-  | 'orchestratorNamespace'
-  | 'orchestratorResourceLabel'
-  | 'orchestratorResourceName'
-  | 'orchestratorResourceType'
-  | 'orchestratorType'
+  | 'kubernetesClusterId'
+  | 'kubernetesClusterName'
+  | 'kubernetesNamespace'
+  | 'kubernetesResourceLabel'
+  | 'kubernetesResourceName'
  | 'targetFilePath'
  | 'ignoreVolumeFiles'
  | 'ignoreVolumeMounts'
@ -104,30 +102,28 @@ export type SelectorConditionsMapProps = {

 // used to determine UX control and allowed values for each condition
 export const SelectorConditionsMap: SelectorConditionsMapProps = {
-  containerImageName: {
-    type: 'stringArray',
-    pattern: '^[a-z0-9]+$',
-    not: ['fullContainerImageName'],
-  },
-  containerImageTag: { type: 'stringArray' },
-  fullContainerImageName: {
+  containerImageFullName: {
    type: 'stringArray',
    pattern:
      '^(?:\\[[a-fA-F0-9:]+\\]|(?:[a-zA-Z0-9-](?:\\.[a-z0-9]+)*)+)(?::[0-9]+)?(?:\\/[a-z0-9]+)+$',
    patternError: i18n.errorInvalidFullContainerImageName,
    not: ['containerImageName'],
  },
-  orchestratorClusterId: { type: 'stringArray' },
-  orchestratorClusterName: { type: 'stringArray' },
-  orchestratorNamespace: { type: 'stringArray' },
-  orchestratorResourceLabel: {
+  containerImageName: {
+    type: 'stringArray',
+    pattern: '^[a-z0-9]+$',
+    not: ['containerImageFullName'],
+  },
+  containerImageTag: { type: 'stringArray' },
+  kubernetesClusterId: { type: 'stringArray' },
+  kubernetesClusterName: { type: 'stringArray' },
+  kubernetesNamespace: { type: 'stringArray' },
+  kubernetesResourceName: { type: 'stringArray' },
+  kubernetesResourceLabel: {
    type: 'stringArray',
    pattern: '^([a-zA-Z0-9\\.\\-]+\\/)?[a-zA-Z0-9\\.\\-]+:[a-zA-Z0-9\\.\\-\\_]*\\*?$',
    patternError: i18n.errorInvalidResourceLabel,
  },
-  orchestratorResourceName: { type: 'stringArray' },
-  orchestratorResourceType: { type: 'stringArray', values: ['node', 'pod'] },
-  orchestratorType: { type: 'stringArray', values: ['kubernetes'] },
  operation: {
    type: 'stringArray',
    values: {
@ -152,13 +148,11 @@ export interface Selector {
  operation?: string[];
  containerImageName?: string[];
  containerImageTag?: string[];
-  orchestratorClusterId?: string[];
-  orchestratorClusterName?: string[];
-  orchestratorNamespace?: string[];
-  orchestratorResourceLabel?: string[];
-  orchestratorResourceName?: string[];
-  orchestratorResourceType?: string[];
-  orchestratorType?: string[];
+  kubernetesClusterId?: string[];
+  kubernetesClusterName?: string[];
+  kubernetesNamespace?: string[];
+  kubernetesResourceLabel?: string[];
+  kubernetesResourceName?: string[];

  // selector properties
  targetFilePath?: string[];
--- a/x-pack/plugins/cloud_security_posture/public/common/navigation/constants.ts
+++ b/x-pack/plugins/cloud_security_posture/public/common/navigation/constants.ts
@ -23,7 +23,7 @@ const NAV_ITEMS_NAMES = {
    defaultMessage: 'Findings',
  }),
  BENCHMARKS: i18n.translate('xpack.csp.navigation.myBenchmarksNavItemLabel', {
-    defaultMessage: 'CSP Benchmarks',
+    defaultMessage: 'Cloud Posture Benchmarks',
  }),
  RULES: i18n.translate('xpack.csp.navigation.rulesNavItemLabel', {
    defaultMessage: 'Rules',
--- a/x-pack/plugins/security_solution/public/cloud_defend/links.ts
+++ b/x-pack/plugins/security_solution/public/cloud_defend/links.ts
@ -12,6 +12,7 @@ import type { LinkItem } from '../common/links/types';
 import { IconCloudDefend } from '../management/icons/cloud_defend';

 const commonLinkProperties: Partial<LinkItem> = {
+  isBeta: true,
  hideTimeline: true,
  capabilities: [`${SERVER_APP_ID}.show`],
 };
@ -19,7 +20,8 @@ const commonLinkProperties: Partial<LinkItem> = {
 export const manageLinks: LinkItem = {
  ...getSecuritySolutionLink<SecurityPageName>('policies'),
  description: i18n.translate('xpack.securitySolution.appLinks.cloudDefendPoliciesDescription', {
-    defaultMessage: 'View drift prevention policies.',
+    defaultMessage:
+      'Secure container workloads in Kubernetes from attacks and drift through granular and flexible runtime policies.',
  }),
  landingIcon: IconCloudDefend,
  ...commonLinkProperties,
--- a/x-pack/plugins/security_solution/public/cloud_security_posture/links.ts
+++ b/x-pack/plugins/security_solution/public/cloud_security_posture/links.ts
@ -49,7 +49,7 @@ export const manageLinks: LinkItem = {
 export const manageCategories: LinkCategories = [
  {
    label: i18n.translate('xpack.securitySolution.appLinks.category.cloudSecurityPosture', {
-      defaultMessage: 'CLOUD SECURITY POSTURE',
+      defaultMessage: 'CLOUD SECURITY',
    }),
    linkIds: [
      SecurityPageName.cloudSecurityPostureBenchmarks,
--- a/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/snapshots/index.test.tsx.snap
+++ b/x-pack/plugins/security_solution/public/common/components/navigation/use_security_solution_navigation/snapshots/index.test.tsx.snap
@ -277,7 +277,7 @@ Object {
          "href": "securitySolutionUI/cloud_security_posture-benchmarks",
          "id": "cloud_security_posture-benchmarks",
          "isSelected": false,
-          "name": "CSP Benchmarks",
+          "name": "Cloud Posture Benchmarks",
          "onClick": [Function],
        },
      ],