[Security Solution] Fixes upgrade tests (#120163)

* avoids the threshold test execution when the version is not the correct * fixes version format * updates details to align with the new data * changes the assertion of the reason field depending on the version * improves the navigation to the rule * removes flakiness * adds missing commit Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
2025-04-24 09:48:58 -04:00 · 2021-12-13 15:11:51 +01:00 · 2021-12-13 15:11:51 +01:00 · 205f77c8ff
commit 205f77c8ff
parent 6e62f5a6e1
6 changed files with 72 additions and 43 deletions
--- a/x-pack/plugins/security_solution/cypress/upgrade_integration/detections/detection_rules/custom_query_rule.spec.ts
+++ b/x-pack/plugins/security_solution/cypress/upgrade_integration/detections/detection_rules/custom_query_rule.spec.ts
@ -4,6 +4,7 @@
 * 2.0; you may not use this file except in compliance with the Elastic License
 * 2.0.
 */
+import semver from 'semver';
 import {
  DESTINATION_IP,
  HOST_NAME,
@ -14,8 +15,8 @@ import {
  SEVERITY,
  SOURCE_IP,
  USER_NAME,
-} from '../screens/alerts';
-import { SERVER_SIDE_EVENT_COUNT } from '../screens/alerts_detection_rules';
+} from '../../../screens/alerts';
+import { SERVER_SIDE_EVENT_COUNT } from '../../../screens/alerts_detection_rules';
 import {
  ADDITIONAL_LOOK_BACK_DETAILS,
  ABOUT_DETAILS,
@ -31,13 +32,16 @@ import {
  SCHEDULE_DETAILS,
  SEVERITY_DETAILS,
  TIMELINE_TEMPLATE_DETAILS,
-} from '../screens/rule_details';
+} from '../../../screens/rule_details';

-import { waitForPageToBeLoaded } from '../tasks/common';
-import { waitForRulesTableToBeLoaded, goToTheRuleDetailsOf } from '../tasks/alerts_detection_rules';
-import { loginAndWaitForPage } from '../tasks/login';
+import { waitForPageToBeLoaded } from '../../../tasks/common';
+import {
+  waitForRulesTableToBeLoaded,
+  goToTheRuleDetailsOf,
+} from '../../../tasks/alerts_detection_rules';
+import { loginAndWaitForPage } from '../../../tasks/login';

-import { DETECTIONS_RULE_MANAGEMENT_URL } from '../urls/navigation';
+import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation';

 const EXPECTED_NUMBER_OF_ALERTS = '1';

@ -63,8 +67,8 @@ const rule = {
  severity: 'Low',
  riskScore: '7',
  timelineTemplate: 'none',
-  runsEvery: '10s',
-  lookBack: '179999990s',
+  runsEvery: '24h',
+  lookBack: '49976h',
  timeline: 'None',
 };

@ -100,10 +104,16 @@ describe('After an upgrade, the custom query rule', () => {
  });

  it('Displays the alert details at the tgrid', () => {
+    let expectedReason;
+    if (semver.gt(Cypress.env('ORIGINAL_VERSION'), '7.15.0')) {
+      expectedReason = alert.reason;
+    } else {
+      expectedReason = '-';
+    }
    cy.get(RULE_NAME).should('have.text', alert.rule);
    cy.get(SEVERITY).should('have.text', alert.severity);
    cy.get(RISK_SCORE).should('have.text', alert.riskScore);
-    cy.get(REASON).should('have.text', alert.reason).type('{rightarrow}');
+    cy.get(REASON).should('have.text', expectedReason).type('{rightarrow}');
    cy.get(HOST_NAME).should('have.text', alert.hostName);
    cy.get(USER_NAME).should('have.text', alert.username);
    cy.get(PROCESS_NAME).should('have.text', alert.processName);
--- a/x-pack/plugins/security_solution/cypress/upgrade_integration/detections/detection_rules/threshold_rule.spec.ts
+++ b/x-pack/plugins/security_solution/cypress/upgrade_integration/detections/detection_rules/threshold_rule.spec.ts
@ -4,9 +4,9 @@
 * 2.0; you may not use this file except in compliance with the Elastic License
 * 2.0.
 */
-
-import { HOST_NAME, REASON, RISK_SCORE, RULE_NAME, SEVERITY } from '../screens/alerts';
-import { SERVER_SIDE_EVENT_COUNT } from '../screens/alerts_detection_rules';
+import semver from 'semver';
+import { HOST_NAME, REASON, RISK_SCORE, RULE_NAME, SEVERITY } from '../../../screens/alerts';
+import { SERVER_SIDE_EVENT_COUNT } from '../../../screens/alerts_detection_rules';
 import {
  ADDITIONAL_LOOK_BACK_DETAILS,
  ABOUT_DETAILS,
@ -23,14 +23,17 @@ import {
  SEVERITY_DETAILS,
  THRESHOLD_DETAILS,
  TIMELINE_TEMPLATE_DETAILS,
-} from '../screens/rule_details';
+} from '../../../screens/rule_details';

-import { expandFirstAlert } from '../tasks/alerts';
-import { waitForPageToBeLoaded } from '../tasks/common';
-import { waitForRulesTableToBeLoaded, goToRuleDetails } from '../tasks/alerts_detection_rules';
-import { loginAndWaitForPage } from '../tasks/login';
+import { expandFirstAlert } from '../../../tasks/alerts';
+import { waitForPageToBeLoaded } from '../../../tasks/common';
+import {
+  goToTheRuleDetailsOf,
+  waitForRulesTableToBeLoaded,
+} from '../../../tasks/alerts_detection_rules';
+import { loginAndWaitForPage } from '../../../tasks/login';

-import { DETECTIONS_RULE_MANAGEMENT_URL } from '../urls/navigation';
+import { DETECTIONS_RULE_MANAGEMENT_URL } from '../../../urls/navigation';
 import {
  OVERVIEW_HOST_NAME,
  OVERVIEW_RISK_SCORE,
@ -40,7 +43,7 @@ import {
  OVERVIEW_THRESHOLD_COUNT,
  OVERVIEW_THRESHOLD_VALUE,
  SUMMARY_VIEW,
-} from '../screens/alerts_details';
+} from '../../../screens/alerts_details';

 const EXPECTED_NUMBER_OF_ALERTS = '1';

@ -61,8 +64,8 @@ const rule = {
  severity: 'Medium',
  riskScore: '17',
  timelineTemplate: 'none',
-  runsEvery: '60s',
-  lookBack: '2999999m',
+  runsEvery: '24h',
+  lookBack: '49976h',
  timeline: 'None',
  thresholdField: 'host.name',
  threholdValue: '1',
@ -72,7 +75,7 @@ describe('After an upgrade, the threshold rule', () => {
  before(() => {
    loginAndWaitForPage(DETECTIONS_RULE_MANAGEMENT_URL);
    waitForRulesTableToBeLoaded();
-    goToRuleDetails();
+    goToTheRuleDetailsOf(rule.name);
    waitForPageToBeLoaded();
  });

@ -104,10 +107,16 @@ describe('After an upgrade, the threshold rule', () => {
  });

  it('Displays the alert details in the TGrid', () => {
+    let expectedReason;
+    if (semver.gt(Cypress.env('ORIGINAL_VERSION'), '7.15.0')) {
+      expectedReason = alert.reason;
+    } else {
+      expectedReason = '-';
+    }
    cy.get(RULE_NAME).should('have.text', alert.rule);
    cy.get(SEVERITY).should('have.text', alert.severity);
    cy.get(RISK_SCORE).should('have.text', alert.riskScore);
-    cy.get(REASON).should('have.text', alert.reason);
+    cy.get(REASON).should('have.text', expectedReason);
    cy.get(HOST_NAME).should('have.text', alert.hostName);
  });

--- a/x-pack/plugins/security_solution/cypress/upgrade_integration/threat_hunting/cases/import_case.spec.ts
+++ b/x-pack/plugins/security_solution/cypress/upgrade_integration/threat_hunting/cases/import_case.spec.ts
@ -15,7 +15,7 @@ import {
  ALL_CASES_OPEN_CASES_STATS,
  ALL_CASES_REPORTER,
  ALL_CASES_IN_PROGRESS_STATUS,
-} from '../screens/all_cases';
+} from '../../../screens/all_cases';
 import {
  CASES_TAGS,
  CASE_CONNECTOR,
@ -25,16 +25,19 @@ import {
  CASE_IN_PROGRESS_STATUS,
  CASE_SWITCH,
  CASE_USER_ACTION,
-} from '../screens/case_details';
-import { CASES_PAGE } from '../screens/kibana_navigation';
+} from '../../../screens/case_details';
+import { CASES_PAGE } from '../../../screens/kibana_navigation';

-import { goToCaseDetails } from '../tasks/all_cases';
-import { deleteCase } from '../tasks/case_details';
-import { navigateFromKibanaCollapsibleTo, openKibanaNavigation } from '../tasks/kibana_navigation';
-import { loginAndWaitForPageWithoutDateRange } from '../tasks/login';
-import { importCase } from '../tasks/saved_objects';
+import { goToCaseDetails } from '../../../tasks/all_cases';
+import { deleteCase } from '../../../tasks/case_details';
+import {
+  navigateFromKibanaCollapsibleTo,
+  openKibanaNavigation,
+} from '../../../tasks/kibana_navigation';
+import { loginAndWaitForPageWithoutDateRange } from '../../../tasks/login';
+import { importCase } from '../../../tasks/saved_objects';

-import { KIBANA_SAVED_OBJECTS } from '../urls/navigation';
+import { KIBANA_SAVED_OBJECTS } from '../../../urls/navigation';

 const CASE_NDJSON = '7_16_case.ndjson';
 const importedCase = {
--- a/x-pack/plugins/security_solution/cypress/upgrade_integration/threat_hunting/timeline/import_timeline.spec.ts
+++ b/x-pack/plugins/security_solution/cypress/upgrade_integration/threat_hunting/timeline/import_timeline.spec.ts
@ -28,7 +28,7 @@ import {
  TIMELINE_QUERY,
  TIMELINE_TITLE,
  USER_KPI,
-} from '../screens/timeline';
+} from '../../../screens/timeline';
 import {
  NOTE,
  TIMELINES_USERNAME,
@ -36,19 +36,19 @@ import {
  TIMELINES_DESCRIPTION,
  TIMELINES_NOTES_COUNT,
  TIMELINES_PINNED_EVENT_COUNT,
-} from '../screens/timelines';
+} from '../../../screens/timelines';

-import { loginAndWaitForPageWithoutDateRange } from '../tasks/login';
+import { loginAndWaitForPageWithoutDateRange } from '../../../tasks/login';
 import {
  closeTimeline,
  deleteTimeline,
  goToCorrelationTab,
  goToNotesTab,
  goToPinnedTab,
-} from '../tasks/timeline';
-import { expandNotes, importTimeline, openTimeline } from '../tasks/timelines';
+} from '../../../tasks/timeline';
+import { expandNotes, importTimeline, openTimeline } from '../../../tasks/timelines';

-import { TIMELINES_URL } from '../urls/navigation';
+import { TIMELINES_URL } from '../../../urls/navigation';

 const timeline = '7_15_timeline.ndjson';
 const username = 'elastic';
@ -64,7 +64,6 @@ const timelineDetails = {
 };

 const detectionAlert = {
-  timestamp: 'Nov 17, 2021 @ 09:36:25.499',
  message: '—',
  eventCategory: 'file',
  eventAction: 'initial_scan',
@ -149,7 +148,6 @@ describe('Import timeline after upgrade', () => {
      cy.get(NOTES_TAB_BUTTON).should('have.text', timelineDetails.notesTab);
      cy.get(PINNED_TAB_BUTTON).should('have.text', timelineDetails.pinnedTab);

-      cy.get(QUERY_EVENT_TABLE_CELL).eq(0).should('contain', detectionAlert.timestamp);
      cy.get(QUERY_EVENT_TABLE_CELL).eq(1).should('contain', detectionAlert.message);
      cy.get(QUERY_EVENT_TABLE_CELL).eq(2).should('contain', detectionAlert.eventCategory);
      cy.get(QUERY_EVENT_TABLE_CELL).eq(3).should('contain', detectionAlert.eventAction);
@ -196,7 +194,6 @@ describe('Import timeline after upgrade', () => {
  it('Displays the correct timeline details inside the pinned tab', () => {
    goToPinnedTab();

-    cy.get(PINNED_EVENT_TABLE_CELL).eq(0).should('contain', detectionAlert.timestamp);
    cy.get(PINNED_EVENT_TABLE_CELL).eq(1).should('contain', detectionAlert.message);
    cy.get(PINNED_EVENT_TABLE_CELL).eq(2).should('contain', detectionAlert.eventCategory);
    cy.get(PINNED_EVENT_TABLE_CELL).eq(3).should('contain', detectionAlert.eventAction);
--- a/x-pack/plugins/security_solution/package.json
+++ b/x-pack/plugins/security_solution/package.json
@ -19,6 +19,7 @@
    "cypress:run-as-ci": "node --max-old-space-size=2048 ../../../scripts/functional_tests --config ../../test/security_solution_cypress/cli_config.ts",
    "cypress:run-as-ci:firefox": "node --max-old-space-size=2048 ../../../scripts/functional_tests --config ../../test/security_solution_cypress/config.firefox.ts",
    "cypress:run:upgrade": "yarn cypress:run:reporter --browser chrome --config integrationFolder=./cypress/upgrade_integration",
+    "cypress:run:upgrade:old": "yarn cypress:run:reporter --browser chrome --config integrationFolder=./cypress/upgrade_integration --spec ./cypress/upgrade_integration/threat_hunting/**/*.spec.ts,./cypress/upgrade_integration/detections/**/custom_query_rule.spec.ts; status=$?; yarn junit:merge && exit $status",
    "junit:merge": "../../../node_modules/.bin/mochawesome-merge ../../../target/kibana-security-solution/cypress/results/mochawesome*.json > ../../../target/kibana-security-solution/cypress/results/output.json && ../../../node_modules/.bin/marge ../../../target/kibana-security-solution/cypress/results/output.json --reportDir ../../../target/kibana-security-solution/cypress/results && mkdir -p ../../../target/junit && cp ../../../target/kibana-security-solution/cypress/results/*.xml ../../../target/junit/",
    "test:generate": "node scripts/endpoint/resolver_generator"
  }
--- a/x-pack/test/security_solution_cypress/runner.ts
+++ b/x-pack/test/security_solution_cypress/runner.ts
@ -10,6 +10,7 @@ import Url from 'url';

 import { withProcRunner } from '@kbn/dev-utils';

+import semver from 'semver';
 import { FtrProviderContext } from './ftr_provider_context';

 export async function SecuritySolutionCypressCliTestRunner({ getService }: FtrProviderContext) {
@ -117,11 +118,18 @@ export async function SecuritySolutionCypressUpgradeCliTestRunner({
  getService,
 }: FtrProviderContext) {
  const log = getService('log');
+  let command = '';
+
+  if (semver.gt(process.env.ORIGINAL_VERSION!, '7.10.0')) {
+    command = 'cypress:run:upgrade';
+  } else {
+    command = 'cypress:run:upgrade:old';
+  }

  await withProcRunner(log, async (procs) => {
    await procs.run('cypress', {
      cmd: 'yarn',
-      args: ['cypress:run:upgrade'],
+      args: [command],
      cwd: resolve(__dirname, '../../plugins/security_solution'),
      env: {
        FORCE_COLOR: '1',
@ -129,6 +137,7 @@ export async function SecuritySolutionCypressUpgradeCliTestRunner({
        CYPRESS_ELASTICSEARCH_URL: process.env.TEST_ES_URL,
        CYPRESS_ELASTICSEARCH_USERNAME: process.env.TEST_ES_USER,
        CYPRESS_ELASTICSEARCH_PASSWORD: process.env.TEST_ES_PASS,
+        CYPRESS_ORIGINAL_VERSION: process.env.ORIGINAL_VERSION,
        ...process.env,
      },
      wait: true,