[8.12] [Security Solution][Endpoint] Remove responder FTR test (#175454) (#177739)

# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution][Endpoint] Remove responder FTR test
(#175454)](https://github.com/elastic/kibana/pull/175454)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"Ash","email":"1849116+ashokaditya@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-23T17:02:47Z","message":"[Security
Solution][Endpoint] Remove responder FTR test (#175454)\n\n##
Summary\r\n\r\nDelete responder test skipped in
elastic/kibana/pull/170489.\r\nWe've cypress tests that cover the test
cases here.\r\n\r\n### Flaky
runner\r\n-\r\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/4937\r\nx
50 (...)\r\n\r\n### Checklist\r\n\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests
changed","sha":"db8440dc5b0d56bb147b6c629d9ea229ccf96fcf","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Defend
Workflows","OLM
Sprint","v8.12.1","v8.13.0","v8.14.0"],"title":"[Security
Solution][Endpoint] Remove responder FTR
test","number":175454,"url":"https://github.com/elastic/kibana/pull/175454","mergeCommit":{"message":"[Security
Solution][Endpoint] Remove responder FTR test (#175454)\n\n##
Summary\r\n\r\nDelete responder test skipped in
elastic/kibana/pull/170489.\r\nWe've cypress tests that cover the test
cases here.\r\n\r\n### Flaky
runner\r\n-\r\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/4937\r\nx
50 (...)\r\n\r\n### Checklist\r\n\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests
changed","sha":"db8440dc5b0d56bb147b6c629d9ea229ccf96fcf"}},"sourceBranch":"main","suggestedTargetBranches":["8.12","8.13"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.13","label":"v8.13.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/175454","number":175454,"mergeCommit":{"message":"[Security
Solution][Endpoint] Remove responder FTR test (#175454)\n\n##
Summary\r\n\r\nDelete responder test skipped in
elastic/kibana/pull/170489.\r\nWe've cypress tests that cover the test
cases here.\r\n\r\n### Flaky
runner\r\n-\r\nhttps://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/4937\r\nx
50 (...)\r\n\r\n### Checklist\r\n\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests
changed","sha":"db8440dc5b0d56bb147b6c629d9ea229ccf96fcf"}}]}]
BACKPORT-->

Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com>

x-pack/test/security_solution_endpoint/apps/endpoint/index.ts

@@ -45,7 +45,6 @@ export default function (providerContext: FtrProviderContext) {
     loadTestFile(require.resolve('./endpoint_list'));
     loadTestFile(require.resolve('./endpoint_telemetry'));
     loadTestFile(require.resolve('./endpoint_permissions'));
-    loadTestFile(require.resolve('./responder'));
     loadTestFile(require.resolve('./endpoint_solution_integrations'));
   });
 }

x-pack/test/security_solution_endpoint/apps/endpoint/responder.ts

@@ -1,247 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import { IndexedHostsAndAlertsResponse } from '@kbn/security-solution-plugin/common/endpoint/index_data';
-import { TimelineResponse } from '@kbn/security-solution-plugin/common/api/timeline';
-import { type IndexedEndpointRuleAlerts } from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_endpoint_rule_alerts';
-import { DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP } from '@kbn/security-solution-plugin/common/test';
-import { FtrProviderContext } from '../../ftr_provider_context';
-import { targetTags } from '../../target_tags';
-
-export default ({ getPageObjects, getService }: FtrProviderContext) => {
-  const pageObjects = getPageObjects([
-    'common',
-    'endpoint',
-    'header',
-    'endpointPageUtils',
-    'responder',
-    'timeline',
-    'detections',
-  ]);
-  const testSubjects = getService('testSubjects');
-  const endpointTestResources = getService('endpointTestResources');
-  const timelineTestService = getService('timeline');
-  const detectionsTestService = getService('detections');
-  const log = getService('log');
-
-  // The Alerts Rule seems to run every 5 minutes when there are no failures. This timeout ensures
-  // that we wait long enough for them to show up.
-  const MAX_WAIT_FOR_ALERTS_TIMEOUT = 60_000 * 6;
-
-  const performResponderSanityChecks = async () => {
-    // Show the Action log
-    await pageObjects.responder.openActionLogFlyout();
-
-    // Ensure the popover in the action log date quick select picker is accessible
-    // (this is especially important for when Responder is displayed from a Timeline)
-    await pageObjects.responder.clickActionLogSuperDatePickerQuickMenuButton();
-    await testSubjects.click(DATE_RANGE_OPTION_TO_TEST_SUBJ_MAP['Last 1 year']);
-    await pageObjects.responder.closeActionLogFlyout();
-
-    // Close responder
-    await pageObjects.responder.closeResponder();
-  };
-  const getEndpointAlertsQueryForAgentId = (
-    agentId: string
-  ): object & { $stringify: () => string } => {
-    return Object.assign(
-      Object.create({
-        $stringify() {
-          return JSON.stringify(this);
-        },
-      }),
-
-      {
-        bool: {
-          filter: [
-            {
-              bool: {
-                should: [{ match_phrase: { 'agent.type': 'endpoint' } }],
-                minimum_should_match: 1,
-              },
-            },
-            {
-              bool: {
-                should: [{ match_phrase: { 'agent.id': agentId } }],
-                minimum_should_match: 1,
-              },
-            },
-            {
-              bool: {
-                should: [{ exists: { field: 'kibana.alert.rule.uuid' } }],
-                minimum_should_match: 1,
-              },
-            },
-          ],
-        },
-      }
-    );
-  };
-
-  // FLAKY: https://github.com/elastic/kibana/issues/153071
-  describe.skip('Response Actions Responder', function () {
-    targetTags(this, ['@ess', '@serverless']);
-
-    let indexedData: IndexedHostsAndAlertsResponse;
-    let endpointAgentId: string;
-
-    before(async () => {
-      indexedData = await endpointTestResources.loadEndpointData({
-        numHosts: 2,
-        generatorSeed: `responder ${Math.random()}`,
-      });
-
-      endpointAgentId = indexedData.hosts[0].agent.id;
-
-      // start/stop the endpoint rule. This should cause the rule to run immediately
-      // and create the Alerts and avoid us having to wait for the interval (of 5 minutes)
-      await detectionsTestService.stopStartEndpointRule();
-    });
-
-    after(async () => {
-      if (indexedData) {
-        log.info('Cleaning up loaded endpoint data');
-        await endpointTestResources.unloadEndpointData(indexedData);
-      }
-    });
-
-    describe('from the Endpoint list and details', () => {
-      before(async () => {
-        await pageObjects.endpoint.navigateToEndpointList();
-      });
-
-      it('should show Responder from the endpoint list', async () => {
-        await pageObjects.endpoint.showResponderFromEndpointList(endpointAgentId);
-        await performResponderSanityChecks();
-      });
-
-      it('should show Responder from the endpoint details', async () => {
-        await pageObjects.endpoint.showResponderFromEndpointDetails(endpointAgentId);
-        await performResponderSanityChecks();
-      });
-    });
-
-    describe('from timeline', () => {
-      let timeline: TimelineResponse;
-      let indexedAlerts: IndexedEndpointRuleAlerts;
-
-      before(async () => {
-        timeline = await timelineTestService.createTimeline('endpoint responder test');
-
-        // Add all alerts for the Endpoint to the timeline created
-        timeline = await timelineTestService.updateTimeline(
-          timeline.data.persistTimeline.timeline.savedObjectId,
-          {
-            title: timeline.data.persistTimeline.timeline.title,
-            kqlQuery: {
-              filterQuery: {
-                kuery: {
-                  kind: 'kuery',
-                  expression: `agent.type: "endpoint" AND agent.id : "${endpointAgentId}" AND kibana.alert.rule.uuid : *`,
-                },
-                serializedQuery: getEndpointAlertsQueryForAgentId(endpointAgentId).$stringify(),
-              },
-            },
-            savedSearchId: null,
-          },
-          timeline.data.persistTimeline.timeline.version
-        );
-
-        indexedAlerts = await detectionsTestService.loadEndpointRuleAlerts(endpointAgentId);
-
-        await detectionsTestService.waitForAlerts(
-          getEndpointAlertsQueryForAgentId(endpointAgentId),
-          MAX_WAIT_FOR_ALERTS_TIMEOUT
-        );
-
-        await pageObjects.timeline.navigateToTimelineList();
-      });
-
-      after(async () => {
-        if (timeline) {
-          log.info(
-            `Cleaning up created timeline [${timeline.data.persistTimeline.timeline.title} - ${timeline.data.persistTimeline.timeline.savedObjectId}]`
-          );
-          await timelineTestService.deleteTimeline(
-            timeline.data.persistTimeline.timeline.savedObjectId
-          );
-        }
-
-        if (indexedAlerts) {
-          log.info(`Cleaning up loaded alerts for Timeline`);
-          await indexedAlerts.cleanup();
-        }
-      });
-
-      it('should show Responder from alert in a timeline', async () => {
-        await pageObjects.timeline.openTimelineById(
-          timeline.data.persistTimeline.timeline.savedObjectId
-        );
-        await pageObjects.timeline.setDateRange('Last 1 year');
-        await pageObjects.timeline.waitForEvents(MAX_WAIT_FOR_ALERTS_TIMEOUT);
-
-        // Show event/alert details for the first one in the list
-        await pageObjects.timeline.showEventDetails();
-
-        // TODO: The index already exists error toast should not show up
-        // close and dismiss it if it does
-        if (await testSubjects.exists('globalToastList')) {
-          await testSubjects.click('toastCloseButton');
-        }
-        // Click responder from the take action button
-        await testSubjects.click('take-action-dropdown-btn');
-        await testSubjects.clickWhenNotDisabled('endpointResponseActions-action-item');
-        await testSubjects.existOrFail('consolePageOverlay');
-
-        // close tour popup
-        if (await testSubjects.exists('timeline-save-tour-close-button')) {
-          await testSubjects.click('timeline-save-tour-close-button');
-        }
-
-        await performResponderSanityChecks();
-        await pageObjects.timeline.closeTimeline();
-      });
-    });
-
-    describe('from alerts', () => {
-      let indexedAlerts: IndexedEndpointRuleAlerts;
-
-      before(async () => {
-        await getService('kibanaServer').request({
-          path: `internal/kibana/settings`,
-          method: 'POST',
-          body: { changes: { 'securitySolution:enableExpandableFlyout': false } },
-        });
-
-        indexedAlerts = await detectionsTestService.loadEndpointRuleAlerts(endpointAgentId);
-
-        await detectionsTestService.waitForAlerts(
-          getEndpointAlertsQueryForAgentId(endpointAgentId),
-          MAX_WAIT_FOR_ALERTS_TIMEOUT
-        );
-      });
-
-      after(async () => {
-        if (indexedAlerts) {
-          log.info(`Cleaning up alerts loaded for Alerts page`);
-          await indexedAlerts.cleanup();
-        }
-      });
-
-      it('should show Responder from alert details under alerts list page', async () => {
-        const hostname = indexedData.hosts[0].host.name;
-        await pageObjects.detections.navigateToAlerts(
-          `query=(language:kuery,query:'host.hostname: "${hostname}" ')`
-        );
-        await pageObjects.detections.waitForListToHaveAlerts(MAX_WAIT_FOR_ALERTS_TIMEOUT);
-        await pageObjects.detections.openFirstAlertDetailsForHostName(hostname);
-        await pageObjects.detections.openResponseConsoleFromAlertDetails();
-        await performResponderSanityChecks();
-      });
-    });
-  });
-};

x-pack/test/security_solution_ftr/services/timeline/index.ts

@@ -58,6 +58,7 @@ export class TimelineTestService extends FtrService {
       await this.supertest
         .post(TIMELINE_DRAFT_URL)
         .set('kbn-xsrf', 'true')
+        .set('elastic-api-version', '2023-10-31')
         .send({ timelineType: 'default' })
         .then(this.getHttpResponseFailureHandler())
         .then((response) => response.body as TimelineResponse)
@@ -112,6 +113,7 @@ export class TimelineTestService extends FtrService {
     return await this.supertest
       .patch(TIMELINE_URL)
       .set('kbn-xsrf', 'true')
+      .set('elastic-api-version', '2023-10-31')
       .send({
         timelineId,
         version,
@@ -126,6 +128,7 @@ export class TimelineTestService extends FtrService {
     await this.supertest
       .delete(TIMELINE_URL)
       .set('kbn-xsrf', 'true')
+      .set('elastic-api-version', '2023-10-31')
       .send({
         savedObjectIds: Array.isArray(id) ? id : [id],
       })