[FTR](reporting) update common serverless api tests to use api keys (#184819)

## Summary - update api tests in `x-pack/test_serverless/api_integration/test_suites/common/reporting/` - update one ui test in `x-pack/test_serverless/functional/test_suites/common/reporting/management.ts` - update snapshot `x-pack/test_serverless/api_integration/test_suites/common/reporting/__snapshots__/generate_csv_discover.snap` - update shared service in `x-pack/test_serverless/shared/services/svl_reporting.ts` Contributes to: https://github.com/elastic/kibana/issues/180834 --------- Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
2025-04-24 01:38:56 -04:00 · 2024-06-21 14:51:45 +01:00 · 2024-06-21 14:51:45 +01:00 · 5478a06445
commit 5478a06445
parent 6faadda1eb
4 changed files with 31 additions and 27 deletions
--- a/x-pack/test_serverless/api_integration/test_suites/common/reporting/datastream.ts
+++ b/x-pack/test_serverless/api_integration/test_suites/common/reporting/datastream.ts
@ -14,8 +14,8 @@ export default function ({ getService }: FtrProviderContext) {
  const kibanaServer = getService('kibanaServer');
  const reportingAPI = getService('svlReportingApi');
  const svlCommonApi = getService('svlCommonApi');
-  const svlUserManager = getService('svlUserManager');
  const supertestWithoutAuth = getService('supertestWithoutAuth');
+  const svlUserManager = getService('svlUserManager');
  let roleAuthc: RoleCredentials;
  let internalReqHeader: InternalRequestHeader;

@ -30,6 +30,7 @@ export default function ({ getService }: FtrProviderContext) {
    before(async () => {
      roleAuthc = await svlUserManager.createApiKeyForRole('admin');
      internalReqHeader = svlCommonApi.getInternalRequestHeader();
+
      await esArchiver.load(archives.ecommerce.data);
      await kibanaServer.importExport.load(archives.ecommerce.savedObjects);

@ -60,11 +61,12 @@ export default function ({ getService }: FtrProviderContext) {
    });

    it('uses the datastream configuration with set ILM policy', async () => {
-      const { body } = await supertestWithoutAuth
+      const { status, body } = await supertestWithoutAuth
        .get(`/api/index_management/data_streams/.kibana-reporting`)
        .set(internalReqHeader)
-        .set(roleAuthc.apiKeyHeader)
-        .expect(200);
+        .set(roleAuthc.apiKeyHeader);
+
+      svlCommonApi.assertResponseStatusCode(200, status, body);

      expect(body).toEqual({
        _meta: {
--- a/x-pack/test_serverless/api_integration/test_suites/common/reporting/management.ts
+++ b/x-pack/test_serverless/api_integration/test_suites/common/reporting/management.ts
@ -9,20 +9,17 @@ import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common/src/con
 import expect from '@kbn/expect';
 import { INTERNAL_ROUTES } from '@kbn/reporting-common';
 import { FtrProviderContext } from '../../../ftr_provider_context';
+import { RoleCredentials } from '../../../../shared/services';

 // the archived data holds a report created by test_user
-const TEST_USERNAME = 'test_user';
-const TEST_USER_PASSWORD = 'changeme';
 const API_HEADER: [string, string] = ['kbn-xsrf', 'reporting'];
 const INTERNAL_HEADER: [string, string] = [X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'Kibana'];

 export default ({ getService }: FtrProviderContext) => {
  const esArchiver = getService('esArchiver');
-  const supertest = getService('supertestWithoutAuth');
-  const config = getService('config');
-
-  const REPORTING_USER_USERNAME = config.get('servers.kibana.username');
-  const REPORTING_USER_PASSWORD = config.get('servers.kibana.password');
+  const supertestWithoutAuth = getService('supertestWithoutAuth');
+  const svlUserManager = getService('svlUserManager');
+  let roleAuthc: RoleCredentials;

  describe('Reporting Management', function () {
    // security_exception: action [indices:admin/create] is unauthorized for user [elastic] with effective roles [superuser] on restricted indices [.reporting-2020.04.19], this action is granted by the index privileges [create_index,manage,all]
@ -30,12 +27,17 @@ export default ({ getService }: FtrProviderContext) => {

    const dataArchive = 'x-pack/test/functional/es_archives/reporting/archived_reports';

+    before(async () => {
+      roleAuthc = await svlUserManager.createApiKeyForRole('admin');
+    });
+
    beforeEach(async () => {
      await esArchiver.load(dataArchive);
    });

    after(async () => {
      await esArchiver.unload(dataArchive);
+      await svlUserManager.invalidateApiKeyForRole(roleAuthc);
    });

    describe('Deletion', () => {
@ -43,22 +45,22 @@ export default ({ getService }: FtrProviderContext) => {

      // archived data uses the test user but functionality for specific users is not possible yet for svl
      xit(`user can delete a report they've created`, async () => {
-        const response = await supertest
+        const response = await supertestWithoutAuth
          .delete(`${INTERNAL_ROUTES.JOBS.DELETE_PREFIX}/${DELETE_REPORT_ID}`)
-          .auth(TEST_USERNAME, TEST_USER_PASSWORD)
          .set(...API_HEADER)
-          .set(...INTERNAL_HEADER);
+          .set(...INTERNAL_HEADER)
+          .set(roleAuthc.apiKeyHeader);

        expect(response.status).to.be(200);
        expect(response.body).to.eql({ deleted: true });
      });

      it(`user can not delete a report they haven't created`, async () => {
-        const response = await supertest
+        const response = await supertestWithoutAuth
          .delete(`${INTERNAL_ROUTES.JOBS.DELETE_PREFIX}/${DELETE_REPORT_ID}`)
-          .auth(REPORTING_USER_USERNAME, REPORTING_USER_PASSWORD)
          .set(...API_HEADER)
-          .set(...INTERNAL_HEADER);
+          .set(...INTERNAL_HEADER)
+          .set(roleAuthc.apiKeyHeader);

        expect(response.status).to.be(404);
        expect(response.body.message).to.be('Not Found');
--- a/x-pack/test_serverless/functional/test_suites/common/reporting/management.ts
+++ b/x-pack/test_serverless/functional/test_suites/common/reporting/management.ts
@ -20,10 +20,10 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
  const retry = getService('retry');
  const PageObjects = getPageObjects(['common', 'svlCommonPage', 'header']);
  const reportingAPI = getService('svlReportingApi');
-  const config = getService('config');
-  const svlCommonApi = getService('svlCommonApi');
  const svlUserManager = getService('svlUserManager');
+  const svlCommonApi = getService('svlCommonApi');
  let roleAuthc: RoleCredentials;
+  let roleName: string;
  let internalReqHeader: InternalRequestHeader;

  const navigateToReportingManagement = async () => {
@ -56,11 +56,9 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
    };

    // Kibana CI and MKI use different users
-    const TEST_USERNAME = config.get('servers.kibana.username');
-    const TEST_PASSWORD = config.get('servers.kibana.password');
-
    before('initialize saved object archive', async () => {
-      roleAuthc = await svlUserManager.createApiKeyForRole('admin');
+      roleName = 'admin';
+      roleAuthc = await svlUserManager.createApiKeyForRole(roleName);
      internalReqHeader = svlCommonApi.getInternalRequestHeader();
      // add test saved search object
      await kibanaServer.importExport.load(savedObjectsArchive);
@ -69,6 +67,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
    after('clean up archives', async () => {
      await kibanaServer.importExport.unload(savedObjectsArchive);
      await svlUserManager.invalidateApiKeyForRole(roleAuthc);
+      await svlUserManager.invalidateApiKeyForRole(roleAuthc);
    });

    // Cant auth into the route as it's structured currently
@ -87,16 +86,17 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
    });

    // Skipping test for now because functionality is not yet possible to test
+    // See details: https://github.com/elastic/kibana/issues/186558
    xit(`user doesn't see a job another user has created`, async () => {
-      log.debug(`creating a csv report job as '${TEST_USERNAME}'`);
+      log.debug(`creating a csv report job using api keys for role: [${roleName}]`);

      const {
        job: { id: jobId },
      } = await reportingAPI.createReportJobInternal(
        CSV_REPORT_TYPE_V2,
        job,
-        TEST_USERNAME,
-        TEST_PASSWORD
+        roleAuthc,
+        internalReqHeader
      );

      await navigateToReportingManagement();
--- a/x-pack/test_serverless/shared/services/svl_reporting.ts
+++ b/x-pack/test_serverless/shared/services/svl_reporting.ts
@ -98,7 +98,7 @@ export function SvlReportingServiceProvider({ getService }: FtrProviderContext)
    },

    /*
-     * This function is only used in the API tests, funtional tests we have to click the download link in the UI
+     * This function is only used in the API tests, functional tests we have to click the download link in the UI
     */
    async getCompletedJobOutput(
      downloadReportPath: string,