github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[osquery] Update E2E to not install Osquery integration on the Fleet server (#164225)

Browse source 
## Summary

Increase the stability of Osquery Cypress by stopping the installation
of Osquery on the Fleet server and creating another Agent policy and
enrolling another elastic agent instead
This commit is contained in:
Patryk Kopyciński 2023-08-18 21:01:59 +02:00 committed by GitHub
parent 5cfb693701
commit 7c5392ba22
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 247 additions and 140 deletions
Download patch file Download diff file Expand all files Collapse all files

227
x-pack/plugins/osquery/cypress/e2e/all/packs_create_edit.cy.ts
View file

@ -178,7 +178,7 @@ describe('Packs - Create and Edit', () => {
cy.react('EuiFlyoutFooter').react('EuiButton').contains('Save').click();
findFormFieldByRowsLabelAndType(
'Scheduled agent policies (optional)',
'fleet server {downArrow} {enter}'
`${DEFAULT_POLICY} {downArrow} {enter}`
);
findAndClickButton('Update pack');
closeModalIfVisible();
@ -211,7 +211,7 @@ describe('Packs - Create and Edit', () => {
},
}).then((response) => {
const item = response.body.items.find(
(policy: PackagePolicy) => policy.policy_id === 'fleet-server-policy'
(policy: PackagePolicy) => policy.name === `Policy for ${DEFAULT_POLICY}`
);
expect(item?.inputs[0].config?.osquery.value.packs[packName].queries).to.deep.equal(
@ -268,15 +268,24 @@ describe('Packs - Create and Edit', () => {
let packName: string;
before(() => {
loadPack({
policy_ids: ['fleet-server-policy'],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
request<{ items: PackagePolicy[] }>({
url: '/internal/osquery/fleet_wrapper/package_policies',
headers: {
'Elastic-Api-Version': API_VERSIONS.internal.v1,
},
}).then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
})
.then((response) =>
loadPack({
policy_ids: [response.body.items[0].policy_id],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
},
})
)
.then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
});
after(() => {
@ -310,15 +319,24 @@ describe('Packs - Create and Edit', () => {
let packName: string;
before(() => {
loadPack({
policy_ids: ['fleet-server-policy'],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
request<{ items: PackagePolicy[] }>({
url: '/internal/osquery/fleet_wrapper/package_policies',
headers: {
'Elastic-Api-Version': API_VERSIONS.internal.v1,
},
}).then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
})
.then((response) =>
loadPack({
policy_ids: [response.body.items[0].policy_id],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
},
})
)
.then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
});
after(() => {
@ -343,15 +361,24 @@ describe('Packs - Create and Edit', () => {
let packName: string;
before(() => {
loadPack({
policy_ids: ['fleet-server-policy'],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
request<{ items: PackagePolicy[] }>({
url: '/internal/osquery/fleet_wrapper/package_policies',
headers: {
'Elastic-Api-Version': API_VERSIONS.internal.v1,
},
}).then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
})
.then((response) =>
loadPack({
policy_ids: [response.body.items[0].policy_id],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
},
})
)
.then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
});
after(() => {
@ -386,15 +413,24 @@ describe('Packs - Create and Edit', () => {
let packName: string;
before(() => {
loadPack({
policy_ids: ['fleet-server-policy'],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
request<{ items: PackagePolicy[] }>({
url: '/internal/osquery/fleet_wrapper/package_policies',
headers: {
'Elastic-Api-Version': API_VERSIONS.internal.v1,
},
}).then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
})
.then((response) =>
loadPack({
policy_ids: [response.body.items[0].policy_id],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
},
})
)
.then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
});
after(() => {
@ -430,15 +466,24 @@ describe('Packs - Create and Edit', () => {
let packName: string;
before(() => {
loadPack({
policy_ids: ['fleet-server-policy'],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
request<{ items: PackagePolicy[] }>({
url: '/internal/osquery/fleet_wrapper/package_policies',
headers: {
'Elastic-Api-Version': API_VERSIONS.internal.v1,
},
}).then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
})
.then((response) =>
loadPack({
policy_ids: [response.body.items[0].policy_id],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
},
})
)
.then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
});
after(() => {
@ -457,15 +502,24 @@ describe('Packs - Create and Edit', () => {
let packName: string;
before(() => {
loadPack({
policy_ids: ['fleet-server-policy'],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 60, query: 'select * from uptime;' },
request<{ items: PackagePolicy[] }>({
url: '/internal/osquery/fleet_wrapper/package_policies',
headers: {
'Elastic-Api-Version': API_VERSIONS.internal.v1,
},
}).then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
})
.then((response) =>
loadPack({
policy_ids: [response.body.items[0].policy_id],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 60, query: 'select * from uptime;' },
},
})
)
.then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
});
after(() => {
@ -515,15 +569,24 @@ describe('Packs - Create and Edit', () => {
let packName: string;
before(() => {
loadPack({
policy_ids: ['fleet-server-policy'],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
request<{ items: PackagePolicy[] }>({
url: '/internal/osquery/fleet_wrapper/package_policies',
headers: {
'Elastic-Api-Version': API_VERSIONS.internal.v1,
},
}).then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
})
.then((response) =>
loadPack({
policy_ids: [response.body.items[0].policy_id],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
},
})
)
.then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
});
after(() => {
@ -552,15 +615,24 @@ describe('Packs - Create and Edit', () => {
let packName: string;
before(() => {
loadPack({
policy_ids: ['fleet-server-policy'],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
request<{ items: PackagePolicy[] }>({
url: '/internal/osquery/fleet_wrapper/package_policies',
headers: {
'Elastic-Api-Version': API_VERSIONS.internal.v1,
},
}).then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
})
.then((response) =>
loadPack({
policy_ids: [response.body.items[0].policy_id],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
},
})
)
.then((pack) => {
packId = pack.saved_object_id;
packName = pack.name;
});
});
after(() => {
@ -609,14 +681,23 @@ describe('Packs - Create and Edit', () => {
let packName: string;
before(() => {
loadPack({
policy_ids: ['fleet-server-policy'],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
request<{ items: PackagePolicy[] }>({
url: '/internal/osquery/fleet_wrapper/package_policies',
headers: {
'Elastic-Api-Version': API_VERSIONS.internal.v1,
},
}).then((pack) => {
packName = pack.name;
});
})
.then((response) =>
loadPack({
policy_ids: [response.body.items[0].policy_id],
queries: {
[savedQueryName]: { ecs_mapping: {}, interval: 3600, query: 'select * from uptime;' },
},
})
)
.then((pack) => {
packName = pack.name;
});
});
it('', () => {

4
x-pack/plugins/osquery/cypress/e2e/all/packs_integration.cy.ts
View file

@ -117,7 +117,7 @@ describe('ALL - Packs', () => {
cy.contains('Edit').click();
findFormFieldByRowsLabelAndType(
'Scheduled agent policies (optional)',
'fleet server {downArrow}{enter}'
`${DEFAULT_POLICY} {downArrow}{enter}`
);
cy.contains('Update pack').click();
cy.getBySel('confirmModalConfirmButton').click();
@ -284,7 +284,7 @@ describe('ALL - Packs', () => {
},
}).then((response) => {
const shardPolicy = response.body.items.find(
(policy: PackagePolicy) => policy.policy_id === 'fleet-server-policy'
(policy: PackagePolicy) => policy.name === `Policy for ${DEFAULT_POLICY}`
);
expect(shardPolicy?.inputs[0].config?.osquery.value.packs[shardPack]).to.deep.equal({

2
x-pack/plugins/osquery/cypress/e2e/all/timelines.cy.ts
View file

@ -18,7 +18,7 @@ describe('ALL - Timelines', () => {
cy.getBySel('flyoutBottomBar').within(() => {
cy.getBySel('flyoutOverlay').click();
});
cy.getBySel('timelineQueryInput').type('_id:*{enter}');
cy.getBySel('timelineQueryInput').type('NOT host.name: "dev-fleet-server.8220"{enter}');
// Filter out alerts
cy.getBySel('timeline-sourcerer-trigger').click();
cy.getBySel('sourcerer-advanced-options-toggle').click();

3
x-pack/plugins/osquery/cypress/e2e/roles/alert_test.cy.ts
View file

@ -16,6 +16,7 @@ import { closeModalIfVisible, closeToastIfVisible } from '../../tasks/integratio
import { navigateTo } from '../../tasks/navigation';
import { loadPack, loadRule, cleanupRule, cleanupPack } from '../../tasks/api_fixtures';
import { preparePack } from '../../tasks/packs';
import { DEFAULT_POLICY } from '../../screens/fleet';
describe('Alert Test', () => {
let packName: string;
@ -65,7 +66,7 @@ describe('Alert Test', () => {
cy.contains(`Edit ${packName}`);
findFormFieldByRowsLabelAndType(
'Scheduled agent policies (optional)',
'fleet server {downArrow}{enter}'
`${DEFAULT_POLICY} {downArrow}{enter}`
);
findAndClickButton('Update pack');
closeModalIfVisible();

2
x-pack/plugins/osquery/cypress/screens/fleet.ts
View file

@ -9,5 +9,5 @@ export const ADD_AGENT_BUTTON = 'addAgentButton';
export const AGENT_POLICIES_TAB = 'fleet-agent-policies-tab';
export const ENROLLMENT_TOKENS_TAB = 'fleet-enrollment-tokens-tab';
export const DEFAULT_POLICY = 'Fleet Server policy';
export const DEFAULT_POLICY = 'Default policy';
export const OSQUERY_POLICY = 'Osquery policy';

28
x-pack/plugins/osquery/cypress/tasks/api_fixtures.ts
View file

@ -86,6 +86,7 @@ export const cleanupSavedQuery = (id: string) => {
headers: {
'Elastic-Api-Version': API_VERSIONS.public.v1,
},
failOnStatusCode: false,
});
};
@ -112,6 +113,7 @@ export const cleanupPack = (id: string, space = 'default') => {
headers: {
'Elastic-Api-Version': API_VERSIONS.public.v1,
},
failOnStatusCode: false,
});
};
@ -148,7 +150,30 @@ export const loadRule = (includeResponseActions = false) =>
'winlogbeat-*',
'-*elastic-cloud-logs-*',
],
filters: [],
filters: [
{
meta: {
type: 'custom',
disabled: false,
negate: false,
alias: null,
key: 'query',
value: '{"bool":{"must_not":{"wildcard":{"host.name":"dev-fleet-server.*"}}}}',
},
query: {
bool: {
must_not: {
wildcard: {
'host.name': 'dev-fleet-server.*',
},
},
},
},
$state: {
store: 'appState',
},
},
],
language: 'kuery',
query: '_id:*',
author: [],
@ -205,6 +230,7 @@ export const cleanupRule = (id: string) => {
headers: {
'Elastic-Api-Version': API_VERSIONS.public.v1,
},
failOnStatusCode: false,
});
};

4
x-pack/plugins/osquery/cypress/tasks/inventory.ts
View file

@ -9,7 +9,7 @@ export const triggerLoadData = () => {
cy.getBySel('infraWaffleTimeControlsAutoRefreshButton').should('exist');
cy.wait(1000);
cy.getBySel('infraWaffleTimeControlsAutoRefreshButton').click();
cy.getBySel('nodeContainer').first().should('exist');
cy.getBySel('nodeContainer').eq(2).should('exist');
cy.getBySel('infraWaffleTimeControlsStopRefreshingButton').click();
cy.getBySel('nodeContainer').first().click();
cy.getBySel('nodeContainer').eq(2).click();
};

47
x-pack/test/osquery_cypress/agent.ts
View file

@ -7,60 +7,25 @@
import { ToolingLog } from '@kbn/tooling-log';
import execa from 'execa';
import { KbnClient } from '@kbn/test';
import {
GetEnrollmentAPIKeysResponse,
CreateAgentPolicyResponse,
} from '@kbn/fleet-plugin/common/types';
import { getLatestVersion } from './artifact_manager';
import { Manager } from './resource_manager';
import { addIntegrationToAgentPolicy } from './utils';
export class AgentManager extends Manager {
private log: ToolingLog;
private kbnClient: KbnClient;
private policyEnrollmentKey: string;
private fleetServerPort: string;
private agentContainerId?: string;
constructor(kbnClient: KbnClient, fleetServerPort: string, log: ToolingLog) {
constructor(policyEnrollmentKey: string, fleetServerPort: string, log: ToolingLog) {
super();
this.log = log;
this.fleetServerPort = fleetServerPort;
this.kbnClient = kbnClient;
this.policyEnrollmentKey = policyEnrollmentKey;
}
public async setup() {
this.log.info('Running agent preconfig');
const agentPolicyName = 'Osquery policy';
const {
data: {
item: { id: agentPolicyId },
},
} = await this.kbnClient.request<CreateAgentPolicyResponse>({
method: 'POST',
path: `/api/fleet/agent_policies?sys_monitoring=true`,
body: {
name: agentPolicyName,
description: '',
namespace: 'default',
monitoring_enabled: ['logs', 'metrics'],
inactivity_timeout: 1209600,
},
});
this.log.info(`Adding integration to ${agentPolicyId}`);
await addIntegrationToAgentPolicy(this.kbnClient, agentPolicyId, agentPolicyName);
this.log.info('Getting agent enrollment key');
const { data: apiKeys } = await this.kbnClient.request<GetEnrollmentAPIKeysResponse>({
method: 'GET',
path: '/api/fleet/enrollment_api_keys',
});
const policy = apiKeys.items[0];
this.log.info('Running the agent');
const artifact = `docker.elastic.co/beats/elastic-agent:${await getLatestVersion()}`;
this.log.info(artifact);
@ -75,7 +40,7 @@ export class AgentManager extends Manager {
'--env',
`FLEET_URL=https://host.docker.internal:${this.fleetServerPort}`,
'--env',
`FLEET_ENROLLMENT_TOKEN=${policy.api_key}`,
`FLEET_ENROLLMENT_TOKEN=${this.policyEnrollmentKey}`,
'--env',
'FLEET_INSECURE=true',
'--rm',
@ -83,8 +48,6 @@ export class AgentManager extends Manager {
];
this.agentContainerId = (await execa('docker', dockerArgs)).stdout;
return { policyId: policy.policy_id as string };
}
public cleanup() {

13
x-pack/test/osquery_cypress/fleet_server.ts
View file

@ -8,19 +8,15 @@
import { ToolingLog } from '@kbn/tooling-log';
import execa from 'execa';
import { runFleetServerIfNeeded } from '@kbn/security-solution-plugin/scripts/endpoint/endpoint_agent_runner/fleet_server';
import { KbnClient } from '@kbn/test';
import { Manager } from './resource_manager';
import { addIntegrationToAgentPolicy } from './utils';
export class FleetManager extends Manager {
private fleetContainerId?: string;
private log: ToolingLog;
private kbnClient: KbnClient;
constructor(kbnClient: KbnClient, log: ToolingLog) {
constructor(log: ToolingLog) {
super();
this.log = log;
this.kbnClient = kbnClient;
}
public async setup(): Promise<void> {
@ -30,13 +26,6 @@ export class FleetManager extends Manager {
throw new Error('Fleet server config not found');
}
await addIntegrationToAgentPolicy(
this.kbnClient,
'fleet-server-policy',
'Default Fleet Server Policy',
'osquery_manager'
);
this.fleetContainerId = fleetServerConfig.fleetServerContainerId;
}

16
x-pack/test/osquery_cypress/runner.ts
View file

@ -12,7 +12,7 @@ import { FtrProviderContext } from './ftr_provider_context';
import { AgentManager } from './agent';
import { FleetManager } from './fleet_server';
import { getLatestAvailableAgentVersion } from './utils';
import { createAgentPolicy, getLatestAvailableAgentVersion } from './utils';
async function setupFleetAgent({ getService }: FtrProviderContext) {
const log = getService('log');
@ -39,11 +39,17 @@ async function setupFleetAgent({ getService }: FtrProviderContext) {
version: await getLatestAvailableAgentVersion(kbnClient),
});
const fleetManager = new FleetManager(kbnClient, log);
const agentManager = new AgentManager(kbnClient, config.get('servers.fleetserver.port'), log);
await new FleetManager(log).setup();
await fleetManager.setup();
await agentManager.setup();
const policyEnrollmentKey = await createAgentPolicy(kbnClient, log, 'Default policy');
const policyEnrollmentKeyTwo = await createAgentPolicy(kbnClient, log, 'Osquery policy');
await new AgentManager(policyEnrollmentKey, config.get('servers.fleetserver.port'), log).setup();
await new AgentManager(
policyEnrollmentKeyTwo,
config.get('servers.fleetserver.port'),
log
).setup();
}
export async function startOsqueryCypress(context: FtrProviderContext) {

41
x-pack/test/osquery_cypress/utils.ts
View file

@ -10,6 +10,11 @@ import semver from 'semver';
import { map } from 'lodash';
import { PackagePolicy, CreatePackagePolicyResponse } from '@kbn/fleet-plugin/common';
import { KbnClient } from '@kbn/test';
import {
GetEnrollmentAPIKeysResponse,
CreateAgentPolicyResponse,
} from '@kbn/fleet-plugin/common/types';
import { ToolingLog } from '@kbn/tooling-log';
export const getInstalledIntegration = async (kbnClient: KbnClient, integrationName: string) => {
const {
@ -22,6 +27,42 @@ export const getInstalledIntegration = async (kbnClient: KbnClient, integrationN
return item;
};
export const createAgentPolicy = async (
kbnClient: KbnClient,
log: ToolingLog,
agentPolicyName = 'Osquery policy'
) => {
log.info(`Creating "${agentPolicyName}" agent policy`);
const {
data: {
item: { id: agentPolicyId },
},
} = await kbnClient.request<CreateAgentPolicyResponse>({
method: 'POST',
path: `/api/fleet/agent_policies?sys_monitoring=true`,
body: {
name: agentPolicyName,
description: '',
namespace: 'default',
monitoring_enabled: ['logs', 'metrics'],
inactivity_timeout: 1209600,
},
});
log.info(`Adding integration to ${agentPolicyId}`);
await addIntegrationToAgentPolicy(kbnClient, agentPolicyId, agentPolicyName);
log.info('Getting agent enrollment key');
const { data: apiKeys } = await kbnClient.request<GetEnrollmentAPIKeysResponse>({
method: 'GET',
path: '/api/fleet/enrollment_api_keys',
});
return apiKeys.items[0].api_key;
};
export const addIntegrationToAgentPolicy = async (
kbnClient: KbnClient,
agentPolicyId: string,